| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: AKM Virus entfernen - Zahlung von 100,00 Euro zum entsperrenWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
10.01.2014, 11:44
| #1 |
 |  AKM Virus entfernen - Zahlung von 100,00 Euro zum entsperren Hallo zusammen, leider habe ich auf meinem Hauptrechner seit heute den AKM Virus mit bekannter Ausforderung 100,00 € zu zahlen. Mit der OTLpe habe bereits gebootet. Das Ergebnis der beiden Dateien angefügt. Würde mich sehr über Hilfe freuen, da ich sonst einen Tag Urlaub einlegen kann :-( Lieben Dank Nadine OTL.exe Code:
ATTFilter OTL logfile created on: 1/10/2014 11:21:33 AM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
64bit-Windows 7 Ultimate Service Pack 1 (Version = 6.1.7601) - Type = System
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 89.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = K: | %SystemRoot% = K:\Windows | %ProgramFiles% = K:\Program Files (x86)
Drive C: | 229.27 Gb Total Space | 48.09 Gb Free Space | 20.97% Space Free | Partition Type: NTFS
Drive D: | 931.28 Gb Total Space | 774.30 Gb Free Space | 83.14% Space Free | Partition Type: FAT32
Drive E: | 931.51 Gb Total Space | 211.76 Gb Free Space | 22.73% Space Free | Partition Type: NTFS
Drive F: | 229.14 Gb Total Space | 216.75 Gb Free Space | 94.59% Space Free | Partition Type: NTFS
Drive K: | 458.46 Gb Total Space | 177.07 Gb Free Space | 38.62% Space Free | Partition Type: NTFS
Drive L: | 1.92 Gb Total Space | 1.91 Gb Free Space | 99.45% Space Free | Partition Type: FAT32
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2013/12/09 21:14:39 | 015,129,376 | ---- | M] (NVIDIA Corporation) [Auto] -- K:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV:64bit: - [2013/10/16 08:08:06 | 000,186,056 | ---- | M] (Sandboxie Holdings, LLC) [Auto] -- K:\Program Files\Sandboxie\SbieSvc.exe -- (SbieSvc)
SRV:64bit: - [2012/11/29 09:34:34 | 000,032,448 | ---- | M] () [Auto] -- K:\Program Files\UCT\HDR Express 2\HDRExpress2Service.exe -- (HDRExpress2Service)
SRV:64bit: - [2012/07/26 13:26:40 | 000,216,072 | ---- | M] (Nitro PDF Software) [Auto] -- K:\Program Files\Common Files\Nitro PDF\Professional\7.0\NitroPDFDriverService2x64.exe -- (NitroDriverReadSpool2)
SRV:64bit: - [2010/11/30 07:27:58 | 000,336,824 | ---- | M] (arvato digital services llc) [Auto] -- K:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2_x64)
SRV:64bit: - [2009/07/13 20:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto] -- K:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 20:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand] -- K:\Windows\System32\appmgmts.dll -- (AppMgmt)
SRV - [2013/12/26 14:12:41 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand] -- K:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/12/09 21:14:56 | 001,494,304 | ---- | M] (NVIDIA Corporation) [Auto] -- K:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2013/09/11 18:17:46 | 000,414,496 | ---- | M] (NVIDIA Corporation) [Auto] -- K:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2013/09/05 03:34:30 | 000,171,680 | R--- | M] (Skype Technologies) [Auto] -- K:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/09/02 09:29:08 | 005,071,712 | ---- | M] (TeamViewer GmbH) [Auto] -- K:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2013/07/25 13:27:18 | 000,042,064 | ---- | M] (iannet) [Auto] -- K:\Program Files (x86)\iannet\SiteMonitorEnterprise\SiteMonitorEnterprise.exe -- (SiteMonitorEnterprise)
SRV - [2013/06/23 04:19:46 | 012,867,584 | ---- | M] () [On_Demand] -- K:\wamp\bin\mysql\mysql5.6.12\bin\mysqld.exe -- (wampmysqld)
SRV - [2013/06/23 04:09:48 | 000,024,576 | ---- | M] (Apache Software Foundation) [On_Demand] -- K:\wamp\bin\apache\apache2.4.4\bin\httpd.exe -- (wampapache)
SRV - [2013/04/04 07:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto] -- K:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 07:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto] -- K:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/07/08 18:40:10 | 000,104,912 | ---- | M] (Microsoft Corporation) [Auto] -- K:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2012/06/08 02:33:24 | 003,246,040 | ---- | M] (Acronis) [Auto] -- K:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe -- (afcdpsrv)
SRV - [2012/06/04 05:05:54 | 002,871,024 | ---- | M] (Arclab Software GbR) [Auto] -- K:\Program Files (x86)\Arclab\MailList Controller\amlcSVC.exe -- (MailList Controller)
SRV - [2012/03/28 15:42:58 | 000,066,560 | ---- | M] (Nalpeiron Ltd.) [Auto] -- K:\Windows\SysWOW64\nlssrv32.exe -- (nlsX86cc)
SRV - [2012/03/27 03:11:08 | 004,125,864 | ---- | M] (deltra Business Software GmbH & Co. KG) [Auto] -- K:\orgaMAX\orgamaxmobil_service.exe -- (orgaMAXMobileService)
SRV - [2012/01/18 09:47:28 | 000,433,264 | ---- | M] (VMware, Inc.) [Auto] -- K:\Windows\SysWOW64\vmnat.exe -- (VMware NAT Service)
SRV - [2012/01/18 09:47:20 | 000,354,416 | ---- | M] (VMware, Inc.) [Auto] -- K:\Windows\SysWOW64\vmnetdhcp.exe -- (VMnetDHCP)
SRV - [2012/01/18 09:04:52 | 011,839,488 | ---- | M] () [On_Demand] -- K:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe -- (VMwareHostd)
SRV - [2012/01/18 07:27:20 | 000,079,872 | ---- | M] (VMware, Inc.) [Auto] -- K:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe -- (VMAuthdService)
SRV - [2011/09/22 15:21:28 | 001,114,280 | ---- | M] (Acronis) [Auto] -- K:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2011/08/29 16:11:04 | 000,846,448 | ---- | M] (VMware, Inc.) [Auto] -- K:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe -- (VMUSBArbService)
SRV - [2010/10/21 19:00:00 | 000,376,832 | ---- | M] (AVM Berlin) [Auto] -- K:\Program Files (x86)\avmwlanstick\WLanNetService.exe -- (AVM WLAN Connection Service)
SRV - [2010/02/19 06:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- K:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/06/10 16:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand] -- K:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/04/30 05:23:26 | 000,090,112 | ---- | M] () [Auto] -- K:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe -- (OMSI download service)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2013/12/05 03:42:30 | 000,039,200 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- K:\Windows\System32\drivers\nvvad64v.sys -- (nvvad_WaveExtensible) NVIDIA Virtual Audio Device (Wave Extensible) (WDM)
DRV:64bit: - [2013/10/16 08:08:04 | 000,200,552 | ---- | M] (Sandboxie Holdings, LLC) [Kernel | On_Demand] -- K:\Program Files\Sandboxie\SbieDrv.sys -- (SbieDrv)
DRV:64bit: - [2013/04/04 07:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand] -- K:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2013/04/04 04:33:50 | 000,051,496 | ---- | M] (Yamaha Corporation) [Kernel | On_Demand] -- K:\Windows\System32\drivers\ymidusbx64.sys -- (YMIDUSBW) Yamaha USB-MIDI Driver (WDM)
DRV:64bit: - [2012/09/21 14:04:22 | 004,763,680 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- K:\Windows\System32\drivers\lvuvc64.sys -- (LVUVC64) Logitech HD Webcam C310(UVC)
DRV:64bit: - [2012/09/21 14:04:22 | 000,351,520 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- K:\Windows\System32\drivers\lvrs64.sys -- (LVRS64)
DRV:64bit: - [2012/08/29 05:50:38 | 000,057,408 | ---- | M] (MusicLab, Inc.) [Kernel | On_Demand] -- K:\Windows\System32\drivers\mlkumidi.sys -- (mlkumidi)
DRV:64bit: - [2012/08/03 17:21:19 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System] -- K:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012/06/08 02:33:25 | 000,285,280 | ---- | M] (Acronis) [File_System | On_Demand] -- K:\Windows\System32\drivers\afcdp.sys -- (afcdp)
DRV:64bit: - [2012/06/08 02:33:23 | 001,263,200 | ---- | M] (Acronis) [Kernel | Boot] -- K:\Windows\System32\drivers\tdrpm273.sys -- (tdrpman273) Acronis Try&Decide and Restore Points filter (build 273)
DRV:64bit: - [2012/06/08 02:33:21 | 000,970,336 | ---- | M] (Acronis) [Kernel | Boot] -- K:\Windows\System32\drivers\timntr.sys -- (timounter)
DRV:64bit: - [2012/06/08 02:33:15 | 000,277,088 | ---- | M] (Acronis) [Kernel | Boot] -- K:\Windows\System32\drivers\snapman.sys -- (snapman)
DRV:64bit: - [2012/06/08 00:43:09 | 000,142,944 | ---- | M] (Acronis) [Kernel | Boot] -- K:\Windows\System32\drivers\vsflt61.sys -- (vidsflt61) Acronis Disk Storage Filter (61)
DRV:64bit: - [2012/06/08 00:43:06 | 000,133,728 | ---- | M] (Acronis) [Kernel | Boot] -- K:\Windows\System32\drivers\fltsrv.sys -- (fltsrv)
DRV:64bit: - [2012/01/18 09:47:44 | 000,063,088 | ---- | M] (VMware, Inc.) [Kernel | Auto] -- K:\Windows\System32\drivers\vmx86.sys -- (vmx86)
DRV:64bit: - [2012/01/18 09:46:18 | 000,030,320 | ---- | M] (VMware, Inc.) [Kernel | Auto] -- K:\Windows\System32\drivers\vmnetuserif.sys -- (VMnetuserif)
DRV:64bit: - [2012/01/18 07:06:00 | 000,045,680 | ---- | M] (VMware, Inc.) [Kernel | Auto] -- K:\Windows\System32\drivers\vmnetbridge.sys -- (VMnetBridge)
DRV:64bit: - [2012/01/18 07:06:00 | 000,020,080 | ---- | M] (VMware, Inc.) [Kernel | On_Demand] -- K:\Windows\System32\drivers\vmnetadapter.sys -- (VMnetAdapter)
DRV:64bit: - [2011/11/02 20:01:00 | 000,056,208 | ---- | M] (Rovi Corporation) [Kernel | Boot] -- K:\Windows\System32\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2011/08/29 16:11:04 | 000,039,024 | ---- | M] (VMware, Inc.) [Kernel | Auto] -- K:\Windows\System32\drivers\hcmon.sys -- (hcmon)
DRV:64bit: - [2011/08/29 16:01:10 | 000,037,680 | ---- | M] (VMware, Inc.) [Kernel | On_Demand] -- K:\Windows\System32\drivers\vmusb.sys -- (vmusb)
DRV:64bit: - [2011/08/10 09:40:58 | 000,052,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- K:\Windows\System32\drivers\dc3d.sys -- (dc3d) MS Hardware Device Detection Driver (USB)
DRV:64bit: - [2011/08/08 08:59:12 | 000,116,336 | ---- | M] (VMware, Inc.) [Kernel | Boot] -- K:\Windows\System32\drivers\vmci.sys -- (vmci)
DRV:64bit: - [2011/07/07 23:43:55 | 000,011,576 | ---- | M] (Samsung Electronics) [Kernel | Auto] -- K:\Windows\System32\drivers\SSPORT.SYS -- (SSPORT)
DRV:64bit: - [2011/07/07 23:43:53 | 000,053,816 | ---- | M] (Samsung Electronics Co., Ltd.) [Kernel | Auto] -- K:\Windows\System32\drivers\DGIVECP.SYS -- (DgiVecp)
DRV:64bit: - [2011/02/16 19:53:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand] -- K:\Windows\System32\drivers\wdcsam64.sys -- (WDC_SAM)
DRV:64bit: - [2011/01/30 11:19:32 | 000,086,016 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand] -- K:\Windows\System32\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV:64bit: - [2010/11/20 22:24:43 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- K:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010/11/20 22:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- K:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 22:23:48 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- K:\Windows\System32\drivers\tsusbhub.sys -- (tsusbhub)
DRV:64bit: - [2010/11/20 22:23:48 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- K:\Windows\System32\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:64bit: - [2010/11/20 22:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- K:\Windows\system32\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010/11/20 22:23:48 | 000,034,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- K:\Windows\system32\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2010/11/20 22:23:48 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- K:\Windows\System32\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2010/11/20 22:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- K:\Windows\system32\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/10/21 19:00:00 | 000,460,800 | ---- | M] (AVM GmbH) [Kernel | On_Demand] -- K:\Windows\System32\drivers\fwlanusb.sys -- (FWLANUSB)
DRV:64bit: - [2010/10/21 19:00:00 | 000,014,120 | ---- | M] (AVM Berlin) [Kernel | On_Demand] -- K:\Windows\System32\drivers\avmeject.sys -- (avmeject)
DRV:64bit: - [2010/03/01 10:15:50 | 000,287,240 | ---- | M] (Avid Technology, Inc.) [Kernel | On_Demand] -- K:\Windows\System32\drivers\MAudioProFire.sys -- (MAFWPROFIRE)
DRV:64bit: - [2010/02/22 03:09:10 | 000,011,776 | ---- | M] (MBB Incorporated) [Kernel | On_Demand] -- K:\Windows\System32\drivers\massfilter.sys -- (massfilter)
DRV:64bit: - [2009/06/10 15:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand] -- K:\Windows\System32\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 15:35:02 | 000,281,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- K:\Windows\System32\drivers\e1y60x64.sys -- (e1yexpress) Intel(R)
DRV:64bit: - [2009/06/10 15:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- K:\Windows\system32\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 15:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- K:\Windows\system32\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 15:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- K:\Windows\System32\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2008/04/10 03:20:00 | 000,028,160 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand] -- K:\Windows\System32\drivers\gwfilt64.sys -- (gwfilt64)
DRV:64bit: - [2005/09/23 16:18:34 | 000,261,120 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand] -- K:\Windows\System32\drivers\MarvinBus64.sys -- (MarvinBus)
DRV - [2010/01/29 05:40:16 | 000,115,600 | ---- | M] (EZB Systems, Inc.) [File_System | System] -- K:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys -- (ISODrive)
========== Standard Registry (All) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\LocalService_ON_K\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - K:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKU\NetworkService_ON_K\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - K:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKU\vimotrade_ON_K\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKU\vimotrade_ON_K\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKU\vimotrade_ON_K\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/
IE - HKU\vimotrade_ON_K\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\vimotrade_ON_K\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\vimotrade_ON_K\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = F3 8B 1C 4B B5 71 CD 01 [binary data]
IE - HKU\vimotrade_ON_K\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com
IE - HKU\vimotrade_ON_K\Software\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com
IE - HKU\vimotrade_ON_K\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - K:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKU\vimotrade_ON_K\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\vimotrade_ON_K\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = localhost
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: K:\Windows\System32\Macromed\Flash\NPSWF64_11_8_800_168.dll ()
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: K:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer: K:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin: K:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: K:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: K:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: K:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: K:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@nitropdf.com/NitroPDF: K:\Program Files (x86)\Nitro PDF\Professional 7\npnitromozilla.dll ( )
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision: K:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming: K:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: K:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Media Software and Services Inc)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3: K:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9: K:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.3: K:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/12/26 14:12:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
[2013/12/26 14:12:38 | 000,000,000 | ---D | M] (No name found) -- K:\Program Files (x86)\Mozilla Firefox\extensions
[2013/12/26 14:12:38 | 000,000,000 | ---D | M] (Default) -- K:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/12/26 14:12:38 | 000,000,000 | ---D | M] (A1 Servicecenter) -- K:\Program Files (x86)\Mozilla Firefox\extensions\{B0BBFC8E-6697-4D2B-8FC4-B5AD9B3B1F11}
[2013/12/26 14:12:38 | 000,000,000 | ---D | M] (Java Console) -- K:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2013/12/26 14:12:38 | 000,000,000 | ---D | M] (No name found) -- K:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/12/26 14:12:41 | 000,000,000 | ---D | M] (Default) -- K:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
O1 HOSTS File: ([2013/11/28 08:24:41 | 000,005,910 | ---- | M]) - K:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 92.241.168.10 sendblaster.com
O1 - Hosts: 92.241.168.10 www.sendblaster.com
O1 - Hosts: 127.0.0.1 traffictravis.com
O1 - Hosts: 127.0.0.1 www.traffictravis.com
O1 - Hosts: 127.0.0.1 link-assistant.com
O1 - Hosts: 127.0.0.1 www.link-assistant.com
O1 - Hosts: 216.172.180.18 www.pinranker.com
O1 - Hosts: 216.172.180.18 pinranker.com
O1 - Hosts: 174.120.130.173 proxy.jrimsoftware.com
O1 - Hosts: 127.0.0.1 axandra.com
O1 - Hosts: 127.0.0.1 www.axandra.com
O1 - Hosts: 127.0.0.1 keywordindex.com
O1 - Hosts: 127.0.0.1 www.keywordindex.com
O1 - Hosts: 127.0.0.1 updates.senuke.com
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 192.150.14.69
O1 - Hosts: 127.0.0.1 192.150.18.101
O1 - Hosts: 127.0.0.1 192.150.18.108
O1 - Hosts: 127.0.0.1 192.150.22.40
O1 - Hosts: 127.0.0.1 192.150.8.100
O1 - Hosts: 127.0.0.1 192.150.8.118
O1 - Hosts: 127.0.0.1 209-34-83-73.ood.opsource.net
O1 - Hosts: 127.0.0.1 3dns-1.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 62 more lines...
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - K:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - K:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - K:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - K:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3 - HKU\vimotrade_ON_K\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No CLSID value found.
O4:64bit: - HKLM..\Run: [Acronis Scheduler2 Service] K:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] K:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [itype] K:\Program Files\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [NvBackend] K:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [Nvtmru] K:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] K:\Windows\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [ShadowPlay] K:\Windows\System32\nvspcap64.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [Skytel] File not found
O4 - HKLM..\Run: [A1Diagnose] K:\Program Files (x86)\A1\A1 Diagnose\A1Diagnose.exe (mquadr.at software engineering and consulting GmbH, web: www.mquadr.at, mail: office@mquadr.at)
O4 - HKLM..\Run: [AdobeCS6ServiceManager] K:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] K:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVMWlanClient] K:\Program Files (x86)\avmwlanstick\WLanGUI.exe (AVM Berlin)
O4 - HKLM..\Run: [BCSSync] K:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [LiveZilla] K:\Program Files (x86)\LiveZilla\LiveZilla.exe (LiveZilla GmbH)
O4 - HKLM..\Run: [LWS] K:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [MailListController] K:\Program Files (x86)\Arclab\MailList Controller\amlcSCT.exe (Arclab Software GbR)
O4 - HKLM..\Run: [M-Audio Taskbar Icon] K:\Windows\SysWOW64\MAFWDITray.exe (Avid Technology, Inc.)
O4 - HKLM..\Run: [PowerSEORanker] K:\Program Files (x86)\Power SEO Ranker\PowerSEORanker.exe (Evergreen Internet Marketers)
O4 - HKLM..\Run: [QuickTime Task] K:\Program Files (x86)\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [SAOB Monitor] K:\Program Files (x86)\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe (Acronis)
O4 - HKLM..\Run: [SunJavaUpdateSched] K:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Oracle Corporation)
O4 - HKLM..\Run: [SwitchBoard] K:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [TrueImageMonitor.exe] K:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
O4 - HKLM..\Run: [vmware-tray] K:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe (VMware, Inc.)
O4 - HKU\LocalService_ON_K..\Run: [Sidebar] K:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\NetworkService_ON_K..\Run: [Sidebar] K:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\vimotrade_ON_K..\Run: [DAEMON Tools Lite] K:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\vimotrade_ON_K..\Run: [Google Update] K:\Users\vimotrade\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
O4 - HKU\vimotrade_ON_K..\Run: [SandboxieControl] K:\Program Files\Sandboxie\SbieCtrl.exe (Sandboxie Holdings, LLC)
O4 - HKU\vimotrade_ON_K..\Run: [Skype] K:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)
O4 - HKU\LocalService_ON_K..\RunOnce: [mctadmin] File not found
O4 - HKU\NetworkService_ON_K..\RunOnce: [mctadmin] File not found
O4 - Startup: Error locating startup folders.
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O7 - HKU\vimotrade_ON_K\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O9:64bit: - Extra Button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - K:\Program Files\Bonjour\ExplorerPlugin.dll (Apple Inc.)
O9 - Extra Button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - K:\Program Files (x86)\WinHTTrack\WinHTTrackIEBar.dll ()
O9 - Extra 'Tools' menuitem : Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - K:\Program Files (x86)\WinHTTrack\WinHTTrackIEBar.dll ()
O9 - Extra Button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - K:\Program Files (x86)\Bonjour\ExplorerPlugin.dll (Apple Inc.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - K:\Windows\System32\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - K:\Windows\System32\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - K:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - K:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - K:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - K:\Windows\System32\winrnr.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000001 - K:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000002 - K:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000003 - K:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000004 - K:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000005 - K:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000006 - K:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000007 - K:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000008 - K:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000009 - K:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000010 - K:\Windows\System32\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000011 - K:\Windows\System32\vsocklib.dll (VMware, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000012 - K:\Windows\System32\vsocklib.dll (VMware, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - K:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - K:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - K:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - K:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - K:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - K:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - K:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - K:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - K:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - K:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - K:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - K:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - K:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - K:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - K:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - K:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - K:\Windows\SysWOW64\vsocklib.dll (VMware, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - K:\Windows\SysWOW64\vsocklib.dll (VMware, Inc.)
O13:64bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15:64bit: - vimotrade_ON_K\..Trusted Domains: blank ([]about in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 10.45.2)
O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 10.45.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - K:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - K:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - K:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - K:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - K:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - K:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - K:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - K:\Windows\System32\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - K:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - K:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - K:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - K:\Windows\System32\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - K:\Windows\System32\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - K:\Windows\System32\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - K:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - K:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - K:\Windows\System32\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - K:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - K:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - K:\Windows\System32\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - K:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - K:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - K:\Windows\System32\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - K:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - K:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - K:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - K:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKU\vimotrade_ON_K Winlogon: Shell - (C:\Users\vimotrade\AppData\Roaming\loadit.exe) - K:\Users\vimotrade\AppData\Roaming\loadit.exe ()
O20 - HKU\vimotrade_ON_K Winlogon: UserInit - (C:\Users\vimotrade\AppData\Roaming\loadit.exe) - K:\Users\vimotrade\AppData\Roaming\loadit.exe ()
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - K:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - K:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O30:64bit: - LSA: Authentication Packages - (msv1_0) - K:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - K:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (kerberos) - K:\Windows\System32\kerberos.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (msv1_0) - K:\Windows\System32\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (schannel) - K:\Windows\System32\schannel.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (wdigest) - K:\Windows\System32\wdigest.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (tspkg) - K:\Windows\System32\tspkg.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (pku2u) - K:\Windows\System32\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - K:\Windows\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - K:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - K:\Windows\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - K:\Windows\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - K:\Windows\SysWow64\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - K:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012/11/01 11:17:03 | 000,000,000 | ---D | M] - F:\Autoblogger -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
64bit: O35 - HKLM\..comfile [open] -- "%1" %* File not found
64bit: O35 - HKLM\..exefile [open] -- "%1" %* File not found
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2014/01/09 13:28:41 | 000,000,000 | ---D | C] -- K:\HP MyLensi ++++++++++++++++++
[2014/01/09 13:03:04 | 000,000,000 | ---D | C] -- K:\HP linsen4you.eu - Gaschler +++++++++++++
[2014/01/08 16:24:42 | 000,000,000 | ---D | C] -- K:\HP Hüttenwoche
[2014/01/08 11:59:18 | 000,000,000 | ---D | C] -- K:\Users\vimotrade\AppData\Local\NVIDIA Corporation
[2014/01/08 11:58:23 | 001,100,248 | ---- | C] (NVIDIA Corporation) -- K:\Windows\System32\nvspcap64.dll
[2014/01/08 11:58:23 | 000,982,232 | ---- | C] (NVIDIA Corporation) -- K:\Windows\SysWow64\nvspcap.dll
[2014/01/08 11:57:10 | 000,039,200 | ---- | C] (NVIDIA Corporation) -- K:\Windows\System32\drivers\nvvad64v.sys
[2014/01/08 11:57:10 | 000,032,544 | ---- | C] (NVIDIA Corporation) -- K:\Windows\SysWow64\nvaudcap32v.dll
[2014/01/07 10:52:00 | 000,000,000 | ---D | C] -- K:\PSS Schorr
[2014/01/07 06:41:15 | 000,000,000 | ---D | C] -- K:\Starlight
[2014/01/02 03:30:35 | 000,000,000 | ---D | C] -- K:\Liefer
[2013/12/31 08:09:03 | 000,000,000 | ---D | C] -- K:\Guten Rutsch
[2013/12/31 07:25:12 | 000,000,000 | ---D | C] -- K:\Users\vimotrade\AppData\Local\JTL-Software-GmbH
[2013/12/31 07:22:37 | 000,000,000 | ---D | C] -- K:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2005
[2013/12/31 07:20:22 | 000,000,000 | ---D | C] -- K:\Program Files\Microsoft SQL Server
[2013/12/31 07:20:19 | 000,000,000 | ---D | C] -- K:\Program Files (x86)\Microsoft SQL Server
[2013/12/31 06:17:56 | 000,000,000 | ---D | C] -- K:\Users\vimotrade\AppData\Roaming\jtl-software
[2013/12/31 06:17:46 | 000,000,000 | ---D | C] -- K:\ProgramData\JTL-Software
[2013/12/30 09:38:24 | 000,000,000 | ---D | C] -- K:\HP Kontaktlinsenhit WAWI Connector
[2013/12/30 03:30:43 | 000,000,000 | ---D | C] -- K:\Users\vimotrade\AppData\Roaming\Stepok Softwares
[2013/12/30 03:30:43 | 000,000,000 | ---D | C] -- K:\Users\vimotrade\AppData\Roaming\Light Developer
[2013/12/30 03:29:53 | 000,000,000 | ---D | C] -- K:\Program Files\Recomposit pro
[2013/12/26 14:12:38 | 000,000,000 | ---D | C] -- K:\Program Files (x86)\Mozilla Firefox
[2013/12/26 04:31:45 | 000,000,000 | ---D | C] -- K:\ProgramData\Oracle
[2013/12/26 04:31:42 | 000,000,000 | ---D | C] -- K:\Program Files (x86)\Common Files\Java
[2013/12/26 04:31:33 | 000,264,616 | ---- | C] (Oracle Corporation) -- K:\Windows\SysWow64\javaws.exe
[2013/12/26 04:31:25 | 000,096,168 | ---- | C] (Oracle Corporation) -- K:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013/12/26 04:31:25 | 000,000,000 | ---D | C] -- K:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2013/12/23 02:58:16 | 000,000,000 | -HSD | C] -- K:\$RECYCLE.BIN
[2013/12/20 10:10:37 | 000,000,000 | ---D | C] -- K:\HP MyLensi
[2013/12/19 03:42:28 | 000,000,000 | ---D | C] -- K:\Projekt SParpreis Verkauf
[2013/12/18 15:33:48 | 000,000,000 | ---D | C] -- K:\Künstler
[2013/12/17 05:51:19 | 000,000,000 | ---D | C] -- K:\Krausse Artikel Export
[2013/12/17 05:18:50 | 000,000,000 | ---D | C] -- K:\Data
[2013/12/17 05:13:47 | 000,000,000 | ---D | C] -- K:\Program Files (x86)\WebExtractor
[2013/12/17 05:13:47 | 000,000,000 | ---D | C] -- K:\ProgramData\Microsoft\Windows\Start Menu\Programs\Web Data Extractor
[2013/12/16 05:12:09 | 000,000,000 | ---D | C] -- K:\Users\vimotrade\Documents\Downloads
[2013/12/14 07:05:20 | 000,000,000 | ---D | C] -- K:\Users\vimotrade\AppData\Roaming\seolize
[2013/12/13 07:36:23 | 000,000,000 | ---D | C] -- K:\MediaWebline
[2013/12/12 01:17:11 | 000,000,000 | ---D | C] -- K:\HP Kontaktlinsen Point +++++++++++++++
[2013/10/29 01:42:10 | 000,148,736 | ---- | C] (Avanquest Software) -- K:\ProgramData\hpe37E3.dll
========== Files - Modified Within 30 Days ==========
[2014/01/10 04:50:17 | 000,067,584 | --S- | M] () -- K:\Windows\bootstat.dat
[2014/01/10 04:49:48 | 000,001,112 | ---- | M] () -- K:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/01/10 04:49:14 | 1066,799,102 | -HS- | M] () -- K:\hiberfil.sys
[2014/01/10 04:04:00 | 000,001,116 | ---- | M] () -- K:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/01/10 03:52:06 | 000,021,072 | -H-- | M] () -- K:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/01/10 03:52:06 | 000,021,072 | -H-- | M] () -- K:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/01/10 03:23:24 | 000,000,726 | ---- | M] () -- K:\Users\vimotrade\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ja.lnk
[2014/01/10 03:23:23 | 000,595,974 | ---- | M] () -- K:\Users\vimotrade\AppData\Roaming\loadit.exe
[2014/01/10 03:18:00 | 000,001,136 | ---- | M] () -- K:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3724905170-3129830433-3163351004-1000UA.job
[2014/01/09 13:40:54 | 000,001,456 | ---- | M] () -- K:\Users\vimotrade\AppData\Local\Adobe Für Web speichern 13.0 Prefs
[2014/01/09 04:53:50 | 000,000,903 | ---- | M] () -- K:\Users\vimotrade\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutoStarter.lnk
[2014/01/08 21:18:00 | 000,001,084 | ---- | M] () -- K:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3724905170-3129830433-3163351004-1000Core.job
[2014/01/07 20:43:38 | 000,002,384 | ---- | M] () -- K:\Users\vimotrade\Desktop\Google Chrome.lnk
[2014/01/07 15:47:02 | 000,760,296 | ---- | M] () -- K:\Windows\System32\perfh007.dat
[2014/01/07 15:47:02 | 000,705,112 | ---- | M] () -- K:\Windows\System32\perfh009.dat
[2014/01/07 15:47:02 | 000,174,768 | ---- | M] () -- K:\Windows\System32\perfc007.dat
[2014/01/07 15:47:02 | 000,141,548 | ---- | M] () -- K:\Windows\System32\perfc009.dat
[2014/01/06 11:38:37 | 000,001,754 | ---- | M] () -- K:\Windows\Sandboxie.ini
[2013/12/31 07:22:37 | 001,658,746 | ---- | M] () -- K:\Windows\SysWow64\PerfStringBackup.INI
[2013/12/31 07:22:37 | 000,000,000 | ---D | M] -- K:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2005
[2013/12/30 12:28:12 | 000,000,000 | ---D | M] -- K:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVS4YOU
[2013/12/30 12:27:49 | 000,001,241 | ---- | M] () -- K:\Users\vimotrade\Desktop\AVS Video Converter.lnk
[2013/12/26 04:31:25 | 000,000,000 | ---D | M] -- K:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2013/12/26 04:31:19 | 000,096,168 | ---- | M] (Oracle Corporation) -- K:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013/12/26 04:31:18 | 000,264,616 | ---- | M] (Oracle Corporation) -- K:\Windows\SysWow64\javaws.exe
[2013/12/26 04:31:18 | 000,175,016 | ---- | M] (Oracle Corporation) -- K:\Windows\SysWow64\javaw.exe
[2013/12/26 04:31:18 | 000,174,504 | ---- | M] (Oracle Corporation) -- K:\Windows\SysWow64\java.exe
[2013/12/23 03:07:23 | 000,000,220 | ---- | M] () -- K:\Users\vimotrade\Desktop\U1Tirol64.wax
[2013/12/22 13:13:20 | 000,001,053 | ---- | M] () -- K:\Users\vimotrade\Desktop\Rapid SEO Tool.lnk
[2013/12/22 13:13:20 | 000,000,000 | ---D | M] -- K:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rapid SEO Tool
[2013/12/17 05:13:47 | 000,001,059 | ---- | M] () -- K:\Users\vimotrade\Desktop\Web Data Extractor.lnk
[2013/12/17 05:13:47 | 000,000,000 | ---D | M] -- K:\ProgramData\Microsoft\Windows\Start Menu\Programs\Web Data Extractor
[2013/12/17 04:55:03 | 000,225,908 | -H-- | M] () -- K:\Windows\SysWow64\mlfcache.dat
[2013/12/17 04:54:58 | 000,000,828 | ---- | M] () -- K:\Users\vimotrade\Desktop\LongTailPro.lnk
[2013/12/16 21:07:04 | 000,002,042 | ---- | M] () -- K:\Users\Public\Desktop\Google Slides.lnk
[2013/12/16 21:07:04 | 000,002,040 | ---- | M] () -- K:\Users\Public\Desktop\Google Sheets.lnk
[2013/12/16 21:07:04 | 000,002,030 | ---- | M] () -- K:\Users\Public\Desktop\Google Docs.lnk
[2013/12/16 21:07:04 | 000,000,000 | ---D | M] -- K:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
[2013/12/16 13:00:18 | 000,000,600 | ---- | M] () -- K:\Users\vimotrade\AppData\Local\PUTTY.RND
[2013/12/14 07:05:07 | 000,002,659 | ---- | M] () -- K:\Users\Public\Desktop\Seolize.lnk
========== Files Created - No Company Name ==========
[2014/01/10 03:23:24 | 000,000,726 | ---- | C] () -- K:\Users\vimotrade\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ja.lnk
[2014/01/10 03:23:23 | 000,595,974 | ---- | C] () -- K:\Users\vimotrade\AppData\Roaming\loadit.exe
[2014/01/09 04:53:50 | 000,000,903 | ---- | C] () -- K:\Users\vimotrade\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutoStarter.lnk
[2013/12/30 12:27:49 | 000,001,241 | ---- | C] () -- K:\Users\vimotrade\Desktop\AVS Video Converter.lnk
[2013/12/23 03:07:23 | 000,000,220 | ---- | C] () -- K:\Users\vimotrade\Desktop\U1Tirol64.wax
[2013/12/17 05:13:47 | 000,001,059 | ---- | C] () -- K:\Users\vimotrade\Desktop\Web Data Extractor.lnk
[2013/12/17 04:55:03 | 000,225,908 | -H-- | C] () -- K:\Windows\SysWow64\mlfcache.dat
[2013/12/14 07:05:07 | 000,002,659 | ---- | C] () -- K:\Users\Public\Desktop\Seolize.lnk
[2013/11/20 13:24:44 | 000,001,754 | ---- | C] () -- K:\Windows\Sandboxie.ini
[2013/10/16 09:28:11 | 000,000,132 | ---- | C] () -- K:\Users\vimotrade\AppData\Roaming\Adobe CS6-BMP-Format - Voreinstellungen
[2013/06/20 06:24:09 | 000,000,132 | ---- | C] () -- K:\Users\vimotrade\AppData\Roaming\Adobe CS6-GIF-Format - Voreinstellungen
[2013/06/12 05:56:36 | 000,511,488 | ---- | C] () -- K:\Windows\SysWow64\lame_enc.dll
[2013/06/12 05:56:36 | 000,110,080 | ---- | C] () -- K:\Windows\SysWow64\advd.dll
[2013/06/12 05:56:36 | 000,023,040 | ---- | C] () -- K:\Windows\SysWow64\auth.dll
[2013/05/11 12:36:45 | 000,993,792 | ---- | C] () -- K:\ProgramData\MSRecovery.exe
[2013/05/11 12:36:45 | 000,000,691 | ---- | C] () -- K:\ProgramData\settings.ini
[2013/05/04 11:35:53 | 000,000,105 | ---- | C] () -- K:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2013/04/19 00:16:05 | 000,002,892 | ---- | C] () -- K:\Windows\SysWow64\audcon.sys
[2013/04/19 00:15:22 | 000,086,016 | ---- | C] () -- K:\Windows\SysWow64\SYNSOPOS.exe
[2013/04/19 00:15:22 | 000,000,051 | ---- | C] () -- K:\Windows\SysWow64\SYNSOPOS.exe.cfg
[2013/03/23 06:38:06 | 000,000,998 | ---- | C] () -- K:\Program Files (x86)\Backlink Skyrocket.lnk
[2013/03/23 06:38:06 | 000,000,953 | ---- | C] () -- K:\Program Files (x86)\Update Skyrocket.lnk
[2013/03/19 16:11:44 | 000,000,176 | ---- | C] () -- K:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
[2013/03/01 14:40:58 | 000,058,880 | ---- | C] () -- K:\Windows\SysWow64\dbrename7.exe
[2013/02/28 03:47:16 | 000,000,173 | ---- | C] () -- K:\Windows\ODBC.INI
[2013/02/28 03:44:32 | 000,000,263 | ---- | C] () -- K:\Windows\ODBCINST.INI
[2013/02/19 12:28:28 | 000,870,685 | ---- | C] () -- K:\Windows\PlagiarismFinder 2.0 Uninstaller.exe
[2013/01/16 02:02:20 | 000,000,600 | ---- | C] () -- K:\Users\vimotrade\AppData\Local\PUTTY.RND
[2012/12/06 16:13:39 | 000,000,341 | ---- | C] () -- K:\Windows\SysWow64\pmk4c4h.dll
[2012/11/28 14:15:17 | 000,195,764 | ---- | C] () -- K:\Windows\Submitter Uninstaller.exe
[2012/11/28 13:00:26 | 000,000,000 | ---- | C] () -- K:\Users\vimotrade\AppData\Roaming\Sick Marketingdirectory_pmutrial.pmu
[2012/11/25 13:47:18 | 000,000,132 | ---- | C] () -- K:\Users\vimotrade\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen
[2012/11/15 15:32:24 | 000,004,608 | ---- | C] () -- K:\Users\vimotrade\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/11/13 06:44:01 | 000,005,078 | ---- | C] () -- K:\ProgramData\zjyopzph.wxh
[2012/09/21 14:08:36 | 010,919,784 | ---- | C] () -- K:\Windows\SysWow64\LogiDPP.dll
[2012/09/21 14:08:36 | 000,338,136 | ---- | C] () -- K:\Windows\SysWow64\DevManagerCore.dll
[2012/09/21 14:08:36 | 000,103,272 | ---- | C] () -- K:\Windows\SysWow64\LogiDPPApp.exe
[2012/08/06 16:04:31 | 000,073,728 | ---- | C] () -- K:\Windows\SysWow64\GkSui18.EXE
[2012/08/06 15:47:40 | 001,658,746 | ---- | C] () -- K:\Windows\SysWow64\PerfStringBackup.INI
[2012/08/05 07:53:29 | 000,001,394 | ---- | C] () -- K:\Users\vimotrade\AppData\Roaming\SAS7_000.DAT
[2012/08/05 05:04:57 | 000,001,456 | ---- | C] () -- K:\Users\vimotrade\AppData\Local\Adobe Für Web speichern 13.0 Prefs
[2012/08/05 02:12:50 | 000,010,921 | ---- | C] () -- K:\Users\vimotrade\AppData\Roaming\SmarThruOptions.xml
[2012/08/05 02:12:40 | 000,036,864 | ---- | C] () -- K:\Windows\SysWow64\SvcMan.exe
[2012/08/05 02:12:34 | 000,172,032 | ---- | C] () -- K:\Windows\SysWow64\SecSNMP.dll
[2012/08/05 02:11:21 | 000,113,768 | ---- | C] () -- K:\Windows\Wiainst.exe
[2010/11/20 22:24:49 | 000,252,928 | ---- | C] () -- K:\Windows\SysWow64\DShowRdpFilter.dll
[2010/11/20 22:24:15 | 000,001,024 | ---- | C] () -- K:\Windows\SysWow64\j77twfo.dll
[2010/11/20 22:24:15 | 000,001,024 | ---- | C] () -- K:\Windows\SysWow64\grcauth2.dll
[2010/11/20 22:24:15 | 000,001,024 | ---- | C] () -- K:\Windows\SysWow64\grcauth1.dll
[2010/11/20 22:24:15 | 000,001,024 | ---- | C] () -- K:\Windows\SysWow64\clauth2.dll
[2010/11/20 22:24:15 | 000,001,024 | ---- | C] () -- K:\Windows\SysWow64\clauth1.dll
[2010/11/20 22:24:15 | 000,000,100 | ---- | C] () -- K:\Windows\SysWow64\prsgrc.dll
[2010/11/20 22:24:15 | 000,000,072 | ---- | C] () -- K:\Windows\SysWow64\ssprs.dll
[2010/11/20 22:24:15 | 000,000,016 | -H-- | C] () -- K:\Windows\SysWow64\v16qi5y.dll
[2010/06/25 12:03:12 | 000,053,299 | ---- | C] () -- K:\Windows\SysWow64\pthreadVC.dll
[2010/06/08 08:19:24 | 000,692,224 | ---- | C] () -- K:\Windows\SysWow64\libeay32.dll
[2010/06/08 08:19:24 | 000,151,552 | ---- | C] () -- K:\Windows\SysWow64\ssleay32.dll
[2010/03/01 10:16:00 | 001,305,608 | ---- | C] () -- K:\Windows\SysWow64\M-AudioProFireControlPanel.exe
[2009/07/14 00:38:36 | 000,067,584 | --S- | C] () -- K:\Windows\bootstat.dat
[2009/07/13 21:35:51 | 000,000,741 | ---- | C] () -- K:\Windows\SysWow64\NOISE.DAT
[2009/07/13 21:34:42 | 000,215,943 | ---- | C] () -- K:\Windows\SysWow64\dssec.dat
[2009/07/13 19:10:29 | 000,043,131 | ---- | C] () -- K:\Windows\mib.bin
[2009/07/13 18:42:10 | 000,064,000 | ---- | C] () -- K:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 17:25:04 | 000,197,632 | ---- | C] () -- K:\Windows\SysWow64\ir32_32.dll
[2009/07/13 16:03:59 | 000,364,544 | ---- | C] () -- K:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 16:26:10 | 000,673,088 | ---- | C] () -- K:\Windows\SysWow64\mlang.dat
[2004/11/18 04:16:42 | 000,069,632 | ---- | C] () -- K:\Windows\SysWow64\nktwab.dll
[1996/08/21 20:07:02 | 000,000,320 | ---- | C] () -- K:\Windows\TBINSDT.DAT
========== LOP Check ==========
[2013/05/15 07:12:10 | 000,000,000 | ---D | M] -- K:\ProgramData\A-PDF
[2012/08/06 03:32:16 | 000,000,000 | ---D | M] -- K:\ProgramData\Acronis
[2012/08/03 14:56:18 | 000,000,000 | -HSD | M] -- K:\ProgramData\Anwendungsdaten
[2009/07/14 00:08:56 | 000,000,000 | -HSD | M] -- K:\ProgramData\Application Data
[2013/07/02 09:12:11 | 000,000,000 | ---D | M] -- K:\ProgramData\AutoHideIP
[2013/04/02 02:40:35 | 000,000,000 | ---D | M] -- K:\ProgramData\Automatebook
[2012/11/15 14:56:20 | 000,000,000 | ---D | M] -- K:\ProgramData\Avid
[2012/11/07 13:57:55 | 000,000,000 | ---D | M] -- K:\ProgramData\Azureus
[2013/11/11 03:10:39 | 000,000,000 | ---D | M] -- K:\ProgramData\BetterSoft
[2013/02/28 13:22:32 | 000,000,000 | ---D | M] -- K:\ProgramData\BewerbungsMaster
[2013/03/27 14:01:43 | 000,000,000 | ---D | M] -- K:\ProgramData\Blumentals
[2013/11/01 07:34:38 | 000,000,000 | ---D | M] -- K:\ProgramData\boost_interprocess
[2013/10/29 01:49:15 | 000,000,000 | ---D | M] -- K:\ProgramData\BVRP Software
[2013/09/03 13:27:57 | 000,000,000 | -H-D | M] -- K:\ProgramData\CanonBJ
[2013/12/09 15:50:46 | 000,000,000 | ---D | M] -- K:\ProgramData\Conduit
[2013/02/15 08:05:52 | 000,000,000 | ---D | M] -- K:\ProgramData\DAEMON Tools Lite
[2009/07/14 00:08:56 | 000,000,000 | -HSD | M] -- K:\ProgramData\Desktop
[2012/08/06 15:33:12 | 000,000,000 | ---D | M] -- K:\ProgramData\DLA
[2012/08/06 04:02:49 | 000,000,000 | ---D | M] -- K:\ProgramData\DLA Storage
[2009/07/14 00:08:56 | 000,000,000 | -HSD | M] -- K:\ProgramData\Documents
[2012/08/03 14:56:18 | 000,000,000 | -HSD | M] -- K:\ProgramData\Dokumente
[2013/05/09 08:24:38 | 000,000,000 | ---D | M] -- K:\ProgramData\eLicenser
[2012/08/03 14:56:18 | 000,000,000 | -HSD | M] -- K:\ProgramData\Favoriten
[2009/07/14 00:08:56 | 000,000,000 | -HSD | M] -- K:\ProgramData\Favorites
[2013/06/26 16:17:20 | 000,000,000 | ---D | M] -- K:\ProgramData\firebird
[2013/07/24 09:47:12 | 000,000,000 | ---D | M] -- K:\ProgramData\flipBook
[2013/02/20 12:04:36 | 000,000,000 | ---D | M] -- K:\ProgramData\FlipBuilder.com
[2013/07/02 08:40:51 | 000,000,000 | ---D | M] -- K:\ProgramData\FreeHideIP
[2013/09/02 09:07:38 | 000,000,000 | ---D | M] -- K:\ProgramData\InstallMate
[2012/08/05 02:33:39 | 000,000,000 | ---D | M] -- K:\ProgramData\ISDNWatch
[2013/12/31 06:17:46 | 000,000,000 | ---D | M] -- K:\ProgramData\JTL-Software
[2012/08/09 06:20:19 | 000,000,000 | ---D | M] -- K:\ProgramData\komBAS
[2013/01/23 15:19:07 | 000,000,000 | ---D | M] -- K:\ProgramData\m2backup
[2013/05/11 12:43:45 | 000,000,000 | ---D | M] -- K:\ProgramData\Magic Submitter
[2013/02/15 08:05:38 | 000,000,000 | ---D | M] -- K:\ProgramData\mquadr.at
[2012/11/07 19:41:58 | 000,000,000 | ---D | M] -- K:\ProgramData\MusicLab
[2013/02/28 05:25:15 | 000,000,000 | ---D | M] -- K:\ProgramData\MySQL
[2012/11/07 15:45:06 | 000,000,000 | ---D | M] -- K:\ProgramData\Native Instruments
[2012/08/06 03:32:53 | 000,000,000 | ---D | M] -- K:\ProgramData\Nitro PDF
[2012/08/05 06:16:59 | 000,000,000 | ---D | M] -- K:\ProgramData\Nuance
[2012/11/13 16:58:12 | 000,000,000 | ---D | M] -- K:\ProgramData\onOne Software
[2013/12/26 04:31:46 | 000,000,000 | ---D | M] -- K:\ProgramData\Oracle
[2012/11/13 09:51:12 | 000,000,000 | ---D | M] -- K:\ProgramData\PACE Anti-Piracy
[2012/11/15 14:51:47 | 000,000,000 | ---D | M] -- K:\ProgramData\PCTV Systems
[2012/11/15 14:58:55 | 000,000,000 | ---D | M] -- K:\ProgramData\Pinnacle
[2013/02/19 12:29:58 | 000,000,000 | ---D | M] -- K:\ProgramData\PlagiarismFinder
[2012/12/08 07:00:07 | 000,000,000 | ---D | M] -- K:\ProgramData\Proxy Multiply
[2012/08/03 15:55:19 | 000,000,000 | ---D | M] -- K:\ProgramData\regid.1986-12.com.adobe
[2013/03/23 05:18:53 | 000,000,000 | ---D | M] -- K:\ProgramData\SoftSafe
[2013/07/08 14:04:52 | 000,000,000 | ---D | M] -- K:\ProgramData\StarApp
[2009/07/14 00:08:56 | 000,000,000 | -HSD | M] -- K:\ProgramData\Start Menu
[2012/08/03 14:56:18 | 000,000,000 | -HSD | M] -- K:\ProgramData\Startmenü
[2012/11/07 11:58:14 | 000,000,000 | ---D | M] -- K:\ProgramData\Steinberg
[2013/09/02 09:07:37 | 000,000,000 | ---D | M] -- K:\ProgramData\SummerSoft
[2013/04/19 00:16:05 | 000,000,000 | ---D | M] -- K:\ProgramData\Syncrosoft
[2013/12/13 06:28:17 | 000,000,000 | ---D | M] -- K:\ProgramData\TEMP
[2009/07/14 00:08:56 | 000,000,000 | -HSD | M] -- K:\ProgramData\Templates
[2013/06/14 08:30:46 | 000,000,000 | ---D | M] -- K:\ProgramData\Tiffen
[2012/11/08 05:16:52 | 000,000,000 | ---D | M] -- K:\ProgramData\Toontrack
[2012/08/03 21:04:04 | 000,000,000 | ---D | M] -- K:\ProgramData\Ulead Systems
[2012/11/14 13:21:37 | 000,000,000 | ---D | M] -- K:\ProgramData\VertusTech
[2012/08/03 14:56:18 | 000,000,000 | -HSD | M] -- K:\ProgramData\Vorlagen
[2012/11/07 12:11:06 | 000,000,000 | ---D | M] -- K:\ProgramData\VST3 Presets
[2012/11/13 08:24:39 | 000,000,000 | ---D | M] -- K:\ProgramData\XDMessaging
[2013/06/20 03:12:43 | 000,000,000 | -H-D | M] -- K:\ProgramData\{36DD3794-83B4-46E3-B416-8090CB052042}
[2013/11/01 09:16:07 | 000,000,000 | -H-D | M] -- K:\ProgramData\{78F6A1FC-ADDE-4028-A231-7B924CE455BD}
[2008/01/01 06:35:17 | 000,000,000 | -H-D | M] -- K:\ProgramData\{7DC6FEB5-CDCF-4348-BDA7-46EEE9021D96}
[2013/11/01 09:14:33 | 000,000,000 | -H-D | M] -- K:\ProgramData\{95B4F0ED-951F-4D36-B068-5EC1C4C19C14}
[2013/01/28 18:36:45 | 000,000,000 | -H-D | M] -- K:\ProgramData\{9CEF107B-86D1-4332-AE74-7FDEA6296A94}
[2014/01/10 03:30:52 | 000,032,632 | ---- | M] () -- K:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 320 bytes -> K:\Windows:nlsPreferences
@Alternate Data Stream - 167 bytes -> K:\ProgramData\TEMP:9FA5EC55
@Alternate Data Stream - 125 bytes -> K:\ProgramData\TEMP:0FF263E8
@Alternate Data Stream - 1010 bytes -> K:\Users\vimotrade\AppData\Local\Temp:TcQTRAFpgOjy6XStXpOYGYx
< End of report >
Extras.exe Code:
ATTFilter OTL Extras logfile created on: 1/10/2014 11:21:33 AM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
64bit-Windows 7 Ultimate Service Pack 1 (Version = 6.1.7601) - Type = System
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 89.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = K: | %SystemRoot% = K:\Windows | %ProgramFiles% = K:\Program Files (x86)
Drive C: | 229.27 Gb Total Space | 48.09 Gb Free Space | 20.97% Space Free | Partition Type: NTFS
Drive D: | 931.28 Gb Total Space | 774.30 Gb Free Space | 83.14% Space Free | Partition Type: FAT32
Drive E: | 931.51 Gb Total Space | 211.76 Gb Free Space | 22.73% Space Free | Partition Type: NTFS
Drive F: | 229.14 Gb Total Space | 216.75 Gb Free Space | 94.59% Space Free | Partition Type: NTFS
Drive K: | 458.46 Gb Total Space | 177.07 Gb Free Space | 38.62% Space Free | Partition Type: NTFS
Drive L: | 1.92 Gb Total Space | 1.91 Gb Free Space | 99.45% Space Free | Partition Type: FAT32
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- K:\Windows\System32\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- K:\Windows\SysWow64\control.exe (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS6\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS6\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{EF449371-6B69-49C8-B789-76A0B0E3446B}" = Corel Painter X3
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0838FACF-AB67-4AB7-B09A-3FC1809AED34}" = Painter 13 - FR
"{0A2DEC29-333B-408B-B31B-0B34D73EBA4C}" = Power Indexer Pro 3.0.0.0
"{0B598D32-B873-4794-8F30-90C53CD562D7}" = Corel Painter 13 - IPM
"{0B8565BA-BAD5-4732-B122-5FD78EFC50A9}" = Native Instruments Service Center
"{1864B4F0-8888-5A57-9930-C2B307597966}" = MusicLab RealGuitar
"{1AD147D0-BE0E-3D6C-AC11-64F6DC4163F1}" = Microsoft .NET Framework 4.5
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1FD29C34-110D-43E8-8261-8A358E4E7204}" = Nitro Pro 7
"{22029AEE-38DF-4E35-AEF4-FE8CA3F6667F}" = Superior Drummer 64 bit
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{38209080-8888-4418-8117-D190FC71BF58}" = MusicLab RealLPC
"{4A5A427F-BA39-4BF0-7777-9A47FBE60C9F}" = Visual C++ 9.0 Runtime for Dragon NaturallySpeaking 64bit (x64)
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4E82E2E9-668B-4F8A-814A-78E163FCDBCD}" = IconHandler 64 bit
"{4FF5C7C9-86CC-41ED-B93B-0B51AB4FED24}" = VmciSockets
"{4FFA2088-8317-3B14-93CD-4C699DB37843}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729
"{519918B9-24E9-4227-B927-9DD4F0FDBD0E}" = Microsoft SQL Server Native Client
"{5552453B-BB76-45E3-973D-F95E458ED780}" = Native Instruments Kontakt 5
"{58206080-8888-4418-8117-D190FC71BF58}" = MusicLab RealStrat
"{61F6F8FC-C448-418E-BF14-8B272DFDD51B}" = Painter 13 - EN
"{6DE721A5-5E89-4D74-994C-652BB3C0672E}" = Pinnacle Video Treiber
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{71E75F05-930E-41BA-BDBC-15E3134DD45B}" = Yamaha USB-MIDI Driver
"{71EFF430-1A34-423E-8EAF-A80173960A8E}" = TortoiseSVN 1.7.10.23359 (64 bit)
"{81BE5CD8-A7CA-4F1E-9825-E6BEFBC8C397}" = IMSlave LInk Blaster 1.1.0.0
"{8219EDCB-CE5A-4348-B056-AAC0FE4E99D0}" = Microsoft IntelliType Pro 8.2
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{92C28D3B-DEF3-4BFF-ADDB-DA12025B40E3}" = M-Audio ProFire Driver 6.0.9 (x64)
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031" = Microsoft .NET Framework 4.5 DEU Language Pack
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9983025B-AA60-4CF3-9E6C-C48DB9CD2310}" = Corel Painter 13 - IPM Content
"{A16926CB-C4BF-4FC9-8F99-200236731FCA}" = Painter 13 - Contentx64
"{A2585A63-ADD2-3F54-9819-125E680CC7E1}" = Microsoft .NET Framework 4.5 DEU Language Pack
"{A30B7FD7-04A1-46e1-ABDF-FD592C113253}" = MusicLab Virtual MIDI Driver
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B1EA198B-FF19-46C9-84DE-E2F3D11619ED}" = Painter 13 - Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 327.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 327.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 327.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 1.8.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 326.01
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.13.0725
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 10.11.15
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamC" = GeForce Experience NvStream Client Components
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 10.11.15
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.19
"{D2D82850-E23B-4923-99B9-F1A66A310A3F}" = SourceGear DiffMerge 4.1.0.534.stable (x64)
"{DA929FB1-A118-4F6E-9AD6-729633E84805}" = Painter 13 - Corex64
"{DAE239CE-EB9D-4EB3-B0D4-528D6BAA48FD}" = Bonjour
"{DD6290F5-9620-4FF6-AF3F-454465782B1A}" = Microsoft SQL Server VSS Writer
"{E6DC3A40-A289-4DEE-9472-7A003C3F4B72}" = Painter 13 - DE
"{EF449371-6B69-49C8-B789-76A0B0E3446B}" = Painter 13 - Setup Files
"Microsoft IntelliType Pro 8.2" = Microsoft IntelliType Pro 8.2
"OptimizerPro" = OptimizerPro
"Sandboxie" = Sandboxie 4.06 (64-bit)
"Tiffen-Dfx 3.0" = Dfx
"WinRAR archiver" = WinRAR 4.20 (64-Bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{EF449371-6B69-49C8-B789-76A0B0E3446B}" = Corel Painter X3
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0838FACF-AB67-4AB7-B09A-3FC1809AED34}" = Painter 13 - FR
"{0A2DEC29-333B-408B-B31B-0B34D73EBA4C}" = Power Indexer Pro 3.0.0.0
"{0B598D32-B873-4794-8F30-90C53CD562D7}" = Corel Painter 13 - IPM
"{0B8565BA-BAD5-4732-B122-5FD78EFC50A9}" = Native Instruments Service Center
"{1864B4F0-8888-5A57-9930-C2B307597966}" = MusicLab RealGuitar
"{1AD147D0-BE0E-3D6C-AC11-64F6DC4163F1}" = Microsoft .NET Framework 4.5
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1FD29C34-110D-43E8-8261-8A358E4E7204}" = Nitro Pro 7
"{22029AEE-38DF-4E35-AEF4-FE8CA3F6667F}" = Superior Drummer 64 bit
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{38209080-8888-4418-8117-D190FC71BF58}" = MusicLab RealLPC
"{4A5A427F-BA39-4BF0-7777-9A47FBE60C9F}" = Visual C++ 9.0 Runtime for Dragon NaturallySpeaking 64bit (x64)
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4E82E2E9-668B-4F8A-814A-78E163FCDBCD}" = IconHandler 64 bit
"{4FF5C7C9-86CC-41ED-B93B-0B51AB4FED24}" = VmciSockets
"{4FFA2088-8317-3B14-93CD-4C699DB37843}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729
"{519918B9-24E9-4227-B927-9DD4F0FDBD0E}" = Microsoft SQL Server Native Client
"{5552453B-BB76-45E3-973D-F95E458ED780}" = Native Instruments Kontakt 5
"{58206080-8888-4418-8117-D190FC71BF58}" = MusicLab RealStrat
"{61F6F8FC-C448-418E-BF14-8B272DFDD51B}" = Painter 13 - EN
"{6DE721A5-5E89-4D74-994C-652BB3C0672E}" = Pinnacle Video Treiber
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{71E75F05-930E-41BA-BDBC-15E3134DD45B}" = Yamaha USB-MIDI Driver
"{71EFF430-1A34-423E-8EAF-A80173960A8E}" = TortoiseSVN 1.7.10.23359 (64 bit)
"{81BE5CD8-A7CA-4F1E-9825-E6BEFBC8C397}" = IMSlave LInk Blaster 1.1.0.0
"{8219EDCB-CE5A-4348-B056-AAC0FE4E99D0}" = Microsoft IntelliType Pro 8.2
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{92C28D3B-DEF3-4BFF-ADDB-DA12025B40E3}" = M-Audio ProFire Driver 6.0.9 (x64)
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031" = Microsoft .NET Framework 4.5 DEU Language Pack
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9983025B-AA60-4CF3-9E6C-C48DB9CD2310}" = Corel Painter 13 - IPM Content
"{A16926CB-C4BF-4FC9-8F99-200236731FCA}" = Painter 13 - Contentx64
"{A2585A63-ADD2-3F54-9819-125E680CC7E1}" = Microsoft .NET Framework 4.5 DEU Language Pack
"{A30B7FD7-04A1-46e1-ABDF-FD592C113253}" = MusicLab Virtual MIDI Driver
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B1EA198B-FF19-46C9-84DE-E2F3D11619ED}" = Painter 13 - Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 327.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 327.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 327.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 1.8.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 326.01
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.13.0725
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 10.11.15
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamC" = GeForce Experience NvStream Client Components
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 10.11.15
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.19
"{D2D82850-E23B-4923-99B9-F1A66A310A3F}" = SourceGear DiffMerge 4.1.0.534.stable (x64)
"{DA929FB1-A118-4F6E-9AD6-729633E84805}" = Painter 13 - Corex64
"{DAE239CE-EB9D-4EB3-B0D4-528D6BAA48FD}" = Bonjour
"{DD6290F5-9620-4FF6-AF3F-454465782B1A}" = Microsoft SQL Server VSS Writer
"{E6DC3A40-A289-4DEE-9472-7A003C3F4B72}" = Painter 13 - DE
"{EF449371-6B69-49C8-B789-76A0B0E3446B}" = Painter 13 - Setup Files
"Microsoft IntelliType Pro 8.2" = Microsoft IntelliType Pro 8.2
"OptimizerPro" = OptimizerPro
"Sandboxie" = Sandboxie 4.06 (64-bit)
"Tiffen-Dfx 3.0" = Dfx
"WinRAR archiver" = WinRAR 4.20 (64-Bit)
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\vimotrade_ON_K\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"a10c648895c21ba6" = Update or Uninstall SENukeX
"com.poweredbypulse.profile-0-rb-10081-1361533307190" = MobiOne Studio 2.3.2 (hot-fix 1)
"Google Chrome" = Google Chrome
"Winamp Detect" = Winamp Erkennungs-Plug-in
< End of report >
|
| Themen zu AKM Virus entfernen - Zahlung von 100,00 Euro zum entsperren |
| adobe, akm 100 euro virus, akm bmi trojaner, akm trojaner win7, akm virus entfernen, askbar, autorun, backlink, bho, bonjour, browser, defender, entfernen, error, euro, explorer, firefox, format, ftp, helper, install.exe, launch, loadit.exe, logfile, lws.exe, mozilla, nvbackend, optimizerpro, plug-in, realtek, registry, rundll, scan, schannel.dll, security, software, stick, usb, virus |
Baum-Darstellung