Trojaner-Board - Browser öffnet andere Seite!

Hier einmal der zoek-results.log

Zitat:

Zoek.exe Version 4.0.0.2 Updated 23-04-2013
Tool run by LSatan on 25.04.2013 at 10:43:08,70.
Microsoft Windows 8 Pro with Media Center 6.2.9200 x64
Running in: Normal Mode Internet Access Detected

==== System Restore Info ======================

25.04.2013 10:43:58 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Deleting Files \ Folders ======================

"C:\Program Files (x86)\TornTV.com" deleted
"C:\Users\LSatan\AppData\Roaming\pdfforge" deleted
"C:\Users\LSatan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com" deleted
"C:\Users\LSatan\AppData\Local\CRE" deleted
"C:\Users\LSatan\AppData\Local\Conduit" deleted
"C:\Users\LSatan\AppData\LocalLow\BittorrentBar_DE" deleted
"C:\Users\LSatan\AppData\LocalLow\Conduit" deleted

==== Files Recently Created / Modified ======================

====== C:\WINDOWS ====
====== C:\Users\LSatan\AppData\Local\Temp ====
====== C:\WINDOWS\SysWOW64 =====
2013-04-24 20:50:49 6E4916DC5BA0697C28915DA5261FF250 70490256 ----a-w- C:\WINDOWS\SysWOW64\MRT.exe
2013-04-18 09:02:19 5109E3FA09CBFA2DAA0A13752A694C8A 3520 ----a-w- C:\WINDOWS\SysWOW64\EasyRedirect.ini
2013-04-18 09:02:19 4786591FFD60B7CC8F4F3F7A7CB3F124 2040 ----a-w- C:\WINDOWS\SysWOW64\EasyRedirectOff.ini
2013-04-18 09:02:18 CA801594D75013A428168FD4081BF745 380240 ----a-w- C:\WINDOWS\SysWOW64\EasyRedirect.dll
2013-04-15 11:04:08 9D21B8111AF66A984E00BC447F4EA79A 17560576 ----a-w- C:\WINDOWS\SysWOW64\shell32.dll
2013-04-15 11:04:05 E5AA5FCA529FB3FD88D2C3EB38BBD899 1338880 ----a-w- C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2013-04-15 11:04:05 DE86072021309EE80B38AD4A3795BF3B 8857088 ----a-w- C:\WINDOWS\SysWOW64\twinui.dll
2013-04-15 11:04:03 E8BBE0E535426911F7342AA0E8031AB0 246784 ----a-w- C:\WINDOWS\SysWOW64\ubpm.dll
2013-04-15 11:04:03 54574CAD4D52690EA31BB5BE4DF00608 850944 ----a-w- C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2013-04-15 11:04:01 8A68C50B0520F53113E4AC1BEB98D63F 309760 ----a-w- C:\WINDOWS\SysWOW64\BCP47Langs.dll
2013-04-15 11:04:01 2072CE914C627A37E8CC8592E68A8851 357888 ----a-w- C:\WINDOWS\SysWOW64\netcfgx.dll
2013-04-15 11:04:01 1A242673EFA49EC8C16AA691DC027E6F 5091840 ----a-w- C:\WINDOWS\SysWOW64\mstscax.dll
2013-04-15 11:04:00 9DEE93BEA6D719FCA849B7ABFCCE5621 601088 ----a-w- C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2013-04-15 11:04:00 9C4CD6ADB8FB30BAA1B642FFFD04E194 893952 ----a-w- C:\WINDOWS\SysWOW64\winmde.dll
2013-04-15 11:04:00 8C70B51A829282AD20EFC443B054E21D 621056 ----a-w- C:\WINDOWS\SysWOW64\wuapi.dll
2013-04-15 11:04:00 0BF4D74962263306006C82DFBB114554 550912 ----a-w- C:\WINDOWS\SysWOW64\drvstore.dll
2013-04-15 11:03:56 B577FC9A355C11746D5AE2D0BCB697F8 2033664 ----a-w- C:\WINDOWS\SysWOW64\authui.dll
2013-04-15 11:03:54 FC4A7834626A7CCFF76313EDA2814CE6 125952 ----a-w- C:\WINDOWS\SysWOW64\wuwebv.dll
2013-04-15 11:03:54 C9CB81C364B16A2FD421B8EC1DB712FF 83968 ----a-w- C:\WINDOWS\SysWOW64\wudriver.dll
2013-04-15 11:03:54 7F8D446C49D3052CD364C01477BCE5ED 100864 ----a-w- C:\WINDOWS\SysWOW64\SettingSyncInfo.dll
2013-04-15 11:03:54 67A05BE41C37A3BF140377C0CEFFC309 145408 ----a-w- C:\WINDOWS\SysWOW64\powercfg.cpl
2013-04-15 11:03:54 2C574148A7DB534A72199D775591D1B4 356352 ----a-w- C:\WINDOWS\SysWOW64\SettingSync.dll
2013-04-15 11:03:53 73DC5278EE0A0F01750A0DEF17FE7EFD 36352 ----a-w- C:\WINDOWS\SysWOW64\DevDispItemProvider.dll
2013-04-15 11:03:53 23A7D64AB45FA0494C040A95DEDFEDCC 34304 ----a-w- C:\WINDOWS\SysWOW64\wuapp.exe
2013-04-12 17:29:13 D017BF8D92938EEB9B3A1D1C53FDA152 14323200 ----a-w- C:\WINDOWS\SysWOW64\mshtml.dll
2013-04-12 17:29:06 0B6118058942961D504AAEA04FECB116 13761024 ----a-w- C:\WINDOWS\SysWOW64\ieframe.dll
2013-04-12 17:29:05 B5DEC0D4CBBC333CA99FE10B06D4747E 2046464 ----a-w- C:\WINDOWS\SysWOW64\iertutil.dll
2013-04-12 17:29:04 9B59687619B27CDA24638CDC3AF079FB 2877440 ----a-w- C:\WINDOWS\SysWOW64\jscript9.dll
2013-04-12 17:29:03 CFE0CEE587F9CEA4C29DEEC6D85FC91C 1766912 ----a-w- C:\WINDOWS\SysWOW64\wininet.dll
2013-04-12 17:29:03 6EF6B6EACCA13DD6131624E0DD5C14A3 690688 ----a-w- C:\WINDOWS\SysWOW64\jscript.dll
2013-04-12 17:29:03 69CB1A65B835EE6ADF9E16ED6D443072 1129984 ----a-w- C:\WINDOWS\SysWOW64\urlmon.dll
2013-04-12 17:29:02 B5D742C535D37A7DA0649E03B32CAD80 493056 ----a-w- C:\WINDOWS\SysWOW64\msfeeds.dll
2013-04-12 17:29:02 2CD665EF1353721341B789B78E25B3AC 534528 ----a-w- C:\WINDOWS\SysWOW64\uxtheme.dll
2013-04-12 17:29:01 BFDD0C5F3E435596F197F003609989C4 61440 ----a-w- C:\WINDOWS\SysWOW64\iesetup.dll
2013-04-12 17:29:01 A7CFDA703AF9AD409DAA521487E0CB53 109056 ----a-w- C:\WINDOWS\SysWOW64\iesysprep.dll
2013-04-12 17:29:01 87B775A458A73BB7381E5B67B5652496 39424 ----a-w- C:\WINDOWS\SysWOW64\jsproxy.dll
2013-04-12 17:29:01 3FA7F736B877B46EDF1EE6BE6051848D 33280 ----a-w- C:\WINDOWS\SysWOW64\iernonce.dll
2013-04-12 17:29:01 22921396AB06C926366594526A902093 2706432 ----a-w- C:\WINDOWS\SysWOW64\mshtml.tlb
2013-04-12 16:25:10 BB494AA9267EBD12DEC13025C2CE9359 375808 ----a-w- C:\WINDOWS\SysWOW64\ReAgent.dll
====== C:\WINDOWS\SysWOW64\drivers =====
====== C:\WINDOWS\Sysnative =====
2013-04-18 09:02:19 75A023D8CC183D2A6879A00016B33BE4 2040 ----a-w- C:\WINDOWS\Sysnative\EasyRedirectOff.ini
2013-04-18 09:02:19 1F1C72D9527212C5938954F8D33B9C40 539984 ----a-w- C:\WINDOWS\Sysnative\EasyRedirect64.dll
2013-04-15 11:04:10 79F95469604B77296346DE7DB463EA2A 3240448 ----a-w- C:\WINDOWS\Sysnative\wuaueng.dll
2013-04-15 11:04:09 F162757540A3307AF777C056544AE871 19748864 ----a-w- C:\WINDOWS\Sysnative\shell32.dll
2013-04-15 11:04:08 5DF7FCCCCC71E230883DC30AF3FE0203 1161728 ----a-w- C:\WINDOWS\Sysnative\sppobjs.dll
2013-04-15 11:04:06 6587EB86E32C49AC726817220390CFFE 1627648 ----a-w- C:\WINDOWS\Sysnative\WindowsCodecs.dll
2013-04-15 11:04:06 3D1E4E187270B03BA28F8CF0C7C66C22 10116608 ----a-w- C:\WINDOWS\Sysnative\twinui.dll
2013-04-15 11:04:04 0E8924B51839B0CC8AB4B9C456220683 1048576 ----a-w- C:\WINDOWS\Sysnative\mfasfsrcsnk.dll
2013-04-15 11:04:03 C911D9E6BDE318D513D9168F947E1800 328192 ----a-w- C:\WINDOWS\Sysnative\ubpm.dll
2013-04-15 11:04:03 C7E0C8B888B034D1A66840A5E34D61FC 389120 ----a-w- C:\WINDOWS\Sysnative\BCP47Langs.dll
2013-04-15 11:04:03 01344DD46C95BC2A478B52AF07336F4A 5978624 ----a-w- C:\WINDOWS\Sysnative\mstscax.dll
2013-04-15 11:04:02 D608E0955BF3623B54CFA1A90FCA59FD 1149952 ----a-w- C:\WINDOWS\Sysnative\winmde.dll
2013-04-15 11:04:01 F8E1CA7D41BC44662D7F8936A9588201 2302464 ----a-w- C:\WINDOWS\Sysnative\authui.dll
2013-04-15 11:04:01 C15FF2B4C82792230CD9742253C68CF1 760320 ----a-w- C:\WINDOWS\Sysnative\wuapi.dll
2013-04-15 11:04:01 76E6465F3153FCA20F07928BBA62D7B8 951808 ----a-w- C:\WINDOWS\Sysnative\Windows.Globalization.dll
2013-04-15 11:04:01 6FB88606C4A71E1BFAF97D63A676C673 180224 ----a-w- C:\WINDOWS\Sysnative\SystemEventsBrokerServer.dll
2013-04-15 11:04:00 D3CD3034E2292DBECCD3161DC29D8E07 455168 ----a-w- C:\WINDOWS\Sysnative\netcfgx.dll
2013-04-15 11:04:00 BE611E28DD9AF75A6B904B55F5D6E6C3 245248 ----a-w- C:\WINDOWS\Sysnative\usbmon.dll
2013-04-15 11:04:00 4515B9E4140F04FB3907692DF89FCA87 171008 ----a-w- C:\WINDOWS\Sysnative\TimeBrokerServer.dll
2013-04-15 11:04:00 3013658A4D327854BEEC4A08D9655194 103936 ----a-w- C:\WINDOWS\Sysnative\wpdbusenum.dll
2013-04-15 11:04:00 116FBD7F3F98CB90680BCB5E5CBD0715 448512 ----a-w- C:\WINDOWS\Sysnative\SettingSync.dll
2013-04-15 11:03:55 5EE6D3195E6470DB22F480CCF5F5FF4A 2146304 ----a-w- C:\WINDOWS\Sysnative\actxprxy.dll
2013-04-15 11:03:54 F5BB165DD4C8B784E06E3F0324150E0F 156160 ----a-w- C:\WINDOWS\Sysnative\powercfg.cpl
2013-04-15 11:03:54 EF9A6AA4956FCD2D0EECD48ECC54B303 251904 ----a-w- C:\WINDOWS\Sysnative\WUSettingsProvider.dll
2013-04-15 11:03:54 ED84544A18C02EE2DF436A94436168BA 1619968 ----a-w- C:\WINDOWS\Sysnative\wucltux.dll
2013-04-15 11:03:54 E781EB5E43013C358B9A335103C2B9AE 98304 ----a-w- C:\WINDOWS\Sysnative\wudriver.dll
2013-04-15 11:03:54 A6B742C6B8CF9A37E0EF470DF890F74B 703488 ----a-w- C:\WINDOWS\Sysnative\drvstore.dll
2013-04-15 11:03:54 821D79C4602C5BF6C8183630D301638A 150016 ----a-w- C:\WINDOWS\Sysnative\discan.dll
2013-04-15 11:03:54 79CE97524CEC063C9A2750CCFE253847 173568 ----a-w- C:\WINDOWS\Sysnative\storewuauth.dll
2013-04-15 11:03:54 69A7C97D2FF3252039F18EB36B4AF76B 43520 ----a-w- C:\WINDOWS\Sysnative\wups.dll
2013-04-15 11:03:54 50361572A98348A6E780FFE231B55D49 49152 ----a-w- C:\WINDOWS\Sysnative\DevDispItemProvider.dll
2013-04-15 11:03:54 3C39BF7BBD73C3D862F5266D316D88D0 58288 ----a-w- C:\WINDOWS\Sysnative\wuauclt.exe
2013-04-15 11:03:54 3AF11BF2AA45E222D5923E59596AC984 128512 ----a-w- C:\WINDOWS\Sysnative\SettingSyncInfo.dll
2013-04-15 11:03:54 3A014B98C45AA8C0E4ABF2AB764F9AAC 71168 ----a-w- C:\WINDOWS\Sysnative\WSDPrintProxy.DLL
2013-04-15 11:03:54 3426BE7D0ED8888ACFE04BA6BB9AF83B 77824 ----a-w- C:\WINDOWS\Sysnative\taskhost.exe
2013-04-15 11:03:54 25FD6AB608C7CFDEAAC24BA882AC4052 117248 ----a-w- C:\WINDOWS\Sysnative\NdisImPlatform.dll
2013-04-15 11:03:54 0899BF12B2142213630D49E645B8A507 72192 ----a-w- C:\WINDOWS\Sysnative\taskhostex.exe
2013-04-15 11:03:54 05677EEFA7E6AAF414F4C31FD9EBF2C0 141824 ----a-w- C:\WINDOWS\Sysnative\wuwebv.dll
2013-04-15 11:03:53 750082FFD280AD15DA524379CD863721 39424 ----a-w- C:\WINDOWS\Sysnative\wuapp.exe
2013-04-15 11:03:53 4FD2E5BDBBBAB094B65E76908F9FADB3 387867 ----a-w- C:\WINDOWS\Sysnative\ApnDatabase.xml
2013-04-13 16:23:54 BF511C667E0D464E4D238C50630A44D8 434680 ----a-w- C:\WINDOWS\Sysnative\FNTCACHE.DAT
2013-04-12 17:29:19 394ECD933CD66BADF97EA85A183B9E1E 19230208 ----a-w- C:\WINDOWS\Sysnative\mshtml.dll
2013-04-12 17:29:07 DE3C3B1B4FA5FBF1F17BCD3B3AE1ED15 3958784 ----a-w- C:\WINDOWS\Sysnative\jscript9.dll
2013-04-12 17:29:07 D744D5B8145C2303B19A288AF695E9AD 15404544 ----a-w- C:\WINDOWS\Sysnative\ieframe.dll
2013-04-12 17:29:05 85F1FE2D5EDBFD26066F5ABB9504A69C 2647040 ----a-w- C:\WINDOWS\Sysnative\iertutil.dll
2013-04-12 17:29:04 753C0848AE7872A3F59663078A517293 2240512 ----a-w- C:\WINDOWS\Sysnative\wininet.dll
2013-04-12 17:29:03 8C1EFE99D4C9462EF2E10E7140B44D4A 855552 ----a-w- C:\WINDOWS\Sysnative\jscript.dll
2013-04-12 17:29:03 29812E9971077BE3F8B9DC225CF9D454 1365504 ----a-w- C:\WINDOWS\Sysnative\urlmon.dll
2013-04-12 17:29:03 11B62706B48F8D8F624F39C4F6E98B5C 915968 ----a-w- C:\WINDOWS\Sysnative\uxtheme.dll
2013-04-12 17:29:02 A89103864B67CE1ED3BB5D48569D3D94 51712 ----a-w- C:\WINDOWS\Sysnative\ie4uinit.exe
2013-04-12 17:29:02 268E23EAEDF3FAF87A7A87F0257C9E87 603136 ----a-w- C:\WINDOWS\Sysnative\msfeeds.dll
2013-04-12 17:29:01 3E56860C3490630B2C9FD5398C10D2E8 2706432 ----a-w- C:\WINDOWS\Sysnative\mshtml.tlb
2013-04-12 17:29:01 38BEBBC4CF9FE6566262F0037DF843BF 136704 ----a-w- C:\WINDOWS\Sysnative\iesysprep.dll
2013-04-12 17:29:01 194125E7839D4902F2490A70049E8F78 53248 ----a-w- C:\WINDOWS\Sysnative\jsproxy.dll
2013-04-12 17:28:45 9E93469F299BBCB4ECD1378403C9B8CD 4041728 ----a-w- C:\WINDOWS\Sysnative\win32k.sys
2013-04-12 16:25:11 79CAB096514C381152F4306BC87A7B29 1011200 ----a-w- C:\WINDOWS\Sysnative\reseteng.dll
2013-04-12 16:24:57 299F354F0808017F6927B35C8FB6EFCD 6991592 ----a-w- C:\WINDOWS\Sysnative\ntoskrnl.exe
====== C:\WINDOWS\Sysnative\drivers =====
2013-04-15 11:04:07 B6D52E2C38B49A156E58FF5B9C6CA8BE 2231528 ----a-w- C:\WINDOWS\Sysnative\drivers\tcpip.sys
2013-04-15 11:04:03 9531E7D938912F315F8161B5DA5DAD13 327912 ----a-w- C:\WINDOWS\Sysnative\drivers\Classpnp.sys
2013-04-15 11:04:00 36E2B5A5AC7688FFB3270F57103507D2 411880 ----a-w- C:\WINDOWS\Sysnative\drivers\FWPKCLNT.SYS
2013-04-15 11:04:00 091607B272C5E7BE2DCEF2D5463A407B 332520 ----a-w- C:\WINDOWS\Sysnative\drivers\storport.sys
2013-04-15 11:03:58 500BE6B2E49883720D0AE8BB859ED7A3 495336 ----a-w- C:\WINDOWS\Sysnative\drivers\vhdmp.sys
2013-04-15 11:03:54 B240874B2CA0CD02E8CD11E140B14C57 77544 ----a-w- C:\WINDOWS\Sysnative\drivers\storahci.sys
2013-04-15 11:03:54 7D0570A2C678116523BB4932A6D71020 125160 ----a-w- C:\WINDOWS\Sysnative\drivers\dumpsd.sys
2013-04-15 11:03:54 739A739DCC5D02FE30EDEADEBD7B9898 283880 ----a-w- C:\WINDOWS\Sysnative\drivers\spaceport.sys
2013-04-15 11:03:54 6F0BFF80EE2A5BC841286A51F893CBAD 148712 ----a-w- C:\WINDOWS\Sysnative\drivers\tpm.sys
2013-04-15 11:03:54 11C0CF143D246E2F0E9BDBF17A0CC70B 337128 ----a-w- C:\WINDOWS\Sysnative\drivers\USBXHCI.SYS
2013-04-15 11:03:54 0698DEDEAD6A00AD0D468C687D830FBF 69864 ----a-w- C:\WINDOWS\Sysnative\drivers\pdc.sys
2013-04-15 11:03:54 047315E75392CEA447ACC86257824C16 194792 ----a-w- C:\WINDOWS\Sysnative\drivers\sdbus.sys
2013-04-15 11:03:53 EA8EAD3F5B762F889CC7F3966625B48B 30720 ----a-w- C:\WINDOWS\Sysnative\drivers\monitor.sys
2013-04-15 11:03:53 C0ADEBED913295803B579ED288936CBB 26112 ----a-w- C:\WINDOWS\Sysnative\drivers\mouhid.sys
2013-04-05 15:33:27 FC0E8778C000291CAF60EB88C011E931 314016 ----a-w- C:\WINDOWS\Sysnative\drivers\atksgt.sys
2013-04-05 15:33:27 156AB2E56DC3CA0B582E3362E07CDED7 43680 ----a-w- C:\WINDOWS\Sysnative\drivers\lirsgt.sys
2013-03-29 16:52:45 DB8A82239139348D6666434128D6F5DC 147232 ----a-w- C:\WINDOWS\Sysnative\drivers\gzflt.sys
2013-03-26 13:49:10 99D404A9A0AFC4734E014EBEBAC13F8F 230904 ----a-w- C:\WINDOWS\Sysnative\drivers\WdFilter.sys
2013-03-26 13:49:10 6F4B5DDDC3B86091E94BC47347A78AF7 35232 ----a-w- C:\WINDOWS\Sysnative\drivers\WdBoot.sys
====== C:\WINDOWS\Tasks ======
2013-04-24 20:36:06 !HASH: COULD NOT OPEN FILE !!!!! 1148 ----a-w- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3813394021-1948135682-3251271600-1001UA.job
2013-04-24 20:36:04 !HASH: COULD NOT OPEN FILE !!!!! 1096 ----a-w- C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3813394021-1948135682-3251271600-1001Core.job
2013-04-22 12:23:00 !HASH: COULD NOT OPEN FILE !!!!! 884 ----a-w- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
====== C:\WINDOWS\Temp ======
======= C:\Program Files =====
2013-04-01 13:16:32 -------- d-----w- C:\Program Files\Microsoft Silverlight
======= C:\Program Files (x86) =====
2013-04-24 20:14:33 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-04-21 16:47:35 -------- d-----w- C:\Program Files (x86)\Steam
2013-04-07 15:07:09 -------- d-----w- C:\Program Files (x86)\Ubisoft
2013-04-03 19:47:04 -------- d-----w- C:\Program Files (x86)\JDownloader
2013-04-01 13:16:32 -------- d-----w- C:\Program Files (x86)\Microsoft Silverlight
======= C: =====
====== C:\Users\LSatan\AppData\Roaming ======
2013-04-24 21:00:05 -------- d-----w- C:\users\LSatan\AppData\Local\NPE
2013-04-24 20:36:34 -------- d-----w- C:\users\LSatan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2013-04-22 12:31:53 -------- d-----w- C:\users\LSatan\AppData\Local\Warframe
2013-04-21 16:56:29 -------- d-----w- C:\users\LSatan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2013-04-17 11:05:52 -------- d-----w- C:\users\LSatan\AppData\Local\Vidalia
2013-04-17 11:02:30 -------- d-----w- C:\users\LSatan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tor
2013-04-17 11:00:44 -------- d-----w- C:\users\LSatan\AppData\Roaming\tor
2013-04-17 11:00:37 -------- d-----w- C:\users\LSatan\AppData\Local\Mozilla
====== C:\Users\LSatan ======
2013-04-24 20:14:41 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2013-04-21 16:47:35 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2013-04-18 09:03:58 -------- d-----w- C:\ProgramData\notracks.com
2013-04-16 20:26:30 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MediaMonkey
2013-04-16 20:26:26 -------- d-----w- C:\ProgramData\MediaMonkey
2013-04-07 15:16:34 -------- d-----w- C:\ProgramData\Tages
2013-04-07 13:06:42 -------- d-----w- C:\ProgramData\Solidshield
2013-04-07 12:50:58 -------- d-----w- C:\ProgramData\bdch
2013-04-01 13:17:11 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight

====== C: exe-files ==
2013-04-25 08:36:39 FFC1FF783B62D50C8EAF654228397B73 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3813394021-1948135682-3251271600-1001\$IOWXQ3W.exe
2013-04-25 08:36:39 EFD04F03FC6F13FAF27161439D902DF0 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3813394021-1948135682-3251271600-1001\$IC0DI3N.exe
2013-04-25 08:36:39 C5CBD8A89F3D8DBF0C34C49A121579DB 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3813394021-1948135682-3251271600-1001\$IXB1ZUS.exe
2013-04-25 08:36:39 A596BBCB67FDF7C2F0B96B332054229A 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3813394021-1948135682-3251271600-1001\$IYL25O7.exe
2013-04-25 08:36:39 90DC49D357A2E29B60821FA423335ADB 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3813394021-1948135682-3251271600-1001\$IADE4ZQ.exe
2013-04-25 08:36:39 79348C64D03F25795302A647AC73A8C4 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3813394021-1948135682-3251271600-1001\$IKNIAYV.exe
2013-04-25 08:36:39 7814B4757EC54B1AC3E7E098FAF6DC31 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3813394021-1948135682-3251271600-1001\$IZZWTNR.exe
2013-04-25 08:36:39 7547592CBF7C1191123034F4CE32605B 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3813394021-1948135682-3251271600-1001\$ILTAGSC.exe
2013-04-25 08:36:39 6833611CFE181E3CA7FA66F73D6DDC54 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3813394021-1948135682-3251271600-1001\$I1BFZBZ.exe
2013-04-25 08:36:39 66164ED990A495F5D2B5E7CB1F1E8EB9 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3813394021-1948135682-3251271600-1001\$IH5F5TY.exe
2013-04-25 08:36:39 65545D5F1C69962B10F66CA987DC56E9 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3813394021-1948135682-3251271600-1001\$ID51F1N.exe
2013-04-25 08:36:12 847B82A07142E76BF2946E8663DFF8FE 1267788 ----a-w- C:\$Recycle.Bin\S-1-5-21-3813394021-1948135682-3251271600-1001\$RADE4ZQ.exe
2013-04-25 08:34:56 4ADCFEE16EE9978F06157634669D36FB 602112 ----a-w- C:\$Recycle.Bin\S-1-5-21-3813394021-1948135682-3251271600-1001\$RYL25O7.exe
2013-04-25 08:34:48 847B82A07142E76BF2946E8663DFF8FE 1267788 ----a-w- C:\$Recycle.Bin\S-1-5-21-3813394021-1948135682-3251271600-1001\$RKNIAYV.exe
2013-04-24 21:40:10 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\$Recycle.Bin\S-1-5-21-3813394021-1948135682-3251271600-1001\$RXB1ZUS.exe
2013-04-24 21:40:05 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\$Recycle.Bin\S-1-5-21-3813394021-1948135682-3251271600-1001\$RH5F5TY.exe
2013-04-24 21:05:40 E8D3E34FFDAF21DF7C09CBBBA5763237 2347384 ----a-w- C:\$Recycle.Bin\S-1-5-21-3813394021-1948135682-3251271600-1001\$RD51F1N.exe
2013-04-24 21:03:00 683FDD3D773C58B262DC07CD0C6CE938 10285040 ----a-w- C:\$Recycle.Bin\S-1-5-21-3813394021-1948135682-3251271600-1001\$RZZWTNR.exe
2013-04-24 21:00:42 2E9D7C81BE0FD97577BC0FA1F051C4C1 2567216 ----a-w- C:\Users\LSatan\AppData\Local\Microsoft\DefaultSetup\DefaultSetup.exe
2013-04-24 20:59:57 311606C4229C57AD3C1CCD6FBC4E499A 2989560 ----a-w- C:\$Recycle.Bin\S-1-5-21-3813394021-1948135682-3251271600-1001\$RLTAGSC.exe
2013-04-24 20:55:50 683FDD3D773C58B262DC07CD0C6CE938 10285040 ----a-w- C:\$Recycle.Bin\S-1-5-21-3813394021-1948135682-3251271600-1001\$R1BFZBZ.exe
2013-04-24 20:50:49 6E4916DC5BA0697C28915DA5261FF250 70490256 ----a-w- C:\Windows\SysWOW64\MRT.exe
2013-04-24 20:49:45 08B84215BFD37691BA3D6A32F5CEE45E 19622496 ----a-w- C:\$Recycle.Bin\S-1-5-21-3813394021-1948135682-3251271600-1001\$ROWXQ3W.exe
2013-04-24 20:49:09 5A4F386010A650FEC6ABE2272D35C60A 244183920 ----a-w- C:\$Recycle.Bin\S-1-5-21-3813394021-1948135682-3251271600-1001\$RC0DI3N.exe
2013-04-24 20:45:47 59DCE6783F9ED27EB72C81466E363BF8 166528 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
2013-04-24 20:45:46 59DCE6783F9ED27EB72C81466E363BF8 166528 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\Updates\Extracts\SDWSCSvc.exe
2013-04-24 20:45:44 01DB315291406DBE0523CFB084543AB4 4909600 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTools.exe
2013-04-24 20:45:41 01DB315291406DBE0523CFB084543AB4 4909600 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\Updates\Extracts\SDTools.exe
2013-04-24 20:45:40 2888755BDD43B8F9D2529579394F177F 3343384 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDSysRepair.exe
2013-04-24 20:45:39 2888755BDD43B8F9D2529579394F177F 3343384 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\Updates\Extracts\SDSysRepair.exe
2013-04-24 20:45:37 82C13F2B678D1F6225024EE02EBA0FCE 3226648 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDShred.exe
2013-04-24 20:45:36 82C13F2B678D1F6225024EE02EBA0FCE 3226648 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\Updates\Extracts\SDShred.exe
2013-04-24 20:45:34 7C084FFAE9757827C6D2C9FA0EF4698B 4697104 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDSettings.exe
2013-04-24 20:45:32 7C084FFAE9757827C6D2C9FA0EF4698B 4697104 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\Updates\Extracts\SDSettings.exe
2013-04-24 20:45:30 EA932C3B977A5941FF220951C05981E1 3912736 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDRootAlyzer.exe
2013-04-24 20:45:28 EA932C3B977A5941FF220951C05981E1 3912736 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\Updates\Extracts\SDRootAlyzer.exe
2013-04-24 20:45:26 15AF7C79B94FBA50631668AE52727AAA 3209744 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDQuarantine.exe
2013-04-24 20:45:24 15AF7C79B94FBA50631668AE52727AAA 3209744 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\Updates\Extracts\SDQuarantine.exe
2013-04-24 20:45:22 4EEA188CF3DF6696544C5F96A95995A5 3120680 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDPrepPos.exe
2013-04-24 20:45:21 4EEA188CF3DF6696544C5F96A95995A5 3120680 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\Updates\Extracts\SDPrepPos.exe
2013-04-24 20:45:15 BD313CF4DEA43D3DAD7F4753D9CBB1FE 3760664 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
2013-04-24 20:45:14 BD313CF4DEA43D3DAD7F4753D9CBB1FE 3760664 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\Updates\Extracts\SDImmunize.exe
2013-04-24 20:45:08 F87B7FB71ED1061033C3EDC7E3EAC31B 3336216 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFiles.exe
2013-04-24 20:45:07 F87B7FB71ED1061033C3EDC7E3EAC31B 3336216 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\Updates\Extracts\SDFiles.exe
2013-04-24 20:45:04 DB977E79C9CABCDC0C84E8C167A31C81 2720792 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe
2013-04-24 20:45:02 DB977E79C9CABCDC0C84E8C167A31C81 2720792 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\Updates\Extracts\SDDelFile.exe
2013-04-24 20:45:02 1DC278B8557581109F5687B9D9140001 3527176 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe
2013-04-24 20:45:00 1DC278B8557581109F5687B9D9140001 3527176 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\Updates\Extracts\SDCleaner.exe
2013-04-24 20:44:38 90ACE81DABD8FF86C22451DC07A11AB7 129560 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\Updates\Extracts\blindman.exe
2013-04-24 20:44:38 90ACE81DABD8FF86C22451DC07A11AB7 129560 ----a-w- C:\Program Files (x86)\Spybot - Search & Destroy 2\blindman.exe
2013-04-24 20:41:21 BECDDA0990DEBD72A30096533521AD73 213384 ----atw- C:\Users\LSatan\AppData\Local\Google\Update\1.3.21.135\GoogleCrashHandler.exe
2013-04-24 20:41:21 B676429E44F2F8ACC3BAE7C89F46B212 281480 ----atw- C:\Users\LSatan\AppData\Local\Google\Update\1.3.21.135\GoogleCrashHandler64.exe
2013-04-24 20:41:21 984CC93BB0EF86A0B4825269D8379D81 774424 ----a-w- C:\Users\LSatan\AppData\Local\Google\Update\1.3.21.135\GoogleUpdateSetup.exe
2013-04-24 20:41:21 74E337FFEB2B34043F8499D2F3DE03A8 59784 ----atw- C:\Users\LSatan\AppData\Local\Google\Update\1.3.21.135\GoogleUpdateOnDemand.exe
2013-04-24 20:41:21 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Users\LSatan\AppData\Local\Google\Update\1.3.21.135\GoogleUpdate.exe
2013-04-24 20:41:21 376ECCCE33C2C232112DE830E3C81763 59784 ----atw- C:\Users\LSatan\AppData\Local\Google\Update\1.3.21.135\GoogleUpdateBroker.exe
2013-04-24 20:41:20 984CC93BB0EF86A0B4825269D8379D81 774424 ----a-w- C:\Users\LSatan\AppData\Local\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.21.135\GoogleUpdateSetup.exe
2013-04-24 20:36:28 88363B688206D0C89FB1DD926F074C42 33302880 ----a-w- C:\Users\LSatan\AppData\Local\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\26.0.1410.64\26.0.1410.64_chrome_installer.exe
2013-04-24 20:36:04 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Users\LSatan\AppData\Local\Google\Update\GoogleUpdate.exe
2013-04-23 19:17:26 AAD923999DF6889F91F10BE68FF044C8 237568 ----a-w- C:\Program Files (x86)\Steam\steamerrorreporter64.exe
2013-04-22 17:58:24 EC49E08005AFBA2E425B2A5FAC9C6D3A 314784 ----a-w- C:\Users\Public\Sony Online Entertainment\Installed Games\PlanetSide 2\Uninstaller.exe
2013-04-22 17:58:12 C10C44C13ECCE7C64F898529D00A2089 805232 ----a-w- C:\Users\LSatan\AppData\Local\Sony Online Entertainment\ApplicationUpdater\ApplicationUpdaterService.exe
2013-04-22 17:58:12 BC2CA36102A73CDAF19F29E7EFE857D4 294400 ----a-w- C:\Users\LSatan\AppData\Local\Sony Online Entertainment\ApplicationUpdater\wws_crashreport_uploader.exe
2013-04-22 17:58:10 C10C44C13ECCE7C64F898529D00A2089 805232 ----a-w- C:\Users\LSatan\AppData\Local\Sony Online Entertainment\ApplicationUpdater\ApplicationDownloaderService.exe
2013-04-22 13:57:47 D5B4F2DFD62B67F8CF1C0A69ABE36305 98304 ----a-w- C:\Users\LSatan\Dropbox\Paypal geld adder.exe
2013-04-22 13:15:56 42E1A5A014CDC7E9ABE789A738F9DFA6 156160 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\PlanetSide 2\FixTimestamps.exe
2013-04-22 13:08:54 497C64DAD21473EC354D9E3CB3C8EA7F 38240 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\PlanetSide 2\awesomium_process.exe
2013-04-22 13:08:24 EC49E08005AFBA2E425B2A5FAC9C6D3A 314784 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\PlanetSide 2\Uninstaller.exe
2013-04-22 13:08:24 BF3F290275C21BDD3951955C9C3CF32C 517976 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\PlanetSide 2\redist\DirectX\DXSETUP.exe
2013-04-22 13:08:24 9ED398276601DFF29A65041DB3C1B33D 290816 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\PlanetSide 2\wws_crashreport_uploader.exe
2013-04-22 13:08:23 E83DAD7482A58480889D48FAC374CCEA 300392 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\PlanetSide 2\LaunchPad.libs\wws_crashreport_uploader.exe
2013-04-22 13:08:23 A7A1C824D39907EC977C03ED00DE882C 454504 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\PlanetSide 2\LaunchPad.libs\AwesomiumProcess.exe
2013-04-22 13:08:23 98A5CBF0EFFAF928998E495E9A76ED96 1022808 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\PlanetSide 2\LaunchPad.exe
2013-04-22 13:08:23 4C2223EE3612427339A2A5CDF402374E 56666112 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\PlanetSide 2\PlanetSide2.exe
2013-04-22 11:54:48 9891BB8D5F371887FB51D10C570BBB11 92072 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\Day of Defeat Source\hl2.exe
2013-04-21 17:58:47 D92FCDD7E815FBFECD9F9C8F7766DD05 659880 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\Day of Defeat Source\bin\vpk.exe
2013-04-21 16:47:53 3DD25048297A24AB4B3BFC17ABA5D0DB 1242448 ----a-w- C:\Program Files (x86)\Steam\SteamTmp.exe
2013-04-19 19:10:08 ED136EE9DD4D9EBC59AD7272C03D8AC8 6065712 ----a-w- C:\ProgramData\Battle.net\Agent\Agent.1737\Agent.exe
=== C: other files ==
2013-04-24 20:32:11 FBFD88E882285BA076255C7E25CF2B21 2718 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\Internet Explorer-0000.zip
2013-04-24 20:32:11 E2DA0F887A4DF77DBD8B75B2B7D8E918 2547 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS Direct3D-0000.zip
2013-04-24 20:32:11 DF16F0927A57D63A7907F62CC0EF55CC 2617 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS Media Player-0000.zip
2013-04-24 20:32:11 D93F6E822F51C6609A875CAE1D7DC30B 2712 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\Windows.OpenWith-0000.zip
2013-04-24 20:32:11 C1054E3664AE8C5E7F7A33A5E7822132 2276 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\Cache-0000.zip
2013-04-24 20:32:11 AC3A08F74072FD9134616E6BEA16B2B5 2578 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS DirectDraw-0000.zip
2013-04-24 20:32:11 7E4D0B887478D39A7AA51C5115780269 2286 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\Verlauf-0000.zip
2013-04-24 20:32:11 33F048C3C4520A6ECE7F4CFC73DA4DA2 2280 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\Cookie-0000.zip
2013-04-24 20:32:11 2D22074B23099AF2959FB97D1AC4257C 2306 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\Right Media-0000.zip
2013-04-24 20:32:11 2B862003FF53E44865AA9314F303EE5A 2902 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\Windows Explorer-0000.zip
2013-04-24 20:32:11 18D345BFA0E4A9B990C34B6EF93D24CA 2581 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\SweetIM-0000.zip
2013-04-24 20:32:11 01A94880E64D78D528A31D4ED22E2E82 2685 ----a-w- C:\ProgramData\Spybot - Search & Destroy\Quarantine\Windows Media SDK-0000.zip
2013-04-21 17:58:47 1886D3B7BF763A41A983CD2F366C40D1 7253928 ----a-w- C:\Program Files (x86)\Steam\SteamApps\common\Day of Defeat Source\bin\itemtest.com
2013-04-18 08:51:34 9B3CE46FBF486FD66FB49077D461CA18 816001 ----a-w- C:\Users\LSatan\AppData\Roaming\Mozilla\Firefox\Profiles\pcc01t1o.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}.xpi

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-21-3813394021-1948135682-3251271600-1001\Software\Microsoft\Windows\CurrentVersion\Run]
"BitTorrent"="C:\Program Files (x86)\BitTorrent\BitTorrent.exe /MINIMIZED"
"OfficeSyncProcess"="C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"
"KiesPreload"="C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload"
@="C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe"
"KiesAirMessage"="C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup"
"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"
"Steam"="C:\Program Files (x86)\Steam\Steam.exe -silent"
"Google Update"="C:\Users\LSatan\AppData\Local\Google\Update\GoogleUpdate.exe /c"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"AVMWlanClient"="C:\Program Files (x86)\avmwlanstick\wlangui.exe"
"KiesTrayAgent"="C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"BitTorrent"="C:\Program Files (x86)\BitTorrent\BitTorrent.exe /MINIMIZED"
"OfficeSyncProcess"="C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"
"KiesPreload"="C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload"
@="C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe"
"KiesAirMessage"="C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup"
"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"
"Steam"="C:\Program Files (x86)\Steam\Steam.exe -silent"
"Google Update"="C:\Users\LSatan\AppData\Local\Google\Update\GoogleUpdate.exe /c"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Bdagent"="C:\Program Files\Bitdefender\Bitdefender 2013\bdagent.exe"

==== Startup Folders ======================

2012-11-04 21:36:27 1012 ----a-w- C:\users\LSatan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
2012-11-08 19:18:40 1314 ----a-w- C:\users\LSatan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk

==== Task Scheduler Jobs ======================

C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a-------- [Undertermined Task]
C:\WINDOWS\tasks\AutoKMS.job --a-------- [Undertermined Task]
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3813394021-1948135682-3251271600-1001Core.job --a-------- [Undertermined Task]
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3813394021-1948135682-3251271600-1001UA.job --a-------- [Undertermined Task]

==== Firefox Extensions ======================

ProfilePath: C:\Users\LSatan\AppData\Roaming\Mozilla\Firefox\Profiles\pcc01t1o.default
- Torbutton - %ProfilePath%\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}.xpi

==== Firefox Plugins ======================

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
hempmfkijmahkaddljkmchcmjbojoedl - C:\Users\LSatan\AppData\Local\CRE\hempmfkijmahkaddljkmchcmjbojoedl.crx[]
jcdgjdiieiljkfkdcloehkohchhpekkn - C:\Users\LSatan\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetFB.crx[]
nbmafkdmkkckhggblphicnnhlgljnoje - C:\Program Files (x86)\TornTV.com\torn2_10.crx[]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
hempmfkijmahkaddljkmchcmjbojoedl - C:\Users\LSatan\AppData\Local\CRE\hempmfkijmahkaddljkmchcmjbojoedl.crx[]

Google Docs - LSatan - Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - LSatan - Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - LSatan - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - LSatan - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
AdBlock - LSatan - Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
BittorrentBar_DE - LSatan - Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl
ProxMate - unblock the Internet - LSatan - Default\Extensions\hgjpnmnpjmabddgmjdiaggacbololbjm
Chrome to Mobile - LSatan - Default\Extensions\idknbmbdnapjicclomlijcgfpikmndhd
Facebook Ad Block - LSatan - Default\Extensions\lfpacabphcagfehdgnigmfnbjdampbaa
Ghostery - LSatan - Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij
Gmail - LSatan - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chrome Fix ======================

C:\Users\LSatan\AppData\Local\Google\Chrome\User Data\Default\Extensions\hempmfkijmahkaddljkmchcmjbojoedl deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="hxxp://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3813394021-1948135682-3251271600-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{64ead72b-ffd4-4e01-aa3a-4c71665d73e4} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{64ead72b-ffd4-4e01-aa3a-4c71665d73e4} deleted successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\hempmfkijmahkaddljkmchcmjbojoedl deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\nbmafkdmkkckhggblphicnnhlgljnoje deleted successfully
HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\hempmfkijmahkaddljkmchcmjbojoedl deleted successfully

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\LSatan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KFL79DQD will be deleted at reboot
C:\Users\LSatan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LCSHOAFP will be deleted at reboot
C:\Users\LSatan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QC6WIPC6 will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\users\LSatan\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

After Reboot

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\LSatan\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\LSatan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KFL79DQD" not found
"C:\Users\LSatan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LCSHOAFP" not found
"C:\Users\LSatan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QC6WIPC6" not found

und die OTL.txt OTL Logfile:

Code:

OTL logfile created on: 25.04.2013 10:56:01 - Run 1

OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\LSatan\Downloads

64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation

Internet Explorer (Version = 9.10.9200.16540)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

7,98 Gb Total Physical Memory | 6,09 Gb Available Physical Memory | 76,25% Memory free

9,17 Gb Paging File | 7,06 Gb Available in Paging File | 77,00% Paging File free

Paging file location(s): c:\pagefile.sys 0 0 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 595,95 Gb Total Space | 383,25 Gb Free Space | 64,31% Space Free | Partition Type: NTFS

 

Computer Name: CHEMIKER-PC | User Name: LSatan | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Processes (SafeList) ==========

 

PRC - [2013.04.25 10:55:16 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\LSatan\Downloads\OTL.exe

PRC - [2013.04.04 15:03:57 | 000,389,016 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe

PRC - [2013.03.12 09:05:50 | 029,106,336 | ---- | M] (Dropbox, Inc.) -- C:\Users\LSatan\AppData\Roaming\Dropbox\bin\Dropbox.exe

PRC - [2012.12.18 21:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

PRC - [2010.10.22 03:00:00 | 002,105,344 | ---- | M] (AVM Berlin) -- C:\Program Files (x86)\avmwlanstick\WLanGUI.exe

PRC - [2010.10.22 03:00:00 | 000,376,832 | ---- | M] (AVM Berlin) -- C:\Program Files (x86)\avmwlanstick\WlanNetService.exe

 

 
 ========== Modules (No Company Name) ==========

 

MOD - [2013.04.09 10:57:07 | 000,390,096 | ---- | M] () -- C:\Users\LSatan\AppData\Local\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll

MOD - [2013.04.09 10:57:05 | 004,050,896 | ---- | M] () -- C:\Users\LSatan\AppData\Local\Google\Chrome\Application\26.0.1410.64\pdf.dll

MOD - [2013.04.09 10:56:15 | 000,598,480 | ---- | M] () -- C:\Users\LSatan\AppData\Local\Google\Chrome\Application\26.0.1410.64\libglesv2.dll

MOD - [2013.04.09 10:56:14 | 000,124,368 | ---- | M] () -- C:\Users\LSatan\AppData\Local\Google\Chrome\Application\26.0.1410.64\libegl.dll

MOD - [2013.04.09 10:56:13 | 001,606,096 | ---- | M] () -- C:\Users\LSatan\AppData\Local\Google\Chrome\Application\26.0.1410.64\ffmpegsumo.dll

MOD - [2013.04.04 15:03:57 | 002,243,480 | ---- | M] () -- C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll

MOD - [2013.04.04 15:03:57 | 000,158,104 | ---- | M] () -- C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll

MOD - [2013.04.04 15:03:57 | 000,022,424 | ---- | M] () -- C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll

MOD - [2013.03.29 18:52:34 | 000,204,280 | ---- | M] () -- C:\Programme\Bitdefender\Bitdefender 2013\antispam32\txmlutil.dll

 

 
 ========== Services (SafeList) ==========

 

SRV:64bit: - [2013.03.29 18:53:10 | 001,646,792 | ---- | M] (Bitdefender) [Auto | Running] -- C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe -- (VSSERV)

SRV:64bit: - [2013.03.29 18:52:47 | 000,068,856 | ---- | M] (Bitdefender) [Auto | Running] -- C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe -- (UPDATESRV)

SRV:64bit: - [2013.03.02 04:45:07 | 000,171,008 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)

SRV:64bit: - [2013.03.02 04:45:05 | 000,180,224 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)

SRV:64bit: - [2013.02.02 10:21:45 | 000,467,456 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)

SRV:64bit: - [2013.01.10 01:23:16 | 001,964,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)

SRV:64bit: - [2013.01.10 01:22:35 | 000,438,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)

SRV:64bit: - [2012.11.06 06:36:55 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)

SRV:64bit: - [2012.11.06 06:17:41 | 000,169,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)

SRV:64bit: - [2012.09.20 11:10:47 | 002,367,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\WSService.dll -- (WSService)

SRV:64bit: - [2012.09.20 08:31:18 | 000,116,736 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)

SRV:64bit: - [2012.09.20 08:30:41 | 000,179,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)

SRV:64bit: - [2012.07.26 05:07:47 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)

SRV:64bit: - [2012.07.26 05:07:42 | 000,263,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)

SRV:64bit: - [2012.07.26 05:07:40 | 000,283,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)

SRV:64bit: - [2012.07.26 05:07:25 | 000,012,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)

SRV:64bit: - [2012.07.26 05:06:34 | 000,743,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)

SRV:64bit: - [2012.07.26 05:06:33 | 000,161,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)

SRV:64bit: - [2012.07.26 05:06:33 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)

SRV:64bit: - [2012.07.26 05:05:55 | 000,059,904 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)

SRV:64bit: - [2012.07.26 05:05:34 | 000,037,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)

SRV:64bit: - [2012.07.26 05:05:28 | 000,207,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)

SRV:64bit: - [2012.07.26 05:05:24 | 000,342,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)

SRV:64bit: - [2012.07.26 05:05:08 | 000,122,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AUInstallAgent.dll -- (AllUserInstallAgent)

SRV:64bit: - [2012.07.26 05:05:04 | 000,187,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)

SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)

SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)

SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)

SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)

SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)

SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)

SRV - [2013.04.22 14:23:00 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)

SRV - [2013.04.19 23:10:50 | 000,543,656 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)

SRV - [2013.04.10 08:56:49 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)

SRV - [2013.03.29 18:52:30 | 000,069,392 | ---- | M] (Bitdefender) [Disabled | Stopped] -- C:\Programme\Bitdefender\Bitdefender 2013\bdparentalservice.exe -- (BdDesktopParental)

SRV - [2013.01.08 13:55:20 | 000,161,536 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)

SRV - [2012.12.18 21:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)

SRV - [2012.11.06 06:36:55 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll -- (PrintNotify)

SRV - [2012.10.03 00:21:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)

SRV - [2012.07.26 05:20:04 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)

SRV - [2010.10.22 03:00:00 | 000,376,832 | ---- | M] (AVM Berlin) [Auto | Running] -- C:\Program Files (x86)\avmwlanstick\WlanNetService.exe -- (AVM WLAN Connection Service)

SRV - [2010.01.09 22:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)

SRV - [2010.01.09 22:20:56 | 000,174,440 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose64)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV:64bit: - [2013.04.05 17:33:27 | 000,314,016 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\atksgt.sys -- (atksgt)

DRV:64bit: - [2013.04.05 17:33:27 | 000,043,680 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\lirsgt.sys -- (lirsgt)

DRV:64bit: - [2013.03.29 18:52:45 | 000,147,232 | ---- | M] (BitDefender LLC) [File_System | Boot | Running] -- C:\Windows\SysNative\Drivers\gzflt.sys -- (gzflt)

DRV:64bit: - [2013.03.02 12:57:48 | 000,337,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBXHCI.SYS -- (USBXHCI)

DRV:64bit: - [2013.03.02 12:57:46 | 000,283,880 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\spaceport.sys -- (spaceport)

DRV:64bit: - [2013.03.02 12:57:46 | 000,077,544 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\storahci.sys -- (storahci)

DRV:64bit: - [2013.03.02 12:45:20 | 000,148,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\tpm.sys -- (TPM)

DRV:64bit: - [2013.03.02 12:45:19 | 000,194,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdbus.sys -- (sdbus)

DRV:64bit: - [2013.03.02 12:39:38 | 000,069,864 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\pdc.sys -- (pdc)

DRV:64bit: - [2013.02.06 08:42:10 | 000,203,544 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\ssudmdm.sys -- (ssudmdm)

DRV:64bit: - [2013.02.06 08:42:08 | 000,102,936 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\ssudbus.sys -- (dg_ssudbus)

DRV:64bit: - [2013.02.02 13:19:44 | 000,446,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBHUB3.SYS -- (USBHUB3)

DRV:64bit: - [2013.02.02 09:25:23 | 000,037,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys -- (BthAvrcpTg)

DRV:64bit: - [2013.01.30 22:31:25 | 000,082,384 | ---- | M] (BitDefender SRL) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\bdsandbox.sys -- (BDSandBox)

DRV:64bit: - [2013.01.30 22:31:15 | 000,707,528 | ---- | M] (BitDefender) [File_System | Boot | Running] -- C:\Windows\SysNative\Drivers\avc3.sys -- (avc3)

DRV:64bit: - [2013.01.30 22:30:44 | 000,589,000 | ---- | M] (BitDefender) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\avckf.sys -- (avckf)

DRV:64bit: - [2013.01.29 03:57:05 | 000,035,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdBoot.sys -- (WdBoot)

DRV:64bit: - [2013.01.29 01:08:22 | 000,230,904 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdFilter.sys -- (WdFilter)

DRV:64bit: - [2013.01.10 03:53:32 | 000,028,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpiowin32.sys -- (msgpiowin32)

DRV:64bit: - [2012.11.27 05:55:44 | 000,029,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthhfHid.sys -- (bthhfhid)

DRV:64bit: - [2012.11.20 06:54:31 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hidi2c.sys -- (hidi2c)

DRV:64bit: - [2012.11.09 16:35:12 | 000,225,960 | ---- | M] (REALTEK SEMICONDUCTOR Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\RTL2832UBDA.sys -- (RTL2832UBDA)

DRV:64bit: - [2012.11.09 16:35:12 | 000,049,192 | ---- | M] (Realtek) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\RTL2832U_IRHID.sys -- (RTL2832U_IRHID)

DRV:64bit: - [2012.11.09 16:35:12 | 000,039,720 | ---- | M] (REALTEK SEMICONDUCTOR Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\RTL2832UUSB.sys -- (RTL2832UUSB)

DRV:64bit: - [2012.11.06 05:55:44 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\fxppm.sys -- (FxPPM)

DRV:64bit: - [2012.11.02 14:17:46 | 000,261,056 | ---- | M] (BitDefender) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\avchv.sys -- (avchv)

DRV:64bit: - [2012.10.31 13:13:18 | 000,350,160 | ---- | M] (BitDefender S.R.L.) [File_System | Boot | Running] -- C:\Windows\SysNative\Drivers\trufos.sys -- (trufos)

DRV:64bit: - [2012.10.12 10:08:01 | 000,027,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys -- (RdpVideoMiniport)

DRV:64bit: - [2012.10.11 09:25:48 | 000,056,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdstor.sys -- (sdstor)

DRV:64bit: - [2012.10.11 09:13:49 | 000,058,088 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\Drivers\dam.sys -- (dam)

DRV:64bit: - [2012.09.20 09:55:33 | 000,212,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\UCX01000.SYS -- (UCX01000)

DRV:64bit: - [2012.09.20 09:55:30 | 000,120,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpioclx.sys -- (GPIOClx0101)

DRV:64bit: - [2012.09.20 09:55:27 | 003,265,256 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\evbda.sys -- (ebdrv)

DRV:64bit: - [2012.09.20 09:55:24 | 000,533,224 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\bxvbda.sys -- (b06bdrv)

DRV:64bit: - [2012.07.26 07:26:46 | 000,025,328 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)

DRV:64bit: - [2012.07.26 07:26:45 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\condrv.sys -- (condrv)

DRV:64bit: - [2012.07.26 07:00:58 | 000,322,800 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS -- (VSTXRAID)

DRV:64bit: - [2012.07.26 07:00:58 | 000,106,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\VerifierExt.sys -- (VerifierExt)

DRV:64bit: - [2012.07.26 07:00:58 | 000,097,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\uaspstor.sys -- (UASPStor)

DRV:64bit: - [2012.07.26 07:00:57 | 000,077,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\acpiex.sys -- (acpiex)

DRV:64bit: - [2012.07.26 07:00:55 | 000,064,240 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\mvumis.sys -- (mvumis)

DRV:64bit: - [2012.07.26 07:00:55 | 000,030,960 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\stexstor.sys -- (stexstor)

DRV:64bit: - [2012.07.26 07:00:52 | 000,092,400 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sas2.sys -- (LSI_SAS2)

DRV:64bit: - [2012.07.26 07:00:52 | 000,081,136 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sss.sys -- (LSI_SSS)

DRV:64bit: - [2012.07.26 07:00:52 | 000,064,752 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\HpSAMD.sys -- (HpSAMD)

DRV:64bit: - [2012.07.26 07:00:51 | 000,113,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)

DRV:64bit: - [2012.07.26 07:00:51 | 000,081,136 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\EhStorClass.sys -- (EhStorClass)

DRV:64bit: - [2012.07.26 07:00:49 | 000,258,288 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsbs.sys -- (amdsbs)

DRV:64bit: - [2012.07.26 07:00:49 | 000,106,736 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\3ware.sys -- (3ware)

DRV:64bit: - [2012.07.26 07:00:49 | 000,076,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsata.sys -- (amdsata)

DRV:64bit: - [2012.07.26 07:00:48 | 000,026,352 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdxata.sys -- (amdxata)

DRV:64bit: - [2012.07.26 06:57:54 | 000,361,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\clfs.sys -- (CLFS)

DRV:64bit: - [2012.07.26 06:54:34 | 000,096,496 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\wfplwfs.sys -- (WFPLWFS)

DRV:64bit: - [2012.07.26 06:53:16 | 000,067,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vpci.sys -- (vpci)

DRV:64bit: - [2012.07.26 05:17:38 | 000,036,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\terminpt.sys -- (terminpt)

DRV:64bit: - [2012.07.26 04:29:47 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\WSDPrint.sys -- (WSDPrintDevice)

DRV:64bit: - [2012.07.26 04:29:14 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mshidumdf.sys -- (mshidumdf)

DRV:64bit: - [2012.07.26 04:29:08 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicDisplay.sys -- (BasicDisplay)

DRV:64bit: - [2012.07.26 04:29:03 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\HyperVideo.sys -- (HyperVideo)

DRV:64bit: - [2012.07.26 04:28:52 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicRender.sys -- (BasicRender)

DRV:64bit: - [2012.07.26 04:27:58 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vmgencounter.sys -- (gencounter)

DRV:64bit: - [2012.07.26 04:27:41 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\kdnic.sys -- (kdnic)

DRV:64bit: - [2012.07.26 04:27:37 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpitime.sys -- (acpitime)

DRV:64bit: - [2012.07.26 04:27:33 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\npsvctrig.sys -- (npsvctrig)

DRV:64bit: - [2012.07.26 04:27:29 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys -- (WpdUpFltr)

DRV:64bit: - [2012.07.26 04:27:16 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpipagr.sys -- (acpipagr)

DRV:64bit: - [2012.07.26 04:27:01 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hyperkbd.sys -- (hyperkbd)

DRV:64bit: - [2012.07.26 04:26:57 | 000,089,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\xusb22.sys -- (xusb22)

DRV:64bit: - [2012.07.26 04:26:46 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SerCx.sys -- (SerCx)

DRV:64bit: - [2012.07.26 04:26:43 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SpbCx.sys -- (SpbCx)

DRV:64bit: - [2012.07.26 04:26:34 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbGD.sys -- (TsUsbGD)

DRV:64bit: - [2012.07.26 04:26:13 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\bthhfenum.sys -- (BthHFEnum)

DRV:64bit: - [2012.07.26 04:25:57 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\dmvsc.sys -- (dmvsc)

DRV:64bit: - [2012.07.26 04:25:56 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys -- (TsUsbFlt)

DRV:64bit: - [2012.07.26 04:25:26 | 000,203,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\Vid.sys -- (Vid)

DRV:64bit: - [2012.07.26 04:25:22 | 000,067,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\storvsp.sys -- (storvsp)

DRV:64bit: - [2012.07.26 04:25:13 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\wpcfltr.sys -- (wpcfltr)

DRV:64bit: - [2012.07.26 04:25:12 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vmbusr.sys -- (vmbusr)

DRV:64bit: - [2012.07.26 04:25:12 | 000,066,048 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vpcivsp.sys -- (vpcivsp)

DRV:64bit: - [2012.07.26 04:25:01 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys -- (NdisImPlatform)

DRV:64bit: - [2012.07.26 04:23:53 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mslldp.sys -- (MsLldp)

DRV:64bit: - [2012.07.26 04:23:42 | 000,097,792 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\Ndu.sys -- (Ndu)

DRV:64bit: - [2012.07.11 07:48:42 | 000,023,456 | ---- | M] (Bitdefender) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\bdelam.sys -- (bdelam)

DRV:64bit: - [2012.07.09 14:42:54 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbaapl64.sys -- (USBAAPL64)

DRV:64bit: - [2012.07.03 17:25:16 | 000,189,288 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\nvhda64v.sys -- (NVHDA)

DRV:64bit: - [2012.06.02 16:31:31 | 000,100,864 | ---- | M] (Qualcomm Atheros Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\L1C63x64.sys -- (L1C)

DRV:64bit: - [2012.03.21 16:26:40 | 000,013,168 | ---- | M] (SMART Technologies ULC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SMARTMouseFilterx64.sys -- (SMARTMouseFilterx64)

DRV:64bit: - [2012.03.21 16:26:32 | 000,024,944 | ---- | M] (SMART Technologies ULC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SMARTVTabletPCx64.sys -- (SMARTVTabletPCx64)

DRV:64bit: - [2012.03.21 16:26:30 | 000,016,368 | ---- | M] (SMART Technologies ULC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SMARTVHidMiniVistaAmd64.sys -- (SMARTVHidMiniVistaAmd64)

DRV:64bit: - [2010.10.22 03:00:00 | 000,714,368 | ---- | M] (AVM GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\fwlanusbn.sys -- (fwlanusbn)

DRV:64bit: - [2010.10.22 03:00:00 | 000,014,120 | ---- | M] (AVM Berlin) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\avmeject.sys -- (avmeject)

DRV:64bit: - [2010.10.20 00:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\HECIx64.sys -- (MEIx64)

DRV:64bit: - [2010.02.03 11:05:44 | 000,113,280 | ---- | M] (ITE                      ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\IT9135BDA.sys -- (IT9135BDA)

DRV:64bit: - [2009.03.18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hamachi.sys -- (hamachi)

DRV - [2012.10.17 15:13:46 | 000,106,568 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- C:\Programme\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys -- (bdfwfpf)

DRV - [2012.09.03 11:46:15 | 000,097,816 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- C:\Programme\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys -- (BdfNdisf)

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

 

 

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

 

 

IE - HKU\S-1-5-21-3813394021-1948135682-3251271600-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank

IE - HKU\S-1-5-21-3813394021-1948135682-3251271600-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/

IE - HKU\S-1-5-21-3813394021-1948135682-3251271600-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE

IE - HKU\S-1-5-21-3813394021-1948135682-3251271600-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = A9 C3 05 5F D2 BA CD 01  [binary data]

IE - HKU\S-1-5-21-3813394021-1948135682-3251271600-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\S-1-5-21-3813394021-1948135682-3251271600-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR

IE - HKU\S-1-5-21-3813394021-1948135682-3251271600-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}

IE - HKU\S-1-5-21-3813394021-1948135682-3251271600-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-3813394021-1948135682-3251271600-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

 
 ========== FireFox ==========

 

FF - prefs.js..browser.search.suggest.enabled: false

FF - prefs.js..extensions.enabledAddons: %7Be0204bd5-9d31-402b-a99d-a6aa8ffebdca%7D:1.4.6

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1

FF - user.js - File not found

 

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_11_7_700_169.dll File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.4: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll ()

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.4: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\LSatan\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\LSatan\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll File not found

 

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\bdThunderbird@bitdefender.com: C:\PROGRAM FILES\BITDEFENDER\BITDEFENDER 2013\BDTBEXT [2013.01.28 17:28:39 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.5\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012.11.06 14:47:45 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.5\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins

FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\bdThunderbird@bitdefender.com: C:\Program Files\Bitdefender\Bitdefender 2013\bdtbext [2013.01.28 17:28:39 | 000,000,000 | ---D | M]

 

[2012.11.06 14:49:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\LSatan\AppData\Roaming\mozilla\Extensions

[2012.11.04 23:34:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\LSatan\AppData\Roaming\mozilla\Firefox\extensions

[2012.11.04 23:34:39 | 000,000,000 | ---D | M] (BittorrentBar_DE) -- C:\Users\LSatan\AppData\Roaming\mozilla\Firefox\extensions\{64ead72b-ffd4-4e01-aa3a-4c71665d73e4}

[2013.04.05 17:23:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\LSatan\AppData\Roaming\mozilla\Firefox\Profiles\[opt]rs0\extensions

[2013.04.18 10:54:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\LSatan\AppData\Roaming\mozilla\Firefox\Profiles\pcc01t1o.default\extensions

[2013.04.18 10:54:43 | 000,816,001 | ---- | M] () (No name found) -- C:\Users\LSatan\AppData\Roaming\mozilla\firefox\profiles\pcc01t1o.default\extensions\{e0204bd5-9d31-402b-a99d-a6aa8ffebdca}.xpi

 
 ========== Chrome  ==========

 

CHR - default_search_provider: Google (Enabled)

CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}

CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter},

CHR - homepage: hxxp://www.google.de/

CHR - plugin: Shockwave Flash (Enabled) = C:\Users\LSatan\AppData\Local\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll

CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\Users\LSatan\AppData\Local\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\LSatan\AppData\Local\Google\Chrome\Application\26.0.1410.64\pdf.dll

CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll

CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

CHR - plugin: Google Update (Enabled) = C:\Users\LSatan\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll

CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll

CHR - Extension: Google Docs = C:\Users\LSatan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\

CHR - Extension: Google Drive = C:\Users\LSatan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\

CHR - Extension: YouTube = C:\Users\LSatan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\

CHR - Extension: Google-Suche = C:\Users\LSatan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\

CHR - Extension: AdBlock = C:\Users\LSatan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.61_0\

CHR - Extension: ProxMate - unblock the Internet! = C:\Users\LSatan\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjpnmnpjmabddgmjdiaggacbololbjm\2.2.4_0\

CHR - Extension: Chrome to Mobile = C:\Users\LSatan\AppData\Local\Google\Chrome\User Data\Default\Extensions\idknbmbdnapjicclomlijcgfpikmndhd\1.0.0_0\

CHR - Extension: Facebook Ad Block = C:\Users\LSatan\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfpacabphcagfehdgnigmfnbjdampbaa\1.0.4_0\

CHR - Extension: Ghostery = C:\Users\LSatan\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij\4.1.1_0\

CHR - Extension: Google Mail = C:\Users\LSatan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

 

O1 HOSTS File: ([2013.04.25 10:44:00 | 000,000,840 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts

O1 - Hosts: 127.0.0.1       localhost 

O1 - Hosts: ::1             localhost 

O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)

O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)

O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)

O4:64bit: - HKLM..\Run: [Bdagent] C:\Programme\Bitdefender\Bitdefender 2013\bdagent.exe (Bitdefender)

O4 - HKLM..\Run: [AVMWlanClient] C:\Program Files (x86)\avmwlanstick\wlangui.exe (AVM Berlin)

O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)

O4 - HKU\S-1-5-21-3813394021-1948135682-3251271600-1001..\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)

O4 - HKU\S-1-5-21-3813394021-1948135682-3251271600-1001..\Run: [BitTorrent] C:\Program Files (x86)\BitTorrent\BitTorrent.exe (BitTorrent Inc.)

O4 - HKU\S-1-5-21-3813394021-1948135682-3251271600-1001..\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe (Samsung Electronics)

O4 - HKU\S-1-5-21-3813394021-1948135682-3251271600-1001..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe (Samsung)

O4 - HKU\S-1-5-21-3813394021-1948135682-3251271600-1001..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)

O4 - Startup: C:\Users\LSatan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\LSatan\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

O4 - Startup: C:\Users\LSatan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk =  File not found

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1

O8:64bit: - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)

O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)

O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)

O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)

O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)

O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)

O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)

O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)

O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)

O1364bit: - gopher Prefix: missing

O13 - gopher Prefix: missing

O15 - HKU\.DEFAULT\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)

O15 - HKU\.DEFAULT\..Trusted Domains: freerealms.com ([]* in Trusted sites)

O15 - HKU\.DEFAULT\..Trusted Domains: soe.com ([]* in Trusted sites)

O15 - HKU\.DEFAULT\..Trusted Domains: sony.com ([]* in Trusted sites)

O15 - HKU\S-1-5-18\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)

O15 - HKU\S-1-5-18\..Trusted Domains: freerealms.com ([]* in Trusted sites)

O15 - HKU\S-1-5-18\..Trusted Domains: soe.com ([]* in Trusted sites)

O15 - HKU\S-1-5-18\..Trusted Domains: sony.com ([]* in Trusted sites)

O15 - HKU\S-1-5-19\..Trusted Domains: clonewarsadventures.com ([]* in )

O15 - HKU\S-1-5-19\..Trusted Domains: freerealms.com ([]* in )

O15 - HKU\S-1-5-19\..Trusted Domains: soe.com ([]* in )

O15 - HKU\S-1-5-19\..Trusted Domains: sony.com ([]* in )

O15 - HKU\S-1-5-20\..Trusted Domains: clonewarsadventures.com ([]* in )

O15 - HKU\S-1-5-20\..Trusted Domains: freerealms.com ([]* in )

O15 - HKU\S-1-5-20\..Trusted Domains: soe.com ([]* in )

O15 - HKU\S-1-5-20\..Trusted Domains: sony.com ([]* in )

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{08AAFC9E-967D-4D4A-9F40-6A66E22A5A22}: DhcpNameServer = 192.168.178.1

O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)

O18:64bit: - Protocol\Handler\skype4com - No CLSID value found

O18 - Protocol\Handler\ms-help - No CLSID value found

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)

O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)

O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)

O30 - LSA: Security Packages - (livessp) -  File not found

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2012.11.03 13:25:42 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O33 - MountPoints2\{406ea921-4ab9-11e2-be85-001f3f013e96}\Shell - "" = AutoRun

O33 - MountPoints2\{406ea921-4ab9-11e2-be85-001f3f013e96}\Shell\AutoRun\command - "" = "G:\setup.exe" 

O33 - MountPoints2\{60e2b60d-2509-11e2-be68-001f3f013e96}\Shell - "" = AutoRun

O33 - MountPoints2\{60e2b60d-2509-11e2-be68-001f3f013e96}\Shell\AutoRun\command - "" = "E:\pushinst.exe" 

O34 - HKLM BootExecute: (autocheck autochk *)

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2013.04.25 10:51:24 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN

[2013.04.25 10:48:08 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp

[2013.04.25 10:48:08 | 000,000,000 | ---D | C] -- C:\Users\LSatan\AppData\Local\Temp

[2013.04.24 23:03:33 | 000,000,000 | ---D | C] -- C:\Users\LSatan\AppData\Roaming\Malwarebytes

[2013.04.24 23:03:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2013.04.24 23:00:05 | 000,000,000 | ---D | C] -- C:\Users\LSatan\AppData\Local\NPE

[2013.04.24 23:00:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton

[2013.04.24 22:52:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Emsisoft Anti-Malware

[2013.04.24 22:52:17 | 000,000,000 | ---D | C] -- C:\Users\LSatan\Documents\Anti-Malware

[2013.04.24 22:50:49 | 070,490,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MRT.exe

[2013.04.24 22:36:34 | 000,000,000 | ---D | C] -- C:\Users\LSatan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome

[2013.04.24 22:14:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy

[2013.04.24 22:14:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy 2

[2013.04.22 14:31:53 | 000,000,000 | ---D | C] -- C:\Users\LSatan\AppData\Local\Warframe

[2013.04.21 18:56:29 | 000,000,000 | ---D | C] -- C:\Users\LSatan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam

[2013.04.21 18:47:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam

[2013.04.21 18:47:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam

[2013.04.18 11:03:58 | 000,000,000 | ---D | C] -- C:\ProgramData\notracks.com

[2013.04.18 11:02:19 | 000,539,984 | ---- | C] (EasyTech) -- C:\WINDOWS\SysNative\EasyRedirect64.dll

[2013.04.18 11:02:18 | 000,380,240 | ---- | C] (EasyTech) -- C:\WINDOWS\SysWow64\EasyRedirect.dll

[2013.04.17 13:05:52 | 000,000,000 | ---D | C] -- C:\Users\LSatan\AppData\Local\Vidalia

[2013.04.17 13:02:30 | 000,000,000 | ---D | C] -- C:\Users\LSatan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tor

[2013.04.17 13:00:44 | 000,000,000 | ---D | C] -- C:\Users\LSatan\AppData\Roaming\tor

[2013.04.17 13:00:37 | 000,000,000 | ---D | C] -- C:\Users\LSatan\AppData\Local\Mozilla

[2013.04.16 22:26:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MediaMonkey

[2013.04.16 22:26:26 | 000,000,000 | ---D | C] -- C:\ProgramData\MediaMonkey

[2013.04.15 13:04:08 | 001,161,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppobjs.dll

[2013.04.15 13:04:06 | 010,116,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.dll

[2013.04.15 13:04:06 | 001,627,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WindowsCodecs.dll

[2013.04.15 13:04:05 | 008,857,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.dll

[2013.04.15 13:04:04 | 001,048,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfasfsrcsnk.dll

[2013.04.15 13:04:03 | 005,978,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mstscax.dll

[2013.04.15 13:04:03 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfasfsrcsnk.dll

[2013.04.15 13:04:03 | 000,389,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BCP47Langs.dll

[2013.04.15 13:04:03 | 000,328,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ubpm.dll

[2013.04.15 13:04:03 | 000,327,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\Classpnp.sys

[2013.04.15 13:04:03 | 000,246,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ubpm.dll

[2013.04.15 13:04:02 | 001,149,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winmde.dll

[2013.04.15 13:04:01 | 005,091,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mstscax.dll

[2013.04.15 13:04:01 | 002,302,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\authui.dll

[2013.04.15 13:04:01 | 000,951,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Globalization.dll

[2013.04.15 13:04:01 | 000,760,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapi.dll

[2013.04.15 13:04:01 | 000,645,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Security.Authentication.OnlineId.dll

[2013.04.15 13:04:01 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\netcfgx.dll

[2013.04.15 13:04:01 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\BCP47Langs.dll

[2013.04.15 13:04:01 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemEventsBrokerServer.dll

[2013.04.15 13:04:00 | 000,893,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\winmde.dll

[2013.04.15 13:04:00 | 000,621,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapi.dll

[2013.04.15 13:04:00 | 000,601,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Globalization.dll

[2013.04.15 13:04:00 | 000,550,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\drvstore.dll

[2013.04.15 13:04:00 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Security.Authentication.OnlineId.dll

[2013.04.15 13:04:00 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netcfgx.dll

[2013.04.15 13:04:00 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSync.dll

[2013.04.15 13:04:00 | 000,411,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\FWPKCLNT.SYS

[2013.04.15 13:04:00 | 000,332,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\storport.sys

[2013.04.15 13:04:00 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usbmon.dll

[2013.04.15 13:04:00 | 000,171,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TimeBrokerServer.dll

[2013.04.15 13:03:56 | 002,033,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\authui.dll

[2013.04.15 13:03:55 | 002,146,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\actxprxy.dll

[2013.04.15 13:03:54 | 001,619,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wucltux.dll

[2013.04.15 13:03:54 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drvstore.dll

[2013.04.15 13:03:54 | 000,356,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSync.dll

[2013.04.15 13:03:54 | 000,337,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\USBXHCI.SYS

[2013.04.15 13:03:54 | 000,283,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\spaceport.sys

[2013.04.15 13:03:54 | 000,251,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WUSettingsProvider.dll

[2013.04.15 13:03:54 | 000,194,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\sdbus.sys

[2013.04.15 13:03:54 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\storewuauth.dll

[2013.04.15 13:03:54 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\powercfg.cpl

[2013.04.15 13:03:54 | 000,150,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\discan.dll

[2013.04.15 13:03:54 | 000,148,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\tpm.sys

[2013.04.15 13:03:54 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\powercfg.cpl

[2013.04.15 13:03:54 | 000,141,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuwebv.dll

[2013.04.15 13:03:54 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSyncInfo.dll

[2013.04.15 13:03:54 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuwebv.dll

[2013.04.15 13:03:54 | 000,125,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dumpsd.sys

[2013.04.15 13:03:54 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NdisImPlatform.dll

[2013.04.15 13:03:54 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSyncInfo.dll

[2013.04.15 13:03:54 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wudriver.dll

[2013.04.15 13:03:54 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wudriver.dll

[2013.04.15 13:03:54 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\taskhost.exe

[2013.04.15 13:03:54 | 000,077,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\storahci.sys

[2013.04.15 13:03:54 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\taskhostex.exe

[2013.04.15 13:03:54 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSDPrintProxy.DLL

[2013.04.15 13:03:54 | 000,069,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\pdc.sys

[2013.04.15 13:03:54 | 000,058,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuauclt.exe

[2013.04.15 13:03:54 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DevDispItemProvider.dll

[2013.04.15 13:03:54 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wups.dll

[2013.04.15 13:03:53 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapp.exe

[2013.04.15 13:03:53 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DevDispItemProvider.dll

[2013.04.15 13:03:53 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapp.exe

[2013.04.12 19:29:07 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll

[2013.04.12 19:29:03 | 000,915,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\uxtheme.dll

[2013.04.12 19:29:03 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript.dll

[2013.04.12 19:29:03 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript.dll

[2013.04.12 19:29:02 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeeds.dll

[2013.04.12 19:29:02 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ie4uinit.exe

[2013.04.12 19:29:01 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iesysprep.dll

[2013.04.12 19:29:01 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iesysprep.dll

[2013.04.12 19:29:01 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iesetup.dll

[2013.04.12 19:29:01 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iernonce.dll

[2013.04.12 18:25:11 | 001,011,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\reseteng.dll

[2013.04.12 18:25:10 | 000,375,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ReAgent.dll

[2013.04.12 18:24:57 | 006,991,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe

[2013.04.07 17:16:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Tages

[2013.04.07 17:07:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ubisoft

[2013.04.07 15:06:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Solidshield

[2013.04.07 14:50:58 | 000,000,000 | ---D | C] -- C:\ProgramData\bdch

[2013.04.03 21:47:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JDownloader

[2013.04.01 15:17:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight

[2013.04.01 15:16:32 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight

[2013.04.01 15:16:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight

[2013.03.31 17:16:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\appmgmt

[2013.03.29 23:09:08 | 000,000,000 | ---D | C] -- C:\CAVEDOG

[2013.03.29 18:52:45 | 000,147,232 | ---- | C] (BitDefender LLC) -- C:\WINDOWS\SysNative\drivers\gzflt.sys

[2013.03.26 15:49:10 | 000,230,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdFilter.sys

[2013.03.26 15:49:10 | 000,035,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdBoot.sys

 
 ========== Files - Modified Within 30 Days ==========

 

[2013.04.25 10:51:08 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2013.04.25 10:49:21 | 000,000,298 | ---- | M] () -- C:\WINDOWS\tasks\AutoKMS.job

[2013.04.25 10:49:07 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys

[2013.04.25 10:44:00 | 000,000,840 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\etc\hosts

[2013.04.25 10:43:07 | 000,024,064 | ---- | M] () -- C:\WINDOWS\zoek-delete.exe

[2013.04.25 01:10:00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job

[2013.04.25 00:46:00 | 000,001,148 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3813394021-1948135682-3251271600-1001UA.job

[2013.04.25 00:23:40 | 001,745,416 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI

[2013.04.25 00:23:40 | 000,751,892 | ---- | M] () -- C:\WINDOWS\SysNative\perfh007.dat

[2013.04.25 00:23:40 | 000,710,046 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat

[2013.04.25 00:23:40 | 000,155,620 | ---- | M] () -- C:\WINDOWS\SysNative\perfc007.dat

[2013.04.25 00:23:40 | 000,132,416 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat

[2013.04.24 23:23:21 | 000,186,538 | ---- | M] () -- C:\Users\LSatan\Desktop\teran.JPG

[2013.04.24 22:46:00 | 000,001,096 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3813394021-1948135682-3251271600-1001Core.job

[2013.04.24 22:36:39 | 000,002,327 | ---- | M] () -- C:\Users\LSatan\Desktop\Google Chrome.lnk

[2013.04.23 16:19:23 | 000,000,219 | ---- | M] () -- C:\Users\LSatan\Desktop\Day of Defeat Source.url

[2013.04.22 20:02:23 | 000,000,222 | ---- | M] () -- C:\Users\LSatan\Desktop\PlanetSide 2.url

[2013.04.21 18:47:36 | 000,000,917 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk

[2013.04.18 11:14:15 | 000,003,520 | ---- | M] () -- C:\WINDOWS\SysWow64\EasyRedirect.ini

[2013.04.18 11:14:15 | 000,002,040 | ---- | M] () -- C:\WINDOWS\SysWow64\EasyRedirectOff.ini

[2013.04.18 11:14:15 | 000,002,040 | ---- | M] () -- C:\WINDOWS\SysNative\EasyRedirectOff.ini

[2013.04.16 22:26:30 | 000,001,047 | ---- | M] () -- C:\Users\Public\Desktop\MediaMonkey.lnk

[2013.04.13 18:24:02 | 000,434,680 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT

[2013.04.05 17:33:27 | 000,314,016 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\atksgt.sys

[2013.04.05 17:33:27 | 000,043,680 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\lirsgt.sys

[2013.04.03 00:08:01 | 000,692,576 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe

[2013.04.03 00:08:01 | 000,078,176 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl

[2013.04.01 19:48:44 | 070,490,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MRT.exe

[2013.03.29 18:52:45 | 000,147,232 | ---- | M] (BitDefender LLC) -- C:\WINDOWS\SysNative\drivers\gzflt.sys

[2013.03.28 13:06:26 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk

[2013.03.27 23:32:37 | 000,001,012 | ---- | M] () -- C:\Users\LSatan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

 
 ========== Files Created - No Company Name ==========

 

[2013.04.25 10:48:08 | 000,024,064 | ---- | C] () -- C:\WINDOWS\zoek-delete.exe

[2013.04.24 23:23:21 | 000,186,538 | ---- | C] () -- C:\Users\LSatan\Desktop\teran.JPG

[2013.04.24 22:36:34 | 000,002,327 | ---- | C] () -- C:\Users\LSatan\Desktop\Google Chrome.lnk

[2013.04.24 22:36:06 | 000,001,148 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3813394021-1948135682-3251271600-1001UA.job

[2013.04.24 22:36:04 | 000,001,096 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3813394021-1948135682-3251271600-1001Core.job

[2013.04.23 16:19:23 | 000,000,219 | ---- | C] () -- C:\Users\LSatan\Desktop\Day of Defeat Source.url

[2013.04.22 15:08:25 | 000,000,222 | ---- | C] () -- C:\Users\LSatan\Desktop\PlanetSide 2.url

[2013.04.22 14:23:00 | 000,000,884 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job

[2013.04.21 18:47:36 | 000,000,917 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk

[2013.04.18 11:02:19 | 000,003,520 | ---- | C] () -- C:\WINDOWS\SysWow64\EasyRedirect.ini

[2013.04.18 11:02:19 | 000,002,040 | ---- | C] () -- C:\WINDOWS\SysWow64\EasyRedirectOff.ini

[2013.04.18 11:02:19 | 000,002,040 | ---- | C] () -- C:\WINDOWS\SysNative\EasyRedirectOff.ini

[2013.04.16 22:26:30 | 000,001,047 | ---- | C] () -- C:\Users\Public\Desktop\MediaMonkey.lnk

[2013.04.15 13:03:53 | 000,387,867 | ---- | C] () -- C:\WINDOWS\SysNative\ApnDatabase.xml

[2013.04.13 18:23:54 | 000,434,680 | ---- | C] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT

[2013.04.05 17:33:27 | 000,314,016 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\atksgt.sys

[2013.04.05 17:33:27 | 000,043,680 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\lirsgt.sys

[2013.04.03 21:48:08 | 000,002,005 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk

[2013.04.03 21:48:08 | 000,001,949 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Deinstallationsprogramm.lnk

[2013.04.03 21:48:08 | 000,001,928 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk

[2013.03.20 18:54:17 | 000,000,003 | ---- | C] () -- C:\Users\LSatan\AppData\Local\user_data.ini

[2013.02.10 14:59:20 | 000,000,425 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI

[2013.02.10 14:59:20 | 000,000,027 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI

[2013.01.28 17:30:56 | 000,599,772 | ---- | C] () -- C:\ProgramData\1359386687.bdinstall.bin

[2013.01.13 22:21:45 | 000,223,192 | ---- | C] () -- C:\ProgramData\1358108413.bdinstall.bin

[2012.12.02 23:27:19 | 000,696,794 | ---- | C] () -- C:\ProgramData\1354483221.bdinstall.bin

[2012.11.18 16:38:24 | 000,000,032 | R--- | C] () -- C:\ProgramData\hash.dat

[2012.11.12 23:24:10 | 000,000,017 | ---- | C] () -- C:\Users\LSatan\AppData\Local\resmon.resmoncfg

[2012.11.11 20:05:53 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SysWow64\Access.dat

[2012.11.05 01:07:03 | 000,000,667 | ---- | C] () -- C:\WINDOWS\Settings.ini

[2012.11.04 23:05:57 | 000,083,968 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll

[2012.10.29 13:09:28 | 000,974,848 | ---- | C] () -- C:\WINDOWS\SysWow64\cis-2.4.dll

[2012.10.29 13:09:28 | 000,081,920 | ---- | C] () -- C:\WINDOWS\SysWow64\issacapi_bs-2.3.dll

[2012.10.29 13:09:28 | 000,065,536 | ---- | C] () -- C:\WINDOWS\SysWow64\issacapi_pe-2.3.dll

[2012.10.29 13:09:28 | 000,057,344 | ---- | C] () -- C:\WINDOWS\SysWow64\issacapi_se-2.3.dll

[2012.10.29 13:09:28 | 000,030,568 | ---- | C] () -- C:\WINDOWS\MusiccityDownload.exe

[2012.07.26 10:13:10 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat

[2012.07.26 10:13:09 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT

[2012.07.26 09:21:26 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat

[2012.07.26 03:17:42 | 000,043,520 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll

[2012.07.25 22:37:29 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin

[2012.07.25 22:28:31 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll

[2012.06.02 16:31:19 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat

 
 ========== ZeroAccess Check ==========

 

[2012.12.03 14:56:44 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

 

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

 

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

"" = C:\Windows\SysNative\shell32.dll -- [2013.03.02 04:45:01 | 019,748,864 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

 

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\system32\shell32.dll -- [2013.03.02 10:23:07 | 017,560,576 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64

"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012.07.26 05:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

 

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = %systemroot%\system32\wbem\fastprox.dll -- [2012.07.26 05:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64

"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012.07.26 05:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both

 

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 

< End of report >

--- --- ---