Problem mit Antivirus Action

PrinzJesus

Hi ich bin neu hier im Forum daher bitte ich euch um verzeihung wenn ich hier falsh poste.
Ich hab mit der oben erwähnten Datei ein paar schwirigkeiten (Da ich sie habe ^^). Ich habe mich hier im Forum schon informiert und Die Programme OTF und Malwarebytes Anti-Malware laufen lassen. Bei OTF stand noch drinne, dass wir die logs posten sollen damit wir weitere Hilfe erwarten können.
Nun hier meine log Datein

OTL.txt

OTL logfile created on: 27.11.2010 11:11:08 - Run 2
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\philipp\Downloads
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 60,00% Memory free
7,00 Gb Paging File | 5,00 Gb Available in Paging File | 77,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232,79 Gb Total Space | 6,72 Gb Free Space | 2,89% Space Free | Partition Type: NTFS
Drive D: | 73,98 Gb Total Space | 57,58 Gb Free Space | 77,84% Space Free | Partition Type: NTFS
Drive E: | 7,47 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

Computer Name: PHILIPP-PC | User Name: philipp | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2010.11.27 10:39:29 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\philipp\Downloads\OTL.exe
PRC - [2010.11.04 17:28:32 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2010.11.04 17:28:31 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010.11.04 17:28:31 | 000,267,944 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2010.11.01 18:05:17 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe
PRC - [2010.11.01 18:05:17 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\plugin-container.exe
PRC - [2010.10.27 13:20:45 | 000,133,432 | ---- | M] (ICQ, LLC.) -- C:\Programme\ICQ7.0\ICQ.exe
PRC - [2010.09.27 17:52:49 | 002,969,496 | ---- | M] () -- C:\Programme\Pando Networks\Media Booster\PMB.exe
PRC - [2010.06.24 15:41:38 | 000,092,008 | ---- | M] (TomTom) -- C:\Programme\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2010.06.24 15:41:34 | 000,247,144 | ---- | M] (TomTom) -- C:\Programme\TomTom HOME 2\TomTomHOMERunner.exe
PRC - [2010.06.18 18:38:22 | 000,619,800 | ---- | M] (hxxp://tortoisesvn.net) -- C:\Programme\TortoiseSVN\bin\TSVNCache.exe
PRC - [2010.04.29 12:19:18 | 001,090,952 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbam.exe
PRC - [2010.04.03 15:59:00 | 000,240,232 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2010.03.24 10:36:16 | 000,797,104 | ---- | M] (iMesh, Inc) -- C:\Programme\iMesh Applications\MediaBar\DataMngr\DataMngrUI.exe
PRC - [2010.02.06 23:27:59 | 002,247,168 | ---- | M] (Computec Media AG) -- C:\Programme\buffed\BLASC.exe
PRC - [2010.01.14 22:10:53 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2010.01.03 17:07:48 | 000,246,520 | ---- | M] () -- C:\Programme\ICQ6Toolbar\ICQ Service.exe
PRC - [2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.07.24 15:05:24 | 000,139,120 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft LifeCam\MSCamS32.exe
PRC - [2009.07.14 02:14:47 | 001,121,280 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2009.07.14 02:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009.07.14 02:14:21 | 000,115,712 | ---- | M] (Microsoft Corporation) -- C:\Programme\Internet Explorer\ielowutil.exe
PRC - [2009.07.14 02:14:15 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2009.06.30 21:23:54 | 000,762,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\vVX1000.exe
PRC - [2009.05.19 11:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe


========== Modules (SafeList) ==========

MOD - [2010.11.27 10:39:29 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\philipp\Downloads\OTL.exe
MOD - [2010.08.21 06:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll
MOD - [2009.07.14 02:16:15 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll
MOD - [2009.07.14 02:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll
MOD - [2009.07.14 02:16:13 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samcli.dll
MOD - [2009.07.14 02:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll
MOD - [2009.07.14 02:16:03 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netutils.dll
MOD - [2009.07.14 02:15:35 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll
MOD - [2009.07.14 02:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll
MOD - [2009.07.14 02:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll
MOD - [2009.07.14 02:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll
MOD - [2009.07.14 02:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll


========== Win32 Services (SafeList) ==========

SRV - [2010.11.26 16:59:32 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010.11.12 19:39:22 | 003,019,352 | ---- | M] () [Auto | Running] -- c:\Programme\Common Files\Akamai\netsession_win_4176eef.dll -- (Akamai)
SRV - [2010.11.04 17:28:32 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010.11.04 17:28:31 | 000,267,944 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010.06.24 15:41:38 | 000,092,008 | ---- | M] (TomTom) [Auto | Running] -- C:\Programme\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2010.04.03 15:59:00 | 000,240,232 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.03.18 12:16:28 | 000,124,240 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2010.03.18 12:16:28 | 000,124,240 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe -- (NetTcpActivator)
SRV - [2010.03.18 12:16:28 | 000,124,240 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe -- (NetPipeActivator)
SRV - [2010.03.18 12:16:28 | 000,124,240 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe -- (NetMsmqActivator)
SRV - [2010.01.03 17:07:48 | 000,246,520 | ---- | M] () [Auto | Running] -- C:\Programme\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2009.08.05 22:48:42 | 000,704,864 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
SRV - [2009.07.24 15:05:24 | 000,139,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe -- (MSCamSvc)
SRV - [2009.07.14 02:16:21 | 000,185,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wwansvc.dll -- (WwanSvc)
SRV - [2009.07.14 02:16:17 | 000,151,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wbiosrvc.dll -- (WbioSrvc)
SRV - [2009.07.14 02:16:17 | 000,119,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpo.dll -- (Power)
SRV - [2009.07.14 02:16:16 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\themeservice.dll -- (Themes)
SRV - [2009.07.14 02:16:15 | 000,053,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sppuinotify.dll -- (sppuinotify)
SRV - [2009.07.14 02:16:13 | 000,043,520 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\System32\RpcEpMap.dll -- (RpcEptMapper)
SRV - [2009.07.14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009.07.14 02:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\pnrpsvc.dll -- (PNRPsvc)
SRV - [2009.07.14 02:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\pnrpsvc.dll -- (p2pimsvc)
SRV - [2009.07.14 02:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\provsvc.dll -- (HomeGroupProvider)
SRV - [2009.07.14 02:16:12 | 000,020,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpauto.dll -- (PNRPAutoReg)
SRV - [2009.07.14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009.07.14 02:15:36 | 000,194,560 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\ListSvc.dll -- (HomeGroupListener)
SRV - [2009.07.14 02:15:21 | 000,797,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009.07.14 02:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcore.dll -- (Dhcp)
SRV - [2009.07.14 02:15:10 | 000,218,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\defragsvc.dll -- (defragsvc)
SRV - [2009.07.14 02:14:59 | 000,076,800 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\bdesvc.dll -- (BDESVC)
SRV - [2009.07.14 02:14:58 | 000,088,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AxInstSv.dll -- (AxInstSV) ActiveX-Installer (AxInstSV)
SRV - [2009.07.14 02:14:53 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\appidsvc.dll -- (AppIDSvc)
SRV - [2009.07.14 02:14:29 | 003,179,520 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\sppsvc.exe -- (sppsvc)
SRV - [2009.05.19 11:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hcw85cir.sys -- (hcw85cir)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\EagleNT.sys -- (EagleNT)
DRV - [2010.11.26 16:44:55 | 000,061,960 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010.11.04 17:28:32 | 000,126,856 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2010.04.29 12:19:24 | 000,038,224 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2010.04.03 23:55:31 | 011,573,800 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2010.01.30 14:12:06 | 000,033,848 | ---- | M] (NCH Swift Sound) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nchssvad.sys -- (NCHSSVAD) SoundTap Recorder (32 Bit)
DRV - [2009.12.11 08:44:02 | 000,133,720 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\ksecpkg.sys -- (KSecPkg)
DRV - [2009.08.13 07:23:02 | 000,022,528 | ---- | M] (CSR, plc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BthAvrcp.sys -- (BthAvrcp)
DRV - [2009.08.05 22:48:42 | 000,054,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\fssfltr.sys -- (fssfltr)
DRV - [2009.07.14 02:26:21 | 000,015,952 | ---- | M] (CMD Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\cmdide.sys -- (cmdide)
DRV - [2009.07.14 02:26:17 | 000,297,552 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpahci.sys -- (adpahci)
DRV - [2009.07.14 02:26:15 | 000,422,976 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adp94xx.sys -- (adp94xx)
DRV - [2009.07.14 02:26:15 | 000,159,312 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsbs.sys -- (amdsbs)
DRV - [2009.07.14 02:26:15 | 000,146,512 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpu320.sys -- (adpu320)
DRV - [2009.07.14 02:26:15 | 000,086,608 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arcsas.sys -- (arcsas)
DRV - [2009.07.14 02:26:15 | 000,079,952 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsata.sys -- (amdsata)
DRV - [2009.07.14 02:26:15 | 000,076,368 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arc.sys -- (arc)
DRV - [2009.07.14 02:26:15 | 000,023,616 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\amdxata.sys -- (amdxata)
DRV - [2009.07.14 02:26:15 | 000,014,400 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\aliide.sys -- (aliide)
DRV - [2009.07.14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvstor.sys -- (nvstor)
DRV - [2009.07.14 02:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvraid.sys -- (nvraid)
DRV - [2009.07.14 02:20:44 | 000,044,624 | ---- | M] (IBM Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nfrd960.sys -- (nfrd960)
DRV - [2009.07.14 02:20:37 | 000,089,168 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas.sys -- (LSI_SAS)
DRV - [2009.07.14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iaStorV.sys -- (iaStorV)
DRV - [2009.07.14 02:20:36 | 000,235,584 | ---- | M] (LSI Corporation, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MegaSR.sys -- (MegaSR)
DRV - [2009.07.14 02:20:36 | 000,096,848 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2009.07.14 02:20:36 | 000,095,824 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_fc.sys -- (LSI_FC)
DRV - [2009.07.14 02:20:36 | 000,054,864 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas2.sys -- (LSI_SAS2)
DRV - [2009.07.14 02:20:36 | 000,041,040 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iirsp.sys -- (iirsp)
DRV - [2009.07.14 02:20:36 | 000,030,800 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\megasas.sys -- (megasas)
DRV - [2009.07.14 02:20:36 | 000,013,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hwpolicy.sys -- (hwpolicy)
DRV - [2009.07.14 02:20:28 | 000,453,712 | ---- | M] (Emulex) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\elxstor.sys -- (elxstor)
DRV - [2009.07.14 02:20:28 | 000,070,720 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\djsvs.sys -- (aic78xx)
DRV - [2009.07.14 02:20:28 | 000,067,152 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HpSAMD.sys -- (HpSAMD)
DRV - [2009.07.14 02:20:28 | 000,046,160 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\fsdepends.sys -- (FsDepends)
DRV - [2009.07.14 02:19:11 | 000,141,904 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vsmraid.sys -- (vsmraid)
DRV - [2009.07.14 02:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vmbus.sys -- (vmbus)
DRV - [2009.07.14 02:19:10 | 000,159,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vhdmp.sys -- (vhdmp)
DRV - [2009.07.14 02:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vmstorfl.sys -- (storflt)
DRV - [2009.07.14 02:19:10 | 000,032,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vdrvroot.sys -- (vdrvroot)
DRV - [2009.07.14 02:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\storvsc.sys -- (storvsc)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\wimmount.sys -- (WIMMount)
DRV - [2009.07.14 02:19:10 | 000,016,976 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\viaide.sys -- (viaide)
DRV - [2009.07.14 02:19:04 | 001,383,488 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql2300.sys -- (ql2300)
DRV - [2009.07.14 02:19:04 | 000,173,648 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\rdyboost.sys -- (rdyboost)
DRV - [2009.07.14 02:19:04 | 000,106,064 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql40xx.sys -- (ql40xx)
DRV - [2009.07.14 02:19:04 | 000,077,888 | ---- | M] (Silicon Integrated Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\sisraid4.sys -- (SiSRaid4)
DRV - [2009.07.14 02:19:04 | 000,043,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pcw.sys -- (pcw)
DRV - [2009.07.14 02:19:04 | 000,040,016 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\SiSRaid2.sys -- (SiSRaid2)
DRV - [2009.07.14 02:19:04 | 000,021,072 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\stexstor.sys -- (stexstor)
DRV - [2009.07.14 02:17:54 | 000,369,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\cng.sys -- (CNG)
DRV - [2009.07.14 01:57:25 | 000,272,128 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\Brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2009.07.14 01:02:41 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rdpbus.sys -- (rdpbus)
DRV - [2009.07.14 01:01:41 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\RDPREFMP.sys -- (RDPREFMP)
DRV - [2009.07.14 00:55:00 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2)
DRV - [2009.07.14 00:53:51 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\wfplwf.sys -- (WfpLwf)
DRV - [2009.07.14 00:52:44 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ndiscap.sys -- (NdisCap)
DRV - [2009.07.14 00:52:02 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vwifibus.sys -- (vwifibus)
DRV - [2009.07.14 00:52:00 | 000,163,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\1394ohci.sys -- (1394ohci)
DRV - [2009.07.14 00:51:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\umpass.sys -- (UmPass)
DRV - [2009.07.14 00:51:23 | 000,080,640 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\USBAUDIO.sys -- (usbaudio) USB-Audiotreiber (WDM)
DRV - [2009.07.14 00:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009.07.14 00:51:08 | 000,004,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mshidkmdf.sys -- (mshidkmdf)
DRV - [2009.07.14 00:46:55 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MTConfig.sys -- (MTConfig)
DRV - [2009.07.14 00:45:26 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CompositeBus.sys -- (CompositeBus)
DRV - [2009.07.14 00:36:52 | 000,050,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\appid.sys -- (AppID)
DRV - [2009.07.14 00:33:50 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\scfilter.sys -- (scfilter)
DRV - [2009.07.14 00:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vms3cap.sys -- (s3cap)
DRV - [2009.07.14 00:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\VMBusHID.sys -- (VMBusHID)
DRV - [2009.07.14 00:24:05 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\discache.sys -- (discache)
DRV - [2009.07.14 00:16:36 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\acpipmi.sys -- (AcpiPmi)
DRV - [2009.07.14 00:11:04 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdppm.sys -- (AmdPPM)
DRV - [2009.07.13 23:53:33 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbMdm.sys -- (BrUsbMdm)
DRV - [2009.07.13 23:53:33 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbSer.sys -- (BrUsbSer)
DRV - [2009.07.13 23:53:32 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrSerWdm.sys -- (BrSerWdm)
DRV - [2009.07.13 23:53:28 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltLo.sys -- (BrFiltLo)
DRV - [2009.07.13 23:53:28 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltUp.sys -- (BrFiltUp)
DRV - [2009.07.13 23:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x)
DRV - [2009.07.13 23:02:48 | 003,100,160 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\evbdx.sys -- (ebdrv)
DRV - [2009.07.13 23:02:48 | 000,430,080 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\bxvbdx.sys -- (b06bdrv)
DRV - [2009.06.30 21:24:04 | 001,961,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VX1000.sys -- (VX1000)
DRV - [2009.05.11 10:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.03.01 22:05:32 | 000,139,776 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rt86win7.sys -- (RTL8167)
DRV - [2007.01.23 19:36:46 | 000,299,776 | ---- | M] (Hauppauge Computer Works, Inc) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hcw88tse.sys -- (HCW88TSE)
DRV - [2007.01.23 19:25:30 | 000,207,872 | ---- | M] (Hauppauge Computer Works, Inc) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hcw88bda.sys -- (hcw88bda)
DRV - [2002.10.29 09:15:06 | 000,114,144 | ---- | M] (Winbond Electronics Crop.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\2kw9967.sys -- (USBW9967)
DRV - [2002.04.14 16:23:00 | 000,016,588 | ---- | M] (The freeware company) [Kernel | On_Demand | Stopped] -- C:\Programme\MoreTV.353\Hwiont.sys -- (HWIONT)
DRV - [2001.10.30 05:21:02 | 000,010,256 | ---- | M] (Winbond Electronics Crop.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\W9967STI.SYS -- (W9967CAM)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {51a86bb3-6602-4c85-92a5-130ee4864f13} - C:\Programme\BrotherSoft_Extreme\tbBrot.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\20101101171951\ICQToolBar.dll (ICQ)
IE - HKLM\..\URLSearchHook: {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Programme\MyAshampoo\tbMyAs.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {dfabc5b5-039b-4865-979a-de31cdf3e351} - C:\Programme\Media_Star\tbMedi.dll (Conduit Ltd.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2626277
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 58 37 46 FE 7B A7 CA 01 [binary data]
IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {51a86bb3-6602-4c85-92a5-130ee4864f13} - C:\Programme\BrotherSoft_Extreme\tbBrot.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\20101101171951\ICQToolBar.dll (ICQ)
IE - HKCU\..\URLSearchHook: {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Programme\MyAshampoo\tbMyAs.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {dfabc5b5-039b-4865-979a-de31cdf3e351} - C:\Programme\Media_Star\tbMedi.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:23012

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaultthis.engineName: "MyAshampoo Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2475029&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "iMesh Web Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.blackskulls.eu/index.php?site=forum"
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:2.0.0.6
FF - prefs.js..extensions.enabledItems: {28D35620-51D9-11DE-9D13-2DB156D89593}:3.1
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
FF - prefs.js..extensions.enabledItems: battlefieldheroespatcher@ea.com:5.0.31.0
FF - prefs.js..extensions.enabledItems: {a1e75a0e-4397-4ba8-bb50-e19fb66890f4}:2.5.6.0
FF - prefs.js..extensions.enabledItems: ffxtlbr@babylon.com:1.1.2
FF - prefs.js..extensions.enabledItems: {51a86bb3-6602-4c85-92a5-130ee4864f13}:3.1.0.12
FF - prefs.js..keyword.URL: "hxxp://utils.babylon.com/abt/index.php?url="


FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.11.01 18:05:18 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.11.01 18:05:18 | 000,000,000 | ---D | M]

[2010.01.29 21:23:03 | 000,000,000 | ---D | M] -- C:\Users\philipp\AppData\Roaming\mozilla\Extensions
[2009.11.09 18:23:11 | 000,000,000 | ---D | M] -- C:\Users\philipp\AppData\Roaming\mozilla\Extensions\home2@tomtom.com
[2010.11.27 11:10:09 | 000,000,000 | ---D | M] -- C:\Users\philipp\AppData\Roaming\mozilla\Firefox\Profiles\d6ouxncv.default\extensions
[2010.06.05 22:19:09 | 000,000,000 | ---D | M] (MediaBar) -- C:\Users\philipp\AppData\Roaming\mozilla\Firefox\Profiles\d6ouxncv.default\extensions\{28D35620-51D9-11DE-9D13-2DB156D89593}
[2010.11.25 23:42:38 | 000,000,000 | ---D | M] (BrotherSoft Extreme Community Toolbar) -- C:\Users\philipp\AppData\Roaming\mozilla\Firefox\Profiles\d6ouxncv.default\extensions\{51a86bb3-6602-4c85-92a5-130ee4864f13}
[2010.06.26 10:47:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\philipp\AppData\Roaming\mozilla\Firefox\Profiles\d6ouxncv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010.10.10 15:26:59 | 000,000,000 | ---D | M] (MyAshampoo Toolbar) -- C:\Users\philipp\AppData\Roaming\mozilla\Firefox\Profiles\d6ouxncv.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}
[2010.10.08 21:19:49 | 000,000,000 | ---D | M] -- C:\Users\philipp\AppData\Roaming\mozilla\Firefox\Profiles\d6ouxncv.default\extensions\battlefieldheroespatcher@ea.com
[2010.11.23 22:26:15 | 000,000,000 | ---D | M] -- C:\Users\philipp\AppData\Roaming\mozilla\Firefox\Profiles\d6ouxncv.default\extensions\ffxtlbr@babylon.com
[2010.01.30 05:32:30 | 000,002,163 | ---- | M] () -- C:\Users\philipp\AppData\Roaming\Mozilla\FireFox\Profiles\d6ouxncv.default\searchplugins\bing.xml
[2010.09.16 18:48:08 | 000,000,941 | ---- | M] () -- C:\Users\philipp\AppData\Roaming\Mozilla\FireFox\Profiles\d6ouxncv.default\searchplugins\conduit.xml
[2010.11.22 18:22:06 | 000,000,950 | ---- | M] () -- C:\Users\philipp\AppData\Roaming\Mozilla\FireFox\Profiles\d6ouxncv.default\searchplugins\icqplugin-1.xml
[2010.04.03 09:57:44 | 000,000,950 | ---- | M] () -- C:\Users\philipp\AppData\Roaming\Mozilla\FireFox\Profiles\d6ouxncv.default\searchplugins\icqplugin-2.xml
[2010.06.06 03:09:46 | 000,000,950 | ---- | M] () -- C:\Users\philipp\AppData\Roaming\Mozilla\FireFox\Profiles\d6ouxncv.default\searchplugins\icqplugin-3.xml
[2010.06.28 15:40:31 | 000,000,950 | ---- | M] () -- C:\Users\philipp\AppData\Roaming\Mozilla\FireFox\Profiles\d6ouxncv.default\searchplugins\icqplugin-4.xml
[2010.07.31 12:13:02 | 000,000,950 | ---- | M] () -- C:\Users\philipp\AppData\Roaming\Mozilla\FireFox\Profiles\d6ouxncv.default\searchplugins\icqplugin-5.xml
[2010.10.02 14:49:28 | 000,000,950 | ---- | M] () -- C:\Users\philipp\AppData\Roaming\Mozilla\FireFox\Profiles\d6ouxncv.default\searchplugins\icqplugin-6.xml
[2010.10.04 18:05:44 | 000,000,950 | ---- | M] () -- C:\Users\philipp\AppData\Roaming\Mozilla\FireFox\Profiles\d6ouxncv.default\searchplugins\icqplugin-7.xml
[2010.10.25 15:59:18 | 000,000,950 | ---- | M] () -- C:\Users\philipp\AppData\Roaming\Mozilla\FireFox\Profiles\d6ouxncv.default\searchplugins\icqplugin-8.xml
[2010.11.23 22:27:36 | 000,000,950 | ---- | M] () -- C:\Users\philipp\AppData\Roaming\Mozilla\FireFox\Profiles\d6ouxncv.default\searchplugins\icqplugin-9.xml
[2010.03.19 20:01:53 | 000,000,944 | ---- | M] () -- C:\Users\philipp\AppData\Roaming\Mozilla\FireFox\Profiles\d6ouxncv.default\searchplugins\icqplugin.xml
[2010.03.24 10:34:04 | 000,002,456 | ---- | M] () -- C:\Users\philipp\AppData\Roaming\Mozilla\FireFox\Profiles\d6ouxncv.default\searchplugins\iMeshWebSearch.xml
[2010.11.27 10:27:56 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2010.08.09 23:31:43 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Programme\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010.10.02 14:49:11 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.11.23 22:26:12 | 000,002,226 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\babylon.xml
[2010.10.02 14:49:11 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.03.24 10:34:04 | 000,002,456 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\iMeshWebSearch.xml
[2010.10.02 14:49:11 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.10.02 14:49:11 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.10.02 14:49:11 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml

O1 HOSTS File: ([2009.06.10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (CescrtHlpr Object) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Programme\BabylonToolbar\BabylonToolbar\1.4.15.10\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (UrlHelper Class) - {474597C5-AB09-49d6-A4D5-2E8D7341384E} - C:\Programme\iMesh Applications\MediaBar\DataMngr\IEBHO.dll (iMesh, Inc)
O2 - BHO: (BrotherSoft Extreme Toolbar) - {51a86bb3-6602-4c85-92a5-130ee4864f13} - C:\Programme\BrotherSoft_Extreme\tbBrot.dll (Conduit Ltd.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programme\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Babylon IE plugin) - {9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} - C:\Programme\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (Babylon Ltd.)
O2 - BHO: (MyAshampoo Toolbar) - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Programme\MyAshampoo\tbMyAs.dll (Conduit Ltd.)
O2 - BHO: (MediaBar) - {ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F} - C:\Programme\iMesh Applications\MediaBar\ToolBar\iMeshMediaBarDx.dll ()
O2 - BHO: (Media Star Toolbar) - {dfabc5b5-039b-4865-979a-de31cdf3e351} - C:\Programme\Media_Star\tbMedi.dll (Conduit Ltd.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (BrotherSoft Extreme Toolbar) - {51a86bb3-6602-4c85-92a5-130ee4864f13} - C:\Programme\BrotherSoft_Extreme\tbBrot.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\20101101171951\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Programme\BabylonToolbar\BabylonToolbar\1.4.15.10\BabylonToolbarTlbr.dll (Babylon Ltd.)
O3 - HKLM\..\Toolbar: (MyAshampoo Toolbar) - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Programme\MyAshampoo\tbMyAs.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (MediaBar) - {ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F} - C:\Programme\iMesh Applications\MediaBar\ToolBar\iMeshMediaBarDx.dll ()
O3 - HKLM\..\Toolbar: (Media Star Toolbar) - {dfabc5b5-039b-4865-979a-de31cdf3e351} - C:\Programme\Media_Star\tbMedi.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (BrotherSoft Extreme Toolbar) - {51A86BB3-6602-4C85-92A5-130EE4864F13} - C:\Programme\BrotherSoft_Extreme\tbBrot.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (MyAshampoo Toolbar) - {A1E75A0E-4397-4BA8-BB50-E19FB66890F4} - C:\Programme\MyAshampoo\tbMyAs.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Media Star Toolbar) - {DFABC5B5-039B-4865-979A-DE31CDF3E351} - C:\Programme\Media_Star\tbMedi.dll (Conduit Ltd.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe File not found
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [Babylon Client] C:\Program Files\Babylon\Babylon-Pro\Babylon.exe (Babylon Ltd.)
O4 - HKLM..\Run: [BabylonToolbar] C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.15.10\BabylonToolbarsrv.exe (Babylon Ltd.)
O4 - HKLM..\Run: [DataMngr] C:\Programme\iMesh Applications\MediaBar\DataMngr\DataMngrUI.exe (iMesh, Inc)
O4 - HKLM..\Run: [LifeCam] C:\Program Files\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [VX1000] C:\Windows\vVX1000.exe (Microsoft Corporation)
O4 - HKCU..\Run: [BLASC] C:\Program Files\buffed\BLASC.exe (Computec Media AG)
O4 - HKCU..\Run: [EA Core] C:\Program Files\Electronic Arts\EADM\Core.exe File not found
O4 - HKCU..\Run: [Pando Media Booster] C:\Programme\Pando Networks\Media Booster\PMB.exe ()
O4 - HKCU..\Run: [sckbrfxs] C:\Users\philipp\AppData\Local\Temp\bxgtdtjkr\tgdsjgrtsbl.exe ()
O4 - HKCU..\Run: [Steam] C:\Program Files\Steam\Steam.exe (Valve Corporation)
O4 - HKCU..\Run: [TomTomHOME.exe] C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O4 - HKCU..\Run: [xitlmnle] C:\Users\philipp\AppData\Local\Temp\dwmudrhhi\sipxouotsbl.exe ()
O4 - Startup: C:\Users\philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
O4 - Startup: C:\Users\philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk = C:\Programme\Xfire\Xfire.exe (Xfire Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Translate this web page with Babylon - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (Babylon Ltd.)
O8 - Extra context menu item: Translate with Babylon - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (Babylon Ltd.)
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Programme\ICQ7.0\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Programme\ICQ7.0\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (Babylon Ltd.)
O9 - Extra 'Tools' menuitem : Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (Babylon Ltd.)
O13 - gopher Prefix: missing
O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} https://www.battlefieldheroes.com/static/updater/BFHUpdater_5.0.31.0.cab (Battlefield Heroes Updater)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\IMESHA~1\MediaBar\DataMngr\datamngr.dll) - C:\Programme\iMesh Applications\MediaBar\DataMngr\datamngr.dll (iMesh, Inc)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKCU Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - D:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010.11.27 10:27:12 | 000,000,000 | ---D | C] -- C:\Users\philipp\AppData\Roaming\Malwarebytes
[2010.11.27 10:25:51 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.11.27 10:25:50 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.11.27 10:25:50 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2010.11.27 10:25:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.11.27 02:00:24 | 000,000,000 | ---D | C] -- C:\Programme\Media_Star
[2010.11.27 01:59:28 | 000,000,000 | ---D | C] -- C:\Users\philipp\AppData\Roaming\TorrentBitch
[2010.11.27 01:59:28 | 000,000,000 | ---D | C] -- C:\Programme\TorrentBitch
[2010.11.27 01:59:28 | 000,000,000 | ---D | C] -- C:\ProgramData\TorrentBitch
[2010.11.26 21:08:35 | 000,000,000 | ---D | C] -- C:\Programme\PATRIZIER II Gold
[2010.11.26 19:18:59 | 000,000,000 | ---D | C] -- C:\Programme\Drakensang
[2010.11.25 23:42:42 | 000,000,000 | ---D | C] -- C:\Programme\ConduitEngine
[2010.11.25 23:42:40 | 000,000,000 | ---D | C] -- C:\Programme\BrotherSoft_Extreme
[2010.11.25 23:42:09 | 000,000,000 | ---D | C] -- C:\Users\philipp\AppData\Roaming\GetRightToGo
[2010.11.25 23:42:09 | 000,000,000 | ---D | C] -- C:\Users\philipp\Documents\Downloads
[2010.11.23 22:31:24 | 000,719,872 | ---- | C] (Abysmal Software) -- C:\Windows\System32\devil.dll
[2010.11.23 22:31:24 | 000,369,152 | ---- | C] (The Public) -- C:\Windows\System32\avisynth.dll
[2010.11.23 22:31:23 | 000,070,656 | ---- | C] (www.helixcommunity.org) -- C:\Windows\System32\yv12vfw.dll
[2010.11.23 22:31:23 | 000,070,656 | ---- | C] (www.helixcommunity.org) -- C:\Windows\System32\i420vfw.dll
[2010.11.23 22:31:22 | 000,000,000 | ---D | C] -- C:\Programme\AviSynth 2.5
[2010.11.23 22:29:00 | 000,092,672 | RHS- | C] (RadLight) -- C:\Windows\System32\RLVorbisDec.ax
[2010.11.23 22:29:00 | 000,090,112 | RHS- | C] (-) -- C:\Windows\System32\TTADSSplitter.ax
[2010.11.23 22:29:00 | 000,090,112 | RHS- | C] (-) -- C:\Windows\System32\TTADSDecoder.ax
[2010.11.23 22:29:00 | 000,067,584 | RHS- | C] (RadLight, LLC) -- C:\Windows\System32\RLTheoraDec.ax
[2010.11.23 22:28:59 | 000,278,528 | ---- | C] (Real Networks, Inc) -- C:\Windows\System32\pncrt.dll
[2010.11.23 22:28:59 | 000,186,880 | RHS- | C] (RadLight) -- C:\Windows\System32\RLOgg.ax
[2010.11.23 22:28:59 | 000,161,792 | RHS- | C] (Gabest) -- C:\Windows\System32\RealMediaDX.ax
[2010.11.23 22:28:58 | 000,216,064 | RHS- | C] (MONOGRAM Multimedia, s.r.o.) -- C:\Windows\System32\nbDX.dll
[2010.11.23 22:28:58 | 000,031,232 | RHS- | C] (Hans Mayerl) -- C:\Windows\System32\msfDX.dll
[2010.11.23 22:28:57 | 000,179,200 | RHS- | C] (Gabest) -- C:\Windows\System32\DiracSplitter.ax
[2010.11.23 22:28:57 | 000,169,472 | RHS- | C] (Gabest) -- C:\Windows\System32\MatroskaDX.ax
[2010.11.23 22:28:57 | 000,163,328 | RHS- | C] (Gabest) -- C:\Windows\System32\flvDX.dll
[2010.11.23 22:28:57 | 000,123,904 | RHS- | C] (CoreCodec) -- C:\Windows\System32\AVCDX.ax
[2010.11.23 22:28:19 | 000,000,000 | ---D | C] -- C:\Programme\eRightSoft
[2010.11.23 22:26:26 | 000,000,000 | ---D | C] -- C:\Users\philipp\AppData\Local\Babylon
[2010.11.23 22:26:13 | 000,000,000 | ---D | C] -- C:\Programme\BabylonToolbar
[2010.11.23 22:26:13 | 000,000,000 | ---D | C] -- C:\Programme\Babylon
[2010.11.23 22:26:09 | 000,000,000 | ---D | C] -- C:\Users\philipp\AppData\Roaming\Babylon
[2010.11.23 22:26:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon
[2010.11.23 22:25:55 | 000,000,000 | ---D | C] -- C:\Programme\AudioConverter
[2010.11.23 22:25:21 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2010.11.23 22:25:15 | 000,000,000 | ---D | C] -- C:\Programme\MP3 CD Converter Professional
[2010.11.23 22:10:02 | 000,000,000 | ---D | C] -- C:\Users\philipp\Desktop\Reich und Sexy
[2010.11.14 09:28:51 | 000,000,000 | ---D | C] -- C:\Users\philipp\Documents\The Lord of the Rings Online
[2010.11.14 09:28:51 | 000,000,000 | ---D | C] -- C:\Users\philipp\AppData\Local\The Lord of the Rings Online
[2010.11.14 09:24:12 | 000,000,000 | ---D | C] -- C:\Users\philipp\AppData\Local\Turbine
[2010.11.14 09:23:17 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_42.dll
[2010.11.14 09:20:59 | 000,000,000 | ---D | C] -- C:\Windows\System32\URTTEMP
[2010.11.14 08:39:12 | 000,000,000 | ---D | C] -- C:\Programme\Codemasters
[2010.11.13 15:13:14 | 000,000,000 | ---D | C] -- C:\Programme\SimBin
[2010.11.13 14:59:21 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Steam
[2010.11.13 14:59:18 | 000,000,000 | ---D | C] -- C:\Programme\Steam
[2010.11.13 14:50:50 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_41.dll
[2010.11.13 14:50:50 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_41.dll
[2010.11.13 14:50:49 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_41.dll
[2010.11.13 14:50:49 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_4.dll
[2010.11.13 14:50:48 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_40.dll
[2010.11.13 14:50:48 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_40.dll
[2010.11.13 14:50:48 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_4.dll
[2010.11.13 14:50:48 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_6.dll
[2010.11.13 14:50:47 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_40.dll
[2010.11.08 19:34:36 | 000,000,000 | ---D | C] -- C:\Users\philipp\Documents\gothic3
[2010.11.08 19:01:59 | 000,000,000 | ---D | C] -- C:\Programme\JoWooD
[2010.11.06 11:54:27 | 000,000,000 | ---D | C] -- C:\ProgramData\1B136
[2010.11.05 22:30:36 | 000,000,000 | ---D | C] -- C:\Users\philipp\Desktop\LOTROEU_Enedwaith_DE_Installer
[2010.11.01 17:09:14 | 001,700,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\GdiPlus.dll
[2010.10.31 20:18:57 | 000,000,000 | ---D | C] -- C:\Users\philipp\AppData\Roaming\Avira
[2010.10.31 19:47:26 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2010.10.31 19:47:25 | 000,126,856 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2010.10.31 19:47:25 | 000,061,960 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2010.10.31 19:47:25 | 000,051,992 | ---- | C] (AVIRA GmbH) -- C:\Windows\System32\drivers\avgntdd.sys
[2010.10.31 19:47:25 | 000,017,016 | ---- | C] (AVIRA GmbH) -- C:\Windows\System32\drivers\avgntmgr.sys
[2010.10.31 19:47:23 | 000,000,000 | ---D | C] -- C:\Programme\Avira
[2010.10.31 12:35:33 | 000,000,000 | ---D | C] -- C:\Users\philipp\AppData\Roaming\AVS4YOU
[2010.10.31 12:30:54 | 000,000,000 | ---D | C] -- C:\ProgramData\AVS4YOU
[2010.10.31 12:30:38 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml3a.dll
[2010.10.31 12:30:38 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\AVSMedia
[2010.10.31 12:30:37 | 000,000,000 | ---D | C] -- C:\Programme\AVS4YOU
[2010.10.31 12:26:49 | 000,000,000 | ---D | C] -- C:\AudioSuite
[2010.10.31 12:24:34 | 000,000,000 | ---D | C] -- C:\Programme\Audio Recorder Pro
[2010.10.31 01:38:10 | 000,000,000 | ---D | C] -- C:\Users\philipp\AppData\Local\reakktor
[2010.10.31 01:38:07 | 000,000,000 | ---D | C] -- C:\Users\philipp\Documents\Reakktor Media
[2010.10.30 18:11:37 | 000,000,000 | ---D | C] -- C:\Programme\Medion
[2010.10.30 15:50:00 | 000,000,000 | ---D | C] -- C:\Medion2
[2010.10.30 15:36:31 | 000,094,208 | ---- | C] (Winbond Electronics Corporation) -- C:\Windows\System32\wb9967.dll
[2010.10.30 15:36:31 | 000,016,840 | ---- | C] (Winbond Electronics Crop.) -- C:\Windows\System32\W9967usd.dll
[2010.10.30 15:36:31 | 000,015,360 | ---- | C] (Winbond Electronics Crop.) -- C:\Windows\System32\w67_ctom.ax
[2010.10.30 15:36:31 | 000,010,256 | ---- | C] (Winbond Electronics Crop.) -- C:\Windows\System32\drivers\W9967sti.sys
[2010.10.30 15:36:30 | 000,376,832 | ---- | C] (Winbond Electronics Corp.) -- C:\Windows\System32\DsTW9968.dll
[2010.10.30 15:36:30 | 000,122,880 | ---- | C] (Winbond) -- C:\Windows\System32\Dxcam68.dll
[2010.10.30 15:36:30 | 000,000,000 | ---D | C] -- C:\Medion1
[2010.10.30 14:58:49 | 000,114,144 | ---- | C] (Winbond Electronics Crop.) -- C:\Windows\System32\drivers\2kw9967.sys
[2010.10.30 14:58:49 | 000,000,000 | ---D | C] -- C:\Medion
[2010.10.29 17:32:47 | 000,641,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CPFilters.dll
[2010.10.29 17:32:47 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdri.dll
[2010.10.29 17:32:47 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
[2010.10.29 17:32:47 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2010.10.29 17:32:36 | 000,026,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Diskdump.sys
[4 C:\Windows\System32\drivers\*.tmp files -> C:\Windows\System32\drivers\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010.11.27 11:06:12 | 000,016,944 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.11.27 11:06:12 | 000,016,944 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.11.27 11:00:00 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.11.27 10:58:56 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.11.27 10:58:56 | 000,000,294 | -H-- | M] () -- C:\Windows\tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job
[2010.11.27 10:58:45 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.11.27 10:58:43 | 2817,384,448 | -HS- | M] () -- C:\hiberfil.sys
[2010.11.27 10:25:54 | 000,000,979 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.11.27 01:59:32 | 000,001,123 | ---- | M] () -- C:\Users\Public\Desktop\TorrentBitch.lnk
[2010.11.26 23:25:32 | 000,138,184 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2010.11.26 23:25:12 | 000,215,016 | ---- | M] () -- C:\Windows\System32\PnkBstrB.xtr
[2010.11.26 21:13:47 | 000,001,043 | ---- | M] () -- C:\Users\philipp\Desktop\PATRIZIER II Gold starten.lnk
[2010.11.26 19:39:01 | 000,001,875 | ---- | M] () -- C:\Users\philipp\Desktop\Drakensang.lnk
[2010.11.26 17:00:02 | 000,007,621 | ---- | M] () -- C:\Users\philipp\AppData\Local\Resmon.ResmonCfg
[2010.11.26 16:44:55 | 000,061,960 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2010.11.23 22:43:20 | 000,301,816 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.11.21 18:09:27 | 000,706,600 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010.11.21 18:09:27 | 000,660,218 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.11.21 18:09:27 | 000,152,192 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010.11.21 18:09:27 | 000,124,408 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.11.14 09:20:34 | 000,002,182 | ---- | M] () -- C:\Users\philipp\Desktop\Der Herr der Ringe Online.lnk
[2010.11.13 15:29:47 | 000,001,149 | ---- | M] () -- C:\Users\philipp\Desktop\RACE 07 Offline.lnk
[2010.11.10 19:19:08 | 000,000,202 | -H-- | M] () -- C:\Windows\tasks\{62C40AA6-4406-467a-A5A5-DFDF1B559B7A}.job
[2010.11.08 19:15:14 | 000,001,416 | ---- | M] () -- C:\Users\Public\Desktop\Gothic 3 - Götterdämmerung.lnk
[2010.11.08 19:15:14 | 000,001,169 | ---- | M] () -- C:\Users\Public\Desktop\Gothic 3.lnk
[2010.11.04 17:35:02 | 000,001,216 | ---- | M] () -- C:\Users\Public\Desktop\EA Download Manager.lnk
[2010.11.04 17:28:32 | 000,126,856 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2010.11.01 17:09:36 | 000,001,159 | ---- | M] () -- C:\Users\philipp\Desktop\AVS Audio Editor.lnk
[2010.10.31 21:25:18 | 000,087,352 | ---- | M] () -- C:\Users\philipp\Documents\NR-20101031-001.mp3
[2010.10.31 19:47:45 | 000,002,012 | ---- | M] () -- C:\Users\Public\Desktop\Herbert.lnk
[2010.10.31 19:18:33 | 000,000,194 | ---- | M] () -- C:\Users\philipp\AppData\Roaming\dkfjasdfshd.bat
[2010.10.31 12:35:35 | 000,001,183 | ---- | M] () -- C:\Users\philipp\Desktop\AVS Ringtone Maker.lnk
[2010.10.31 12:30:42 | 000,001,183 | ---- | M] () -- C:\Users\philipp\Desktop\AVS Audio Recorder.lnk
[2010.10.30 15:54:19 | 000,011,709 | ---- | M] () -- C:\Users\philipp\Documents\Entschuldigung The Wave.odt
[2010.10.30 07:42:45 | 278,384,397 | ---- | M] () -- C:\Windows\MEMORY.DMP
[4 C:\Windows\System32\drivers\*.tmp files -> C:\Windows\System32\drivers\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.11.27 10:25:54 | 000,000,979 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.11.27 01:59:32 | 000,001,123 | ---- | C] () -- C:\Users\Public\Desktop\TorrentBitch.lnk
[2010.11.26 21:11:20 | 000,001,043 | ---- | C] () -- C:\Users\philipp\Desktop\PATRIZIER II Gold starten.lnk
[2010.11.26 19:39:01 | 000,001,875 | ---- | C] () -- C:\Users\philipp\Desktop\Drakensang.lnk
[2010.11.23 22:31:23 | 000,027,648 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll
[2010.11.23 22:29:00 | 000,051,712 | RHS- | C] () -- C:\Windows\System32\RLSpeexDec.ax
[2010.11.23 22:28:59 | 000,107,520 | RHS- | C] () -- C:\Windows\System32\RLMPCDec.ax
[2010.11.23 22:28:59 | 000,070,656 | RHS- | C] () -- C:\Windows\System32\RLAPEDec.ax
[2010.11.23 22:28:58 | 000,120,832 | RHS- | C] () -- C:\Windows\System32\MPCDx.ax
[2010.11.23 22:28:57 | 000,175,104 | RHS- | C] () -- C:\Windows\System32\CoreAAC.ax
[2010.11.23 22:28:57 | 000,097,280 | RHS- | C] () -- C:\Windows\System32\FLACDX.ax
[2010.11.23 22:28:56 | 000,227,328 | RHS- | C] () -- C:\Windows\System32\ac3DX.ax
[2010.11.23 22:28:56 | 000,081,920 | RHS- | C] () -- C:\Windows\System32\aac_parser.ax
[2010.11.14 09:20:34 | 000,002,182 | ---- | C] () -- C:\Users\philipp\Desktop\Der Herr der Ringe Online.lnk
[2010.11.13 15:29:47 | 000,001,149 | ---- | C] () -- C:\Users\philipp\Desktop\RACE 07 Offline.lnk
[2010.11.08 19:15:14 | 000,001,416 | ---- | C] () -- C:\Users\Public\Desktop\Gothic 3 - Götterdämmerung.lnk
[2010.11.08 19:15:14 | 000,001,169 | ---- | C] () -- C:\Users\Public\Desktop\Gothic 3.lnk
[2010.11.04 17:35:02 | 000,001,216 | ---- | C] () -- C:\Users\Public\Desktop\EA Download Manager.lnk
[2010.11.01 17:09:36 | 000,001,159 | ---- | C] () -- C:\Users\philipp\Desktop\AVS Audio Editor.lnk
[2010.10.31 21:25:12 | 000,087,352 | ---- | C] () -- C:\Users\philipp\Documents\NR-20101031-001.mp3
[2010.10.31 19:47:45 | 000,002,012 | ---- | C] () -- C:\Users\Public\Desktop\Herbert.lnk
[2010.10.31 19:11:40 | 000,000,194 | ---- | C] () -- C:\Users\philipp\AppData\Roaming\dkfjasdfshd.bat
[2010.10.31 16:33:13 | 000,000,294 | -H-- | C] () -- C:\Windows\tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job
[2010.10.31 16:33:05 | 000,000,202 | -H-- | C] () -- C:\Windows\tasks\{62C40AA6-4406-467a-A5A5-DFDF1B559B7A}.job
[2010.10.31 12:35:35 | 000,001,183 | ---- | C] () -- C:\Users\philipp\Desktop\AVS Ringtone Maker.lnk
[2010.10.31 12:30:42 | 000,001,183 | ---- | C] () -- C:\Users\philipp\Desktop\AVS Audio Recorder.lnk
[2010.10.30 18:11:38 | 000,036,352 | ---- | C] () -- C:\Windows\Amcap.exe
[2010.10.30 15:54:16 | 000,011,709 | ---- | C] () -- C:\Users\philipp\Documents\Entschuldigung The Wave.odt
[2010.10.30 15:36:31 | 000,107,780 | ---- | C] () -- C:\Windows\System32\wb67ext.dll
[2010.10.30 15:36:30 | 000,094,208 | ---- | C] () -- C:\Windows\System32\Bmpproc.dll
[2010.09.05 10:41:39 | 000,000,601 | ---- | C] () -- C:\Users\philipp\AppData\Roaming\testtool.ini
[2010.08.09 23:31:41 | 000,138,184 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2010.07.15 21:59:33 | 001,970,176 | ---- | C] () -- C:\Windows\System32\d3dx9.dll
[2010.06.19 08:17:55 | 000,043,520 | ---- | C] () -- C:\Windows\System32\CmdLineExt03.dll
[2010.06.05 22:19:00 | 000,076,407 | ---- | C] () -- C:\Users\philipp\AppData\Roaming\Smiley.ico
[2010.02.17 13:59:51 | 000,000,858 | ---- | C] () -- C:\Windows\client.config.ini
[2010.02.08 17:11:33 | 000,000,399 | ---- | C] () -- C:\Windows\vtplus32.ini
[2010.02.08 17:11:23 | 000,000,209 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2010.02.08 17:11:23 | 000,000,135 | ---- | C] () -- C:\Windows\ODBC.INI
[2010.02.08 17:11:22 | 000,159,744 | ---- | C] () -- C:\Windows\System32\hcwChDB.dll
[2010.02.08 17:11:22 | 000,065,536 | ---- | C] () -- C:\Windows\System32\dmcrypto.dll
[2010.02.08 17:11:00 | 000,001,926 | ---- | C] () -- C:\Windows\HCWPNP.INI
[2010.02.08 17:07:40 | 000,040,960 | ---- | C] () -- C:\Windows\System32\hcwxds.dll
[2010.02.08 09:07:16 | 000,000,070 | ---- | C] () -- C:\Windows\dbinside.ini
[2010.01.29 21:41:32 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.01.29 21:09:09 | 000,000,095 | ---- | C] () -- C:\Users\philipp\AppData\Local\fusioncache.dat
[2010.01.29 21:07:56 | 000,155,528 | ---- | C] () -- C:\Users\philipp\AppData\Roaming\Patch-Master.exe1.dat
[2010.01.29 21:07:56 | 000,138,056 | ---- | C] () -- C:\Users\philipp\AppData\Roaming\PnkBstrK.sys
[2010.01.29 21:07:56 | 000,045,528 | ---- | C] () -- C:\Users\philipp\AppData\Roaming\Patch-Master.exe2.dat
[2010.01.29 21:07:56 | 000,043,504 | ---- | C] () -- C:\Users\philipp\AppData\Roaming\Patch-Master.exe0.dat
[2010.01.29 21:07:56 | 000,027,252 | ---- | C] () -- C:\Users\philipp\AppData\Roaming\Patch-Master.exe3.dat
[2010.01.29 20:28:42 | 000,007,621 | ---- | C] () -- C:\Users\philipp\AppData\Local\Resmon.ResmonCfg
[2009.07.14 00:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009.06.26 17:21:02 | 000,015,498 | ---- | C] () -- C:\Windows\VX1000.ini
[2008.12.11 21:38:34 | 000,042,320 | ---- | C] () -- C:\Windows\System32\xfcodec.dll
[2007.07.22 16:39:26 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2007.07.22 16:39:26 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2007.07.22 16:39:26 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2007.07.22 16:39:26 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2007.07.22 16:39:26 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2007.07.22 16:39:26 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2007.07.22 16:39:26 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2007.07.22 16:39:26 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2007.07.22 16:39:26 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2007.06.25 19:34:26 | 000,070,400 | ---- | C] () -- C:\Windows\System32\PhysXLoader.dll
[2005.04.08 03:16:43 | 000,015,057 | -H-- | C] () -- C:\Users\philipp\AppData\Roaming\logs.dat
[2003.08.07 20:01:50 | 000,237,568 | ---- | C] () -- C:\Windows\System32\lame_enc.dll
[1997.06.14 12:56:08 | 000,056,832 | ---- | C] () -- C:\Windows\System32\iyvu9_32.dll

========== LOP Check ==========

[2010.09.05 10:41:39 | 000,000,000 | ---D | M] -- C:\Users\philipp\AppData\Roaming\.oootesttool
[2010.02.19 07:30:04 | 000,000,000 | ---D | M] -- C:\Users\philipp\AppData\Roaming\.purple
[2010.01.29 21:07:56 | 000,000,000 | ---D | M] -- C:\Users\philipp\AppData\Roaming\Actecom
[2010.01.29 21:07:56 | 000,000,000 | ---D | M] -- C:\Users\philipp\AppData\Roaming\Ankh
[2010.03.17 12:04:26 | 000,000,000 | ---D | M] -- C:\Users\philipp\AppData\Roaming\Ankh - Heart of Osiris
[2010.11.27 09:28:24 | 000,000,000 | ---D | M] -- C:\Users\philipp\AppData\Roaming\Babylon
[2010.01.29 21:07:57 | 000,000,000 | ---D | M] -- C:\Users\philipp\AppData\Roaming\Black Sea Studios
[2010.02.12 15:31:00 | 000,000,000 | ---D | M] -- C:\Users\philipp\AppData\Roaming\dBpoweramp
[2009.12.30 07:49:13 | 000,000,000 | ---D | M] -- C:\Users\philipp\AppData\Roaming\FOG Downloader
[2010.02.12 15:34:26 | 000,000,000 | ---D | M] -- C:\Users\philipp\AppData\Roaming\foobar2000
[2010.11.25 23:43:08 | 000,000,000 | ---D | M] -- C:\Users\philipp\AppData\Roaming\GetRightToGo
[2010.02.08 00:17:02 | 000,000,000 | ---D | M] -- C:\Users\philipp\AppData\Roaming\Glory of the Roman Empire
[2010.11.23 19:06:26 | 000,000,000 | ---D | M] -- C:\Users\philipp\AppData\Roaming\ICQ
[2010.07.22 12:46:31 | 000,000,000 | ---D | M] -- C:\Users\philipp\AppData\Roaming\Imperium Romanum
[2010.05.11 18:04:58 | 000,000,000 | ---D | M] -- C:\Users\philipp\AppData\Roaming\install
[2010.02.12 15:24:44 | 000,000,000 | ---D | M] -- C:\Users\philipp\AppData\Roaming\NCH Swift Sound
[2010.07.15 21:59:40 | 000,000,000 | ---D | M] -- C:\Users\philipp\AppData\Roaming\OpenCandy
[2010.03.06 15:56:16 | 000,000,000 | ---D | M] -- C:\Users\philipp\AppData\Roaming\OpenOffice.org
[2010.01.29 21:09:01 | 000,000,000 | ---D | M] -- C:\Users\philipp\AppData\Roaming\PC Suite
[2010.01.30 21:27:43 | 000,000,000 | ---D | M] -- C:\Users\philipp\AppData\Roaming\Recordpad
[2010.01.29 21:09:01 | 000,000,000 | ---D | M] -- C:\Users\philipp\AppData\Roaming\Samsung
[2010.07.15 08:21:23 | 000,000,000 | ---D | M] -- C:\Users\philipp\AppData\Roaming\Subversion
[2010.06.19 08:17:18 | 000,000,000 | ---D | M] -- C:\Users\philipp\AppData\Roaming\Teeworlds
[2010.01.29 21:09:03 | 000,000,000 | ---D | M] -- C:\Users\philipp\AppData\Roaming\TomTom
[2010.01.29 21:09:05 | 000,000,000 | ---D | M] -- C:\Users\philipp\AppData\Roaming\TS3Client
[2010.04.22 14:15:46 | 000,000,000 | ---D | M] -- C:\Users\philipp\AppData\Roaming\Ubisoft
[2010.07.15 22:00:16 | 000,000,000 | ---D | M] -- C:\Users\philipp\AppData\Roaming\Uniblue
[2010.06.14 18:24:41 | 000,000,000 | ---D | M] -- C:\Users\philipp\AppData\Roaming\Windows Live Writer
[2010.10.06 14:40:38 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010.11.10 19:19:08 | 000,000,202 | -H-- | M] () -- C:\Windows\Tasks\{62C40AA6-4406-467a-A5A5-DFDF1B559B7A}.job
[2010.11.27 10:58:56 | 000,000,294 | -H-- | M] () -- C:\Windows\Tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:80337C03

< End of report >

Extras.txt

nter bekommen gejht nur wenn OTL logfile created on: 27.11.2010 11:05:16 - Run 2
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\philipp\Downloads
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 62,00% Memory free
7,00 Gb Paging File | 6,00 Gb Available in Paging File | 79,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232,79 Gb Total Space | 6,73 Gb Free Space | 2,89% Space Free | Partition Type: NTFS
Drive D: | 73,98 Gb Total Space | 57,58 Gb Free Space | 77,84% Space Free | Partition Type: NTFS
Drive E: | 7,47 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

Computer Name: PHILIPP-PC | User Name: philipp | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\philipp\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\Mozilla Firefox\plugin-container.exe (Mozilla Corporation)
PRC - C:\Programme\Pando Networks\Media Booster\PMB.exe ()
PRC - C:\Programme\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
PRC - C:\Programme\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
PRC - C:\Programme\TortoiseSVN\bin\TSVNCache.exe (hxxp://tortoisesvn.net)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Programme\iMesh Applications\MediaBar\DataMngr\DataMngrUI.exe (iMesh, Inc)
PRC - C:\Programme\buffed\BLASC.exe (Computec Media AG)
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\Programme\ICQ6Toolbar\ICQ Service.exe ()
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft LifeCam\MSCamS32.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Windows\System32\sppsvc.exe (Microsoft Corporation)
PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)
PRC - C:\Windows\vVX1000.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)


========== Modules (SafeList) ==========

MOD - C:\Users\philipp\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation)
MOD - C:\Windows\System32\sspicli.dll (Microsoft Corporation)
MOD - C:\Windows\System32\sechost.dll (Microsoft Corporation)
MOD - C:\Windows\System32\samcli.dll (Microsoft Corporation)
MOD - C:\Windows\System32\profapi.dll (Microsoft Corporation)
MOD - C:\Windows\System32\netutils.dll (Microsoft Corporation)
MOD - C:\Windows\System32\KernelBase.dll (Microsoft Corporation)
MOD - C:\Windows\System32\dwmapi.dll (Microsoft Corporation)
MOD - C:\Windows\System32\devobj.dll (Microsoft Corporation)
MOD - C:\Windows\System32\cryptbase.dll (Microsoft Corporation)
MOD - C:\Windows\System32\cfgmgr32.dll (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (Akamai) -- c:\Programme\Common Files\Akamai\netsession_win_4176eef.dll ()
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (TomTomHOMEService) -- C:\Programme\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
SRV - (Stereo Service) -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (NetTcpPortSharing) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation)
SRV - (NetTcpActivator) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation)
SRV - (NetPipeActivator) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation)
SRV - (NetMsmqActivator) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation)
SRV - (ICQ Service) -- C:\Programme\ICQ6Toolbar\ICQ Service.exe ()
SRV - (fsssvc) -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe (Microsoft Corporation)
SRV - (MSCamSvc) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe (Microsoft Corporation)
SRV - (WwanSvc) -- C:\Windows\System32\wwansvc.dll (Microsoft Corporation)
SRV - (WbioSrvc) -- C:\Windows\System32\wbiosrvc.dll (Microsoft Corporation)
SRV - (Power) -- C:\Windows\System32\umpo.dll (Microsoft Corporation)
SRV - (Themes) -- C:\Windows\System32\themeservice.dll (Microsoft Corporation)
SRV - (sppuinotify) -- C:\Windows\System32\sppuinotify.dll (Microsoft Corporation)
SRV - (RpcEptMapper) -- C:\Windows\System32\RpcEpMap.dll (Microsoft Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
SRV - (PNRPsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation)
SRV - (p2pimsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation)
SRV - (HomeGroupProvider) -- C:\Windows\System32\provsvc.dll (Microsoft Corporation)
SRV - (PNRPAutoReg) -- C:\Windows\System32\pnrpauto.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (HomeGroupListener) -- C:\Windows\System32\ListSvc.dll (Microsoft Corporation)
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (Dhcp) -- C:\Windows\System32\dhcpcore.dll (Microsoft Corporation)
SRV - (defragsvc) -- C:\Windows\System32\defragsvc.dll (Microsoft Corporation)
SRV - (BDESVC) -- C:\Windows\System32\bdesvc.dll (Microsoft Corporation)
SRV - (AxInstSV) ActiveX-Installer (AxInstSV) -- C:\Windows\System32\AxInstSv.dll (Microsoft Corporation)
SRV - (AppIDSvc) -- C:\Windows\System32\appidsvc.dll (Microsoft Corporation)
SRV - (sppsvc) -- C:\Windows\System32\sppsvc.exe (Microsoft Corporation)
SRV - (SeaPort) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV - (hcw85cir) -- C:\Windows\System32\drivers\hcw85cir.sys File not found
DRV - (EagleNT) -- C:\Windows\System32\drivers\EagleNT.sys File not found
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (MBAMSwissArmy) -- C:\Windows\System32\drivers\mbamswissarmy.sys (Malwarebytes Corporation)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (NCHSSVAD) SoundTap Recorder (32 Bit) -- C:\Windows\System32\drivers\nchssvad.sys (NCH Swift Sound)
DRV - (KSecPkg) -- C:\Windows\System32\Drivers\ksecpkg.sys (Microsoft Corporation)
DRV - (BthAvrcp) -- C:\Windows\System32\drivers\BthAvrcp.sys (CSR, plc)
DRV - (fssfltr) -- C:\Windows\System32\drivers\fssfltr.sys (Microsoft Corporation)
DRV - (cmdide) -- C:\Windows\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.)
DRV - (adpahci) -- C:\Windows\system32\DRIVERS\adpahci.sys (Adaptec, Inc.)
DRV - (adp94xx) -- C:\Windows\system32\DRIVERS\adp94xx.sys (Adaptec, Inc.)
DRV - (amdsbs) -- C:\Windows\system32\DRIVERS\amdsbs.sys (AMD Technologies Inc.)
DRV - (adpu320) -- C:\Windows\system32\DRIVERS\adpu320.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\DRIVERS\arcsas.sys (Adaptec, Inc.)
DRV - (amdsata) -- C:\Windows\system32\DRIVERS\amdsata.sys (Advanced Micro Devices)
DRV - (arc) -- C:\Windows\system32\DRIVERS\arc.sys (Adaptec, Inc.)
DRV - (amdxata) -- C:\Windows\system32\DRIVERS\amdxata.sys (Advanced Micro Devices)
DRV - (aliide) -- C:\Windows\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)
DRV - (nvstor) -- C:\Windows\system32\DRIVERS\nvstor.sys (NVIDIA Corporation)
DRV - (nvraid) -- C:\Windows\system32\DRIVERS\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) -- C:\Windows\system32\DRIVERS\nfrd960.sys (IBM Corporation)
DRV - (LSI_SAS) -- C:\Windows\system32\DRIVERS\lsi_sas.sys (LSI Corporation)
DRV - (iaStorV) -- C:\Windows\system32\DRIVERS\iaStorV.sys (Intel Corporation)
DRV - (MegaSR) -- C:\Windows\system32\DRIVERS\MegaSR.sys (LSI Corporation, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\DRIVERS\lsi_scsi.sys (LSI Corporation)
DRV - (LSI_FC) -- C:\Windows\system32\DRIVERS\lsi_fc.sys (LSI Corporation)
DRV - (LSI_SAS2) -- C:\Windows\system32\DRIVERS\lsi_sas2.sys (LSI Corporation)
DRV - (iirsp) -- C:\Windows\system32\DRIVERS\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (megasas) -- C:\Windows\system32\DRIVERS\megasas.sys (LSI Corporation)
DRV - (hwpolicy) -- C:\Windows\System32\drivers\hwpolicy.sys (Microsoft Corporation)
DRV - (elxstor) -- C:\Windows\system32\DRIVERS\elxstor.sys (Emulex)
DRV - (aic78xx) -- C:\Windows\system32\DRIVERS\djsvs.sys (Adaptec, Inc.)
DRV - (HpSAMD) -- C:\Windows\system32\DRIVERS\HpSAMD.sys (Hewlett-Packard Company)
DRV - (FsDepends) -- C:\Windows\System32\drivers\fsdepends.sys (Microsoft Corporation)
DRV - (vsmraid) -- C:\Windows\system32\DRIVERS\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (vmbus) -- C:\Windows\system32\DRIVERS\vmbus.sys (Microsoft Corporation)
DRV - (vhdmp) -- C:\Windows\system32\DRIVERS\vhdmp.sys (Microsoft Corporation)
DRV - (storflt) -- C:\Windows\system32\DRIVERS\vmstorfl.sys (Microsoft Corporation)
DRV - (vdrvroot) -- C:\Windows\system32\DRIVERS\vdrvroot.sys (Microsoft Corporation)
DRV - (storvsc) -- C:\Windows\system32\DRIVERS\storvsc.sys (Microsoft Corporation)
DRV - (WIMMount) -- C:\Windows\System32\drivers\wimmount.sys (Microsoft Corporation)
DRV - (viaide) -- C:\Windows\system32\DRIVERS\viaide.sys (VIA Technologies, Inc.)
DRV - (ql2300) -- C:\Windows\system32\DRIVERS\ql2300.sys (QLogic Corporation)
DRV - (rdyboost) -- C:\Windows\System32\drivers\rdyboost.sys (Microsoft Corporation)
DRV - (ql40xx) -- C:\Windows\system32\DRIVERS\ql40xx.sys (QLogic Corporation)
DRV - (SiSRaid4) -- C:\Windows\system32\DRIVERS\sisraid4.sys (Silicon Integrated Systems)
DRV - (pcw) -- C:\Windows\System32\drivers\pcw.sys (Microsoft Corporation)
DRV - (SiSRaid2) -- C:\Windows\system32\DRIVERS\SiSRaid2.sys (Silicon Integrated Systems Corp.)
DRV - (stexstor) -- C:\Windows\system32\DRIVERS\stexstor.sys (Promise Technology)
DRV - (CNG) -- C:\Windows\System32\Drivers\cng.sys (Microsoft Corporation)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\System32\Drivers\Brserid.sys (Brother Industries Ltd.)
DRV - (rdpbus) -- C:\Windows\System32\drivers\rdpbus.sys (Microsoft Corporation)
DRV - (RDPREFMP) -- C:\Windows\System32\drivers\RDPREFMP.sys (Microsoft Corporation)
DRV - (RasAgileVpn) WAN Miniport (IKEv2) -- C:\Windows\System32\drivers\agilevpn.sys (Microsoft Corporation)
DRV - (WfpLwf) -- C:\Windows\System32\drivers\wfplwf.sys (Microsoft Corporation)
DRV - (NdisCap) -- C:\Windows\System32\drivers\ndiscap.sys (Microsoft Corporation)
DRV - (vwifibus) -- C:\Windows\System32\drivers\vwifibus.sys (Microsoft Corporation)
DRV - (1394ohci) -- C:\Windows\system32\DRIVERS\1394ohci.sys (Microsoft Corporation)
DRV - (UmPass) -- C:\Windows\system32\DRIVERS\umpass.sys (Microsoft Corporation)
DRV - (usbaudio) USB-Audiotreiber (WDM) -- C:\Windows\System32\drivers\USBAUDIO.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (mshidkmdf) -- C:\Windows\System32\drivers\mshidkmdf.sys (Microsoft Corporation)
DRV - (MTConfig) -- C:\Windows\system32\DRIVERS\MTConfig.sys (Microsoft Corporation)
DRV - (CompositeBus) -- C:\Windows\System32\drivers\CompositeBus.sys (Microsoft Corporation)
DRV - (AppID) -- C:\Windows\system32\drivers\appid.sys (Microsoft Corporation)
DRV - (scfilter) -- C:\Windows\System32\drivers\scfilter.sys (Microsoft Corporation)
DRV - (s3cap) -- C:\Windows\system32\DRIVERS\vms3cap.sys (Microsoft Corporation)
DRV - (VMBusHID) -- C:\Windows\system32\DRIVERS\VMBusHID.sys (Microsoft Corporation)
DRV - (discache) -- C:\Windows\System32\drivers\discache.sys (Microsoft Corporation)
DRV - (AcpiPmi) -- C:\Windows\system32\DRIVERS\acpipmi.sys (Microsoft Corporation)
DRV - (AmdPPM) -- C:\Windows\system32\DRIVERS\amdppm.sys (Microsoft Corporation)
DRV - (BrUsbMdm) -- C:\Windows\System32\Drivers\BrUsbMdm.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\System32\Drivers\BrUsbSer.sys (Brother Industries Ltd.)
DRV - (BrSerWdm) -- C:\Windows\System32\Drivers\BrSerWdm.sys (Brother Industries Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\DRIVERS\BrFiltLo.sys (Brother Industries, Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\DRIVERS\BrFiltUp.sys (Brother Industries, Ltd.)
DRV - (b57nd60x) -- C:\Windows\System32\drivers\b57nd60x.sys (Broadcom Corporation)
DRV - (ebdrv) -- C:\Windows\system32\DRIVERS\evbdx.sys (Broadcom Corporation)
DRV - (b06bdrv) -- C:\Windows\system32\DRIVERS\bxvbdx.sys (Broadcom Corporation)
DRV - (VX1000) -- C:\Windows\System32\drivers\VX1000.sys (Microsoft Corporation)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (RTL8167) -- C:\Windows\System32\drivers\Rt86win7.sys (Realtek Corporation )
DRV - (HCW88TSE) -- C:\Windows\System32\drivers\hcw88tse.sys (Hauppauge Computer Works, Inc)
DRV - (hcw88bda) -- C:\Windows\System32\drivers\hcw88bda.sys (Hauppauge Computer Works, Inc)
DRV - (USBW9967) -- C:\Windows\System32\drivers\2kw9967.sys (Winbond Electronics Crop.)
DRV - (HWIONT) -- C:\Programme\MoreTV.353\Hwiont.sys (The freeware company)
DRV - (W9967CAM) -- C:\Windows\system32\DRIVERS\W9967STI.SYS (Winbond Electronics Crop.)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {51a86bb3-6602-4c85-92a5-130ee4864f13} - C:\Programme\BrotherSoft_Extreme\tbBrot.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\20101101171951\ICQToolBar.dll (ICQ)
IE - HKLM\..\URLSearchHook: {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Programme\MyAshampoo\tbMyAs.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {dfabc5b5-039b-4865-979a-de31cdf3e351} - C:\Programme\Media_Star\tbMedi.dll (Conduit Ltd.)

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2626277
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 58 37 46 FE 7B A7 CA 01 [binary data]
IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {51a86bb3-6602-4c85-92a5-130ee4864f13} - C:\Programme\BrotherSoft_Extreme\tbBrot.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\20101101171951\ICQToolBar.dll (ICQ)
IE - HKCU\..\URLSearchHook: {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Programme\MyAshampoo\tbMyAs.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {dfabc5b5-039b-4865-979a-de31cdf3e351} - C:\Programme\Media_Star\tbMedi.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:23012

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaultthis.engineName: "MyAshampoo Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2475029&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "iMesh Web Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.blackskulls.eu/index.php?site=forum"
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:2.0.0.6
FF - prefs.js..extensions.enabledItems: {28D35620-51D9-11DE-9D13-2DB156D89593}:3.1
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
FF - prefs.js..extensions.enabledItems: battlefieldheroespatcher@ea.com:5.0.31.0
FF - prefs.js..extensions.enabledItems: {a1e75a0e-4397-4ba8-bb50-e19fb66890f4}:2.5.6.0
FF - prefs.js..extensions.enabledItems: ffxtlbr@babylon.com:1.1.2
FF - prefs.js..extensions.enabledItems: {51a86bb3-6602-4c85-92a5-130ee4864f13}:3.1.0.12
FF - prefs.js..keyword.URL: "hxxp://utils.babylon.com/abt/index.php?url="


FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.11.01 18:05:18 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.11.01 18:05:18 | 000,000,000 | ---D | M]

[2010.01.29 21:23:03 | 000,000,000 | ---D | M] -- C:\Users\philipp\AppData\Roaming\mozilla\Extensions
[2009.11.09 18:23:11 | 000,000,000 | ---D | M] -- C:\Users\philipp\AppData\Roaming\mozilla\Extensions\home2@tomtom.com
[2010.11.27 10:27:56 | 000,000,000 | ---D | M] -- C:\Users\philipp\AppData\Roaming\mozilla\Firefox\Profiles\d6ouxncv.default\extensions
[2010.06.05 22:19:09 | 000,000,000 | ---D | M] (MediaBar) -- C:\Users\philipp\AppData\Roaming\mozilla\Firefox\Profiles\d6ouxncv.default\extensions\{28D35620-51D9-11DE-9D13-2DB156D89593}
[2010.11.25 23:42:38 | 000,000,000 | ---D | M] (BrotherSoft Extreme Community Toolbar) -- C:\Users\philipp\AppData\Roaming\mozilla\Firefox\Profiles\d6ouxncv.default\extensions\{51a86bb3-6602-4c85-92a5-130ee4864f13}
[2010.06.26 10:47:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\philipp\AppData\Roaming\mozilla\Firefox\Profiles\d6ouxncv.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010.10.10 15:26:59 | 000,000,000 | ---D | M] (MyAshampoo Toolbar) -- C:\Users\philipp\AppData\Roaming\mozilla\Firefox\Profiles\d6ouxncv.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}
[2010.10.08 21:19:49 | 000,000,000 | ---D | M] -- C:\Users\philipp\AppData\Roaming\mozilla\Firefox\Profiles\d6ouxncv.default\extensions\battlefieldheroespatcher@ea.com
[2010.11.23 22:26:15 | 000,000,000 | ---D | M] -- C:\Users\philipp\AppData\Roaming\mozilla\Firefox\Profiles\d6ouxncv.default\extensions\ffxtlbr@babylon.com
[2010.01.30 05:32:30 | 000,002,163 | ---- | M] () -- C:\Users\philipp\AppData\Roaming\Mozilla\FireFox\Profiles\d6ouxncv.default\searchplugins\bing.xml
[2010.09.16 18:48:08 | 000,000,941 | ---- | M] () -- C:\Users\philipp\AppData\Roaming\Mozilla\FireFox\Profiles\d6ouxncv.default\searchplugins\conduit.xml
[2010.11.22 18:22:06 | 000,000,950 | ---- | M] () -- C:\Users\philipp\AppData\Roaming\Mozilla\FireFox\Profiles\d6ouxncv.default\searchplugins\icqplugin-1.xml
[2010.04.03 09:57:44 | 000,000,950 | ---- | M] () -- C:\Users\philipp\AppData\Roaming\Mozilla\FireFox\Profiles\d6ouxncv.default\searchplugins\icqplugin-2.xml
[2010.06.06 03:09:46 | 000,000,950 | ---- | M] () -- C:\Users\philipp\AppData\Roaming\Mozilla\FireFox\Profiles\d6ouxncv.default\searchplugins\icqplugin-3.xml
[2010.06.28 15:40:31 | 000,000,950 | ---- | M] () -- C:\Users\philipp\AppData\Roaming\Mozilla\FireFox\Profiles\d6ouxncv.default\searchplugins\icqplugin-4.xml
[2010.07.31 12:13:02 | 000,000,950 | ---- | M] () -- C:\Users\philipp\AppData\Roaming\Mozilla\FireFox\Profiles\d6ouxncv.default\searchplugins\icqplugin-5.xml
[2010.10.02 14:49:28 | 000,000,950 | ---- | M] () -- C:\Users\philipp\AppData\Roaming\Mozilla\FireFox\Profiles\d6ouxncv.default\searchplugins\icqplugin-6.xml
[2010.10.04 18:05:44 | 000,000,950 | ---- | M] () -- C:\Users\philipp\AppData\Roaming\Mozilla\FireFox\Profiles\d6ouxncv.default\searchplugins\icqplugin-7.xml
[2010.10.25 15:59:18 | 000,000,950 | ---- | M] () -- C:\Users\philipp\AppData\Roaming\Mozilla\FireFox\Profiles\d6ouxncv.default\searchplugins\icqplugin-8.xml
[2010.11.23 22:27:36 | 000,000,950 | ---- | M] () -- C:\Users\philipp\AppData\Roaming\Mozilla\FireFox\Profiles\d6ouxncv.default\searchplugins\icqplugin-9.xml
[2010.03.19 20:01:53 | 000,000,944 | ---- | M] () -- C:\Users\philipp\AppData\Roaming\Mozilla\FireFox\Profiles\d6ouxncv.default\searchplugins\icqplugin.xml
[2010.03.24 10:34:04 | 000,002,456 | ---- | M] () -- C:\Users\philipp\AppData\Roaming\Mozilla\FireFox\Profiles\d6ouxncv.default\searchplugins\iMeshWebSearch.xml
[2010.11.27 10:27:56 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2010.08.09 23:31:43 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Programme\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010.10.02 14:49:11 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.11.23 22:26:12 | 000,002,226 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\babylon.xml
[2010.10.02 14:49:11 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.03.24 10:34:04 | 000,002,456 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\iMeshWebSearch.xml
[2010.10.02 14:49:11 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.10.02 14:49:11 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.10.02 14:49:11 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml

O1 HOSTS File: ([2009.06.10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (CescrtHlpr Object) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Programme\BabylonToolbar\BabylonToolbar\1.4.15.10\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (UrlHelper Class) - {474597C5-AB09-49d6-A4D5-2E8D7341384E} - C:\Programme\iMesh Applications\MediaBar\DataMngr\IEBHO.dll (iMesh, Inc)
O2 - BHO: (BrotherSoft Extreme Toolbar) - {51a86bb3-6602-4c85-92a5-130ee4864f13} - C:\Programme\BrotherSoft_Extreme\tbBrot.dll (Conduit Ltd.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programme\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Babylon IE plugin) - {9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} - C:\Programme\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (Babylon Ltd.)
O2 - BHO: (MyAshampoo Toolbar) - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Programme\MyAshampoo\tbMyAs.dll (Conduit Ltd.)
O2 - BHO: (MediaBar) - {ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F} - C:\Programme\iMesh Applications\MediaBar\ToolBar\iMeshMediaBarDx.dll ()
O2 - BHO: (Media Star Toolbar) - {dfabc5b5-039b-4865-979a-de31cdf3e351} - C:\Programme\Media_Star\tbMedi.dll (Conduit Ltd.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (BrotherSoft Extreme Toolbar) - {51a86bb3-6602-4c85-92a5-130ee4864f13} - C:\Programme\BrotherSoft_Extreme\tbBrot.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\20101101171951\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Programme\BabylonToolbar\BabylonToolbar\1.4.15.10\BabylonToolbarTlbr.dll (Babylon Ltd.)
O3 - HKLM\..\Toolbar: (MyAshampoo Toolbar) - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Programme\MyAshampoo\tbMyAs.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (MediaBar) - {ABB49B3B-AB7D-4ED0-9135-93FD5AA4F69F} - C:\Programme\iMesh Applications\MediaBar\ToolBar\iMeshMediaBarDx.dll ()
O3 - HKLM\..\Toolbar: (Media Star Toolbar) - {dfabc5b5-039b-4865-979a-de31cdf3e351} - C:\Programme\Media_Star\tbMedi.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Programme\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (BrotherSoft Extreme Toolbar) - {51A86BB3-6602-4C85-92A5-130EE4864F13} - C:\Programme\BrotherSoft_Extreme\tbBrot.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (MyAshampoo Toolbar) - {A1E75A0E-4397-4BA8-BB50-E19FB66890F4} - C:\Programme\MyAshampoo\tbMyAs.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Media Star Toolbar) - {DFABC5B5-039B-4865-979A-DE31CDF3E351} - C:\Programme\Media_Star\tbMedi.dll (Conduit Ltd.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe File not found
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [Babylon Client] C:\Program Files\Babylon\Babylon-Pro\Babylon.exe (Babylon Ltd.)
O4 - HKLM..\Run: [BabylonToolbar] C:\Program Files\BabylonToolbar\BabylonToolbar\1.4.15.10\BabylonToolbarsrv.exe (Babylon Ltd.)
O4 - HKLM..\Run: [DataMngr] C:\Programme\iMesh Applications\MediaBar\DataMngr\DataMngrUI.exe (iMesh, Inc)
O4 - HKLM..\Run: [LifeCam] C:\Program Files\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [VX1000] C:\Windows\vVX1000.exe (Microsoft Corporation)
O4 - HKCU..\Run: [BLASC] C:\Program Files\buffed\BLASC.exe (Computec Media AG)
O4 - HKCU..\Run: [EA Core] C:\Program Files\Electronic Arts\EADM\Core.exe File not found
O4 - HKCU..\Run: [Pando Media Booster] C:\Programme\Pando Networks\Media Booster\PMB.exe ()
O4 - HKCU..\Run: [sckbrfxs] C:\Users\philipp\AppData\Local\Temp\bxgtdtjkr\tgdsjgrtsbl.exe ()
O4 - HKCU..\Run: [Steam] C:\Program Files\Steam\Steam.exe (Valve Corporation)
O4 - HKCU..\Run: [TomTomHOME.exe] C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O4 - HKCU..\Run: [xitlmnle] C:\Users\philipp\AppData\Local\Temp\dwmudrhhi\sipxouotsbl.exe ()
O4 - Startup: C:\Users\philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
O4 - Startup: C:\Users\philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk = C:\Programme\Xfire\Xfire.exe (Xfire Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Translate this web page with Babylon - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (Babylon Ltd.)
O8 - Extra context menu item: Translate with Babylon - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (Babylon Ltd.)
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Programme\ICQ7.0\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Programme\ICQ7.0\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (Babylon Ltd.)
O9 - Extra 'Tools' menuitem : Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll (Babylon Ltd.)
O13 - gopher Prefix: missing
O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} https://www.battlefieldheroes.com/static/updater/BFHUpdater_5.0.31.0.cab (Battlefield Heroes Updater)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_19-windows-i586.cab (Java Plug-in 1.6.0_19)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\IMESHA~1\MediaBar\DataMngr\datamngr.dll) - C:\Programme\iMesh Applications\MediaBar\DataMngr\datamngr.dll (iMesh, Inc)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKCU Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - D:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010.11.27 10:27:12 | 000,000,000 | ---D | C] -- C:\Users\philipp\AppData\Roaming\Malwarebytes
[2010.11.27 10:25:51 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.11.27 10:25:50 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.11.27 10:25:50 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2010.11.27 10:25:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.11.27 02:00:24 | 000,000,000 | ---D | C] -- C:\Programme\Media_Star
[2010.11.27 01:59:28 | 000,000,000 | ---D | C] -- C:\Users\philipp\AppData\Roaming\TorrentBitch
[2010.11.27 01:59:28 | 000,000,000 | ---D | C] -- C:\Programme\TorrentBitch
[2010.11.27 01:59:28 | 000,000,000 | ---D | C] -- C:\ProgramData\TorrentBitch
[2010.11.26 21:08:35 | 000,000,000 | ---D | C] -- C:\Programme\PATRIZIER II Gold
[2010.11.26 19:18:59 | 000,000,000 | ---D | C] -- C:\Programme\Drakensang
[2010.11.25 23:42:42 | 000,000,000 | ---D | C] -- C:\Programme\ConduitEngine
[2010.11.25 23:42:40 | 000,000,000 | ---D | C] -- C:\Programme\BrotherSoft_Extreme
[2010.11.25 23:42:09 | 000,000,000 | ---D | C] -- C:\Users\philipp\AppData\Roaming\GetRightToGo
[2010.11.25 23:42:09 | 000,000,000 | ---D | C] -- C:\Users\philipp\Documents\Downloads
[2010.11.23 22:31:24 | 000,719,872 | ---- | C] (Abysmal Software) -- C:\Windows\System32\devil.dll
[2010.11.23 22:31:24 | 000,369,152 | ---- | C] (The Public) -- C:\Windows\System32\avisynth.dll
[2010.11.23 22:31:23 | 000,070,656 | ---- | C] (www.helixcommunity.org) -- C:\Windows\System32\yv12vfw.dll
[2010.11.23 22:31:23 | 000,070,656 | ---- | C] (www.helixcommunity.org) -- C:\Windows\System32\i420vfw.dll
[2010.11.23 22:31:22 | 000,000,000 | ---D | C] -- C:\Programme\AviSynth 2.5
[2010.11.23 22:29:00 | 000,092,672 | RHS- | C] (RadLight) -- C:\Windows\System32\RLVorbisDec.ax
[2010.11.23 22:29:00 | 000,090,112 | RHS- | C] (-) -- C:\Windows\System32\TTADSSplitter.ax
[2010.11.23 22:29:00 | 000,090,112 | RHS- | C] (-) -- C:\Windows\System32\TTADSDecoder.ax
[2010.11.23 22:29:00 | 000,067,584 | RHS- | C] (RadLight, LLC) -- C:\Windows\System32\RLTheoraDec.ax
[2010.11.23 22:28:59 | 000,278,528 | ---- | C] (Real Networks, Inc) -- C:\Windows\System32\pncrt.dll
[2010.11.23 22:28:59 | 000,186,880 | RHS- | C] (RadLight) -- C:\Windows\System32\RLOgg.ax
[2010.11.23 22:28:59 | 000,161,792 | RHS- | C] (Gabest) -- C:\Windows\System32\RealMediaDX.ax
[2010.11.23 22:28:58 | 000,216,064 | RHS- | C] (MONOGRAM Multimedia, s.r.o.) -- C:\Windows\System32\nbDX.dll
[2010.11.23 22:28:58 | 000,031,232 | RHS- | C] (Hans Mayerl) -- C:\Windows\System32\msfDX.dll
[2010.11.23 22:28:57 | 000,179,200 | RHS- | C] (Gabest) -- C:\Windows\System32\DiracSplitter.ax
[2010.11.23 22:28:57 | 000,169,472 | RHS- | C] (Gabest) -- C:\Windows\System32\MatroskaDX.ax
[2010.11.23 22:28:57 | 000,163,328 | RHS- | C] (Gabest) -- C:\Windows\System32\flvDX.dll
[2010.11.23 22:28:57 | 000,123,904 | RHS- | C] (CoreCodec) -- C:\Windows\System32\AVCDX.ax
[2010.11.23 22:28:19 | 000,000,000 | ---D | C] -- C:\Programme\eRightSoft
[2010.11.23 22:26:26 | 000,000,000 | ---D | C] -- C:\Users\philipp\AppData\Local\Babylon
[2010.11.23 22:26:13 | 000,000,000 | ---D | C] -- C:\Programme\BabylonToolbar
[2010.11.23 22:26:13 | 000,000,000 | ---D | C] -- C:\Programme\Babylon
[2010.11.23 22:26:09 | 000,000,000 | ---D | C] -- C:\Users\philipp\AppData\Roaming\Babylon
[2010.11.23 22:26:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon
[2010.11.23 22:25:55 | 000,000,000 | ---D | C] -- C:\Programme\AudioConverter
[2010.11.23 22:25:21 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2010.11.23 22:25:15 | 000,000,000 | ---D | C] -- C:\Programme\MP3 CD Converter Professional
[2010.11.23 22:10:02 | 000,000,000 | ---D | C] -- C:\Users\philipp\Desktop\Reich und Sexy
[2010.11.14 09:28:51 | 000,000,000 | ---D | C] -- C:\Users\philipp\Documents\The Lord of the Rings Online
[2010.11.14 09:28:51 | 000,000,000 | ---D | C] -- C:\Users\philipp\AppData\Local\The Lord of the Rings Online
[2010.11.14 09:24:12 | 000,000,000 | ---D | C] -- C:\Users\philipp\AppData\Local\Turbine
[2010.11.14 09:23:17 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_42.dll
[2010.11.14 09:20:59 | 000,000,000 | ---D | C] -- C:\Windows\System32\URTTEMP
[2010.11.14 08:39:12 | 000,000,000 | ---D | C] -- C:\Programme\Codemasters
[2010.11.13 15:13:14 | 000,000,000 | ---D | C] -- C:\Programme\SimBin
[2010.11.13 14:59:21 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Steam
[2010.11.13 14:59:18 | 000,000,000 | ---D | C] -- C:\Programme\Steam
[2010.11.13 14:50:50 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_41.dll
[2010.11.13 14:50:50 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_41.dll
[2010.11.13 14:50:49 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_41.dll
[2010.11.13 14:50:49 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_4.dll
[2010.11.13 14:50:48 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_40.dll
[2010.11.13 14:50:48 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_40.dll
[2010.11.13 14:50:48 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_4.dll
[2010.11.13 14:50:48 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_6.dll
[2010.11.13 14:50:47 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_40.dll
[2010.11.08 19:34:36 | 000,000,000 | ---D | C] -- C:\Users\philipp\Documents\gothic3
[2010.11.08 19:01:59 | 000,000,000 | ---D | C] -- C:\Programme\JoWooD
[2010.11.06 11:54:27 | 000,000,000 | ---D | C] -- C:\ProgramData\1B136
[2010.11.05 22:30:36 | 000,000,000 | ---D | C] -- C:\Users\philipp\Desktop\LOTROEU_Enedwaith_DE_Installer
[2010.11.01 17:09:14 | 001,700,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\GdiPlus.dll
[2010.10.31 20:18:57 | 000,000,000 | ---D | C] -- C:\Users\philipp\AppData\Roaming\Avira
[2010.10.31 19:47:26 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2010.10.31 19:47:25 | 000,126,856 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2010.10.31 19:47:25 | 000,061,960 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2010.10.31 19:47:25 | 000,051,992 | ---- | C] (AVIRA GmbH) -- C:\Windows\System32\drivers\avgntdd.sys
[2010.10.31 19:47:25 | 000,017,016 | ---- | C] (AVIRA GmbH) -- C:\Windows\System32\drivers\avgntmgr.sys
[2010.10.31 19:47:23 | 000,000,000 | ---D | C] -- C:\Programme\Avira
[2010.10.31 12:35:33 | 000,000,000 | ---D | C] -- C:\Users\philipp\AppData\Roaming\AVS4YOU
[2010.10.31 12:30:54 | 000,000,000 | ---D | C] -- C:\ProgramData\AVS4YOU
[2010.10.31 12:30:38 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml3a.dll
[2010.10.31 12:30:38 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\AVSMedia
[2010.10.31 12:30:37 | 000,000,000 | ---D | C] -- C:\Programme\AVS4YOU
[2010.10.31 12:26:49 | 000,000,000 | ---D | C] -- C:\AudioSuite
[2010.10.31 12:24:34 | 000,000,000 | ---D | C] -- C:\Programme\Audio Recorder Pro
[2010.10.31 01:38:10 | 000,000,000 | ---D | C] -- C:\Users\philipp\AppData\Local\reakktor
[2010.10.31 01:38:07 | 000,000,000 | ---D | C] -- C:\Users\philipp\Documents\Reakktor Media
[2010.10.30 18:11:37 | 000,000,000 | ---D | C] -- C:\Programme\Medion
[2010.10.30 15:50:00 | 000,000,000 | ---D | C] -- C:\Medion2
[2010.10.30 15:36:31 | 000,094,208 | ---- | C] (Winbond Electronics Corporation) -- C:\Windows\System32\wb9967.dll
[2010.10.30 15:36:31 | 000,016,840 | ---- | C] (Winbond Electronics Crop.) -- C:\Windows\System32\W9967usd.dll
[2010.10.30 15:36:31 | 000,015,360 | ---- | C] (Winbond Electronics Crop.) -- C:\Windows\System32\w67_ctom.ax
[2010.10.30 15:36:31 | 000,010,256 | ---- | C] (Winbond Electronics Crop.) -- C:\Windows\System32\drivers\W9967sti.sys
[2010.10.30 15:36:30 | 000,376,832 | ---- | C] (Winbond Electronics Corp.) -- C:\Windows\System32\DsTW9968.dll
[2010.10.30 15:36:30 | 000,122,880 | ---- | C] (Winbond) -- C:\Windows\System32\Dxcam68.dll
[2010.10.30 15:36:30 | 000,000,000 | ---D | C] -- C:\Medion1
[2010.10.30 14:58:49 | 000,114,144 | ---- | C] (Winbond Electronics Crop.) -- C:\Windows\System32\drivers\2kw9967.sys
[2010.10.30 14:58:49 | 000,000,000 | ---D | C] -- C:\Medion
[2010.10.29 17:32:47 | 000,641,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CPFilters.dll
[2010.10.29 17:32:47 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdri.dll
[2010.10.29 17:32:47 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
[2010.10.29 17:32:47 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2010.10.29 17:32:36 | 000,026,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Diskdump.sys
[4 C:\Windows\System32\drivers\*.tmp files -> C:\Windows\System32\drivers\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010.11.27 11:06:12 | 000,016,944 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.11.27 11:06:12 | 000,016,944 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.11.27 11:00:00 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.11.27 10:58:56 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.11.27 10:58:56 | 000,000,294 | -H-- | M] () -- C:\Windows\tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job
[2010.11.27 10:58:45 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.11.27 10:58:43 | 2817,384,448 | -HS- | M] () -- C:\hiberfil.sys
[2010.11.27 10:25:54 | 000,000,979 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.11.27 01:59:32 | 000,001,123 | ---- | M] () -- C:\Users\Public\Desktop\TorrentBitch.lnk
[2010.11.26 23:25:32 | 000,138,184 | ---- | M] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2010.11.26 23:25:12 | 000,215,016 | ---- | M] () -- C:\Windows\System32\PnkBstrB.xtr
[2010.11.26 21:13:47 | 000,001,043 | ---- | M] () -- C:\Users\philipp\Desktop\PATRIZIER II Gold starten.lnk
[2010.11.26 19:39:01 | 000,001,875 | ---- | M] () -- C:\Users\philipp\Desktop\Drakensang.lnk
[2010.11.26 17:00:02 | 000,007,621 | ---- | M] () -- C:\Users\philipp\AppData\Local\Resmon.ResmonCfg
[2010.11.26 16:44:55 | 000,061,960 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2010.11.23 22:43:20 | 000,301,816 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.11.21 18:09:27 | 000,706,600 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010.11.21 18:09:27 | 000,660,218 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.11.21 18:09:27 | 000,152,192 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010.11.21 18:09:27 | 000,124,408 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.11.14 09:20:34 | 000,002,182 | ---- | M] () -- C:\Users\philipp\Desktop\Der Herr der Ringe Online.lnk
[2010.11.13 15:29:47 | 000,001,149 | ---- | M] () -- C:\Users\philipp\Desktop\RACE 07 Offline.lnk
[2010.11.10 19:19:08 | 000,000,202 | -H-- | M] () -- C:\Windows\tasks\{62C40AA6-4406-467a-A5A5-DFDF1B559B7A}.job
[2010.11.08 19:15:14 | 000,001,416 | ---- | M] () -- C:\Users\Public\Desktop\Gothic 3 - Götterdämmerung.lnk
[2010.11.08 19:15:14 | 000,001,169 | ---- | M] () -- C:\Users\Public\Desktop\Gothic 3.lnk
[2010.11.04 17:35:02 | 000,001,216 | ---- | M] () -- C:\Users\Public\Desktop\EA Download Manager.lnk
[2010.11.04 17:28:32 | 000,126,856 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2010.11.01 17:09:36 | 000,001,159 | ---- | M] () -- C:\Users\philipp\Desktop\AVS Audio Editor.lnk
[2010.10.31 21:25:18 | 000,087,352 | ---- | M] () -- C:\Users\philipp\Documents\NR-20101031-001.mp3
[2010.10.31 19:47:45 | 000,002,012 | ---- | M] () -- C:\Users\Public\Desktop\Herbert.lnk
[2010.10.31 19:18:33 | 000,000,194 | ---- | M] () -- C:\Users\philipp\AppData\Roaming\dkfjasdfshd.bat
[2010.10.31 12:35:35 | 000,001,183 | ---- | M] () -- C:\Users\philipp\Desktop\AVS Ringtone Maker.lnk
[2010.10.31 12:30:42 | 000,001,183 | ---- | M] () -- C:\Users\philipp\Desktop\AVS Audio Recorder.lnk
[2010.10.30 15:54:19 | 000,011,709 | ---- | M] () -- C:\Users\philipp\Documents\Entschuldigung The Wave.odt
[2010.10.30 07:42:45 | 278,384,397 | ---- | M] () -- C:\Windows\MEMORY.DMP
[4 C:\Windows\System32\drivers\*.tmp files -> C:\Windows\System32\drivers\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2010.11.27 10:25:54 | 000,000,979 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.11.27 09:53:58 | 000,659,968 | ---- | C] () -- C:\Users\philipp\AppData\Local\syssvc.exe
[2010.11.27 01:59:32 | 000,001,123 | ---- | C] () -- C:\Users\Public\Desktop\TorrentBitch.lnk
[2010.11.26 21:11:20 | 000,001,043 | ---- | C] () -- C:\Users\philipp\Desktop\PATRIZIER II Gold starten.lnk
[2010.11.26 19:39:01 | 000,001,875 | ---- | C] () -- C:\Users\philipp\Desktop\Drakensang.lnk
[2010.11.23 22:31:23 | 000,027,648 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll
[2010.11.23 22:29:00 | 000,051,712 | RHS- | C] () -- C:\Windows\System32\RLSpeexDec.ax
[2010.11.23 22:28:59 | 000,107,520 | RHS- | C] () -- C:\Windows\System32\RLMPCDec.ax
[2010.11.23 22:28:59 | 000,070,656 | RHS- | C] () -- C:\Windows\System32\RLAPEDec.ax
[2010.11.23 22:28:58 | 000,120,832 | RHS- | C] () -- C:\Windows\System32\MPCDx.ax
[2010.11.23 22:28:57 | 000,175,104 | RHS- | C] () -- C:\Windows\System32\CoreAAC.ax
[2010.11.23 22:28:57 | 000,097,280 | RHS- | C] () -- C:\Windows\System32\FLACDX.ax
[2010.11.23 22:28:56 | 000,227,328 | RHS- | C] () -- C:\Windows\System32\ac3DX.ax
[2010.11.23 22:28:56 | 000,081,920 | RHS- | C] () -- C:\Windows\System32\aac_parser.ax
[2010.11.14 09:20:34 | 000,002,182 | ---- | C] () -- C:\Users\philipp\Desktop\Der Herr der Ringe Online.lnk
[2010.11.13 15:29:47 | 000,001,149 | ---- | C] () -- C:\Users\philipp\Desktop\RACE 07 Offline.lnk
[2010.11.08 19:15:14 | 000,001,416 | ---- | C] () -- C:\Users\Public\Desktop\Gothic 3 - Götterdämmerung.lnk
[2010.11.08 19:15:14 | 000,001,169 | ---- | C] () -- C:\Users\Public\Desktop\Gothic 3.lnk
[2010.11.04 17:35:02 | 000,001,216 | ---- | C] () -- C:\Users\Public\Desktop\EA Download Manager.lnk
[2010.11.01 17:09:36 | 000,001,159 | ---- | C] () -- C:\Users\philipp\Desktop\AVS Audio Editor.lnk
[2010.10.31 21:25:12 | 000,087,352 | ---- | C] () -- C:\Users\philipp\Documents\NR-20101031-001.mp3
[2010.10.31 19:47:45 | 000,002,012 | ---- | C] () -- C:\Users\Public\Desktop\Herbert.lnk
[2010.10.31 19:11:40 | 000,000,194 | ---- | C] () -- C:\Users\philipp\AppData\Roaming\dkfjasdfshd.bat
[2010.10.31 16:33:13 | 000,000,294 | -H-- | C] () -- C:\Windows\tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job
[2010.10.31 16:33:05 | 000,000,202 | -H-- | C] () -- C:\Windows\tasks\{62C40AA6-4406-467a-A5A5-DFDF1B559B7A}.job
[2010.10.31 12:35:35 | 000,001,183 | ---- | C] () -- C:\Users\philipp\Desktop\AVS Ringtone Maker.lnk
[2010.10.31 12:30:42 | 000,001,183 | ---- | C] () -- C:\Users\philipp\Desktop\AVS Audio Recorder.lnk
[2010.10.30 18:11:38 | 000,036,352 | ---- | C] () -- C:\Windows\Amcap.exe
[2010.10.30 15:54:16 | 000,011,709 | ---- | C] () -- C:\Users\philipp\Documents\Entschuldigung The Wave.odt
[2010.10.30 15:36:31 | 000,107,780 | ---- | C] () -- C:\Windows\System32\wb67ext.dll
[2010.10.30 15:36:30 | 000,094,208 | ---- | C] () -- C:\Windows\System32\Bmpproc.dll
[2010.09.05 10:41:39 | 000,000,601 | ---- | C] () -- C:\Users\philipp\AppData\Roaming\testtool.ini
[2010.08.09 23:31:41 | 000,138,184 | ---- | C] () -- C:\Windows\System32\drivers\PnkBstrK.sys
[2010.07.15 21:59:33 | 001,970,176 | ---- | C] () -- C:\Windows\System32\d3dx9.dll
[2010.06.19 08:17:55 | 000,043,520 | ---- | C] () -- C:\Windows\System32\CmdLineExt03.dll
[2010.06.05 22:19:00 | 000,076,407 | ---- | C] () -- C:\Users\philipp\AppData\Roaming\Smiley.ico
[2010.02.17 13:59:51 | 000,000,858 | ---- | C] () -- C:\Windows\client.config.ini
[2010.02.08 17:11:33 | 000,000,399 | ---- | C] () -- C:\Windows\vtplus32.ini
[2010.02.08 17:11:23 | 000,000,209 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2010.02.08 17:11:23 | 000,000,135 | ---- | C] () -- C:\Windows\ODBC.INI
[2010.02.08 17:11:22 | 000,159,744 | ---- | C] () -- C:\Windows\System32\hcwChDB.dll
[2010.02.08 17:11:22 | 000,065,536 | ---- | C] () -- C:\Windows\System32\dmcrypto.dll
[2010.02.08 17:11:00 | 000,001,926 | ---- | C] () -- C:\Windows\HCWPNP.INI
[2010.02.08 17:07:40 | 000,040,960 | ---- | C] () -- C:\Windows\System32\hcwxds.dll
[2010.02.08 09:07:16 | 000,000,070 | ---- | C] () -- C:\Windows\dbinside.ini
[2010.01.29 21:41:32 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.01.29 21:09:09 | 000,000,095 | ---- | C] () -- C:\Users\philipp\AppData\Local\fusioncache.dat
[2010.01.29 21:07:56 | 000,155,528 | ---- | C] () -- C:\Users\philipp\AppData\Roaming\Patch-Master.exe1.dat
[2010.01.29 21:07:56 | 000,138,056 | ---- | C] () -- C:\Users\philipp\AppData\Roaming\PnkBstrK.sys
[2010.01.29 21:07:56 | 000,045,528 | ---- | C] () -- C:\Users\philipp\AppData\Roaming\Patch-Master.exe2.dat
[2010.01.29 21:07:56 | 000,043,504 | ---- | C] () -- C:\Users\philipp\AppData\Roaming\Patch-Master.exe0.dat
[2010.01.29 21:07:56 | 000,027,252 | ---- | C] () -- C:\Users\philipp\AppData\Roaming\Patch-Master.exe3.dat
[2010.01.29 20:28:42 | 000,007,621 | ---- | C] () -- C:\Users\philipp\AppData\Local\Resmon.ResmonCfg
[2009.07.14 00:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009.06.26 17:21:02 | 000,015,498 | ---- | C] () -- C:\Windows\VX1000.ini
[2008.12.11 21:38:34 | 000,042,320 | ---- | C] () -- C:\Windows\System32\xfcodec.dll
[2007.07.22 16:39:26 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2007.07.22 16:39:26 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2007.07.22 16:39:26 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2007.07.22 16:39:26 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2007.07.22 16:39:26 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2007.07.22 16:39:26 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2007.07.22 16:39:26 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2007.07.22 16:39:26 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2007.07.22 16:39:26 | 000,053,248 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2007.06.25 19:34:26 | 000,070,400 | ---- | C] () -- C:\Windows\System32\PhysXLoader.dll
[2005.04.08 03:16:43 | 000,015,057 | -H-- | C] () -- C:\Users\philipp\AppData\Roaming\logs.dat
[2003.08.07 20:01:50 | 000,237,568 | ---- | C] () -- C:\Windows\System32\lame_enc.dll
[1997.06.14 12:56:08 | 000,056,832 | ---- | C] () -- C:\Windows\System32\iyvu9_32.dll

========== LOP Check ==========

[2010.09.05 10:41:39 | 000,000,000 | ---D | M] -- C:\Users\philipp\AppData\Roaming\.oootesttool
[2010.02.19 07:30:04 | 000,000,000 | ---D | M] -- C:\Users\philipp\AppData\Roaming\.purple
[2010.01.29 21:07:56 | 000,000,000 | ---D | M] -- C:\Users\philipp\AppData\Roaming\Actecom
[2010.01.29 21:07:56 | 000,000,000 | ---D | M] -- C:\Users\philipp\AppData\Roaming\Ankh
[2010.03.17 12:04:26 | 000,000,000 | ---D | M] -- C:\Users\philipp\AppData\Roaming\Ankh - Heart of Osiris
[2010.11.27 09:28:24 | 000,000,000 | ---D | M] -- C:\Users\philipp\AppData\Roaming\Babylon
[2010.01.29 21:07:57 | 000,000,000 | ---D | M] -- C:\Users\philipp\AppData\Roaming\Black Sea Studios
[2010.02.12 15:31:00 | 000,000,000 | ---D | M] -- C:\Users\philipp\AppData\Roaming\dBpoweramp
[2009.12.30 07:49:13 | 000,000,000 | ---D | M] -- C:\Users\philipp\AppData\Roaming\FOG Downloader
[2010.02.12 15:34:26 | 000,000,000 | ---D | M] -- C:\Users\philipp\AppData\Roaming\foobar2000
[2010.11.25 23:43:08 | 000,000,000 | ---D | M] -- C:\Users\philipp\AppData\Roaming\GetRightToGo
[2010.02.08 00:17:02 | 000,000,000 | ---D | M] -- C:\Users\philipp\AppData\Roaming\Glory of the Roman Empire
[2010.11.23 19:06:26 | 000,000,000 | ---D | M] -- C:\Users\philipp\AppData\Roaming\ICQ
[2010.07.22 12:46:31 | 000,000,000 | ---D | M] -- C:\Users\philipp\AppData\Roaming\Imperium Romanum
[2010.05.11 18:04:58 | 000,000,000 | ---D | M] -- C:\Users\philipp\AppData\Roaming\install
[2010.02.12 15:24:44 | 000,000,000 | ---D | M] -- C:\Users\philipp\AppData\Roaming\NCH Swift Sound
[2010.07.15 21:59:40 | 000,000,000 | ---D | M] -- C:\Users\philipp\AppData\Roaming\OpenCandy
[2010.03.06 15:56:16 | 000,000,000 | ---D | M] -- C:\Users\philipp\AppData\Roaming\OpenOffice.org
[2010.01.29 21:09:01 | 000,000,000 | ---D | M] -- C:\Users\philipp\AppData\Roaming\PC Suite
[2010.01.30 21:27:43 | 000,000,000 | ---D | M] -- C:\Users\philipp\AppData\Roaming\Recordpad
[2010.01.29 21:09:01 | 000,000,000 | ---D | M] -- C:\Users\philipp\AppData\Roaming\Samsung
[2010.07.15 08:21:23 | 000,000,000 | ---D | M] -- C:\Users\philipp\AppData\Roaming\Subversion
[2010.06.19 08:17:18 | 000,000,000 | ---D | M] -- C:\Users\philipp\AppData\Roaming\Teeworlds
[2010.01.29 21:09:03 | 000,000,000 | ---D | M] -- C:\Users\philipp\AppData\Roaming\TomTom
[2010.01.29 21:09:05 | 000,000,000 | ---D | M] -- C:\Users\philipp\AppData\Roaming\TS3Client
[2010.04.22 14:15:46 | 000,000,000 | ---D | M] -- C:\Users\philipp\AppData\Roaming\Ubisoft
[2010.07.15 22:00:16 | 000,000,000 | ---D | M] -- C:\Users\philipp\AppData\Roaming\Uniblue
[2010.06.14 18:24:41 | 000,000,000 | ---D | M] -- C:\Users\philipp\AppData\Roaming\Windows Live Writer
[2010.10.06 14:40:38 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010.11.10 19:19:08 | 000,000,202 | -H-- | M] () -- C:\Windows\Tasks\{62C40AA6-4406-467a-A5A5-DFDF1B559B7A}.job
[2010.11.27 10:58:56 | 000,000,294 | -H-- | M] () -- C:\Windows\Tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:80337C03

< End of report >


ich hofffe das mir jemand im Forum bei meinem Problem helfen kann.

mfg. PrinzJesus