[IMPORTANT] Bzgl. aktueller Virenverseuchung durch Aless[HELP]

[BlackLegend™]

Da in Thread eh nur gespamme herrscht mach ich ein neuen thread.
Hier könnt ihr mich in skype erreichen: Blacklegendx3(Für hilfe und so)

Als erstes geht ihr auf start und gebt MSCONFIG ein und drückt start.
Ihr geht auf Systemstart und guckt ob euch was auffällt was nicht normal ist.
Screen:


Als zweites geht ihr in den Tasmanager (STRG+ALT+ENTF)
Und dann auf Prozesse.
Hier guckt ihr bitte nach unnötigen Prozesse und schließt diese.

Screen:



Drüber laufenlassen.

Das hier auch:


Anleitung:
Malwarebytes drüber laufen lassen wie ein antivir programm.

Bei Oldtimer:
Doppelklick auf die OTL.exe
Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
Unter Extra Registry, wähle bitte Use SafeList
Klicke nun auf Run Scan links oben
Wenn der Scan beendet wurde werden 2 Logfiles erstellt
Poste die Logfiles in Code-Tags hier in den Thread.

Zum Schluss:


Danke.

Wenn das nicht hilft alles platt machen.

[IceBeam™]

Trotzdem bist du einer der mir ein keylogger draufgehauen hat

[BlackLegend™]

Quote:

Originally Posted by IceBeam™

Trotzdem bist du einer der mir ein keylogger draufgehauen hat

Ich verbreite keine Keylogger das hab ich nie gemacht und werde ich auch nie machen.

[Algaten™]

Code:

OTL logfile created on: 18.07.2011 17:25:32 - Run 1
OTL by OldTimer - Version 3.2.26.1     Folder = C:\Users\User\Desktop
 Ultimate Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,50 Gb Total Physical Memory | 1,95 Gb Available Physical Memory | 55,73% Memory free
7,00 Gb Paging File | 5,22 Gb Available in Paging File | 74,61% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 165,91 Gb Total Space | 21,93 Gb Free Space | 13,22% Space Free | Partition Type: NTFS
Drive D: | 132,07 Gb Total Space | 4,06 Gb Free Space | 3,07% Space Free | Partition Type: NTFS
Unable to calculate disk information.
Drive L: | 931,51 Gb Total Space | 641,95 Gb Free Space | 68,92% Space Free | Partition Type: NTFS
 
Computer Name: USER-PC | User Name: User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - C:\Users\User\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\Tobit Radio.fx\Server\rfx-server.exe ()
PRC - C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
PRC - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
PRC - C:\Program Files\Iminent\IMBooster\IMBooster.exe (Iminent)
PRC - C:\Program Files\Steam\Steam.exe (Valve Corporation)
PRC - C:\Program Files\Tobit Radio.fx\Client\rfx-tray.exe (Tobit.Software)
PRC - C:\Windows\System32\mirc.exe (mIRC Co. Ltd.)
PRC - C:\Windows\System32\atieclxx.exe (AMD)
PRC - C:\Windows\System32\atiesrxx.exe (AMD)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Windows\System32\sdclt.exe (Microsoft Corporation)
PRC - C:\Windows\System32\FsUsbExService.Exe (Teruten)
PRC - C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
PRC - C:\Windows\System32\svchospt.exe (FK2)
PRC - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
PRC - C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe (IVT Corporation.)
PRC - C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe ()
PRC - C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil VoIP Plugin.exe (IVT Corporation.)
PRC - C:\Windows\System32\spool\drivers\w32x86\3\E_FATICEE.EXE (SEIKO EPSON CORPORATION)
PRC - C:\Windows\StiD1210.exe ()
PRC - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE (SEIKO EPSON CORPORATION)
 
 
[color=#E56717]========== Modules (SafeList) ==========[/color]
 
MOD - C:\Users\User\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation)
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (Akamai) -- c:\Program Files\Common Files\Akamai\netsession_win_e477fed.dll ()
SRV - (Radio.fx) -- C:\Program Files\Tobit Radio.fx\Server\rfx-server.exe ()
SRV - (Hamachi2Svc) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)
SRV - (TeamViewer5) -- C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (Application Updater) -- C:\Program Files\Application Updater\ApplicationUpdater.exe (Spigot, Inc.)
SRV - (AMD External Events Utility) -- C:\Windows\System32\atiesrxx.exe (AMD)
SRV - (Nero BackItUp Scheduler 4.0) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (FsUsbExService) -- C:\Windows\System32\FsUsbExService.Exe (Teruten)
SRV - (MySQL) -- c:\xampp\mysql\bin\mysqld.exe ()
SRV - (FileZilla Server) -- c:\xampp\FileZillaFTP\FileZillaServer.exe (FileZilla Project)
SRV - (SBSDWSCService) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe (Nokia.)
SRV - (BlueSoleil Hid Service) -- C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe ()
SRV - (Start BT in service) -- C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe ()
SRV - (EPSON_PM_RPCV4_01) EPSON V3 Service4(01) -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE (SEIKO EPSON CORPORATION)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - (hamachi) -- C:\Windows\System32\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (AtiHdmiService) -- C:\Windows\System32\drivers\AtiHdmi.sys (ATI Technologies, Inc.)
DRV - (vpcvmm) -- C:\Windows\System32\drivers\vpcvmm.sys (Microsoft Corporation)
DRV - (vpcnfltr) -- C:\Windows\System32\drivers\vpcnfltr.sys (Microsoft Corporation)
DRV - (vpcusb) -- C:\Windows\System32\drivers\vpcusb.sys (Microsoft Corporation)
DRV - (vpcbus) -- C:\Windows\System32\drivers\vpchbus.sys (Microsoft Corporation)
DRV - (vmbus) -- C:\Windows\system32\DRIVERS\vmbus.sys (Microsoft Corporation)
DRV - (storflt) -- C:\Windows\system32\DRIVERS\vmstorfl.sys (Microsoft Corporation)
DRV - (storvsc) -- C:\Windows\system32\DRIVERS\storvsc.sys (Microsoft Corporation)
DRV - (s3cap) -- C:\Windows\system32\DRIVERS\vms3cap.sys (Microsoft Corporation)
DRV - (VMBusHID) -- C:\Windows\system32\DRIVERS\VMBusHID.sys (Microsoft Corporation)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (FsUsbExDisk) -- C:\Windows\System32\FsUsbExDisk.Sys ()
DRV - (ss_bmdm) -- C:\Windows\System32\drivers\ss_bmdm.sys (MCCI Corporation)
DRV - (ss_bbus) SAMSUNG USB Mobile Device (WDM) -- C:\Windows\System32\drivers\ss_bbus.sys (MCCI)
DRV - (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter) -- C:\Windows\System32\drivers\ss_bmdfl.sys (MCCI Corporation)
DRV - (RsFx0102) -- C:\Windows\System32\drivers\RsFx0102.sys (Microsoft Corporation)
DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia)
DRV - (Btcsrusb) -- C:\Windows\System32\drivers\btcusb.sys (IVT Corporation.)
DRV - (BlueletSCOAudio) -- C:\Windows\System32\drivers\BlueletSCOAudio.sys (IVT Corporation.)
DRV - (BlueletAudio) -- C:\Windows\System32\drivers\blueletaudio.sys (IVT Corporation.)
DRV - (CAM1210) -- C:\Windows\System32\drivers\cam1210.sys (USB video camera)
DRV - (BT) -- C:\Windows\System32\drivers\btnetdrv.sys (IVT Corporation.)
DRV - (BTHidMgr) -- C:\Windows\System32\Drivers\BTHidMgr.sys (IVT Corporation.)
DRV - (BTHidEnum) -- C:\Windows\System32\Drivers\vbtenum.sys (IVT Corporation.)
DRV - (VcommMgr) -- C:\Windows\System32\drivers\VCommMgr.sys (IVT Corporation.)
DRV - (VComm) -- C:\Windows\System32\drivers\VComm.sys (IVT Corporation.)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.iminent.com/?appId=494febe4-e313-4900-b611-6fa04c6c814b&lcid=1031******homepage
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = D4 02 2F 4E F1 A4 CA 01  [binary data]
IE - HKCU\..\URLSearchHook: *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll (Spigot, Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.search.defaultenginename: "SearchTheWeb"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=302398"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://de.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:de:official"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: :1.1.2
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
FF - prefs.js..extensions.enabledItems: :3.33.0
FF - prefs.js..keyword.URL: "http://de.yhs.search.yahoo.com/avg/search?fr=yhs-avg&type=yahoo_avg_hs2-tb-web_de&p="
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/wpi,version=1.3: C:\Program Files\Microsoft\Web Platform Installer\\npwpidetector.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.07.02 09:42:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.05.29 08:58:26 | 000,000,000 | ---D | M]
 
[2010.08.24 17:20:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\mozilla\Extensions
[2010.08.24 17:20:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2009.12.11 12:30:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\ux9fi72y.default\extensions
[2011.04.02 12:27:29 | 000,002,270 | ---- | M] () -- C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\ux9fi72y.default\searchplugins\SearchTheWeb.xml
[2011.05.29 16:35:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010.09.18 16:45:21 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2011.05.29 16:35:32 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBA}
[2010.11.17 20:27:31 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011.03.31 20:21:28 | 000,000,000 | ---D | M] (Iminent WebBooster) -- C:\Program Files\Mozilla Firefox\extensions\
File not found (No name found) -- 
[2011.07.02 09:42:51 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010.11.17 20:27:21 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010.01.01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2010.07.10 02:21:02 | 000,002,157 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\SearchTheWeb.xml
 
O1 HOSTS File: ([2011.07.10 17:49:54 | 000,000,851 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 192.168.2.101 wr-cheats.net
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (TBSB01620 Class) - {58124A0B-DC32-4180-9BFF-E0E21AE34026} - C:\Program Files\IMinent Toolbar\tbcore3.dll ()
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Iminent.BHO.NavigationError) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - C:\Program Files\Iminent\SearchTheWeb\Iminent.BHO.NavigationError.dll (Iminent)
O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
O2 - BHO: (IMinent WebBooster (BHO)) - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Program Files\Iminent\IMBooster4Web\Iminent.WebBooster.dll (Iminent)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\IE\1.1.2\pdfforgeToolbarIE.dll (Spigot, Inc.)
O2 - BHO: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (IMinent Toolbar) - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} - C:\Program Files\IMinent Toolbar\tbcore3.dll ()
O3 - HKLM\..\Toolbar: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\IE\1.1.2\pdfforgeToolbarIE.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Program Files\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (IMinent Toolbar) - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} - C:\Program Files\IMinent Toolbar\tbcore3.dll ()
O4 - HKLM..\Run: [3DNADesktop]  File not found
O4 - HKLM..\Run: [Client-Server-Laufzeitprozess] C:\Windows\crss.exe ()
O4 - HKLM..\Run: [IMBooster] C:\Program Files\Iminent\IMBooster\imbooster.exe (Iminent)
O4 - HKLM..\Run: [Iminent.Notifier] C:\Program Files\Iminent\SearchTheWeb\Iminent.Notifier.exe (Iminent)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [netset] C:\Windows\System32\netset.exe ()
O4 - HKLM..\Run: [NPSStartup]  File not found
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [scvhost] C:\Windows\System32\mirc.exe (mIRC Co. Ltd.)
O4 - HKLM..\Run: [SearchSettings] C:\Program Files\pdfforge Toolbar\SearchSettings.exe (Spigot, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched]  File not found
O4 - HKLM..\Run: [svchospt] C:\Windows\System32\svchospt.exe (FK2)
O4 - HKLM..\Run: [WaitingDog] C:\Windows\StiD1210.exe ()
O4 - HKCU..\Run: [Client-Server-Laufzeitprozess]  File not found
O4 - HKCU..\Run: [EPSON Stylus DX8400 Series (Kopie 1)] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATICEE.EXE (SEIKO EPSON CORPORATION)
O4 - HKCU..\Run: [RfxSrvTray] C:\Program Files\Tobit Radio.fx\Client\rfx-tray.exe (Tobit.Software)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [Steam] c:\program files\steam\steam.exe (Valve Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8 - Extra context menu item: Add to AMV/AVI Video Converter... - C:\Program Files\Media Player Utilities 4.27\AMVConverter\grab.html ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
O9 - Extra Button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll ()
O9 - Extra 'Tools' menuitem : Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll ()
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra Button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
O9 - Extra 'Tools' menuitem : Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/MessengerGamesContent/GameContent/de/uno1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0015-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_21-windows-i586.cab (Java Plug-in 1.5.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\crss.exe) - C:\Windows\crss.exe ()
O20 - HKLM Winlogon: UserInit - (C:\Users\User\AppData\Roaming\crss.exe) -  File not found
O20 - HKLM Winlogon: UserInit - (C:\Users\Kersten\AppData\Roaming\crss.exe) -  File not found
O20 - HKLM Winlogon: UserInit - (C:\Users\Anne\AppData\Roaming\crss.exe) -  File not found
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{f1390519-e658-11de-9f5c-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{f1390519-e658-11de-9f5c-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Start.exe
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2011.07.18 17:25:12 | 009,466,208 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\Users\User\Desktop\mbam-setup-1.51.1.1800.exe
[2011.07.18 17:24:18 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Users\User\Desktop\OTL.exe
[2011.07.18 08:58:15 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{C008FC06-2B1C-4631-97BC-8299659D863F}
[2011.07.17 18:49:31 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{53050148-E7AF-42F8-A9A2-6E9CBD76162F}
[2011.07.16 16:16:17 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{F6127F59-3927-4879-A62D-9213A7368698}
[2011.07.14 12:00:04 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{09329D6E-1C26-42E4-8325-D8D0FDEBACA9}
[2011.07.13 15:35:44 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{696D234F-FF4F-4E64-87BA-3B1E1B753ABC}
[2011.07.13 13:24:41 | 000,271,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
[2011.07.13 13:24:41 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2011.07.13 13:24:41 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.13 13:24:40 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
[2011.07.13 13:24:40 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
[2011.07.13 13:24:40 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
[2011.07.13 13:24:40 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
[2011.07.13 13:24:40 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
[2011.07.13 13:24:40 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
[2011.07.13 13:24:40 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
[2011.07.13 13:24:40 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
[2011.07.13 13:24:40 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
[2011.07.13 13:24:40 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
[2011.07.13 13:24:40 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
[2011.07.13 13:24:40 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
[2011.07.13 13:24:40 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
[2011.07.13 13:24:40 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
[2011.07.13 13:24:40 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
[2011.07.13 13:24:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
[2011.07.13 13:24:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
[2011.07.13 13:24:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
[2011.07.13 13:24:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
[2011.07.13 13:24:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
[2011.07.13 13:24:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
[2011.07.13 13:24:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
[2011.07.13 13:24:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
[2011.07.13 13:24:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
[2011.07.13 13:24:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
[2011.07.13 13:24:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
[2011.07.13 13:24:40 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
[2011.07.13 13:24:06 | 002,332,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2011.07.12 22:04:40 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{75F301E7-35FB-4EA9-A995-E00754DE2480}
[2011.07.12 11:19:05 | 000,000,000 | ---D | C] -- C:\Users\User\Desktop\SiroCrack
[2011.07.12 09:21:36 | 000,000,000 | ---D | C] -- C:\Users\User\Desktop\FrancYescO D3D WarRock VIP (21.8.2) 17_06_2011
[2011.07.12 09:13:11 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{BC6BA49A-D463-4B91-A892-2417BBFE652F}
[2011.07.11 20:20:39 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{FB9EB79E-EF4B-4E15-AD00-062C77D0508E}
[2011.07.10 11:02:59 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{F8ABF57F-B566-4725-98BC-D5AE108D4137}
[2011.07.09 15:26:07 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{7D9D93ED-B5F9-4282-9700-900505CB6D1B}
[2011.07.08 13:55:56 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{66F4C8B1-D951-41E2-9E9C-BD0123E598E2}
[2011.07.07 08:35:57 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{BBB7C9A1-1B56-47BC-9B96-1568D97F6DFA}
[2011.07.06 18:41:19 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{8B986A46-DB1E-4B4E-85A6-2CA4DCA8685D}
[2011.07.05 14:04:32 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{DDE34AE4-9F56-40FC-AF56-856C3AF8F21F}
[2011.07.04 20:26:20 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{F1DD0156-BA39-499D-BF83-561D6C8ED8E9}
[2011.07.04 08:25:53 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{2B14F16E-850B-4D7D-B15C-9D0E0D81C521}
[2011.07.03 19:08:06 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{4C19AB24-1DFC-44C6-942C-DDFC5DB627FB}
[2011.07.02 09:32:52 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{3353AEF1-E96A-4C9F-AB7F-57E88ABC3592}
[2011.07.01 13:09:25 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{E896A15D-DC6D-48D6-947F-1EFE47945C88}
[2011.06.30 14:23:22 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{2BFD37EA-B5A2-48BF-B87A-8DCB0DBB2384}
[2011.06.29 19:25:41 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\GamersFirst
[2011.06.29 15:28:48 | 000,000,000 | ---D | C] -- C:\Users\User\Desktop\170539770403_files
[2011.06.29 15:08:50 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{E916AD70-E814-4827-875D-F3388F060141}
[2011.06.28 19:56:34 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{EB79A0D4-80E2-4D67-A87B-A39A572A18E8}
[2011.06.27 10:29:30 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{A6ACDC60-31FE-49FD-89F6-2C9B4DD512E2}
[2011.06.26 11:41:30 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{57B9EB83-375F-47DF-9A76-4876CEDE904E}
[2011.06.25 09:05:30 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{0C1638D9-026A-4954-8EA9-E14C1576AB6F}
[2011.06.24 14:56:28 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{0BF9BE45-7F50-480C-9850-6963207E0130}
[2011.06.23 18:36:58 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{FDCE0B0E-AB63-464F-A956-CAD2805193D3}
[2011.06.22 14:55:48 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{E1556916-A325-4CB8-AC97-B33C9EF4676F}
[2011.06.21 19:34:27 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{289977AA-3BA4-420B-BC1E-01AAD7FA1DA7}
[2011.06.20 14:16:02 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{73E1AD0C-A069-4761-90BF-4B212B4F3229}
[2011.06.19 13:55:07 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\{C7A3DB21-90A0-4716-95F5-8CF3463D9BCE}
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2011.07.18 17:30:32 | 009,466,208 | ---- | M] (Malwarebytes Corporation                                    ) -- C:\Users\User\Desktop\mbam-setup-1.51.1.1800.exe
[2011.07.18 17:24:44 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\User\Desktop\OTL.exe
[2011.07.18 17:21:32 | 000,014,224 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.07.18 17:21:31 | 000,014,224 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.07.18 17:14:05 | 000,001,100 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.07.18 16:28:07 | 011,573,686 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.07.18 16:28:07 | 003,932,054 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.07.18 16:28:07 | 003,591,460 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.07.18 16:28:07 | 003,202,126 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.07.18 16:21:50 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.07.18 16:21:19 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.07.13 15:33:27 | 000,274,824 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011.07.12 22:07:44 | 000,020,092 | ---- | M] () -- C:\Users\User\Desktop\8452373372840752.image.jpg
[2011.07.06 18:49:51 | 000,665,220 | ---- | M] () -- C:\Users\User\Desktop\IMG_6919.jpg
[2011.07.05 14:06:23 | 000,001,820 | ---- | M] () -- C:\Users\User\Desktop\WRLauncher - Verknüpfung.lnk
[2011.06.29 15:45:44 | 001,415,157 | ---- | M] () -- C:\Users\User\Desktop\Song2YouLeonThomasAmpVictoriaJusticeVictoriousStudioV_3464.mp3
[2011.06.29 15:29:06 | 000,095,358 | ---- | M] () -- C:\Users\User\Desktop\170539770403.htm
[2011.06.25 09:17:51 | 000,022,108 | ---- | M] () -- C:\Users\User\Desktop\australien.jpg
[2011.06.24 21:20:30 | 000,032,381 | ---- | M] () -- C:\Users\User\Desktop\silberman-henri-new-york-new-york-brooklyn-bruecke.jpg
[2011.06.22 19:57:27 | 000,024,357 | ---- | M] () -- C:\Users\User\Desktop\gre.jpg
[2011.06.19 18:40:48 | 000,065,992 | ---- | M] () -- C:\Users\User\Desktop\857118_1_Flusspferd_26090550.onlineBild.jpg
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2011.07.10 11:27:15 | 000,020,092 | ---- | C] () -- C:\Users\User\Desktop\8452373372840752.image.jpg
[2011.07.05 14:06:23 | 000,001,820 | ---- | C] () -- C:\Users\User\Desktop\WRLauncher - Verknüpfung.lnk
[2011.06.29 15:43:49 | 001,415,157 | ---- | C] () -- C:\Users\User\Desktop\Song2YouLeonThomasAmpVictoriaJusticeVictoriousStudioV_3464.mp3
[2011.06.29 15:29:05 | 000,095,358 | ---- | C] () -- C:\Users\User\Desktop\170539770403.htm
[2011.06.25 12:26:13 | 005,262,106 | ---- | C] () -- C:\Users\User\Desktop\P1010464.JPG
[2011.06.25 12:24:35 | 004,860,603 | ---- | C] () -- C:\Users\User\Desktop\P1010504.JPG
[2011.06.25 09:17:51 | 000,022,108 | ---- | C] () -- C:\Users\User\Desktop\australien.jpg
[2011.06.24 21:20:29 | 000,032,381 | ---- | C] () -- C:\Users\User\Desktop\silberman-henri-new-york-new-york-brooklyn-bruecke.jpg
[2011.06.22 19:57:27 | 000,024,357 | ---- | C] () -- C:\Users\User\Desktop\gre.jpg
[2011.06.19 18:40:48 | 000,065,992 | ---- | C] () -- C:\Users\User\Desktop\857118_1_Flusspferd_26090550.onlineBild.jpg
[2011.06.05 18:29:28 | 000,554,496 | ---- | C] () -- C:\Windows\System32\dvmsg.dll
[2011.05.27 14:47:51 | 000,094,208 | ---- | C] () -- C:\Windows\System32\ImageSearchDLL.dll
[2010.11.13 13:09:22 | 000,000,116 | ---- | C] () -- C:\Windows\wininit.ini
[2010.10.27 20:19:56 | 000,013,572 | ---- | C] () -- C:\Windows\Galsmave.ini
[2010.10.09 12:15:32 | 000,175,204 | ---- | C] () -- C:\Users\User\AppData\Local\debuggee.mdmp
[2010.10.01 15:30:04 | 000,000,580 | ---- | C] () -- C:\Windows\eReg.dat
[2010.09.28 20:38:22 | 000,003,584 | ---- | C] () -- C:\Users\User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.09.03 15:13:56 | 000,009,728 | ---- | C] () -- C:\Windows\System32\netset.exe
[2010.09.03 15:06:23 | 000,027,648 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll
[2010.08.31 19:56:04 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.08.23 19:03:57 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll
[2010.05.16 16:50:49 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2010.05.07 13:33:20 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll
[2010.05.07 13:33:20 | 000,036,608 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys
[2010.03.13 19:26:01 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010.02.24 18:17:47 | 1019,243,581 | ---- | C] () -- C:\Program Files\GamersFirst.rar
[2010.02.17 19:19:45 | 000,000,032 | ---- | C] () -- C:\Windows\System32\value.ini
[2010.02.05 11:45:42 | 000,000,000 | ---- | C] () -- C:\Windows\crss.exe
[2010.02.01 15:37:21 | 985,715,899 | ---- | C] () -- C:\Program Files\GamersFirst.exe
[2009.12.12 14:33:21 | 000,111,932 | ---- | C] () -- C:\Windows\System32\EPPICPrinterDB.dat
[2009.12.12 14:33:21 | 000,031,053 | ---- | C] () -- C:\Windows\System32\EPPICPattern131.dat
[2009.12.12 14:33:21 | 000,027,417 | ---- | C] () -- C:\Windows\System32\EPPICPattern121.dat
[2009.12.12 14:33:21 | 000,026,154 | ---- | C] () -- C:\Windows\System32\EPPICPattern1.dat
[2009.12.12 14:33:21 | 000,024,903 | ---- | C] () -- C:\Windows\System32\EPPICPattern3.dat
[2009.12.12 14:33:21 | 000,021,390 | ---- | C] () -- C:\Windows\System32\EPPICPattern5.dat
[2009.12.12 14:33:21 | 000,020,148 | ---- | C] () -- C:\Windows\System32\EPPICPattern2.dat
[2009.12.12 14:33:21 | 000,011,811 | ---- | C] () -- C:\Windows\System32\EPPICPattern4.dat
[2009.12.12 14:33:21 | 000,004,943 | ---- | C] () -- C:\Windows\System32\EPPICPattern6.dat
[2009.12.12 14:33:21 | 000,001,146 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_DU.dat
[2009.12.12 14:33:21 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_PT.dat
[2009.12.12 14:33:21 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_BP.dat
[2009.12.12 14:33:21 | 000,001,136 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_ES.dat
[2009.12.12 14:33:21 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_FR.dat
[2009.12.12 14:33:21 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_CF.dat
[2009.12.12 14:33:21 | 000,001,120 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_IT.dat
[2009.12.12 14:33:21 | 000,001,107 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_GE.dat
[2009.12.12 14:33:21 | 000,001,104 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_EN.dat
[2009.12.12 14:33:21 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
[2009.12.11 15:29:21 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2009.12.08 07:46:35 | 000,057,344 | ---- | C] () -- C:\Windows\System32\stray.dll
[2009.12.08 07:46:35 | 000,033,201 | ---- | C] () -- C:\Windows\System32\trc.sys
[2009.12.08 07:46:35 | 000,029,184 | ---- | C] () -- C:\Windows\System32\softwares.dll
[2009.12.08 07:46:35 | 000,024,874 | ---- | C] () -- C:\Windows\System32\uinput.dll
[2009.12.08 07:46:35 | 000,002,657 | ---- | C] () -- C:\Windows\System32\mirc.ini
[2009.12.08 07:46:35 | 000,000,013 | ---- | C] () -- C:\Windows\System32\realms.ini
[2009.09.01 22:55:54 | 000,195,855 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2009.07.14 10:47:43 | 011,573,686 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2009.07.14 10:47:43 | 003,591,460 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2009.07.14 10:47:43 | 000,295,922 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2009.07.14 10:47:43 | 000,038,104 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2009.07.14 06:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 06:33:53 | 000,274,824 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009.07.14 04:05:48 | 003,932,054 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009.07.14 04:05:48 | 003,202,126 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009.07.14 04:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009.07.14 04:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009.07.14 04:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009.07.14 04:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009.07.14 02:19:49 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2009.07.14 01:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2009.02.18 20:55:20 | 000,294,912 | ---- | C] () -- C:\Windows\System32\ATIODE.exe
[2009.02.03 23:52:02 | 000,045,056 | ---- | C] () -- C:\Windows\System32\ATIODCLI.exe
[2008.10.07 10:13:30 | 000,197,912 | ---- | C] () -- C:\Windows\System32\physxcudart_20.dll
[2008.10.07 10:13:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2008.10.07 10:13:20 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2007.10.25 17:26:10 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys
[2007.03.21 09:16:22 | 000,060,416 | ---- | C] () -- C:\Windows\StiD1210.exe
[2007.03.20 17:36:16 | 001,597,440 | ---- | C] () -- C:\Windows\StiC1210.exe
[2007.03.07 19:07:12 | 000,021,174 | ---- | C] () -- C:\Windows\cam1210.ini
[2006.11.08 13:27:06 | 000,030,208 | ---- | C] () -- C:\Windows\System32\cam1210.dll
[2006.03.06 10:41:02 | 000,073,728 | ---- | C] () -- C:\Windows\System32\AMV_DecDLL.dll
[2004.09.16 13:26:40 | 000,012,634 | ---- | C] () -- C:\Windows\System32\drivers\ADFUUD.SYS
[2004.09.16 13:26:40 | 000,012,634 | ---- | C] () -- C:\Windows\ADFUUD.SYS
[2001.05.24 11:20:38 | 000,544,256 | ---- | C] () -- C:\Windows\System32\janGraphics.dll
[2000.06.28 02:00:00 | 000,124,416 | ---- | C] () -- C:\Windows\System32\dXCtrls.dll

< End of report >

[werko]

So, hier mal meine OTL File:

Code:

OTL logfile created on: 18.07.2011 17:38:51 - Run 1
OTL by OldTimer - Version 3.2.26.1     Folder = E:\Dokumente und Einstellungen\ADMIN\Eigene Dateien\Downloads
Windows XP Home Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,37 Gb Available Physical Memory | 68,41% Memory free
3,85 Gb Paging File | 3,36 Gb Available in Paging File | 87,42% Paging File free
Paging file location(s): E:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = E: | %SystemRoot% = E:\WINDOWS | %ProgramFiles% = E:\Programme
Drive C: | 48,83 Gb Total Space | 36,54 Gb Free Space | 74,83% Space Free | Partition Type: NTFS
Drive D: | 4,11 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive E: | 416,92 Gb Total Space | 236,60 Gb Free Space | 56,75% Space Free | Partition Type: NTFS
Drive F: | 931,51 Gb Total Space | 790,62 Gb Free Space | 84,88% Space Free | Partition Type: NTFS
 
Computer Name: KAI | User Name: ADMIN | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - E:\Dokumente und Einstellungen\ADMIN\Eigene Dateien\Downloads\OTL(1).exe (OldTimer Tools)
PRC - E:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - E:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
PRC - E:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
PRC - E:\Programme\Logitech\Logitech WebCam Software\LWS.exe ()
PRC - E:\Programme\Gemeinsame Dateien\Logishrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
PRC - E:\Programme\Gemeinsame Dateien\Logishrd\LQCVFX\COCIManager.exe ()
PRC - E:\Programme\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
PRC - E:\Programme\Gemeinsame Dateien\Logishrd\KHAL2\KHALMNPR.exe (Logitech, Inc.)
PRC - E:\Programme\Gemeinsame Dateien\Logitech\G-series Software\LGDCore.exe (Logitech Inc.)
PRC - E:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - E:\Programme\avmwlanstick\WLanGUI.exe (AVM GmbH Berlin)
PRC - E:\Programme\avmwlanstick\WLanNetService.exe (AVM Berlin)
PRC - E:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
 
 
[color=#E56717]========== Modules (SafeList) ==========[/color]
 
MOD - E:\Dokumente und Einstellungen\ADMIN\Eigene Dateien\Downloads\OTL(1).exe (OldTimer Tools)
MOD - E:\Programme\Logitech\SetPoint\lgscroll.dll (Logitech, Inc.)
MOD - E:\Programme\Logitech\SetPoint\GameHook.dll (Logitech, Inc.)
MOD - E:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll (Microsoft Corporation)
MOD - E:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll (Microsoft Corporation)
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - (AppMgmt) --  File not found
SRV - (Apple Mobile Device) -- E:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.)
SRV - (SwitchBoard) -- E:\Programme\Gemeinsame Dateien\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (LVPrcSrv) -- E:\Programme\Gemeinsame Dateien\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
SRV - (LBTServ) -- E:\Programme\Gemeinsame Dateien\Logishrd\Bluetooth\LBTServ.exe (Logitech, Inc.)
SRV - (odserv) -- E:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (ose) -- E:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (AVM WLAN Connection Service) -- E:\Programme\avmwlanstick\WLanNetService.exe (AVM Berlin)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - (atksgt) -- E:\WINDOWS\system32\drivers\atksgt.sys ()
DRV - (lirsgt) -- E:\WINDOWS\system32\drivers\lirsgt.sys ()
DRV - (USBMULCD) -- E:\WINDOWS\system32\drivers\CM106.sys (C-Media Electronics Inc)
DRV - (LVPr2Mon) -- E:\WINDOWS\system32\drivers\LVPr2Mon.sys ()
DRV - (FilterService) -- E:\WINDOWS\system32\drivers\lvuvcflt.sys (Logitech Inc.)
DRV - (LVUVC) Logitech QuickCam S5500(UVC) -- E:\WINDOWS\system32\drivers\lvuvc.sys (Logitech Inc.)
DRV - (LVRS) -- E:\WINDOWS\system32\drivers\lvrs.sys (Logitech Inc.)
DRV - (LUsbFilt) -- E:\WINDOWS\system32\drivers\LUsbFilt.sys (Logitech, Inc.)
DRV - (LMouFilt) -- E:\WINDOWS\system32\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV - (LHidFilt) -- E:\WINDOWS\system32\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV - (USBModem) -- E:\WINDOWS\system32\drivers\lgusbmodem.sys (LG Electronics Inc.)
DRV - (UsbDiag) -- E:\WINDOWS\system32\drivers\lgusbdiag.sys (LG Electronics Inc.)
DRV - (usbbus) -- E:\WINDOWS\system32\drivers\lgusbbus.sys (LG Electronics Inc.)
DRV - (sfsync04) StarForce Protection Synchronization Driver (version 4.x) -- E:\WINDOWS\System32\drivers\sfsync04.sys (Protection Technology)
DRV - (sfvfs02) StarForce Protection VFS Driver (version 2.x) -- E:\WINDOWS\System32\drivers\sfvfs02.sys (Protection Technology)
DRV - (FWLANUSB) -- E:\WINDOWS\system32\drivers\fwlanusb.sys (AVM GmbH)
DRV - (sfdrv01) StarForce Protection Environment Driver (version 1.x) -- E:\WINDOWS\System32\drivers\sfdrv01.sys (Protection Technology)
DRV - (cmudau) -- E:\WINDOWS\system32\drivers\cmudau.sys (C-Media Inc)
DRV - (sfhlp02) StarForce Protection Helper Driver (version 2.x) -- E:\WINDOWS\System32\drivers\sfhlp02.sys (Protection Technology)
DRV - (rtl8139) NT-Treiber für Realtek RTL8139(A/B/C) -- E:\WINDOWS\system32\drivers\RTL8139.sys (Realtek Semiconductor Corporation)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.de/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.startup.homepage: "http://www.buffed.de/"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.8
FF - prefs.js..extensions.enabledItems: {59c81df5-4b7a-477b-912d-4e0fdf64e5f2}:0.9.87
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.6
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: :1.0
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.1.1
FF - prefs.js..extensions.enabledItems: :1.0.0.26
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..network.proxy.http: "88.80.208.22"
FF - prefs.js..network.proxy.http_port: 80
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.type: 0
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: E:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: E:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: E:\Programme\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0:  File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: E:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: E:\Programme\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: E:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.com/NxGame: E:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Nexon\NGM\npNxGame.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: E:\Programme\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: E:\Programme\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: E:\Programme\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.0.0: E:\Programme\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: E:\Programme\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: E:\Programme\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: E:\Programme\Mozilla Firefox\components [2011.06.24 05:33:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: E:\Programme\Mozilla Firefox\plugins [2011.06.19 19:14:57 | 000,000,000 | ---D | M]
 
[2009.04.28 15:47:03 | 000,000,000 | ---D | M] (No name found) -- E:\Dokumente und Einstellungen\ADMIN\Anwendungsdaten\Mozilla\Extensions
[2011.07.15 14:09:04 | 000,000,000 | ---D | M] (No name found) -- E:\Dokumente und Einstellungen\ADMIN\Anwendungsdaten\Mozilla\Firefox\Profiles\ccnc9i4o.default\extensions
[2011.06.02 08:49:45 | 000,000,000 | ---D | M] (ChatZilla) -- E:\Dokumente und Einstellungen\ADMIN\Anwendungsdaten\Mozilla\Firefox\Profiles\ccnc9i4o.default\extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2}
[2011.06.23 05:56:47 | 000,000,000 | ---D | M] (DownloadHelper) -- E:\Dokumente und Einstellungen\ADMIN\Anwendungsdaten\Mozilla\Firefox\Profiles\ccnc9i4o.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2009.08.28 22:46:56 | 000,000,000 | ---D | M] (Simple Dyyno Launcher) -- E:\Dokumente und Einstellungen\ADMIN\Anwendungsdaten\Mozilla\Firefox\Profiles\ccnc9i4o.default\extensions\
[2011.06.07 15:14:06 | 000,000,000 | ---D | M] (No name found) -- E:\Programme\Mozilla Firefox\extensions
[2011.06.09 05:32:15 | 000,000,000 | ---D | M] (Skype extension) -- E:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2010.06.14 21:09:51 | 000,000,000 | ---D | M] (Java Console) -- E:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.09.22 20:43:19 | 000,000,000 | ---D | M] (Java Console) -- E:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010.11.09 07:22:34 | 000,000,000 | ---D | M] (Java Console) -- E:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011.03.01 07:11:18 | 000,000,000 | ---D | M] (Java Console) -- E:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
File not found (No name found) -- 
() (No name found) -- E:\DOKUMENTE UND EINSTELLUNGEN\ADMIN\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\CCNC9I4O.DEFAULT\EXTENSIONS\{73A6FE31-595D-460B-A920-FCC0F8843232}.XPI
() (No name found) -- E:\DOKUMENTE UND EINSTELLUNGEN\ADMIN\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\CCNC9I4O.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- E:\DOKUMENTE UND EINSTELLUNGEN\ADMIN\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\CCNC9I4O.DEFAULT\EXTENSIONS\.XPI
[2010.06.14 21:09:41 | 000,000,000 | ---D | M] (Java Quick Starter) -- E:\PROGRAMME\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011.06.24 05:33:05 | 000,142,296 | ---- | M] (Mozilla Foundation) -- E:\Programme\mozilla firefox\components\browsercomps.dll
[2011.02.02 22:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- E:\Programme\mozilla firefox\plugins\npdeployJava1.dll
[2009.04.08 04:06:28 | 000,122,880 | ---- | M] (AB) -- E:\Programme\mozilla firefox\plugins\NPOP7PlugIn.dll
[2011.06.07 17:14:07 | 000,001,392 | ---- | M] () -- E:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.06.07 17:14:07 | 000,002,252 | ---- | M] () -- E:\Programme\mozilla firefox\searchplugins\bing.xml
[2011.06.07 17:14:07 | 000,001,153 | ---- | M] () -- E:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2011.06.07 17:14:07 | 000,006,805 | ---- | M] () -- E:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.06.07 17:14:07 | 000,001,178 | ---- | M] () -- E:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.06.07 17:14:07 | 000,001,105 | ---- | M] () -- E:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2006.02.28 14:00:00 | 000,000,820 | ---- | M]) - E:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - E:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - E:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O4 - HKLM..\Run: [Adobe ARM] E:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] E:\Programme\Gemeinsame Dateien\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] E:\Programme\Gemeinsame Dateien\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AVMWlanClient] E:\Programme\avmwlanstick\WLanGUI.exe (AVM GmbH Berlin)
O4 - HKLM..\Run: [Cm106Sound]  File not found
O4 - HKLM..\Run: [CmUsbSound]  File not found
O4 - HKLM..\Run: [ISUSPM Startup] E:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [ISUSScheduler] E:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] E:\WINDOWS\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [Launch LCDMon]  File not found
O4 - HKLM..\Run: [Launch LGDCore] E:\Programme\Gemeinsame Dateien\Logitech\G-series Software\LGDCore.exe (Logitech Inc.)
O4 - HKLM..\Run: [LogitechQuickCamRibbon] E:\Programme\Logitech\Logitech WebCam Software\LWS.exe ()
O4 - HKLM..\Run: [NvCplDaemon] E:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] E:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz]  File not found
O4 - HKLM..\Run: [SunJavaUpdateSched] E:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SwitchBoard] E:\Programme\Gemeinsame Dateien\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [AdobeBridge]  File not found
O4 - HKCU..\Run: [ICQ] E:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.)
O4 - HKCU..\Run: [Steam] E:\Programme\Steam\steam.exe (Valve Corporation)
O4 - HKCU..\Run: [wyajl]  File not found
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] E:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: E:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Logitech SetPoint.lnk = E:\Programme\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
O4 - Startup: E:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Microsoft Office.lnk = E:\Programme\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 91 00 00 00  [binary data]
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - E:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - E:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - E:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://go.divx.com/plugin/DivXBrowserPlugin.cab (DivXBrowserPlugin Object)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - E:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - E:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - E:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - E:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - E:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - E:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - E:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - E:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - E:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - E:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\LBTWlgn: DllName - e:\programme\gemeinsame dateien\logishrd\bluetooth\LBTWlgn.dll - e:\Programme\Gemeinsame Dateien\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: E:\Dokumente und Einstellungen\ADMIN\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: E:\Dokumente und Einstellungen\ADMIN\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007.01.01 01:37:28 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2005.11.21 19:26:21 | 000,000,057 | R--- | M] () - D:\autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2010.07.10 05:44:49 | 000,000,000 | RH-D | M] - F:\autorun -- [ NTFS ]
O32 - AutoRun File - [2002.10.16 14:56:50 | 000,000,036 | RH-- | M] () - F:\autorun.inf -- [ NTFS ]
O33 - MountPoints2\{9780cdb2-33f4-11de-a4ea-00040ec56303}\Shell\AutoRun\command - "" = F:\setup.exe
O33 - MountPoints2\{fe41e95d-992b-11db-92fa-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{fe41e95d-992b-11db-92fa-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{fe41e95d-992b-11db-92fa-806d6172696f}\Shell\AutoRun\command - "" = D:\OblivionLauncher.exe -- [2006.02.27 17:17:52 | 001,662,976 | R--- | M] (Bethesda Softworks)
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
File not found -- E:\Dokumente und Einstellungen\ADMIN\Eigene Dateien\turm
[2011.07.18 17:12:28 | 000,000,000 | ---D | C] -- E:\Dokumente und Einstellungen\ADMIN\Anwendungsdaten\Malwarebytes
[2011.07.18 17:12:23 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- E:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011.07.18 17:12:23 | 000,000,000 | ---D | C] -- E:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware
[2011.07.18 17:12:23 | 000,000,000 | ---D | C] -- E:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2011.07.18 17:12:20 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- E:\WINDOWS\System32\drivers\mbam.sys
[2011.07.18 17:12:20 | 000,000,000 | ---D | C] -- E:\Programme\Malwarebytes' Anti-Malware
[2011.07.17 20:24:37 | 000,000,000 | ---D | C] -- E:\WR hack krams
[2011.07.09 08:51:10 | 000,000,000 | ---D | C] -- E:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Skype
[2011.07.08 15:22:43 | 000,000,000 | RH-D | C] -- E:\Dokumente und Einstellungen\ADMIN\Recent
[2011.07.05 15:06:57 | 000,000,000 | ---D | C] -- E:\A
[2011.07.05 05:48:52 | 000,000,000 | ---D | C] -- E:\Dokumente und Einstellungen\ADMIN\.MinecraftStructurePlanner
[2011.06.30 22:36:40 | 000,000,000 | ---D | C] -- E:\Fraps
[2011.06.30 22:24:31 | 000,000,000 | ---D | C] -- E:\Programme\Apple Software Update
[2011.06.30 22:23:53 | 000,000,000 | ---D | C] -- E:\Dokumente und Einstellungen\All Users\Startmenü\Programme\iTunes
[2011.06.30 22:23:04 | 000,000,000 | ---D | C] -- E:\Programme\iPod
[2011.06.30 15:53:31 | 000,000,000 | ---D | C] -- E:\Dokumente und Einstellungen\ADMIN\Anwendungsdaten\.minecraft
[2011.06.21 20:56:45 | 000,000,000 | ---D | C] -- E:\Dokumente und Einstellungen\All Users\Startmenü\Programme\TeamSpeak 3 Client
[2009.12.30 19:30:16 | 000,110,592 | ---- | C] (Galos) -- E:\Programme\CSScriptLibrary.dll
[2009.03.17 03:26:03 | 001,309,696 | ---- | C] (Jörn Fiebelkorn) -- E:\Programme\CDBremse.exe
[2004.07.09 04:08:36 | 000,472,576 | ---- | C] (Microsoft Corporation) -- E:\Programme\dxsetup.exe
[2004.07.09 04:08:34 | 002,242,560 | ---- | C] (Microsoft Corporation) -- E:\Programme\dsetup32.dll
[2004.07.09 03:03:10 | 000,062,976 | ---- | C] (Microsoft Corporation) -- E:\Programme\DSETUP.dll
[2001.08.05 02:00:00 | 000,073,857 | ---- | C] (Jordan Russell) -- E:\Programme\unins000.exe
[1 E:\WINDOWS\System32\*.tmp files -> E:\WINDOWS\System32\*.tmp -> ]
[1 E:\WINDOWS\*.tmp files -> E:\WINDOWS\*.tmp -> ]
[1 E:\*.tmp files -> E:\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
File not found -- E:\Dokumente und Einstellungen\ADMIN\Eigene Dateien\turm
[2011.07.18 17:12:23 | 000,000,765 | ---- | M] () -- E:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.07.18 17:00:00 | 000,001,088 | ---- | M] () -- E:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011.07.18 14:00:00 | 000,001,084 | ---- | M] () -- E:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011.07.14 11:54:18 | 000,066,175 | ---- | M] () -- E:\Dokumente und Einstellungen\ADMIN\Eigene Dateien\burgfried.xsp
[2011.07.13 10:50:02 | 000,000,664 | ---- | M] () -- E:\WINDOWS\System32\d3d9caps.dat
[2011.07.12 20:45:43 | 000,460,298 | ---- | M] () -- E:\WINDOWS\System32\perfh007.dat
[2011.07.12 20:45:43 | 000,441,320 | ---- | M] () -- E:\WINDOWS\System32\perfh009.dat
[2011.07.12 20:45:43 | 000,085,464 | ---- | M] () -- E:\WINDOWS\System32\perfc007.dat
[2011.07.12 20:45:43 | 000,071,386 | ---- | M] () -- E:\WINDOWS\System32\perfc009.dat
[2011.07.09 08:51:10 | 000,001,870 | ---- | M] () -- E:\Dokumente und Einstellungen\All Users\Desktop\Skype.lnk
[2011.07.09 08:49:43 | 000,276,202 | ---- | M] () -- E:\WINDOWS\System32\NvApps.xml
[2011.07.09 08:48:58 | 000,002,048 | --S- | M] () -- E:\WINDOWS\bootstat.dat
[2011.07.08 16:54:27 | 000,000,023 | ---- | M] () -- E:\WINDOWS\BlendSettings.ini
[2011.07.08 15:20:11 | 000,001,332 | ---- | M] () -- E:\Dokumente und Einstellungen\ADMIN\Eigene Dateien\cc_20110708_151951.reg
[2011.07.08 08:59:04 | 000,013,646 | ---- | M] () -- E:\WINDOWS\System32\wpa.dbl
[2011.07.07 18:03:50 | 000,046,917 | ---- | M] () -- E:\Dokumente und Einstellungen\ADMIN\Eigene Dateien\turm try.xsp
[2011.07.06 19:52:42 | 000,041,272 | ---- | M] (Malwarebytes Corporation) -- E:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011.07.06 19:52:42 | 000,022,712 | ---- | M] (Malwarebytes Corporation) -- E:\WINDOWS\System32\drivers\mbam.sys
[2011.07.06 18:19:28 | 000,000,077 | ---- | M] () -- E:\Dokumente und Einstellungen\ADMIN\Desktop\Titan Quest.url
[2011.07.06 18:19:28 | 000,000,077 | ---- | M] () -- E:\Dokumente und Einstellungen\ADMIN\Desktop\Titan Quest Immortal Throne.url
[2011.07.06 10:14:01 | 000,000,276 | ---- | M] () -- E:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011.07.03 23:13:26 | 000,041,472 | ---- | M] () -- E:\Dokumente und Einstellungen\ADMIN\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.07.03 22:31:20 | 000,000,778 | ---- | M] () -- E:\Dokumente und Einstellungen\All Users\Desktop\YouTube Downloader.lnk
[2011.06.30 22:36:39 | 000,000,549 | ---- | M] () -- E:\Dokumente und Einstellungen\ADMIN\Desktop\Fraps.lnk
[2011.06.30 22:23:53 | 000,001,531 | ---- | M] () -- E:\Dokumente und Einstellungen\All Users\Desktop\iTunes.lnk
[2011.06.30 05:42:02 | 000,000,678 | ---- | M] () -- E:\Dokumente und Einstellungen\All Users\Desktop\World of Warcraft.lnk
[2011.06.21 20:56:46 | 000,000,818 | ---- | M] () -- E:\Dokumente und Einstellungen\All Users\Desktop\TeamSpeak 3 Client.lnk
[2011.06.21 19:13:53 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- E:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2011.06.19 19:14:57 | 000,001,718 | ---- | M] () -- E:\Dokumente und Einstellungen\All Users\Desktop\Adobe Reader 9.lnk
[1 E:\WINDOWS\System32\*.tmp files -> E:\WINDOWS\System32\*.tmp -> ]
[1 E:\WINDOWS\*.tmp files -> E:\WINDOWS\*.tmp -> ]
[1 E:\*.tmp files -> E:\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2011.07.18 17:12:23 | 000,000,765 | ---- | C] () -- E:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.07.14 11:54:18 | 000,066,175 | ---- | C] () -- E:\Dokumente und Einstellungen\ADMIN\Eigene Dateien\burgfried.xsp
[2011.07.09 08:51:10 | 000,001,870 | ---- | C] () -- E:\Dokumente und Einstellungen\All Users\Desktop\Skype.lnk
[2011.07.08 15:19:54 | 000,001,332 | ---- | C] () -- E:\Dokumente und Einstellungen\ADMIN\Eigene Dateien\cc_20110708_151951.reg
[2011.07.07 18:03:50 | 000,046,917 | ---- | C] () -- E:\Dokumente und Einstellungen\ADMIN\Eigene Dateien\turm try.xsp
[2011.07.06 18:19:28 | 000,000,077 | ---- | C] () -- E:\Dokumente und Einstellungen\ADMIN\Desktop\Titan Quest.url
[2011.07.06 18:19:28 | 000,000,077 | ---- | C] () -- E:\Dokumente und Einstellungen\ADMIN\Desktop\Titan Quest Immortal Throne.url
[2011.06.30 22:23:53 | 000,001,531 | ---- | C] () -- E:\Dokumente und Einstellungen\All Users\Desktop\iTunes.lnk
[2011.06.21 20:56:46 | 000,000,818 | ---- | C] () -- E:\Dokumente und Einstellungen\All Users\Desktop\TeamSpeak 3 Client.lnk
[2011.06.16 14:57:16 | 000,000,023 | ---- | C] () -- E:\WINDOWS\BlendSettings.ini
[2010.12.08 09:35:21 | 000,000,664 | ---- | C] () -- E:\WINDOWS\System32\d3d9caps.dat
[2010.12.05 09:32:19 | 000,000,138 | ---- | C] () -- E:\Dokumente und Einstellungen\ADMIN\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2010.11.07 12:34:53 | 000,004,096 | ---- | C] () -- E:\WINDOWS\d3dx.dat
[2010.11.07 12:21:21 | 000,001,521 | ---- | C] () -- E:\Programme\unins000.dat
[2010.09.18 08:37:03 | 000,000,712 | ---- | C] () -- E:\Dokumente und Einstellungen\ADMIN\Anwendungsdaten\MPQEditor.ini
[2010.07.27 12:01:42 | 000,241,664 | R--- | C] () -- E:\WINDOWS\System32\cmdrvrmu.exe
[2010.07.27 12:01:42 | 000,045,056 | R--- | C] () -- E:\WINDOWS\System32\cmdrvrmu.dll
[2010.07.27 12:01:34 | 000,040,960 | R--- | C] () -- E:\WINDOWS\CmiUSB2Uninstall.exe
[2010.07.27 12:01:34 | 000,004,911 | R--- | C] () -- E:\WINDOWS\Cmudau.ini
[2010.07.11 11:12:41 | 000,000,038 | ---- | C] () -- E:\WINDOWS\avisplitter.ini
[2010.07.11 11:12:40 | 000,790,528 | ---- | C] () -- E:\WINDOWS\System32\xvidcore.dll
[2010.07.11 11:12:40 | 000,134,144 | ---- | C] () -- E:\WINDOWS\System32\xvidvfw.dll
[2010.07.11 11:12:40 | 000,108,032 | ---- | C] () -- E:\WINDOWS\System32\ff_vfw.dll
[2010.07.11 11:10:38 | 000,165,376 | ---- | C] () -- E:\WINDOWS\System32\unrar.dll
[2010.06.27 13:18:10 | 000,552,960 | ---- | C] () -- E:\WINDOWS\System32\Cmeau106.exe
[2010.06.27 13:18:10 | 000,143,360 | ---- | C] () -- E:\WINDOWS\Vmix106.dll
[2010.06.27 13:18:10 | 000,000,210 | ---- | C] () -- E:\WINDOWS\Cm106.ini.cfl
[2010.06.27 13:17:59 | 000,002,391 | ---- | C] () -- E:\WINDOWS\Cm106.ini.cfg
[2010.06.27 13:17:59 | 000,000,112 | ---- | C] () -- E:\WINDOWS\Cm106.ini.imi
[2010.06.27 12:59:45 | 000,303,104 | ---- | C] () -- E:\WINDOWS\System32\CmiInstallResAll.dll
[2010.06.27 12:59:45 | 000,000,518 | ---- | C] () -- E:\WINDOWS\cm106.ini
[2010.06.06 12:10:09 | 002,183,470 | ---- | C] () -- E:\WINDOWS\System32\nvdata.bin
[2010.04.27 06:52:20 | 000,064,492 | -H-- | C] () -- E:\WINDOWS\System32\mlfcache.dat
[2010.03.26 14:07:57 | 000,082,289 | ---- | C] () -- E:\WINDOWS\System32\lvcoinst.ini
[2010.03.15 18:04:11 | 000,040,960 | R--- | C] () -- E:\WINDOWS\System32\psfind.dll
[2009.12.30 19:30:16 | 000,290,816 | ---- | C] () -- E:\Programme\StormLib.dll
[2009.12.30 19:30:16 | 000,096,768 | ---- | C] () -- E:\Programme\AutoPath.dll
[2009.12.30 19:30:16 | 000,037,888 | ---- | C] () -- E:\Programme\GenericGUI.dll
[2009.12.30 19:30:16 | 000,008,704 | ---- | C] () -- E:\Programme\ccode.dll
[2009.12.16 17:30:44 | 000,000,760 | ---- | C] () -- E:\Dokumente und Einstellungen\ADMIN\Anwendungsdaten\setup_ldm.iss
[2009.11.30 21:09:27 | 000,000,512 | ---- | C] () -- E:\Programme\video.myp
[2009.11.30 21:04:38 | 009,573,654 | ---- | C] () -- E:\Programme\mft.myp
[2009.11.26 15:57:44 | 000,000,134 | ---- | C] () -- E:\Programme\sigfile.md5
[2009.11.21 16:24:58 | 000,000,056 | -H-- | C] () -- E:\WINDOWS\System32\ezsidmv.dat
[2009.11.06 16:57:10 | 000,271,360 | ---- | C] () -- E:\WINDOWS\System32\drivers\atksgt.sys
[2009.11.06 16:57:09 | 000,018,048 | ---- | C] () -- E:\WINDOWS\System32\drivers\lirsgt.sys
[2009.09.15 20:18:34 | 000,025,752 | ---- | C] () -- E:\WINDOWS\System32\drivers\LVPr2Mon.sys
[2009.09.15 19:55:48 | 000,013,584 | ---- | C] () -- E:\WINDOWS\System32\drivers\iKeyLFT2.dll
[2009.07.21 09:15:27 | 000,022,328 | ---- | C] () -- E:\WINDOWS\System32\drivers\PnkBstrK.sys
[2009.07.21 09:15:21 | 000,103,736 | ---- | C] () -- E:\WINDOWS\System32\PnkBstrB.exe
[2009.07.21 09:14:55 | 000,066,872 | ---- | C] () -- E:\WINDOWS\System32\PnkBstrA.exe
[2009.06.17 20:08:12 | 000,000,261 | ---- | C] () -- E:\WINDOWS\WPE PRO.INI
[2009.05.22 12:58:17 | 000,321,728 | ---- | C] () -- E:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\FontCache3.0.0.0.dat
[2009.05.10 20:12:33 | 000,000,403 | ---- | C] () -- E:\WINDOWS\ODBC.INI
[2009.05.05 18:58:26 | 000,105,984 | ---- | C] () -- E:\WINDOWS\System32\c_dll.dll
[2009.05.05 16:04:04 | 000,122,368 | ---- | C] () -- E:\Programme\fasmdll_managed.dll
[2009.05.03 01:13:13 | 000,041,472 | ---- | C] () -- E:\Dokumente und Einstellungen\ADMIN\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.04.28 16:17:58 | 000,004,161 | ---- | C] () -- E:\WINDOWS\ODBCINST.INI
[2009.04.28 16:15:32 | 003,612,664 | ---- | C] () -- E:\WINDOWS\System32\FNTCACHE.DAT
[2009.04.28 15:47:03 | 000,000,000 | ---- | C] () -- E:\WINDOWS\nsreg.dat
[2009.04.28 15:38:34 | 000,097,388 | R--- | C] () -- E:\WINDOWS\System32\drivers\Fwusb1b.bin
[2009.04.28 15:30:01 | 000,002,048 | --S- | C] () -- E:\WINDOWS\bootstat.dat
[2009.04.28 15:27:44 | 000,021,740 | ---- | C] () -- E:\WINDOWS\System32\emptyregdb.dat
[2009.04.28 15:07:33 | 000,460,298 | ---- | C] () -- E:\WINDOWS\System32\perfh007.dat
[2009.04.28 15:07:33 | 000,269,480 | ---- | C] () -- E:\WINDOWS\System32\perfi007.dat
[2009.04.28 15:07:33 | 000,085,464 | ---- | C] () -- E:\WINDOWS\System32\perfc007.dat
[2009.04.28 15:07:33 | 000,034,478 | ---- | C] () -- E:\WINDOWS\System32\perfd007.dat
[2009.04.28 15:06:55 | 000,029,392 | ---- | C] () -- E:\WINDOWS\System32\drivers\secdrv.sys
[2009.04.28 15:06:55 | 000,004,569 | ---- | C] () -- E:\WINDOWS\System32\secupd.dat
[2009.04.28 15:06:52 | 000,441,320 | ---- | C] () -- E:\WINDOWS\System32\perfh009.dat
[2009.04.28 15:06:52 | 000,272,128 | ---- | C] () -- E:\WINDOWS\System32\perfi009.dat
[2009.04.28 15:06:52 | 000,071,386 | ---- | C] () -- E:\WINDOWS\System32\perfc009.dat
[2009.04.28 15:06:52 | 000,028,626 | ---- | C] () -- E:\WINDOWS\System32\perfd009.dat
[2009.04.28 15:06:51 | 000,004,605 | ---- | C] () -- E:\WINDOWS\System32\oembios.dat
[2009.04.28 15:06:50 | 013,107,200 | ---- | C] () -- E:\WINDOWS\System32\oembios.bin
[2009.04.28 15:06:38 | 000,000,741 | ---- | C] () -- E:\WINDOWS\System32\noise.dat
[2009.04.28 15:06:32 | 000,673,088 | ---- | C] () -- E:\WINDOWS\System32\mlang.dat
[2009.04.28 15:06:32 | 000,046,258 | ---- | C] () -- E:\WINDOWS\System32\mib.bin
[2009.04.28 15:06:28 | 000,081,920 | ---- | C] () -- E:\WINDOWS\System32\ieencode.dll
[2009.04.28 15:06:13 | 000,218,003 | ---- | C] () -- E:\WINDOWS\System32\dssec.dat
[2009.04.28 15:05:55 | 000,001,788 | ---- | C] () -- E:\WINDOWS\System32\Dcache.bin
[2009.03.17 03:28:11 | 000,002,072 | ---- | C] () -- E:\Programme\CDBremse.rtf
[2004.07.22 10:51:34 | 003,432,656 | ---- | C] () -- E:\Programme\ManagedDX.CAB
[2004.07.19 22:58:36 | 001,156,363 | ---- | C] () -- E:\Programme\BDANT.cab
[2004.07.19 22:53:26 | 000,976,020 | ---- | C] () -- E:\Programme\BDAXP.cab
[2004.07.09 14:17:16 | 013,265,040 | ---- | C] () -- E:\Programme\dxnt.cab
[2004.07.09 09:13:48 | 015,493,481 | ---- | C] () -- E:\Programme\DirectX.cab
[2004.07.09 09:13:46 | 000,703,080 | ---- | C] () -- E:\Programme\BDA.cab
[1999.01.22 20:46:58 | 000,065,536 | ---- | C] () -- E:\WINDOWS\System32\MSRTEDIT.DLL
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 129 bytes -> E:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:05EE1EEF

< End of report >

[Staminastick]

Wie ihr auch schon im Anderen Thread biete ich mich als Hilfe an:

- im thread direkt
- per PN einfach eine Nachricht schreiben!

bitte achtet auf Satzzeichen!

[BlackLegend™]

Quote:

Originally Posted by werko

So, hier mal meine OTL File:

sieht gut aus. Einfach das machen was oben steht mit Malwarebytes. Das bitte auch DRAUFLASSEN! es blockt die ips die raus/reinkommen.

[werko]

Quote:

Originally Posted by BlackLegend™

sieht gut aus. Einfach das machen was oben steht mit Malwarebytes. Das bitte auch DRAUFLASSEN! es blockt die ips die raus/reinkommen.

Jop, habs gerad schon durchlaufen lassen, hat glücklicherweise nichts gefunden :-). Mhm, durch die OTL File steig ich sogar durch

[×X×™]

Jetzt ist xXx an der Reihe!

Code:

OTL logfile created on: 18.07.2011 17:55:45 - Run 1
OTL by OldTimer - Version 3.2.26.1     Folder = C:\Dokumente und Einstellungen\Shaiya P-Server\Eigene Dateien\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000C07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,16 Gb Available Physical Memory | 57,81% Memory free
3,85 Gb Paging File | 3,10 Gb Available in Paging File | 80,67% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 195,32 Gb Total Space | 49,42 Gb Free Space | 25,30% Space Free | Partition Type: NTFS
Drive D: | 37,57 Gb Total Space | 36,71 Gb Free Space | 97,72% Space Free | Partition Type: NTFS
 
Computer Name: USER-FD72224CEF | User Name: Shaiya P-Server | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - C:\Dokumente und Einstellungen\Shaiya P-Server\Eigene Dateien\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Dokumente und Einstellungen\Shaiya P-Server\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Programme\TeamViewer\Version6\TeamViewer.exe (TeamViewer GmbH)
PRC - C:\Programme\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\avmailc.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Dokumente und Einstellungen\Shaiya P-Server\Desktop\Stuff & so\Skype.exe (Skype Technologies S.A.)
PRC - C:\Programme\BearShare Applications\MediaBar\Datamngr\datamngrUI.exe (MusicLab, LLC)
PRC - C:\Programme\Gemeinsame Dateien\Java\Java Update\jucheck.exe (Sun Microsystems, Inc.)
PRC - C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\WINDOWS\system32\FsUsbExService.Exe (Teruten)
PRC - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
PRC - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)
 
 
[color=#E56717]========== Modules (SafeList) ==========[/color]
 
MOD - C:\Dokumente und Einstellungen\Shaiya P-Server\Eigene Dateien\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll (Microsoft Corporation)
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - (vpnclient) --  File not found
SRV - (shaiya_serverf) --  File not found
SRV - (shaiya_server) --  File not found
SRV - (ServiceLayer) --  File not found
SRV - (PSM_AgentServer) --  File not found
SRV - (PSM_AgentClient) --  File not found
SRV - (ps_userLog) --  File not found
SRV - (ps_session) --  File not found
SRV - (ps_login) --  File not found
SRV - (ps_gamewar) --  File not found
SRV - (ps_gameLog) --  File not found
SRV - (ps_game) --  File not found
SRV - (ps_dbAgent) --  File not found
SRV - (MySQL) --  File not found
SRV - (LMIGuardianSvc) --  File not found
SRV - (HidServ) --  File not found
SRV - (Hamachi2Svc) --  File not found
SRV - (FLEXnet Licensing Service) --  File not found
SRV - (dgdersvc) --  File not found
SRV - (MBAMService) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (Akamai) -- c:\Programme\Gemeinsame Dateien\Akamai\netsession_win_e477fed.dll ()
SRV - (TeamViewer6) -- C:\Programme\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (AntiVirWebService) -- C:\Programme\Avira\AntiVir Desktop\AVWEBGRD.EXE (Avira GmbH)
SRV - (AntiVirMailService) -- C:\Programme\Avira\AntiVir Desktop\avmailc.exe (Avira GmbH)
SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (npggsvc) -- C:\WINDOWS\System32\GameMon.des (INCA Internet Co., Ltd.)
SRV - (SbieSvc) -- C:\Programme\Sandboxie\SbieSvc.exe (SANDBOXIE L.T.D)
SRV - (Steam Client Service) -- C:\Programme\Gemeinsame Dateien\Steam\SteamService.exe (Valve Corporation)
SRV - (Adobe LM Service) -- C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe (Adobe Systems)
SRV - (FsUsbExService) -- C:\WINDOWS\system32\FsUsbExService.Exe (Teruten)
SRV - (wlidsvc) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
SRV - (rcp_service) -- C:\Programme\ReaConverter 5.5 Pro\rcp_scheduler.exe (ReaSoft)
SRV - (IDriverT) -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation)
SRV - (Pml Driver HPZ12) -- C:\WINDOWS\system32\HPZipm12.exe (HP)
SRV - (ose) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (MDM) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - (MBAMSwissArmy) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys (Malwarebytes Corporation)
DRV - (MBAMProtector) -- C:\WINDOWS\system32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (Neo_Japan) -- C:\WINDOWS\system32\drivers\Neo_0066.sys (SoftEther Corporation)
DRV - (avipbb) -- C:\WINDOWS\system32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira GmbH)
DRV - (SbieDrv) -- C:\Programme\Sandboxie\SbieDrv.sys (SANDBOXIE L.T.D)
DRV - (sptd) -- C:\WINDOWS\System32\Drivers\sptd.sys ()
DRV - (LMIRfsClientNP) -- C:\WINDOWS\System32\LMIRfsClientNP.dll (LogMeIn, Inc.)
DRV - (VMM) -- C:\WINDOWS\system32\drivers\VMM.sys (Microsoft Corporation)
DRV - (LMIRfsDriver) -- C:\WINDOWS\system32\drivers\LMIRfsDriver.sys (LogMeIn, Inc.)
DRV - (oreans32) -- C:\WINDOWS\system32\drivers\oreans32.sys ()
DRV - (Tcpip6) -- C:\WINDOWS\system32\drivers\tcpip6.sys (Microsoft Corporation)
DRV - (XDva309) -- C:\WINDOWS\system32\XDva309.sys (www.wiselogic.co.kr)
DRV - (FsUsbExDisk) -- C:\WINDOWS\system32\FsUsbExDisk.Sys ()
DRV - (rt2870) -- C:\WINDOWS\system32\drivers\rt2870.sys (Ralink Technology, Corp.)
DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (ssmdrv) -- C:\WINDOWS\system32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (hamachi) -- C:\WINDOWS\system32\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (AWISp50) -- C:\WINDOWS\system32\drivers\AWISp50.sys (Printing Communications Assoc., Inc. (PCAUSA))
DRV - (SenFiltService) -- C:\WINDOWS\system32\drivers\senfilt.sys (Sensaura)
DRV - (MTsensor) -- C:\WINDOWS\system32\drivers\ASACPI.sys ()
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE}
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://at.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-at
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 12 6D 97 B7 5D 33 CC 01  [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.startup.homepage: "http://google.at/"
FF - prefs.js..extensions.enabledItems: {1FD91A9C-410C-4090-BBCC-55D3450EF433}:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: :1.0
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Programme\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
FF - HKLM\Software\MozillaPlugins\@gamersfirst.com/LiveLauncher: C:\Programme\GamersFirst\LIVE!\nplivelauncher.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Programme\Microsoft Silverlight\4.0.50524.0\npctrl.dll File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpWinExt,version=4.0: C:\Programme\MSN Toolbar\Platform\4.0.0360.0\npwinext.dll File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.com/NxGame: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Nexon\NGM\npNxGame.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NexonEU\NGM\npNxGameeu.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Programme\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: C:\Programme\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.69: C:\Programme\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Programme\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Dokumente und Einstellungen\Shaiya P-Server\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Dokumente und Einstellungen\Shaiya P-Server\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Dokumente und Einstellungen\Shaiya P-Server\Lokale Einstellungen\Anwendungsdaten\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Programme\Real\RealPlayer\browserrecord [2009.10.04 00:48:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\: C:\Programme\MSN Toolbar\Platform\4.0.0360.0\Firefox
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Programme\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2010.06.12 01:58:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Programme\AVG\AVG10\Firefox4\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Programme\Mozilla Firefox\components [2011.06.25 18:25:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2011.06.25 18:25:24 | 000,000,000 | ---D | M]
 
[2011.05.20 20:19:42 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Shaiya P-Server\Anwendungsdaten\Mozilla\Extensions
[2011.06.25 19:30:20 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Shaiya P-Server\Anwendungsdaten\Mozilla\Firefox\Profiles\67o4eqrp.default\extensions
[2011.05.21 23:29:46 | 000,000,000 | ---D | M] (kikin plugin) -- C:\Dokumente und Einstellungen\Shaiya P-Server\Anwendungsdaten\Mozilla\Firefox\Profiles\67o4eqrp.default\extensions\{AA994882-F391-4d2e-806F-8908DA4814ED}
[2011.06.25 19:30:20 | 000,000,000 | ---D | M] (FoxyProxy Standard) -- C:\Dokumente und Einstellungen\Shaiya P-Server\Anwendungsdaten\Mozilla\Firefox\Profiles\67o4eqrp.default\extensions\
[2011.06.25 18:25:32 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2010.09.04 00:33:11 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2011.04.18 21:52:52 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
File not found (No name found) -- 
[2009.10.04 00:46:13 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAMME\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011.06.16 06:32:37 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll
[2011.02.02 21:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\mozilla firefox\plugins\npdeployJava1.dll
[2009.07.03 01:34:44 | 000,083,376 | ---- | M] (NHN USA Inc.) -- C:\Programme\mozilla firefox\plugins\npijjiautoinstallpluginff.dll
[2010.01.01 10:00:00 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.09.14 14:48:25 | 000,002,506 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\BearShareWebSearch.xml
[2010.01.01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml
[2010.01.01 10:00:00 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2010.01.01 10:00:00 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.01.01 10:00:00 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.01.01 10:00:00 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2011.07.02 00:43:23 | 000,001,260 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 11.11.11.11		support.steampowered.com
O1 - Hosts: 11.11.11.11		www.support.steampowered.com
O1 - Hosts: 11.11.11.11		steampowered.com
O1 - Hosts: 11.11.11.11		www.steampowered.com
O1 - Hosts: 11.11.11.11		steamcommunity.com
O1 - Hosts: 11.11.11.11		www.steamcommunity.com
O1 - Hosts: 11.11.11.11		support.steampowered.com
O1 - Hosts: 11.11.11.11		www.support.steampowered.com
O1 - Hosts: 11.11.11.11		steampowered.com
O1 - Hosts: 11.11.11.11		www.steampowered.com
O1 - Hosts: 11.11.11.11		steamcommunity.com
O1 - Hosts: 11.11.11.11		www.steamcommunity.com
O2 - BHO: (MediaBar) - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - C:\Programme\BearShare Applications\MediaBar\ToolBar\BearshareMediabarDx.dll ()
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Programme\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (Flash Catcher) - {3AF255C7-8742-4B96-8971-1268EEE04974} - C:\Programme\Online Games Downloader\SWFCatcher.dll (VTools)
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
O2 - BHO: (Winload Toolbar) - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Programme\Winload\prxtbWin2.dll (Conduit Ltd.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (UrlHelper Class) - {74322BF9-DF26-493f-B0DA-6D2FC5E6429E} - C:\Programme\BearShare Applications\MediaBar\Datamngr\IEBHO.dll (MusicLab, LLC)
O2 - BHO: (no name) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - No CLSID value found.
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (no name) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - No CLSID value found.
O2 - BHO: (kikin Plugin) - {E601996F-E400-41CA-804B-CD6373A7EEE2} - C:\Programme\kikin\ie_kikin.dll (kikin)
O3 - HKLM\..\Toolbar: (MediaBar) - {0974BA1E-64EC-11DE-B2A5-E43756D89593} - C:\Programme\BearShare Applications\MediaBar\ToolBar\BearshareMediabarDx.dll ()
O3 - HKLM\..\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Winload Toolbar) - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Programme\Winload\prxtbWin2.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {8dcb7100-df86-4384-8842-8fa844297b3f} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [DATAMNGR] C:\Programme\BearShare Applications\MediaBar\Datamngr\datamngrUI.exe (MusicLab, LLC)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Programme\NVIDIA Corporation\nView\nwiz.exe ()
O4 - HKLM..\Run: [Smart File Advisor] C:\Programme\Smart File Advisor\sfa.exe (Filefacts.net)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [AdobeBridge]  File not found
O4 - HKCU..\Run: [Power2GoExpress]  File not found
O4 - HKCU..\Run: [scheduler_monitor] C:\Programme\ReaConverter 5.5 Pro\init_scheduler.exe ()
O4 - HKCU..\Run: [Steam] C:\Programme\Steam\Steam.exe (Valve Corporation)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\GamersFirst LIVE!.lnk = C:\Programme\GamersFirst\LIVE!\Live.exe (GamersFirst)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\PacketiX VPN Client Task Tray.lnk =  File not found
O4 - Startup: C:\Dokumente und Einstellungen\Shaiya P-Server\Startmenü\Programme\Autostart\OpenOffice.org 3.2.lnk = C:\Programme\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra 'Tools' menuitem : My kikin - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - C:\Programme\kikin\ie_kikin.dll (kikin)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} http://support.asus.com/common/asusTek_sys_ctrl.cab (asusTek_sysctrl Class)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/MessengerGamesContent/GameContent/de/uno1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {E8BE23ED-5B67-4E41-9609-BFB2794BACC2} https://www.gamers1.jp/webapi/warrock/lv/wrloader.cab (loader Class)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\datamngr.dll) - C:\Programme\BearShare Applications\MediaBar\Datamngr\datamngr.dll (MusicLab, LLC)
O20 - AppInit_DLLs: (C:\PROGRA~1\BEARSH~1\MediaBar\Datamngr\IEBHO.dll) - C:\Programme\BearShare Applications\MediaBar\Datamngr\IEBHO.dll (MusicLab, LLC)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\LMIinit: DllName - LMIinit.dll - C:\WINDOWS\System32\LMIinit.dll (LogMeIn, Inc.)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Grüne Idylle.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Grüne Idylle.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.10.03 23:51:33 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - Unable to obtain root file information for disk D:\
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2011.07.18 16:38:28 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Shaiya P-Server\Anwendungsdaten\Malwarebytes
[2011.07.18 16:38:15 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011.07.18 16:38:15 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware
[2011.07.18 16:38:13 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2011.07.18 16:38:09 | 000,022,712 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011.07.18 16:38:09 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2011.07.17 18:20:33 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Skype
[2011.07.17 18:20:32 | 000,000,000 | R--D | C] -- C:\Programme\Skype
[2011.07.17 17:55:39 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Shaiya P-Server\Recent
[2011.07.16 01:24:06 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Shaiya P-Server\Desktop\Backup
[2011.07.15 15:21:55 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Shaiya P-Server\Desktop\Emblem
[2011.07.15 14:11:42 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Shaiya P-Server\Desktop\BrokenSunset
[2011.07.14 18:41:35 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Shaiya P-Server\Desktop\BlindBullet
[2011.07.12 19:01:48 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Shaiya P-Server\Desktop\WhcLabs - Hook
[2011.07.10 20:07:02 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Shaiya P-Server\Startmenü\Programme\Fiaa
[2011.07.10 20:01:25 | 000,000,000 | ---D | C] -- C:\Fiaa
[2011.07.10 19:20:14 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Shaiya P-Server\Desktop\OP7
[2011.07.08 20:43:53 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Shaiya P-Server\Neuer Ordner
[2011.07.08 20:35:24 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Shaiya P-Server\Anwendungsdaten\com.adobe.downloadassistant.AdobeDownloadAssistant
[2011.07.08 20:35:09 | 000,000,000 | ---D | C] -- C:\Programme\Adobe Download Assistant
[2011.07.08 17:43:32 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Shaiya P-Server\Anwendungsdaten\vlc
[2011.07.08 14:27:55 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Shaiya P-Server\Lokale Einstellungen\Anwendungsdaten\FXhome
[2011.07.08 14:27:53 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Shaiya P-Server\Lokale Einstellungen\Anwendungsdaten\LocalStorage
[2011.07.08 14:27:15 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\HitFilm Standard
[2011.07.08 14:26:49 | 000,000,000 | ---D | C] -- C:\Programme\FXhome
[2011.07.08 14:26:49 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\FXhome
[2011.07.08 13:00:22 | 000,000,000 | ---D | C] -- C:\win32
[2011.07.05 21:54:07 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmen
[2011.07.05 21:54:06 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Steam
[2011.07.05 21:54:05 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Steam
[2011.07.05 21:54:03 | 000,000,000 | ---D | C] -- C:\Programme\Steam
[2011.07.05 15:56:29 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Shaiya P-Server\Desktop\SHAIYA ENERGY
[2011.07.04 21:22:26 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Shaiya P-Server\Startmenü\Programme\AeriaGames
[2011.07.04 21:20:10 | 000,000,000 | ---D | C] -- C:\AeriaGames
[2011.07.04 17:35:46 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Shaiya P-Server\Desktop\Lyrics's
[2011.07.03 23:39:46 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\2EF2
[2011.06.27 19:05:21 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Shaiya P-Server\Eigene Dateien\Image-Line
[2011.06.27 19:04:40 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Shaiya P-Server\Startmenü\Programme\Image-Line
[2011.06.25 20:31:10 | 000,022,000 | ---- | C] (SoftEther Corporation) -- C:\WINDOWS\System32\drivers\Neo_0066.sys
[2011.06.25 20:27:17 | 000,081,920 | ---- | C] (SoftEther Corporation) -- C:\WINDOWS\System32\vpncmd.exe
[2011.06.25 20:27:09 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\PacketiX VPN Client
[2011.06.25 13:40:20 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Gamers1
[2011.06.25 13:26:00 | 000,000,000 | ---D | C] -- C:\Programme\Gamers1
[2011.06.20 17:54:38 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Shaiya P-Server\Eigene Dateien\Visual Studio 2005
[2011.06.20 17:54:28 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Visual C++ 2005 Express Edition
[2011.06.20 17:50:26 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Visual Studio 8
[2011.06.20 17:47:11 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Shaiya P-Server\Desktop\WRFreaky
[2011.06.20 17:13:11 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Shaiya P-Server\Desktop\Stuff & so
[2011.02.11 14:51:38 | 000,188,416 | ---- | C] (Creative Technology Ltd) -- C:\Programme\eax.dll
[2011.02.05 20:47:27 | 000,121,757 | ---- | C] (TeamSpeak Systems GmbH) -- C:\Programme\Uninstall.exe
[2010.12.31 16:31:56 | 587,567,643 | ---- | C] (Macrovision Corporation) -- C:\Programme\SuddenAttackNASetup.exe
[2010.11.05 15:27:18 | 007,168,768 | ---- | C] (TeamSpeak Systems GmbH) -- C:\Programme\ts3client_win32.exe
[2010.05.18 14:46:32 | 000,397,312 | ---- | C] (Firelight Technologies) -- C:\Programme\fmodex.dll
[2007.08.13 17:46:00 | 000,102,912 | ---- | C] (Albert L Faber) -- C:\Dokumente und Einstellungen\Shaiya P-Server\Lokale Einstellungen\Anwendungsdaten\CDRip.dll
[2007.01.18 21:09:54 | 000,623,616 | ---- | C] (Ivan Bischof ©2003 - 2005) -- C:\Dokumente und Einstellungen\Shaiya P-Server\Lokale Einstellungen\Anwendungsdaten\No23 Recorder.exe
[2006.12.11 19:13:14 | 000,013,872 | ---- | C] (Un4seen Developments) -- C:\Dokumente und Einstellungen\Shaiya P-Server\Lokale Einstellungen\Anwendungsdaten\basscd.dll
[2006.12.11 19:13:12 | 000,097,336 | ---- | C] (Un4seen Developments) -- C:\Dokumente und Einstellungen\Shaiya P-Server\Lokale Einstellungen\Anwendungsdaten\bass.dll
[7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[6 C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\*.tmp files -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2011.07.18 17:42:00 | 000,001,206 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-515967899-308236825-1801674531-1003UA.job
[2011.07.18 17:41:33 | 000,000,240 | ---- | M] () -- C:\WINDOWS\tasks\Game_Booster_Startup.job
[2011.07.18 17:34:43 | 000,000,456 | -H-- | M] () -- C:\WINDOWS\tasks\Norton Security Scan for USER.job
[2011.07.18 17:16:45 | 003,887,488 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011.07.18 17:15:38 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011.07.18 17:12:27 | 000,001,250 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-515967899-308236825-1801674531-1019UA.job
[2011.07.18 16:38:15 | 000,000,762 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.07.18 15:47:57 | 000,192,178 | ---- | M] () -- C:\Dokumente und Einstellungen\Shaiya P-Server\Desktop\IMG_18072011_154708.png
[2011.07.18 15:15:14 | 000,009,543 | ---- | M] () -- C:\Dokumente und Einstellungen\Shaiya P-Server\Desktop\StaticObject.dat
[2011.07.18 15:12:01 | 000,001,198 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-515967899-308236825-1801674531-1019Core.job
[2011.07.18 13:42:00 | 000,001,154 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-515967899-308236825-1801674531-1003Core.job
[2011.07.18 13:41:26 | 000,129,810 | ---- | M] () -- C:\Dokumente und Einstellungen\Shaiya P-Server\Desktop\screenshot_038.jpg
[2011.07.17 22:09:02 | 000,047,616 | ---- | M] () -- C:\Dokumente und Einstellungen\Shaiya P-Server\Desktop\PLog.dll
[2011.07.17 02:00:00 | 000,000,366 | ---- | M] () -- C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-USER-FD72224CEF-Shaiya P-Server.job
[2011.07.17 02:00:00 | 000,000,344 | ---- | M] () -- C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-USER-FD72224CEF-USER.job
[2011.07.16 15:09:34 | 002,142,270 | ---- | M] () -- C:\Dokumente und Einstellungen\Shaiya P-Server\Desktop\RennstreckenVorschau.psd
[2011.07.16 15:08:04 | 000,001,456 | ---- | M] () -- C:\Dokumente und Einstellungen\Shaiya P-Server\Lokale Einstellungen\Anwendungsdaten\Adobe Save for Web 12.0 Prefs
[2011.07.16 15:08:03 | 000,373,069 | ---- | M] () -- C:\Dokumente und Einstellungen\Shaiya P-Server\Desktop\RennstreckeVorschau.gif
[2011.07.16 15:06:14 | 000,000,132 | ---- | M] () -- C:\Dokumente und Einstellungen\Shaiya P-Server\Anwendungsdaten\Adobe GIF Format CS5 Prefs
[2011.07.16 14:48:43 | 000,201,728 | ---- | M] () -- C:\Dokumente und Einstellungen\Shaiya P-Server\Desktop\PLog.exe
[2011.07.16 13:17:16 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.07.16 02:30:45 | 001,845,413 | ---- | M] () -- C:\Dokumente und Einstellungen\Shaiya P-Server\Desktop\RennstreckenMap.png
[2011.07.16 02:30:39 | 000,000,132 | ---- | M] () -- C:\Dokumente und Einstellungen\Shaiya P-Server\Anwendungsdaten\Adobe PNG Format CS5 Prefs
[2011.07.15 14:12:08 | 001,738,898 | ---- | M] () -- C:\Dokumente und Einstellungen\Shaiya P-Server\Desktop\BrokenSunset_OPK_Like.rar
[2011.07.15 14:11:59 | 000,712,187 | ---- | M] () -- C:\Dokumente und Einstellungen\Shaiya P-Server\Desktop\BlindBullet_OPK_Like.rar
[2011.07.15 11:13:50 | 000,002,444 | ---- | M] () -- C:\Dokumente und Einstellungen\Shaiya P-Server\Desktop\Google Chrome.lnk
[2011.07.13 21:08:56 | 005,030,897 | ---- | M] () -- C:\Dokumente und Einstellungen\Shaiya P-Server\Desktop\WarRock Project - Marien - xMarien.rar
[2011.07.11 21:42:05 | 000,000,785 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\GamersFirst LIVE!.lnk
[2011.07.11 21:42:05 | 000,000,757 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\GamersFirst LIVE!.lnk
[2011.07.11 21:41:34 | 000,000,800 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\War Rock.lnk
[2011.07.10 22:33:56 | 000,000,666 | ---- | M] () -- C:\Dokumente und Einstellungen\Shaiya P-Server\Desktop\OPERATION7 FIAA.LNK
[2011.07.09 13:52:19 | 000,001,697 | ---- | M] () -- C:\WarRock.ini
[2011.07.08 20:35:10 | 000,000,776 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Adobe Download Assistant.lnk
[2011.07.08 14:27:52 | 000,017,408 | ---- | M] () -- C:\Dokumente und Einstellungen\Shaiya P-Server\Lokale Einstellungen\Anwendungsdaten\WebpageIcons.db
[2011.07.07 09:53:43 | 000,005,632 | ---- | M] () -- C:\Dokumente und Einstellungen\Shaiya P-Server\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.07.06 19:52:42 | 000,041,272 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2011.07.06 19:52:42 | 000,022,712 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011.07.05 21:54:07 | 000,000,642 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Steam.lnk
[2011.07.03 21:50:14 | 000,447,488 | ---- | M] () -- C:\Dokumente und Einstellungen\Shaiya P-Server\Desktop\Setup.exe
[2011.06.25 20:31:10 | 000,022,000 | ---- | M] (SoftEther Corporation) -- C:\WINDOWS\System32\drivers\Neo_0066.sys
[2011.06.25 20:27:17 | 000,081,920 | ---- | M] (SoftEther Corporation) -- C:\WINDOWS\System32\vpncmd.exe
[2011.06.25 20:27:10 | 000,001,904 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\PacketiX VPN Client Task Tray.lnk
[2011.06.25 18:25:37 | 000,000,702 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Mozilla Firefox.lnk
[7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[6 C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\*.tmp files -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2011.07.18 16:38:15 | 000,000,762 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.07.18 15:47:51 | 000,192,178 | ---- | C] () -- C:\Dokumente und Einstellungen\Shaiya P-Server\Desktop\IMG_18072011_154708.png
[2011.07.18 15:14:56 | 000,009,543 | ---- | C] () -- C:\Dokumente und Einstellungen\Shaiya P-Server\Desktop\StaticObject.dat
[2011.07.18 13:37:33 | 000,129,810 | ---- | C] () -- C:\Dokumente und Einstellungen\Shaiya P-Server\Desktop\screenshot_038.jpg
[2011.07.17 00:23:34 | 000,201,728 | ---- | C] () -- C:\Dokumente und Einstellungen\Shaiya P-Server\Desktop\PLog.exe
[2011.07.17 00:23:34 | 000,047,616 | ---- | C] () -- C:\Dokumente und Einstellungen\Shaiya P-Server\Desktop\PLog.dll
[2011.07.16 15:09:29 | 002,142,270 | ---- | C] () -- C:\Dokumente und Einstellungen\Shaiya P-Server\Desktop\RennstreckenVorschau.psd
[2011.07.16 15:06:14 | 000,373,069 | ---- | C] () -- C:\Dokumente und Einstellungen\Shaiya P-Server\Desktop\RennstreckeVorschau.gif
[2011.07.16 15:06:14 | 000,000,132 | ---- | C] () -- C:\Dokumente und Einstellungen\Shaiya P-Server\Anwendungsdaten\Adobe GIF Format CS5 Prefs
[2011.07.16 02:28:47 | 001,845,413 | ---- | C] () -- C:\Dokumente und Einstellungen\Shaiya P-Server\Desktop\RennstreckenMap.png
[2011.07.14 21:04:30 | 001,738,898 | ---- | C] () -- C:\Dokumente und Einstellungen\Shaiya P-Server\Desktop\BrokenSunset_OPK_Like.rar
[2011.07.14 18:33:23 | 000,712,187 | ---- | C] () -- C:\Dokumente und Einstellungen\Shaiya P-Server\Desktop\BlindBullet_OPK_Like.rar
[2011.07.12 13:43:24 | 005,030,897 | ---- | C] () -- C:\Dokumente und Einstellungen\Shaiya P-Server\Desktop\WarRock Project - Marien - xMarien.rar
[2011.07.10 20:12:46 | 000,000,666 | ---- | C] () -- C:\Dokumente und Einstellungen\Shaiya P-Server\Desktop\OPERATION7 FIAA.LNK
[2011.07.08 20:35:10 | 000,000,782 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Adobe Download Assistant.lnk
[2011.07.08 20:35:10 | 000,000,776 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Adobe Download Assistant.lnk
[2011.07.08 14:27:50 | 000,017,408 | ---- | C] () -- C:\Dokumente und Einstellungen\Shaiya P-Server\Lokale Einstellungen\Anwendungsdaten\WebpageIcons.db
[2011.07.08 13:00:06 | 000,447,488 | ---- | C] () -- C:\Dokumente und Einstellungen\Shaiya P-Server\Desktop\Setup.exe
[2011.07.05 21:54:07 | 000,000,642 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Steam.lnk
[2011.06.25 20:27:10 | 000,001,904 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\PacketiX VPN Client Task Tray.lnk
[2011.06.25 18:25:37 | 000,000,708 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Mozilla Firefox.lnk
[2011.06.25 18:25:37 | 000,000,702 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Mozilla Firefox.lnk
[2011.06.20 17:26:18 | 000,000,800 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\War Rock.lnk
[2011.05.21 17:26:03 | 000,001,505 | ---- | C] () -- C:\Dokumente und Einstellungen\Shaiya P-Server\Lokale Einstellungen\Anwendungsdaten\RecConfig.xml
[2011.05.10 17:00:39 | 000,000,148 | ---- | C] () -- C:\Dokumente und Einstellungen\Shaiya P-Server\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2011.05.10 16:09:28 | 000,005,632 | ---- | C] () -- C:\Dokumente und Einstellungen\Shaiya P-Server\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.05.09 11:45:03 | 000,000,022 | ---- | C] () -- C:\WINDOWS\System32\winStudio.bin
[2011.04.30 00:49:38 | 000,000,033 | ---- | C] () -- C:\WINDOWS\AuraLauncher.INI
[2011.04.18 17:15:57 | 000,000,096 | -H-- | C] () -- C:\WINDOWS\System32\HsInfo.dat
[2011.04.13 16:42:01 | 000,001,378 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ss.ini
[2011.04.08 22:17:04 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\Access.dat
[2011.03.27 13:21:10 | 000,151,552 | ---- | C] () -- C:\WINDOWS\System32\nvRegDev.dll
[2011.03.05 00:10:12 | 000,252,080 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2011.03.05 00:10:09 | 000,252,080 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2011.03.05 00:10:09 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2011.03.05 00:09:52 | 002,292,678 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin
[2011.02.25 19:59:31 | 000,004,916 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ojobkspa.ako
[2011.02.11 14:51:38 | 014,386,176 | ---- | C] () -- C:\Programme\gta_sa.exe
[2011.02.11 14:51:36 | 000,002,900 | ---- | C] () -- C:\Programme\gta_sa.set
[2011.02.11 14:51:36 | 000,000,360 | ---- | C] () -- C:\Programme\gta_sa.reg
[2011.02.11 14:51:35 | 000,009,900 | ---- | C] () -- C:\Programme\KPS.gta.san.andreas.NFO
[2011.02.11 14:51:35 | 000,000,197 | ---- | C] () -- C:\Programme\stream.ini
[2011.01.27 01:19:55 | 000,256,368 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\FontCache3.0.0.0.dat
[2010.11.22 01:01:00 | 1119,993,186 | ---- | C] () -- C:\Programme\7D9810D9C4E79A19A2B21514A44B4D86.kms
[2010.11.22 01:01:00 | 001,117,485 | ---- | C] () -- C:\Programme\7D9810D9C4E79A19A2B21514A44B4D86.kmt
[2010.11.05 15:27:06 | 000,379,648 | ---- | C] () -- C:\Programme\update.exe
[2010.11.05 15:27:02 | 000,034,858 | ---- | C] () -- C:\Programme\apps.ini
[2010.11.05 15:27:02 | 000,000,990 | ---- | C] () -- C:\Programme\mirrors.ini
[2010.10.20 16:02:15 | 000,000,016 | ---- | C] () -- C:\WINDOWS\System32\PCProxyOff.ini
[2010.10.09 18:27:09 | 000,013,931 | ---- | C] () -- C:\WINDOWS\System32\RaCoInst.dat
[2010.10.03 15:12:47 | 000,001,836 | ---- | C] () -- C:\WINDOWS\Sandboxie.ini
[2010.09.25 17:12:32 | 008,676,883 | ---- | C] () -- C:\WINDOWS\System32\mp3Media2.dll
[2010.09.03 17:29:38 | 012,824,576 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\sandra.mda
[2010.09.03 07:10:26 | 002,434,856 | ---- | C] () -- C:\WINDOWS\System32\pbsvc_bc2.exe
[2010.08.30 08:12:43 | 001,970,176 | ---- | C] () -- C:\WINDOWS\System32\d3dx9.dll
[2010.08.24 10:37:57 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010.08.22 22:20:09 | 000,004,990 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\mtbjfghn.xbe
[2010.08.03 14:59:48 | 000,000,221 | ---- | C] () -- C:\WINDOWS\NCLogConfig.ini
[2010.06.26 20:57:20 | 000,000,107 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2010.06.26 18:14:26 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll
[2010.06.26 18:14:26 | 000,036,640 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys
[2010.06.05 16:47:47 | 000,087,040 | ---- | C] () -- C:\WINDOWS\UnGins.exe
[2010.06.05 01:15:40 | 000,000,038 | ---- | C] () -- C:\WINDOWS\TETRIS.INI
[2010.05.17 10:29:02 | 007,692,800 | ---- | C] () -- C:\Programme\QtGui4.dll
[2010.05.12 15:51:51 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010.04.12 19:30:37 | 000,033,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\oreans32.sys
[2010.03.25 11:57:36 | 002,066,944 | ---- | C] () -- C:\Programme\QtCore4.dll
[2010.03.22 11:59:00 | 000,666,624 | ---- | C] () -- C:\Programme\QtNetwork4.dll
[2010.02.24 15:37:24 | 000,141,200 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2010.02.24 15:37:07 | 000,281,656 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2010.02.24 15:37:04 | 000,075,136 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2010.02.24 14:45:20 | 000,000,311 | ---- | C] () -- C:\WINDOWS\game.ini
[2010.02.20 19:24:36 | 000,230,752 | ---- | C] () -- C:\WINDOWS\patchw32.dll
[2010.02.20 19:24:35 | 000,118,176 | ---- | C] () -- C:\WINDOWS\patchw.dll
[2010.01.23 16:02:00 | 001,589,248 | ---- | C] () -- C:\WINDOWS\System32\libmysql_d.dll
[2009.12.07 22:18:53 | 000,000,118 | ---- | C] () -- C:\WINDOWS\WinInit.Ini
[2009.11.30 18:38:44 | 000,000,033 | ---- | C] () -- C:\WINDOWS\GunzLauncher.INI
[2009.11.14 12:45:18 | 001,073,152 | ---- | C] () -- C:\WINDOWS\System32\libmysql_c.dll
[2009.10.04 20:53:07 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009.10.04 02:30:24 | 000,113,091 | ---- | C] () -- C:\WINDOWS\hpoins07.dat
[2009.10.04 02:30:24 | 000,021,124 | ---- | C] () -- C:\WINDOWS\hpomdl07.dat
[2009.10.04 01:18:38 | 000,005,810 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2009.10.04 00:44:24 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009.10.04 00:41:31 | 003,887,488 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009.10.04 00:09:10 | 000,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009.10.03 23:53:35 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009.10.03 23:48:56 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2007.11.26 21:56:28 | 000,151,415 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2007.08.13 17:46:00 | 000,155,136 | ---- | C] () -- C:\Dokumente und Einstellungen\Shaiya P-Server\Lokale Einstellungen\Anwendungsdaten\lame_enc.dll
[2007.01.10 07:44:26 | 001,457,024 | R--- | C] () -- C:\WINDOWS\System32\SSCProt.dll
[2006.10.26 01:06:48 | 000,064,000 | ---- | C] () -- C:\Dokumente und Einstellungen\Shaiya P-Server\Lokale Einstellungen\Anwendungsdaten\vorbisenc.dll
[2006.10.26 01:06:48 | 000,019,456 | ---- | C] () -- C:\Dokumente und Einstellungen\Shaiya P-Server\Lokale Einstellungen\Anwendungsdaten\vorbisfile.dll
[2006.10.26 01:06:46 | 000,143,872 | ---- | C] () -- C:\Dokumente und Einstellungen\Shaiya P-Server\Lokale Einstellungen\Anwendungsdaten\vorbis.dll
[2006.10.26 01:06:36 | 000,015,872 | ---- | C] () -- C:\Dokumente und Einstellungen\Shaiya P-Server\Lokale Einstellungen\Anwendungsdaten\ogg.dll
[2006.07.13 06:36:36 | 001,167,360 | ---- | C] () -- C:\WINDOWS\System32\acAuth.dll
[2006.06.20 22:53:34 | 000,319,488 | ---- | C] () -- C:\WINDOWS\System32\AegisI5.exe
[2006.04.28 21:20:00 | 000,001,456 | ---- | C] () -- C:\Dokumente und Einstellungen\Shaiya P-Server\Lokale Einstellungen\Anwendungsdaten\Adobe Save for Web 12.0 Prefs
[2006.04.28 21:05:07 | 000,000,132 | ---- | C] () -- C:\Dokumente und Einstellungen\Shaiya P-Server\Anwendungsdaten\Adobe PNG Format CS5 Prefs
[2006.03.09 09:29:00 | 000,581,632 | ---- | C] () -- C:\WINDOWS\System32\nvhwvid.dll
[2006.03.09 09:29:00 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\nvnt4cpl.dll
[2005.08.23 22:34:06 | 000,029,184 | ---- | C] () -- C:\Dokumente und Einstellungen\Shaiya P-Server\Lokale Einstellungen\Anwendungsdaten\no23xwrapper.dll
[2004.08.04 02:12:38 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004.08.04 01:57:10 | 000,589,824 | ---- | C] () -- C:\WINDOWS\System32\jayk9goi.dll
[2004.08.02 15:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2003.02.20 17:53:42 | 000,005,702 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2001.08.23 15:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001.08.23 15:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001.08.18 14:00:00 | 000,804,854 | ---- | C] () -- C:\WINDOWS\System32\perfh007.dat
[2001.08.18 14:00:00 | 000,743,414 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001.08.18 14:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001.08.18 14:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001.08.18 14:00:00 | 000,269,480 | ---- | C] () -- C:\WINDOWS\System32\perfi007.dat
[2001.08.18 14:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001.08.18 14:00:00 | 000,211,602 | ---- | C] () -- C:\WINDOWS\System32\perfc007.dat
[2001.08.18 14:00:00 | 000,174,532 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001.08.18 14:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001.08.18 14:00:00 | 000,034,478 | ---- | C] () -- C:\WINDOWS\System32\perfd007.dat
[2001.08.18 14:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001.08.18 14:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2001.07.06 15:30:00 | 000,003,254 | ---- | C] () -- C:\WINDOWS\System32\HPTCPMON.INI
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2011.05.10 18:59:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\153C8
[2006.04.27 14:43:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\2836B
[2011.07.03 23:39:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\2EF2
[2011.01.30 10:33:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\BAB
[2011.01.21 21:21:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\BearShare
[2010.09.11 23:37:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Cadsoft
[2010.10.09 18:56:33 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Common Files
[2010.09.02 23:19:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\EA Core
[2011.02.21 16:57:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Ebner
[2010.09.02 23:16:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Electronic Arts
[2010.12.12 02:41:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\FreeHideIP
[2011.04.13 16:42:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\FreeRIP
[2011.07.08 14:26:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\FXhome
[2011.06.17 12:03:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Hi-Rez Studios
[2010.06.07 20:43:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ICQ
[2011.01.02 02:15:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\IObit
[2010.03.13 10:42:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Messenger Plus!
[2011.04.23 14:08:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MFAData
[2009.10.09 15:51:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MSScanAppDataDir
[2010.06.09 17:02:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MySQL
[2010.05.24 00:08:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Nexon
[2009.12.11 02:18:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NexonEU
[2009.12.11 00:54:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NexonUS
[2010.06.26 18:15:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PC Suite
[2011.06.04 19:08:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PMB Files
[2010.08.22 15:29:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\regid.1986-12.com.adobe
[2010.07.05 13:35:09 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Samsung
[2010.12.03 18:12:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP
[2011.04.06 14:35:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Tunngle
[2009.10.04 00:34:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\WinZip
[2011.05.22 13:10:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\www.rene-zeidler.de
[2011.01.21 21:24:27 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{009D914E-867A-4051-B4D7-CC7F62F4B162}
[2011.01.16 02:54:13 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{63261582-D922-45FB-9D2D-5E7C0D98D9DE}
[2011.05.10 15:00:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Shaiya P-Server\Anwendungsdaten\bearsharemediabartb
[2011.07.08 20:35:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Shaiya P-Server\Anwendungsdaten\com.adobe.downloadassistant.AdobeDownloadAssistant
[2006.04.28 11:37:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Shaiya P-Server\Anwendungsdaten\Garena
[2006.04.29 20:18:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Shaiya P-Server\Anwendungsdaten\GetRightToGo
[2006.04.30 20:46:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Shaiya P-Server\Anwendungsdaten\Hi-Rez Studios
[2011.05.21 18:16:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Shaiya P-Server\Anwendungsdaten\kikin
[2011.06.15 18:38:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Shaiya P-Server\Anwendungsdaten\Mael
[2011.06.17 00:05:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Shaiya P-Server\Anwendungsdaten\OpenOffice.org
[2011.05.10 14:53:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Shaiya P-Server\Anwendungsdaten\RCP 5
[2011.06.20 17:25:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Shaiya P-Server\Anwendungsdaten\RIFT
[2011.05.11 21:11:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Shaiya P-Server\Anwendungsdaten\TeamViewer
[2011.05.30 21:35:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Shaiya P-Server\Anwendungsdaten\Unity
[2011.07.08 19:04:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Shaiya P-Server\Anwendungsdaten\uTorrent
[2011.05.22 13:10:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Shaiya P-Server\Anwendungsdaten\www.rene-zeidler.de
[2011.07.18 17:41:33 | 000,000,240 | ---- | M] () -- C:\WINDOWS\Tasks\Game_Booster_Startup.job
 
[color=#E56717]========== Purity Check ==========[/color]
 
 

< End of report >

[BlackLegend™]

Quote:

Originally Posted by ×X×™

Jetzt ist *** an der Reihe!

Wenn du das oben durch hast ist es gut.
Sieht clear aus.

[InstantBlood]

Schöner Thread Blacki

[tim800]

 Spoiler

DANKE

VON OTL.exe sollte man ja hier posten ....

[tim800]

IS DES SCHLIMM ?

[.noname']

 Spoiler

OTL logfile created on: 18.07.2011 20:00:29 - Run 2
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\-\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

3,87 Gb Total Physical Memory | 2,40 Gb Available Physical Memory | 62,20% Memory free
7,73 Gb Paging File | 6,04 Gb Available in Paging File | 78,17% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 298,09 Gb Total Space | 168,84 Gb Free Space | 56,64% Space Free | Partition Type: NTFS

Computer Name: - | User Name: - | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011.07.18 19:28:13 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\-\Desktop\OTL.exe
PRC - [2011.07.12 15:03:59 | 000,075,064 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2011.07.08 13:31:40 | 000,499,742 | -H-- | M] ( ) -- C:\Users\-\AppData\Roaming\soundcard.exe
PRC - [2011.07.03 15:23:53 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.06.15 15:02:58 | 015,141,768 | R--- | M] (Skype Technologies S.A.) -- C:\Users\-\AppData\Local\Temp\Phone\Skype.exe
PRC - [2011.06.01 14:44:54 | 002,337,144 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
PRC - [2011.05.25 17:29:54 | 001,951,112 | ---- | M] (LogMeIn Inc.) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
PRC - [2011.03.29 15:33:08 | 000,598,312 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe
PRC - [2011.03.28 16:15:04 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2011.03.28 16:14:56 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2011.03.25 23:42:16 | 000,334,448 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWOW64\vmnetdhcp.exe
PRC - [2011.03.25 23:42:04 | 000,129,648 | ---- | M] (VMware, Inc.) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe
PRC - [2011.03.25 23:42:00 | 000,404,080 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWOW64\vmnat.exe
PRC - [2011.03.25 23:41:50 | 000,113,264 | ---- | M] (VMware, Inc.) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
PRC - [2011.03.25 22:27:40 | 000,539,248 | ---- | M] (VMware, Inc.) -- C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe
PRC - [2009.12.23 17:39:04 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2009.12.09 16:48:26 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2009.12.09 16:48:24 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2009.12.01 17:37:52 | 000,448,512 | R--- | M] () -- C:\Program Files (x86)\Mobile Broadband Drivers\WMCore\mini_WMCore.exe


========== Modules (SafeList) ==========

MOD - [2011.07.18 19:28:13 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\-\Desktop\OTL.exe
MOD - [2010.11.20 13:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6 975e2bd6f2b2\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011.06.30 11:46:44 | 000,036,160 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp)
SRV:64bit: - [2011.04.20 04:04:18 | 000,203,776 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2011.07.13 12:54:39 | 000,411,432 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011.07.12 15:03:59 | 000,075,064 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2011.07.06 19:06:24 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2011.07.03 15:23:53 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.06.30 12:09:57 | 003,435,096 | ---- | M] () [Auto | Running] -- c:\program files (x86)\common files\akamai\netsession_win_e477fed.dll -- (Akamai)
SRV - [2011.06.30 11:52:52 | 002,027,840 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)
SRV - [2011.06.30 11:46:40 | 000,029,504 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp)
SRV - [2011.06.06 18:36:00 | 004,005,936 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWow64\GameMon.des -- (npggsvc)
SRV - [2011.06.01 14:44:54 | 002,337,144 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2011.05.25 17:29:52 | 002,275,720 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2011.03.29 15:33:08 | 000,598,312 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2011.03.28 16:15:04 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011.03.25 23:42:16 | 000,334,448 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vmnetdhcp.exe -- (VMnetDHCP)
SRV - [2011.03.25 23:42:00 | 000,404,080 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vmnat.exe -- (VMware NAT Service)
SRV - [2011.03.25 23:41:50 | 000,113,264 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe -- (VMAuthdService)
SRV - [2011.03.25 22:27:40 | 000,539,248 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator.exe -- (VMUSBArbService)
SRV - [2010.08.19 13:57:14 | 000,191,024 | ---- | M] (VMware, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-ufad.exe -- (ufad-ws60)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\msco rsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.12.23 17:39:04 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R)
SRV - [2009.12.09 16:48:26 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2009.12.09 16:48:24 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2009.12.01 17:37:52 | 000,448,512 | R--- | M] () [Auto | Running] -- C:\Program Files (x86)\Mobile Broadband Drivers\WMCore\mini_WMCore.exe -- (WMCoreService)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\msco rsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011.07.14 00:40:41 | 000,294,232 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Treiber\VMM.sys -- (vmm)
DRV:64bit: - [2011.07.03 15:23:54 | 000,123,784 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2011.07.03 15:23:54 | 000,088,288 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2011.05.31 19:00:35 | 002,978,296 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2011.04.20 04:44:48 | 009,319,936 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011.04.20 03:22:32 | 000,306,176 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011.03.25 23:43:06 | 000,068,720 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmx86.sys -- (vmx86)
DRV:64bit: - [2011.03.25 23:43:04 | 000,081,008 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmci.sys -- (vmci)
DRV:64bit: - [2011.03.25 23:41:18 | 000,031,856 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VMkbd.sys -- (vmkbd)
DRV:64bit: - [2011.03.25 23:41:08 | 000,030,320 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetuserif.sys -- (VMnetuserif)
DRV:64bit: - [2011.03.25 22:27:36 | 000,038,512 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\hcmon.sys -- (hcmon)
DRV:64bit: - [2011.03.25 20:04:58 | 000,045,104 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetbridge.sys -- (VMnetBridge)
DRV:64bit: - [2011.03.25 20:04:58 | 000,020,016 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vmnetadapter.sys -- (VMnetAdapter)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2009.12.17 10:42:08 | 000,538,136 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009.12.11 16:25:06 | 000,232,992 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2009.12.10 19:25:10 | 000,301,104 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009.12.02 15:01:24 | 000,213,280 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:64bit: - [2009.10.16 03:32:24 | 000,321,064 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) Broadcom NetLink (TM)
DRV:64bit: - [2009.09.17 12:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel(R)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.03.18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2007.01.29 06:20:34 | 000,079,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VMNetSrv.sys -- (VPCNetS2)
DRV - [2010.08.19 13:56:38 | 000,032,816 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Program Files (x86)\VMware\VMware Workstation\vstor2-ws60.sys -- (vstor2-ws60)
DRV - [2005.01.02 05:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\npptNT2.sys -- (NPPTNT2)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 77 3B 64 9B B4 1F CC 01 [binary data]
IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.de/"
FF - prefs.js..keyword.URL: "http://www.questscan.com/?tmp=nemo_results_removelink&prt=QstscanPB&keyword s="

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@gamersfirst.com/LiveLauncher: C:\Program Files (x86)\GamersFirst\LIVE!\nplivelauncher.dll File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.com/NexonPlugWebExtension: C:\ProgramData\Nexon\NexonPlug\npPlugWire_1.0.0.0. dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@nexon.com/NxGame: C:\ProgramData\Nexon\NGM\npNxGame.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.9: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Nico\AppData\Local\Google\Update\1.3.21.5 7\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Nico\AppData\Local\Google\Update\1.3.21.5 7\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extens ions\\: C:\Program Files (x86)\ShopperReports3\bin\3.1.70.0\firefox\firefox toolbar\extensions [2009.11.23 17:28:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extens ions\\: C:\Program Files (x86)\HBLite\bin\11.0.384.0\firefox\extensions [2009.11.23 17:28:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components

[2011.05.31 19:19:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\-\AppData\Roaming\mozilla\Extensions
[2011.07.09 22:30:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\-\AppData\Roaming\mozilla\Firefox\Profiles\duacidp6 .default\extensions
[2011.06.20 18:07:58 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\-\AppData\Roaming\mozilla\Firefox\Profiles\duacidp6 .default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.06.22 19:07:12 | 000,001,975 | ---- | M] () -- C:\Users\-\AppData\Roaming\Mozilla\Firefox\Profiles\duacidp6 .default\searchplugins\dpgvideos-mainsearch.xml
[2011.06.20 10:45:18 | 000,000,168 | ---- | M] () -- C:\Users\-\AppData\Roaming\Mozilla\Firefox\Profiles\duacidp6 .default\searchplugins\icqplugin.gif
[2011.06.20 10:45:18 | 000,000,618 | ---- | M] () -- C:\Users\-\AppData\Roaming\Mozilla\Firefox\Profiles\duacidp6 .default\searchplugins\icqplugin.src
[2011.07.07 20:32:26 | 000,001,056 | ---- | M] () -- C:\Users\-\AppData\Roaming\Mozilla\Firefox\Profiles\duacidp6 .default\searchplugins\icqplugin.xml
File not found (No name found) --
[2009.11.23 17:28:23 | 000,000,000 | ---D | M] (Hotbar Component) -- C:\PROGRAM FILES (X86)\HBLITE\BIN\11.0.384.0\FIREFOX\EXTENSIONS
File not found (No name found) -- C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\EXTENSIONS\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
File not found (No name found) -- C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}
File not found (No name found) -- C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
File not found (No name found) -- C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\EXTENSIONS\{F0E1168A-B4B5-484C-B77E-0D28E6B64096}
[2009.11.23 17:28:14 | 000,000,000 | ---D | M] (ShopperReports) -- C:\PROGRAM FILES (X86)\SHOPPERREPORTS3\BIN\3.1.70.0\FIREFOX\FIREFOX TOOLBAR\EXTENSIONS
File not found (No name found) -- C:\USERS\-\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DUACIDP6 .DEFAULT\EXTENSIONS\{ACAA314B-EEBA-48E4-AD47-84E31C44796C}
() (No name found) -- C:\USERS\-\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DUACIDP6 .DEFAULT\EXTENSIONS\{C36177C0-224A-11DA-8CD6-0800200C9A91}.XPI
() (No name found) -- C:\USERS\-\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DUACIDP6 .DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI

O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - File not found
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.e xe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.ex e (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe ()
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [vmware-tray] C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe (VMware, Inc.)
O4 - HKCU..\Run: [AdobeBridge] File not found
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - HKCU..\Run: [WinDefender] C:\Users\Nico\AppData\Roaming\soundcard.exe ( )
O4 - HKCU..\Run: [winupdate002] C:\Windupdt\winupdate.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files (x86)\VMware\VMware Workstation\vsocklib.dll (VMware, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files (x86)\VMware\VMware Workstation\vsocklib.dll (VMware, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files (x86)\VMware\VMware Workstation\vsocklib.dll (VMware, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files (x86)\VMware\VMware Workstation\vsocklib.dll (VMware, Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object)
O18:64bit: - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.e xe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{e60b64b2-9be1-11e0-aba0-705ab6cfb649}\Shell - "" = AutoRun
O33 - MountPoints2\{e60b64b2-9be1-11e0-aba0-705ab6cfb649}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011.07.18 19:34:27 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Users\Nico\Desktop\OTL.exe
[2011.07.17 23:22:20 | 000,000,000 | ---D | C] -- C:\Users\Nico\Desktop\quest
[2011.07.16 21:41:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\alaplaya
[2011.07.16 13:41:05 | 000,000,000 | ---D | C] -- C:\FR
[2011.07.15 23:47:39 | 000,000,000 | ---D | C] -- C:\xampp
[2011.07.15 03:02:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSXML 4.0
[2011.07.14 14:52:31 | 000,000,000 | ---D | C] -- C:\Users\Nico\Documents\Virtual Machines
[2011.07.14 14:40:36 | 000,081,008 | ---- | C] (VMware, Inc.) -- C:\Windows\SysNative\drivers\vmci.sys
[2011.07.14 14:40:35 | 000,068,720 | ---- | C] (VMware, Inc.) -- C:\Windows\SysNative\drivers\vmx86.sys
[2011.07.14 14:40:10 | 000,334,448 | ---- | C] (VMware, Inc.) -- C:\Windows\SysWow64\vmnetdhcp.exe
[2011.07.14 14:40:06 | 000,404,080 | ---- | C] (VMware, Inc.) -- C:\Windows\SysWow64\vmnat.exe
[2011.07.14 14:40:06 | 000,030,320 | ---- | C] (VMware, Inc.) -- C:\Windows\SysNative\drivers\vmnetuserif.sys
[2011.07.14 14:40:04 | 000,968,816 | ---- | C] (VMware, Inc.) -- C:\Windows\SysNative\vnetlib64.dll
[2011.07.14 14:39:07 | 000,031,856 | ---- | C] (VMware, Inc.) -- C:\Windows\SysNative\drivers\VMkbd.sys
[2011.07.14 14:39:06 | 000,038,512 | ---- | C] (VMware, Inc.) -- C:\Windows\SysNative\drivers\hcmon.sys
[2011.07.14 14:38:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\VMware
[2011.07.14 14:38:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VMware
[2011.07.13 22:23:16 | 001,162,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2011.07.13 22:23:16 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2011.07.13 22:23:16 | 000,338,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2011.07.13 22:23:16 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2011.07.13 22:23:16 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2011.07.13 22:23:16 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2011.07.13 22:23:16 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2011.07.13 22:23:16 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2011.07.13 22:23:16 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2011.07.13 22:23:16 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2011.07.13 22:23:16 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2011.07.13 22:23:16 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2011.07.13 22:22:56 | 000,421,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2011.07.13 22:22:56 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.13 22:22:56 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.13 22:22:55 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2011.07.13 22:22:55 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2011.07.13 22:22:55 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2011.07.13 22:22:55 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2011.07.13 22:22:55 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2011.07.13 22:22:55 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2011.07.13 22:22:55 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2011.07.13 22:22:55 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2011.07.13 22:22:55 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2011.07.13 22:22:55 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2011.07.13 22:22:55 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2011.07.13 22:22:55 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2011.07.13 22:22:55 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2011.07.13 22:22:55 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2011.07.13 22:22:55 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2011.07.13 22:22:55 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2011.07.13 22:22:55 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2011.07.13 22:22:55 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2011.07.13 22:22:55 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2011.07.13 22:22:55 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2011.07.13 22:22:55 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2011.07.13 22:22:55 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2011.07.13 22:22:55 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2011.07.13 22:22:55 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2011.07.13 22:22:55 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2011.07.13 22:22:55 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2011.07.13 22:22:55 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2011.07.13 22:22:55 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2011.07.13 22:22:55 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2011.07.13 22:22:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2011.07.13 22:22:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2011.07.13 22:22:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2011.07.13 22:22:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2011.07.13 22:22:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2011.07.13 22:22:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2011.07.13 22:22:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2011.07.13 22:22:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2011.07.13 22:22:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2011.07.13 22:22:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2011.07.13 22:22:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2011.07.13 22:22:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2011.07.13 22:22:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2011.07.13 22:22:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2011.07.13 22:22:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2011.07.13 22:22:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2011.07.13 22:22:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2011.07.13 22:22:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2011.07.13 22:22:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2011.07.13 22:22:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2011.07.13 22:22:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2011.07.13 22:22:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2011.07.13 22:22:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2011.07.13 22:22:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2011.07.13 22:22:55 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2011.07.13 22:22:50 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
[2011.07.13 22:22:50 | 000,007,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys
[2011.07.13 22:22:45 | 002,565,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\esent.dll
[2011.07.13 22:22:44 | 001,699,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\esent.dll
[2011.07.13 22:22:44 | 000,189,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys
[2011.07.13 22:22:44 | 000,107,904 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys
[2011.07.13 22:22:44 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fsutil.exe
[2011.07.13 22:22:44 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fsutil.exe
[2011.07.13 22:22:44 | 000,027,008 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys
[2011.07.12 18:15:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2011.07.12 18:15:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi
[2011.07.12 18:07:51 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Treiber
[2011.07.12 18:07:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Virtual PC
[2011.07.12 15:04:33 | 000,000,000 | ---D | C] -- C:\Users\Nico\AppData\Local\PunkBuster
[2011.07.12 15:04:31 | 000,000,000 | ---D | C] -- C:\Users\Nico\Documents\BFBC2
[2011.07.11 01:01:03 | 004,005,936 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\SysWow64\GameMon.des
[2011.07.11 01:00:52 | 000,004,682 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\SysWow64\npptNT2.sys
[2011.07.11 01:00:38 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\INCA Shared
[2011.07.09 23:13:52 | 000,000,000 | ---D | C] -- C:\Users\Nico\Desktop\Programme
[2011.07.09 22:36:27 | 000,000,000 | ---D | C] -- C:\Users\Nico\Desktop\Downloads
[2011.07.08 20:30:50 | 000,000,000 | ---D | C] -- C:\Nexon
[2011.07.07 22:37:57 | 000,000,000 | ---D | C] -- C:\Users\Nico\AppData\Roaming\Microsoft\Windows\St art Menu\Programs\Google Chrome
[2011.07.07 22:27:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexon
[2011.07.07 22:27:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Nexon
[2011.07.02 23:30:05 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Wat
[2011.07.02 22:13:05 | 000,000,000 | ---D | C] -- C:\Users\Nico\AppData\Local\VMware
[2011.07.02 22:13:04 | 000,000,000 | ---D | C] -- C:\Users\Nico\AppData\Roaming\VMware
[2011.07.02 21:45:33 | 000,000,000 | ---D | C] -- C:\ProgramData\VMware
[2011.07.02 10:06:22 | 000,000,000 | ---D | C] -- C:\Users\Nico\AppData\Roaming\StageManager.BD09281 8F67280F4B42B04877600987F0111B594.1
[2011.07.02 10:06:22 | 000,000,000 | ---D | C] -- C:\Users\Nico\AppData\Roaming\Adobe Mini Bridge CS5
[2011.07.01 22:52:48 | 000,034,624 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\TURegOpt.exe
[2011.07.01 22:52:47 | 000,036,160 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\uxtuneup.dll
[2011.07.01 22:52:47 | 000,029,504 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\uxtuneup.dll
[2011.07.01 22:52:47 | 000,025,920 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\authuitu.dll
[2011.07.01 22:52:47 | 000,021,312 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\authuitu.dll
[2011.07.01 22:52:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2011
[2011.07.01 22:52:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TuneUp Utilities 2011
[2011.07.01 22:51:00 | 000,000,000 | -HSD | C] -- C:\ProgramData\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
[2011.06.30 10:27:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2011.06.29 19:46:26 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\drvinst.exe
[2011.06.29 19:46:26 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\devrtl.dll
[2011.06.29 19:46:25 | 002,315,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tquery.dll
[2011.06.29 19:46:25 | 002,223,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssrch.dll
[2011.06.29 19:46:23 | 001,549,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tquery.dll
[2011.06.29 19:46:23 | 001,401,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssrch.dll
[2011.06.29 19:46:23 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchProtocolHost.exe
[2011.06.29 19:46:22 | 000,778,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssvp.dll
[2011.06.29 19:46:22 | 000,491,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssph.dll
[2011.06.29 19:46:22 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssph.dll
[2011.06.29 19:46:22 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mssphtb.dll
[2011.06.29 19:46:22 | 000,113,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SearchFilterHost.exe
[2011.06.29 19:46:21 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssvp.dll
[2011.06.29 19:46:21 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mssphtb.dll
[2011.06.29 19:46:21 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msscntrs.dll
[2011.06.29 19:46:21 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msscntrs.dll
[2011.06.28 20:52:12 | 000,000,000 | ---D | C] -- C:\Users\Nico\AppData\Local\LogMeIn Hamachi
[2011.06.28 20:36:43 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe
[2011.06.28 20:34:59 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2011.06.28 20:31:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2011.06.28 20:31:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe Media Player
[2011.06.28 20:31:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
[2011.06.28 20:28:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2011.06.28 18:58:52 | 000,000,000 | ---D | C] -- C:\Users\Nico\AppData\Roaming\Microsoft\Windows\St art Menu\Programs\German Truck Simulator
[2011.06.28 18:58:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\German Truck Simulator
[2011.06.26 18:31:45 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\QuickTime
[2011.06.26 18:31:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Camtasia Studio 7
[2011.06.26 18:31:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2011.06.26 18:31:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\TechSmith Shared
[2011.06.26 18:29:16 | 000,000,000 | ---D | C] -- C:\Users\Nico\AppData\Roaming\TuneUp Software
[2011.06.26 18:28:36 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software
[2011.06.26 18:28:33 | 000,000,000 | -HSD | C] -- C:\ProgramData\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
[2011.06.25 19:23:35 | 000,000,000 | ---D | C] -- C:\Windupdt
[2011.06.21 13:47:45 | 000,000,000 | ---D | C] -- C:\Users\Nico\AppData\Roaming\Microsoft\Windows\St art Menu\Programs\Notepad++
[2011.06.21 13:47:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
[2011.06.19 19:57:25 | 000,000,000 | ---D | C] -- C:\Users\Nico\AppData\Roaming\com.adobe.downloadas sistant.AdobeDownloadAssistant
[2011.06.19 19:57:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2011.06.19 19:57:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe Download Assistant
[2011.06.19 19:57:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2011.06.19 19:57:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR
[2011.06.19 19:56:21 | 000,000,000 | ---D | C] -- C:\Users\Nico\AppData\Local\Adobe
[2011.06.19 18:12:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\alaplaya
[2011.06.19 17:50:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Akamai
[2011.06.18 22:37:07 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Adobe
[2011.06.01 23:32:20 | 000,499,742 | -H-- | C] ( ) -- C:\Users\Nico\AppData\Roaming\soundcard.exe

========== Files - Modified Within 30 Days ==========

[2011.07.18 20:01:26 | 000,677,663 | ---- | M] () -- C:\Users\Nico\AppData\Roaming\frame
[2011.07.18 19:42:14 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2555676429-2080047472-3628287990-1000UA.job
[2011.07.18 19:28:13 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Nico\Desktop\OTL.exe
[2011.07.18 19:22:52 | 000,001,829 | ---- | M] () -- C:\Users\Nico\Desktop\kill_lv85.quest
[2011.07.18 19:22:52 | 000,001,817 | ---- | M] () -- C:\Users\Nico\Desktop\kill_lv95.quest
[2011.07.18 19:22:52 | 000,001,757 | ---- | M] () -- C:\Users\Nico\Desktop\kill_lv75.quest
[2011.07.18 19:11:23 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.07.18 19:11:18 | 3113,308,160 | -HS- | M] () -- C:\hiberfil.sys
[2011.07.18 12:14:25 | 004,986,616 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011.07.17 22:42:00 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2555676429-2080047472-3628287990-1000Core.job
[2011.07.17 21:40:08 | 000,000,132 | ---- | M] () -- C:\Users\Nico\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2011.07.17 19:34:36 | 000,001,697 | ---- | M] () -- C:\WarRock.ini
[2011.07.17 15:40:30 | 001,621,618 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.07.17 15:40:30 | 000,701,506 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011.07.17 15:40:30 | 000,655,782 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.07.17 15:40:30 | 000,150,336 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011.07.17 15:40:30 | 000,123,240 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.07.15 19:28:46 | 000,000,600 | ---- | M] () -- C:\Users\Nico\AppData\Local\PUTTY.RND
[2011.07.15 13:49:51 | 000,215,128 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2011.07.15 13:49:51 | 000,215,128 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011.07.15 00:59:47 | 000,003,072 | -H-- | M] () -- C:\Users\Nico\Desktop\photothumb.db
[2011.07.14 14:39:02 | 000,001,024 | ---- | M] () -- C:\.rnd
[2011.07.14 14:38:56 | 001,646,458 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.07.14 00:43:30 | 000,008,677 | ---- | M] () -- C:\Windows\SysNative\MRT.INI
[2011.07.12 19:49:34 | 814,041,040 | ---- | M] () -- C:\Program Files (x86)\War_Rock_20110307_G1.exe
[2011.07.12 18:32:06 | 000,001,170 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GamersFirst LIVE!.lnk
[2011.07.12 15:03:59 | 002,434,856 | ---- | M] () -- C:\Windows\SysWow64\pbsvc_bc2.exe
[2011.07.12 15:03:59 | 000,075,064 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011.07.12 14:21:29 | 000,014,784 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.07.12 14:21:29 | 000,014,784 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.07.11 09:23:06 | 000,003,584 | ---- | M] () -- C:\Users\Nico\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.07.09 22:41:40 | 000,111,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\dxsdkuninst.exe
[2011.07.09 22:29:54 | 000,000,040 | ---- | M] () -- C:\Users\Public\Documents\_rgpl
[2011.07.09 11:11:29 | 000,006,144 | ---- | M] () -- C:\ProgramData\syshost.exe
[2011.07.08 13:31:40 | 000,499,742 | -H-- | M] ( ) -- C:\Users\Nico\AppData\Roaming\soundcard.exe
[2011.07.03 15:23:54 | 000,123,784 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys
[2011.07.03 15:23:54 | 000,088,288 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2011.07.02 23:30:06 | 000,419,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\systemcpl.dll
[2011.07.02 23:30:06 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\slwga.dll
[2011.07.02 23:30:06 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\slwga.dll
[2011.07.02 23:30:05 | 001,008,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\user32.dll
[2011.06.30 11:53:56 | 000,034,624 | ---- | M] (TuneUp Software) -- C:\Windows\SysNative\TURegOpt.exe
[2011.06.30 11:46:50 | 000,025,920 | ---- | M] (TuneUp Software) -- C:\Windows\SysNative\authuitu.dll
[2011.06.30 11:46:46 | 000,021,312 | ---- | M] (TuneUp Software) -- C:\Windows\SysWow64\authuitu.dll
[2011.06.30 11:46:44 | 000,036,160 | ---- | M] (TuneUp Software) -- C:\Windows\SysNative\uxtuneup.dll
[2011.06.30 11:46:40 | 000,029,504 | ---- | M] (TuneUp Software) -- C:\Windows\SysWow64\uxtuneup.dll
[2011.06.24 23:04:32 | 000,014,848 | ---- | M] () -- C:\Windows\csrss.exe
[2011.06.24 13:55:29 | 000,016,384 | ---- | M] () -- C:\Users\Nico\AppData\Roaming\winini.exe
[2011.06.19 19:20:42 | 000,016,384 | ---- | M] () -- C:\Users\Nico\AppData\Roaming\alertsys.exe

========== Files Created - No Company Name ==========

[2011.07.18 19:22:50 | 000,001,829 | ---- | C] () -- C:\Users\Nico\Desktop\kill_lv85.quest
[2011.07.18 19:22:50 | 000,001,817 | ---- | C] () -- C:\Users\Nico\Desktop\kill_lv95.quest
[2011.07.18 19:22:50 | 000,001,757 | ---- | C] () -- C:\Users\Nico\Desktop\kill_lv75.quest
[2011.07.14 00:43:30 | 000,008,677 | ---- | C] () -- C:\Windows\SysNative\MRT.INI
[2011.07.12 18:39:08 | 814,041,040 | ---- | C] () -- C:\Program Files (x86)\War_Rock_20110307_G1.exe
[2011.07.12 18:07:52 | 000,001,883 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Virtual PC.lnk
[2011.07.12 15:04:36 | 000,215,128 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2011.07.12 15:03:59 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe
[2011.07.12 15:03:59 | 000,215,128 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011.07.12 15:03:59 | 000,075,064 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011.07.11 01:00:51 | 000,005,174 | ---- | C] () -- C:\Windows\SysWow64\nppt9x.vxd
[2011.07.09 22:29:54 | 000,000,040 | ---- | C] () -- C:\Users\Public\Documents\_rgpl
[2011.07.08 20:02:11 | 000,001,697 | ---- | C] () -- C:\WarRock.ini
[2011.07.07 22:37:10 | 000,001,116 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2555676429-2080047472-3628287990-1000UA.job
[2011.07.07 22:37:09 | 000,001,064 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2555676429-2080047472-3628287990-1000Core.job
[2011.07.07 10:23:51 | 000,000,132 | ---- | C] () -- C:\Users\Nico\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2011.07.02 21:46:52 | 000,001,024 | ---- | C] () -- C:\.rnd
[2011.07.01 22:52:46 | 000,002,211 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2011.lnk
[2011.06.29 13:20:22 | 000,003,072 | -H-- | C] () -- C:\Users\Nico\Desktop\photothumb.db
[2011.06.28 20:35:07 | 000,001,081 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS5 (64 Bit).lnk
[2011.06.28 20:34:20 | 000,001,217 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS5.lnk
[2011.06.28 20:31:42 | 000,001,179 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS5.lnk
[2011.06.28 20:31:27 | 000,001,272 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Device Central CS5.lnk
[2011.06.28 20:30:19 | 000,001,363 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS5.lnk
[2011.06.28 20:30:10 | 000,001,529 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS5.lnk
[2011.06.28 20:29:50 | 000,001,003 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk
[2011.06.26 16:31:00 | 000,001,306 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paint.NET.lnk
[2011.06.24 23:04:31 | 000,014,848 | ---- | C] () -- C:\Windows\csrss.exe
[2011.06.23 21:46:32 | 000,677,534 | ---- | C] () -- C:\Users\Nico\AppData\Roaming\frame
[2011.06.23 14:12:58 | 000,001,184 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 6.lnk
[2011.06.19 19:57:23 | 000,001,049 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Download Assistant.lnk
[2011.06.19 19:20:42 | 000,016,384 | ---- | C] () -- C:\Users\Nico\AppData\Roaming\alertsys.exe
[2011.06.19 18:09:32 | 000,006,144 | ---- | C] () -- C:\ProgramData\syshost.exe
[2011.06.16 21:45:38 | 000,601,091 | ---- | C] () -- C:\Users\Nico\AppData\Local\Tempok.png
[2011.06.12 22:12:51 | 001,646,458 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.06.06 21:00:36 | 000,003,584 | ---- | C] () -- C:\Users\Nico\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.06.03 22:34:17 | 000,016,384 | ---- | C] () -- C:\Users\Nico\AppData\Roaming\winini.exe
[2011.06.03 18:11:52 | 000,000,600 | ---- | C] () -- C:\Users\Nico\AppData\Local\PUTTY.RND
[2011.06.03 00:30:51 | 001,589,248 | ---- | C] () -- C:\Windows\SysWow64\libmysql_d.dll
[2011.06.01 16:15:54 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011.05.31 20:44:48 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2011.05.31 19:11:23 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011.04.19 22:10:32 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011.03.17 19:51:44 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2009.07.14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

< End of report >

[sk1ler1]

Warum macht alles so was !!!
Ich dachte der ist ein guter Coder .
ehmm.. er hat auch gute Leistung gezeigt.
Warum schikt der dann viren voll unlogisch warum Aless
das macht ... . Na ja danke an euch und blacklegend für die warnung.
_____________________________________
pls press thanksbuttun,dauert 1 sekunde !!