|
Plagegeister aller Art und deren Bekämpfung: eigenartike e-mail von meine konto verschicktWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
22.06.2012, 10:56 | #1 |
| eigenartike e-mail von meine konto verschickt Hallo mal wieder. ich brauche sehr schnell dringend hilfe. von meine e-mail konto werden e-mails mit englischen text und eigenartiken link, an mehrere empfänger verschickt die bei mir gescheichert sind. meine rechtsanwaltskanzlei machte mich darauf aufmerksam da die auch so ne e-mail von meinen konto erhalten haben. jetzt gerade schaute ich rein und da war wieder so ne mail, die aber irgendwie mit verzögerung verschickt wird. so was hier steht da drin: Thxxp://aguamarinabeachresort.com/httpuptserb1-1.php?profiles=406 Learn h0w t0 turn successful at h0me ___ Thats the whole yarn--whats yourn?Well, Id ben a-running a little temperance revival thar bout a week,and was the pet of the women folks, big and little, for I was makin itmighty warm for the rummies, I TELL you, and takin as much as five orsix dollars a night--ten cents a head, children and niggers free--andbusiness a-growin all the time, when somehow or another a little reportgot around last night that I had a way of puttin in my time with aprivate jug on the sly. eldred wiellaford Thu, 21 Jun 2012 22:41:44 bitte helft mir. lg caro |
25.06.2012, 15:22 | #2 | |
/// Winkelfunktion /// TB-Süch-Tiger™ | eigenartike e-mail von meine konto verschicktZitat:
Und nimm kein schwaches Passwort! Das neue Passwort sollte min. 10 Zeichen haben bestehend aus kleinen & großen Buchstaben, Zahlen um am besten noch ein Sonderzeichen wie @ oder % oder % oder irgendwas anderes was werder eine Zahl noch ein Buchstabe ist!
__________________ |
25.06.2012, 19:06 | #3 |
| eigenartike e-mail von meine konto verschickt OTL Logfile:
__________________[CODE]OTL logfile created on: 25.06.2012 19:58:24 - Run 1 OTL by OldTimer - Version 3.2.53.0 Folder = C:\Users\samohT\Downloads Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7601.17514) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,00 Gb Total Physical Memory | 1,32 Gb Available Physical Memory | 66,06% Memory free 4,00 Gb Paging File | 2,92 Gb Available in Paging File | 72,96% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 195,21 Gb Total Space | 135,11 Gb Free Space | 69,21% Space Free | Partition Type: NTFS Drive D: | 270,45 Gb Total Space | 201,47 Gb Free Space | 74,50% Space Free | Partition Type: NTFS Drive E: | 7,03 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Drive F: | 12,04 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Drive H: | 3,71 Gb Total Space | 1,71 Gb Free Space | 46,13% Space Free | Partition Type: FAT32 Computer Name: SAMOHT-PC | User Name: samohT | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.06.25 19:52:07 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\samohT\Downloads\OTL.exe PRC - [2012.06.17 22:52:05 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe PRC - [2012.06.13 17:37:04 | 001,088,904 | ---- | M] (Spigot, Inc.) -- C:\Programme\Common Files\Spigot\Search Settings\SearchSettings.exe PRC - [2012.06.13 17:27:26 | 000,792,512 | ---- | M] (Spigot, Inc.) -- C:\Programme\Application Updater\ApplicationUpdater.exe PRC - [2012.04.25 19:53:38 | 000,202,296 | ---- | M] (Kaspersky Lab ZAO) -- C:\Programme\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe PRC - [2012.03.13 14:33:02 | 003,196,016 | ---- | M] (Babylon Ltd.) -- C:\Programme\Babylon\Babylon-Pro\Babylon.exe PRC - [2012.03.07 01:15:17 | 004,241,512 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastUI.exe PRC - [2012.03.07 01:15:14 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe PRC - [2012.01.26 16:08:56 | 003,665,752 | ---- | M] () -- D:\Tobit Radio.fx\Server\rfx-server.exe PRC - [2012.01.18 11:44:32 | 002,057,048 | ---- | M] (Tobit.Software) -- D:\Tobit Radio.fx\Client\rfx-tray.exe PRC - [2011.06.06 13:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2011.05.13 17:03:34 | 004,283,256 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Live\Messenger\msnmsgr.exe PRC - [2011.03.28 21:31:16 | 000,193,920 | ---- | M] (Microsoft Corp.) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE PRC - [2011.03.28 21:31:14 | 001,713,536 | ---- | M] (Microsoft Corp.) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE PRC - [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe PRC - [2010.11.20 14:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe PRC - [2010.11.20 14:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe PRC - [2009.08.18 02:36:36 | 000,348,160 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe PRC - [2009.08.18 02:36:08 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe PRC - [2008.02.25 20:28:50 | 000,110,592 | ---- | M] () -- C:\Programme\UMTS USB Modem Manager\UMTS USB Modem Manager.exe ========== Modules (No Company Name) ========== MOD - [2012.06.17 22:52:05 | 002,042,848 | ---- | M] () -- C:\Programme\Mozilla Firefox\mozjs.dll MOD - [2012.04.25 19:52:28 | 001,270,160 | ---- | M] () -- C:\Programme\Kaspersky Lab\Kaspersky Security Scan 2.0\qtscript4.dll MOD - [2012.04.25 19:52:26 | 007,422,352 | ---- | M] () -- C:\Programme\Kaspersky Lab\Kaspersky Security Scan 2.0\qtgui4.dll MOD - [2012.04.25 19:52:24 | 000,795,024 | ---- | M] () -- C:\Programme\Kaspersky Lab\Kaspersky Security Scan 2.0\qtnetwork4.dll MOD - [2012.04.25 19:52:24 | 000,192,912 | ---- | M] () -- C:\Programme\Kaspersky Lab\Kaspersky Security Scan 2.0\qtsql4.dll MOD - [2012.04.25 19:52:22 | 002,453,904 | ---- | M] () -- C:\Programme\Kaspersky Lab\Kaspersky Security Scan 2.0\qtdeclarative4.dll MOD - [2012.04.25 19:52:22 | 002,126,224 | ---- | M] () -- C:\Programme\Kaspersky Lab\Kaspersky Security Scan 2.0\qtcore4.dll MOD - [2012.03.02 09:31:38 | 008,527,008 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32.dll MOD - [2012.01.26 13:39:32 | 009,560,576 | ---- | M] () -- D:\Tobit Radio.fx\Client\tobitclt.dll MOD - [2012.01.26 12:13:36 | 000,215,552 | ---- | M] () -- D:\Tobit Radio.fx\Client\rfx-client$.ger MOD - [2008.02.25 20:28:50 | 000,110,592 | ---- | M] () -- C:\Programme\UMTS USB Modem Manager\UMTS USB Modem Manager.exe MOD - [2008.02.25 20:27:54 | 000,135,168 | ---- | M] () -- C:\Programme\UMTS USB Modem Manager\LocaleMgrPlugin.dll MOD - [2008.02.25 20:27:22 | 000,151,552 | ---- | M] () -- C:\Programme\UMTS USB Modem Manager\SMSPlugin.dll MOD - [2008.02.25 20:26:38 | 000,032,768 | ---- | M] () -- C:\Programme\UMTS USB Modem Manager\NotifyServicePlugin.dll MOD - [2008.02.25 20:24:58 | 000,057,344 | ---- | M] () -- C:\Programme\UMTS USB Modem Manager\ConfigFilePlugin.dll MOD - [2008.02.25 20:24:02 | 000,098,304 | ---- | M] () -- C:\Programme\UMTS USB Modem Manager\DeviceMgrPlugin.dll MOD - [2008.02.25 20:22:22 | 000,098,304 | ---- | M] () -- C:\Programme\UMTS USB Modem Manager\NetInfoPlugin.dll MOD - [2008.02.25 20:22:08 | 000,065,536 | ---- | M] () -- C:\Programme\UMTS USB Modem Manager\CallPlugin.dll MOD - [2008.02.25 20:20:40 | 000,086,016 | ---- | M] () -- C:\Programme\UMTS USB Modem Manager\DialUpPlugin.dll MOD - [2008.02.25 20:19:42 | 000,155,648 | ---- | M] () -- C:\Programme\UMTS USB Modem Manager\DeviceMgrUIPlugin.dll MOD - [2008.02.25 20:15:12 | 000,651,264 | ---- | M] () -- C:\Programme\UMTS USB Modem Manager\NDISAPI.dll MOD - [2008.01.25 11:41:36 | 000,139,264 | R--- | M] () -- C:\Programme\UMTS USB Modem Manager\DetectDev.dll MOD - [2008.01.25 11:41:28 | 000,491,520 | R--- | M] () -- C:\Programme\UMTS USB Modem Manager\atcomm.dll MOD - [2008.01.17 11:57:46 | 000,045,056 | R--- | M] () -- C:\Programme\UMTS USB Modem Manager\DeviceOperate.dll MOD - [2008.01.17 11:57:24 | 000,041,472 | R--- | M] () -- C:\Programme\UMTS USB Modem Manager\XCodec.dll MOD - [2007.08.23 16:39:30 | 000,014,848 | R--- | M] () -- C:\Programme\UMTS USB Modem Manager\isaputrace.dll MOD - [2007.07.31 15:50:04 | 000,090,112 | R--- | M] () -- C:\Programme\UMTS USB Modem Manager\FileManager.dll ========== Win32 Services (SafeList) ========== SRV - [2012.06.17 22:52:05 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2012.06.13 17:27:26 | 000,792,512 | ---- | M] (Spigot, Inc.) [Auto | Running] -- C:\Programme\Application Updater\ApplicationUpdater.exe -- (Application Updater) SRV - [2012.04.25 19:53:38 | 000,202,296 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Programme\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe -- (KSS) SRV - [2012.03.07 01:15:14 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Programme\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus) SRV - [2012.01.26 16:08:56 | 003,665,752 | ---- | M] () [Auto | Running] -- D:\Tobit Radio.fx\Server\rfx-server.exe -- (Radio.fx) SRV - [2011.06.06 13:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2011.05.13 16:27:02 | 001,492,840 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Live\Family Safety\fsssvc.exe -- (fsssvc) SRV - [2011.03.28 21:31:14 | 001,713,536 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE -- (wlidsvc) SRV - [2010.11.20 14:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc) SRV - [2010.09.22 17:33:04 | 000,051,040 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc) SRV - [2009.08.18 02:36:08 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility) SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc) SRV - [2009.07.14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc) SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend) ========== Driver Services (SafeList) ========== DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU) DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub) DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc) DRV - [2012.03.07 01:03:51 | 000,612,184 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx) DRV - [2012.03.07 01:03:38 | 000,337,880 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP) DRV - [2012.03.07 01:02:14 | 000,044,376 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr) DRV - [2012.03.07 01:01:53 | 000,053,848 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi) DRV - [2012.03.07 01:01:48 | 000,057,688 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt) DRV - [2012.03.07 01:01:30 | 000,020,696 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk) DRV - [2010.11.20 14:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus) DRV - [2010.11.20 14:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt) DRV - [2010.11.20 14:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc) DRV - [2010.11.20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV - [2010.11.20 12:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport) DRV - [2010.11.20 11:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID) DRV - [2010.11.20 11:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap) DRV - [2009.08.18 03:48:06 | 004,994,560 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag) DRV - [2009.07.14 01:45:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\serial.sys -- (Serial) DRV - [2007.08.24 19:44:54 | 000,101,504 | R--- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Babylon Search IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN Deutschland: Hotmail, Skype Download und Messenger sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0B 46 14 A0 56 D0 CC 01 [binary data] IE - HKCU\..\URLSearchHook: {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Programme\YouTube Downloader Toolbar\IE\5.9\youtubedownloaderToolbarIE.dll (Spigot, Inc.) IE - HKCU\..\SearchScopes,DefaultScope = {C02C082C-0EB5-4AE8-99BC-D8E5F5350D76} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\..\SearchScopes\{605A40EC-2C68-41AF-A9D9-82E8C6E4F83F}: "URL" = hxxp://www.google.de/search?q={searchTerms} IE - HKCU\..\SearchScopes\{C02C082C-0EB5-4AE8-99BC-D8E5F5350D76}: "URL" = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Yahoo" FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=937811&ilc=12" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.startup.homepage: "hxxp://search.babylon.com/home?affID=108511" FF - prefs.js..keyword.URL: "hxxp://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=937811&p=" FF - prefs.js..network.proxy.type: 0 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll () FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012.05.16 08:55:38 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.06.17 22:52:06 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.07.14 11:14:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\samohT\AppData\Roaming\mozilla\Extensions [2012.06.19 13:11:38 | 000,000,000 | ---D | M] (IMinent Toolbar) -- C:\Users\samohT\AppData\Roaming\mozilla\Firefox\Profiles\xxxww8ca.default\extensions [2011.07.04 16:53:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\samohT\AppData\Roaming\mozilla\Firefox\Profiles\xxxww8ca.default\extensions\chrome [2011.07.04 16:53:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\samohT\AppData\Roaming\mozilla\Firefox\Profiles\xxxww8ca.default\extensions\components [2012.01.19 19:46:35 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2011.12.17 23:21:52 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions\webbooster@iminent.com [2012.05.16 08:55:38 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF [2012.06.19 13:11:38 | 000,000,000 | ---D | M] (Widgi Toolbar Platform) -- C:\PROGRAM FILES\COMMON FILES\SPIGOT\WTXPCOM [2012.06.19 13:11:38 | 000,000,000 | ---D | M] (YouTube Downloader Toolbar) -- C:\PROGRAM FILES\YOUTUBE DOWNLOADER TOOLBAR\FF [2012.06.17 22:52:05 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2012.03.21 11:36:33 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.03.21 11:36:33 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2012.03.21 11:36:33 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml [2012.03.21 11:36:33 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml [2012.03.21 11:36:33 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml [2012.03.21 11:36:33 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2 - BHO: (Babylon IE plugin) - {9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} - C:\Programme\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (Babylon Ltd.) O2 - BHO: (Windows Live Messenger Companion Helper) - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Programme\Windows Live\Companion\companioncore.dll (Microsoft Corporation) O2 - BHO: (YouTube Downloader Toolbar) - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Programme\YouTube Downloader Toolbar\IE\5.9\youtubedownloaderToolbarIE.dll (Spigot, Inc.) O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3 - HKLM\..\Toolbar: (YouTube Downloader Toolbar) - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Programme\YouTube Downloader Toolbar\IE\5.9\youtubedownloaderToolbarIE.dll (Spigot, Inc.) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} - No CLSID value found. O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [Babylon Client] C:\Program Files\Babylon\Babylon-Pro\Babylon.exe (Babylon Ltd.) O4 - HKLM..\Run: [SearchSettings] C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.) O4 - HKCU..\Run: [KSS] C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe (Kaspersky Lab ZAO) O4 - HKCU..\Run: [rfxsrvtray] D:\Tobit Radio.fx\Client\rfx-tray.exe (Tobit.Software) O4 - HKCU..\Run: [RGSC] C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe (Take-Two Interactive Software, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: Translate this web page with Babylon - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (Babylon Ltd.) O8 - Extra context menu item: Translate with Babylon - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (Babylon Ltd.) O9 - Extra Button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Programme\Windows Live\Companion\companioncore.dll (Microsoft Corporation) O9 - Extra Button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra Button: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (Babylon Ltd.) O9 - Extra 'Tools' menuitem : Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (Babylon Ltd.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{145D5FB2-28B8-4E20-B225-1FD59F90D9EB}: NameServer = 212.23.97.3 212.23.97.2 O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Programme\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O32 - AutoRun File - [2008.11.15 11:52:50 | 000,161,088 | R--- | M] (Take-Two Interactive Software, Inc.) - E:\Autorun.exe -- [ UDF ] O32 - AutoRun File - [2008.10.11 19:03:48 | 000,000,054 | R--- | M] () - E:\Autorun.inf -- [ UDF ] O32 - AutoRun File - [2007.07.03 22:04:10 | 000,106,496 | R--- | M] (Huawei Technologies Co., Ltd.) - F:\AutoRun.exe -- [ CDFS ] O32 - AutoRun File - [2008.01.15 17:17:16 | 000,025,214 | R--- | M] () - F:\AutoRun.ico -- [ CDFS ] O32 - AutoRun File - [2007.08.23 19:04:06 | 000,000,047 | R--- | M] () - F:\AUTORUN.INF -- [ CDFS ] O33 - MountPoints2\{070d66c0-abf9-11e0-b2f8-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{070d66c0-abf9-11e0-b2f8-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Autorun.exe -- [2008.11.15 11:52:50 | 000,161,088 | R--- | M] (Take-Two Interactive Software, Inc.) O33 - MountPoints2\{16693d42-dae0-11e0-acd1-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{16693d42-dae0-11e0-acd1-806e6f6e6963}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2007.07.03 22:04:10 | 000,106,496 | R--- | M] (Huawei Technologies Co., Ltd.) O33 - MountPoints2\{684ca023-acbc-11e0-a758-001fd097b8d5}\Shell - "" = AutoRun O33 - MountPoints2\{684ca023-acbc-11e0-a758-001fd097b8d5}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2007.07.03 22:04:10 | 000,106,496 | R--- | M] (Huawei Technologies Co., Ltd.) O33 - MountPoints2\{684ca027-acbc-11e0-a758-001fd097b8d5}\Shell - "" = AutoRun O33 - MountPoints2\{684ca027-acbc-11e0-a758-001fd097b8d5}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2007.07.03 22:04:10 | 000,106,496 | R--- | M] (Huawei Technologies Co., Ltd.) O33 - MountPoints2\{d5c64903-a8f1-11e1-940f-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{d5c64903-a8f1-11e1-940f-806e6f6e6963}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2007.07.03 22:04:10 | 000,106,496 | R--- | M] (Huawei Technologies Co., Ltd.) O33 - MountPoints2\{d5c64916-a8f1-11e1-940f-001fd097b8d5}\Shell - "" = AutoRun O33 - MountPoints2\{d5c64916-a8f1-11e1-940f-001fd097b8d5}\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2007.07.03 22:04:10 | 000,106,496 | R--- | M] (Huawei Technologies Co., Ltd.) O33 - MountPoints2\F\Shell - "" = AutoRun O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\AutoRun.exe -- [2007.07.03 22:04:10 | 000,106,496 | R--- | M] (Huawei Technologies Co., Ltd.) O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2012.06.25 18:21:35 | 000,000,000 | ---D | C] -- C:\Users\samohT\AppData\Local\{2E10BEEA-9A0D-44DD-ACB0-3D6AE222B3FC} [2012.06.25 08:10:39 | 000,000,000 | ---D | C] -- C:\Users\samohT\AppData\Local\{F647C501-FF78-4093-B753-32F90F59D6E9} [2012.06.25 08:06:03 | 000,000,000 | ---D | C] -- C:\Users\samohT\AppData\Local\{460AE50C-E83C-4D54-8533-3AA160160FCB} [2012.06.23 09:44:40 | 000,000,000 | ---D | C] -- C:\Users\samohT\AppData\Local\{AF4FD8CC-707F-4FCE-8738-CCB1CFA75052} [2012.06.23 09:43:36 | 000,000,000 | ---D | C] -- C:\Users\samohT\AppData\Local\{70B16C25-6BC5-4043-8E12-543FABA47FA5} [2012.06.22 10:20:39 | 000,000,000 | ---D | C] -- C:\Users\samohT\AppData\Local\{75F840E7-06C0-4C2A-9D7F-B28049536BBA} [2012.06.22 10:18:05 | 000,000,000 | ---D | C] -- C:\Users\samohT\AppData\Local\{32486551-9BB3-4D5B-8C28-DADC035A3CCE} [2012.06.21 20:47:01 | 000,000,000 | ---D | C] -- C:\Users\samohT\AppData\Local\{BF7485FA-521A-44E4-9F05-E3DA896681DA} [2012.06.21 16:25:25 | 000,000,000 | ---D | C] -- C:\Users\samohT\Desktop\GTA 4 Patch [2012.06.21 08:43:19 | 000,000,000 | ---D | C] -- C:\Users\samohT\AppData\Local\{44330B5F-88C5-4318-BA9B-7C2F26D23985} [2012.06.19 13:11:33 | 000,000,000 | ---D | C] -- C:\Program Files\YouTube Downloader Toolbar [2012.06.19 13:11:33 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Spigot [2012.06.19 13:11:33 | 000,000,000 | ---D | C] -- C:\Program Files\Application Updater [2012.06.19 13:11:29 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2012.06.19 13:07:55 | 000,000,000 | ---D | C] -- C:\Users\samohT\AppData\Local\{04714ACD-C17B-421E-A9BD-DB2E23B6DF87} [2012.06.19 13:06:31 | 000,000,000 | ---D | C] -- C:\Users\samohT\AppData\Local\{2B0B086C-EB62-4D96-B0D9-504BF26DA0F0} [2012.06.17 11:07:00 | 000,000,000 | ---D | C] -- C:\Users\samohT\AppData\Local\{F48A5315-1EBB-44B4-A432-0976720B5867} [2012.06.16 15:25:00 | 000,000,000 | ---D | C] -- C:\Users\samohT\AppData\Local\{9BE0F630-ED46-4EE6-99AE-AFA39792FEC8} [2012.06.16 13:43:55 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft [2012.06.16 13:43:24 | 000,000,000 | ---D | C] -- C:\Users\samohT\AppData\Local\Rockstar Games [2012.06.16 13:41:41 | 000,000,000 | RH-D | C] -- C:\Users\samohT\AppData\Roaming\SecuROM [2012.06.16 13:35:36 | 000,107,888 | ---- | C] (Sony DADC Austria AG.) -- C:\Windows\System32\CmdLineExt.dll [2012.06.16 13:33:49 | 000,000,000 | ---D | C] -- C:\Windows\System32\xlive [2012.06.16 13:33:49 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Games for Windows - LIVE [2012.06.16 13:08:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games [2012.06.16 13:08:20 | 000,000,000 | ---D | C] -- C:\Program Files\Rockstar Games [2012.06.16 13:07:14 | 000,000,000 | ---D | C] -- C:\Users\samohT\AppData\Local\{C234FB90-CF65-4EE7-9BD5-A26B798E65C9} [2012.06.15 20:33:42 | 000,000,000 | ---D | C] -- C:\Users\samohT\AppData\Roaming\Malwarebytes [2012.06.15 20:32:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012.06.15 20:32:54 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2012.06.15 20:32:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012.06.15 20:32:51 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2012.06.15 20:32:51 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2012.06.15 15:30:23 | 000,000,000 | ---D | C] -- C:\Users\samohT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kaspersky Security Scan [2012.06.15 15:29:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab [2012.06.15 15:29:52 | 000,000,000 | ---D | C] -- C:\Program Files\Kaspersky Lab [2012.06.15 10:24:06 | 000,000,000 | ---D | C] -- C:\Users\samohT\AppData\Local\{E4053864-AE16-4C7B-87BB-FE84749AA5BD} [2012.06.14 22:16:45 | 000,000,000 | ---D | C] -- C:\Users\samohT\AppData\Local\{A831ACBA-C9D7-4F15-9938-9EB412059030} [2012.06.14 22:15:39 | 000,000,000 | ---D | C] -- C:\Users\samohT\AppData\Local\{3DE7E1FF-BA16-456D-BB81-F8107073B169} [2012.06.13 10:33:51 | 000,000,000 | ---D | C] -- C:\Users\samohT\AppData\Local\{8B071109-A9AA-42D3-B78E-47F6FF609459} [2012.06.13 10:33:13 | 000,000,000 | ---D | C] -- C:\Users\samohT\AppData\Local\{435725C9-77D0-4365-8FB0-E5718BEB2E41} [2012.06.12 13:07:49 | 000,000,000 | ---D | C] -- C:\Users\samohT\AppData\Local\{B4E72C2A-EB38-420E-92C6-7029A67C400C} [2012.06.12 13:04:13 | 000,000,000 | ---D | C] -- C:\Users\samohT\AppData\Local\{298421DB-687D-4A14-B2B0-1357C4DAE68F} [2012.06.11 20:13:09 | 000,000,000 | ---D | C] -- C:\Users\samohT\AppData\Local\{27AE5AF8-07A8-4A7A-9C6E-B2E855DEF56B} [2012.06.11 13:46:40 | 000,000,000 | ---D | C] -- C:\Users\samohT\AppData\Local\{C506A898-D3E3-491B-AD2E-F13073474FEA} [2012.06.11 13:46:07 | 000,000,000 | ---D | C] -- C:\Users\samohT\AppData\Local\{947B848E-7CBD-4D76-8D2A-B791D498759F} [2012.06.10 18:37:17 | 000,000,000 | ---D | C] -- C:\Users\samohT\AppData\Local\{F29FA7E1-EAEF-47C5-ACCE-3321963FF1CB} [2012.06.10 18:35:14 | 000,000,000 | ---D | C] -- C:\Users\samohT\AppData\Local\{264D23BF-1D7A-44FD-8B9A-936970F9E003} [2012.06.09 21:02:44 | 000,000,000 | ---D | C] -- C:\Users\samohT\AppData\Local\{52A2F454-CE68-4FBB-914F-46D307C736E9} [2012.06.09 10:50:14 | 000,000,000 | ---D | C] -- C:\Users\samohT\AppData\Local\{9E4987E2-C75F-4C68-AD00-7F4900AB197E} [2012.06.09 10:49:35 | 000,000,000 | ---D | C] -- C:\Users\samohT\AppData\Local\{557C67A7-36FE-404D-8871-AF90DCD56030} [2012.06.08 20:15:49 | 000,000,000 | ---D | C] -- C:\Users\samohT\AppData\Local\{7B499FB1-D4A9-4F30-97AE-4C1D72404268} [2012.06.08 20:12:34 | 000,000,000 | ---D | C] -- C:\Users\samohT\AppData\Local\{C3ABB123-29DF-47D4-95A5-E62F6E7093CB} [2012.06.07 18:11:17 | 000,000,000 | ---D | C] -- C:\Users\samohT\AppData\Local\{8102A712-8D6F-4C4B-9E09-F82513EB40CE} [2012.06.07 18:10:44 | 000,000,000 | ---D | C] -- C:\Users\samohT\AppData\Local\{F632CC50-C063-42E0-A9D5-8E468F7E4437} [2012.06.07 10:33:55 | 000,000,000 | ---D | C] -- C:\Users\samohT\AppData\Local\{C3B1FD53-6324-408D-AA8C-569A5364351F} [2012.06.06 16:54:00 | 000,000,000 | ---D | C] -- C:\Users\samohT\AppData\Local\{8F0FD94A-E4DE-41DE-B083-82373E3E64F8} [2012.06.06 16:50:19 | 000,000,000 | ---D | C] -- C:\Users\samohT\AppData\Local\{0855683E-0FB7-48F4-BB4F-39BC8FF1F6C6} [2012.06.05 17:41:23 | 000,000,000 | ---D | C] -- C:\Users\samohT\AppData\Local\{9377D72D-F734-4A57-BA27-881DFCD0A368} [2012.06.05 17:40:48 | 000,000,000 | ---D | C] -- C:\Users\samohT\AppData\Local\{875EAD0A-5CE2-46FA-859E-1FE626FB030D} [2012.06.05 10:31:42 | 000,000,000 | ---D | C] -- C:\Users\samohT\AppData\Local\{039230D6-DB8F-4FF5-A09F-62A7ED018226} [2012.06.05 10:31:03 | 000,000,000 | ---D | C] -- C:\Users\samohT\AppData\Local\{D306AD23-E891-4043-AFA0-4473F16DFC08} [2012.06.04 11:20:30 | 000,000,000 | ---D | C] -- C:\Users\samohT\AppData\Local\{B2B694D0-D296-4B5B-859A-0899714539F2} [2012.06.04 10:54:42 | 000,000,000 | ---D | C] -- C:\Users\samohT\AppData\Local\{1FE744DA-A19D-4AE3-BCCD-E60FBE3C218E} [2012.06.01 14:09:24 | 000,000,000 | ---D | C] -- C:\Users\samohT\AppData\Local\{4A1D7FDE-9B7D-4F73-8F33-8EF7F1EBA7F3} [2012.06.01 14:07:48 | 000,000,000 | ---D | C] -- C:\Users\samohT\AppData\Local\{D48446A0-88FE-4E16-8AE4-E1E0CDD78723} [2012.05.30 16:28:28 | 000,000,000 | ---D | C] -- C:\Users\samohT\AppData\Local\{8A6BF225-E654-4457-9F5D-0932492BD883} [2012.05.30 10:25:51 | 000,000,000 | ---D | C] -- C:\Users\samohT\AppData\Local\{28005DA6-477F-457A-95E8-DD760DFADCA0} [2012.05.30 10:24:47 | 000,000,000 | ---D | C] -- C:\Users\samohT\AppData\Local\{99600866-7016-472C-94B3-932623DB6F4E} [2012.05.28 20:25:12 | 000,000,000 | ---D | C] -- C:\Users\samohT\AppData\Local\{0DEF3661-FA45-4157-8DEE-C7D9FB773367} [2012.05.28 20:21:34 | 000,000,000 | ---D | C] -- C:\Users\samohT\AppData\Local\{33F0A02F-2F18-47AC-8009-9DF619F10F94} [2012.05.28 17:04:21 | 000,000,000 | ---D | C] -- C:\Users\samohT\AppData\Local\{3001B5F3-9611-4A68-B733-C5ECE6745A30} [2010.06.02 06:22:02 | 000,089,944 | ---- | C] (Microsoft Corporation) -- C:\Users\samohT\DSETUP.dll ========== Files - Modified Within 30 Days ========== [2012.06.25 19:51:12 | 000,000,000 | ---- | M] () -- C:\Users\samohT\defogger_reenable [2012.06.25 19:11:02 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012.06.25 18:28:17 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.06.25 18:28:17 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.06.25 18:21:12 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012.06.25 18:21:09 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.06.25 18:21:02 | 1609,424,896 | -HS- | M] () -- C:\hiberfil.sys [2012.06.22 10:23:37 | 000,654,076 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2012.06.22 10:23:37 | 000,615,958 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012.06.22 10:23:37 | 000,129,948 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2012.06.22 10:23:37 | 000,106,338 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012.06.19 20:45:51 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt [2012.06.16 13:35:36 | 000,107,888 | ---- | M] (Sony DADC Austria AG.) -- C:\Windows\System32\CmdLineExt.dll [2012.06.16 13:31:46 | 000,002,146 | ---- | M] () -- C:\Users\Public\Desktop\Grand Theft Auto IV.lnk [2012.06.16 13:08:20 | 000,002,002 | ---- | M] () -- C:\Users\Public\Desktop\Rockstar Games Social Club.lnk [2012.06.15 20:32:58 | 000,000,983 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2012.06.15 15:30:02 | 000,001,047 | ---- | M] () -- C:\Users\samohT\Desktop\Kaspersky Security Scan.lnk [2012.06.14 22:14:55 | 000,265,640 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT ========== Files Created - No Company Name ========== [2012.06.25 19:51:12 | 000,000,000 | ---- | C] () -- C:\Users\samohT\defogger_reenable [2012.06.16 13:31:46 | 000,002,146 | ---- | C] () -- C:\Users\Public\Desktop\Grand Theft Auto IV.lnk [2012.06.16 13:08:20 | 000,002,002 | ---- | C] () -- C:\Users\Public\Desktop\Rockstar Games Social Club.lnk [2012.06.15 20:32:58 | 000,000,983 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2012.06.15 15:30:24 | 000,001,047 | ---- | C] () -- C:\Users\samohT\Desktop\Kaspersky Security Scan.lnk [2011.07.31 18:49:12 | 000,554,496 | ---- | C] () -- C:\Windows\System32\dvmsg.dll [2011.07.22 11:30:21 | 000,127,136 | ---- | C] () -- C:\Users\samohT\061211192252.jpg [2011.07.22 11:28:51 | 000,093,406 | ---- | C] () -- C:\Users\samohT\061311162405.jpg [2011.07.22 11:28:21 | 000,115,117 | ---- | C] () -- C:\Users\samohT\061111231132.jpg [2011.07.22 11:27:44 | 000,088,269 | ---- | C] () -- C:\Users\samohT\061111231124.jpg [2011.07.16 10:08:22 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe [2011.07.16 10:07:26 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe [2011.07.14 11:14:19 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat [2011.07.11 22:22:50 | 000,022,328 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys [2011.07.11 22:22:50 | 000,022,328 | ---- | C] () -- C:\Users\samohT\AppData\Roaming\PnkBstrK.sys [2011.07.11 22:22:33 | 000,103,736 | ---- | C] () -- C:\Windows\System32\PnkBstrB.exe [2011.07.11 22:22:33 | 000,066,872 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe [2011.07.11 22:22:30 | 000,000,319 | ---- | C] () -- C:\Windows\game.ini [2011.07.11 21:30:08 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2010.06.02 06:22:54 | 001,412,902 | ---- | C] () -- C:\Users\samohT\OCT2006_d3dx9_31_x64.cab [2010.06.02 06:22:54 | 001,127,217 | ---- | C] () -- C:\Users\samohT\OCT2006_d3dx9_31_x86.cab [2010.06.02 06:22:54 | 000,273,960 | ---- | C] () -- C:\Users\samohT\Nov2008_XAudio_x64.cab [2010.06.02 06:22:54 | 000,272,611 | ---- | C] () -- C:\Users\samohT\Nov2008_XAudio_x86.cab [2010.06.02 06:22:54 | 000,182,361 | ---- | C] () -- C:\Users\samohT\OCT2006_XACT_x64.cab [2010.06.02 06:22:54 | 000,138,017 | ---- | C] () -- C:\Users\samohT\OCT2006_XACT_x86.cab [2010.06.02 06:22:54 | 000,086,037 | ---- | C] () -- C:\Users\samohT\Oct2005_xinput_x64.cab [2010.06.02 06:22:54 | 000,045,359 | ---- | C] () -- C:\Users\samohT\Oct2005_xinput_x86.cab [2010.06.02 06:22:52 | 001,906,878 | ---- | C] () -- C:\Users\samohT\Nov2008_d3dx9_40_x64.cab [2010.06.02 06:22:52 | 001,550,796 | ---- | C] () -- C:\Users\samohT\Nov2008_d3dx9_40_x86.cab [2010.06.02 06:22:52 | 000,965,421 | ---- | C] () -- C:\Users\samohT\Nov2008_d3dx10_40_x86.cab [2010.06.02 06:22:52 | 000,121,794 | ---- | C] () -- C:\Users\samohT\Nov2008_XACT_x64.cab [2010.06.02 06:22:52 | 000,092,684 | ---- | C] () -- C:\Users\samohT\Nov2008_XACT_x86.cab [2010.06.02 06:22:52 | 000,054,522 | ---- | C] () -- C:\Users\samohT\Nov2008_X3DAudio_x64.cab [2010.06.02 06:22:52 | 000,021,851 | ---- | C] () -- C:\Users\samohT\Nov2008_X3DAudio_x86.cab [2010.06.02 06:22:50 | 000,994,154 | ---- | C] () -- C:\Users\samohT\Nov2008_d3dx10_40_x64.cab [2010.06.02 06:22:50 | 000,196,762 | ---- | C] () -- C:\Users\samohT\NOV2007_XACT_x64.cab [2010.06.02 06:22:50 | 000,148,264 | ---- | C] () -- C:\Users\samohT\NOV2007_XACT_x86.cab [2010.06.02 06:22:50 | 000,046,144 | ---- | C] () -- C:\Users\samohT\NOV2007_X3DAudio_x64.cab [2010.06.02 06:22:50 | 000,018,496 | ---- | C] () -- C:\Users\samohT\NOV2007_X3DAudio_x86.cab [2010.06.02 06:22:48 | 001,802,058 | ---- | C] () -- C:\Users\samohT\Nov2007_d3dx9_36_x64.cab [2010.06.02 06:22:48 | 001,709,360 | ---- | C] () -- C:\Users\samohT\Nov2007_d3dx9_36_x86.cab [2010.06.02 06:22:48 | 000,864,600 | ---- | C] () -- C:\Users\samohT\Nov2007_d3dx10_36_x64.cab [2010.06.02 06:22:48 | 000,803,884 | ---- | C] () -- C:\Users\samohT\Nov2007_d3dx10_36_x86.cab [2010.06.02 06:22:48 | 000,273,018 | ---- | C] () -- C:\Users\samohT\Mar2009_XAudio_x86.cab [2010.06.02 06:22:46 | 000,275,044 | ---- | C] () -- C:\Users\samohT\Mar2009_XAudio_x64.cab [2010.06.02 06:22:46 | 000,121,506 | ---- | C] () -- C:\Users\samohT\Mar2009_XACT_x64.cab [2010.06.02 06:22:46 | 000,092,740 | ---- | C] () -- C:\Users\samohT\Mar2009_XACT_x86.cab [2010.06.02 06:22:38 | 000,054,600 | ---- | C] () -- C:\Users\samohT\Mar2009_X3DAudio_x64.cab [2010.06.02 06:22:38 | 000,021,298 | ---- | C] () -- C:\Users\samohT\Mar2009_X3DAudio_x86.cab [2010.06.02 06:22:36 | 001,973,702 | ---- | C] () -- C:\Users\samohT\Mar2009_d3dx9_41_x64.cab [2010.06.02 06:22:36 | 001,612,446 | ---- | C] () -- C:\Users\samohT\Mar2009_d3dx9_41_x86.cab [2010.06.02 06:22:36 | 001,067,160 | ---- | C] () -- C:\Users\samohT\Mar2009_d3dx10_41_x64.cab [2010.06.02 06:22:36 | 001,040,745 | ---- | C] () -- C:\Users\samohT\Mar2009_d3dx10_41_x86.cab [2010.06.02 06:22:36 | 000,251,194 | ---- | C] () -- C:\Users\samohT\Mar2008_XAudio_x64.cab [2010.06.02 06:22:36 | 000,226,250 | ---- | C] () -- C:\Users\samohT\Mar2008_XAudio_x86.cab [2010.06.02 06:22:36 | 000,122,336 | ---- | C] () -- C:\Users\samohT\Mar2008_XACT_x64.cab [2010.06.02 06:22:36 | 000,093,734 | ---- | C] () -- C:\Users\samohT\Mar2008_XACT_x86.cab [2010.06.02 06:22:34 | 001,769,862 | ---- | C] () -- C:\Users\samohT\Mar2008_d3dx9_37_x64.cab [2010.06.02 06:22:34 | 001,443,282 | ---- | C] () -- C:\Users\samohT\Mar2008_d3dx9_37_x86.cab [2010.06.02 06:22:34 | 000,818,260 | ---- | C] () -- C:\Users\samohT\Mar2008_d3dx10_37_x86.cab [2010.06.02 06:22:34 | 000,055,058 | ---- | C] () -- C:\Users\samohT\Mar2008_X3DAudio_x64.cab [2010.06.02 06:22:34 | 000,021,867 | ---- | C] () -- C:\Users\samohT\Mar2008_X3DAudio_x86.cab [2010.06.02 06:22:32 | 000,937,246 | ---- | C] () -- C:\Users\samohT\Jun2010_d3dx9_43_x64.cab [2010.06.02 06:22:32 | 000,844,884 | ---- | C] () -- C:\Users\samohT\Mar2008_d3dx10_37_x64.cab [2010.06.02 06:22:32 | 000,768,036 | ---- | C] () -- C:\Users\samohT\Jun2010_d3dx9_43_x86.cab [2010.06.02 06:22:32 | 000,278,060 | ---- | C] () -- C:\Users\samohT\Jun2010_XAudio_x86.cab [2010.06.02 06:22:32 | 000,277,338 | ---- | C] () -- C:\Users\samohT\Jun2010_XAudio_x64.cab [2010.06.02 06:22:32 | 000,124,596 | ---- | C] () -- C:\Users\samohT\Jun2010_XACT_x64.cab [2010.06.02 06:22:32 | 000,093,686 | ---- | C] () -- C:\Users\samohT\Jun2010_XACT_x86.cab [2010.06.02 06:22:30 | 000,762,188 | ---- | C] () -- C:\Users\samohT\Jun2010_d3dcsx_43_x86.cab [2010.06.02 06:22:30 | 000,235,955 | ---- | C] () -- C:\Users\samohT\Jun2010_d3dx10_43_x64.cab [2010.06.02 06:22:30 | 000,197,283 | ---- | C] () -- C:\Users\samohT\Jun2010_d3dx10_43_x86.cab [2010.06.02 06:22:30 | 000,138,205 | ---- | C] () -- C:\Users\samohT\Jun2010_d3dx11_43_x64.cab [2010.06.02 06:22:30 | 000,109,445 | ---- | C] () -- C:\Users\samohT\Jun2010_d3dx11_43_x86.cab [2010.06.02 06:22:28 | 000,944,460 | ---- | C] () -- C:\Users\samohT\Jun2010_D3DCompiler_43_x64.cab [2010.06.02 06:22:28 | 000,931,471 | ---- | C] () -- C:\Users\samohT\Jun2010_D3DCompiler_43_x86.cab [2010.06.02 06:22:28 | 000,752,783 | ---- | C] () -- C:\Users\samohT\Jun2010_d3dcsx_43_x64.cab [2010.06.02 06:22:20 | 000,269,024 | ---- | C] () -- C:\Users\samohT\JUN2008_XAudio_x86.cab [2010.06.02 06:22:18 | 001,792,608 | ---- | C] () -- C:\Users\samohT\JUN2008_d3dx9_38_x64.cab [2010.06.02 06:22:18 | 001,463,878 | ---- | C] () -- C:\Users\samohT\JUN2008_d3dx9_38_x86.cab [2010.06.02 06:22:18 | 000,867,828 | ---- | C] () -- C:\Users\samohT\JUN2008_d3dx10_38_x64.cab [2010.06.02 06:22:18 | 000,849,919 | ---- | C] () -- C:\Users\samohT\JUN2008_d3dx10_38_x86.cab [2010.06.02 06:22:18 | 000,269,628 | ---- | C] () -- C:\Users\samohT\JUN2008_XAudio_x64.cab [2010.06.02 06:22:18 | 000,152,909 | ---- | C] () -- C:\Users\samohT\JUN2007_XACT_x86.cab [2010.06.02 06:22:18 | 000,121,054 | ---- | C] () -- C:\Users\samohT\JUN2008_XACT_x64.cab [2010.06.02 06:22:18 | 000,093,128 | ---- | C] () -- C:\Users\samohT\JUN2008_XACT_x86.cab [2010.06.02 06:22:18 | 000,055,154 | ---- | C] () -- C:\Users\samohT\JUN2008_X3DAudio_x64.cab [2010.06.02 06:22:18 | 000,021,905 | ---- | C] () -- C:\Users\samohT\JUN2008_X3DAudio_x86.cab [2010.06.02 06:22:16 | 001,607,774 | ---- | C] () -- C:\Users\samohT\JUN2007_d3dx9_34_x64.cab [2010.06.02 06:22:16 | 001,607,286 | ---- | C] () -- C:\Users\samohT\JUN2007_d3dx9_34_x86.cab [2010.06.02 06:22:16 | 001,064,925 | ---- | C] () -- C:\Users\samohT\Jun2005_d3dx9_26_x86.cab [2010.06.02 06:22:16 | 000,699,044 | ---- | C] () -- C:\Users\samohT\JUN2007_d3dx10_34_x64.cab [2010.06.02 06:22:16 | 000,698,472 | ---- | C] () -- C:\Users\samohT\JUN2007_d3dx10_34_x86.cab [2010.06.02 06:22:16 | 000,197,122 | ---- | C] () -- C:\Users\samohT\JUN2007_XACT_x64.cab [2010.06.02 06:22:16 | 000,180,785 | ---- | C] () -- C:\Users\samohT\JUN2006_XACT_x64.cab [2010.06.02 06:22:16 | 000,133,671 | ---- | C] () -- C:\Users\samohT\JUN2006_XACT_x86.cab [2010.06.02 06:22:14 | 001,336,002 | ---- | C] () -- C:\Users\samohT\Jun2005_d3dx9_26_x64.cab [2010.06.02 06:22:14 | 000,277,191 | ---- | C] () -- C:\Users\samohT\Feb2010_XAudio_x86.cab [2010.06.02 06:22:14 | 000,276,960 | ---- | C] () -- C:\Users\samohT\Feb2010_XAudio_x64.cab [2010.06.02 06:22:14 | 000,122,446 | ---- | C] () -- C:\Users\samohT\Feb2010_XACT_x64.cab [2010.06.02 06:22:14 | 000,093,180 | ---- | C] () -- C:\Users\samohT\Feb2010_XACT_x86.cab [2010.06.02 06:22:12 | 000,194,675 | ---- | C] () -- C:\Users\samohT\FEB2007_XACT_x64.cab [2010.06.02 06:22:12 | 000,147,983 | ---- | C] () -- C:\Users\samohT\FEB2007_XACT_x86.cab [2010.06.02 06:22:12 | 000,054,678 | ---- | C] () -- C:\Users\samohT\Feb2010_X3DAudio_x64.cab [2010.06.02 06:22:12 | 000,020,713 | ---- | C] () -- C:\Users\samohT\Feb2010_X3DAudio_x86.cab [2010.06.02 06:22:10 | 000,178,359 | ---- | C] () -- C:\Users\samohT\Feb2006_XACT_x64.cab [2010.06.02 06:22:10 | 000,132,409 | ---- | C] () -- C:\Users\samohT\Feb2006_XACT_x86.cab [2010.06.02 06:22:04 | 001,084,720 | ---- | C] () -- C:\Users\samohT\Feb2006_d3dx9_29_x86.cab [2010.06.02 06:22:02 | 001,801,048 | ---- | C] () -- C:\Users\samohT\dsetup32.dll [2010.06.02 06:22:02 | 001,574,376 | ---- | C] () -- C:\Users\samohT\DEC2006_d3dx9_32_x86.cab [2010.06.02 06:22:02 | 001,362,796 | ---- | C] () -- C:\Users\samohT\Feb2006_d3dx9_29_x64.cab [2010.06.02 06:22:02 | 001,247,499 | ---- | C] () -- C:\Users\samohT\Feb2005_d3dx9_24_x64.cab [2010.06.02 06:22:02 | 001,013,225 | ---- | C] () -- C:\Users\samohT\Feb2005_d3dx9_24_x86.cab [2010.06.02 06:22:02 | 000,537,432 | ---- | C] () -- C:\Users\samohT\DXSETUP.exe [2010.06.02 06:22:02 | 000,192,475 | ---- | C] () -- C:\Users\samohT\DEC2006_XACT_x64.cab [2010.06.02 06:22:02 | 000,145,599 | ---- | C] () -- C:\Users\samohT\DEC2006_XACT_x86.cab [2010.06.02 06:22:02 | 000,094,011 | ---- | C] () -- C:\Users\samohT\dxupdate.cab [2010.06.02 06:22:02 | 000,042,410 | ---- | C] () -- C:\Users\samohT\dxdllreg_x86.cab [2010.06.02 06:22:00 | 001,571,154 | ---- | C] () -- C:\Users\samohT\DEC2006_d3dx9_32_x64.cab [2010.06.02 06:22:00 | 001,357,976 | ---- | C] () -- C:\Users\samohT\Dec2005_d3dx9_28_x64.cab [2010.06.02 06:22:00 | 001,079,456 | ---- | C] () -- C:\Users\samohT\Dec2005_d3dx9_28_x86.cab [2010.06.02 06:22:00 | 000,273,264 | ---- | C] () -- C:\Users\samohT\Aug2009_XAudio_x64.cab [2010.06.02 06:22:00 | 000,272,642 | ---- | C] () -- C:\Users\samohT\Aug2009_XAudio_x86.cab [2010.06.02 06:22:00 | 000,212,807 | ---- | C] () -- C:\Users\samohT\DEC2006_d3dx10_00_x64.cab [2010.06.02 06:22:00 | 000,191,720 | ---- | C] () -- C:\Users\samohT\DEC2006_d3dx10_00_x86.cab [2010.06.02 06:22:00 | 000,122,408 | ---- | C] () -- C:\Users\samohT\Aug2009_XACT_x64.cab [2010.06.02 06:22:00 | 000,093,106 | ---- | C] () -- C:\Users\samohT\Aug2009_XACT_x86.cab [2010.06.02 06:21:58 | 000,930,116 | ---- | C] () -- C:\Users\samohT\Aug2009_d3dx9_42_x64.cab [2010.06.02 06:21:58 | 000,728,456 | ---- | C] () -- C:\Users\samohT\Aug2009_d3dx9_42_x86.cab [2010.06.02 06:21:58 | 000,232,635 | ---- | C] () -- C:\Users\samohT\Aug2009_d3dx10_42_x64.cab [2010.06.02 06:21:58 | 000,192,131 | ---- | C] () -- C:\Users\samohT\Aug2009_d3dx10_42_x86.cab [2010.06.02 06:21:58 | 000,136,301 | ---- | C] () -- C:\Users\samohT\Aug2009_d3dx11_42_x64.cab [2010.06.02 06:21:58 | 000,105,044 | ---- | C] () -- C:\Users\samohT\Aug2009_d3dx11_42_x86.cab [2010.06.02 06:21:56 | 003,319,740 | ---- | C] () -- C:\Users\samohT\Aug2009_d3dcsx_42_x86.cab [2010.06.02 06:21:56 | 003,112,111 | ---- | C] () -- C:\Users\samohT\Aug2009_d3dcsx_42_x64.cab [2010.06.02 06:21:56 | 000,900,598 | ---- | C] () -- C:\Users\samohT\Aug2009_D3DCompiler_42_x86.cab [2010.06.02 06:21:46 | 000,919,044 | ---- | C] () -- C:\Users\samohT\Aug2009_D3DCompiler_42_x64.cab [2010.06.02 06:21:46 | 000,271,412 | ---- | C] () -- C:\Users\samohT\Aug2008_XAudio_x64.cab [2010.06.02 06:21:46 | 000,271,038 | ---- | C] () -- C:\Users\samohT\Aug2008_XAudio_x86.cab [2010.06.02 06:21:44 | 001,794,084 | ---- | C] () -- C:\Users\samohT\Aug2008_d3dx9_39_x64.cab [2010.06.02 06:21:44 | 001,464,672 | ---- | C] () -- C:\Users\samohT\Aug2008_d3dx9_39_x86.cab [2010.06.02 06:21:44 | 000,849,167 | ---- | C] () -- C:\Users\samohT\Aug2008_d3dx10_39_x86.cab [2010.06.02 06:21:44 | 000,198,096 | ---- | C] () -- C:\Users\samohT\AUG2007_XACT_x64.cab [2010.06.02 06:21:44 | 000,153,012 | ---- | C] () -- C:\Users\samohT\AUG2007_XACT_x86.cab [2010.06.02 06:21:44 | 000,121,772 | ---- | C] () -- C:\Users\samohT\Aug2008_XACT_x64.cab [2010.06.02 06:21:44 | 000,092,996 | ---- | C] () -- C:\Users\samohT\Aug2008_XACT_x86.cab [2010.06.02 06:21:42 | 001,800,160 | ---- | C] () -- C:\Users\samohT\AUG2007_d3dx9_35_x64.cab [2010.06.02 06:21:42 | 001,708,152 | ---- | C] () -- C:\Users\samohT\AUG2007_d3dx9_35_x86.cab [2010.06.02 06:21:42 | 000,867,612 | ---- | C] () -- C:\Users\samohT\Aug2008_d3dx10_39_x64.cab [2010.06.02 06:21:42 | 000,852,286 | ---- | C] () -- C:\Users\samohT\AUG2007_d3dx10_35_x64.cab [2010.06.02 06:21:42 | 000,796,867 | ---- | C] () -- C:\Users\samohT\AUG2007_d3dx10_35_x86.cab [2010.06.02 06:21:40 | 001,350,542 | ---- | C] () -- C:\Users\samohT\Aug2005_d3dx9_27_x64.cab [2010.06.02 06:21:40 | 001,077,644 | ---- | C] () -- C:\Users\samohT\Aug2005_d3dx9_27_x86.cab [2010.06.02 06:21:40 | 000,182,903 | ---- | C] () -- C:\Users\samohT\AUG2006_XACT_x64.cab [2010.06.02 06:21:40 | 000,137,235 | ---- | C] () -- C:\Users\samohT\AUG2006_XACT_x86.cab [2010.06.02 06:21:40 | 000,087,142 | ---- | C] () -- C:\Users\samohT\AUG2006_xinput_x64.cab [2010.06.02 06:21:40 | 000,053,302 | ---- | C] () -- C:\Users\samohT\APR2007_xinput_x86.cab [2010.06.02 06:21:40 | 000,046,058 | ---- | C] () -- C:\Users\samohT\AUG2006_xinput_x86.cab [2010.06.02 06:21:38 | 001,606,039 | ---- | C] () -- C:\Users\samohT\APR2007_d3dx9_33_x86.cab [2010.06.02 06:21:38 | 000,195,766 | ---- | C] () -- C:\Users\samohT\APR2007_XACT_x64.cab [2010.06.02 06:21:38 | 000,151,225 | ---- | C] () -- C:\Users\samohT\APR2007_XACT_x86.cab [2010.06.02 06:21:38 | 000,096,817 | ---- | C] () -- C:\Users\samohT\APR2007_xinput_x64.cab [2010.06.02 06:21:36 | 001,607,358 | ---- | C] () -- C:\Users\samohT\APR2007_d3dx9_33_x64.cab [2010.06.02 06:21:36 | 000,698,612 | ---- | C] () -- C:\Users\samohT\APR2007_d3dx10_33_x64.cab [2010.06.02 06:21:36 | 000,695,865 | ---- | C] () -- C:\Users\samohT\APR2007_d3dx10_33_x86.cab [2010.06.02 06:21:34 | 000,046,010 | ---- | C] () -- C:\Users\samohT\Apr2006_xinput_x86.cab [2010.06.02 06:21:20 | 000,087,101 | ---- | C] () -- C:\Users\samohT\Apr2006_xinput_x64.cab [2010.06.02 06:21:18 | 004,162,630 | ---- | C] () -- C:\Users\samohT\Apr2006_MDX1_x86_Archive.cab [2010.06.02 06:21:18 | 000,916,430 | ---- | C] () -- C:\Users\samohT\Apr2006_MDX1_x86.cab [2010.06.02 06:21:18 | 000,179,133 | ---- | C] () -- C:\Users\samohT\Apr2006_XACT_x64.cab [2010.06.02 06:21:18 | 000,133,103 | ---- | C] () -- C:\Users\samohT\Apr2006_XACT_x86.cab [2010.06.02 06:21:16 | 001,397,830 | ---- | C] () -- C:\Users\samohT\Apr2006_d3dx9_30_x64.cab [2010.06.02 06:21:16 | 001,347,354 | ---- | C] () -- C:\Users\samohT\Apr2005_d3dx9_25_x64.cab [2010.06.02 06:21:16 | 001,115,221 | ---- | C] () -- C:\Users\samohT\Apr2006_d3dx9_30_x86.cab [2010.06.02 06:21:16 | 001,078,962 | ---- | C] () -- C:\Users\samohT\Apr2005_d3dx9_25_x86.cab ========== LOP Check ========== [2012.04.12 14:15:51 | 000,000,000 | ---D | M] -- C:\Users\samohT\AppData\Roaming\ASCON Installer [2012.05.14 01:10:00 | 000,000,000 | ---D | M] -- C:\Users\samohT\AppData\Roaming\Babylon [2011.07.23 14:17:04 | 000,000,000 | ---D | M] -- C:\Users\samohT\AppData\Roaming\Baumaschinen Simulator 2011 [2011.08.01 13:09:55 | 000,000,000 | ---D | M] -- C:\Users\samohT\AppData\Roaming\Serif [2011.07.31 18:54:35 | 000,000,000 | ---D | M] -- C:\Users\samohT\AppData\Roaming\Tobit [2012.01.12 12:01:48 | 000,000,000 | ---D | M] -- C:\Users\samohT\AppData\Roaming\Windows Live Writer [2012.05.16 13:17:39 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== OTL EXTRAS Logfile: Code:
ATTFilter OTL Extras logfile created on: 25.06.2012 19:58:24 - Run 1 OTL by OldTimer - Version 3.2.53.0 Folder = C:\Users\samohT\Downloads Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 8.0.7601.17514) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,00 Gb Total Physical Memory | 1,32 Gb Available Physical Memory | 66,06% Memory free 4,00 Gb Paging File | 2,92 Gb Available in Paging File | 72,96% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 195,21 Gb Total Space | 135,11 Gb Free Space | 69,21% Space Free | Partition Type: NTFS Drive D: | 270,45 Gb Total Space | 201,47 Gb Free Space | 74,50% Space Free | Partition Type: NTFS Drive E: | 7,03 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Drive F: | 12,04 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS Drive H: | 3,71 Gb Total Space | 1,71 Gb Free Space | 46,13% Space Free | Partition Type: FAT32 Computer Name: SAMOHT-PC | User Name: samohT | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation) .hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation) [HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>] .html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation) htmlfile [edit] -- Reg Error: Key error. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] "DisableMonitoring" = 1 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = Reg Error: Unknown registry data type -- File not found "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "DisableNotifications" = 0 "EnableFirewall" = 1 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{04AFAB3A-0CC6-4032-A7F8-62C4C8D05CC6}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{2524BC7B-E2C1-43E6-A1B1-D8A2FA9D5E4F}" = rport=138 | protocol=17 | dir=out | app=system | "{2A47A15F-29F9-40EF-9D1D-7AD73BA0D365}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{2AE60A24-4DD6-4689-8AB3-CC0339693EA4}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | "{30EFC6F0-7DF0-4ED7-B6BF-95987ED24649}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | "{3D42174F-756F-4A4E-A348-758E89F3A60E}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | "{9B900D3A-2D47-4EDF-8414-D868DBB9A082}" = rport=445 | protocol=6 | dir=out | app=system | "{9CEDBFCB-9050-4C62-9850-666B79C68067}" = rport=139 | protocol=6 | dir=out | app=system | "{A5BD9BA6-B299-4DE5-822E-33F46A36E434}" = rport=137 | protocol=17 | dir=out | app=system | "{C6C8907B-4165-4CCE-B3EE-7DD1B44B3662}" = lport=137 | protocol=17 | dir=in | app=system | "{CADDB456-7735-47E0-B327-112F7458C052}" = lport=445 | protocol=6 | dir=in | app=system | "{E02045C0-5FE6-4698-9662-2BB9CB520AB2}" = lport=138 | protocol=17 | dir=in | app=system | "{FB8B71E2-B744-484D-82C9-BCF442C2F87F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{FFCE3E29-654A-4BAF-8CA7-110EB4E12C13}" = lport=139 | protocol=6 | dir=in | app=system | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{11170DDD-FD48-48FB-A917-9D8F212F2A49}" = protocol=17 | dir=in | app=c:\program files\agrar simulator 2012\iupdate.dll | "{1C2B7D88-049C-40AE-852D-08D09BA08FEA}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{229ACC93-B36D-47F8-AF43-9A0B45692B61}" = protocol=6 | dir=in | app=d:\tobit radio.fx\client\rfx-client.exe | "{27A2106C-8098-4B21-805D-228284D64836}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe | "{2977B3EB-8ACB-4631-8CCD-25BF1DCD550A}" = protocol=6 | dir=in | app=d:\tobit radio.fx\server\rfx-server.exe | "{34169774-9052-402B-9FE5-216971FE4EB4}" = protocol=17 | dir=in | app=c:\program files\rockstar games\grand theft auto iv\launchgtaiv.exe | "{373BEBE6-D6CB-41EE-A008-ABD63811D7AC}" = protocol=6 | dir=in | app=c:\program files\landwirtschafts simulator 2011\farmingsimulator2011.exe | "{489E3A55-B2DB-49D3-9B28-EFF21683623F}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe | "{4ECAEDE4-B167-4909-849E-88705A214FF3}" = dir=in | app=c:\program files\windows live\mesh\moe.exe | "{5C442942-989D-4DE1-A9C4-E9EE0ACFB770}" = protocol=17 | dir=in | app=c:\program files\agrar simulator 2012\farm2012.dll | "{61CE9899-D8DB-4477-A369-19D57DA3CF2B}" = protocol=17 | dir=in | app=c:\program files\rockstar games\rockstar games social club\rgsclauncher.exe | "{68F06661-E616-418A-8BA4-376A94785605}" = protocol=6 | dir=in | app=c:\program files\landwirtschafts simulator 2011\farmingsimulator2011.exe | "{706FC791-2121-4666-9AE0-474479F303CD}" = protocol=17 | dir=in | app=d:\tobit radio.fx\client\rfx-client.exe | "{7385A839-23E5-4797-B00A-0C99658FC046}" = protocol=17 | dir=in | app=c:\program files\landwirtschafts simulator 2011\game.exe | "{7D2A770A-E017-4F1F-8069-CE2D336BD5F5}" = protocol=6 | dir=in | app=c:\program files\rockstar games\rockstar games social club\rgsclauncher.exe | "{8900E34D-D34B-4036-A074-F7158F705009}" = protocol=17 | dir=in | app=c:\program files\landwirtschafts simulator 2011\farmingsimulator2011.exe | "{8BE07F28-CB35-4B1F-BC6D-47DEAF27A23A}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe | "{9E0506D5-D059-48E9-A4D6-07FD6C81A094}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe | "{9F3D9B92-7635-4A9F-AEC7-72A950F1BBCE}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{A17938C1-8EF3-496A-AF0A-4947450FA45F}" = protocol=6 | dir=in | app=c:\program files\landwirtschafts simulator 2011\game.exe | "{A6FA157B-EB12-4C10-A030-5A1DC6E5A640}" = protocol=6 | dir=in | app=c:\program files\agrar simulator 2012\iupdate.dll | "{B2576410-F08D-49FE-B6F6-DDED860E1134}" = protocol=17 | dir=in | app=d:\tobit radio.fx\server\rfx-server.exe | "{B382355E-B431-4232-BCCF-DD50EBA4B5DC}" = protocol=17 | dir=in | app=c:\program files\landwirtschafts simulator 2011\farmingsimulator2011.exe | "{BAA583B2-421A-4C33-9B05-8B36CDC1A722}" = protocol=6 | dir=in | app=c:\program files\landwirtschafts simulator 2011\game.exe | "{BEB74624-978A-40A5-911E-BC72F05E92FB}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{D4D383B6-7ADD-4984-8C28-8171B7D917F4}" = protocol=17 | dir=in | app=c:\program files\landwirtschafts simulator 2011\game.exe | "{DA10FCCA-1101-498D-9826-C91C72B603C3}" = protocol=17 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe | "{DD30E845-6EC6-4793-B413-7DC6082B853B}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe | "{E5A9B248-B6F9-4030-B130-6D4121266039}" = protocol=6 | dir=in | app=c:\program files\rockstar games\grand theft auto iv\launchgtaiv.exe | "{E685D158-7C6C-4263-990B-E1EABF60E4D2}" = protocol=6 | dir=in | app=c:\program files\activision\call of duty 4 - modern warfare\iw3mp.exe | "{F1A4FB9C-F7FA-4A3D-A3B4-2F5715229D7E}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | "{F71C6C93-C586-4216-8379-B5534DCCB645}" = protocol=6 | dir=in | app=c:\program files\agrar simulator 2012\farm2012.dll | "{FE3E8C9B-C79B-402A-B173-0913A10DB615}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "TCP Query User{F7EE7721-CC85-4AED-9627-DD2D1966C0E0}C:\program files\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=6 | dir=in | app=c:\program files\rockstar games\grand theft auto iv\gtaiv.exe | "UDP Query User{09333676-BD6B-4D81-A513-7A7417D111EE}C:\program files\rockstar games\grand theft auto iv\gtaiv.exe" = protocol=17 | dir=in | app=c:\program files\rockstar games\grand theft auto iv\gtaiv.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{02602409-9189-4567-BC07-562605243B69}" = Windows Live Remote Client Resources "{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}" = Messenger Companion "{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client "{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YouTube Downloader 3.5 "{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger "{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service "{26A24AE4-039D-4CA4-87B4-2F83216029FF}" = Java(TM) 6 Update 29 "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery "{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack "{3A65A74A-5B6E-451A-92D8-50F1182BBE9A}" = Windows Live Remote Service Resources "{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile "{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{5482DCBE-D2D1-47B0-A621-DF8E2B0D174C}" = Windows Live Family Safety "{56009CA3-423B-41F8-884A-E5B049534F15}" = Kaspersky Security Scan "{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV "{59E4543A-D49D-4489-B445-473D763C79AF}" = Microsoft Games for Windows - LIVE Redistributable "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{7625AFA5-81FF-4FCD-B30F-4F8706202C8F}_is1" = Farm Racern 1.0 "{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform "{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer "{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.1) - Deutsch "{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh "{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter "{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie "{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail "{BCF16F16-AC0E-4ABE-A9EF-412CF484BA51}" = Windows Live Family Safety "{BFD8647E-5F88-4440-B902-F500B36487B9}" = YouTube Downloader Toolbar v5.9 "{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common "{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections "{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker "{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials "{FA1DF66C-5EFA-4F8A-9256-0C7D2D74C640}" = Wohnwagen Park Tycoon So lebt totaler Trash "{FAFC9FF9-56BE-414D-B637-537E7D06E7B9}" = Serif PhotoPlus 11 "18 Wheels of Steel: American Long Haul" = 18 Wheels of Steel: American Long Haul "18 WoS Extreme Trucker" = 18 WoS Extreme Trucker 1.01 "7-Zip" = 7-Zip 9.20 "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "Agrar Simulator 2012" = Agrar Simulator 2012 "avast" = avast! Free Antivirus "Babylon" = Babylon "Eisenbahn Simulator_is1" = Eisenbahn Simulator "Euro Truck Simulator" = Euro Truck Simulator 1.1 "FarmingSimulator2011DE_is1" = Landwirtschafts Simulator 2011 "FormatFactory" = FormatFactory 2.70 "German Truck Simulator" = German Truck Simulator 1.00 "giants_editor_4.1.2_is1" = GIANTS Editor 4.1.2 "InstallWIX_{56009CA3-423B-41F8-884A-E5B049534F15}" = Kaspersky Security Scan "Jagd-Action 3D" = Jagd-Action 3D 1.52D "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile "Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack "Mozilla Firefox 13.0.1 (x86 de)" = Mozilla Firefox 13.0.1 (x86 de) "MozillaMaintenanceService" = Mozilla Maintenance Service "Tobit Radio.fx Server" = Radio.fx "UMTS USB Modem Manager" = UMTS USB Modem Manager "WinLiveSuite" = Windows Live Essentials "WinRAR archiver" = WinRAR 4.01 (32-Bit) ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 19.02.2012 14:16:19 | Computer Name = samohT-PC | Source = Windows Backup | ID = 4104 Description = Error - 27.02.2012 13:55:49 | Computer Name = samohT-PC | Source = Windows Backup | ID = 4104 Description = Error - 04.03.2012 07:04:49 | Computer Name = samohT-PC | Source = VSS | ID = 8194 Description = Error - 04.03.2012 07:14:25 | Computer Name = samohT-PC | Source = Application Hang | ID = 1002 Description = Programm City-Courier.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: f78 Startzeit: 01ccf9f7c1c6aa8f Endzeit: 20 Anwendungspfad: C:\Program Files\Der Paketdienst\City-Courier.exe Berichts-ID: Error - 04.03.2012 07:35:10 | Computer Name = samohT-PC | Source = Application Hang | ID = 1002 Description = Programm Setup.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 810 Startzeit: 01ccf9f7fb87e7bd Endzeit: 0 Anwendungspfad: E:\Spiele_DVD\Vollversionen\Flugsimulator\Setup.exe Berichts-ID: 9b17bf7e-65ec-11e1-9b34-001fd097b8d5 Error - 04.03.2012 14:15:01 | Computer Name = samohT-PC | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: City-Courier.exe, Version: 0.0.0.0, Zeitstempel: 0x45ffca1d Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000094 Fehleroffset: 0x3dfcb7a9 ID des fehlerhaften Prozesses: 0xf8c Startzeit der fehlerhaften Anwendung: 0x01ccfa2e450b9c9b Pfad der fehlerhaften Anwendung: C:\Program Files\Der Paketdienst\City-Courier.exe Pfad des fehlerhaften Moduls: unknown Berichtskennung: f4d1242a-6625-11e1-a814-001fd097b8d5 Error - 07.03.2012 15:39:02 | Computer Name = samohT-PC | Source = Application Error | ID = 1000 Description = Name der fehlerhaften Anwendung: javaw.exe, Version: 6.0.290.11, Zeitstempel: 0x4e897ca0 Name des fehlerhaften Moduls: java.dll, Version: 6.0.290.11, Zeitstempel: 0x4e89b321 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00004e0a ID des fehlerhaften Prozesses: 0x96c Startzeit der fehlerhaften Anwendung: 0x01ccfc99f218f7de Pfad der fehlerhaften Anwendung: C:\Program Files\Java\jre6\bin\javaw.exe Pfad des fehlerhaften Moduls: C:\Program Files\Java\jre6\bin\java.dll Berichtskennung: 30bb67b1-688d-11e1-adee-001fd097b8d5 Error - 10.03.2012 11:04:13 | Computer Name = samohT-PC | Source = VSS | ID = 8194 Description = Error - 11.03.2012 14:24:19 | Computer Name = samohT-PC | Source = Windows Backup | ID = 4104 Description = Error - 18.03.2012 16:28:52 | Computer Name = samohT-PC | Source = Windows Backup | ID = 4104 Description = [ System Events ] Error - 03.04.2012 15:12:19 | Computer Name = samohT-PC | Source = atikmdag | ID = 43029 Description = Display is not active Error - 03.04.2012 15:13:26 | Computer Name = samohT-PC | Source = atikmdag | ID = 43029 Description = Display is not active Error - 03.04.2012 15:21:08 | Computer Name = samohT-PC | Source = atikmdag | ID = 43029 Description = Display is not active Error - 03.04.2012 15:24:45 | Computer Name = samohT-PC | Source = atikmdag | ID = 43029 Description = Display is not active Error - 04.04.2012 04:00:02 | Computer Name = samohT-PC | Source = atikmdag | ID = 52236 Description = CPLIB :: General - Invalid Parameter Error - 04.04.2012 04:00:02 | Computer Name = samohT-PC | Source = atikmdag | ID = 43029 Description = Display is not active Error - 04.04.2012 14:39:29 | Computer Name = samohT-PC | Source = atikmdag | ID = 52236 Description = CPLIB :: General - Invalid Parameter Error - 04.04.2012 14:39:29 | Computer Name = samohT-PC | Source = atikmdag | ID = 43029 Description = Display is not active Error - 05.04.2012 09:35:04 | Computer Name = samohT-PC | Source = atikmdag | ID = 52236 Description = CPLIB :: General - Invalid Parameter Error - 05.04.2012 09:35:04 | Computer Name = samohT-PC | Source = atikmdag | ID = 43029 Description = Display is not active < End of report > --- --- --- |
25.06.2012, 19:08 | #4 |
/// Winkelfunktion /// TB-Süch-Tiger™ | eigenartike e-mail von meine konto verschickt Was schmeißt du jetzt hier ein OTL-Log rein Zusammenhang mit meiner Antwort gleich Null!
__________________ Logfiles bitte immer in CODE-Tags posten |
26.06.2012, 10:27 | #5 |
| eigenartike e-mail von meine konto verschickt ja sorry ich wollt eigendlich noch was dazu schreiben. wollt eigendlich mal gleich so wie es in der anleitung steht das machen und posten, und gleich mal drüber schauen lassen, weil ich noch andere probleme habe. aber mit GMER hatte es gestern abend nich mehr hingehauen |
26.06.2012, 12:51 | #6 |
/// Winkelfunktion /// TB-Süch-Tiger™ | eigenartike e-mail von meine konto verschickt Schön! Hat mit dem Thema in meiner Antwort aber immer noch nichts zu tun
__________________ --> eigenartike e-mail von meine konto verschickt |
26.06.2012, 19:14 | #7 |
| eigenartike e-mail von meine konto verschickt ja. wo kann ich denn dann das posten. deine antwort auf meine fragen, ja war vielleicht hilfreich wenn es dann nicht mehr passiert. dann sollte ich wohl auch besser nich mehr mein passwort speichern. |
26.06.2012, 19:15 | #8 |
/// Winkelfunktion /// TB-Süch-Tiger™ | eigenartike e-mail von meine konto verschickt Poste auch alle Logs von Malwarebytes die da schon vorhanden sind
__________________ Logfiles bitte immer in CODE-Tags posten |
Themen zu eigenartike e-mail von meine konto verschickt |
another, brauche, dringend, e-mail, e-mails, empfänger, englische, englischen, erhalte, erhalten, helft, konto, link, little, other, schnell, verschickt, verzögerung |