Babylon Search und Minecraft Backdoor

juju1966 · 04.10.2012, 18:24

Guten Abend erstmal.

ch habe ein Problem mit Babylon Search, staartet immer als zweiter tab und will nicht gehen

. Hab schon alles mögliche versucht ....
Ich habe jetzt mit eurer Hilfe Logfiles erstellt. Allerding ist beim Defogger nichts passiert oder ich bin da zu blöd zu. Hab auch dank eurer Hilfe noch ein Backdoor Programm gefunden welches mein Sohn mir eingehandelt hat.

Ich hoffe mir kann jemand helfen.

Danke schonmal Judith

schrauber · 05.10.2012, 08:04

Hi,

Bitte die logs nicht anhängen sondern direkt in den thread posten in codetags.

Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel

Link 1

WICHTIG - Speichere Combofix auf deinem Desktop

Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten

Zitat:

Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.

starte den Rechner einfach neu. Dies sollte das Problem beheben.

juju1966 · 05.10.2012, 12:28

ok korrigiere ich gleich

Code:

ATTFilter

ComboFix 12-10-04.02 - Judith 05.10.2012  13:42:50.1.4 - x86
Microsoft Windows 7 Home Premium   6.1.7600.0.1252.49.1031.18.3278.1897 [GMT 2:00]
ausgeführt von:: c:\users\Judith\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\avast_free_antivirus_setup_7.0.1466.exe
c:\program files\cdbxp_setup_4.4.1.3341_minimal.exe
c:\program files\Nero-12.0.02000_trial.exe
c:\program files\uTorrent_3.2_b27886.exe
c:\programdata\Roaming
c:\users\Judith\AppData\Roaming\Minecraft.exe
.
.
(((((((((((((((((((((((   Dateien erstellt von 2012-09-05 bis 2012-10-05  ))))))))))))))))))))))))))))))
.
.
2012-10-05 11:49 . 2012-10-05 11:49	--------	d-----w-	c:\users\Default\AppData\Local\temp
2012-10-05 11:27 . 2012-09-18 22:59	6980552	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{02C578D8-1688-4F08-9B43-C74ACC731828}\mpengine.dll
2012-10-04 11:05 . 2012-10-04 11:05	--------	d-----w-	c:\programdata\Malwarebytes
2012-10-04 10:41 . 2012-10-04 10:41	763456	----a-w-	c:\program files\ChromeSetup.exe
2012-10-04 10:39 . 2012-10-04 10:40	--------	d-----w-	c:\program files\Zylom Games
2012-10-04 10:39 . 2012-10-04 10:39	--------	d-----w-	c:\programdata\Zylom
2012-10-04 10:38 . 2012-10-04 10:38	511520	----a-w-	c:\program files\gamesplayerinstall.exe
2012-10-03 19:35 . 2012-10-03 19:35	--------	d-----w-	c:\program files\CCleaner
2012-10-03 19:34 . 2012-10-03 19:34	3941312	----a-w-	c:\program files\ccsetup323.exe
2012-10-03 19:30 . 2012-10-03 19:30	--------	d-----w-	c:\program files\Microsoft Silverlight
2012-10-03 19:29 . 2012-10-03 19:29	6955968	----a-w-	c:\program files\Silverlight.exe
2012-10-03 19:15 . 2012-10-04 10:27	--------	d-----w-	c:\program files\Maxthon3
2012-10-03 18:53 . 2012-10-04 10:42	--------	d-----w-	c:\program files\Google
2012-10-03 18:22 . 2012-10-03 18:41	--------	d-----w-	c:\programdata\Trend Micro
2012-10-03 17:54 . 2012-10-03 17:54	--------	d-----w-	c:\program files\VS Revo Group
2012-10-03 16:55 . 2012-10-03 18:28	--------	d-----w-	c:\program files\hpmonitor
2012-10-03 16:54 . 2012-10-03 16:54	--------	d-----w-	c:\windows\system32\searchplugins
2012-10-03 16:54 . 2012-10-03 16:54	--------	d-----w-	c:\windows\system32\Extensions
2012-10-02 14:45 . 2012-07-06 19:31	393216	----a-w-	c:\windows\system32\drivers\bthport.sys
2012-10-02 09:48 . 2011-03-11 05:44	143744	----a-w-	c:\windows\system32\drivers\nvstor.sys
2012-10-02 09:48 . 2011-03-11 05:44	1210240	----a-w-	c:\windows\system32\drivers\ntfs.sys
2012-10-02 09:48 . 2011-03-11 05:44	117120	----a-w-	c:\windows\system32\drivers\nvraid.sys
2012-10-02 09:48 . 2011-03-11 05:44	146304	----a-w-	c:\windows\system32\drivers\storport.sys
2012-10-02 09:48 . 2011-03-11 05:43	332160	----a-w-	c:\windows\system32\drivers\iaStorV.sys
2012-10-02 09:48 . 2011-03-11 05:43	80256	----a-w-	c:\windows\system32\drivers\amdsata.sys
2012-10-02 09:48 . 2011-03-11 05:43	22400	----a-w-	c:\windows\system32\drivers\amdxata.sys
2012-10-02 09:48 . 2011-03-11 05:39	1686016	----a-w-	c:\windows\system32\esent.dll
2012-10-02 09:48 . 2011-03-11 05:37	74240	----a-w-	c:\windows\system32\fsutil.exe
2012-10-01 19:32 . 2012-10-01 19:32	--------	d-----w-	C:\found.000
2012-10-01 10:43 . 2011-03-25 03:06	284160	----a-w-	c:\windows\system32\drivers\usbport.sys
2012-10-01 10:43 . 2011-03-25 03:06	258560	----a-w-	c:\windows\system32\drivers\usbhub.sys
2012-10-01 10:43 . 2011-03-25 03:06	75776	----a-w-	c:\windows\system32\drivers\usbccgp.sys
2012-10-01 10:43 . 2011-03-25 03:06	43008	----a-w-	c:\windows\system32\drivers\usbehci.sys
2012-10-01 10:43 . 2011-03-25 03:06	20480	----a-w-	c:\windows\system32\drivers\usbohci.sys
2012-10-01 10:43 . 2011-03-25 03:06	24064	----a-w-	c:\windows\system32\drivers\usbuhci.sys
2012-10-01 10:43 . 2011-03-25 03:06	5888	----a-w-	c:\windows\system32\drivers\usbd.sys
2012-10-01 10:43 . 2011-04-28 03:29	60416	----a-w-	c:\windows\system32\drivers\BTHUSB.SYS
2012-09-30 14:08 . 2012-09-30 14:08	--------	d-----w-	c:\program files\Common Files\Java
2012-09-30 14:08 . 2012-09-30 14:07	746984	----a-w-	c:\windows\system32\deployJava1.dll
2012-09-30 14:08 . 2012-09-30 14:07	821736	----a-w-	c:\windows\system32\npDeployJava1.dll
2012-09-30 14:07 . 2012-09-30 14:07	93672	----a-w-	c:\windows\system32\WindowsAccessBridge.dll
2012-09-30 14:07 . 2012-09-30 14:07	--------	d-----w-	c:\program files\Java
2012-09-30 09:56 . 2012-09-30 09:56	--------	d-----w-	c:\windows\system32\wbem\en-US
2012-09-30 09:36 . 2009-09-10 05:52	257024	----a-w-	c:\windows\system32\msv1_0.dll
2012-09-30 09:07 . 2012-03-01 05:53	19312	----a-w-	c:\windows\system32\drivers\fs_rec.sys
2012-09-30 09:07 . 2012-03-01 05:49	172544	----a-w-	c:\windows\system32\wintrust.dll
2012-09-30 09:07 . 2012-03-01 05:45	158720	----a-w-	c:\windows\system32\imagehlp.dll
2012-09-30 09:07 . 2012-03-01 05:40	5120	----a-w-	c:\windows\system32\wmi.dll
2012-09-30 09:05 . 2010-02-11 07:10	293376	----a-w-	c:\windows\system32\browserchoice.exe
2012-09-30 08:58 . 2010-03-04 04:04	146304	----a-w-	c:\windows\system32\drivers\usbvideo.sys
2012-09-30 08:58 . 2010-03-04 03:57	190976	----a-w-	c:\windows\system32\drivers\ks.sys
2012-09-30 08:57 . 2012-09-30 08:57	--------	d-----w-	c:\program files\MSXML 4.0
2012-09-30 08:54 . 2010-09-14 06:07	276992	----a-w-	c:\windows\system32\wcncsvc.dll
2012-09-29 15:39 . 2012-09-29 15:39	--------	d-----w-	c:\program files\OpenOffice.org 3
2012-09-29 15:31 . 2012-09-29 15:34	152249762	----a-w-	c:\program files\Apache_OpenOffice_incubating_3.4.1_Win_x86_install_de.exe
2012-09-29 10:07 . 2012-09-29 10:07	--------	d-----w-	c:\programdata\Canneverbe Limited
2012-09-29 10:07 . 2012-09-29 10:07	--------	d-----w-	c:\program files\CDBurnerXP
2012-09-29 09:10 . 2012-09-29 09:13	--------	d-----w-	c:\program files\Common Files\Nero
2012-09-29 09:10 . 2012-09-29 09:16	--------	d-----w-	c:\program files\Nero
2012-09-29 09:10 . 2012-09-29 09:16	--------	d-----w-	c:\programdata\Nero
2012-09-29 09:05 . 2012-09-29 09:05	--------	d-----w-	c:\program files\Microsoft.NET
2012-09-29 09:04 . 2009-11-25 10:47	99176	----a-w-	c:\windows\system32\PresentationHostProxy.dll
2012-09-29 09:04 . 2009-11-25 10:47	295264	----a-w-	c:\windows\system32\PresentationHost.exe
2012-09-29 09:04 . 2009-11-25 10:47	49472	----a-w-	c:\windows\system32\netfxperf.dll
2012-09-29 09:04 . 2009-11-25 10:47	297808	----a-w-	c:\windows\system32\mscoree.dll
2012-09-29 09:04 . 2009-11-25 10:47	1130824	----a-w-	c:\windows\system32\dfshim.dll
2012-09-29 09:03 . 2010-05-26 09:41	248672	----a-w-	c:\windows\system32\d3dx11_43.dll
2012-09-29 09:02 . 2010-05-26 09:41	470880	----a-w-	c:\windows\system32\d3dx10_43.dll
2012-09-29 09:01 . 2010-05-26 09:41	1998168	----a-w-	c:\windows\system32\D3DX9_43.dll
2012-09-29 09:00 . 2010-05-26 09:41	1868128	----a-w-	c:\windows\system32\d3dcsx_43.dll
2012-09-29 08:59 . 2010-05-26 09:41	2106216	----a-w-	c:\windows\system32\D3DCompiler_43.dll
2012-09-29 08:36 . 2010-06-29 05:02	1413632	----a-w-	c:\windows\system32\ole32.dll
2012-09-29 08:36 . 2010-06-29 04:57	4247040	----a-w-	c:\program files\Windows NT\Accessories\wordpad.exe
2012-09-29 08:36 . 2009-09-26 05:58	194488	----a-w-	c:\windows\system32\drivers\fvevol.sys
2012-09-29 08:36 . 2011-04-29 02:57	311296	----a-w-	c:\windows\system32\drivers\srv.sys
2012-09-29 08:36 . 2011-04-29 02:57	309760	----a-w-	c:\windows\system32\drivers\srv2.sys
2012-09-29 08:36 . 2011-04-29 02:57	114176	----a-w-	c:\windows\system32\drivers\srvnet.sys
2012-09-29 08:34 . 2010-08-04 06:17	417792	----a-w-	c:\windows\system32\msdri.dll
2012-09-29 08:33 . 2011-04-27 02:33	78336	----a-w-	c:\windows\system32\drivers\dfsc.sys
2012-09-29 08:32 . 2012-04-02 04:46	3958128	----a-w-	c:\windows\system32\ntkrnlpa.exe
2012-09-29 08:31 . 2010-12-21 05:38	73728	----a-w-	c:\windows\system32\wscsvc.dll
2012-09-29 08:30 . 2010-11-02 04:46	728448	----a-w-	c:\windows\system32\drivers\dxgkrnl.sys
2012-09-29 08:30 . 2011-02-03 05:45	219008	----a-w-	c:\windows\system32\drivers\dxgmms1.sys
2012-09-29 08:30 . 2010-11-02 04:23	107520	----a-w-	c:\windows\system32\cdd.dll
2012-09-28 21:27 . 2012-09-28 21:27	--------	d-----w-	c:\programdata\YTD Video Downloader
2012-09-28 21:27 . 2012-09-28 21:27	--------	d-----w-	c:\program files\GreenTree Applications
2012-09-28 21:25 . 2012-09-28 21:26	5680640	----a-w-	c:\program files\YTDSetup_3.9.2.exe
2012-09-28 20:58 . 2012-09-28 20:58	893552	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2012-09-28 20:58 . 2012-09-28 20:58	42776	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2012-09-28 20:57 . 2012-09-28 20:57	1236816	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
2012-09-28 20:27 . 2012-10-03 19:36	--------	d-----w-	c:\windows\Panther
2012-09-28 19:37 . 2012-10-04 12:47	--------	d-----w-	c:\windows\system32\wbem\Performance
2012-09-28 17:07 . 2012-09-28 17:07	163048	----a-w-	c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10141.bin
2012-09-28 16:08 . 2012-09-28 16:08	1609146	----a-w-	c:\program files\wrar420d.exe
2012-09-28 15:54 . 2012-09-28 15:54	--------	d-----w-	c:\program files\uTorrent
2012-09-28 15:46 . 2012-09-28 15:46	--------	d-----w-	c:\program files\Common Files\Skype
2012-09-28 15:46 . 2012-09-28 15:46	--------	d-----r-	c:\program files\Skype
2012-09-28 15:46 . 2012-09-28 15:46	--------	d-----w-	c:\programdata\Skype
2012-09-28 15:02 . 2012-05-31 10:25	237072	------w-	c:\windows\system32\MpSigStub.exe
2012-09-28 14:57 . 2012-08-21 09:13	355632	----a-w-	c:\windows\system32\drivers\aswSP.sys
2012-09-28 14:57 . 2012-08-21 09:13	21256	----a-w-	c:\windows\system32\drivers\aswFsBlk.sys
2012-09-28 14:57 . 2012-08-21 09:13	44784	----a-w-	c:\windows\system32\drivers\aswRdr2.sys
2012-09-28 14:57 . 2012-08-21 09:13	54232	----a-w-	c:\windows\system32\drivers\aswTdi.sys
2012-09-28 14:57 . 2012-08-21 09:13	729752	----a-w-	c:\windows\system32\drivers\aswSnx.sys
2012-09-28 14:57 . 2012-08-21 09:13	58680	----a-w-	c:\windows\system32\drivers\aswMonFlt.sys
2012-09-28 14:56 . 2012-08-21 09:12	41224	----a-w-	c:\windows\avastSS.scr
2012-09-28 14:56 . 2012-08-21 09:12	227648	----a-w-	c:\windows\system32\aswBoot.exe
2012-09-28 14:56 . 2012-09-28 14:56	--------	d-----w-	c:\programdata\AVAST Software
2012-09-28 14:56 . 2012-09-28 14:56	--------	d-----w-	c:\program files\AVAST Software
2012-09-28 14:38 . 2011-05-28 11:44	152064	----a-w-	c:\windows\system32\drivers\ViaHub3.sys
2012-09-28 14:37 . 2011-05-28 11:44	189440	----a-w-	c:\windows\system32\drivers\xhcdrv.sys
2012-09-28 14:29 . 2012-02-15 05:44	826368	----a-w-	c:\windows\system32\rdpcore.dll
2012-09-28 14:29 . 2012-02-15 04:22	24064	----a-w-	c:\windows\system32\drivers\tdtcp.sys
2012-09-28 14:29 . 2010-01-09 06:52	132608	----a-w-	c:\windows\system32\cabview.dll
2012-09-28 14:28 . 2012-09-28 14:28	73136	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2012-09-28 14:28 . 2012-09-28 14:28	696240	----a-w-	c:\windows\system32\FlashPlayerApp.exe
2012-09-28 14:28 . 2012-09-28 14:28	--------	d-----w-	c:\windows\system32\Macromed
2012-09-28 14:26 . 2012-06-02 22:19	53784	----a-w-	c:\windows\system32\wuauclt.exe
2012-09-28 14:26 . 2012-06-02 22:19	45080	----a-w-	c:\windows\system32\wups2.dll
2012-09-28 14:26 . 2012-06-02 22:19	1933848	----a-w-	c:\windows\system32\wuaueng.dll
2012-09-28 14:26 . 2012-06-02 22:12	2422272	----a-w-	c:\windows\system32\wucltux.dll
2012-09-28 14:26 . 2012-06-02 22:19	35864	----a-w-	c:\windows\system32\wups.dll
2012-09-28 14:26 . 2012-06-02 22:19	577048	----a-w-	c:\windows\system32\wuapi.dll
2012-09-28 14:26 . 2012-06-02 22:12	88576	----a-w-	c:\windows\system32\wudriver.dll
2012-09-28 14:26 . 2012-06-02 13:19	171904	----a-w-	c:\windows\system32\wuwebv.dll
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-08-21 09:12	121528	----a-w-	c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2011-03-18 10025576]
"BTMTrayAgent"="c:\program files\Motorola\Bluetooth\btmshell.dll" [2010-12-28 20899408]
"IntelWireless"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2010-11-02 1210640]
"fspuip"="c:\program files\FSP\fspuip.exe" [2010-12-27 3760640]
"IAStorIcon"="c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-09-13 283160]
"HotKeyOSD"="c:\program files\Hotkey OSD Driver\HotKeyOSD.exe" [2011-02-16 345680]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-08-21 4282728]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-01-13 143384]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-01-13 177176]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-01-13 178200]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\nvinit.dll
.
R2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files\Intel\Bluetooth\devmonsrv.exe [x]
R2 gupdate;Google Update-Dienst (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x]
R3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys [x]
R3 BTMCOM;Bluetooth Serial Port;c:\windows\system32\Drivers\btmcom.sys [x]
R3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys [x]
R3 BTMUSB;Motorola Bluetooth Radio Service;c:\windows\system32\Drivers\btmusb.sys [x]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [x]
R3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 VWiFiFlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
S2 hkosdservice;Hotkey OSD Service;c:\program files\Hotkey OSD Driver\hkosdsvis.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 NAUpdate;Nero Update;c:\program files\Nero\Update\NASvc.exe [x]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 Bluetooth Device Manager;Bluetooth Device Manager;c:\program files\Motorola\Bluetooth\devmgrsrv.exe [x]
S3 fspad_win732;Finger Sensing Pad Driver for Windows 2000/XP/Vista/Win7_win732;c:\windows\system32\DRIVERS\fspad_win732.sys [x]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x86.sys [x]
S3 MEI;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECI.sys [x]
S3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;c:\windows\system32\DRIVERS\rtl8192Ce.sys [x]
S3 VUSB3HUB;VIA USB 3 Root Hub Service;c:\windows\system32\DRIVERS\ViaHub3.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
S3 xhcdrv;VIA USB eXtensible Host Controller Service;c:\windows\system32\DRIVERS\xhcdrv.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2012-10-05 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-28 14:28]
.
2012-10-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-10-04 10:42]
.
2012-10-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2012-10-04 10:42]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.de/
IE: {{bd707fe6-39f6-4bda-9265-86a76719bdc5} - c:\program files\Motorola\Bluetooth\btmiesend.htm
TCP: DhcpNameServer = 192.168.2.1
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\TrustedInstaller\Security]
@DACL=(02 0000)
@SACL=
"Security"=hex:01,00,14,80,90,00,00,00,a0,00,00,00,14,00,00,00,34,00,00,00,02,
   00,20,00,01,00,00,00,02,c0,18,00,00,00,0c,00,01,02,00,00,00,00,00,05,20,00,\
.
Zeit der Fertigstellung: 2012-10-05  13:50:28
ComboFix-quarantined-files.txt  2012-10-05 11:50
.
Vor Suchlauf: 6 Verzeichnis(se), 272.981.811.200 Bytes frei
Nach Suchlauf: 10 Verzeichnis(se), 272.766.279.680 Bytes frei
.
- - End Of File - - 1FE6F0385C4E2BBC712E23BA1CE6352F

schrauber · 05.10.2012, 13:19

Hi,

Malwarebytes bitte updaten und nen Quick Scan machen, Funde löschen lassen und log posten. Poste bitte ausserdem ein frisches OTL logfile.

juju1966 · 05.10.2012, 13:38

Code:

ATTFilter

 Malwarebytes Anti-Malware  (Test) 1.65.0.1400
www.malwarebytes.org

Datenbank Version: v2012.10.05.04

Windows 7 x86 NTFS
Internet Explorer 9.0.8112.16421
Judith :: JUDITH-PC [Administrator]

Schutz: Deaktiviert

05.10.2012 14:24:39
mbam-log-2012-10-05 (14-24-39).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 208445
Laufzeit: 4 Minute(n), 9 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

Code:

ATTFilter

OTL logfile created on: 05.10.2012 14:38:31 - Run 2
OTL by OldTimer - Version 3.2.70.2     Folder = C:\Users\Judith\Desktop
 Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,20 Gb Total Physical Memory | 1,81 Gb Available Physical Memory | 56,45% Memory free
6,40 Gb Paging File | 5,05 Gb Available in Paging File | 78,88% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 297,99 Gb Total Space | 253,23 Gb Free Space | 84,98% Space Free | Partition Type: NTFS
 
Computer Name: JUDITH-PC | User Name: Judith | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.10.04 14:00:43 | 000,601,088 | ---- | M] (OldTimer Tools) -- C:\Users\Judith\Desktop\OTL.exe
PRC - [2012.10.04 12:42:04 | 000,212,432 | ---- | M] (Google Inc.) -- C:\Programme\Google\Update\1.3.21.123\GoogleCrashHandler.exe
PRC - [2012.09.28 16:07:52 | 000,647,680 | ---- | M] (Macrovision Europe Ltd.) -- C:\Programme\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
PRC - [2012.09.25 11:43:01 | 001,239,064 | ---- | M] (Google Inc.) -- C:\Programme\Google\Chrome\Application\chrome.exe
PRC - [2012.08.21 11:12:26 | 004,282,728 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastUI.exe
PRC - [2012.08.21 11:12:25 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe
PRC - [2012.07.13 16:27:00 | 000,769,432 | ---- | M] (Nero AG) -- C:\Programme\Nero\Update\NASvc.exe
PRC - [2011.08.07 23:25:00 | 002,214,504 | R--- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011.08.07 23:25:00 | 000,840,296 | R--- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2011.08.07 23:25:00 | 000,373,864 | R--- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\Display\nvtray.exe
PRC - [2011.08.07 13:41:26 | 000,379,496 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011.03.18 07:48:26 | 002,656,280 | R--- | M] (Intel Corporation) -- C:\Programme\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2011.03.18 07:48:04 | 000,326,168 | R--- | M] (Intel Corporation) -- C:\Programme\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2011.02.16 11:58:10 | 000,345,680 | ---- | M] (Dritek System Inc.) -- C:\Programme\Hotkey OSD Driver\HotKeyOSD.exe
PRC - [2011.02.16 11:58:10 | 000,264,272 | ---- | M] (Dritek System Inc.) -- C:\Programme\Hotkey OSD Driver\NButilps.exe
PRC - [2011.02.16 11:58:08 | 000,240,208 | ---- | M] (Dritek System Inc.) -- C:\Programme\Hotkey OSD Driver\hkosdsvis.exe
PRC - [2010.12.27 06:59:18 | 003,760,640 | ---- | M] (Sentelic Corporation) -- C:\Programme\FSP\FspUip.exe
PRC - [2010.12.16 19:55:48 | 001,370,704 | ---- | M] (Motorola, Inc.) -- C:\Programme\Motorola\Bluetooth\btplayerctrl.exe
PRC - [2010.12.16 19:54:20 | 003,511,888 | ---- | M] (Motorola, Inc.) -- C:\Programme\Motorola\Bluetooth\devmgrsrv.exe
PRC - [2010.11.02 13:29:46 | 000,936,208 | ---- | M] (Intel(R) Corporation) -- C:\Programme\Intel\WiFi\bin\EvtEng.exe
PRC - [2010.11.02 13:29:00 | 001,210,640 | ---- | M] (Intel(R) Corporation) -- C:\Programme\Common Files\Intel\WirelessCommon\iFrmewrk.exe
PRC - [2010.11.02 13:15:50 | 000,477,456 | ---- | M] (Intel(R) Corporation) -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe
PRC - [2010.09.13 18:32:32 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010.09.13 18:32:30 | 000,283,160 | ---- | M] (Intel Corporation) -- C:\Programme\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2010.09.01 06:26:04 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmplayer.exe
PRC - [2009.07.14 03:14:47 | 001,121,280 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2009.07.14 03:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.10.01 00:48:36 | 000,475,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\4aa3b127a59b6c1cd3b8749ea972771f\IAStorUtil.ni.dll
MOD - [2012.10.01 00:48:36 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\1a4c0f7ba90a13c246a90a579552935a\IAStorCommon.ni.dll
MOD - [2012.09.30 12:01:35 | 003,325,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\b68fdf2c95b93fc5006a092c11eed07c\WindowsBase.ni.dll
MOD - [2012.09.30 12:01:01 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\009c50fb69919b90fb233cb4c35d0ad7\System.Windows.Forms.ni.dll
MOD - [2012.09.30 12:00:47 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\0c00b1a8336dd4c1bd1ebce7780f20b4\System.Runtime.Remoting.ni.dll
MOD - [2012.09.30 12:00:32 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\ebefde27b0ef7f39bb49c493b34a602c\System.Drawing.ni.dll
MOD - [2012.09.30 12:00:15 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cb079eab134fd1a752ad91db13274110\System.Configuration.ni.dll
MOD - [2012.09.30 12:00:12 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\5c85c9c42e1b8a8760de82ecb4c7d582\System.Xml.ni.dll
MOD - [2012.09.30 12:00:02 | 007,952,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\2ebb3c259eab50af565e3a8dba6ad20e\System.ni.dll
MOD - [2012.09.30 11:59:55 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\5858678a79aae31262b0214424245d06\mscorlib.ni.dll
MOD - [2012.09.25 11:42:58 | 000,460,312 | ---- | M] () -- C:\Programme\Google\Chrome\Application\22.0.1229.79\ppgooglenaclpluginchrome.dll
MOD - [2012.09.25 11:42:55 | 004,005,912 | ---- | M] () -- C:\Programme\Google\Chrome\Application\22.0.1229.79\pdf.dll
MOD - [2012.09.25 11:41:39 | 000,578,072 | ---- | M] () -- C:\Programme\Google\Chrome\Application\22.0.1229.79\libglesv2.dll
MOD - [2012.09.25 11:41:38 | 000,123,416 | ---- | M] () -- C:\Programme\Google\Chrome\Application\22.0.1229.79\libegl.dll
MOD - [2012.09.25 11:41:27 | 000,156,712 | ---- | M] () -- C:\Programme\Google\Chrome\Application\22.0.1229.79\avutil-51.dll
MOD - [2012.09.25 11:41:26 | 000,275,496 | ---- | M] () -- C:\Programme\Google\Chrome\Application\22.0.1229.79\avformat-54.dll
MOD - [2012.09.25 11:41:24 | 002,168,360 | ---- | M] () -- C:\Programme\Google\Chrome\Application\22.0.1229.79\avcodec-54.dll
MOD - [2011.08.07 23:25:00 | 000,004,096 | ---- | M] () -- C:\Programme\NVIDIA Corporation\coprocmanager\detoured.dll
MOD - [2011.01.13 13:49:04 | 000,094,208 | ---- | M] () -- C:\Windows\System32\IccLibDll.dll
MOD - [2010.12.27 06:57:48 | 000,067,072 | ---- | M] () -- C:\Programme\FSP\FspLib.dll
MOD - [2010.12.27 06:57:42 | 000,044,544 | ---- | M] () -- C:\Programme\FSP\KbdHook.dll
MOD - [2009.07.14 10:47:12 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2009.07.14 10:47:11 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll
 
 
========== Services (SafeList) ==========
 
SRV - [2012.09.28 16:28:05 | 000,250,288 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.09.28 16:07:52 | 000,647,680 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Running] -- C:\Programme\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2012.08.21 11:12:25 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Programme\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012.07.13 16:27:00 | 000,769,432 | ---- | M] (Nero AG) [Auto | Running] -- C:\Programme\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2012.07.13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011.08.07 23:25:00 | 002,214,504 | R--- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Programme\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011.08.07 13:41:26 | 000,379,496 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011.03.18 07:48:26 | 002,656,280 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Programme\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2011.03.18 07:48:04 | 000,326,168 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Programme\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2011.02.16 11:58:08 | 000,240,208 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Programme\Hotkey OSD Driver\hkosdsvis.exe -- (hkosdservice)
SRV - [2010.12.16 19:54:20 | 003,511,888 | ---- | M] (Motorola, Inc.) [On_Demand | Running] -- C:\Programme\Motorola\Bluetooth\devmgrsrv.exe -- (Bluetooth Device Manager)
SRV - [2010.11.03 11:39:34 | 000,901,184 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Programme\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor)
SRV - [2010.11.02 13:29:46 | 000,936,208 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV - [2010.11.02 13:17:42 | 000,227,600 | ---- | M] () [On_Demand | Stopped] -- C:\Programme\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV - [2010.11.02 13:15:50 | 000,477,456 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV - [2010.09.13 18:32:32 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Programme\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009.07.14 03:14:47 | 001,121,280 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Unknown] -- C:\ComboFix\mbr.sys -- (mbr)
DRV - File not found [Kernel | On_Demand | Unknown] -- C:\Users\Judith\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - [2012.08.21 11:13:15 | 000,729,752 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012.08.21 11:13:15 | 000,355,632 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012.08.21 11:13:15 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012.08.21 11:13:14 | 000,058,680 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2012.08.21 11:13:14 | 000,044,784 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2012.08.21 11:13:13 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011.08.07 23:25:00 | 010,720,360 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2011.08.07 23:25:00 | 000,023,144 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\nvpciflt.sys -- (nvpciflt)
DRV - [2011.05.28 13:44:14 | 000,152,064 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ViaHub3.sys -- (VUSB3HUB)
DRV - [2011.05.28 13:44:04 | 000,189,440 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\xhcdrv.sys -- (xhcdrv)
DRV - [2011.03.18 07:47:50 | 000,041,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HECI.sys -- (MEI)
DRV - [2011.01.25 05:47:44 | 000,068,720 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1C62x86.sys -- (L1C)
DRV - [2011.01.13 13:49:43 | 000,269,824 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcDAud.sys -- (IntcDAud)
DRV - [2011.01.10 08:45:02 | 000,999,016 | R--- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rtl8192ce.sys -- (RTL8192Ce)
DRV - [2010.12.28 11:09:44 | 000,027,136 | ---- | M] (Sentelic Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\fspad_win732.sys -- (fspad_win732)
DRV - [2010.12.16 19:51:54 | 000,403,968 | ---- | M] (Motorola, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btmusb.sys -- (BTMUSB)
DRV - [2010.11.04 05:05:58 | 000,047,376 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btmaux.sys -- (btmaux)
DRV - [2010.11.04 03:31:44 | 000,047,104 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\iBtFltCoex.sys -- (iBtFltCoex)
DRV - [2010.10.19 18:12:20 | 000,217,600 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btmhsf.sys -- (btmhsf)
DRV - [2010.06.30 11:02:08 | 000,041,344 | ---- | M] (Motorola, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btmcom.sys -- (BTMCOM)
DRV - [2010.06.17 11:18:24 | 000,193,640 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2009.07.14 01:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = E6 A4 3A EB 87 9D CD 01  [binary data]
IE - HKCU\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/?q={searchTerms}&affID=111304&tt=031012_ccp_4012_3&babsrc=SP_ss&mntrId=82654c2c00000000000074de2befaf05
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Nero.com/KM: C:\PROGRA~1\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@zylom.com/ZylomGamesPlayer: C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom)
 
 
[2012.10.03 18:53:56 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
 
========== Chrome  ==========
 
CHR - homepage: hxxp://www.google.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms},
CHR - homepage: hxxp://www.google.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.79\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.79\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.79\pdf.dll
CHR - plugin: Nero Kwik Media Helper (Enabled) = C:\PROGRA~1\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U7 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.70.11 (Enabled) = C:\Windows\system32\npDeployJava1.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Zylom Plugin (Enabled) = C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - Extension: Angry Birds = C:\Users\Judith\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\
CHR - Extension: Google Drive = C:\Users\Judith\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\
CHR - Extension: Loupe = C:\Users\Judith\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhaonknplhhecdgjpphnooeomecgipkc\2.0.3_0\
CHR - Extension: YOUZEEK Free Music = C:\Users\Judith\AppData\Local\Google\Chrome\User Data\Default\Extensions\bjcgpdkighmjfjlplcighhgamlhkimce\1.6.4_0\
CHR - Extension: YouTube = C:\Users\Judith\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: HelloFax - Free Online Faxing & Signing = C:\Users\Judith\AppData\Local\Google\Chrome\User Data\Default\Extensions\bocmleclimfnadgmcdgecijlblfcmfnm\1.1_0\
CHR - Extension: Adblock Plus (Beta) = C:\Users\Judith\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\
CHR - Extension: Google-Suche = C:\Users\Judith\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: PicMonkey = C:\Users\Judith\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgdgokchhicmaiacmgegjnppjkgogdhm\1.4_0\
CHR - Extension: Torrent Turbo Search = C:\Users\Judith\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcdgomceilgkonhjheaijcmgfhabmpio\3.5.5.9_0\
CHR - Extension: Cut the Rope = C:\Users\Judith\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkddaofiamhgfjmaccfcfpfolpgbeomj\14_0\
CHR - Extension: avast! WebRep = C:\Users\Judith\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1466_0\
CHR - Extension: SmallringFX DarkOrange Theme = C:\Users\Judith\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjnlgbpnlangffmpnapcfdihmhhfnomg\1.7_0\
CHR - Extension: FVD Video Downloader = C:\Users\Judith\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmhcpmkbdkbgbmkjoiopeeegenkdikp\1.3.3_0\
CHR - Extension: Deezer = C:\Users\Judith\AppData\Local\Google\Chrome\User Data\Default\Extensions\npfkoakaabdallkcdbpkkhfilkkngakh\1.3.1_0\
CHR - Extension: Google Calendar Checker = C:\Users\Judith\AppData\Local\Google\Chrome\User Data\Default\Extensions\ookhcbgokankfmjafalglpofmolfopek\1.2.2_0\
CHR - Extension: Viewster - Kostenlos Filme gucken = C:\Users\Judith\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfiekkcjcnhbjofcjcfblhcccjkpkheh\1.8_0\
CHR - Extension: Google Mail = C:\Users\Judith\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2012.10.05 13:49:09 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - {98889811-442D-49dd-99D7-DC866BE87DBC} - No CLSID value found.
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BTMTrayAgent] C:\Program Files\Motorola\Bluetooth\btmshell.dll (Motorola, Inc.)
O4 - HKLM..\Run: [fspuip] C:\Programme\FSP\FspUip.exe (Sentelic Corporation)
O4 - HKLM..\Run: [HotKeyOSD] C:\Programme\Hotkey OSD Driver\HotKeyOSD.exe (Dritek System Inc.)
O4 - HKLM..\Run: [IAStorIcon] C:\Programme\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation)
O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware ] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-247 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Programme\Motorola\Bluetooth\btmiesend.htm ()
O9 - Extra 'Tools' menuitem : @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-247 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Programme\Motorola\Bluetooth\btmiesend.htm ()
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{36D3C98A-4C67-474F-B5FE-F177BB4E0DFC}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (c:\Windows\System32\nvinit.dll) - C:\Windows\System32\nvinit.dll (NVIDIA Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.10.05 14:24:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.10.05 14:24:00 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.10.05 14:24:00 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.10.05 13:50:31 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012.10.05 13:41:55 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012.10.05 13:41:55 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012.10.05 13:41:55 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012.10.05 13:41:48 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012.10.05 13:41:35 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012.10.05 13:32:22 | 004,762,471 | R--- | C] (Swearware) -- C:\Users\Judith\Desktop\ComboFix.exe
[2012.10.04 15:57:55 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2012.10.04 14:00:37 | 000,601,088 | ---- | C] (OldTimer Tools) -- C:\Users\Judith\Desktop\OTL.exe
[2012.10.04 13:05:55 | 000,000,000 | ---D | C] -- C:\Users\Judith\AppData\Roaming\Malwarebytes
[2012.10.04 13:05:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.10.04 13:05:01 | 010,524,080 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\Users\Judith\Desktop\mbam-setup-1.65.0.1400.exe
[2012.10.04 12:42:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012.10.04 12:41:36 | 000,763,456 | ---- | C] (Google Inc.) -- C:\Program Files\ChromeSetup.exe
[2012.10.04 12:39:06 | 000,000,000 | ---D | C] -- C:\Program Files\Zylom Games
[2012.10.04 12:39:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Zylom
[2012.10.03 21:35:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012.10.03 21:35:43 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012.10.03 21:34:49 | 003,941,312 | ---- | C] (Piriform Ltd) -- C:\Program Files\ccsetup323.exe
[2012.10.03 21:30:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2012.10.03 21:30:39 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2012.10.03 21:29:39 | 006,955,968 | ---- | C] (Microsoft Corporation) -- C:\Program Files\Silverlight.exe
[2012.10.03 21:15:49 | 000,000,000 | ---D | C] -- C:\Users\Judith\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maxthon
[2012.10.03 21:15:47 | 000,000,000 | ---D | C] -- C:\Users\Judith\AppData\Roaming\Maxthon3
[2012.10.03 21:15:45 | 000,000,000 | ---D | C] -- C:\Program Files\Maxthon3
[2012.10.03 20:53:04 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2012.10.03 20:22:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Trend Micro
[2012.10.03 20:21:37 | 000,000,000 | ---D | C] -- C:\Users\Judith\AppData\Roaming\Trend Micro
[2012.10.03 19:54:20 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2012.10.03 19:54:20 | 000,000,000 | ---D | C] -- C:\Users\Judith\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
[2012.10.03 18:55:10 | 000,000,000 | ---D | C] -- C:\Program Files\hpmonitor
[2012.10.03 18:54:44 | 000,000,000 | ---D | C] -- C:\Users\Judith\AppData\Roaming\mozilla
[2012.10.03 18:54:03 | 000,000,000 | ---D | C] -- C:\Windows\System32\searchplugins
[2012.10.03 18:54:03 | 000,000,000 | ---D | C] -- C:\Windows\System32\Extensions
[2012.10.03 18:53:56 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2012.10.02 11:48:44 | 000,146,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\storport.sys
[2012.10.02 11:48:43 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fsutil.exe
[2012.10.01 21:43:24 | 000,000,000 | ---D | C] -- C:\Users\Judith\AppData\Local\Nero_AG
[2012.10.01 21:42:49 | 000,000,000 | ---D | C] -- C:\Users\Judith\AppData\Local\Nero
[2012.10.01 21:32:09 | 000,000,000 | ---D | C] -- C:\found.000
[2012.10.01 12:43:42 | 000,284,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys
[2012.10.01 12:43:41 | 000,005,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbd.sys
[2012.09.30 16:08:56 | 000,000,000 | ---D | C] -- C:\Users\Judith\AppData\Roaming\.minecraft
[2012.09.30 16:08:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2012.09.30 16:08:15 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012.09.30 16:08:05 | 000,746,984 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\deployJava1.dll
[2012.09.30 16:08:04 | 000,821,736 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\npDeployJava1.dll
[2012.09.30 16:08:04 | 000,246,760 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2012.09.30 16:07:53 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2012.09.30 16:07:53 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2012.09.30 16:07:53 | 000,093,672 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2012.09.30 16:07:38 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2012.09.30 11:06:29 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2012.09.30 11:06:29 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012.09.30 11:06:29 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012.09.30 11:06:29 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012.09.30 11:06:29 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2012.09.30 11:06:29 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2012.09.30 11:06:29 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2012.09.30 11:06:29 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2012.09.30 11:06:29 | 000,353,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2012.09.30 11:06:29 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012.09.30 11:06:29 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2012.09.30 11:06:29 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2012.09.30 11:06:29 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012.09.30 11:06:29 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2012.09.30 11:06:29 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2012.09.30 11:06:29 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2012.09.30 11:06:29 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2012.09.30 11:06:29 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2012.09.30 11:06:29 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012.09.30 11:06:29 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2012.09.30 11:06:29 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2012.09.30 11:06:29 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2012.09.30 11:06:29 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2012.09.30 11:06:29 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2012.09.30 11:06:29 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2012.09.30 11:06:29 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2012.09.30 11:06:29 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2012.09.30 11:06:29 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2012.09.30 11:06:29 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2012.09.30 11:06:29 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012.09.30 11:06:29 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2012.09.30 11:06:29 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2012.09.30 11:06:29 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2012.09.30 11:06:29 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2012.09.30 11:06:29 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2012.09.30 11:06:29 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2012.09.30 11:06:29 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2012.09.30 11:05:08 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe
[2012.09.30 10:58:31 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ks.sys
[2012.09.30 10:57:46 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2012.09.29 17:43:43 | 000,000,000 | ---D | C] -- C:\Users\Judith\AppData\Roaming\OpenOffice.org
[2012.09.29 17:40:39 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.4.1
[2012.09.29 17:39:30 | 000,000,000 | ---D | C] -- C:\Program Files\OpenOffice.org 3
[2012.09.29 17:38:02 | 000,000,000 | ---D | C] -- C:\Program Files\OpenOffice.org 3.4.1 (de) Installation Files
[2012.09.29 12:07:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Canneverbe Limited
[2012.09.29 12:07:25 | 000,000,000 | ---D | C] -- C:\Users\Judith\AppData\Roaming\Canneverbe Limited
[2012.09.29 12:07:17 | 000,000,000 | ---D | C] -- C:\Program Files\CDBurnerXP
[2012.09.29 11:17:32 | 000,000,000 | ---D | C] -- C:\Users\Judith\AppData\Roaming\Nero
[2012.09.29 11:10:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nero
[2012.09.29 11:10:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
[2012.09.29 11:10:47 | 000,000,000 | ---D | C] -- C:\Program Files\Nero
[2012.09.29 11:10:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero
[2012.09.29 11:05:30 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2012.09.29 11:04:56 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2012.09.29 11:04:56 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2012.09.29 11:04:55 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2012.09.29 11:03:27 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_43.dll
[2012.09.29 11:02:35 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_43.dll
[2012.09.29 11:01:44 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_43.dll
[2012.09.29 11:00:50 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_43.dll
[2012.09.29 10:59:56 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_43.dll
[2012.09.29 10:35:39 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prevhost.exe
[2012.09.29 10:35:35 | 000,400,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\srcore.dll
[2012.09.29 10:35:34 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe
[2012.09.29 10:35:33 | 000,294,912 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2012.09.29 10:35:33 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2012.09.29 10:35:20 | 000,197,632 | ---- | C] (Intel(R) Corporation) -- C:\Windows\System32\ir32_32.dll
[2012.09.29 10:35:20 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2012.09.29 10:35:20 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\System32\iccvid.dll
[2012.09.29 10:34:49 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdri.dll
[2012.09.29 10:34:42 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2012.09.29 10:34:42 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
[2012.09.29 10:34:42 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax
[2012.09.29 10:34:41 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mpeg2Data.ax
[2012.09.29 10:34:41 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSDvbNP.ax
[2012.09.29 10:34:39 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl
[2012.09.29 10:34:32 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2012.09.29 10:34:22 | 000,496,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskschd.dll
[2012.09.29 10:34:22 | 000,351,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmicmiplugin.dll
[2012.09.29 10:34:22 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\taskcomp.dll
[2012.09.29 10:34:21 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\schtasks.exe
[2012.09.29 10:34:13 | 000,219,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2012.09.29 10:33:53 | 001,320,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnroll.dll
[2012.09.29 10:33:52 | 000,507,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winload.exe
[2012.09.29 10:33:52 | 000,442,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winresume.exe
[2012.09.29 10:33:28 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll
[2012.09.29 10:33:26 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40.dll
[2012.09.29 10:33:26 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40u.dll
[2012.09.29 10:33:24 | 002,344,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012.09.29 10:33:19 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2012.09.29 10:33:17 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\packager.dll
[2012.09.29 10:33:15 | 001,553,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tquery.dll
[2012.09.29 10:33:15 | 001,401,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssrch.dll
[2012.09.29 10:33:14 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssvp.dll
[2012.09.29 10:33:14 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssph.dll
[2012.09.29 10:33:13 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssphtb.dll
[2012.09.29 10:33:13 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscntrs.dll
[2012.09.29 10:33:00 | 003,902,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2012.09.29 10:32:59 | 003,958,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2012.09.29 10:32:56 | 000,191,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FXSCOVER.exe
[2012.09.29 10:32:55 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2012.09.29 10:32:49 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll
[2012.09.29 10:32:46 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2012.09.29 10:32:41 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2012.09.29 10:32:41 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2012.09.29 10:32:40 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll
[2012.09.29 10:32:39 | 000,642,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CPFilters.dll
[2012.09.29 10:32:38 | 000,850,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sbe.dll
[2012.09.29 10:32:38 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2012.09.29 10:32:36 | 002,614,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2012.09.29 10:32:35 | 001,328,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2012.09.29 10:32:35 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll
[2012.09.29 10:32:31 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
[2012.09.29 10:32:31 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2012.09.29 10:32:31 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.09.29 10:32:28 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
[2012.09.29 10:32:28 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
[2012.09.29 10:32:28 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
[2012.09.29 10:32:28 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
[2012.09.29 10:32:28 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
[2012.09.29 10:32:28 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
[2012.09.29 10:32:28 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
[2012.09.29 10:32:28 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
[2012.09.29 10:32:28 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
[2012.09.29 10:32:28 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
[2012.09.29 10:32:28 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
[2012.09.29 10:32:28 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
[2012.09.29 10:32:28 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
[2012.09.29 10:32:28 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
[2012.09.29 10:32:28 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
[2012.09.29 10:32:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
[2012.09.29 10:32:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
[2012.09.29 10:32:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012.09.29 10:32:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
[2012.09.29 10:32:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
[2012.09.29 10:32:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
[2012.09.29 10:32:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
[2012.09.29 10:32:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
[2012.09.29 10:32:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
[2012.09.29 10:32:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
[2012.09.29 10:32:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
[2012.09.29 10:32:28 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
[2012.09.29 10:32:26 | 000,490,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll
[2012.09.29 10:32:24 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browcli.dll
[2012.09.29 10:32:21 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\webio.dll
[2012.09.29 10:32:20 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sspisrv.dll
[2012.09.29 10:32:19 | 000,319,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbcjt32.dll
[2012.09.29 10:32:19 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccp32.dll
[2012.09.29 10:32:19 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccr32.dll
[2012.09.29 10:32:18 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbctrac.dll
[2012.09.29 10:32:18 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\odbccu32.dll
[2012.09.29 10:32:17 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcorekmts.dll
[2012.09.29 10:32:17 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpwsx.dll
[2012.09.29 10:32:17 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdrmemptylst.exe
[2012.09.29 10:32:09 | 003,181,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2012.09.29 10:32:08 | 001,619,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVDECOD.DLL
[2012.09.29 10:32:08 | 001,495,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll
[2012.09.29 10:32:08 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfreadwrite.dll
[2012.09.29 10:32:07 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll
[2012.09.29 10:31:59 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscapi.dll
[2012.09.29 10:31:59 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slwga.dll
[2012.09.29 10:31:53 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll
[2012.09.29 10:31:53 | 000,101,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\consent.exe
[2012.09.29 10:31:49 | 000,369,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
[2012.09.29 10:31:49 | 000,365,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
[2012.09.29 10:31:49 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
[2012.09.29 10:31:49 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
[2012.09.29 10:31:49 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
[2012.09.29 10:31:49 | 000,277,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
[2012.09.29 10:31:49 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
[2012.09.29 10:31:49 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
[2012.09.29 10:31:48 | 001,170,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2012.09.29 10:31:48 | 001,074,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2012.09.29 10:31:48 | 000,739,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2012.09.29 10:31:48 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2012.09.29 10:31:48 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2012.09.29 10:31:45 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll
[2012.09.29 10:31:45 | 001,137,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll
[2012.09.29 10:31:36 | 000,123,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\poqexec.exe
[2012.09.29 10:31:35 | 000,026,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Diskdump.sys
[2012.09.29 10:30:57 | 000,219,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxgmms1.sys
[2012.09.29 10:30:57 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2012.09.28 23:27:43 | 000,000,000 | ---D | C] -- C:\ProgramData\YTD Video Downloader
[2012.09.28 23:27:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader
[2012.09.28 23:27:27 | 000,000,000 | ---D | C] -- C:\Program Files\GreenTree Applications
[2012.09.28 22:27:18 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2012.09.28 21:30:52 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2012.09.28 21:28:40 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2012.09.28 21:27:47 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2012.09.28 18:08:36 | 000,000,000 | ---D | C] -- C:\Users\Judith\AppData\Roaming\WinRAR
[2012.09.28 18:08:36 | 000,000,000 | ---D | C] -- C:\Users\Judith\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012.09.28 18:08:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012.09.28 18:08:33 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2012.09.28 17:54:57 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent
[2012.09.28 17:54:18 | 000,000,000 | ---D | C] -- C:\Users\Judith\AppData\Roaming\uTorrent
[2012.09.28 17:46:43 | 000,000,000 | ---D | C] -- C:\Users\Judith\AppData\Roaming\Skype
[2012.09.28 17:46:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012.09.28 17:46:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2012.09.28 17:46:36 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2012.09.28 17:46:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2012.09.28 17:02:38 | 000,237,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2012.09.28 16:57:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2012.09.28 16:57:17 | 000,355,632 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2012.09.28 16:57:17 | 000,021,256 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2012.09.28 16:57:16 | 000,044,784 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr2.sys
[2012.09.28 16:57:15 | 000,054,232 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2012.09.28 16:57:14 | 000,729,752 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2012.09.28 16:57:14 | 000,058,680 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2012.09.28 16:56:53 | 000,227,648 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2012.09.28 16:56:53 | 000,041,224 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2012.09.28 16:56:43 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2012.09.28 16:56:43 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2012.09.28 16:46:41 | 000,000,000 | ---D | C] -- C:\Users\Judith\AppData\Local\Google
[2012.09.28 16:46:33 | 000,000,000 | ---D | C] -- C:\Users\Judith\AppData\Local\Apps
[2012.09.28 16:46:32 | 000,000,000 | ---D | C] -- C:\Users\Judith\AppData\Local\Deployment
[2012.09.28 16:38:30 | 000,152,064 | ---- | C] (VIA Technologies, Inc.) -- C:\Windows\System32\drivers\ViaHub3.sys
[2012.09.28 16:37:42 | 000,189,440 | ---- | C] (VIA Technologies, Inc.) -- C:\Windows\System32\drivers\xhcdrv.sys
[2012.09.28 16:29:31 | 000,826,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcore.dll
[2012.09.28 16:28:07 | 000,000,000 | ---D | C] -- C:\Users\Judith\AppData\Roaming\Macromedia
[2012.09.28 16:28:07 | 000,000,000 | ---D | C] -- C:\Users\Judith\AppData\Roaming\Adobe
[2012.09.28 16:28:05 | 000,696,240 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012.09.28 16:28:05 | 000,073,136 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012.09.28 16:28:04 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed
[2012.09.28 16:26:26 | 002,422,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2012.09.28 16:26:26 | 000,045,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2012.09.28 16:26:22 | 000,577,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2012.09.28 16:26:22 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2012.09.28 16:26:22 | 000,035,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2012.09.28 16:26:12 | 000,171,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2012.09.28 16:26:12 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2012.09.28 16:18:31 | 000,000,000 | ---D | C] -- C:\Users\Judith\AppData\Roaming\Intel Corporation
[2012.09.28 16:18:23 | 000,000,000 | ---D | C] -- C:\ProgramData\FLEXnet
[2012.09.28 16:18:21 | 000,000,000 | ---D | C] -- C:\Users\Judith\AppData\Local\FSP
[2012.09.28 16:13:48 | 000,000,000 | ---D | C] -- C:\Program Files\Hotkey OSD Driver
[2012.09.28 16:13:25 | 000,000,000 | ---D | C] -- C:\Program Files\VIA
[2012.09.28 16:12:34 | 000,000,000 | ---D | C] -- C:\Users\Judith\AppData\Roaming\InstallShield
[2012.09.28 16:11:49 | 000,000,000 | ---D | C] -- C:\Program Files\FSP
[2012.09.28 16:11:43 | 000,210,432 | ---- | C] (Sentelic Corporation.) -- C:\Windows\System32\StlFspAPI32.dll
[2012.09.28 16:11:43 | 000,027,136 | ---- | C] (Sentelic Corporation) -- C:\Windows\System32\drivers\fspad_win732.sys
[2012.09.28 16:09:54 | 000,000,000 | ---D | C] -- C:\Windows\System32\sda
[2012.09.28 16:09:50 | 000,313,960 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtsUStor.dll
[2012.09.28 16:09:49 | 000,193,640 | R--- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\drivers\RtsUStor.sys
[2012.09.28 16:09:47 | 009,112,168 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtsUStoricon.dll
[2012.09.28 16:09:26 | 000,999,016 | R--- | C] (Realtek Semiconductor Corporation                           ) -- C:\Windows\System32\drivers\rtl8192ce.sys
[2012.09.28 16:09:22 | 000,000,000 | ---D | C] -- C:\Program Files\REALTEK PCIE Wireless LAN Driver
[2012.09.28 16:08:14 | 000,041,344 | ---- | C] (Motorola, Inc.) -- C:\Windows\System32\drivers\btmcom.sys
[2012.09.28 16:08:08 | 000,008,784 | ---- | C] (Motorola, Inc.) -- C:\Windows\System32\btmsstverschk.dll
[2012.09.28 16:08:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bluetooth
[2012.09.28 16:08:03 | 000,403,968 | ---- | C] (Motorola, Inc.) -- C:\Windows\System32\drivers\btmusb.sys
[2012.09.28 16:08:03 | 000,312,912 | ---- | C] (Motorola, Inc.) -- C:\Windows\System32\btmcls.dll
[2012.09.28 16:08:03 | 000,000,000 | ---D | C] -- C:\Program Files\Motorola
[2012.09.28 16:07:52 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Macrovision Shared
[2012.09.28 16:05:05 | 000,000,000 | ---D | C] -- C:\Users\Judith\AppData\Roaming\Intel
[2012.09.28 16:05:00 | 000,000,000 | ---D | C] -- C:\Users\Judith\Roaming
[2012.09.28 16:04:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless
[2012.09.28 16:04:27 | 000,000,000 | ---D | C] -- C:\Program Files\Cisco
[2012.09.28 16:00:51 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2012.09.28 15:59:41 | 000,068,720 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\System32\drivers\L1C62x86.sys
[2012.09.28 15:59:20 | 000,000,000 | ---D | C] -- C:\Windows\System32\Atheros_L1e
[2012.09.28 15:58:19 | 000,000,000 | ---D | C] -- C:\Windows\System32\RTCOM
[2012.09.28 15:58:03 | 001,783,056 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesLib.dll
[2012.09.28 15:58:03 | 001,723,536 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesGUILib.dll
[2012.09.28 15:58:02 | 000,345,328 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSXT.dll
[2012.09.28 15:58:02 | 000,214,352 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\System32\SFNHK.dll
[2012.09.28 15:58:02 | 000,185,584 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSHD.dll
[2012.09.28 15:58:02 | 000,173,296 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSHP360.dll
[2012.09.28 15:58:02 | 000,140,528 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSWOW.dll
[2012.09.28 15:58:02 | 000,074,064 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\System32\SFCOM.dll
[2012.09.28 15:58:02 | 000,068,944 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\System32\SFAPO.dll
[2012.09.28 15:58:01 | 002,145,896 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkPgExt.dll
[2012.09.28 15:58:00 | 000,485,992 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkApoApi.dll
[2012.09.28 15:58:00 | 000,069,224 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkCoInst.dll
[2012.09.28 15:57:59 | 003,805,288 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkAPO.dll
[2012.09.28 15:57:56 | 001,084,008 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RTSndMgr.cpl
[2012.09.28 15:57:55 | 000,359,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEP32A.dll
[2012.09.28 15:57:55 | 000,295,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DHT32.dll
[2012.09.28 15:57:55 | 000,295,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DAA32.dll
[2012.09.28 15:57:55 | 000,170,840 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEED32A.dll
[2012.09.28 15:57:55 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEL32A.dll
[2012.09.28 15:57:55 | 000,064,856 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEG32A.dll
[2012.09.28 15:57:54 | 001,705,816 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEP32A.dll
[2012.09.28 15:57:54 | 000,820,224 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RCoRes.dat
[2012.09.28 15:57:54 | 000,341,848 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EED32A.dll
[2012.09.28 15:57:54 | 000,252,760 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxVolumeSDAPO.dll
[2012.09.28 15:57:54 | 000,096,600 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEL32A.dll
[2012.09.28 15:57:54 | 000,081,240 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEA32A.dll
[2012.09.28 15:57:54 | 000,061,784 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEG32A.dll
[2012.09.28 15:57:53 | 001,938,704 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioEQ.dll
[2012.09.28 15:57:53 | 001,439,064 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioRealtek.dll
[2012.09.28 15:57:53 | 000,259,928 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO30.dll
[2012.09.28 15:57:52 | 000,232,792 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO20.dll
[2012.09.28 15:57:52 | 000,132,368 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO.dll
[2012.09.28 15:57:47 | 001,730,112 | ---- | C] (Fortemedia Corporation) -- C:\Windows\System32\FMAPO.dll
[2012.09.28 15:57:46 | 001,132,648 | ---- | C] (DTS) -- C:\Windows\System32\DTSS2SpeakerDLL.dll
[2012.09.28 15:57:46 | 000,962,664 | ---- | C] (DTS) -- C:\Windows\System32\DTSS2HeadphoneDLL.dll
[2012.09.28 15:57:46 | 000,429,160 | ---- | C] (DTS) -- C:\Windows\System32\DTSSymmetryDLL.dll
[2012.09.28 15:57:46 | 000,406,120 | ---- | C] (DTS) -- C:\Windows\System32\DTSVoiceClarityDLL.dll
[2012.09.28 15:57:46 | 000,291,432 | ---- | C] (DTS) -- C:\Windows\System32\DTSNeoPCDLL.dll
[2012.09.28 15:57:46 | 000,236,648 | ---- | C] (DTS) -- C:\Windows\System32\DTSGainCompensatorDLL.dll
[2012.09.28 15:57:46 | 000,224,360 | ---- | C] (DTS) -- C:\Windows\System32\DTSLimiterDLL.dll
[2012.09.28 15:57:46 | 000,107,112 | ---- | C] (DTS) -- C:\Windows\System32\DTSLFXAPO.dll
[2012.09.28 15:57:46 | 000,106,600 | ---- | C] (DTS) -- C:\Windows\System32\DTSGFXAPONS.dll
[2012.09.28 15:57:45 | 000,901,224 | ---- | C] (DTS) -- C:\Windows\System32\DTSBoostDLL.dll
[2012.09.28 15:57:45 | 000,448,616 | ---- | C] (DTS) -- C:\Windows\System32\DTSBassEnhancementDLL.dll
[2012.09.28 15:57:45 | 000,107,112 | ---- | C] (DTS) -- C:\Windows\System32\DTSGFXAPO.dll
[2012.09.28 15:57:45 | 000,096,160 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTARen.dll
[2012.09.28 15:57:44 | 000,175,200 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTACap.dll
[2012.09.28 15:57:44 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2012.09.28 15:57:44 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2012.09.28 15:57:41 | 000,000,000 | -H-D | C] -- C:\Program Files\Temp
[2012.09.28 15:57:40 | 001,284,712 | R--- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll
[2012.09.28 15:57:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2012.09.28 15:48:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2012.09.28 15:48:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Intel
[2012.09.28 15:48:15 | 000,000,000 | ---D | C] -- C:\Windows\System32\NV
[2012.09.28 15:46:13 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2012.09.28 15:46:05 | 003,705,448 | R--- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcpl.dll
[2012.09.28 15:46:05 | 002,560,616 | R--- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvsvcr.dll
[2012.09.28 15:46:05 | 002,558,056 | R--- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvsvc.dll
[2012.09.28 15:46:05 | 000,629,864 | R--- | C] (NVIDIA Corporation) -- C:\Windows\System32\nv3dappshext.dll
[2012.09.28 15:46:05 | 000,543,336 | R--- | C] (NVIDIA Corporation) -- C:\Windows\System32\easyupdatusapiu.dll
[2012.09.28 15:46:05 | 000,111,208 | R--- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvmctray.dll
[2012.09.28 15:46:05 | 000,066,664 | R--- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvshext.dll
[2012.09.28 15:46:05 | 000,053,864 | R--- | C] (NVIDIA Corporation) -- C:\Windows\System32\nv3dappshextr.dll
[2012.09.28 15:45:59 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2012.09.28 15:45:56 | 000,899,688 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvdispco3220150.dll
[2012.09.28 15:45:56 | 000,875,112 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvgenco3220103.dll
[2012.09.28 15:45:28 | 006,558,824 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvwgf2um.dll
[2012.09.28 15:45:28 | 000,696,424 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvumdshim.dll
[2012.09.28 15:45:28 | 000,326,248 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvoptimusmft.dll
[2012.09.28 15:45:28 | 000,023,144 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvpciflt.sys
[2012.09.28 15:45:27 | 016,468,584 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvoglv32.dll
[2012.09.28 15:45:26 | 010,720,360 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys
[2012.09.28 15:45:26 | 000,300,136 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvdecodemft.dll
[2012.09.28 15:45:26 | 000,200,808 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvinit.dll
[2012.09.28 15:45:25 | 012,007,528 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvd3dum.dll
[2012.09.28 15:45:25 | 002,082,408 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvenc.dll
[2012.09.28 15:45:24 | 005,304,424 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuda.dll
[2012.09.28 15:45:23 | 013,011,560 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcompiler.dll
[2012.09.28 15:45:23 | 002,804,840 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvid.dll
[2012.09.28 15:45:23 | 002,339,432 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvapi.dll
[2012.09.28 15:45:23 | 000,057,960 | ---- | C] (Khronos Group) -- C:\Windows\System32\OpenCL.dll
[2012.09.28 15:44:23 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Intel
[2012.09.28 15:44:16 | 000,269,824 | ---- | C] (Intel(R) Corporation) -- C:\Windows\System32\drivers\IntcDAud.sys
[2012.09.28 15:44:16 | 000,012,288 | ---- | C] (Intel(R) Corporation) -- C:\Windows\System32\IntcDAuC.dll
[2012.09.28 15:44:01 | 014,279,168 | ---- | C] (Intel Corporation) -- C:\Windows\System32\ig4icd32.dll
[2012.09.28 15:44:01 | 009,030,656 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxress.dll
[2012.09.28 15:44:01 | 008,198,680 | ---- | C] (Intel(R) Corporation) -- C:\Windows\System32\TVWSetup.exe
[2012.09.28 15:44:01 | 006,054,912 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igd10umd32.dll
[2012.09.28 15:44:01 | 005,666,816 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igdumd32.dll
[2012.09.28 15:44:01 | 004,687,896 | ---- | C] (Intel Corporation) -- C:\Windows\System32\GfxUI.exe
[2012.09.28 15:44:01 | 000,574,976 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igdumdx32.dll
[2012.09.28 15:44:01 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_40.dll
[2012.09.28 15:44:01 | 000,368,640 | ---- | C] (Intel Corporation) -- C:\Windows\System32\iglhsip32.dll
[2012.09.28 15:44:01 | 000,285,184 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrfra.lrc
[2012.09.28 15:44:01 | 000,285,184 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxresn.lrc
[2012.09.28 15:44:01 | 000,285,184 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrell.lrc
[2012.09.28 15:44:01 | 000,284,672 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrsky.lrc
[2012.09.28 15:44:01 | 000,284,672 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrrus.lrc
[2012.09.28 15:44:01 | 000,284,672 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrrom.lrc
[2012.09.28 15:44:01 | 000,284,672 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrptg.lrc
[2012.09.28 15:44:01 | 000,284,672 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrplk.lrc
[2012.09.28 15:44:01 | 000,284,672 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrnld.lrc
[2012.09.28 15:44:01 | 000,284,672 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrita.lrc
[2012.09.28 15:44:01 | 000,284,672 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrhrv.lrc
[2012.09.28 15:44:01 | 000,284,672 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrdeu.lrc
[2012.09.28 15:44:01 | 000,284,672 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrcsy.lrc
[2012.09.28 15:44:01 | 000,284,160 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrtrk.lrc
[2012.09.28 15:44:01 | 000,284,160 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrsve.lrc
[2012.09.28 15:44:01 | 000,284,160 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrslv.lrc
[2012.09.28 15:44:01 | 000,284,160 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrptb.lrc
[2012.09.28 15:44:01 | 000,284,160 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrnor.lrc
[2012.09.28 15:44:01 | 000,284,160 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrhun.lrc
[2012.09.28 15:44:01 | 000,284,160 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrfin.lrc
[2012.09.28 15:44:01 | 000,283,648 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrtha.lrc
[2012.09.28 15:44:01 | 000,283,648 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrenu.lrc
[2012.09.28 15:44:01 | 000,283,648 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrdan.lrc
[2012.09.28 15:44:01 | 000,283,136 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrheb.lrc
[2012.09.28 15:44:01 | 000,283,136 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrara.lrc
[2012.09.28 15:44:01 | 000,281,600 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrjpn.lrc
[2012.09.28 15:44:01 | 000,281,088 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrkor.lrc
[2012.09.28 15:44:01 | 000,280,576 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrcht.lrc
[2012.09.28 15:44:01 | 000,280,576 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrchs.lrc
[2012.09.28 15:44:01 | 000,266,240 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxpph.dll
[2012.09.28 15:44:01 | 000,262,144 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxTMM.dll
[2012.09.28 15:44:01 | 000,145,408 | ---- | C] (Intel Corporation) -- C:\Windows\System32\gfxSrvc.dll
[2012.09.28 15:44:01 | 000,142,848 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxcmrt32.dll
[2012.09.28 15:44:01 | 000,130,048 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxdo.dll
[2012.09.28 15:44:01 | 000,120,320 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxcpl.cpl
[2012.09.28 15:44:01 | 000,095,232 | ---- | C] (Intel Corporation) -- C:\Windows\System32\hccutils.dll
[2012.09.28 15:44:01 | 000,086,528 | ---- | C] (Intel Corporation) -- C:\Windows\System32\iglhcp32.dll
[2012.09.28 15:44:01 | 000,081,920 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxCoIn_v2274.dll
[2012.09.28 15:44:01 | 000,057,856 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxsrvc.dll
[2012.09.28 15:44:01 | 000,024,576 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxexps.dll
[2012.09.28 15:42:09 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2012.09.28 15:41:28 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
[2012.09.28 15:41:20 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\postureAgent
[2012.09.28 15:41:18 | 000,041,088 | ---- | C] (Intel Corporation) -- C:\Windows\System32\drivers\HECI.sys
[2012.09.28 15:40:17 | 000,053,248 | R--- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\System32\CSVer.dll
[2012.09.28 15:40:17 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2012.09.28 15:40:06 | 000,000,000 | ---D | C] -- C:\Intel
[2012.09.28 15:38:34 | 000,000,000 | R--D | C] -- C:\Users\Judith\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012.09.28 15:38:34 | 000,000,000 | R--D | C] -- C:\Users\Judith\Searches
[2012.09.28 15:38:34 | 000,000,000 | R--D | C] -- C:\Users\Judith\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012.09.28 15:38:25 | 000,000,000 | ---D | C] -- C:\Users\Judith\AppData\Roaming\Identities
[2012.09.28 15:38:24 | 000,000,000 | R--D | C] -- C:\Users\Judith\Contacts
[2012.09.28 15:38:18 | 000,000,000 | ---D | C] -- C:\Users\Judith\AppData\Local\VirtualStore
[2012.09.28 15:38:17 | 000,000,000 | --SD | C] -- C:\Users\Judith\AppData\Roaming\Microsoft
[2012.09.28 15:38:17 | 000,000,000 | R--D | C] -- C:\Users\Judith\Videos
[2012.09.28 15:38:17 | 000,000,000 | R--D | C] -- C:\Users\Judith\Saved Games
[2012.09.28 15:38:17 | 000,000,000 | R--D | C] -- C:\Users\Judith\Pictures
[2012.09.28 15:38:17 | 000,000,000 | R--D | C] -- C:\Users\Judith\Music
[2012.09.28 15:38:17 | 000,000,000 | R--D | C] -- C:\Users\Judith\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012.09.28 15:38:17 | 000,000,000 | R--D | C] -- C:\Users\Judith\Links
[2012.09.28 15:38:17 | 000,000,000 | R--D | C] -- C:\Users\Judith\Favorites
[2012.09.28 15:38:17 | 000,000,000 | R--D | C] -- C:\Users\Judith\Downloads
[2012.09.28 15:38:17 | 000,000,000 | R--D | C] -- C:\Users\Judith\Documents
[2012.09.28 15:38:17 | 000,000,000 | R--D | C] -- C:\Users\Judith\Desktop
[2012.09.28 15:38:17 | 000,000,000 | R--D | C] -- C:\Users\Judith\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012.09.28 15:38:17 | 000,000,000 | -HSD | C] -- C:\Users\Judith\Vorlagen
[2012.09.28 15:38:17 | 000,000,000 | -HSD | C] -- C:\Users\Judith\AppData\Local\Verlauf
[2012.09.28 15:38:17 | 000,000,000 | -HSD | C] -- C:\Users\Judith\AppData\Local\Temporary Internet Files
[2012.09.28 15:38:17 | 000,000,000 | -HSD | C] -- C:\Users\Judith\Startmenü
[2012.09.28 15:38:17 | 000,000,000 | -HSD | C] -- C:\Users\Judith\SendTo
[2012.09.28 15:38:17 | 000,000,000 | -HSD | C] -- C:\Users\Judith\Recent
[2012.09.28 15:38:17 | 000,000,000 | -HSD | C] -- C:\Users\Judith\Netzwerkumgebung
[2012.09.28 15:38:17 | 000,000,000 | -HSD | C] -- C:\Users\Judith\Lokale Einstellungen
[2012.09.28 15:38:17 | 000,000,000 | -HSD | C] -- C:\Users\Judith\Documents\Eigene Videos
[2012.09.28 15:38:17 | 000,000,000 | -HSD | C] -- C:\Users\Judith\Documents\Eigene Musik
[2012.09.28 15:38:17 | 000,000,000 | -HSD | C] -- C:\Users\Judith\Eigene Dateien
[2012.09.28 15:38:17 | 000,000,000 | -HSD | C] -- C:\Users\Judith\Documents\Eigene Bilder
[2012.09.28 15:38:17 | 000,000,000 | -HSD | C] -- C:\Users\Judith\Druckumgebung
[2012.09.28 15:38:17 | 000,000,000 | -HSD | C] -- C:\Users\Judith\Cookies
[2012.09.28 15:38:17 | 000,000,000 | -HSD | C] -- C:\Users\Judith\AppData\Local\Anwendungsdaten
[2012.09.28 15:38:17 | 000,000,000 | -HSD | C] -- C:\Users\Judith\Anwendungsdaten
[2012.09.28 15:38:17 | 000,000,000 | -H-D | C] -- C:\Users\Judith\AppData
[2012.09.28 15:38:17 | 000,000,000 | ---D | C] -- C:\Users\Judith\AppData\Local\Temp
[2012.09.28 15:38:17 | 000,000,000 | ---D | C] -- C:\Users\Judith\AppData\Local\Microsoft
[2012.09.28 15:38:17 | 000,000,000 | ---D | C] -- C:\Users\Judith\AppData\Roaming\Media Center Programs
[2012.09.28 15:38:11 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen
[2012.09.28 15:38:11 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü
[2012.09.28 15:38:11 | 000,000,000 | -HSD | C] -- C:\Programme
[2012.09.28 15:38:11 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien
[2012.09.28 15:38:11 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten
[2012.09.28 15:38:11 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos
[2012.09.28 15:38:11 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik
[2012.09.28 15:38:11 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder
[2012.09.28 15:38:11 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen
[2012.09.28 15:38:11 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente
[2012.09.28 15:38:11 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten
[2012.09.28 15:38:11 | 000,000,000 | ---D | C] -- C:\Recovery
 
========== Files - Modified Within 30 Days ==========
 
[2012.10.05 14:24:02 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.10.05 13:50:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.10.05 13:49:09 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2012.10.05 13:47:52 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.10.05 13:32:54 | 004,762,471 | R--- | M] (Swearware) -- C:\Users\Judith\Desktop\ComboFix.exe
[2012.10.05 13:29:17 | 000,014,784 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.10.05 13:29:17 | 000,014,784 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.10.05 13:22:10 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.10.05 13:21:37 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.10.05 13:21:28 | 2577,801,216 | -HS- | M] () -- C:\hiberfil.sys
[2012.10.04 15:57:44 | 666,424,404 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012.10.04 14:47:46 | 000,654,166 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.10.04 14:47:46 | 000,616,008 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.10.04 14:47:46 | 000,130,006 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.10.04 14:47:46 | 000,106,388 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.10.04 14:03:00 | 000,000,000 | ---- | M] () -- C:\Users\Judith\defogger_reenable
[2012.10.04 14:01:13 | 000,302,592 | ---- | M] () -- C:\Users\Judith\Desktop\u368fkfq.exe
[2012.10.04 14:00:43 | 000,601,088 | ---- | M] (OldTimer Tools) -- C:\Users\Judith\Desktop\OTL.exe
[2012.10.04 14:00:32 | 000,050,477 | ---- | M] () -- C:\Users\Judith\Desktop\Defogger.exe
[2012.10.04 13:05:19 | 010,524,080 | ---- | M] (Malwarebytes Corporation                                    ) -- C:\Users\Judith\Desktop\mbam-setup-1.65.0.1400.exe
[2012.10.04 12:42:59 | 000,002,197 | ---- | M] () -- C:\Users\Judith\Desktop\Google Chrome.lnk
[2012.10.04 12:41:36 | 000,763,456 | ---- | M] (Google Inc.) -- C:\Program Files\ChromeSetup.exe
[2012.10.04 12:38:29 | 000,511,520 | ---- | M] () -- C:\Program Files\gamesplayerinstall.exe
[2012.10.03 21:35:44 | 000,000,969 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.10.03 21:34:54 | 003,941,312 | ---- | M] (Piriform Ltd) -- C:\Program Files\ccsetup323.exe
[2012.10.03 21:29:45 | 006,955,968 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Silverlight.exe
[2012.10.03 21:15:49 | 000,001,052 | ---- | M] () -- C:\Users\Judith\Desktop\Maxthon 3.lnk
[2012.10.03 20:32:05 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2012.10.03 19:54:20 | 000,001,226 | ---- | M] () -- C:\Users\Judith\Desktop\Revo Uninstaller.lnk
[2012.10.01 21:33:49 | 000,003,416 | ---- | M] () -- C:\bootsqm.dat
[2012.10.01 16:37:18 | 005,563,772 | ---- | M] () -- C:\Users\Judith\AppData\Roaming\Sieg17_atheriapolis.zip
[2012.09.30 16:07:48 | 000,093,672 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2012.09.30 16:07:43 | 000,246,760 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2012.09.30 16:07:43 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2012.09.30 16:07:42 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2012.09.30 16:07:40 | 000,821,736 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\npDeployJava1.dll
[2012.09.30 16:07:40 | 000,746,984 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\deployJava1.dll
[2012.09.30 11:58:34 | 000,293,144 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.09.30 11:06:29 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2012.09.30 11:06:29 | 002,382,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012.09.30 11:06:29 | 001,800,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012.09.30 11:06:29 | 001,427,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012.09.30 11:06:29 | 000,607,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2012.09.30 11:06:29 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2012.09.30 11:06:29 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2012.09.30 11:06:29 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2012.09.30 11:06:29 | 000,353,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2012.09.30 11:06:29 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012.09.30 11:06:29 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2012.09.30 11:06:29 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2012.09.30 11:06:29 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012.09.30 11:06:29 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2012.09.30 11:06:29 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2012.09.30 11:06:29 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2012.09.30 11:06:29 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2012.09.30 11:06:29 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2012.09.30 11:06:29 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012.09.30 11:06:29 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2012.09.30 11:06:29 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2012.09.30 11:06:29 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2012.09.30 11:06:29 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2012.09.30 11:06:29 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2012.09.30 11:06:29 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2012.09.30 11:06:29 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2012.09.30 11:06:29 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2012.09.30 11:06:29 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2012.09.30 11:06:29 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2012.09.30 11:06:29 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2012.09.30 11:06:29 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012.09.30 11:06:29 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2012.09.30 11:06:29 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2012.09.30 11:06:29 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2012.09.30 11:06:29 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2012.09.30 11:06:29 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2012.09.30 11:06:29 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2012.09.30 11:06:29 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2012.09.29 18:45:37 | 000,024,283 | ---- | M] () -- C:\Users\Judith\Documents\SAGA  29.9.12.odt
[2012.09.29 17:40:39 | 000,001,130 | ---- | M] () -- C:\Users\Public\Desktop\OpenOffice.org 3.4.1.lnk
[2012.09.29 17:34:05 | 152,249,762 | ---- | M] () -- C:\Program Files\Apache_OpenOffice_incubating_3.4.1_Win_x86_install_de.exe
[2012.09.29 12:07:19 | 000,001,899 | ---- | M] () -- C:\Users\Public\Desktop\CDBurnerXP.lnk
[2012.09.29 11:15:30 | 000,002,785 | ---- | M] () -- C:\Users\Public\Desktop\Nero Video 12.lnk
[2012.09.29 11:14:52 | 000,002,889 | ---- | M] () -- C:\Users\Public\Desktop\Nero Recode 12.lnk
[2012.09.29 11:13:10 | 000,002,771 | ---- | M] () -- C:\Users\Public\Desktop\Nero BackItUp 12.lnk
[2012.09.29 11:12:51 | 000,002,857 | ---- | M] () -- C:\Users\Public\Desktop\Nero 12.lnk
[2012.09.29 11:12:20 | 000,002,831 | ---- | M] () -- C:\Users\Public\Desktop\Nero Burning ROM 12.lnk
[2012.09.28 23:33:51 | 257,181,379 | ---- | M] () -- C:\Users\Judith\Documents\Mapouka Zouglou Mix.mp4
[2012.09.28 23:27:28 | 000,001,251 | ---- | M] () -- C:\Users\Public\Desktop\YTD Video Downloader.lnk
[2012.09.28 23:26:03 | 005,680,640 | ---- | M] () -- C:\Program Files\YTDSetup_3.9.2.exe
[2012.09.28 21:31:15 | 000,052,953 | ---- | M] () -- C:\Windows\System32\license.rtf
[2012.09.28 21:30:01 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012.09.28 18:08:24 | 001,609,146 | ---- | M] () -- C:\Program Files\wrar420d.exe
[2012.09.28 17:54:57 | 000,000,917 | ---- | M] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2012.09.28 17:46:37 | 000,002,503 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2012.09.28 17:45:59 | 019,337,216 | ---- | M] () -- C:\Program Files\SkypeSetup_5.10.0.116.msi
[2012.09.28 16:57:18 | 000,002,079 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012.09.28 16:38:31 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_ViaHub3_01009.Wdf
[2012.09.28 16:37:46 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_xhcdrv_01009.Wdf
[2012.09.28 16:28:05 | 000,696,240 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012.09.28 16:28:05 | 000,073,136 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012.09.28 16:13:52 | 000,000,178 | ---- | M] () -- C:\Windows\HotKeyOSD.UNI
[2012.09.28 16:01:49 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_btmaux_01009.Wdf
[2012.09.28 16:01:39 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_iBtFltCoex_01009.Wdf
[2012.09.28 15:46:26 | 000,015,640 | ---- | M] () -- C:\Windows\System32\results.xml
[2012.09.07 17:04:46 | 000,022,856 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
 
========== Files Created - No Company Name ==========
 
[2012.10.05 14:24:02 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.10.05 13:41:55 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012.10.05 13:41:55 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012.10.05 13:41:55 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012.10.05 13:41:55 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012.10.05 13:41:55 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012.10.04 15:57:44 | 666,424,404 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2012.10.04 14:03:00 | 000,000,000 | ---- | C] () -- C:\Users\Judith\defogger_reenable
[2012.10.04 14:01:11 | 000,302,592 | ---- | C] () -- C:\Users\Judith\Desktop\u368fkfq.exe
[2012.10.04 14:00:30 | 000,050,477 | ---- | C] () -- C:\Users\Judith\Desktop\Defogger.exe
[2012.10.04 12:42:59 | 000,002,197 | ---- | C] () -- C:\Users\Judith\Desktop\Google Chrome.lnk
[2012.10.04 12:42:06 | 000,001,098 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.10.04 12:42:06 | 000,001,094 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.10.04 12:38:29 | 000,511,520 | ---- | C] () -- C:\Program Files\gamesplayerinstall.exe
[2012.10.03 21:35:44 | 000,000,969 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.10.03 21:15:49 | 000,001,052 | ---- | C] () -- C:\Users\Judith\Desktop\Maxthon 3.lnk
[2012.10.03 19:54:20 | 000,001,226 | ---- | C] () -- C:\Users\Judith\Desktop\Revo Uninstaller.lnk
[2012.10.01 21:33:49 | 000,003,416 | ---- | C] () -- C:\bootsqm.dat
[2012.10.01 16:37:05 | 005,563,772 | ---- | C] () -- C:\Users\Judith\AppData\Roaming\Sieg17_atheriapolis.zip
[2012.09.30 11:06:29 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2012.09.29 18:45:35 | 000,024,283 | ---- | C] () -- C:\Users\Judith\Documents\SAGA  29.9.12.odt
[2012.09.29 17:40:39 | 000,001,130 | ---- | C] () -- C:\Users\Public\Desktop\OpenOffice.org 3.4.1.lnk
[2012.09.29 17:31:07 | 152,249,762 | ---- | C] () -- C:\Program Files\Apache_OpenOffice_incubating_3.4.1_Win_x86_install_de.exe
[2012.09.29 12:07:19 | 000,001,899 | ---- | C] () -- C:\Users\Public\Desktop\CDBurnerXP.lnk
[2012.09.29 12:07:19 | 000,001,849 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
[2012.09.29 11:15:30 | 000,002,785 | ---- | C] () -- C:\Users\Public\Desktop\Nero Video 12.lnk
[2012.09.29 11:14:52 | 000,002,889 | ---- | C] () -- C:\Users\Public\Desktop\Nero Recode 12.lnk
[2012.09.29 11:13:10 | 000,002,771 | ---- | C] () -- C:\Users\Public\Desktop\Nero BackItUp 12.lnk
[2012.09.29 11:12:51 | 000,002,857 | ---- | C] () -- C:\Users\Public\Desktop\Nero 12.lnk
[2012.09.29 11:12:20 | 000,002,831 | ---- | C] () -- C:\Users\Public\Desktop\Nero Burning ROM 12.lnk
[2012.09.28 23:28:33 | 257,181,379 | ---- | C] () -- C:\Users\Judith\Documents\Mapouka Zouglou Mix.mp4
[2012.09.28 23:27:28 | 000,001,251 | ---- | C] () -- C:\Users\Public\Desktop\YTD Video Downloader.lnk
[2012.09.28 23:25:41 | 005,680,640 | ---- | C] () -- C:\Program Files\YTDSetup_3.9.2.exe
[2012.09.28 21:31:10 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2012.09.28 21:31:01 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2012.09.28 21:30:01 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012.09.28 21:27:47 | 2577,801,216 | -HS- | C] () -- C:\hiberfil.sys
[2012.09.28 18:08:12 | 001,609,146 | ---- | C] () -- C:\Program Files\wrar420d.exe
[2012.09.28 17:54:57 | 000,000,917 | ---- | C] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2012.09.28 17:46:37 | 000,002,503 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2012.09.28 17:44:53 | 019,337,216 | ---- | C] () -- C:\Program Files\SkypeSetup_5.10.0.116.msi
[2012.09.28 16:57:18 | 000,002,079 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012.09.28 16:38:31 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_ViaHub3_01009.Wdf
[2012.09.28 16:37:46 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_xhcdrv_01009.Wdf
[2012.09.28 16:28:05 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.09.28 16:13:52 | 000,000,178 | ---- | C] () -- C:\Windows\HotKeyOSD.UNI
[2012.09.28 16:09:21 | 000,451,072 | ---- | C] () -- C:\Windows\System32\ISSRemoveSP.exe
[2012.09.28 16:01:49 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_btmaux_01009.Wdf
[2012.09.28 16:01:39 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_iBtFltCoex_01009.Wdf
[2012.09.28 15:46:26 | 000,015,640 | ---- | C] () -- C:\Windows\System32\results.xml
[2012.09.28 15:46:05 | 001,818,352 | R--- | C] () -- C:\Windows\System32\nvcoproc.bin
[2012.09.28 15:45:56 | 000,004,215 | ---- | C] () -- C:\Windows\System32\nvinfo.pb
[2012.09.28 15:44:01 | 001,921,265 | ---- | C] () -- C:\Windows\System32\iglhxa32.cpa
[2012.09.28 15:44:01 | 000,960,940 | ---- | C] () -- C:\Windows\System32\igkrng600.bin
[2012.09.28 15:44:01 | 000,208,335 | ---- | C] () -- C:\Windows\System32\Gfxres.th-TH.resources
[2012.09.28 15:44:01 | 000,207,376 | ---- | C] () -- C:\Windows\System32\igfcg600m.bin
[2012.09.28 15:44:01 | 000,195,681 | ---- | C] () -- C:\Windows\System32\Gfxres.el-GR.resources
[2012.09.28 15:44:01 | 000,180,246 | ---- | C] () -- C:\Windows\System32\Gfxres.ru-RU.resources
[2012.09.28 15:44:01 | 000,154,366 | ---- | C] () -- C:\Windows\System32\Gfxres.ar-SA.resources
[2012.09.28 15:44:01 | 000,151,350 | ---- | C] () -- C:\Windows\System32\Gfxres.ja-JP.resources
[2012.09.28 15:44:01 | 000,147,392 | ---- | C] () -- C:\Windows\System32\Gfxres.he-IL.resources
[2012.09.28 15:44:01 | 000,145,804 | ---- | C] () -- C:\Windows\System32\igcompkrng600.bin
[2012.09.28 15:44:01 | 000,138,635 | ---- | C] () -- C:\Windows\System32\Gfxres.it-IT.resources
[2012.09.28 15:44:01 | 000,137,000 | ---- | C] () -- C:\Windows\System32\Gfxres.ko-KR.resources
[2012.09.28 15:44:01 | 000,136,226 | ---- | C] () -- C:\Windows\System32\Gfxres.de-DE.resources
[2012.09.28 15:44:01 | 000,136,172 | ---- | C] () -- C:\Windows\System32\Gfxres.es-ES.resources
[2012.09.28 15:44:01 | 000,135,119 | ---- | C] () -- C:\Windows\System32\Gfxres.ro-RO.resources
[2012.09.28 15:44:01 | 000,134,081 | ---- | C] () -- C:\Windows\System32\Gfxres.fr-FR.resources
[2012.09.28 15:44:01 | 000,133,868 | ---- | C] () -- C:\Windows\System32\Gfxres.tr-TR.resources
[2012.09.28 15:44:01 | 000,133,321 | ---- | C] () -- C:\Windows\System32\Gfxres.pt-BR.resources
[2012.09.28 15:44:01 | 000,132,876 | ---- | C] () -- C:\Windows\System32\Gfxres.nl-NL.resources
[2012.09.28 15:44:01 | 000,132,861 | ---- | C] () -- C:\Windows\System32\Gfxres.hu-HU.resources
[2012.09.28 15:44:01 | 000,132,422 | ---- | C] () -- C:\Windows\System32\Gfxres.sv-SE.resources
[2012.09.28 15:44:01 | 000,132,299 | ---- | C] () -- C:\Windows\System32\Gfxres.pt-PT.resources
[2012.09.28 15:44:01 | 000,131,897 | ---- | C] () -- C:\Windows\System32\Gfxres.cs-CZ.resources
[2012.09.28 15:44:01 | 000,131,711 | ---- | C] () -- C:\Windows\System32\Gfxres.pl-PL.resources
[2012.09.28 15:44:01 | 000,131,456 | ---- | C] () -- C:\Windows\System32\Gfxres.fi-FI.resources
[2012.09.28 15:44:01 | 000,131,290 | ---- | C] () -- C:\Windows\System32\Gfxres.sk-SK.resources
[2012.09.28 15:44:01 | 000,130,414 | ---- | C] () -- C:\Windows\System32\Gfxres.hr-HR.resources
[2012.09.28 15:44:01 | 000,127,599 | ---- | C] () -- C:\Windows\System32\Gfxres.sl-SI.resources
[2012.09.28 15:44:01 | 000,127,367 | ---- | C] () -- C:\Windows\System32\Gfxres.nb-NO.resources
[2012.09.28 15:44:01 | 000,127,109 | ---- | C] () -- C:\Windows\System32\Gfxres.da-DK.resources
[2012.09.28 15:44:01 | 000,122,646 | ---- | C] () -- C:\Windows\System32\Gfxres.en-US.resources
[2012.09.28 15:44:01 | 000,116,413 | ---- | C] () -- C:\Windows\System32\Gfxres.zh-TW.resources
[2012.09.28 15:44:01 | 000,115,195 | ---- | C] () -- C:\Windows\System32\Gfxres.zh-CN.resources
[2012.09.28 15:44:01 | 000,094,208 | ---- | C] () -- C:\Windows\System32\IccLibDll.dll
[2012.09.28 15:44:01 | 000,062,816 | ---- | C] () -- C:\Windows\System32\iglhxs32.vp
[2012.09.28 15:44:01 | 000,060,226 | ---- | C] () -- C:\Windows\System32\iglhxc32.vp
[2012.09.28 15:44:01 | 000,060,015 | ---- | C] () -- C:\Windows\System32\iglhxo32.vp
[2012.09.28 15:44:01 | 000,004,096 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll
[2012.09.28 15:44:01 | 000,001,090 | ---- | C] () -- C:\Windows\System32\iglhxa32.vp
[2012.09.28 15:44:01 | 000,000,151 | ---- | C] () -- C:\Windows\System32\GfxUI.exe.config
[2012.09.28 15:41:26 | 000,008,192 | R--- | C] () -- C:\Windows\System32\drivers\IntelMEFWVer.dll
[2012.09.28 15:38:35 | 000,001,413 | ---- | C] () -- C:\Users\Judith\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011.08.07 13:41:36 | 000,305,256 | ---- | C] () -- C:\Windows\System32\nvStreaming.exe
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:46:56 | 012,868,608 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.07.14 03:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

< End of report >

schrauber · 05.10.2012, 13:59

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

juju1966 · 05.10.2012, 16:13

Hallo Schrauber,

der ESET hat nichts gefunden. aber der Babylon search Tab ist immer noch da.

Gruß

schrauber · 05.10.2012, 17:14

Downloade Dir bitte AdwCleaner auf deinen Desktop.

Starte die adwcleaner.exe mit einem Doppelklick.
Klicke auf Suche.
Nach Ende des Suchlaufs öffnet sich eine Textdatei.
Poste mir den Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner[R1].txt.

Schließe alle offenen Programme und Browser.
Starte die adwcleaner.exe mit einem Doppelklick.
Klicke auf Löschen.
Bestätige jeweils mit Ok.
Dein Rechner wird neu gestartet. Nach dem Neustart öffnet sich eine Textdatei.
Poste mir den Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner[S1].txt.

Und ein frisches OTL logfile.

juju1966 · 05.10.2012, 20:09

Code:

ATTFilter

# AdwCleaner v2.003 - Datei am 10/05/2012 um 20:58:11 erstellt
# Aktualisiert am 23/09/2012 von Xplode
# Betriebssystem : Windows 7 Home Premium  (32 bits)
# Benutzer : Judith - JUDITH-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Judith\Desktop\adwcleaner.exe
# Option [Suche]


**** [Dienste] ****


***** [Dateien / Ordner] *****


***** [Registrierungsdatenbank] *****

Daten Gefunden : HKLM\..\Windows [AppInit_DLLs] = c:\progra~2\browse~1\23762~1.17\{16cdf~1\browse~1.dll c:\windows\system32\nvinit.dll
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\PriceGong
Schlüssel Gefunden : HKCU\Software\DataMngr
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1631550F-191D-4826-B069-D9439253D926}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlüssel Gefunden : HKLM\Software\Babylon
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Schlüssel Gefunden : HKLM\Software\DataMngr
Schlüssel Gefunden : HKU\S-1-5-21-2597090517-2670986678-1303494435-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}]

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Google Chrome v [Version kann nicht ermittelt werden]

Datei : C:\Users\Judith\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

*************************

AdwCleaner[R1].txt - [1782 octets] - [05/10/2012 20:58:11]

########## EOF - C:\AdwCleaner[R1].txt - [1842 octets] ##########

Code:

ATTFilter

OTL logfile created on: 05.10.2012 21:04:12 - Run 2
OTL by OldTimer - Version 3.2.70.2     Folder = C:\Users\Judith\Desktop
 Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,20 Gb Total Physical Memory | 1,46 Gb Available Physical Memory | 45,69% Memory free
6,40 Gb Paging File | 4,49 Gb Available in Paging File | 70,13% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 297,99 Gb Total Space | 255,08 Gb Free Space | 85,60% Space Free | Partition Type: NTFS
 
Computer Name: JUDITH-PC | User Name: Judith | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Judith\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Google\Update\1.3.21.123\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\Programme\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
PRC - C:\Programme\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Programme\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Programme\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Programme\Nero\Update\NASvc.exe (Nero AG)
PRC - C:\Programme\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
PRC - C:\Programme\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation)
PRC - C:\Programme\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation)
PRC - C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Programme\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Programme\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Hotkey OSD Driver\HotKeyOSD.exe (Dritek System Inc.)
PRC - C:\Programme\Hotkey OSD Driver\NButilps.exe (Dritek System Inc.)
PRC - C:\Programme\Hotkey OSD Driver\hkosdsvis.exe (Dritek System Inc.)
PRC - C:\Programme\FSP\FspUip.exe (Sentelic Corporation)
PRC - C:\Programme\Motorola\Bluetooth\devmgrsrv.exe (Motorola, Inc.)
PRC - C:\Programme\Intel\Bluetooth\devmonsrv.exe (Intel Corporation)
PRC - C:\Programme\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
PRC - C:\Programme\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation)
PRC - C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
PRC - C:\Programme\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Programme\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\4aa3b127a59b6c1cd3b8749ea972771f\IAStorUtil.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\1a4c0f7ba90a13c246a90a579552935a\IAStorCommon.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\b68fdf2c95b93fc5006a092c11eed07c\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\009c50fb69919b90fb233cb4c35d0ad7\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\0c00b1a8336dd4c1bd1ebce7780f20b4\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\ebefde27b0ef7f39bb49c493b34a602c\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cb079eab134fd1a752ad91db13274110\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\5c85c9c42e1b8a8760de82ecb4c7d582\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\2ebb3c259eab50af565e3a8dba6ad20e\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\5858678a79aae31262b0214424245d06\mscorlib.ni.dll ()
MOD - C:\Programme\Google\Chrome\Application\22.0.1229.79\ppgooglenaclpluginchrome.dll ()
MOD - C:\Programme\Google\Chrome\Application\22.0.1229.79\PepperFlash\pepflashplayer.dll ()
MOD - C:\Programme\Google\Chrome\Application\22.0.1229.79\pdf.dll ()
MOD - C:\Programme\Google\Chrome\Application\22.0.1229.79\libglesv2.dll ()
MOD - C:\Programme\Google\Chrome\Application\22.0.1229.79\libegl.dll ()
MOD - C:\Programme\Google\Chrome\Application\22.0.1229.79\avutil-51.dll ()
MOD - C:\Programme\Google\Chrome\Application\22.0.1229.79\avformat-54.dll ()
MOD - C:\Programme\Google\Chrome\Application\22.0.1229.79\avcodec-54.dll ()
MOD - C:\Programme\NVIDIA Corporation\coprocmanager\detoured.dll ()
MOD - C:\Windows\System32\IccLibDll.dll ()
MOD - C:\Programme\FSP\FspLib.dll ()
MOD - C:\Programme\FSP\KbdHook.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll ()
 
 
========== Services (SafeList) ==========
 
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (FLEXnet Licensing Service) -- C:\Programme\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (avast! Antivirus) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (NAUpdate) -- C:\Programme\Nero\Update\NASvc.exe (Nero AG)
SRV - (SkypeUpdate) -- C:\Programme\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (nvUpdatusService) -- C:\Programme\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (UNS) -- C:\Programme\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Programme\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (hkosdservice) -- C:\Programme\Hotkey OSD Driver\hkosdsvis.exe (Dritek System Inc.)
SRV - (Bluetooth Device Manager) -- C:\Programme\Motorola\Bluetooth\devmgrsrv.exe (Motorola, Inc.)
SRV - (Bluetooth Device Monitor) -- C:\Programme\Intel\Bluetooth\devmonsrv.exe (Intel Corporation)
SRV - (EvtEng) -- C:\Programme\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
SRV - (MyWiFiDHCPDNS) -- C:\Programme\Intel\WiFi\bin\PanDhcpDns.exe ()
SRV - (RegSrvc) -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
SRV - (IAStorDataMgrSvc) -- C:\Programme\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (fwdiqpod) -- C:\Users\Judith\AppData\Local\Temp\fwdiqpod.sys File not found
DRV - (aswSnx) -- C:\Windows\System32\drivers\aswSnx.sys (AVAST Software)
DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (AVAST Software)
DRV - (aswRdr) -- C:\Windows\System32\drivers\aswRdr2.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (nvpciflt) -- C:\Windows\System32\drivers\nvpciflt.sys (NVIDIA Corporation)
DRV - (VUSB3HUB) -- C:\Windows\System32\drivers\ViaHub3.sys (VIA Technologies, Inc.)
DRV - (xhcdrv) -- C:\Windows\System32\drivers\xhcdrv.sys (VIA Technologies, Inc.)
DRV - (MEI) -- C:\Windows\System32\drivers\HECI.sys (Intel Corporation)
DRV - (L1C) -- C:\Windows\System32\drivers\L1C62x86.sys (Atheros Communications, Inc.)
DRV - (IntcDAud) -- C:\Windows\System32\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV - (RTL8192Ce) -- C:\Windows\System32\drivers\rtl8192ce.sys (Realtek Semiconductor Corporation                           )
DRV - (fspad_win732) -- C:\Windows\System32\drivers\fspad_win732.sys (Sentelic Corporation)
DRV - (BTMUSB) -- C:\Windows\System32\drivers\btmusb.sys (Motorola, Inc.)
DRV - (btmaux) -- C:\Windows\System32\drivers\btmaux.sys (Intel Corporation)
DRV - (iBtFltCoex) -- C:\Windows\System32\drivers\iBtFltCoex.sys (Intel Corporation)
DRV - (btmhsf) -- C:\Windows\System32\drivers\btmhsf.sys (Intel Corporation)
DRV - (BTMCOM) -- C:\Windows\System32\drivers\btmcom.sys (Motorola, Inc.)
DRV - (RSUSBSTOR) -- C:\Windows\System32\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV - (vwifimp) -- C:\Windows\System32\drivers\vwifimp.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = E6 A4 3A EB 87 9D CD 01  [binary data]
IE - HKCU\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/?q={searchTerms}&affID=111304&tt=031012_ccp_4012_3&babsrc=SP_ss&mntrId=82654c2c00000000000074de2befaf05
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Nero.com/KM: C:\PROGRA~1\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@zylom.com/ZylomGamesPlayer: C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom)
 
 
[2012.10.03 18:53:56 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
 
========== Chrome  ==========
 
CHR - homepage: hxxp://www.google.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms},
CHR - homepage: hxxp://www.google.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.79\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.79\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.79\pdf.dll
CHR - plugin: Nero Kwik Media Helper (Enabled) = C:\PROGRA~1\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U7 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.70.11 (Enabled) = C:\Windows\system32\npDeployJava1.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Zylom Plugin (Enabled) = C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - Extension: Angry Birds = C:\Users\Judith\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\
CHR - Extension: Google Drive = C:\Users\Judith\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\
CHR - Extension: Loupe = C:\Users\Judith\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhaonknplhhecdgjpphnooeomecgipkc\2.0.3_0\
CHR - Extension: YOUZEEK Free Music = C:\Users\Judith\AppData\Local\Google\Chrome\User Data\Default\Extensions\bjcgpdkighmjfjlplcighhgamlhkimce\1.6.4_0\
CHR - Extension: YouTube = C:\Users\Judith\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: HelloFax - Free Online Faxing & Signing = C:\Users\Judith\AppData\Local\Google\Chrome\User Data\Default\Extensions\bocmleclimfnadgmcdgecijlblfcmfnm\1.1_0\
CHR - Extension: Adblock Plus (Beta) = C:\Users\Judith\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\
CHR - Extension: Google-Suche = C:\Users\Judith\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: PicMonkey = C:\Users\Judith\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgdgokchhicmaiacmgegjnppjkgogdhm\1.4_0\
CHR - Extension: Torrent Turbo Search = C:\Users\Judith\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcdgomceilgkonhjheaijcmgfhabmpio\3.5.5.9_0\
CHR - Extension: Cut the Rope = C:\Users\Judith\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkddaofiamhgfjmaccfcfpfolpgbeomj\14_0\
CHR - Extension: avast! WebRep = C:\Users\Judith\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1466_0\
CHR - Extension: SmallringFX DarkOrange Theme = C:\Users\Judith\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjnlgbpnlangffmpnapcfdihmhhfnomg\1.7_0\
CHR - Extension: FVD Video Downloader = C:\Users\Judith\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmhcpmkbdkbgbmkjoiopeeegenkdikp\1.3.3_0\
CHR - Extension: Deezer = C:\Users\Judith\AppData\Local\Google\Chrome\User Data\Default\Extensions\npfkoakaabdallkcdbpkkhfilkkngakh\1.3.1_0\
CHR - Extension: Google Calendar Checker = C:\Users\Judith\AppData\Local\Google\Chrome\User Data\Default\Extensions\ookhcbgokankfmjafalglpofmolfopek\1.2.2_0\
CHR - Extension: Viewster - Kostenlos Filme gucken = C:\Users\Judith\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfiekkcjcnhbjofcjcfblhcccjkpkheh\1.8_0\
CHR - Extension: Google Mail = C:\Users\Judith\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - {98889811-442D-49dd-99D7-DC866BE87DBC} - No CLSID value found.
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BTMTrayAgent] C:\Program Files\Motorola\Bluetooth\btmshell.dll (Motorola, Inc.)
O4 - HKLM..\Run: [fspuip] C:\Programme\FSP\FspUip.exe (Sentelic Corporation)
O4 - HKLM..\Run: [HotKeyOSD] C:\Programme\Hotkey OSD Driver\HotKeyOSD.exe (Dritek System Inc.)
O4 - HKLM..\Run: [IAStorIcon] C:\Programme\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O9 - Extra Button: @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-247 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Programme\Motorola\Bluetooth\btmiesend.htm ()
O9 - Extra 'Tools' menuitem : @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-247 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Programme\Motorola\Bluetooth\btmiesend.htm ()
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{36D3C98A-4C67-474F-B5FE-F177BB4E0DFC}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (c:\progra~2\browse~1\23762~1.17\{16cdf~1\browse~1.dll) -  File not found
O20 - AppInit_DLLs: (c:\windows\system32\nvinit.dll) - C:\Windows\System32\nvinit.dll (NVIDIA Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.10.05 20:54:15 | 000,601,088 | ---- | C] (OldTimer Tools) -- C:\Users\Judith\Desktop\OTL.exe
[2012.10.05 13:41:35 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012.10.04 15:57:55 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2012.10.04 13:05:55 | 000,000,000 | ---D | C] -- C:\Users\Judith\AppData\Roaming\Malwarebytes
[2012.10.04 13:05:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.10.04 12:42:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012.10.04 12:41:36 | 000,763,456 | ---- | C] (Google Inc.) -- C:\Program Files\ChromeSetup.exe
[2012.10.04 12:39:06 | 000,000,000 | ---D | C] -- C:\Program Files\Zylom Games
[2012.10.04 12:39:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Zylom
[2012.10.03 21:35:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012.10.03 21:35:43 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012.10.03 21:34:49 | 003,941,312 | ---- | C] (Piriform Ltd) -- C:\Program Files\ccsetup323.exe
[2012.10.03 21:30:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2012.10.03 21:30:39 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2012.10.03 21:29:39 | 006,955,968 | ---- | C] (Microsoft Corporation) -- C:\Program Files\Silverlight.exe
[2012.10.03 21:15:49 | 000,000,000 | ---D | C] -- C:\Users\Judith\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maxthon
[2012.10.03 21:15:47 | 000,000,000 | ---D | C] -- C:\Users\Judith\AppData\Roaming\Maxthon3
[2012.10.03 21:15:45 | 000,000,000 | ---D | C] -- C:\Program Files\Maxthon3
[2012.10.03 20:53:04 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2012.10.03 20:22:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Trend Micro
[2012.10.03 20:21:37 | 000,000,000 | ---D | C] -- C:\Users\Judith\AppData\Roaming\Trend Micro
[2012.10.03 19:54:20 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2012.10.03 19:54:20 | 000,000,000 | ---D | C] -- C:\Users\Judith\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
[2012.10.03 18:55:10 | 000,000,000 | ---D | C] -- C:\Program Files\hpmonitor
[2012.10.03 18:54:44 | 000,000,000 | ---D | C] -- C:\Users\Judith\AppData\Roaming\mozilla
[2012.10.03 18:54:03 | 000,000,000 | ---D | C] -- C:\Windows\System32\searchplugins
[2012.10.03 18:54:03 | 000,000,000 | ---D | C] -- C:\Windows\System32\Extensions
[2012.10.03 18:53:56 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2012.10.01 21:43:24 | 000,000,000 | ---D | C] -- C:\Users\Judith\AppData\Local\Nero_AG
[2012.10.01 21:42:49 | 000,000,000 | ---D | C] -- C:\Users\Judith\AppData\Local\Nero
[2012.10.01 21:32:09 | 000,000,000 | ---D | C] -- C:\found.000
[2012.10.01 13:14:51 | 000,695,296 | ---- | C] (AnjoCaido) -- C:\Users\Judith\AppData\Roaming\MinecraftSP.exe
[2012.09.30 16:08:56 | 000,000,000 | ---D | C] -- C:\Users\Judith\AppData\Roaming\.minecraft
[2012.09.30 16:08:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2012.09.30 16:08:15 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012.09.30 16:07:38 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2012.09.30 10:57:46 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2012.09.29 17:43:43 | 000,000,000 | ---D | C] -- C:\Users\Judith\AppData\Roaming\OpenOffice.org
[2012.09.29 17:40:39 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.4.1
[2012.09.29 17:39:30 | 000,000,000 | ---D | C] -- C:\Program Files\OpenOffice.org 3
[2012.09.29 17:38:02 | 000,000,000 | ---D | C] -- C:\Program Files\OpenOffice.org 3.4.1 (de) Installation Files
[2012.09.29 12:07:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Canneverbe Limited
[2012.09.29 12:07:25 | 000,000,000 | ---D | C] -- C:\Users\Judith\AppData\Roaming\Canneverbe Limited
[2012.09.29 12:07:17 | 000,000,000 | ---D | C] -- C:\Program Files\CDBurnerXP
[2012.09.29 12:05:54 | 005,084,232 | ---- | C] (Canneverbe Limited                                          ) -- C:\Program Files\cdbxp_setup_4.4.1.3341_minimal.exe
[2012.09.29 11:17:32 | 000,000,000 | ---D | C] -- C:\Users\Judith\AppData\Roaming\Nero
[2012.09.29 11:10:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nero
[2012.09.29 11:10:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
[2012.09.29 11:10:47 | 000,000,000 | ---D | C] -- C:\Program Files\Nero
[2012.09.29 11:10:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero
[2012.09.29 11:05:30 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2012.09.29 10:50:19 | 307,323,208 | ---- | C] (Nero AG) -- C:\Program Files\Nero-12.0.02000_trial.exe
[2012.09.28 23:27:43 | 000,000,000 | ---D | C] -- C:\ProgramData\YTD Video Downloader
[2012.09.28 23:27:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader
[2012.09.28 23:27:27 | 000,000,000 | ---D | C] -- C:\Program Files\GreenTree Applications
[2012.09.28 22:27:18 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2012.09.28 21:30:52 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2012.09.28 21:28:40 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2012.09.28 21:27:47 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2012.09.28 18:08:36 | 000,000,000 | ---D | C] -- C:\Users\Judith\AppData\Roaming\WinRAR
[2012.09.28 18:08:36 | 000,000,000 | ---D | C] -- C:\Users\Judith\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012.09.28 18:08:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012.09.28 18:08:33 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2012.09.28 17:54:57 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent
[2012.09.28 17:54:18 | 000,000,000 | ---D | C] -- C:\Users\Judith\AppData\Roaming\uTorrent
[2012.09.28 17:54:07 | 000,896,912 | ---- | C] (BitTorrent, Inc.) -- C:\Program Files\uTorrent_3.2_b27886.exe
[2012.09.28 17:46:43 | 000,000,000 | ---D | C] -- C:\Users\Judith\AppData\Roaming\Skype
[2012.09.28 17:46:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012.09.28 17:46:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2012.09.28 17:46:36 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2012.09.28 17:46:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2012.09.28 16:57:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2012.09.28 16:57:17 | 000,355,632 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2012.09.28 16:57:17 | 000,021,256 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2012.09.28 16:57:16 | 000,044,784 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr2.sys
[2012.09.28 16:57:15 | 000,054,232 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2012.09.28 16:57:14 | 000,729,752 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2012.09.28 16:57:14 | 000,058,680 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2012.09.28 16:56:53 | 000,227,648 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2012.09.28 16:56:53 | 000,041,224 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2012.09.28 16:56:43 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2012.09.28 16:56:43 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2012.09.28 16:46:41 | 000,000,000 | ---D | C] -- C:\Users\Judith\AppData\Local\Google
[2012.09.28 16:46:33 | 000,000,000 | ---D | C] -- C:\Users\Judith\AppData\Local\Apps
[2012.09.28 16:46:32 | 000,000,000 | ---D | C] -- C:\Users\Judith\AppData\Local\Deployment
[2012.09.28 16:28:07 | 000,000,000 | ---D | C] -- C:\Users\Judith\AppData\Roaming\Macromedia
[2012.09.28 16:28:07 | 000,000,000 | ---D | C] -- C:\Users\Judith\AppData\Roaming\Adobe
[2012.09.28 16:28:04 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed
[2012.09.28 16:18:31 | 000,000,000 | ---D | C] -- C:\Users\Judith\AppData\Roaming\Intel Corporation
[2012.09.28 16:18:23 | 000,000,000 | ---D | C] -- C:\ProgramData\FLEXnet
[2012.09.28 16:18:21 | 000,000,000 | ---D | C] -- C:\Users\Judith\AppData\Local\FSP
[2012.09.28 16:13:48 | 000,000,000 | ---D | C] -- C:\Program Files\Hotkey OSD Driver
[2012.09.28 16:13:25 | 000,000,000 | ---D | C] -- C:\Program Files\VIA
[2012.09.28 16:12:34 | 000,000,000 | ---D | C] -- C:\Users\Judith\AppData\Roaming\InstallShield
[2012.09.28 16:11:49 | 000,000,000 | ---D | C] -- C:\Program Files\FSP
[2012.09.28 16:11:43 | 000,210,432 | ---- | C] (Sentelic Corporation.) -- C:\Windows\System32\StlFspAPI32.dll
[2012.09.28 16:11:43 | 000,027,136 | ---- | C] (Sentelic Corporation) -- C:\Windows\System32\drivers\fspad_win732.sys
[2012.09.28 16:09:54 | 000,000,000 | ---D | C] -- C:\Windows\System32\sda
[2012.09.28 16:09:22 | 000,000,000 | ---D | C] -- C:\Program Files\REALTEK PCIE Wireless LAN Driver
[2012.09.28 16:08:14 | 000,041,344 | ---- | C] (Motorola, Inc.) -- C:\Windows\System32\drivers\btmcom.sys
[2012.09.28 16:08:08 | 000,008,784 | ---- | C] (Motorola, Inc.) -- C:\Windows\System32\btmsstverschk.dll
[2012.09.28 16:08:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bluetooth
[2012.09.28 16:08:03 | 000,403,968 | ---- | C] (Motorola, Inc.) -- C:\Windows\System32\drivers\btmusb.sys
[2012.09.28 16:08:03 | 000,312,912 | ---- | C] (Motorola, Inc.) -- C:\Windows\System32\btmcls.dll
[2012.09.28 16:08:03 | 000,000,000 | ---D | C] -- C:\Program Files\Motorola
[2012.09.28 16:07:52 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Macrovision Shared
[2012.09.28 16:05:05 | 000,000,000 | ---D | C] -- C:\Users\Judith\AppData\Roaming\Intel
[2012.09.28 16:05:00 | 000,000,000 | ---D | C] -- C:\Users\Judith\Roaming
[2012.09.28 16:04:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless
[2012.09.28 16:04:27 | 000,000,000 | ---D | C] -- C:\Program Files\Cisco
[2012.09.28 16:00:51 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2012.09.28 15:59:41 | 000,068,720 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\System32\drivers\L1C62x86.sys
[2012.09.28 15:59:20 | 000,000,000 | ---D | C] -- C:\Windows\System32\Atheros_L1e
[2012.09.28 15:58:19 | 000,000,000 | ---D | C] -- C:\Windows\System32\RTCOM
[2012.09.28 15:58:03 | 001,783,056 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesLib.dll
[2012.09.28 15:58:03 | 001,723,536 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesGUILib.dll
[2012.09.28 15:58:02 | 000,345,328 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSXT.dll
[2012.09.28 15:58:02 | 000,214,352 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\System32\SFNHK.dll
[2012.09.28 15:58:02 | 000,185,584 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSHD.dll
[2012.09.28 15:58:02 | 000,173,296 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSHP360.dll
[2012.09.28 15:58:02 | 000,140,528 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSWOW.dll
[2012.09.28 15:58:02 | 000,074,064 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\System32\SFCOM.dll
[2012.09.28 15:58:02 | 000,068,944 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\System32\SFAPO.dll
[2012.09.28 15:57:55 | 000,359,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEP32A.dll
[2012.09.28 15:57:55 | 000,295,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DHT32.dll
[2012.09.28 15:57:55 | 000,295,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DAA32.dll
[2012.09.28 15:57:55 | 000,170,840 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEED32A.dll
[2012.09.28 15:57:55 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEL32A.dll
[2012.09.28 15:57:55 | 000,064,856 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEG32A.dll
[2012.09.28 15:57:54 | 001,705,816 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEP32A.dll
[2012.09.28 15:57:54 | 000,341,848 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EED32A.dll
[2012.09.28 15:57:54 | 000,252,760 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxVolumeSDAPO.dll
[2012.09.28 15:57:54 | 000,096,600 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEL32A.dll
[2012.09.28 15:57:54 | 000,081,240 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEA32A.dll
[2012.09.28 15:57:54 | 000,061,784 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEG32A.dll
[2012.09.28 15:57:53 | 001,938,704 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioEQ.dll
[2012.09.28 15:57:53 | 001,439,064 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioRealtek.dll
[2012.09.28 15:57:53 | 000,259,928 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO30.dll
[2012.09.28 15:57:52 | 000,232,792 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO20.dll
[2012.09.28 15:57:52 | 000,132,368 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO.dll
[2012.09.28 15:57:47 | 001,730,112 | ---- | C] (Fortemedia Corporation) -- C:\Windows\System32\FMAPO.dll
[2012.09.28 15:57:46 | 001,132,648 | ---- | C] (DTS) -- C:\Windows\System32\DTSS2SpeakerDLL.dll
[2012.09.28 15:57:46 | 000,962,664 | ---- | C] (DTS) -- C:\Windows\System32\DTSS2HeadphoneDLL.dll
[2012.09.28 15:57:46 | 000,429,160 | ---- | C] (DTS) -- C:\Windows\System32\DTSSymmetryDLL.dll
[2012.09.28 15:57:46 | 000,406,120 | ---- | C] (DTS) -- C:\Windows\System32\DTSVoiceClarityDLL.dll
[2012.09.28 15:57:46 | 000,291,432 | ---- | C] (DTS) -- C:\Windows\System32\DTSNeoPCDLL.dll
[2012.09.28 15:57:46 | 000,236,648 | ---- | C] (DTS) -- C:\Windows\System32\DTSGainCompensatorDLL.dll
[2012.09.28 15:57:46 | 000,224,360 | ---- | C] (DTS) -- C:\Windows\System32\DTSLimiterDLL.dll
[2012.09.28 15:57:46 | 000,107,112 | ---- | C] (DTS) -- C:\Windows\System32\DTSLFXAPO.dll
[2012.09.28 15:57:46 | 000,106,600 | ---- | C] (DTS) -- C:\Windows\System32\DTSGFXAPONS.dll
[2012.09.28 15:57:45 | 000,901,224 | ---- | C] (DTS) -- C:\Windows\System32\DTSBoostDLL.dll
[2012.09.28 15:57:45 | 000,448,616 | ---- | C] (DTS) -- C:\Windows\System32\DTSBassEnhancementDLL.dll
[2012.09.28 15:57:45 | 000,107,112 | ---- | C] (DTS) -- C:\Windows\System32\DTSGFXAPO.dll
[2012.09.28 15:57:44 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2012.09.28 15:57:44 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2012.09.28 15:57:41 | 000,000,000 | -H-D | C] -- C:\Program Files\Temp
[2012.09.28 15:57:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2012.09.28 15:48:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2012.09.28 15:48:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Intel
[2012.09.28 15:48:15 | 000,000,000 | ---D | C] -- C:\Windows\System32\NV
[2012.09.28 15:46:13 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2012.09.28 15:45:59 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2012.09.28 15:45:23 | 000,057,960 | ---- | C] (Khronos Group) -- C:\Windows\System32\OpenCL.dll
[2012.09.28 15:44:23 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Intel
[2012.09.28 15:42:09 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2012.09.28 15:41:28 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
[2012.09.28 15:41:20 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\postureAgent
[2012.09.28 15:40:17 | 000,053,248 | R--- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\System32\CSVer.dll
[2012.09.28 15:40:17 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2012.09.28 15:40:06 | 000,000,000 | ---D | C] -- C:\Intel
[2012.09.28 15:38:34 | 000,000,000 | R--D | C] -- C:\Users\Judith\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012.09.28 15:38:34 | 000,000,000 | R--D | C] -- C:\Users\Judith\Searches
[2012.09.28 15:38:34 | 000,000,000 | R--D | C] -- C:\Users\Judith\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012.09.28 15:38:25 | 000,000,000 | ---D | C] -- C:\Users\Judith\AppData\Roaming\Identities
[2012.09.28 15:38:24 | 000,000,000 | R--D | C] -- C:\Users\Judith\Contacts
[2012.09.28 15:38:18 | 000,000,000 | ---D | C] -- C:\Users\Judith\AppData\Local\VirtualStore
[2012.09.28 15:38:17 | 000,000,000 | --SD | C] -- C:\Users\Judith\AppData\Roaming\Microsoft
[2012.09.28 15:38:17 | 000,000,000 | R--D | C] -- C:\Users\Judith\Videos
[2012.09.28 15:38:17 | 000,000,000 | R--D | C] -- C:\Users\Judith\Saved Games
[2012.09.28 15:38:17 | 000,000,000 | R--D | C] -- C:\Users\Judith\Pictures
[2012.09.28 15:38:17 | 000,000,000 | R--D | C] -- C:\Users\Judith\Music
[2012.09.28 15:38:17 | 000,000,000 | R--D | C] -- C:\Users\Judith\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012.09.28 15:38:17 | 000,000,000 | R--D | C] -- C:\Users\Judith\Links
[2012.09.28 15:38:17 | 000,000,000 | R--D | C] -- C:\Users\Judith\Favorites
[2012.09.28 15:38:17 | 000,000,000 | R--D | C] -- C:\Users\Judith\Downloads
[2012.09.28 15:38:17 | 000,000,000 | R--D | C] -- C:\Users\Judith\Documents
[2012.09.28 15:38:17 | 000,000,000 | R--D | C] -- C:\Users\Judith\Desktop
[2012.09.28 15:38:17 | 000,000,000 | R--D | C] -- C:\Users\Judith\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012.09.28 15:38:17 | 000,000,000 | -HSD | C] -- C:\Users\Judith\Vorlagen
[2012.09.28 15:38:17 | 000,000,000 | -HSD | C] -- C:\Users\Judith\AppData\Local\Verlauf
[2012.09.28 15:38:17 | 000,000,000 | -HSD | C] -- C:\Users\Judith\AppData\Local\Temporary Internet Files
[2012.09.28 15:38:17 | 000,000,000 | -HSD | C] -- C:\Users\Judith\Startmenü
[2012.09.28 15:38:17 | 000,000,000 | -HSD | C] -- C:\Users\Judith\SendTo
[2012.09.28 15:38:17 | 000,000,000 | -HSD | C] -- C:\Users\Judith\Recent
[2012.09.28 15:38:17 | 000,000,000 | -HSD | C] -- C:\Users\Judith\Netzwerkumgebung
[2012.09.28 15:38:17 | 000,000,000 | -HSD | C] -- C:\Users\Judith\Lokale Einstellungen
[2012.09.28 15:38:17 | 000,000,000 | -HSD | C] -- C:\Users\Judith\Documents\Eigene Videos
[2012.09.28 15:38:17 | 000,000,000 | -HSD | C] -- C:\Users\Judith\Documents\Eigene Musik
[2012.09.28 15:38:17 | 000,000,000 | -HSD | C] -- C:\Users\Judith\Eigene Dateien
[2012.09.28 15:38:17 | 000,000,000 | -HSD | C] -- C:\Users\Judith\Documents\Eigene Bilder
[2012.09.28 15:38:17 | 000,000,000 | -HSD | C] -- C:\Users\Judith\Druckumgebung
[2012.09.28 15:38:17 | 000,000,000 | -HSD | C] -- C:\Users\Judith\Cookies
[2012.09.28 15:38:17 | 000,000,000 | -HSD | C] -- C:\Users\Judith\AppData\Local\Anwendungsdaten
[2012.09.28 15:38:17 | 000,000,000 | -HSD | C] -- C:\Users\Judith\Anwendungsdaten
[2012.09.28 15:38:17 | 000,000,000 | -H-D | C] -- C:\Users\Judith\AppData
[2012.09.28 15:38:17 | 000,000,000 | ---D | C] -- C:\Users\Judith\AppData\Local\Temp
[2012.09.28 15:38:17 | 000,000,000 | ---D | C] -- C:\Users\Judith\AppData\Local\Microsoft
[2012.09.28 15:38:17 | 000,000,000 | ---D | C] -- C:\Users\Judith\AppData\Roaming\Media Center Programs
[2012.09.28 15:38:11 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen
[2012.09.28 15:38:11 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü
[2012.09.28 15:38:11 | 000,000,000 | -HSD | C] -- C:\Programme
[2012.09.28 15:38:11 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien
[2012.09.28 15:38:11 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten
[2012.09.28 15:38:11 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos
[2012.09.28 15:38:11 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik
[2012.09.28 15:38:11 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder
[2012.09.28 15:38:11 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen
[2012.09.28 15:38:11 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente
[2012.09.28 15:38:11 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten
[2012.09.28 15:38:11 | 000,000,000 | ---D | C] -- C:\Recovery
 
========== Files - Modified Within 30 Days ==========
 
[2012.10.05 20:57:50 | 000,513,501 | ---- | M] () -- C:\Users\Judith\Desktop\adwcleaner.exe
[2012.10.05 20:54:16 | 000,601,088 | ---- | M] (OldTimer Tools) -- C:\Users\Judith\Desktop\OTL.exe
[2012.10.05 20:50:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.10.05 20:47:00 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.10.05 20:43:41 | 000,654,166 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.10.05 20:43:41 | 000,616,008 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.10.05 20:43:41 | 000,130,006 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.10.05 20:43:41 | 000,106,388 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.10.05 20:41:55 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.10.05 17:30:06 | 000,014,784 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.10.05 17:30:06 | 000,014,784 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.10.05 17:23:37 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.10.05 17:22:19 | 2577,801,216 | -HS- | M] () -- C:\hiberfil.sys
[2012.10.05 14:59:58 | 000,002,003 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012.10.05 14:59:55 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2012.10.04 14:03:00 | 000,000,000 | ---- | M] () -- C:\Users\Judith\defogger_reenable
[2012.10.04 12:42:59 | 000,002,197 | ---- | M] () -- C:\Users\Judith\Desktop\Google Chrome.lnk
[2012.10.04 12:38:29 | 000,511,520 | ---- | M] () -- C:\Program Files\gamesplayerinstall.exe
[2012.10.03 21:35:44 | 000,000,969 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.10.03 21:34:54 | 003,941,312 | ---- | M] (Piriform Ltd) -- C:\Program Files\ccsetup323.exe
[2012.10.03 21:15:49 | 000,001,052 | ---- | M] () -- C:\Users\Judith\Desktop\Maxthon 3.lnk
[2012.10.03 19:54:20 | 000,001,226 | ---- | M] () -- C:\Users\Judith\Desktop\Revo Uninstaller.lnk
[2012.10.01 16:37:18 | 005,563,772 | ---- | M] () -- C:\Users\Judith\AppData\Roaming\Sieg17_atheriapolis.zip
[2012.10.01 13:14:55 | 000,695,296 | ---- | M] (AnjoCaido) -- C:\Users\Judith\AppData\Roaming\MinecraftSP.exe
[2012.09.30 11:58:34 | 000,293,144 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.09.30 11:06:29 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2012.09.29 18:45:37 | 000,024,283 | ---- | M] () -- C:\Users\Judith\Documents\SAGA  29.9.12.odt
[2012.09.29 17:40:39 | 000,001,130 | ---- | M] () -- C:\Users\Public\Desktop\OpenOffice.org 3.4.1.lnk
[2012.09.29 17:34:05 | 152,249,762 | ---- | M] () -- C:\Program Files\Apache_OpenOffice_incubating_3.4.1_Win_x86_install_de.exe
[2012.09.29 12:07:19 | 000,001,899 | ---- | M] () -- C:\Users\Public\Desktop\CDBurnerXP.lnk
[2012.09.29 12:06:06 | 005,084,232 | ---- | M] (Canneverbe Limited                                          ) -- C:\Program Files\cdbxp_setup_4.4.1.3341_minimal.exe
[2012.09.29 11:15:30 | 000,002,785 | ---- | M] () -- C:\Users\Public\Desktop\Nero Video 12.lnk
[2012.09.29 11:14:52 | 000,002,889 | ---- | M] () -- C:\Users\Public\Desktop\Nero Recode 12.lnk
[2012.09.29 11:13:10 | 000,002,771 | ---- | M] () -- C:\Users\Public\Desktop\Nero BackItUp 12.lnk
[2012.09.29 11:12:51 | 000,002,857 | ---- | M] () -- C:\Users\Public\Desktop\Nero 12.lnk
[2012.09.29 11:12:20 | 000,002,831 | ---- | M] () -- C:\Users\Public\Desktop\Nero Burning ROM 12.lnk
[2012.09.28 23:33:51 | 257,181,379 | ---- | M] () -- C:\Users\Judith\Documents\Mapouka Zouglou Mix.mp4
[2012.09.28 23:27:28 | 000,001,251 | ---- | M] () -- C:\Users\Public\Desktop\YTD Video Downloader.lnk
[2012.09.28 23:26:03 | 005,680,640 | ---- | M] () -- C:\Program Files\YTDSetup_3.9.2.exe
[2012.09.28 21:31:15 | 000,052,953 | ---- | M] () -- C:\Windows\System32\license.rtf
[2012.09.28 21:30:01 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012.09.28 18:08:24 | 001,609,146 | ---- | M] () -- C:\Program Files\wrar420d.exe
[2012.09.28 17:54:57 | 000,000,917 | ---- | M] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2012.09.28 17:54:16 | 000,896,912 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\uTorrent_3.2_b27886.exe
[2012.09.28 17:46:37 | 000,002,503 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2012.09.28 17:45:59 | 019,337,216 | ---- | M] () -- C:\Program Files\SkypeSetup_5.10.0.116.msi
[2012.09.28 16:56:13 | 093,654,616 | ---- | M] () -- C:\Program Files\avast_free_antivirus_setup_7.0.1466.exe
[2012.09.28 16:38:31 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_ViaHub3_01009.Wdf
[2012.09.28 16:37:46 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_xhcdrv_01009.Wdf
[2012.09.28 16:13:52 | 000,000,178 | ---- | M] () -- C:\Windows\HotKeyOSD.UNI
[2012.09.28 16:01:49 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_btmaux_01009.Wdf
[2012.09.28 16:01:39 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_iBtFltCoex_01009.Wdf
[2012.09.28 15:46:26 | 000,015,640 | ---- | M] () -- C:\Windows\System32\results.xml
 
========== Files Created - No Company Name ==========
 
[2012.10.05 20:57:45 | 000,513,501 | ---- | C] () -- C:\Users\Judith\Desktop\adwcleaner.exe
[2012.10.04 14:03:00 | 000,000,000 | ---- | C] () -- C:\Users\Judith\defogger_reenable
[2012.10.04 12:42:59 | 000,002,197 | ---- | C] () -- C:\Users\Judith\Desktop\Google Chrome.lnk
[2012.10.04 12:42:06 | 000,001,098 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.10.04 12:42:06 | 000,001,094 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.10.04 12:38:29 | 000,511,520 | ---- | C] () -- C:\Program Files\gamesplayerinstall.exe
[2012.10.03 21:35:44 | 000,000,969 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.10.03 21:15:49 | 000,001,052 | ---- | C] () -- C:\Users\Judith\Desktop\Maxthon 3.lnk
[2012.10.03 19:54:20 | 000,001,226 | ---- | C] () -- C:\Users\Judith\Desktop\Revo Uninstaller.lnk
[2012.10.01 16:37:05 | 005,563,772 | ---- | C] () -- C:\Users\Judith\AppData\Roaming\Sieg17_atheriapolis.zip
[2012.09.30 11:06:29 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2012.09.29 18:45:35 | 000,024,283 | ---- | C] () -- C:\Users\Judith\Documents\SAGA  29.9.12.odt
[2012.09.29 17:40:39 | 000,001,130 | ---- | C] () -- C:\Users\Public\Desktop\OpenOffice.org 3.4.1.lnk
[2012.09.29 17:31:07 | 152,249,762 | ---- | C] () -- C:\Program Files\Apache_OpenOffice_incubating_3.4.1_Win_x86_install_de.exe
[2012.09.29 12:07:19 | 000,001,899 | ---- | C] () -- C:\Users\Public\Desktop\CDBurnerXP.lnk
[2012.09.29 12:07:19 | 000,001,849 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
[2012.09.29 11:15:30 | 000,002,785 | ---- | C] () -- C:\Users\Public\Desktop\Nero Video 12.lnk
[2012.09.29 11:14:52 | 000,002,889 | ---- | C] () -- C:\Users\Public\Desktop\Nero Recode 12.lnk
[2012.09.29 11:13:10 | 000,002,771 | ---- | C] () -- C:\Users\Public\Desktop\Nero BackItUp 12.lnk
[2012.09.29 11:12:51 | 000,002,857 | ---- | C] () -- C:\Users\Public\Desktop\Nero 12.lnk
[2012.09.29 11:12:20 | 000,002,831 | ---- | C] () -- C:\Users\Public\Desktop\Nero Burning ROM 12.lnk
[2012.09.28 23:28:33 | 257,181,379 | ---- | C] () -- C:\Users\Judith\Documents\Mapouka Zouglou Mix.mp4
[2012.09.28 23:27:28 | 000,001,251 | ---- | C] () -- C:\Users\Public\Desktop\YTD Video Downloader.lnk
[2012.09.28 23:25:41 | 005,680,640 | ---- | C] () -- C:\Program Files\YTDSetup_3.9.2.exe
[2012.09.28 21:31:10 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2012.09.28 21:31:01 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2012.09.28 21:30:01 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012.09.28 21:27:47 | 2577,801,216 | -HS- | C] () -- C:\hiberfil.sys
[2012.09.28 18:08:12 | 001,609,146 | ---- | C] () -- C:\Program Files\wrar420d.exe
[2012.09.28 17:54:57 | 000,000,917 | ---- | C] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2012.09.28 17:46:37 | 000,002,503 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2012.09.28 17:44:53 | 019,337,216 | ---- | C] () -- C:\Program Files\SkypeSetup_5.10.0.116.msi
[2012.09.28 16:57:18 | 000,002,003 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012.09.28 16:54:36 | 093,654,616 | ---- | C] () -- C:\Program Files\avast_free_antivirus_setup_7.0.1466.exe
[2012.09.28 16:38:31 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_ViaHub3_01009.Wdf
[2012.09.28 16:37:46 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_xhcdrv_01009.Wdf
[2012.09.28 16:28:05 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.09.28 16:13:52 | 000,000,178 | ---- | C] () -- C:\Windows\HotKeyOSD.UNI
[2012.09.28 16:09:21 | 000,451,072 | ---- | C] () -- C:\Windows\System32\ISSRemoveSP.exe
[2012.09.28 16:01:49 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_btmaux_01009.Wdf
[2012.09.28 16:01:39 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_iBtFltCoex_01009.Wdf
[2012.09.28 15:46:26 | 000,015,640 | ---- | C] () -- C:\Windows\System32\results.xml
[2012.09.28 15:46:05 | 001,818,352 | R--- | C] () -- C:\Windows\System32\nvcoproc.bin
[2012.09.28 15:45:56 | 000,004,215 | ---- | C] () -- C:\Windows\System32\nvinfo.pb
[2012.09.28 15:44:01 | 001,921,265 | ---- | C] () -- C:\Windows\System32\iglhxa32.cpa
[2012.09.28 15:44:01 | 000,960,940 | ---- | C] () -- C:\Windows\System32\igkrng600.bin
[2012.09.28 15:44:01 | 000,208,335 | ---- | C] () -- C:\Windows\System32\Gfxres.th-TH.resources
[2012.09.28 15:44:01 | 000,207,376 | ---- | C] () -- C:\Windows\System32\igfcg600m.bin
[2012.09.28 15:44:01 | 000,195,681 | ---- | C] () -- C:\Windows\System32\Gfxres.el-GR.resources
[2012.09.28 15:44:01 | 000,180,246 | ---- | C] () -- C:\Windows\System32\Gfxres.ru-RU.resources
[2012.09.28 15:44:01 | 000,154,366 | ---- | C] () -- C:\Windows\System32\Gfxres.ar-SA.resources
[2012.09.28 15:44:01 | 000,151,350 | ---- | C] () -- C:\Windows\System32\Gfxres.ja-JP.resources
[2012.09.28 15:44:01 | 000,147,392 | ---- | C] () -- C:\Windows\System32\Gfxres.he-IL.resources
[2012.09.28 15:44:01 | 000,145,804 | ---- | C] () -- C:\Windows\System32\igcompkrng600.bin
[2012.09.28 15:44:01 | 000,138,635 | ---- | C] () -- C:\Windows\System32\Gfxres.it-IT.resources
[2012.09.28 15:44:01 | 000,137,000 | ---- | C] () -- C:\Windows\System32\Gfxres.ko-KR.resources
[2012.09.28 15:44:01 | 000,136,226 | ---- | C] () -- C:\Windows\System32\Gfxres.de-DE.resources
[2012.09.28 15:44:01 | 000,136,172 | ---- | C] () -- C:\Windows\System32\Gfxres.es-ES.resources
[2012.09.28 15:44:01 | 000,135,119 | ---- | C] () -- C:\Windows\System32\Gfxres.ro-RO.resources
[2012.09.28 15:44:01 | 000,134,081 | ---- | C] () -- C:\Windows\System32\Gfxres.fr-FR.resources
[2012.09.28 15:44:01 | 000,133,868 | ---- | C] () -- C:\Windows\System32\Gfxres.tr-TR.resources
[2012.09.28 15:44:01 | 000,133,321 | ---- | C] () -- C:\Windows\System32\Gfxres.pt-BR.resources
[2012.09.28 15:44:01 | 000,132,876 | ---- | C] () -- C:\Windows\System32\Gfxres.nl-NL.resources
[2012.09.28 15:44:01 | 000,132,861 | ---- | C] () -- C:\Windows\System32\Gfxres.hu-HU.resources
[2012.09.28 15:44:01 | 000,132,422 | ---- | C] () -- C:\Windows\System32\Gfxres.sv-SE.resources
[2012.09.28 15:44:01 | 000,132,299 | ---- | C] () -- C:\Windows\System32\Gfxres.pt-PT.resources
[2012.09.28 15:44:01 | 000,131,897 | ---- | C] () -- C:\Windows\System32\Gfxres.cs-CZ.resources
[2012.09.28 15:44:01 | 000,131,711 | ---- | C] () -- C:\Windows\System32\Gfxres.pl-PL.resources
[2012.09.28 15:44:01 | 000,131,456 | ---- | C] () -- C:\Windows\System32\Gfxres.fi-FI.resources
[2012.09.28 15:44:01 | 000,131,290 | ---- | C] () -- C:\Windows\System32\Gfxres.sk-SK.resources
[2012.09.28 15:44:01 | 000,130,414 | ---- | C] () -- C:\Windows\System32\Gfxres.hr-HR.resources
[2012.09.28 15:44:01 | 000,127,599 | ---- | C] () -- C:\Windows\System32\Gfxres.sl-SI.resources
[2012.09.28 15:44:01 | 000,127,367 | ---- | C] () -- C:\Windows\System32\Gfxres.nb-NO.resources
[2012.09.28 15:44:01 | 000,127,109 | ---- | C] () -- C:\Windows\System32\Gfxres.da-DK.resources
[2012.09.28 15:44:01 | 000,122,646 | ---- | C] () -- C:\Windows\System32\Gfxres.en-US.resources
[2012.09.28 15:44:01 | 000,116,413 | ---- | C] () -- C:\Windows\System32\Gfxres.zh-TW.resources
[2012.09.28 15:44:01 | 000,115,195 | ---- | C] () -- C:\Windows\System32\Gfxres.zh-CN.resources
[2012.09.28 15:44:01 | 000,094,208 | ---- | C] () -- C:\Windows\System32\IccLibDll.dll
[2012.09.28 15:44:01 | 000,062,816 | ---- | C] () -- C:\Windows\System32\iglhxs32.vp
[2012.09.28 15:44:01 | 000,060,226 | ---- | C] () -- C:\Windows\System32\iglhxc32.vp
[2012.09.28 15:44:01 | 000,060,015 | ---- | C] () -- C:\Windows\System32\iglhxo32.vp
[2012.09.28 15:44:01 | 000,004,096 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll
[2012.09.28 15:44:01 | 000,001,090 | ---- | C] () -- C:\Windows\System32\iglhxa32.vp
[2012.09.28 15:44:01 | 000,000,151 | ---- | C] () -- C:\Windows\System32\GfxUI.exe.config
[2012.09.28 15:41:26 | 000,008,192 | R--- | C] () -- C:\Windows\System32\drivers\IntelMEFWVer.dll
[2012.09.28 15:38:35 | 000,001,413 | ---- | C] () -- C:\Users\Judith\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011.08.07 13:41:36 | 000,305,256 | ---- | C] () -- C:\Windows\System32\nvStreaming.exe
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:46:56 | 012,868,608 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.07.14 03:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2012.10.05 15:57:13 | 000,000,000 | ---D | M] -- C:\Users\Judith\AppData\Roaming\.minecraft
[2012.10.05 15:57:13 | 000,000,000 | ---D | M] -- C:\Users\Judith\AppData\Roaming\Canneverbe Limited
[2012.10.05 15:57:14 | 000,000,000 | ---D | M] -- C:\Users\Judith\AppData\Roaming\Maxthon3
[2012.10.05 15:57:16 | 000,000,000 | ---D | M] -- C:\Users\Judith\AppData\Roaming\OpenOffice.org
[2012.10.03 21:36:28 | 000,000,000 | ---D | M] -- C:\Users\Judith\AppData\Roaming\uTorrent
 
========== Purity Check ==========
 
 

< End of report >

Der Tab ist weg, ich hoffe oben der Babylon Schlüssel ist das letzte was noch über ist.

Gruß Judith

schrauber · 06.10.2012, 09:18

Wo ist das Fixlog von AdwCleaner?

juju1966 · 06.10.2012, 09:39

Fixlog ???

Code:

ATTFilter

# AdwCleaner v2.003 - Datei am 10/06/2012 um 10:40:21 erstellt
# Aktualisiert am 23/09/2012 von Xplode
# Betriebssystem : Windows 7 Home Premium  (32 bits)
# Benutzer : Judith - JUDITH-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Judith\Desktop\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****


***** [Registrierungsdatenbank] *****

Daten Gelöscht : HKLM\..\Windows [AppInit_DLLs] = c:\progra~2\browse~1\23762~1.17\{16cdf~1\browse~1.dll c:\windows\system32\nvinit.dll
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\PriceGong
Schlüssel Gelöscht : HKCU\Software\DataMngr
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1631550F-191D-4826-B069-D9439253D926}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlüssel Gelöscht : HKLM\Software\Babylon
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Schlüssel Gelöscht : HKLM\Software\DataMngr
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}]

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16421

Wiederhergestellt : [HKCU\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Wiederhergestellt : [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Wiederhergestellt : [HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Wiederhergestellt : [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Wiederhergestellt : [HKU\S-1-5-21-2597090517-2670986678-1303494435-1001\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]

-\\ Google Chrome v [Version kann nicht ermittelt werden]

Datei : C:\Users\Judith\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

*************************

AdwCleaner[R1].txt - [1911 octets] - [05/10/2012 20:58:11]
AdwCleaner[R2].txt - [1971 octets] - [06/10/2012 10:40:03]
AdwCleaner[S1].txt - [2231 octets] - [06/10/2012 10:40:21]

########## EOF - C:\AdwCleaner[S1].txt - [2291 octets] ##########

schrauber · 06.10.2012, 09:46

Fixen mit OTL

Starte die OTL.exe.
Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
Kopiere folgendes Skript:

Code:

ATTFilter

:OTL
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/?q={searchTerms}&affID=111304&tt=031012_ccp_4012_3&babsrc=SP_ss&mntrId=82654c2c00000000000074de2befaf05
O3 - HKLM\..\Toolbar: (no name) - {98889811-442D-49dd-99D7-DC866BE87DBC} - No CLSID value found.
O20 - AppInit_DLLs: (c:\progra~2\browse~1\23762~1.17\{16cdf~1\browse~1.dll) -  File not found

:Commands
[emptytemp]

und füge es hier ein:
Schließe alle Programme.
Klicke auf den Fix Button.
Klick auf .
OTL verlangt einen Neustart. Bitte zulassen.
Nach dem Neustart findest Du ein Textdokument.

juju1966 · 06.10.2012, 15:09

Code:

ATTFilter

All processes killed
========== OTL ==========
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{98889811-442D-49dd-99D7-DC866BE87DBC} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{98889811-442D-49dd-99D7-DC866BE87DBC}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:c:\progra~2\browse~1\23762~1.17\{16cdf~1\browse~1.dll deleted successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Judith
->Temp folder emptied: 145760626 bytes
->Temporary Internet Files folder emptied: 1288961 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 142566535 bytes
->Flash cache emptied: 506 bytes
 
User: Public
->Temp folder emptied: 0 bytes
 
User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 491223 bytes
RecycleBin emptied: 133 bytes
 
Total Files Cleaned = 277,00 mb
 
 
OTL by OldTimer - Version 3.2.69.0 log created on 10062012_160520

Files\Folders moved on Reboot...
File move failed. C:\Windows\temp\HotKeyOSDService.log scheduled to be moved on reboot.
C:\Windows\temp\nbutilps.log moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

schrauber · 07.10.2012, 09:23

Ok, poste bitte ein letztes frisches OTL logfile, wenn keine Probleme mehr vorhanden sind räumen wir unsere arbeit auf

juju1966 · 07.10.2012, 10:47

Code:

ATTFilter

OTL logfile created on: 07.10.2012 11:39:54 - Run 3
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Judith\Desktop
 Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,20 Gb Total Physical Memory | 2,04 Gb Available Physical Memory | 63,75% Memory free
6,40 Gb Paging File | 5,15 Gb Available in Paging File | 80,43% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 297,99 Gb Total Space | 253,94 Gb Free Space | 85,22% Space Free | Partition Type: NTFS
 
Computer Name: JUDITH-PC | User Name: Judith | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Judith\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Google\Update\1.3.21.123\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\Programme\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
PRC - C:\Programme\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Programme\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Programme\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Programme\Online Games Manager\ogmservice.exe (RealNetworks, Inc.)
PRC - C:\Programme\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation)
PRC - C:\Programme\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation)
PRC - C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Hotkey OSD Driver\HotKeyOSD.exe (Dritek System Inc.)
PRC - C:\Programme\Hotkey OSD Driver\NButilps.exe (Dritek System Inc.)
PRC - C:\Programme\Hotkey OSD Driver\hkosdsvis.exe (Dritek System Inc.)
PRC - C:\Programme\FSP\FspUip.exe (Sentelic Corporation)
PRC - C:\Programme\Motorola\Bluetooth\devmgrsrv.exe (Motorola, Inc.)
PRC - C:\Programme\Intel\Bluetooth\devmonsrv.exe (Intel Corporation)
PRC - C:\Programme\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
PRC - C:\Programme\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation)
PRC - C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
PRC - C:\Programme\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\4aa3b127a59b6c1cd3b8749ea972771f\IAStorUtil.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\009c50fb69919b90fb233cb4c35d0ad7\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\0c00b1a8336dd4c1bd1ebce7780f20b4\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\ebefde27b0ef7f39bb49c493b34a602c\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cb079eab134fd1a752ad91db13274110\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\5c85c9c42e1b8a8760de82ecb4c7d582\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\2ebb3c259eab50af565e3a8dba6ad20e\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\5858678a79aae31262b0214424245d06\mscorlib.ni.dll ()
MOD - C:\Programme\Google\Chrome\Application\22.0.1229.79\ppgooglenaclpluginchrome.dll ()
MOD - C:\Programme\Google\Chrome\Application\22.0.1229.79\PepperFlash\pepflashplayer.dll ()
MOD - C:\Programme\Google\Chrome\Application\22.0.1229.79\pdf.dll ()
MOD - C:\Programme\Google\Chrome\Application\22.0.1229.79\libglesv2.dll ()
MOD - C:\Programme\Google\Chrome\Application\22.0.1229.79\libegl.dll ()
MOD - C:\Programme\Google\Chrome\Application\22.0.1229.79\avutil-51.dll ()
MOD - C:\Programme\Google\Chrome\Application\22.0.1229.79\avformat-54.dll ()
MOD - C:\Programme\Google\Chrome\Application\22.0.1229.79\avcodec-54.dll ()
MOD - C:\Windows\System32\IccLibDll.dll ()
MOD - C:\Programme\FSP\FspLib.dll ()
MOD - C:\Programme\FSP\KbdHook.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll ()
 
 
========== Services (SafeList) ==========
 
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (FLEXnet Licensing Service) -- C:\Programme\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (avast! Antivirus) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (NAUpdate) -- C:\Programme\Nero\Update\NASvc.exe (Nero AG)
SRV - (SkypeUpdate) -- C:\Programme\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (ogmservice) -- C:\Programme\Online Games Manager\ogmservice.exe (RealNetworks, Inc.)
SRV - (nvUpdatusService) -- C:\Programme\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (UNS) -- C:\Programme\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Programme\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (hkosdservice) -- C:\Programme\Hotkey OSD Driver\hkosdsvis.exe (Dritek System Inc.)
SRV - (Bluetooth Device Manager) -- C:\Programme\Motorola\Bluetooth\devmgrsrv.exe (Motorola, Inc.)
SRV - (Bluetooth Device Monitor) -- C:\Programme\Intel\Bluetooth\devmonsrv.exe (Intel Corporation)
SRV - (EvtEng) -- C:\Programme\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
SRV - (MyWiFiDHCPDNS) -- C:\Programme\Intel\WiFi\bin\PanDhcpDns.exe ()
SRV - (RegSrvc) -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
SRV - (IAStorDataMgrSvc) -- C:\Programme\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (aswSnx) -- C:\Windows\System32\drivers\aswSnx.sys (AVAST Software)
DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (AVAST Software)
DRV - (aswRdr) -- C:\Windows\System32\drivers\aswRdr2.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (nvpciflt) -- C:\Windows\System32\drivers\nvpciflt.sys (NVIDIA Corporation)
DRV - (VUSB3HUB) -- C:\Windows\System32\drivers\ViaHub3.sys (VIA Technologies, Inc.)
DRV - (xhcdrv) -- C:\Windows\System32\drivers\xhcdrv.sys (VIA Technologies, Inc.)
DRV - (MEI) -- C:\Windows\System32\drivers\HECI.sys (Intel Corporation)
DRV - (L1C) -- C:\Windows\System32\drivers\L1C62x86.sys (Atheros Communications, Inc.)
DRV - (IntcDAud) -- C:\Windows\System32\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV - (RTL8192Ce) -- C:\Windows\System32\drivers\rtl8192ce.sys (Realtek Semiconductor Corporation                           )
DRV - (fspad_win732) -- C:\Windows\System32\drivers\fspad_win732.sys (Sentelic Corporation)
DRV - (BTMUSB) -- C:\Windows\System32\drivers\btmusb.sys (Motorola, Inc.)
DRV - (btmaux) -- C:\Windows\System32\drivers\btmaux.sys (Intel Corporation)
DRV - (iBtFltCoex) -- C:\Windows\System32\drivers\iBtFltCoex.sys (Intel Corporation)
DRV - (btmhsf) -- C:\Windows\System32\drivers\btmhsf.sys (Intel Corporation)
DRV - (BTMCOM) -- C:\Windows\System32\drivers\btmcom.sys (Motorola, Inc.)
DRV - (RSUSBSTOR) -- C:\Windows\System32\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV - (vwifimp) -- C:\Windows\System32\drivers\vwifimp.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = E6 A4 3A EB 87 9D CD 01  [binary data]
IE - HKCU\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Nero.com/KM: C:\PROGRA~1\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@zylom.com/ZylomGamesPlayer: C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom)
 
 
[2012.10.03 18:53:56 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
 
========== Chrome  ==========
 
CHR - homepage: hxxp://www.google.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms},
CHR - homepage: hxxp://www.google.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.79\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.79\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.79\pdf.dll
CHR - plugin: Nero Kwik Media Helper (Enabled) = C:\PROGRA~1\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U7 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.70.11 (Enabled) = C:\Windows\system32\npDeployJava1.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Zylom Plugin (Enabled) = C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - Extension: Angry Birds = C:\Users\Judith\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\
CHR - Extension: Google Drive = C:\Users\Judith\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\
CHR - Extension: Loupe = C:\Users\Judith\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhaonknplhhecdgjpphnooeomecgipkc\2.0.3_0\
CHR - Extension: YOUZEEK Free Music = C:\Users\Judith\AppData\Local\Google\Chrome\User Data\Default\Extensions\bjcgpdkighmjfjlplcighhgamlhkimce\1.6.4_0\
CHR - Extension: YouTube = C:\Users\Judith\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: HelloFax - Free Online Faxing & Signing = C:\Users\Judith\AppData\Local\Google\Chrome\User Data\Default\Extensions\bocmleclimfnadgmcdgecijlblfcmfnm\1.1_0\
CHR - Extension: Adblock Plus (Beta) = C:\Users\Judith\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\
CHR - Extension: Google-Suche = C:\Users\Judith\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: PicMonkey = C:\Users\Judith\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgdgokchhicmaiacmgegjnppjkgogdhm\1.4_0\
CHR - Extension: Torrent Turbo Search = C:\Users\Judith\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcdgomceilgkonhjheaijcmgfhabmpio\3.5.5.9_0\
CHR - Extension: Cut the Rope = C:\Users\Judith\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkddaofiamhgfjmaccfcfpfolpgbeomj\14_0\
CHR - Extension: avast! WebRep = C:\Users\Judith\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1466_0\
CHR - Extension: SmallringFX DarkOrange Theme = C:\Users\Judith\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjnlgbpnlangffmpnapcfdihmhhfnomg\1.7_0\
CHR - Extension: FVD Video Downloader = C:\Users\Judith\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmhcpmkbdkbgbmkjoiopeeegenkdikp\1.3.3_0\
CHR - Extension: Deezer = C:\Users\Judith\AppData\Local\Google\Chrome\User Data\Default\Extensions\npfkoakaabdallkcdbpkkhfilkkngakh\1.3.1_0\
CHR - Extension: Google Calendar Checker = C:\Users\Judith\AppData\Local\Google\Chrome\User Data\Default\Extensions\ookhcbgokankfmjafalglpofmolfopek\1.2.2_0\
CHR - Extension: Google Mail = C:\Users\Judith\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BTMTrayAgent] C:\Program Files\Motorola\Bluetooth\btmshell.dll (Motorola, Inc.)
O4 - HKLM..\Run: [fspuip] C:\Programme\FSP\FspUip.exe (Sentelic Corporation)
O4 - HKLM..\Run: [HotKeyOSD] C:\Programme\Hotkey OSD Driver\HotKeyOSD.exe (Dritek System Inc.)
O4 - HKLM..\Run: [IAStorIcon] C:\Programme\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O9 - Extra Button: @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-247 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Programme\Motorola\Bluetooth\btmiesend.htm ()
O9 - Extra 'Tools' menuitem : @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-247 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Programme\Motorola\Bluetooth\btmiesend.htm ()
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{36D3C98A-4C67-474F-B5FE-F177BB4E0DFC}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.10.06 16:05:20 | 000,000,000 | ---D | C] -- C:\_OTL
[2012.10.06 15:58:14 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Judith\Desktop\OTL.exe
[2012.10.06 10:51:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Trymedia
[2012.10.06 10:51:23 | 000,000,000 | ---D | C] -- C:\Program Files\Online Games Manager
[2012.10.06 10:46:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zylom
[2012.10.05 13:41:35 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012.10.04 15:57:55 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2012.10.04 13:05:55 | 000,000,000 | ---D | C] -- C:\Users\Judith\AppData\Roaming\Malwarebytes
[2012.10.04 13:05:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.10.04 12:42:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012.10.04 12:41:36 | 000,763,456 | ---- | C] (Google Inc.) -- C:\Program Files\ChromeSetup.exe
[2012.10.04 12:39:06 | 000,000,000 | ---D | C] -- C:\Program Files\Zylom Games
[2012.10.04 12:39:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Zylom
[2012.10.03 21:35:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012.10.03 21:35:43 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012.10.03 21:34:49 | 003,941,312 | ---- | C] (Piriform Ltd) -- C:\Program Files\ccsetup323.exe
[2012.10.03 21:30:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2012.10.03 21:30:39 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2012.10.03 21:29:39 | 006,955,968 | ---- | C] (Microsoft Corporation) -- C:\Program Files\Silverlight.exe
[2012.10.03 21:15:49 | 000,000,000 | ---D | C] -- C:\Users\Judith\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maxthon
[2012.10.03 21:15:47 | 000,000,000 | ---D | C] -- C:\Users\Judith\AppData\Roaming\Maxthon3
[2012.10.03 21:15:45 | 000,000,000 | ---D | C] -- C:\Program Files\Maxthon3
[2012.10.03 20:53:04 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2012.10.03 20:22:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Trend Micro
[2012.10.03 20:21:37 | 000,000,000 | ---D | C] -- C:\Users\Judith\AppData\Roaming\Trend Micro
[2012.10.03 19:54:20 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2012.10.03 19:54:20 | 000,000,000 | ---D | C] -- C:\Users\Judith\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
[2012.10.03 18:55:10 | 000,000,000 | ---D | C] -- C:\Program Files\hpmonitor
[2012.10.03 18:54:44 | 000,000,000 | ---D | C] -- C:\Users\Judith\AppData\Roaming\mozilla
[2012.10.03 18:54:03 | 000,000,000 | ---D | C] -- C:\Windows\System32\searchplugins
[2012.10.03 18:54:03 | 000,000,000 | ---D | C] -- C:\Windows\System32\Extensions
[2012.10.03 18:53:56 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2012.10.01 21:43:24 | 000,000,000 | ---D | C] -- C:\Users\Judith\AppData\Local\Nero_AG
[2012.10.01 21:42:49 | 000,000,000 | ---D | C] -- C:\Users\Judith\AppData\Local\Nero
[2012.10.01 21:32:09 | 000,000,000 | ---D | C] -- C:\found.000
[2012.10.01 13:14:51 | 000,695,296 | ---- | C] (AnjoCaido) -- C:\Users\Judith\AppData\Roaming\MinecraftSP.exe
[2012.09.30 16:08:56 | 000,000,000 | ---D | C] -- C:\Users\Judith\AppData\Roaming\.minecraft
[2012.09.30 16:08:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2012.09.30 16:08:15 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012.09.30 16:07:38 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2012.09.30 10:57:46 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2012.09.29 17:43:43 | 000,000,000 | ---D | C] -- C:\Users\Judith\AppData\Roaming\OpenOffice.org
[2012.09.29 17:40:39 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.4.1
[2012.09.29 17:39:30 | 000,000,000 | ---D | C] -- C:\Program Files\OpenOffice.org 3
[2012.09.29 17:38:02 | 000,000,000 | ---D | C] -- C:\Program Files\OpenOffice.org 3.4.1 (de) Installation Files
[2012.09.29 12:07:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Canneverbe Limited
[2012.09.29 12:07:25 | 000,000,000 | ---D | C] -- C:\Users\Judith\AppData\Roaming\Canneverbe Limited
[2012.09.29 12:07:17 | 000,000,000 | ---D | C] -- C:\Program Files\CDBurnerXP
[2012.09.29 12:05:54 | 005,084,232 | ---- | C] (Canneverbe Limited                                          ) -- C:\Program Files\cdbxp_setup_4.4.1.3341_minimal.exe
[2012.09.29 11:17:32 | 000,000,000 | ---D | C] -- C:\Users\Judith\AppData\Roaming\Nero
[2012.09.29 11:10:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nero
[2012.09.29 11:10:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
[2012.09.29 11:10:47 | 000,000,000 | ---D | C] -- C:\Program Files\Nero
[2012.09.29 11:10:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero
[2012.09.29 11:05:30 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2012.09.29 10:50:19 | 307,323,208 | ---- | C] (Nero AG) -- C:\Program Files\Nero-12.0.02000_trial.exe
[2012.09.28 23:27:43 | 000,000,000 | ---D | C] -- C:\ProgramData\YTD Video Downloader
[2012.09.28 23:27:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader
[2012.09.28 23:27:27 | 000,000,000 | ---D | C] -- C:\Program Files\GreenTree Applications
[2012.09.28 22:27:18 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2012.09.28 21:30:52 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2012.09.28 21:28:40 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2012.09.28 21:27:47 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2012.09.28 18:08:36 | 000,000,000 | ---D | C] -- C:\Users\Judith\AppData\Roaming\WinRAR
[2012.09.28 18:08:36 | 000,000,000 | ---D | C] -- C:\Users\Judith\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012.09.28 18:08:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012.09.28 18:08:33 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2012.09.28 17:54:57 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent
[2012.09.28 17:54:18 | 000,000,000 | ---D | C] -- C:\Users\Judith\AppData\Roaming\uTorrent
[2012.09.28 17:54:07 | 000,896,912 | ---- | C] (BitTorrent, Inc.) -- C:\Program Files\uTorrent_3.2_b27886.exe
[2012.09.28 17:46:43 | 000,000,000 | ---D | C] -- C:\Users\Judith\AppData\Roaming\Skype
[2012.09.28 17:46:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012.09.28 17:46:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2012.09.28 17:46:36 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2012.09.28 17:46:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2012.09.28 16:57:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2012.09.28 16:57:17 | 000,355,632 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2012.09.28 16:57:17 | 000,021,256 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2012.09.28 16:57:16 | 000,044,784 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr2.sys
[2012.09.28 16:57:15 | 000,054,232 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2012.09.28 16:57:14 | 000,729,752 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2012.09.28 16:57:14 | 000,058,680 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2012.09.28 16:56:53 | 000,227,648 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2012.09.28 16:56:53 | 000,041,224 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2012.09.28 16:56:43 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2012.09.28 16:56:43 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2012.09.28 16:46:41 | 000,000,000 | ---D | C] -- C:\Users\Judith\AppData\Local\Google
[2012.09.28 16:46:33 | 000,000,000 | ---D | C] -- C:\Users\Judith\AppData\Local\Apps
[2012.09.28 16:46:32 | 000,000,000 | ---D | C] -- C:\Users\Judith\AppData\Local\Deployment
[2012.09.28 16:28:07 | 000,000,000 | ---D | C] -- C:\Users\Judith\AppData\Roaming\Macromedia
[2012.09.28 16:28:07 | 000,000,000 | ---D | C] -- C:\Users\Judith\AppData\Roaming\Adobe
[2012.09.28 16:28:04 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed
[2012.09.28 16:18:31 | 000,000,000 | ---D | C] -- C:\Users\Judith\AppData\Roaming\Intel Corporation
[2012.09.28 16:18:23 | 000,000,000 | ---D | C] -- C:\ProgramData\FLEXnet
[2012.09.28 16:18:21 | 000,000,000 | ---D | C] -- C:\Users\Judith\AppData\Local\FSP
[2012.09.28 16:13:48 | 000,000,000 | ---D | C] -- C:\Program Files\Hotkey OSD Driver
[2012.09.28 16:13:25 | 000,000,000 | ---D | C] -- C:\Program Files\VIA
[2012.09.28 16:12:34 | 000,000,000 | ---D | C] -- C:\Users\Judith\AppData\Roaming\InstallShield
[2012.09.28 16:11:49 | 000,000,000 | ---D | C] -- C:\Program Files\FSP
[2012.09.28 16:11:43 | 000,210,432 | ---- | C] (Sentelic Corporation.) -- C:\Windows\System32\StlFspAPI32.dll
[2012.09.28 16:11:43 | 000,027,136 | ---- | C] (Sentelic Corporation) -- C:\Windows\System32\drivers\fspad_win732.sys
[2012.09.28 16:09:54 | 000,000,000 | ---D | C] -- C:\Windows\System32\sda
[2012.09.28 16:09:22 | 000,000,000 | ---D | C] -- C:\Program Files\REALTEK PCIE Wireless LAN Driver
[2012.09.28 16:08:14 | 000,041,344 | ---- | C] (Motorola, Inc.) -- C:\Windows\System32\drivers\btmcom.sys
[2012.09.28 16:08:08 | 000,008,784 | ---- | C] (Motorola, Inc.) -- C:\Windows\System32\btmsstverschk.dll
[2012.09.28 16:08:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bluetooth
[2012.09.28 16:08:03 | 000,403,968 | ---- | C] (Motorola, Inc.) -- C:\Windows\System32\drivers\btmusb.sys
[2012.09.28 16:08:03 | 000,312,912 | ---- | C] (Motorola, Inc.) -- C:\Windows\System32\btmcls.dll
[2012.09.28 16:08:03 | 000,000,000 | ---D | C] -- C:\Program Files\Motorola
[2012.09.28 16:07:52 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Macrovision Shared
[2012.09.28 16:05:05 | 000,000,000 | ---D | C] -- C:\Users\Judith\AppData\Roaming\Intel
[2012.09.28 16:05:00 | 000,000,000 | ---D | C] -- C:\Users\Judith\Roaming
[2012.09.28 16:04:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless
[2012.09.28 16:04:27 | 000,000,000 | ---D | C] -- C:\Program Files\Cisco
[2012.09.28 16:00:51 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2012.09.28 15:59:41 | 000,068,720 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\System32\drivers\L1C62x86.sys
[2012.09.28 15:59:20 | 000,000,000 | ---D | C] -- C:\Windows\System32\Atheros_L1e
[2012.09.28 15:58:19 | 000,000,000 | ---D | C] -- C:\Windows\System32\RTCOM
[2012.09.28 15:58:03 | 001,783,056 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesLib.dll
[2012.09.28 15:58:03 | 001,723,536 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesGUILib.dll
[2012.09.28 15:58:02 | 000,345,328 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSXT.dll
[2012.09.28 15:58:02 | 000,214,352 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\System32\SFNHK.dll
[2012.09.28 15:58:02 | 000,185,584 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSHD.dll
[2012.09.28 15:58:02 | 000,173,296 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSHP360.dll
[2012.09.28 15:58:02 | 000,140,528 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSWOW.dll
[2012.09.28 15:58:02 | 000,074,064 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\System32\SFCOM.dll
[2012.09.28 15:58:02 | 000,068,944 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\System32\SFAPO.dll
[2012.09.28 15:57:55 | 000,359,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEP32A.dll
[2012.09.28 15:57:55 | 000,295,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DHT32.dll
[2012.09.28 15:57:55 | 000,295,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DAA32.dll
[2012.09.28 15:57:55 | 000,170,840 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEED32A.dll
[2012.09.28 15:57:55 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEL32A.dll
[2012.09.28 15:57:55 | 000,064,856 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEG32A.dll
[2012.09.28 15:57:54 | 001,705,816 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEP32A.dll
[2012.09.28 15:57:54 | 000,341,848 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EED32A.dll
[2012.09.28 15:57:54 | 000,252,760 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxVolumeSDAPO.dll
[2012.09.28 15:57:54 | 000,096,600 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEL32A.dll
[2012.09.28 15:57:54 | 000,081,240 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEA32A.dll
[2012.09.28 15:57:54 | 000,061,784 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEG32A.dll
[2012.09.28 15:57:53 | 001,938,704 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioEQ.dll
[2012.09.28 15:57:53 | 001,439,064 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioRealtek.dll
[2012.09.28 15:57:53 | 000,259,928 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO30.dll
[2012.09.28 15:57:52 | 000,232,792 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO20.dll
[2012.09.28 15:57:52 | 000,132,368 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO.dll
[2012.09.28 15:57:47 | 001,730,112 | ---- | C] (Fortemedia Corporation) -- C:\Windows\System32\FMAPO.dll
[2012.09.28 15:57:46 | 001,132,648 | ---- | C] (DTS) -- C:\Windows\System32\DTSS2SpeakerDLL.dll
[2012.09.28 15:57:46 | 000,962,664 | ---- | C] (DTS) -- C:\Windows\System32\DTSS2HeadphoneDLL.dll
[2012.09.28 15:57:46 | 000,429,160 | ---- | C] (DTS) -- C:\Windows\System32\DTSSymmetryDLL.dll
[2012.09.28 15:57:46 | 000,406,120 | ---- | C] (DTS) -- C:\Windows\System32\DTSVoiceClarityDLL.dll
[2012.09.28 15:57:46 | 000,291,432 | ---- | C] (DTS) -- C:\Windows\System32\DTSNeoPCDLL.dll
[2012.09.28 15:57:46 | 000,236,648 | ---- | C] (DTS) -- C:\Windows\System32\DTSGainCompensatorDLL.dll
[2012.09.28 15:57:46 | 000,224,360 | ---- | C] (DTS) -- C:\Windows\System32\DTSLimiterDLL.dll
[2012.09.28 15:57:46 | 000,107,112 | ---- | C] (DTS) -- C:\Windows\System32\DTSLFXAPO.dll
[2012.09.28 15:57:46 | 000,106,600 | ---- | C] (DTS) -- C:\Windows\System32\DTSGFXAPONS.dll
[2012.09.28 15:57:45 | 000,901,224 | ---- | C] (DTS) -- C:\Windows\System32\DTSBoostDLL.dll
[2012.09.28 15:57:45 | 000,448,616 | ---- | C] (DTS) -- C:\Windows\System32\DTSBassEnhancementDLL.dll
[2012.09.28 15:57:45 | 000,107,112 | ---- | C] (DTS) -- C:\Windows\System32\DTSGFXAPO.dll
[2012.09.28 15:57:44 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2012.09.28 15:57:44 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2012.09.28 15:57:41 | 000,000,000 | -H-D | C] -- C:\Program Files\Temp
[2012.09.28 15:57:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield
[2012.09.28 15:48:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2012.09.28 15:48:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Intel
[2012.09.28 15:48:15 | 000,000,000 | ---D | C] -- C:\Windows\System32\NV
[2012.09.28 15:46:13 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2012.09.28 15:45:59 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2012.09.28 15:45:23 | 000,057,960 | ---- | C] (Khronos Group) -- C:\Windows\System32\OpenCL.dll
[2012.09.28 15:44:23 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Intel
[2012.09.28 15:42:09 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2012.09.28 15:41:28 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
[2012.09.28 15:41:20 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\postureAgent
[2012.09.28 15:40:17 | 000,053,248 | R--- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\System32\CSVer.dll
[2012.09.28 15:40:17 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2012.09.28 15:40:06 | 000,000,000 | ---D | C] -- C:\Intel
[2012.09.28 15:38:34 | 000,000,000 | R--D | C] -- C:\Users\Judith\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012.09.28 15:38:34 | 000,000,000 | R--D | C] -- C:\Users\Judith\Searches
[2012.09.28 15:38:34 | 000,000,000 | R--D | C] -- C:\Users\Judith\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012.09.28 15:38:25 | 000,000,000 | ---D | C] -- C:\Users\Judith\AppData\Roaming\Identities
[2012.09.28 15:38:24 | 000,000,000 | R--D | C] -- C:\Users\Judith\Contacts
[2012.09.28 15:38:18 | 000,000,000 | ---D | C] -- C:\Users\Judith\AppData\Local\VirtualStore
[2012.09.28 15:38:17 | 000,000,000 | --SD | C] -- C:\Users\Judith\AppData\Roaming\Microsoft
[2012.09.28 15:38:17 | 000,000,000 | R--D | C] -- C:\Users\Judith\Videos
[2012.09.28 15:38:17 | 000,000,000 | R--D | C] -- C:\Users\Judith\Saved Games
[2012.09.28 15:38:17 | 000,000,000 | R--D | C] -- C:\Users\Judith\Pictures
[2012.09.28 15:38:17 | 000,000,000 | R--D | C] -- C:\Users\Judith\Music
[2012.09.28 15:38:17 | 000,000,000 | R--D | C] -- C:\Users\Judith\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012.09.28 15:38:17 | 000,000,000 | R--D | C] -- C:\Users\Judith\Links
[2012.09.28 15:38:17 | 000,000,000 | R--D | C] -- C:\Users\Judith\Favorites
[2012.09.28 15:38:17 | 000,000,000 | R--D | C] -- C:\Users\Judith\Downloads
[2012.09.28 15:38:17 | 000,000,000 | R--D | C] -- C:\Users\Judith\Documents
[2012.09.28 15:38:17 | 000,000,000 | R--D | C] -- C:\Users\Judith\Desktop
[2012.09.28 15:38:17 | 000,000,000 | R--D | C] -- C:\Users\Judith\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012.09.28 15:38:17 | 000,000,000 | -HSD | C] -- C:\Users\Judith\Vorlagen
[2012.09.28 15:38:17 | 000,000,000 | -HSD | C] -- C:\Users\Judith\AppData\Local\Verlauf
[2012.09.28 15:38:17 | 000,000,000 | -HSD | C] -- C:\Users\Judith\AppData\Local\Temporary Internet Files
[2012.09.28 15:38:17 | 000,000,000 | -HSD | C] -- C:\Users\Judith\Startmenü
[2012.09.28 15:38:17 | 000,000,000 | -HSD | C] -- C:\Users\Judith\SendTo
[2012.09.28 15:38:17 | 000,000,000 | -HSD | C] -- C:\Users\Judith\Recent
[2012.09.28 15:38:17 | 000,000,000 | -HSD | C] -- C:\Users\Judith\Netzwerkumgebung
[2012.09.28 15:38:17 | 000,000,000 | -HSD | C] -- C:\Users\Judith\Lokale Einstellungen
[2012.09.28 15:38:17 | 000,000,000 | -HSD | C] -- C:\Users\Judith\Documents\Eigene Videos
[2012.09.28 15:38:17 | 000,000,000 | -HSD | C] -- C:\Users\Judith\Documents\Eigene Musik
[2012.09.28 15:38:17 | 000,000,000 | -HSD | C] -- C:\Users\Judith\Eigene Dateien
[2012.09.28 15:38:17 | 000,000,000 | -HSD | C] -- C:\Users\Judith\Documents\Eigene Bilder
[2012.09.28 15:38:17 | 000,000,000 | -HSD | C] -- C:\Users\Judith\Druckumgebung
[2012.09.28 15:38:17 | 000,000,000 | -HSD | C] -- C:\Users\Judith\Cookies
[2012.09.28 15:38:17 | 000,000,000 | -HSD | C] -- C:\Users\Judith\AppData\Local\Anwendungsdaten
[2012.09.28 15:38:17 | 000,000,000 | -HSD | C] -- C:\Users\Judith\Anwendungsdaten
[2012.09.28 15:38:17 | 000,000,000 | -H-D | C] -- C:\Users\Judith\AppData
[2012.09.28 15:38:17 | 000,000,000 | ---D | C] -- C:\Users\Judith\AppData\Local\Temp
[2012.09.28 15:38:17 | 000,000,000 | ---D | C] -- C:\Users\Judith\AppData\Local\Microsoft
[2012.09.28 15:38:17 | 000,000,000 | ---D | C] -- C:\Users\Judith\AppData\Roaming\Media Center Programs
[2012.09.28 15:38:11 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen
[2012.09.28 15:38:11 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü
[2012.09.28 15:38:11 | 000,000,000 | -HSD | C] -- C:\Programme
[2012.09.28 15:38:11 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien
[2012.09.28 15:38:11 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten
[2012.09.28 15:38:11 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos
[2012.09.28 15:38:11 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik
[2012.09.28 15:38:11 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder
[2012.09.28 15:38:11 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen
[2012.09.28 15:38:11 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente
[2012.09.28 15:38:11 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten
[2012.09.28 15:38:11 | 000,000,000 | ---D | C] -- C:\Recovery
 
========== Files - Modified Within 30 Days ==========
 
[2012.10.07 11:38:02 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.10.07 11:37:42 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.10.07 11:37:33 | 2577,801,216 | -HS- | M] () -- C:\hiberfil.sys
[2012.10.06 23:50:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.10.06 23:47:00 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.10.06 18:34:04 | 000,014,784 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.10.06 18:34:04 | 000,014,784 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.10.06 18:31:08 | 000,654,166 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.10.06 18:31:08 | 000,616,008 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.10.06 18:31:08 | 000,130,006 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.10.06 18:31:08 | 000,106,388 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.10.06 15:58:17 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Judith\Desktop\OTL.exe
[2012.10.06 10:39:37 | 000,513,501 | ---- | M] () -- C:\Users\Judith\Desktop\adwcleaner.exe
[2012.10.05 14:59:58 | 000,002,003 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012.10.05 14:59:55 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2012.10.04 14:03:00 | 000,000,000 | ---- | M] () -- C:\Users\Judith\defogger_reenable
[2012.10.04 12:42:59 | 000,002,197 | ---- | M] () -- C:\Users\Judith\Desktop\Google Chrome.lnk
[2012.10.04 12:38:29 | 000,511,520 | ---- | M] () -- C:\Program Files\gamesplayerinstall.exe
[2012.10.03 21:35:44 | 000,000,969 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.10.03 21:34:54 | 003,941,312 | ---- | M] (Piriform Ltd) -- C:\Program Files\ccsetup323.exe
[2012.10.03 21:15:49 | 000,001,052 | ---- | M] () -- C:\Users\Judith\Desktop\Maxthon 3.lnk
[2012.10.03 19:54:20 | 000,001,226 | ---- | M] () -- C:\Users\Judith\Desktop\Revo Uninstaller.lnk
[2012.10.01 16:37:18 | 005,563,772 | ---- | M] () -- C:\Users\Judith\AppData\Roaming\Sieg17_atheriapolis.zip
[2012.10.01 13:14:55 | 000,695,296 | ---- | M] (AnjoCaido) -- C:\Users\Judith\AppData\Roaming\MinecraftSP.exe
[2012.09.30 11:58:34 | 000,293,144 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.09.30 11:06:29 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2012.09.29 18:45:37 | 000,024,283 | ---- | M] () -- C:\Users\Judith\Documents\SAGA  29.9.12.odt
[2012.09.29 17:40:39 | 000,001,130 | ---- | M] () -- C:\Users\Public\Desktop\OpenOffice.org 3.4.1.lnk
[2012.09.29 17:34:05 | 152,249,762 | ---- | M] () -- C:\Program Files\Apache_OpenOffice_incubating_3.4.1_Win_x86_install_de.exe
[2012.09.29 12:07:19 | 000,001,899 | ---- | M] () -- C:\Users\Public\Desktop\CDBurnerXP.lnk
[2012.09.29 12:06:06 | 005,084,232 | ---- | M] (Canneverbe Limited                                          ) -- C:\Program Files\cdbxp_setup_4.4.1.3341_minimal.exe
[2012.09.29 11:15:30 | 000,002,785 | ---- | M] () -- C:\Users\Public\Desktop\Nero Video 12.lnk
[2012.09.29 11:14:52 | 000,002,889 | ---- | M] () -- C:\Users\Public\Desktop\Nero Recode 12.lnk
[2012.09.29 11:13:10 | 000,002,771 | ---- | M] () -- C:\Users\Public\Desktop\Nero BackItUp 12.lnk
[2012.09.29 11:12:51 | 000,002,857 | ---- | M] () -- C:\Users\Public\Desktop\Nero 12.lnk
[2012.09.29 11:12:20 | 000,002,831 | ---- | M] () -- C:\Users\Public\Desktop\Nero Burning ROM 12.lnk
[2012.09.28 23:33:51 | 257,181,379 | ---- | M] () -- C:\Users\Judith\Documents\Mapouka Zouglou Mix.mp4
[2012.09.28 23:27:28 | 000,001,251 | ---- | M] () -- C:\Users\Public\Desktop\YTD Video Downloader.lnk
[2012.09.28 23:26:03 | 005,680,640 | ---- | M] () -- C:\Program Files\YTDSetup_3.9.2.exe
[2012.09.28 21:31:15 | 000,052,953 | ---- | M] () -- C:\Windows\System32\license.rtf
[2012.09.28 21:30:01 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012.09.28 18:08:24 | 001,609,146 | ---- | M] () -- C:\Program Files\wrar420d.exe
[2012.09.28 17:54:57 | 000,000,917 | ---- | M] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2012.09.28 17:54:16 | 000,896,912 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\uTorrent_3.2_b27886.exe
[2012.09.28 17:46:37 | 000,002,503 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2012.09.28 17:45:59 | 019,337,216 | ---- | M] () -- C:\Program Files\SkypeSetup_5.10.0.116.msi
[2012.09.28 16:56:13 | 093,654,616 | ---- | M] () -- C:\Program Files\avast_free_antivirus_setup_7.0.1466.exe
[2012.09.28 16:38:31 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_ViaHub3_01009.Wdf
[2012.09.28 16:37:46 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_xhcdrv_01009.Wdf
[2012.09.28 16:13:52 | 000,000,178 | ---- | M] () -- C:\Windows\HotKeyOSD.UNI
[2012.09.28 16:01:49 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_btmaux_01009.Wdf
[2012.09.28 16:01:39 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_iBtFltCoex_01009.Wdf
[2012.09.28 15:46:26 | 000,015,640 | ---- | M] () -- C:\Windows\System32\results.xml
 
========== Files Created - No Company Name ==========
 
[2012.10.06 10:39:31 | 000,513,501 | ---- | C] () -- C:\Users\Judith\Desktop\adwcleaner.exe
[2012.10.04 14:03:00 | 000,000,000 | ---- | C] () -- C:\Users\Judith\defogger_reenable
[2012.10.04 12:42:59 | 000,002,197 | ---- | C] () -- C:\Users\Judith\Desktop\Google Chrome.lnk
[2012.10.04 12:42:06 | 000,001,098 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.10.04 12:42:06 | 000,001,094 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.10.04 12:38:29 | 000,511,520 | ---- | C] () -- C:\Program Files\gamesplayerinstall.exe
[2012.10.03 21:35:44 | 000,000,969 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.10.03 21:15:49 | 000,001,052 | ---- | C] () -- C:\Users\Judith\Desktop\Maxthon 3.lnk
[2012.10.03 19:54:20 | 000,001,226 | ---- | C] () -- C:\Users\Judith\Desktop\Revo Uninstaller.lnk
[2012.10.01 16:37:05 | 005,563,772 | ---- | C] () -- C:\Users\Judith\AppData\Roaming\Sieg17_atheriapolis.zip
[2012.09.30 11:06:29 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2012.09.29 18:45:35 | 000,024,283 | ---- | C] () -- C:\Users\Judith\Documents\SAGA  29.9.12.odt
[2012.09.29 17:40:39 | 000,001,130 | ---- | C] () -- C:\Users\Public\Desktop\OpenOffice.org 3.4.1.lnk
[2012.09.29 17:31:07 | 152,249,762 | ---- | C] () -- C:\Program Files\Apache_OpenOffice_incubating_3.4.1_Win_x86_install_de.exe
[2012.09.29 12:07:19 | 000,001,899 | ---- | C] () -- C:\Users\Public\Desktop\CDBurnerXP.lnk
[2012.09.29 12:07:19 | 000,001,849 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
[2012.09.29 11:15:30 | 000,002,785 | ---- | C] () -- C:\Users\Public\Desktop\Nero Video 12.lnk
[2012.09.29 11:14:52 | 000,002,889 | ---- | C] () -- C:\Users\Public\Desktop\Nero Recode 12.lnk
[2012.09.29 11:13:10 | 000,002,771 | ---- | C] () -- C:\Users\Public\Desktop\Nero BackItUp 12.lnk
[2012.09.29 11:12:51 | 000,002,857 | ---- | C] () -- C:\Users\Public\Desktop\Nero 12.lnk
[2012.09.29 11:12:20 | 000,002,831 | ---- | C] () -- C:\Users\Public\Desktop\Nero Burning ROM 12.lnk
[2012.09.28 23:28:33 | 257,181,379 | ---- | C] () -- C:\Users\Judith\Documents\Mapouka Zouglou Mix.mp4
[2012.09.28 23:27:28 | 000,001,251 | ---- | C] () -- C:\Users\Public\Desktop\YTD Video Downloader.lnk
[2012.09.28 23:25:41 | 005,680,640 | ---- | C] () -- C:\Program Files\YTDSetup_3.9.2.exe
[2012.09.28 21:31:10 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2012.09.28 21:31:01 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2012.09.28 21:30:01 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012.09.28 21:27:47 | 2577,801,216 | -HS- | C] () -- C:\hiberfil.sys
[2012.09.28 18:08:12 | 001,609,146 | ---- | C] () -- C:\Program Files\wrar420d.exe
[2012.09.28 17:54:57 | 000,000,917 | ---- | C] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2012.09.28 17:46:37 | 000,002,503 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2012.09.28 17:44:53 | 019,337,216 | ---- | C] () -- C:\Program Files\SkypeSetup_5.10.0.116.msi
[2012.09.28 16:57:18 | 000,002,003 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012.09.28 16:54:36 | 093,654,616 | ---- | C] () -- C:\Program Files\avast_free_antivirus_setup_7.0.1466.exe
[2012.09.28 16:38:31 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_ViaHub3_01009.Wdf
[2012.09.28 16:37:46 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_xhcdrv_01009.Wdf
[2012.09.28 16:28:05 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.09.28 16:13:52 | 000,000,178 | ---- | C] () -- C:\Windows\HotKeyOSD.UNI
[2012.09.28 16:09:21 | 000,451,072 | ---- | C] () -- C:\Windows\System32\ISSRemoveSP.exe
[2012.09.28 16:01:49 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_btmaux_01009.Wdf
[2012.09.28 16:01:39 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_iBtFltCoex_01009.Wdf
[2012.09.28 15:46:26 | 000,015,640 | ---- | C] () -- C:\Windows\System32\results.xml
[2012.09.28 15:46:05 | 001,818,352 | R--- | C] () -- C:\Windows\System32\nvcoproc.bin
[2012.09.28 15:45:56 | 000,004,215 | ---- | C] () -- C:\Windows\System32\nvinfo.pb
[2012.09.28 15:44:01 | 001,921,265 | ---- | C] () -- C:\Windows\System32\iglhxa32.cpa
[2012.09.28 15:44:01 | 000,960,940 | ---- | C] () -- C:\Windows\System32\igkrng600.bin
[2012.09.28 15:44:01 | 000,208,335 | ---- | C] () -- C:\Windows\System32\Gfxres.th-TH.resources
[2012.09.28 15:44:01 | 000,207,376 | ---- | C] () -- C:\Windows\System32\igfcg600m.bin
[2012.09.28 15:44:01 | 000,195,681 | ---- | C] () -- C:\Windows\System32\Gfxres.el-GR.resources
[2012.09.28 15:44:01 | 000,180,246 | ---- | C] () -- C:\Windows\System32\Gfxres.ru-RU.resources
[2012.09.28 15:44:01 | 000,154,366 | ---- | C] () -- C:\Windows\System32\Gfxres.ar-SA.resources
[2012.09.28 15:44:01 | 000,151,350 | ---- | C] () -- C:\Windows\System32\Gfxres.ja-JP.resources
[2012.09.28 15:44:01 | 000,147,392 | ---- | C] () -- C:\Windows\System32\Gfxres.he-IL.resources
[2012.09.28 15:44:01 | 000,145,804 | ---- | C] () -- C:\Windows\System32\igcompkrng600.bin
[2012.09.28 15:44:01 | 000,138,635 | ---- | C] () -- C:\Windows\System32\Gfxres.it-IT.resources
[2012.09.28 15:44:01 | 000,137,000 | ---- | C] () -- C:\Windows\System32\Gfxres.ko-KR.resources
[2012.09.28 15:44:01 | 000,136,226 | ---- | C] () -- C:\Windows\System32\Gfxres.de-DE.resources
[2012.09.28 15:44:01 | 000,136,172 | ---- | C] () -- C:\Windows\System32\Gfxres.es-ES.resources
[2012.09.28 15:44:01 | 000,135,119 | ---- | C] () -- C:\Windows\System32\Gfxres.ro-RO.resources
[2012.09.28 15:44:01 | 000,134,081 | ---- | C] () -- C:\Windows\System32\Gfxres.fr-FR.resources
[2012.09.28 15:44:01 | 000,133,868 | ---- | C] () -- C:\Windows\System32\Gfxres.tr-TR.resources
[2012.09.28 15:44:01 | 000,133,321 | ---- | C] () -- C:\Windows\System32\Gfxres.pt-BR.resources
[2012.09.28 15:44:01 | 000,132,876 | ---- | C] () -- C:\Windows\System32\Gfxres.nl-NL.resources
[2012.09.28 15:44:01 | 000,132,861 | ---- | C] () -- C:\Windows\System32\Gfxres.hu-HU.resources
[2012.09.28 15:44:01 | 000,132,422 | ---- | C] () -- C:\Windows\System32\Gfxres.sv-SE.resources
[2012.09.28 15:44:01 | 000,132,299 | ---- | C] () -- C:\Windows\System32\Gfxres.pt-PT.resources
[2012.09.28 15:44:01 | 000,131,897 | ---- | C] () -- C:\Windows\System32\Gfxres.cs-CZ.resources
[2012.09.28 15:44:01 | 000,131,711 | ---- | C] () -- C:\Windows\System32\Gfxres.pl-PL.resources
[2012.09.28 15:44:01 | 000,131,456 | ---- | C] () -- C:\Windows\System32\Gfxres.fi-FI.resources
[2012.09.28 15:44:01 | 000,131,290 | ---- | C] () -- C:\Windows\System32\Gfxres.sk-SK.resources
[2012.09.28 15:44:01 | 000,130,414 | ---- | C] () -- C:\Windows\System32\Gfxres.hr-HR.resources
[2012.09.28 15:44:01 | 000,127,599 | ---- | C] () -- C:\Windows\System32\Gfxres.sl-SI.resources
[2012.09.28 15:44:01 | 000,127,367 | ---- | C] () -- C:\Windows\System32\Gfxres.nb-NO.resources
[2012.09.28 15:44:01 | 000,127,109 | ---- | C] () -- C:\Windows\System32\Gfxres.da-DK.resources
[2012.09.28 15:44:01 | 000,122,646 | ---- | C] () -- C:\Windows\System32\Gfxres.en-US.resources
[2012.09.28 15:44:01 | 000,116,413 | ---- | C] () -- C:\Windows\System32\Gfxres.zh-TW.resources
[2012.09.28 15:44:01 | 000,115,195 | ---- | C] () -- C:\Windows\System32\Gfxres.zh-CN.resources
[2012.09.28 15:44:01 | 000,094,208 | ---- | C] () -- C:\Windows\System32\IccLibDll.dll
[2012.09.28 15:44:01 | 000,062,816 | ---- | C] () -- C:\Windows\System32\iglhxs32.vp
[2012.09.28 15:44:01 | 000,060,226 | ---- | C] () -- C:\Windows\System32\iglhxc32.vp
[2012.09.28 15:44:01 | 000,060,015 | ---- | C] () -- C:\Windows\System32\iglhxo32.vp
[2012.09.28 15:44:01 | 000,004,096 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll
[2012.09.28 15:44:01 | 000,001,090 | ---- | C] () -- C:\Windows\System32\iglhxa32.vp
[2012.09.28 15:44:01 | 000,000,151 | ---- | C] () -- C:\Windows\System32\GfxUI.exe.config
[2012.09.28 15:41:26 | 000,008,192 | R--- | C] () -- C:\Windows\System32\drivers\IntelMEFWVer.dll
[2012.09.28 15:38:35 | 000,001,413 | ---- | C] () -- C:\Users\Judith\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011.08.07 13:41:36 | 000,305,256 | ---- | C] () -- C:\Windows\System32\nvStreaming.exe
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:46:56 | 012,868,608 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.07.14 03:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2012.10.05 15:57:13 | 000,000,000 | ---D | M] -- C:\Users\Judith\AppData\Roaming\.minecraft
[2012.10.05 15:57:13 | 000,000,000 | ---D | M] -- C:\Users\Judith\AppData\Roaming\Canneverbe Limited
[2012.10.05 15:57:14 | 000,000,000 | ---D | M] -- C:\Users\Judith\AppData\Roaming\Maxthon3
[2012.10.05 15:57:16 | 000,000,000 | ---D | M] -- C:\Users\Judith\AppData\Roaming\OpenOffice.org
[2012.10.07 00:04:20 | 000,000,000 | ---D | M] -- C:\Users\Judith\AppData\Roaming\uTorrent
 
========== Purity Check ==========
 
 

< End of report >

05.10.2012, 13:19	#4
schrauber /// the machine /// TB-Ausbilder	Babylon Search und Minecraft Backdoor Hi, Malwarebytes bitte updaten und nen Quick Scan machen, Funde löschen lassen und log posten. Poste bitte ausserdem ein frisches OTL logfile. __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

06.10.2012, 09:18	#10
schrauber /// the machine /// TB-Ausbilder	Babylon Search und Minecraft Backdoor Wo ist das Fixlog von AdwCleaner? __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

07.10.2012, 09:23	#14
schrauber /// the machine /// TB-Ausbilder	Babylon Search und Minecraft Backdoor Ok, poste bitte ein letztes frisches OTL logfile, wenn keine Probleme mehr vorhanden sind räumen wir unsere arbeit auf __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

Babylon Search und Minecraft Backdoor

Log-Analyse und Auswertung: Babylon Search und Minecraft Backdoor