[IMPORTANT] Bzgl. aktueller Virenverseuchung durch Aless[HELP]

[BlackLegend™]

Alle Clean die schritte @ Topic befolgen dann wird alles gut :P

[Grape™]

Noch ein kleiner Tipp :

Editiert in euren Scans eure persönlichen Daten wie Computername etc.

[killah7x]

OTL logfile created on: 18.07.2011 20:25:44 - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\Marek\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

7,75 Gb Total Physical Memory | 3,43 Gb Available Physical Memory | 44,28% Memory free
15,50 Gb Paging File | 12,16 Gb Available in Paging File | 78,46% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 290,78 Gb Total Space | 69,99 Gb Free Space | 24,07% Space Free | Partition Type: NTFS
Drive D: | 596,17 Gb Total Space | 596,06 Gb Free Space | 99,98% Space Free | Partition Type: NTFS
Drive E: | 290,74 Gb Total Space | 290,64 Gb Free Space | 99,97% Space Free | Partition Type: NTFS

Computer Name: MAREK-PC | User Name: Marek | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Marek\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\IObit\Advanced SystemCare 4\PMonitor.exe (IObit)
PRC - C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCTray.exe (IObit)
PRC - C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCService.exe (IObit)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files (x86)\D-Link\DWA-140 revB\ANIWConnService.exe ()
PRC - C:\Windows\SysWOW64\vmnetdhcp.exe (VMware, Inc.)
PRC - C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe (VMware, Inc.)
PRC - C:\Windows\SysWOW64\vmnat.exe (VMware, Inc.)
PRC - C:\Program Files (x86)\VMware\VMware Workstation\vmware-unity-helper.exe (VMware, Inc.)
PRC - C:\Program Files (x86)\VMware\VMware Workstation\vmplayer.exe (VMware, Inc.)
PRC - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe (VMware, Inc.)
PRC - C:\Program Files (x86)\Creative\USB Headsets\Volume Panel\VolPanlu.exe (Creative Technology Ltd)


========== Modules (SafeList) ==========

MOD - C:\Users\Marek\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420f e3fa2b8113bd\comctl32.dll (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV:64bit: - (UxTuneUp) -- C:\Windows\SysNative\uxtuneup.dll (TuneUp Software)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AdvancedSystemCareService) -- C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCService.exe (IObit)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (Creative Audio Engine Licensing Service) -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe (Creative Labs)
SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe (TuneUp Software)
SRV - (UxTuneUp) -- C:\Windows\SysWOW64\uxtuneup.dll (TuneUp Software)
SRV - (D-Link Wireless N DWA-140_WPS) -- C:\Program Files (x86)\D-Link\DWA-140 revB\ANIWConnService.exe ()
SRV - (VMnetDHCP) -- C:\Windows\SysWOW64\vmnetdhcp.exe (VMware, Inc.)
SRV - (VMAuthdService) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe (VMware, Inc.)
SRV - (VMware NAT Service) -- C:\Windows\SysWOW64\vmnat.exe (VMware, Inc.)
SRV - (VMUSBArbService) -- C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe (VMware, Inc.)
SRV - (ufad-ws60) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-ufad.exe (VMware, Inc.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\msco rsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\msco rsvw.exe (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (ATI Technologies, Inc.)
DRV:64bit: - (vmci) -- C:\Windows\SysNative\drivers\vmci.sys (VMware, Inc.)
DRV:64bit: - (vmx86) -- C:\Windows\SysNative\drivers\vmx86.sys (VMware, Inc.)
DRV:64bit: - (vmkbd) -- C:\Windows\SysNative\drivers\VMkbd.sys (VMware, Inc.)
DRV:64bit: - (VMnetuserif) -- C:\Windows\SysNative\drivers\vmnetuserif.sys (VMware, Inc.)
DRV:64bit: - (hcmon) -- C:\Windows\SysNative\drivers\hcmon.sys (VMware, Inc.)
DRV:64bit: - (vmusb) -- C:\Windows\SysNative\drivers\vmusb.sys (VMware, Inc.)
DRV:64bit: - (VMnetBridge) -- C:\Windows\SysNative\drivers\vmnetbridge.sys (VMware, Inc.)
DRV:64bit: - (VMnetAdapter) -- C:\Windows\SysNative\drivers\vmnetadapter.sys (VMware, Inc.)
DRV:64bit: - (netr28ux) -- C:\Windows\SysNative\drivers\Dnetr28ux.sys (Ralink Technology Corp.)
DRV:64bit: - (RTL85n64) -- C:\Windows\SysNative\drivers\RTL85n64.sys (Realtek Semiconductor Corporation )
DRV:64bit: - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys ()
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof ()
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (Ph3xIB64) -- C:\Windows\SysNative\drivers\Ph3xIB64.sys (NXP Semiconductors)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (anodlwf) -- C:\Windows\SysNative\drivers\anodlwfx.sys ()
DRV:64bit: - (skfiltv) -- C:\Windows\SysNative\drivers\skfiltv.sys (Creative Technology Ltd.)
DRV:64bit: - (s217mdm) -- C:\Windows\SysNative\drivers\s217mdm.sys (MCCI Corporation)
DRV:64bit: - (s217unic) Sony Ericsson Device 217 USB Ethernet Emulation SEMC217 (WDM) -- C:\Windows\SysNative\drivers\s217unic.sys (MCCI)
DRV:64bit: - (s217obex) -- C:\Windows\SysNative\drivers\s217obex.sys (MCCI Corporation)
DRV:64bit: - (s217bus) Sony Ericsson Device 217 driver (WDM) -- C:\Windows\SysNative\drivers\s217bus.sys (MCCI Corporation)
DRV:64bit: - (s217mdfl) -- C:\Windows\SysNative\drivers\s217mdfl.sys (MCCI Corporation)
DRV - (TuneUpUtilitiesDrv) -- C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys (TuneUp Software)
DRV - (vstor2-ws60) -- C:\Program Files (x86)\VMware\VMware Workstation\vstor2-ws60.sys (VMware, Inc.)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 6F 1A E0 EA DC 8F CB 01 [binary data]
IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "google.de"
FF - prefs.js..extensions.enabledItems: {6e764c17-863a-450f-bdd0-6772bd5aaa18}:1.0.3
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.7&q="


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.06.23 08:32:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.07.17 02:37:20 | 000,000,000 | ---D | M]

[2010.11.20 20:12:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marek\AppData\Roaming\mozilla\Extensions
[2011.06.05 10:14:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marek\AppData\Roaming\mozilla\Firefox\Pro files\sfsvm14y.default\extensions
[2010.12.22 18:26:54 | 000,000,000 | ---D | M] (Media Converter) -- C:\Users\Marek\AppData\Roaming\mozilla\Firefox\Pro files\sfsvm14y.default\extensions\{6e764c17-863a-450f-bdd0-6772bd5aaa18}
[2011.07.18 00:08:45 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
File not found (No name found) --
() (No name found) -- C:\USERS\MAREK\APPDATA\ROAMING\MOZILLA\FIREFOX\PRO FILES\SFSVM14Y.DEFAULT\EXTENSIONS\.X PI
[2011.06.23 08:32:38 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.07.17 02:37:17 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2011.05.08 20:35:19 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.05.08 20:35:19 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011.05.08 20:35:19 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2011.05.08 20:35:19 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.05.08 20:35:19 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.05.08 20:35:19 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml

O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O4:64bit: - HKLM..\Run: [Microsoft © Coperation 2007] C:\Users\Administrator\AppData\Roaming\Microsoft\W indows\Templates\explorer.exe (Microsoft Corporation)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [VolPanel] C:\Program Files (x86)\Creative\USB Headsets\Volume Panel\VolPanlu.exe (Creative Technology Ltd)
O4 - HKCU..\Run: [Advanced SystemCare 4] C:\Program Files (x86)\IObit\Advanced SystemCare 4\ASCTray.exe (IObit)
O4 - HKCU..\Run: [Microsoft © Coperation 2007] C:\Users\Marek\AppData\Roaming\Microsoft\Windows\T emplates\explorer.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: DontDisplayLogonHoursWarnings = 1
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files (x86)\VMware\VMware Workstation\vsocklib.dll (VMware, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files (x86)\VMware\VMware Workstation\vsocklib.dll (VMware, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files (x86)\VMware\VMware Workstation\vsocklib.dll (VMware, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files (x86)\VMware\VMware Workstation\vsocklib.dll (VMware, Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DL L (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.e xe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{3d42b84d-73e2-11e0-b12c-005056c00008}\Shell - "" = AutoRun
O33 - MountPoints2\{3d42b84d-73e2-11e0-b12c-005056c00008}\Shell\AutoRun\command - "" = K:\pushinst.exe
O33 - MountPoints2\{60990997-476f-11e0-8960-005056c00008}\Shell - "" = AutoRun
O33 - MountPoints2\{60990997-476f-11e0-8960-005056c00008}\Shell\AutoRun\command - "" = K:\Install.exe
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011.07.18 20:24:19 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Users\Marek\Desktop\OTL.exe
[2011.07.18 20:23:27 | 000,000,000 | ---D | C] -- C:\Users\Marek\AppData\Roaming\Malwarebytes
[2011.07.18 20:23:05 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011.07.18 20:23:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.07.18 20:23:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.07.18 20:23:01 | 000,025,912 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011.07.18 20:23:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011.07.18 20:22:43 | 009,466,208 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Marek\Desktop\mbam-setup-1.51.1.1800.exe
[2011.07.17 23:09:18 | 000,106,488 | ---- | C] (G Data Software) -- C:\Windows\SysNative\drivers\GRD.sys
[2011.07.17 23:00:42 | 000,058,584 | ---- | C] (G Data Software AG) -- C:\Windows\SysNative\drivers\PktIcpt.sys
[2011.07.17 23:00:10 | 000,110,456 | ---- | C] (G Data Software AG) -- C:\Windows\SysNative\drivers\MiniIcpt.sys
[2011.07.17 23:00:10 | 000,050,040 | ---- | C] (G Data Software AG) -- C:\Windows\SysNative\drivers\GDBehave.sys
[2011.07.17 23:00:09 | 000,063,864 | ---- | C] (G Data Software AG) -- C:\Windows\SysNative\drivers\gdwfpcd64.sys
[2011.07.17 22:59:49 | 000,000,000 | ---D | C] -- C:\ProgramData\G DATA
[2011.07.17 22:20:16 | 000,152,064 | -H-- | C] (Microsoft Corporation) -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\explorer.exe
[2011.07.17 22:19:43 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\taskshow.exe
[2011.07.17 02:37:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2011.07.17 02:37:20 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2011.07.17 01:39:37 | 000,142,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe
[2011.07.17 01:39:37 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe
[2011.07.17 01:20:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game Booster
[2011.07.17 01:20:12 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit
[2011.07.17 01:19:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 4
[2011.07.17 01:19:15 | 000,000,000 | ---D | C] -- C:\Users\Marek\AppData\Roaming\IObit
[2011.07.17 01:19:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IObit
[2011.07.13 16:30:06 | 000,422,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2011.07.13 16:30:05 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.13 16:30:05 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.13 16:30:04 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2011.07.13 16:30:04 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2011.07.13 16:30:04 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2011.07.13 16:30:04 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2011.07.13 16:30:04 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2011.07.13 16:30:04 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2011.07.13 16:30:04 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2011.07.13 16:30:04 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2011.07.13 16:30:04 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2011.07.13 16:30:04 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2011.07.13 16:30:04 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2011.07.13 16:30:04 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2011.07.13 16:30:04 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2011.07.13 16:30:04 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2011.07.13 16:30:04 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2011.07.13 16:30:04 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2011.07.13 16:30:04 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2011.07.13 16:30:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2011.07.13 16:30:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2011.07.13 16:30:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2011.07.13 16:30:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2011.07.13 16:30:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2011.07.13 16:30:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2011.07.13 16:30:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2011.07.13 16:30:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2011.07.13 16:30:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2011.07.13 16:30:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2011.07.13 16:30:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2011.07.13 16:30:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2011.07.13 16:30:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2011.07.13 16:30:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2011.07.13 16:30:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2011.07.13 16:30:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2011.07.13 16:30:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2011.07.13 16:30:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2011.07.13 16:30:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2011.07.13 16:30:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2011.07.13 16:30:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2011.07.13 16:30:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2011.07.13 16:30:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2011.07.13 16:30:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2011.07.13 16:30:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2011.07.13 16:30:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2011.07.13 16:30:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2011.07.13 16:30:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2011.07.13 16:30:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2011.07.13 16:30:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2011.07.13 16:30:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2011.07.13 16:30:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2011.07.13 16:30:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2011.07.13 16:30:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2011.07.13 16:30:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2011.07.13 16:30:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2011.07.13 16:30:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2011.07.13 16:29:58 | 001,162,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2011.07.13 16:29:58 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2011.07.13 16:29:58 | 000,338,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2011.07.13 16:29:58 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2011.07.13 16:29:57 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2011.07.13 16:29:57 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2011.07.13 16:29:57 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2011.07.13 16:29:57 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2011.07.13 16:29:57 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2011.07.13 16:29:56 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2011.07.13 16:29:56 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2011.07.13 16:29:52 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2011.07.10 13:03:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011.07.10 13:03:00 | 000,126,312 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\GEARAspi64.dll
[2011.07.10 13:03:00 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysWow64\GEARAspi.dll
[2011.07.10 13:03:00 | 000,034,152 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys
[2011.07.10 13:02:50 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011.07.10 13:02:49 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011.07.10 13:02:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2011.07.10 13:01:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2011.07.10 13:01:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2011.07.10 13:01:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2011.07.10 13:01:32 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2011.07.10 13:01:24 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2011.07.10 13:01:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2011.07.05 21:44:50 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2011.07.05 21:41:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies
[2011.07.05 21:41:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ATI Technologies
[2011.07.05 21:41:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
[2011.07.05 21:40:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies
[2011.07.05 21:40:45 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2011.07.05 21:40:08 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2011.07.05 21:10:15 | 000,000,000 | ---D | C] -- C:\Program Files\Core Temp
[2011.07.05 21:05:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD
[2011.07.05 21:04:26 | 000,000,000 | ---D | C] -- C:\Users\Marek\AppData\Local\Downloaded Installations
[2011.07.05 19:38:07 | 000,000,000 | ---D | C] -- C:\Users\Marek\AppData\Local\{D6533A39-3063-4C0F-8FFC-622E2F79DC30}
[2011.06.29 16:19:48 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvinst.exe
[2011.06.29 16:19:48 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\devrtl.dll
[2011.06.29 16:19:42 | 002,326,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tquery.dll
[2011.06.29 16:19:42 | 002,228,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssrch.dll
[2011.06.29 16:19:42 | 001,401,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssrch.dll
[2011.06.29 16:19:41 | 001,553,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tquery.dll
[2011.06.29 16:19:41 | 000,779,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssvp.dll
[2011.06.29 16:19:41 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssvp.dll
[2011.06.29 16:19:41 | 000,491,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssph.dll
[2011.06.29 16:19:41 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssph.dll
[2011.06.29 16:19:41 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssphtb.dll
[2011.06.29 16:19:41 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchProtocolHost.exe
[2011.06.29 16:19:41 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssphtb.dll
[2011.06.29 16:19:41 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFilterHost.exe
[2011.06.29 16:19:41 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscntrs.dll
[2011.06.29 16:19:41 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscntrs.dll
[2011.06.27 11:29:55 | 000,000,000 | ---D | C] -- C:\Users\Marek\AppData\Local\{071B6C9D-399F-4D90-87EB-6B9945578A54}
[2011.06.26 21:37:35 | 000,000,000 | ---D | C] -- C:\Users\Marek\AppData\Local\{E1D4AAE1-0BD4-4C06-A935-6841126D69AC}
[2011.06.26 13:45:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\D-Link
[2011.06.26 13:42:47 | 001,119,072 | ---- | C] (Ralink Technology Corp.) -- C:\Windows\SysNative\drivers\Dnetr28ux.sys
[2011.06.26 13:42:47 | 000,326,432 | ---- | C] (Ralink Technology, Inc.) -- C:\Windows\SysNative\RaCoInstx.dll
[2011.06.26 13:42:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\D-Link
[2011.06.26 13:42:37 | 000,000,000 | ---D | C] -- C:\Users\Marek\AppData\Roaming\InstallShield
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011.07.18 20:24:20 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Marek\Desktop\OTL.exe
[2011.07.18 20:23:05 | 000,001,118 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.07.18 20:22:47 | 009,466,208 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Marek\Desktop\mbam-setup-1.51.1.1800.exe
[2011.07.18 19:48:49 | 000,000,680 | RHS- | M] () -- C:\Users\Marek\ntuser.pol
[2011.07.18 19:39:24 | 000,025,328 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.07.18 19:39:24 | 000,025,328 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.07.18 19:34:13 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.07.18 19:34:08 | 1945,509,887 | -HS- | M] () -- C:\hiberfil.sys
[2011.07.17 23:09:18 | 000,106,488 | ---- | M] (G Data Software) -- C:\Windows\SysNative\drivers\GRD.sys
[2011.07.17 23:07:43 | 000,110,456 | ---- | M] (G Data Software AG) -- C:\Windows\SysNative\drivers\MiniIcpt.sys
[2011.07.17 23:07:43 | 000,063,864 | ---- | M] (G Data Software AG) -- C:\Windows\SysNative\drivers\gdwfpcd64.sys
[2011.07.17 23:07:43 | 000,050,040 | ---- | M] (G Data Software AG) -- C:\Windows\SysNative\drivers\GDBehave.sys
[2011.07.17 23:00:42 | 000,058,584 | ---- | M] (G Data Software AG) -- C:\Windows\SysNative\drivers\PktIcpt.sys
[2011.07.17 22:20:15 | 000,152,064 | -H-- | M] (Microsoft Corporation) -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\explorer.exe
[2011.07.17 22:20:15 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\taskshow.exe
[2011.07.17 14:15:52 | 001,650,634 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.07.17 14:15:52 | 000,710,076 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011.07.17 14:15:52 | 000,663,694 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.07.17 14:15:52 | 000,154,194 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011.07.17 14:15:52 | 000,126,410 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.07.17 03:23:35 | 000,000,056 | -H-- | M] () -- C:\Windows\SysWow64\ezsidmv.dat
[2011.07.17 03:21:23 | 000,001,649 | ---- | M] () -- C:\Users\Marek\Desktop\War Rock.lnk
[2011.07.17 02:37:16 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2011.07.17 01:39:37 | 000,142,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\poqexec.exe
[2011.07.17 01:39:37 | 000,123,904 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\poqexec.exe
[2011.07.17 01:19:18 | 000,001,230 | ---- | M] () -- C:\Users\Public\Desktop\Advanced SystemCare 4.lnk
[2011.07.13 16:44:12 | 000,289,064 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011.07.11 22:15:05 | 000,000,770 | ---- | M] () -- C:\Users\Marek\SciTE.session
[2011.07.06 19:52:42 | 000,041,272 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011.07.06 19:52:42 | 000,025,912 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011.07.02 13:48:14 | 000,123,784 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys
[2011.07.02 13:48:14 | 000,088,288 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2011.07.01 21:04:14 | 001,940,056 | ---- | M] () -- C:\Users\Marek\Documents\items.bin
[2011.06.27 22:38:02 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2011.06.27 14:09:33 | 000,004,049 | ---- | M] () -- C:\Users\Marek\Documents\n1x.wlmp
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011.07.18 20:23:05 | 000,001,118 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.07.17 03:23:35 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2011.07.17 03:21:23 | 000,001,649 | ---- | C] () -- C:\Users\Marek\Desktop\War Rock.lnk
[2011.07.17 01:19:18 | 000,001,230 | ---- | C] () -- C:\Users\Public\Desktop\Advanced SystemCare 4.lnk
[2011.07.10 13:01:40 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2011.07.02 23:05:49 | 001,940,056 | ---- | C] () -- C:\Users\Marek\Documents\items.bin
[2011.06.27 14:09:33 | 000,004,049 | ---- | C] () -- C:\Users\Marek\Documents\n1x.wlmp
[2011.06.26 13:43:40 | 000,302,080 | ---- | C] () -- C:\Windows\lwd.exe
[2011.06.26 13:42:47 | 000,015,872 | ---- | C] () -- C:\Windows\SysNative\drivers\anodlwfx.sys
[2011.06.26 13:42:47 | 000,014,051 | ---- | C] () -- C:\Windows\SysNative\RaCoInst.dat
[2011.04.09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011.04.08 13:28:58 | 000,041,872 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll
[2011.03.06 01:18:02 | 000,007,679 | ---- | C] () -- C:\Users\Marek\AppData\Local\Resmon.ResmonCfg
[2011.01.29 20:41:20 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2010.12.05 21:41:44 | 000,000,520 | ---- | C] () -- C:\Windows\SysWow64\drivers\RTEQEX0.DAT
[2010.12.05 21:41:44 | 000,000,008 | ---- | C] () -- C:\Windows\SysWow64\drivers\RTKHDAUD.DAT
[2010.11.20 22:21:02 | 001,662,682 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.11.20 19:51:09 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010.09.17 20:17:00 | 000,002,888 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2009.07.14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2008.09.19 03:49:26 | 000,001,209 | R--- | C] () -- C:\Windows\skSPcfg.ini
[2008.09.19 02:49:24 | 000,000,381 | R--- | C] () -- C:\Windows\skMCcfg.ini

< End of report >

[bares]

hey,

wie weis ich ob ich betroffen bin? bzw. was hat den virus verbreitet?

thx schonmal

[ghost´]

blacklegend nixs gegen dich aber im der shoutbox vom sirosix vip hack schreibst du kiddyepvp und scheis flamer epvp etc
wieso hilfst du uns dann ???

[.noname']

Quote:

Originally Posted by bares

hey,

wie weis ich ob ich betroffen bin? bzw. was hat den virus verbreitet?

thx schonmal

befolge das was blacklegend gemacht und "Aless" hat den Virus verbreitet

[☞☢Atomic☢☜]

Betroffen ? [IMG]

OTL.txt

 Spoiler

OTL logfile created on: 7/18/2011 8:59:56 PM - Run 1
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Program Files (x86)\xDownloadx\Fallout New Vegas
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

4.00 Gb Total Physical Memory | 2.09 Gb Available Physical Memory | 52.15% Memory free
8.00 Gb Paging File | 5.66 Gb Available in Paging File | 70.75% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 686.24 Gb Total Space | 455.30 Gb Free Space | 66.35% Space Free | Partition Type: NTFS
Drive D: | 12.30 Gb Total Space | 1.50 Gb Free Space | 12.21% Space Free | Partition Type: NTFS

Computer Name: XPWNZER-HP-X | User Name: Jannek | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Program Files (x86)\xDownloadx\Fallout New Vegas\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Ask.com\Updater\Updater.exe ({StringFileInfo_CompanyName})
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Windows\SysWOW64\ezSharedSvcHost.exe (EasyBits Software AS)
PRC - C:\Windows\SysWOW64\ezSharedSvcHost.exe (EasyBits Software AS)
PRC - C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
PRC - C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)
PRC - C:\Program Files (x86)\MSI\US54EX\Installer\WINXP\MSI US54EX Wireless Client Utility.exe (MSI Technology GmbH )


========== Modules (SafeList) ==========

MOD - C:\Program Files (x86)\xDownloadx\Fallout New Vegas\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420f e3fa2b8113bd\comctl32.dll (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (FLEXnet Licensing Service 64) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe (Acresso Software Inc.)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV:64bit: - (msvsmon90) -- C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe (Microsoft Corporation)
SRV - (AntiVirWebService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE (Avira GmbH)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (Akamai) -- c:\program files (x86)\common files\akamai\netsession_win_e477fed.dll ()
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (Hamachi2Svc) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (TeamViewer6) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (npggsvc) -- C:\Windows\SysWow64\GameMon.des (INCA Internet Co., Ltd.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\msco rsvw.exe (Microsoft Corporation)
SRV - (GameConsoleService) -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe (WildTangent, Inc.)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\msco rsvw.exe (Microsoft Corporation)
SRV - (HPSLPSVC) -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL (Hewlett-Packard Co.)
SRV - (ServiceLayer) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Nokia.)


========== Driver Services (SafeList) ==========

DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys ()
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (vmm) -- C:\Windows\SysNative\Treiber\VMM.sys (Microsoft Corporation)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices)
DRV:64bit: - (VBoxNetAdp) -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys (Oracle Corporation)
DRV:64bit: - (MotioninJoyXFilter) -- C:\Windows\SysNative\drivers\MijXfilt.sys (MotioninJoy)
DRV:64bit: - (xusb21) -- C:\Windows\SysNative\drivers\xusb21.sys (Microsoft Corporation)
DRV:64bit: - (atksgt) -- C:\Windows\SysNative\drivers\atksgt.sys ()
DRV:64bit: - (lirsgt) -- C:\Windows\SysNative\drivers\lirsgt.sys ()
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof ()
DRV:64bit: - (netr7364) -- C:\Windows\SysNative\drivers\netr7364.sys (Ralink Technology, Corp.)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (hamachi) -- C:\Windows\SysNative\drivers\hamachi.sys (LogMeIn, Inc.)
DRV:64bit: - (pccsmcfd) -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys (Nokia)
DRV:64bit: - (SQTECH905C) -- C:\Windows\SysNative\drivers\Capt905c.sys (Service & Quality Technology.)
DRV:64bit: - (VPCNetS2) -- C:\Windows\SysNative\drivers\VMNetSrv.sys (Microsoft Corporation)
DRV - (TFsExDisk) -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys (Teruten Inc)
DRV - (adfs) -- C:\Windows\SysWow64\drivers\adfs.sys (Adobe Systems, Inc.)
DRV - (libusb0) -- C:\Windows\SysWOW64\drivers\libusb0.sys ()
DRV - (NPPTNT2) -- C:\Windows\SysWOW64\npptNT2.sys (INCA Internet Co., Ltd.)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = my.daemon-search.com
IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.defaultthis.engineName: "Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={s earchTerms}"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://de.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:defficial"
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:3.2.5.2
FF - prefs.js..extensions.enabledItems: {0b457cAA-602d-484a-8fe7-c1d894a011ba}:0.88
FF - prefs.js..extensions.enabledItems: :1.0.26.2
FF - prefs.js..extensions.enabledItems: :5.0.31.0
FF - prefs.js..extensions.enabledItems: :3.2.5.2
FF - prefs.js..extensions.enabledItems: :4.5
FF - prefs.js..extensions.enabledItems: {46551EC9-40F0-4e47-8E18-8E5CF550CFB8}:1.1
FF - prefs.js..extensions.enabledItems: :1.2.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.9
FF - prefs.js..extensions.enabledItems: {EEE6C361-6118-11DC-9C72-001320C79847}:1.2.0.2
FF - prefs.js..extensions.enabledItems: {8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}:2.1.0
FF - prefs.js..keyword.URL: "http://websearch.ask.com/redirect?client=ff&src=kw&tb=AVR-W1&o=100000080&locale=de_DE&apn_uid=1e1c0e8e-6047-4839-af9e-4fe4599a3402&apn_ptnrs=JM&apn_sauid=CB0A17DE-4C7C-44F6-9C18-46C3DAE49ACB&apn_dtid=YYYYYYYYDE&q="
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "http://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.9&q="

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@idsoftware.com/QuakeLive: C:\ProgramData\id Software\QuakeLive\npquakezero.dll (id Software Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.51204.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpWinExt,version=4.0: C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0369.0\npwinext.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.com/NxGame: C:\ProgramData\Nexon\NGM\npNxGame.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll File not found
FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Jannek\AppData\Local\Google\Update\1.3.21 .57\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Jannek\AppData\Local\Google\Update\1.3.21 .57\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extens ions\\: C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0369.0\Firefox [2010/06/02 19:35:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extens ions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2010/12/09 15:24:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extens ions\\: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/01/17 21:40:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/06/24 15:18:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/06/01 15:11:22 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensi ons\\: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011/01/17 21:40:08 | 000,000,000 | ---D | M]

[2010/07/06 10:32:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jannek\AppData\Roaming\mozilla\Extensions
[2011/07/15 13:15:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jannek\AppData\Roaming\mozilla\Firefox\Pr ofiles\627h9nvh.default\extensions
[2011/06/23 14:17:50 | 000,000,000 | ---D | M] (FireShot) -- C:\Users\Jannek\AppData\Roaming\mozilla\Firefox\Pr ofiles\627h9nvh.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}
[2011/06/21 16:35:19 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Jannek\AppData\Roaming\mozilla\Firefox\Pr ofiles\627h9nvh.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011/06/25 21:24:57 | 000,000,000 | ---D | M] (DVDVideoSoftTB Community Toolbar) -- C:\Users\Jannek\AppData\Roaming\mozilla\Firefox\Pr ofiles\627h9nvh.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2010/08/02 21:19:32 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\Jannek\AppData\Roaming\mozilla\Firefox\Pr ofiles\627h9nvh.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011/04/24 20:34:13 | 000,000,000 | ---D | M] (SweetIM Toolbar for Firefox) -- C:\Users\Jannek\AppData\Roaming\mozilla\Firefox\Pr ofiles\627h9nvh.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
[2010/12/29 23:08:55 | 000,000,000 | ---D | M] (Battlefield Heroes Updater) -- C:\Users\Jannek\AppData\Roaming\mozilla\Firefox\Pr ofiles\627h9nvh.default\extensions\battlefieldhero
[2011/06/03 14:19:23 | 000,000,000 | ---D | M] (Battlefield Play4Free) -- C:\Users\Jannek\AppData\Roaming\mozilla\Firefox\Pr ofiles\627h9nvh.default\extensions\battlefieldplay
[2011/05/07 06:37:03 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Jannek\AppData\Roaming\mozilla\Firefox\Pr ofiles\627h9nvh.default\extensions\engine@conduit. com
[2011/07/03 09:24:35 | 000,000,000 | ---D | M] (Avira SearchFree Toolbar plus WebGuard) -- C:\Users\Jannek\AppData\Roaming\mozilla\Firefox\Pr ofiles\627h9nvh.default\extensions\
[2011/07/18 18:08:00 | 000,002,406 | ---- | M] () -- C:\Users\Jannek\AppData\Roaming\Mozilla\Firefox\Pr ofiles\627h9nvh.default\searchplugins\askcom.xml
[2010/08/08 15:29:11 | 000,000,873 | ---- | M] () -- C:\Users\Jannek\AppData\Roaming\Mozilla\Firefox\Pr ofiles\627h9nvh.default\searchplugins\conduit.xml
[2011/07/12 06:44:55 | 000,002,059 | ---- | M] () -- C:\Users\Jannek\AppData\Roaming\Mozilla\Firefox\Pr ofiles\627h9nvh.default\searchplugins\daemon-search.xml
[2011/07/17 14:50:02 | 000,000,950 | ---- | M] () -- C:\Users\Jannek\AppData\Roaming\Mozilla\Firefox\Pr ofiles\627h9nvh.default\searchplugins\icqplugin-1.xml
[2011/06/24 15:18:38 | 000,000,950 | ---- | M] () -- C:\Users\Jannek\AppData\Roaming\Mozilla\Firefox\Pr ofiles\627h9nvh.default\searchplugins\icqplugin-2.xml
[2011/07/03 09:24:35 | 000,000,950 | ---- | M] () -- C:\Users\Jannek\AppData\Roaming\Mozilla\Firefox\Pr ofiles\627h9nvh.default\searchplugins\icqplugin-3.xml
[2011/04/30 12:42:22 | 000,001,056 | ---- | M] () -- C:\Users\Jannek\AppData\Roaming\Mozilla\Firefox\Pr ofiles\627h9nvh.default\searchplugins\icqplugin.xm l
[2011/04/24 20:34:09 | 000,003,915 | ---- | M] () -- C:\Users\Jannek\AppData\Roaming\Mozilla\Firefox\Pr ofiles\627h9nvh.default\searchplugins\sweetim.xml
[2011/06/22 15:32:12 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2011/03/10 16:33:52 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
File not found (No name found) --
() (No name found) -- C:\USERS\JANNEK\APPDATA\ROAMING\MOZILLA\FIREFOX\PR OFILES\627H9NVH.DEFAULT\EXTENSIONS\{46551EC9-40F0-4E47-8E18-8E5CF550CFB8}.XPI
[2011/06/24 15:18:28 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/03/10 16:33:34 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2010/07/27 16:13:46 | 000,027,136 | ---- | M] (NHN USA Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npijjiautoinstallpluginff.dll
[2010/07/28 18:14:08 | 000,022,016 | ---- | M] (NHN USA Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npijjiFFPlugin1.dll
[2011/05/05 22:23:47 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011/05/05 22:23:47 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011/05/05 22:23:47 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2011/03/03 16:23:32 | 000,002,047 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrch.xml
[2011/05/05 22:23:47 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2011/05/05 22:23:47 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2011/05/05 22:23:47 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml

O1 HOSTS File: ([2010/10/22 13:26:00 | 000,000,028 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 activate.adobe.com
O2 - BHO: (Avira SearchFree Toolbar plus WebGuard) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - File not found
O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus WebGuard) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - File not found
O3 - HKCU\..\Toolbar\WebBrowser: (Avira SearchFree Toolbar plus WebGuard) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O4:64bit: - HKLM..\Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe (Hewlett-Packard)
O4:64bit: - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.ex e (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe ({StringFileInfo_CompanyName})
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe (EasyBits Software AS)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [AdobeBridge] File not found
O4 - HKCU..\Run: [HPAdvisorDock] File not found
O4 - HKCU..\Run: [ICQ] File not found
O4 - HKCU..\Run: [ISUSPM Startup] File not found
O4 - HKCU..\Run: [KPeerNexonEU] C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe (NEXON Inc.)
O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ()
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: EnableShellExecuteHooks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: HideFastUserSwitching = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: DisableLockWorkstation = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: DisableChangePassword = 0
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Jannek\AppData\Roaming\DVDVideoSoftIEHelp ers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube Download - C:\Users\Jannek\AppData\Roaming\DVDVideoSoftIEHelp ers\freeyoutubedownload.htm ()
O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files (x86)\PokerStars.NET\PokerStarsUpdate.exe (PokerStars)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Plug-in 1.6.0_24)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.e xe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll (EasyBits Software Corp.)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{49b15a76-8fd2-11df-9fc9-78e7d182de03}\Shell - "" = AutoRun
O33 - MountPoints2\{49b15a76-8fd2-11df-9fc9-78e7d182de03}\Shell\AutoRun\command - "" = G:\pushinst.exe
O33 - MountPoints2\{aae9bce2-6e78-11df-bff0-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{aae9bce2-6e78-11df-bff0-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/07/18 20:42:51 | 000,000,000 | ---D | C] -- C:\Users\Jannek\AppData\Roaming\Malwarebytes
[2011/07/18 20:42:12 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011/07/18 20:42:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/07/18 20:42:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/07/18 20:42:08 | 000,025,912 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011/07/18 20:42:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011/07/18 16:26:42 | 000,000,000 | ---D | C] -- C:\Users\Jannek\AppData\Local\{0A6AE948-6EBF-4DB5-BFFB-4AB062CE5433}
[2011/07/18 06:47:02 | 000,000,000 | ---D | C] -- C:\Users\Jannek\AppData\Local\{4DAD01BE-957D-40C5-AF14-58594A5001B7}
[2011/07/17 10:21:03 | 000,000,000 | ---D | C] -- C:\Temp
[2011/07/17 09:14:47 | 000,000,000 | ---D | C] -- C:\Users\Jannek\AppData\Local\{682FCE3B-C16E-4382-939C-CAADBA04DB40}
[2011/07/17 00:02:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JOYMAX
[2011/07/16 23:52:30 | 000,000,000 | ---D | C] -- C:\Joymax
[2011/07/16 21:49:07 | 000,000,000 | ---D | C] -- C:\Users\Jannek\AppData\Roaming\SecondLife
[2011/07/16 21:49:07 | 000,000,000 | ---D | C] -- C:\Users\Jannek\AppData\Local\SecondLife
[2011/07/16 11:57:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.0
[2011/07/16 11:57:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cheat Engine 6
[2011/07/16 08:13:07 | 000,000,000 | ---D | C] -- C:\Users\Jannek\AppData\Local\{21CD7CC3-CCA2-4023-B2BF-14E222D80E2C}
[2011/07/16 07:34:04 | 000,000,000 | ---D | C] -- C:\Users\Jannek\AppData\Local\{EB1A77BB-F410-43B9-B7DF-DE356E4A1A88}
[2011/07/15 19:51:22 | 001,721,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WdfCoInstaller01009.dll
[2011/07/15 19:51:22 | 000,328,712 | ---- | C] (Logitech Inc.) -- C:\Windows\SysNative\MijFrc.dll
[2011/07/15 19:51:22 | 000,097,552 | ---- | C] (MotioninJoy) -- C:\Windows\SysNative\drivers\MijXfilt.sys
[2011/07/15 19:51:22 | 000,074,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\xusb21.sys
[2011/07/15 13:32:11 | 000,000,000 | ---D | C] -- C:\Users\Jannek\AppData\Local\{057E7F70-2260-47F2-A9A5-EBA540BB41B3}
[2011/07/15 13:13:56 | 000,000,000 | ---D | C] -- C:\Users\Jannek\AppData\Local\{37DA95C8-2AC4-4F9C-9E13-29AD51E36CCA}
[2011/07/15 12:31:55 | 000,000,000 | ---D | C] -- C:\Users\Jannek\AppData\Local\{9E84C52C-FA32-4A97-B5B2-D77C3E583D54}
[2011/07/15 06:34:32 | 000,000,000 | ---D | C] -- C:\Users\Jannek\AppData\Local\{BE9D10C4-D240-4574-B2AF-AF2AE6411E9F}
[2011/07/14 20:01:05 | 000,000,000 | ---D | C] -- C:\Users\Jannek\AppData\Roaming\MotioninJoy
[2011/07/14 20:01:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MotioninJoy
[2011/07/14 20:01:04 | 000,000,000 | ---D | C] -- C:\Program Files\MotioninJoy
[2011/07/14 11:21:01 | 000,000,000 | ---D | C] -- C:\Users\Jannek\AppData\Local\{4FBA35B8-88C5-4FE4-AB4A-B4BC9D59225F}
[2011/07/13 18:23:37 | 000,000,000 | ---D | C] -- C:\Users\Jannek\AppData\Local\{AE451C71-0E38-4429-AC04-25D9C271FF06}
[2011/07/13 06:23:10 | 000,000,000 | ---D | C] -- C:\Users\Jannek\AppData\Local\{D566449D-F55B-4B1A-9887-5A5CB5A84982}
[2011/07/13 06:22:06 | 000,000,000 | ---D | C] -- C:\Users\Jannek\AppData\Local\PMB Files
[2011/07/12 22:51:32 | 000,000,000 | ---D | C] -- C:\Users\Jannek\Documents\TCNYC
[2011/07/12 22:47:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Aspyr Media, Inc
[2011/07/12 22:45:11 | 000,000,000 | ---D | C] -- C:\Users\Jannek\Desktop\True Crime
[2011/07/12 20:20:52 | 000,000,000 | ---D | C] -- C:\Users\Jannek\AppData\Local\PBlackout
[2011/07/12 19:40:05 | 000,000,000 | ---D | C] -- C:\Users\Jannek\AppData\Roaming\Microsoft\Windows\ Start Menu\Programs\Project Blackout
[2011/07/12 19:40:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Project Blackout
[2011/07/12 19:38:43 | 000,000,000 | ---D | C] -- C:\SG Interactive
[2011/07/12 19:10:26 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files
[2011/07/12 15:11:07 | 000,046,592 | ---- | C] () -- C:\Windows\SysWow64\libusb0.dll
[2011/07/12 14:24:03 | 000,000,000 | ---D | C] -- C:\Users\Jannek\Documents\FIFA 07
[2011/07/12 14:22:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA SPORTS
[2011/07/12 14:14:07 | 000,000,000 | ---D | C] -- C:\Users\Jannek\Desktop\Fifa07(Haki Edition)
[2011/07/12 14:12:54 | 000,000,000 | ---D | C] -- C:\Users\Jannek\Desktop\alocale
[2011/07/12 14:12:41 | 000,012,528 | ---- | C] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\Users\Jannek\Desktop\SECDRV.SYS
[2011/07/12 14:12:41 | 000,000,000 | ---D | C] -- C:\Users\Jannek\Desktop\Support
[2011/07/12 14:12:40 | 000,000,000 | ---D | C] -- C:\Users\Jannek\Desktop\Macromedia
[2011/07/12 13:54:24 | 000,000,000 | ---D | C] -- C:\Users\Jannek\AppData\Roaming\DAEMON Tools Pro
[2011/07/12 13:54:24 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Pro
[2011/07/12 13:35:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Anwendungsdaten
[2011/07/12 06:44:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Toolbar
[2011/07/12 06:42:00 | 000,000,000 | ---D | C] -- C:\Users\Jannek\AppData\Local\LogMeIn Hamachi
[2011/07/12 06:40:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2011/07/12 06:40:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi
[2011/07/12 06:34:09 | 000,000,000 | ---D | C] -- C:\Users\Jannek\AppData\Local\{DB80E251-E452-473D-8EFE-3A1FB174A241}
[2011/07/11 22:37:05 | 000,000,000 | ---D | C] -- C:\Users\Jannek\Documents\Need for Speed World
[2011/07/11 16:32:35 | 000,000,000 | ---D | C] -- C:\Users\Jannek\AppData\Local\{59DAD0C8-996F-4169-B2DF-7AB9A2DE1719}
[2011/07/11 12:37:58 | 000,000,000 | ---D | C] -- C:\Users\Jannek\AppData\Local\{4ADDE4B0-A71F-4CAF-8D14-233BF787E5DD}
[2011/07/09 16:30:36 | 000,000,000 | ---D | C] -- C:\Users\Jannek\AppData\Roaming\Need for Speed World
[2011/07/09 15:41:54 | 000,000,000 | ---D | C] -- C:\Users\Jannek\AppData\Local\Electronic_Arts_Inc
[2011/07/09 08:22:25 | 000,000,000 | ---D | C] -- C:\Users\Jannek\AppData\Local\{F31233B0-3DB0-4734-A745-57C11BFC171B}
[2011/07/08 08:15:12 | 000,000,000 | ---D | C] -- C:\Users\Jannek\AppData\Local\{6E5AB510-E236-4740-A3F0-CDF469EC4D2C}
[2011/07/07 15:39:44 | 000,000,000 | ---D | C] -- C:\Users\Jannek\AppData\Local\{DB17DB44-8724-497F-BF80-C1494345D6B8}
[2011/07/06 13:33:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2011/07/06 13:03:04 | 000,000,000 | ---D | C] -- C:\Users\Jannek\AppData\Local\{5371873B-189A-4014-A511-58869794E552}
[2011/07/05 14:05:43 | 000,000,000 | ---D | C] -- C:\Users\Jannek\AppData\Local\AskToolbar
[2011/07/05 11:48:29 | 000,000,000 | ---D | C] -- C:\Users\Jannek\AppData\Roaming\Microsoft\Windows\ Start Menu\Programs\Google Chrome
[2011/07/05 11:24:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cheat Engine
[2011/07/05 11:23:32 | 000,000,000 | ---D | C] -- C:\Users\Jannek\AppData\Roaming\GetRightToGo
[2011/07/05 11:23:32 | 000,000,000 | ---D | C] -- C:\Users\Jannek\Documents\Downloads
[2011/07/05 09:27:59 | 000,000,000 | ---D | C] -- C:\Users\Jannek\AppData\Local\{1B2B9562-414C-466A-B9F6-AB45E60D9586}
[2011/07/04 12:27:22 | 000,000,000 | ---D | C] -- C:\Users\Jannek\AppData\Local\{1B26CC98-85B4-40A5-B129-63B130141EE6}
[2011/07/04 06:33:49 | 000,000,000 | ---D | C] -- C:\Users\Jannek\AppData\Local\{0B20E9FE-D50A-4048-B00E-A07D497BF13F}
[2011/07/03 18:07:17 | 000,000,000 | ---D | C] -- C:\Users\Jannek\AppData\Local\{358958DA-D8AA-47B4-A9DC-8D307D22E749}
[2011/07/03 09:23:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ask.com
[2011/07/03 09:19:47 | 000,000,000 | ---D | C] -- C:\Users\Jannek\AppData\Local\{915422E2-2C60-44F9-81B6-E0E27F024DC7}
[2011/07/02 17:09:03 | 000,000,000 | ---D | C] -- C:\Users\Jannek\Desktop\Backup
[2011/07/01 20:27:07 | 000,000,000 | ---D | C] -- C:\Users\Jannek\AppData\Local\{504129AD-B43A-4AAD-9958-1A9B4ECF1AE5}
[2011/07/01 07:00:35 | 000,000,000 | ---D | C] -- C:\Users\Jannek\AppData\Local\{A892A828-DAEF-4314-86BD-AFB0AF0256A3}
[2011/06/29 17:31:29 | 000,000,000 | ---D | C] -- C:\Users\Jannek\AppData\Local\{475232E0-90FA-4760-A6F1-421CC11BE997}
[2011/06/28 15:05:42 | 000,000,000 | ---D | C] -- C:\Users\Jannek\AppData\Local\{C81D2574-7B3B-447F-8815-D0D973578C2D}
[2011/06/27 12:24:51 | 000,000,000 | ---D | C] -- C:\Users\Jannek\AppData\Local\{EE782043-D6E6-40FC-864B-5E84E9DEAE88}
[2011/06/26 21:50:19 | 002,721,272 | ---- | C] (Microsoft Corporation) -- C:\Users\Jannek\Desktop\vbsetup.exe
[2011/06/26 19:42:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server
[2011/06/26 08:52:24 | 000,000,000 | ---D | C] -- C:\Users\Jannek\AppData\Local\{CB10C75A-D2AE-4877-B3CE-B29125FAFD91}
[2011/06/25 09:48:57 | 000,000,000 | ---D | C] -- C:\Users\Jannek\AppData\Local\{357785FD-0152-4743-AD10-4E06D20DC1B5}
[2011/06/24 09:11:41 | 000,000,000 | ---D | C] -- C:\Users\Jannek\AppData\Local\{3D39CC30-ADC6-4D5C-95D2-81CCB9615398}
[2011/06/23 19:43:31 | 000,000,000 | ---D | C] -- C:\Users\Jannek\AppData\Local\{70DEC63C-A655-4677-A7AF-A5B70C045AE4}
[2011/06/23 07:42:52 | 000,000,000 | ---D | C] -- C:\Users\Jannek\AppData\Local\{DBABC35E-AA60-444A-80EE-EADB60A6E649}
[2011/06/22 14:01:04 | 000,000,000 | ---D | C] -- C:\Program Files\Babylon
[2011/06/22 09:59:28 | 000,000,000 | ---D | C] -- C:\Users\Jannek\AppData\Local\{86418E79-EB67-4F75-AA86-A87B2721905B}
[2011/06/21 08:02:39 | 000,000,000 | ---D | C] -- C:\Users\Jannek\AppData\Local\{C7E3E9E3-8D40-427E-858E-D4CDF132FE30}
[2011/06/20 21:43:49 | 000,000,000 | ---D | C] -- C:\Users\Jannek\Desktop\_GHD__Logger_Source_
[2011/06/20 08:57:51 | 000,000,000 | ---D | C] -- C:\Users\Jannek\AppData\Local\{7EDB5921-D55C-404E-BD06-61C206BC7201}
[2011/06/19 17:49:41 | 000,000,000 | ---D | C] -- C:\Users\Jannek\AppData\Local\{821CA38D-CB1A-4AD3-801F-FCD56EE15885}
[2011/06/19 14:45:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual C++ 9.0 Express Edition
[2011/06/19 13:32:40 | 000,000,000 | ---D | C] -- C:\Users\Jannek\Desktop\For Mizchen
[2011/06/19 00:01:34 | 000,000,000 | ---D | C] -- C:\Users\Jannek\AppData\Local\{A6D418E9-9083-4277-8708-FA201CBFAEC5}
[2009/07/13 22:46:42 | 001,169,224 | ---- | C] (Microsoft Corporation) -- C:\Users\Jannek\AppData\Roaming\Svchost.exe

========== Files - Modified Within 30 Days ==========

[2011/07/18 20:53:00 | 000,181,402 | ---- | M] () -- C:\Users\Jannek\Desktop\2011-07-18_205156.png
[2011/07/18 20:52:01 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3765053375-3540083129-3656752694-1000UA.job
[2011/07/18 20:42:12 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/07/18 20:14:00 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/07/18 16:31:51 | 000,015,568 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/07/18 16:31:51 | 000,015,568 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/07/18 16:30:57 | 001,640,804 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/07/18 16:30:57 | 000,708,670 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011/07/18 16:30:57 | 000,661,286 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/07/18 16:30:57 | 000,153,302 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011/07/18 16:30:57 | 000,125,476 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/07/18 16:25:50 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/07/18 16:24:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/07/18 16:24:21 | 3220,627,456 | -HS- | M] () -- C:\hiberfil.sys
[2011/07/17 20:16:30 | 000,001,697 | ---- | M] () -- C:\WarRock.ini
[2011/07/17 11:52:00 | 000,001,072 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3765053375-3540083129-3656752694-1000Core.job
[2011/07/17 10:09:39 | 000,033,820 | ---- | M] () -- C:\Users\Jannek\Desktop\8813099243_1262978361.gif
[2011/07/17 09:12:27 | 012,104,699 | ---- | M] () -- C:\Users\Jannek\Desktop\LolLLL.MP4
[2011/07/17 09:08:29 | 000,000,000 | ---- | M] () -- C:\Users\Jannek\Desktop\Forum Event.avi.MP4
[2011/07/17 09:03:53 | 201,693,696 | ---- | M] () -- C:\Users\Jannek\Desktop\Forum Event.avi
[2011/07/17 00:02:55 | 000,001,606 | ---- | M] () -- C:\Users\Public\Desktop\KarmaOnline.lnk
[2011/07/16 11:57:30 | 000,001,073 | ---- | M] () -- C:\Users\Jannek\Desktop\Cheat Engine.lnk
[2011/07/15 21:58:43 | 000,001,370 | ---- | M] () -- C:\Users\Jannek\Desktop\Xpadder.ini
[2011/07/15 20:30:19 | 001,009,664 | ---- | M] () -- C:\Users\Jannek\Desktop\Xpadder.exe
[2011/07/15 19:56:25 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_xusb21_01 009.Wdf
[2011/07/15 19:56:24 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_MijXfilt_ 01009.Wdf
[2011/07/15 19:51:22 | 000,000,923 | ---- | M] () -- C:\Users\Public\Desktop\DS3 Tool.lnk
[2011/07/15 18:54:12 | 000,002,410 | ---- | M] () -- C:\Users\Jannek\Desktop\Google Chrome.lnk
[2011/07/15 13:17:02 | 000,000,040 | ---- | M] () -- C:\Users\Public\Documents\_rgpl
[2011/07/14 22:21:06 | 000,001,084 | ---- | M] () -- C:\Users\Jannek\Documents\lol.rtf
[2011/07/12 19:40:05 | 000,000,845 | ---- | M] () -- C:\Users\Jannek\Desktop\Project Blackout.lnk
[2011/07/12 19:37:40 | 459,305,199 | ---- | M] () -- C:\Users\Jannek\Desktop\ProjectBlackoutInstall_XR. exe
[2011/07/12 14:05:04 | 000,526,392 | ---- | M] () -- C:\Windows\SysNative\drivers\sptd.sys
[2011/07/09 15:41:40 | 000,002,221 | ---- | M] () -- C:\Users\Public\Desktop\Need For Speed World.lnk
[2011/07/09 13:00:07 | 000,280,768 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2011/07/09 13:00:07 | 000,280,768 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011/07/09 12:59:40 | 000,215,128 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2011/07/09 08:41:58 | 000,000,221 | ---- | M] () -- C:\Users\Jannek\Desktop\BRINK Dedicated Server.url
[2011/07/06 19:52:42 | 000,041,272 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011/07/06 19:52:42 | 000,025,912 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011/07/02 18:34:45 | 000,001,288 | ---- | M] () -- C:\Users\Public\Desktop\Paint.NET.lnk
[2011/07/01 11:39:18 | 000,001,439 | ---- | M] () -- C:\Users\Jannek\Desktop\Editor.lnk
[2011/06/30 13:41:14 | 000,000,229 | ---- | M] () -- C:\Users\Jannek\Desktop\Left 4 Dead 2.url
[2011/06/29 15:56:52 | 000,123,784 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys
[2011/06/29 15:56:52 | 000,088,288 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2011/06/28 13:42:16 | 000,000,000 | ---- | M] () -- C:\Users\Jannek\Programme
[2011/06/28 13:42:16 | 000,000,000 | ---- | M] () -- C:\Programme
[2011/06/28 13:42:15 | 000,000,000 | ---- | M] () -- C:\Program
[2011/06/26 21:56:21 | 000,001,405 | ---- | M] () -- C:\Users\Jannek\Desktop\Microsoft Visual Basic 2008 Express Edition.lnk
[2011/06/26 21:50:36 | 002,721,272 | ---- | M] (Microsoft Corporation) -- C:\Users\Jannek\Desktop\vbsetup.exe
[2011/06/24 22:48:54 | 000,000,219 | ---- | M] () -- C:\Users\Jannek\Desktop\Team Fortress 2.url
[2011/06/19 14:45:29 | 000,001,174 | ---- | M] () -- C:\Users\Jannek\Desktop\Microsoft Visual C++ 2008 Express Edition.lnk

========== Files Created - No Company Name ==========

[2011/07/18 20:51:58 | 000,181,402 | ---- | C] () -- C:\Users\Jannek\Desktop\2011-07-18_205156.png
[2011/07/18 20:42:12 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/07/17 10:09:37 | 000,033,820 | ---- | C] () -- C:\Users\Jannek\Desktop\8813099243_1262978361.gif
[2011/07/17 09:12:25 | 012,104,699 | ---- | C] () -- C:\Users\Jannek\Desktop\LolLLL.MP4
[2011/07/17 09:08:29 | 000,000,000 | ---- | C] () -- C:\Users\Jannek\Desktop\Forum Event.avi.MP4
[2011/07/17 09:03:59 | 201,693,696 | ---- | C] () -- C:\Users\Jannek\Desktop\Forum Event.avi
[2011/07/17 00:02:55 | 000,001,606 | ---- | C] () -- C:\Users\Public\Desktop\KarmaOnline.lnk
[2011/07/16 11:57:30 | 000,001,073 | ---- | C] () -- C:\Users\Jannek\Desktop\Cheat Engine.lnk
[2011/07/15 21:58:43 | 000,001,370 | ---- | C] () -- C:\Users\Jannek\Desktop\Xpadder.ini
[2011/07/15 20:29:39 | 001,009,664 | ---- | C] () -- C:\Users\Jannek\Desktop\Xpadder.exe
[2011/07/15 19:56:25 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_xusb21_01 009.Wdf
[2011/07/15 19:56:24 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_MijXfilt_ 01009.Wdf
[2011/07/15 19:51:22 | 000,000,923 | ---- | C] () -- C:\Users\Public\Desktop\DS3 Tool.lnk
[2011/07/15 13:17:02 | 000,000,040 | ---- | C] () -- C:\Users\Public\Documents\_rgpl
[2011/07/14 22:21:06 | 000,001,084 | ---- | C] () -- C:\Users\Jannek\Documents\lol.rtf
[2011/07/13 17:54:04 | 000,001,997 | ---- | C] () -- C:\Users\Jannek\Desktop\modchips-info.htm
[2011/07/12 19:40:05 | 000,000,845 | ---- | C] () -- C:\Users\Jannek\Desktop\Project Blackout.lnk
[2011/07/12 19:13:58 | 459,305,199 | ---- | C] () -- C:\Users\Jannek\Desktop\ProjectBlackoutInstall_XR. exe
[2011/07/12 15:11:07 | 000,033,792 | ---- | C] () -- C:\Windows\SysWow64\drivers\libusb0.sys
[2011/07/12 13:33:45 | 000,526,392 | ---- | C] () -- C:\Windows\SysNative\drivers\sptd.sys
[2011/07/09 15:41:40 | 000,002,221 | ---- | C] () -- C:\Users\Public\Desktop\Need For Speed World.lnk
[2011/07/09 08:41:58 | 000,000,221 | ---- | C] () -- C:\Users\Jannek\Desktop\BRINK Dedicated Server.url
[2011/07/05 11:48:31 | 000,002,410 | ---- | C] () -- C:\Users\Jannek\Desktop\Google Chrome.lnk
[2011/07/05 11:47:06 | 000,001,124 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3765053375-3540083129-3656752694-1000UA.job
[2011/07/05 11:47:05 | 000,001,072 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3765053375-3540083129-3656752694-1000Core.job
[2011/07/02 18:34:45 | 000,001,288 | ---- | C] () -- C:\Users\Public\Desktop\Paint.NET.lnk
[2011/07/01 11:39:18 | 000,001,439 | ---- | C] () -- C:\Users\Jannek\Desktop\Editor.lnk
[2011/06/28 20:52:21 | 001,886,216 | ---- | C] () -- C:\Users\Jannek\Desktop\items.bin
[2011/06/28 13:42:16 | 000,000,000 | ---- | C] () -- C:\Users\Jannek\Programme
[2011/06/28 13:42:16 | 000,000,000 | ---- | C] () -- C:\Programme
[2011/06/28 13:42:15 | 000,000,000 | ---- | C] () -- C:\Program
[2011/06/27 15:25:48 | 000,000,229 | ---- | C] () -- C:\Users\Jannek\Desktop\Left 4 Dead 2.url
[2011/06/26 21:56:21 | 000,001,405 | ---- | C] () -- C:\Users\Jannek\Desktop\Microsoft Visual Basic 2008 Express Edition.lnk
[2011/06/24 22:48:54 | 000,000,219 | ---- | C] () -- C:\Users\Jannek\Desktop\Team Fortress 2.url
[2011/06/19 14:45:29 | 000,001,174 | ---- | C] () -- C:\Users\Jannek\Desktop\Microsoft Visual C++ 2008 Express Edition.lnk
[2011/06/13 18:52:38 | 000,000,000 | ---- | C] () -- C:\Users\Jannek\AppData\Roaming\~
[2011/06/05 20:10:06 | 000,014,848 | ---- | C] () -- C:\Windows\SysWow64\BASSMOD.dll
[2011/06/05 19:55:34 | 000,000,081 | -HS- | C] () -- C:\ProgramData\.zreglib
[2011/06/03 19:11:34 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011/05/24 23:44:26 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011/03/13 01:44:48 | 000,000,094 | ---- | C] () -- C:\Users\Jannek\AppData\Local\fusioncache.dat
[2011/02/26 09:22:09 | 000,067,863 | ---- | C] () -- C:\Windows\SysWow64\x264vfw-uninstall.exe
[2011/01/17 21:57:23 | 000,217,267 | ---- | C] () -- C:\Windows\hpoins46.dat.temp
[2011/01/17 21:51:52 | 000,000,606 | ---- | C] () -- C:\Windows\hpomdl46.dat.temp
[2011/01/17 21:05:50 | 000,216,727 | ---- | C] () -- C:\Windows\hpoins46.dat
[2010/12/29 03:56:07 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe
[2010/12/24 08:55:05 | 000,027,648 | ---- | C] () -- C:\Windows\SysWow64\AVSredirect.dll
[2010/12/18 00:02:15 | 000,280,768 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2010/12/18 00:02:15 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2010/11/08 22:34:38 | 001,670,098 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010/11/02 14:29:55 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010/10/30 17:10:06 | 000,000,979 | ---- | C] () -- C:\Users\Jannek\AppData\Roaming\data.dat
[2010/10/26 17:03:19 | 000,022,016 | ---- | C] () -- C:\Windows\SysWow64\mspcde40.dll
[2010/10/24 11:20:04 | 001,073,152 | ---- | C] () -- C:\Windows\SysWow64\libmysql_c.dll
[2010/09/07 15:33:09 | 000,001,014 | ---- | C] () -- C:\Users\Jannek\AppData\Roaming\wklnhst.dat
[2010/07/25 17:14:01 | 000,000,001 | ---- | C] () -- C:\Windows\SysWow64\SI.bin
[2010/07/24 15:05:53 | 002,250,024 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2010/07/08 12:38:24 | 001,589,248 | ---- | C] () -- C:\Windows\SysWow64\libmysql_d.dll
[2010/07/08 12:30:28 | 000,000,600 | ---- | C] () -- C:\Users\Jannek\AppData\Local\PUTTY.RND
[2010/07/06 08:31:23 | 000,311,296 | ---- | C] () -- C:\Windows\SysWow64\AegisI5.exe
[2010/07/06 08:31:22 | 000,290,918 | ---- | C] () -- C:\Windows\SysWow64\Install7x.dll
[2010/07/06 08:31:22 | 000,002,048 | ---- | C] () -- C:\Windows\SysWow64\drivers\rt73.bin
[2010/07/06 07:32:16 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2010/06/02 19:30:24 | 000,009,988 | ---- | C] () -- C:\Windows\SysWow64\ezdigsgn.dat
[2010/06/02 18:56:57 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010/02/17 08:44:36 | 000,014,848 | ---- | C] () -- C:\Windows\SysWow64\bdmjpeg.dll
[2010/02/17 08:44:32 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\bdmpegv.dll
[2009/07/29 08:35:54 | 002,378,752 | ---- | C] () -- C:\Windows\SysWow64\x264vfw.dll
[2009/07/14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/11 05:02:28 | 000,000,606 | ---- | C] () -- C:\Windows\hpomdl46.dat
[2009/06/10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2007/10/25 18:26:10 | 000,005,632 | ---- | C] () -- C:\Windows\SysWow64\drivers\StarOpen.sys

========== Alternate Data Streams ==========

@Alternate Data Stream - 48 bytes -> C:\Windows:C069C13C25AC08C4

< End of report >

Ist da was Falsch ?

Bin ich Infiziert ?

[bares]

hab noch nie was von diesem Aless gehört. hab aber einige hacks die letzen tage runtergeladen, auch von denen, die betroffen sein sollen. sprich: ich hab den virus?

[Diablo_]

Hi an alle,

es ist schön, dass es jetzt solche Threads gibt aber alle die infiziert sind sollten neu aufsetzen.

Alles andere hat in diesem Fall keinen Sinn, glaubt mir.

Grüße

[☞☢Atomic☢☜]

Quote:

Originally Posted by bares

hab noch nie was von diesem Aless gehört. hab aber einige hacks die letzen tage runtergeladen, auch von denen, die betroffen sein sollen. sprich: ich hab den virus?

Ja man die ganze scheiss WarRock Sektion.

[bares]

@Diablo
was meinst mit neu aufsetzen?

[☞☢Atomic☢☜]

Quote:

Originally Posted by bares

@Diablo
was meinst mit neu aufsetzen?

Windows Neu instalieren , schreibt er mir in Skype.

[IceVisionzX]

Wieder und wieder und wieder, alees wird nie aushören und gehört gebannt.
es ist wahr und black würde keine viren verbreiten

[☞☢Atomic☢☜]

AN alle die Windows 7 Home Premium haben ( Da gehts ganz Sicher ) Unter Systemeinstellungen -> Kategorie : Große/Kleine Symbole -> Wiederherstellung -> Erweiterte Wiederherstellungsmöglichkeiten -> wählt aus " Auf Werkseinstellungen zurücksetzen ". Das wird helfen.

[Bonrax]

Nein!

Dort wird nur das system auf "Werkeinstellungen" gestelt! Der Virus auf der Festplatte bleibt!