Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Habe ich den ''Data Recovery'' hinter mir ? (https://www.trojaner-board.de/105102-habe-data-recovery-mir.html)

Chiko 15.11.2011 00:06

Habe ich den ''Data Recovery'' hinter mir ?
 
Hi, ich versuche jetzt schon seid 3 stunden mein Pc wieder hinzukriegen nach dem er von diesem, ich weiss nichtmal wie ich das nennen soll, Data Recovery angegriffen wurde.
Ich habe mich nach eurem ''Data Recovery entfernen'' Theard gerichtet und bin mir nicht sicher ob mein Pc jetzt völlig von diesem ''Virus'' befreit ist, ausserdem sind die datein im Startmenü immernoch versteckt.

Hier die Logfile's
Extras:
Zitat:

OTL Extras logfile created on: 11/14/2011 11:11:55 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\*****\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

6.00 Gb Total Physical Memory | 4.02 Gb Available Physical Memory | 66.94% Memory free
12.00 Gb Paging File | 9.82 Gb Available in Paging File | 81.82% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 917.81 Gb Total Space | 705.19 Gb Free Space | 76.83% Space Free | Partition Type: NTFS
Drive D: | 13.60 Gb Total Space | 1.68 Gb Free Space | 12.39% Space Free | Partition Type: NTFS
Drive G: | 232.88 Gb Total Space | 150.88 Gb Free Space | 64.79% Space Free | Partition Type: NTFS

Computer Name: *****-HP | User Name: ***** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{11BA2B00-1495-47B8-BFA8-D08C605AB2CC}" = Windows Live Family Safety
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{31A6FA40-E935-11E0-95F9-F04DA23A5C58}" = Vegas Pro 11.0 (64-bit)
"{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1" = MotioninJoy ds3 driver version 0.6.0001
"{33C19CDE-E935-11E0-A0DA-F04DA23A5C58}" = MSVCRT Redists
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{51317AF5-D39F-49EC-A4B5-87451466B837}" = AMD Fuel
"{54E192A6-AA33-1963-C96A-26AA7A3B41B4}" = ccc-utility64
"{5857E7BE-2F6F-D41A-42B2-B668B19A5F30}" = AMD Media Foundation Decoders
"{5B08AF35-B699-4A44-BB89-3E51E70611E8}" = HP MediaSmart SmartMenu
"{5DF57DB1-D971-3DA3-B4BB-F6FC7D73A997}" = AMD Drag and Drop Transcoding
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}" = Windows Mobile-Gerätecenter
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{C9608300-11F5-11E0-A64B-0013D3D69929}" = MSVCRT Redists
"{CEA21F20-DBF4-464C-8B81-28B8508AFDDD}" = Windows Live Family Safety
"{CFF9D801-1EC4-B8F5-2CAB-4A1790C95A18}" = ATI Catalyst Install Manager
"{D3A82E80-D0A5-11DF-B425-0013D3D69929}" = Vegas Pro 10.0 (64-bit)
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D79A02E9-6713-4335-9668-AAC7474C0C0E}" = HP Vision Hardware Diagnostics
"{D81C035E-D0A5-11DF-9450-0013D3D69929}" = MSVCRT Redists
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player ActiveX 64" = Adobe Flash Player 10 ActiveX 64-bit
"CCleaner" = CCleaner
"GenArts SapphireEdge Plug-ins for OFX_is1" = GenArts SapphireEdge Plug-ins 1.0 for OFX
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"NVIDIA Drivers" = NVIDIA Drivers
"WinRAR archiver" = WinRAR 4.00 (64-Bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}" = Messenger Companion
"{06E6E30D-B498-442F-A943-07DE41D7F785}" = Microsoft Search Enhancement Pack
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{19A492A0-888F-44A0-9B21-D91700763F62}" = Catalyst Control Center - Branding
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1C7108CF-774A-11E0-B3C5-0013D3D69929}" = Vegas Pro 10.0
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1F77C418-2C90-459C-BD33-B56A4182B9FA}" = System Requirements Lab CYRI
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{229B6751-774A-11E0-BCAE-0013D3D69929}" = MSVCRT Redists
"{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}" = TuneUp Utilities 2011
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 22
"{3023EBDA-BF1B-4831-B347-E5018555F26E}" = Movie Theme Pack for HP MediaSmart Video
"{30D659E4-4405-6925-CDCF-EB8CD0C80DAC}" = Catalyst Control Center Graphics Previews Common
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3CA2B4FD-AEF2-ED4F-F5E5-0095DDA47AC7}" = Adobe Download Assistant
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}" = HP Advisor
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = Recovery Manager
"{46BA053F-57B3-4153-BDB6-D37EEC8B12D7}" = LightScribe System Software
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync
"{5D4C60AA-84E6-4E1A-8A68-69970D387BE1}" = TuneUp Utilities Language Pack (de-DE)
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{60DE7978-4F13-5584-5E53-DCEE1CB115A5}" = AMD VISION Engine Control Center
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}" = HP MediaSmart Photo
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.1.1.0
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72D90DB3-A16A-4545-B555-868471101833}" = HP Setup
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{85268C72-C609-E50A-7AB3-9B3582DFEE66}" = CCC Help English
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.SingleImage_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0407-1000-0000000FF1CE}_Office14.SingleImage_{594128C9-2CDF-43CE-8103-DC100CF013B6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.SingleImage_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.SingleImage_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}" = HP MediaSmart Music
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{AFF7E080-1974-45BF-9310-10DE1A1F5ED0}" = Adobe AIR
"{AFF8C8F4-E4BB-891F-8636-5E71F946C5B6}" = Catalyst Control Center InstallProxy
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B8AC1A89-FFD1-4F97-8051-E505A160F562}" = HP Odometer
"{B95B1BA9-F887-4B3C-8D3A-CCD4C4675120}" = Microsoft Default Manager
"{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}" = HP Support Information
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{CA43FE4F-9FF2-4AD7-88F0-CC3BAC17B226}" = HP Support Assistant
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D12E3E7F-1B13-4933-A915-16C7DD37A095}" = HP MediaSmart Video
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D7E7EC5E-4349-4E40-B37C-4342188B86EC}" = Monopoly
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"{DE77FE3F-A33D-499A-87AD-5FC406617B40}" = HP Update
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{ED721ABC-423D-4F7D-AEBB-E1E39C388E84}" = Facebook Video Calling 1.0.0.8714
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}" = DVD Menu Pack for HP MediaSmart Video
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"aTube Catcher" = aTube Catcher
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant
"DivX Setup.divx.com" = DivX-Setup
"Foxit Creator" = Foxit Creator
"Foxit Reader" = Foxit Reader
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}" = Movie Theme Pack for HP MediaSmart Video
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}" = HP MediaSmart Photo
"InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}" = HP MediaSmart Music
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095}" = HP MediaSmart Video
"InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}" = DVD Menu Pack for HP MediaSmart Video
"JDownloader" = JDownloader
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware Version 1.51.2.1300
"Mozilla Firefox 8.0 (x86 de)" = Mozilla Firefox 8.0 (x86 de)
"Mp3tag" = Mp3tag v2.49
"MusicStationNetstaller" = MusicStation
"NewBlue 3D Explosions for Windows" = NewBlue 3D Explosions for Windows
"NewBlue 3D Transformations for Windows" = NewBlue 3D Transformations for Windows
"NewBlue Art Blends for Windows" = NewBlue Art Blends for Windows
"NewBlue Art Effects for Windows" = NewBlue Art Effects for Windows
"NewBlue Film Effects for Windows" = NewBlue Film Effects for Windows
"NewBlue Motion Blends for Windows" = NewBlue Motion Blends for Windows
"NewBlue Motion Effects for Windows" = NewBlue Motion Effects for Windows
"NewBlue Video Essentials for Windows" = NewBlue Video Essentials for Windows
"NIS" = Norton Internet Security
"Office14.SingleImage" = Microsoft Office Home and Business 2010
"PDF Complete" = PDF Complete Special Edition
"RocketDock_is1" = RocketDock 1.3.5
"Spyware Doctor" = Spyware Doctor mit Antivirus 8.0
"TuneUp Utilities 2011" = TuneUp Utilities 2011
"WinLiveSuite" = Windows Live Essentials

========== Last 10 Event Log Errors ==========

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

< End of report >
OTL
Zitat:

OTL logfile created on: 11/14/2011 11:11:55 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\*****\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

6.00 Gb Total Physical Memory | 4.02 Gb Available Physical Memory | 66.94% Memory free
12.00 Gb Paging File | 9.82 Gb Available in Paging File | 81.82% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 917.81 Gb Total Space | 705.19 Gb Free Space | 76.83% Space Free | Partition Type: NTFS
Drive D: | 13.60 Gb Total Space | 1.68 Gb Free Space | 12.39% Space Free | Partition Type: NTFS
Drive G: | 232.88 Gb Total Space | 150.88 Gb Free Space | 64.79% Space Free | Partition Type: NTFS

Computer Name: *****-HP | User Name: ***** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\*****\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\ccsvchst.exe (Symantec Corporation)
PRC - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Company)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files (x86)\PC Tools Security\pctsGui.exe (PC Tools)
PRC - C:\Program Files (x86)\PC Tools Security\pctsSvc.exe (PC Tools)
PRC - C:\Windows\SysWOW64\ezSharedSvcHost.exe (EasyBits Software AS)
PRC - C:\Program Files (x86)\PC Tools Security\pctsAuxs.exe (PC Tools)
PRC - C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
PRC - C:\Program Files (x86)\PDF Complete\pdfsvc.exe (PDF Complete Inc)
PRC - C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)
PRC - C:\Program Files (x86)\RocketDock\RocketDock.exe ()


========== Modules (No Company Name) ==========

MOD - C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
MOD - C:\Program Files (x86)\RocketDock\RocketDock.exe ()
MOD - C:\Program Files (x86)\RocketDock\RocketDock.dll ()


========== Win32 Services (SafeList) ==========

SRV:64bit: - (UxTuneUp) -- C:\Windows\SysNative\uxtuneup.dll (TuneUp Software)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (AMD FUEL Service) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Advanced Micro Devices, Inc.)
SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV:64bit: - (nSvcIp) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe ()
SRV:64bit: - (ForceWare Intelligent Application Manager (IAM)) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe ()
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe (TuneUp Software)
SRV - (UxTuneUp) -- C:\Windows\SysWOW64\uxtuneup.dll (TuneUp Software)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (HP Support Assistant Service) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe (Hewlett-Packard Company)
SRV - (NIS) -- C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe (Symantec Corporation)
SRV - (HPDrvMntSvc.exe) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Company)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (sdCoreService) -- C:\Program Files (x86)\PC Tools Security\pctsSvc.exe (PC Tools)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (sdAuxService) -- C:\Program Files (x86)\PC Tools Security\pctsAuxs.exe (PC Tools)
SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (pdfcDispatcher) -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe (PDF Complete Inc)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation)
SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV:64bit: - (MotioninJoyXFilter) -- C:\Windows\SysNative\drivers\MijXfilt.sys (MotioninJoy)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (SymNetS) -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\symnets.sys (Symantec Corporation)
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (SymEvent) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS (Symantec Corporation)
DRV:64bit: - (SRTSP) -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\srtsp64.sys (Symantec Corporation)
DRV:64bit: - (SRTSPX) Symantec Real Time Storage Protection (PEL) -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\srtspx64.sys (Symantec Corporation)
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices)
DRV:64bit: - (SymEFA) -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\symefa64.sys (Symantec Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (SymDS) -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\symds64.sys (Symantec Corporation)
DRV:64bit: - (SymIRON) -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\ironx64.sys (Symantec Corporation)
DRV:64bit: - (PCTCore) -- C:\Windows\SysNative\drivers\PCTCore64.sys (PC Tools)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
DRV:64bit: - (xusb21) -- C:\Windows\SysNative\drivers\xusb21.sys (Microsoft Corporation)
DRV:64bit: - (pctEFA) -- C:\Windows\SysNative\drivers\pctEFA64.sys (PC Tools)
DRV:64bit: - (pctDS) -- C:\Windows\SysNative\drivers\pctDS64.sys (PC Tools)
DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.)
DRV:64bit: - (NVNET) -- C:\Windows\SysNative\drivers\nvmf6264.sys (NVIDIA Corporation)
DRV:64bit: - (amdiox64) -- C:\Windows\SysNative\drivers\amdiox64.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (usb_rndisx) -- C:\Windows\SysNative\drivers\usb8023x.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (NAVEX15) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\VirusDefs\20110531.002\EX64.SYS (Symantec Corporation)
DRV - (NAVENG) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\VirusDefs\20110531.002\ENG64.SYS (Symantec Corporation)
DRV - (eeCtrl) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys (Symantec Corporation)
DRV - (EraserUtilRebootDrv) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)
DRV - (BHDrvx64) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\BASHDefs\20110518.001\BHDrvx64.sys (Symantec Corporation)
DRV - (IDSVia64) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\IPSDefs\20110527.001\IDSviA64.sys (Symantec Corporation)
DRV - (TuneUpUtilitiesDrv) -- C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys (TuneUp Software)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPDSK/4
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPDSK/4
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPDSK/4
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPDSK/4

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPDSK/4
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - No CLSID value found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "Google.de"
FF - prefs.js..keyword.URL: "hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q="
FF - prefs.js..network.proxy.backup.ftp: "98.166.234.138"
FF - prefs.js..network.proxy.backup.ftp_port: 8085
FF - prefs.js..network.proxy.backup.socks: "98.166.234.138"
FF - prefs.js..network.proxy.backup.socks_port: 8085
FF - prefs.js..network.proxy.backup.ssl: "98.166.234.138"
FF - prefs.js..network.proxy.backup.ssl_port: 8085
FF - prefs.js..network.proxy.ftp: "68.169.39.192"
FF - prefs.js..network.proxy.ftp_port: 22085
FF - prefs.js..network.proxy.http: "68.169.39.192"
FF - prefs.js..network.proxy.http_port: 22085
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: "68.169.39.192"
FF - prefs.js..network.proxy.socks_port: 22085
FF - prefs.js..network.proxy.ssl: "68.169.39.192"
FF - prefs.js..network.proxy.ssl_port: 22085
FF - prefs.js..network.proxy.type: 0

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Tarik\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\IPSFFPlgn\ [2011/09/27 15:37:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\coFFPlgn_2011_7_3_6 [2011/11/14 22:52:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011/05/08 15:24:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011/05/08 15:24:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/11/09 13:50:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/05/07 22:43:53 | 000,000,000 | ---D | M]

[2011/03/31 12:40:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\*****\AppData\Roaming\mozilla\Extensions
[2011/10/05 21:33:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\*****\AppData\Roaming\mozilla\Firefox\Profiles\79wa8i6p.default\extensions
[2011/10/05 08:52:10 | 000,002,401 | ---- | M] () -- C:\Users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\79wa8i6p.default\searchplugins\askcom.xml
[2011/11/09 17:32:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
() (No name found) -- C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\79WA8I6P.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\79WA8I6P.DEFAULT\EXTENSIONS\EXTENSION@CIUVO.COM.XPI
() (No name found) -- C:\USERS\*****\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\79WA8I6P.DEFAULT\EXTENSIONS\FINDER@MEINGUTSCHEINCODE.DE.XPI
[2011/11/09 13:50:10 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2010/01/01 09:00:00 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010/01/01 09:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2010/01/01 09:00:00 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2010/01/01 09:00:00 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2010/01/01 09:00:00 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2010/01/01 09:00:00 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml

O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\ips\ipsbho.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\coieplg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\coieplg.dll (Symantec Corporation)
O4:64bit: - HKLM..\Run: [hpsysdrv] c:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)
O4:64bit: - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
O4:64bit: - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [ISTray] C:\Program Files (x86)\PC Tools Security\pctsGui.exe (PC Tools)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe (PDF Complete Inc)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [Facebook Update] C:\Users\*****\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [RocketDock] C:\Program Files (x86)\RocketDock\RocketDock.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll (PC Tools Research Pty Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll (PC Tools Research Pty Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll (PC Tools Research Pty Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll (PC Tools Research Pty Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll (PC Tools Research Pty Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll (PC Tools Research Pty Ltd.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000017 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll (PC Tools Research Pty Ltd.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5C5B8455-A49D-4FC1-8E82-BD73DF535F3A}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O27:64bit: - HKLM IFEO\ezsecshield.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\ezsecshield.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe (TuneUp Software)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/07/01 15:23:43 | 000,000,000 | RH-D | M] - G:\autorun -- [ NTFS ]
O32 - Unable to obtain root file information for disk G:\
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/11/14 22:34:08 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Roaming\Malwarebytes
[2011/11/14 22:33:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/11/14 22:33:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/11/14 22:33:43 | 000,025,416 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011/11/14 22:33:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011/11/14 21:22:55 | 000,816,016 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\pctEFA64.sys
[2011/11/14 21:22:55 | 000,452,872 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\pctDS64.sys
[2011/11/14 21:22:53 | 000,334,976 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\pctgntdi64.sys
[2011/11/14 21:22:53 | 000,137,704 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\pctwfpfilter64.sys
[2011/11/14 21:22:48 | 000,257,232 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\PCTCore64.sys
[2011/11/14 21:22:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Tools Security
[2011/11/14 21:22:40 | 000,092,896 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\pctplsg64.sys
[2011/11/14 21:22:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Tools Security
[2011/11/14 21:22:08 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Roaming\PC Tools
[2011/11/14 21:22:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PC Tools
[2011/11/14 21:19:11 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2011/11/14 20:43:26 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Fix
[2011/11/14 12:30:33 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{CA8F7788-D333-416D-A424-B67918D4A732}
[2011/11/14 12:30:21 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{E98A1CCA-B7F9-43F1-B0C9-7787C16DE465}
[2011/11/13 21:15:30 | 000,000,000 | ---D | C] -- C:\Users\*****\Documents\Hörbuch
[2011/11/13 21:05:06 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{C9DDE7A6-2C7B-4CB3-B16E-A56508734A19}
[2011/11/13 21:04:53 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{C03462B5-712E-48CC-9574-3DA1D9791343}
[2011/11/13 09:04:06 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{7A3599DA-FD12-4FDB-93A4-3988F9DBE3C3}
[2011/11/13 09:03:52 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{1B01A0B9-48F9-422A-990D-CC7AD704025E}
[2011/11/12 10:59:19 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{13A121A4-AC2E-489A-ACED-C5E4D633CC81}
[2011/11/12 10:59:08 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{9D24F2E8-717E-47CB-B0D6-97F3CE157FF8}
[2011/11/11 22:58:39 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{DD178FEE-9F2F-4DD3-901A-402E92CC5EA3}
[2011/11/11 22:58:27 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{67E05047-5FAD-4124-A2B6-75BEA77A634A}
[2011/11/11 10:57:56 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{1EA9DD86-73EA-4D65-BD9D-AA0091BECACC}
[2011/11/11 10:57:41 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{D96036F6-82D3-451E-A939-366293381B69}
[2011/11/11 00:10:05 | 000,000,000 | ---D | C] -- C:\Users\*****\Documents\Quali 2010
[2011/11/11 00:09:20 | 000,000,000 | ---D | C] -- C:\Users\*****\Documents\Links2
[2011/11/11 00:08:48 | 000,000,000 | ---D | C] -- C:\Users\*****\Documents\Meine empfangenen Dateien
[2011/11/11 00:01:22 | 000,000,000 | ---D | C] -- C:\Users\*****\Documents\Photoshop
[2011/11/10 23:59:50 | 000,000,000 | ---D | C] -- C:\Users\*****\Documents\Sony Vegas
[2011/11/10 11:39:12 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{798F60D4-0C40-43B6-B4B6-614FCF2BF5A8}
[2011/11/10 11:39:01 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{23AC28EB-D829-4A34-BABD-00B74A9F56AC}
[2011/11/10 00:04:35 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\Facebook
[2011/11/09 23:38:34 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{F65050C3-FFFF-4AA3-9C0A-8A51B181147C}
[2011/11/09 23:38:22 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{8ECBE330-F342-44CB-A32A-02B176934D87}
[2011/11/09 11:37:42 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{4645F517-EF7E-4FD2-8D0E-D26B6B676F3E}
[2011/11/09 11:37:29 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{03E18D2A-D0E2-44BB-AF28-8AB1D34AAA3E}
[2011/11/08 23:16:14 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{4B637F14-14EA-4933-AA9B-34D1B9328EA9}
[2011/11/08 23:16:01 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{1D54B9D2-DF01-4192-A9BC-E93FDD114FB0}
[2011/11/08 11:15:33 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{4A92C528-D8F7-4135-81AA-BBBA178E3598}
[2011/11/08 11:15:20 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{20D0B301-BE7A-435F-BD3C-C58AE881314C}
[2011/11/07 20:50:04 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2011/11/07 17:10:49 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{9BA818B0-77C7-43CC-8AA1-16DF4D17515D}
[2011/11/07 17:10:33 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{70DCF78A-F80D-4CF5-A93C-1C4D6FA9F9D3}
[2011/11/06 23:34:29 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{6CA0EB60-A7A3-41CB-8944-566F35B027FA}
[2011/11/06 11:33:56 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{A448F4DC-E21E-41BF-A573-C9FFA14774EA}
[2011/11/06 11:33:39 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{1B02F3A4-97C7-4916-B961-FDAA168BEEA4}
[2011/11/05 16:04:45 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{573D1738-C157-4908-8C05-2646E25E8CDA}
[2011/11/05 16:04:26 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{31CC02F7-31B2-4E5C-8D16-3652D9BF3E1A}
[2011/11/04 23:20:48 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{0FE081F2-130A-4D7A-BFF1-76EA7C245231}
[2011/11/04 23:20:37 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{3AD3AE58-E7A0-42BF-8F35-32114ECBF853}
[2011/11/04 11:20:06 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{D23716BE-6041-446D-A8D8-51A3CE2F1A1B}
[2011/11/04 11:19:54 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{D1ADA8F5-E048-42BF-A374-21CB1F24A398}
[2011/11/03 20:22:44 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{B3149E1F-375F-45C1-B8DF-B6FF394F7237}
[2011/11/03 20:22:32 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{1ABFDCF9-BF1A-48BB-8198-C6B431A0EAC9}
[2011/11/03 08:22:01 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{2E57C71B-2791-4876-BA02-117A22B5AD60}
[2011/11/03 08:21:48 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{7D07CAA3-063B-4D81-9C7D-6537B18B6627}
[2011/11/02 18:56:18 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{095DF9A8-AB33-41FE-899F-6C9705069FC0}
[2011/11/02 18:56:05 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{E81719A6-9D6F-4497-8D12-C6F400890756}
[2011/11/01 23:30:54 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{7E6F863C-97AB-4946-B5E9-0600136AA57E}
[2011/11/01 23:30:43 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{00F69401-1B11-41BC-B9EB-3AC8AEB00168}
[2011/11/01 11:30:14 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{46BE2058-0C7D-401A-AA17-458C486FEE3C}
[2011/11/01 11:30:02 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{5CDAD7B6-172B-49FE-A1CA-AA5D33CCBAF3}
[2011/10/31 23:26:31 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{5BAC46B5-31E2-47CC-BBB8-7F0D7FD83888}
[2011/10/31 23:26:19 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{CE1953CA-8D19-4198-ABFC-6BBAA4F2C13B}
[2011/10/31 11:14:13 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{E3DE74F4-1B7E-4C0C-9CC6-5703E94CA988}
[2011/10/31 11:13:59 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{17CCB99A-50E4-43CE-9B94-79B18E91EBBF}
[2011/10/30 23:13:32 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{9C85C78C-62D7-4FC5-A243-993F931D9566}
[2011/10/30 23:13:20 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{4F0B5EBA-AC19-405B-886A-EF41F2759637}
[2011/10/30 11:12:53 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{35926FE3-BBA7-4F12-92AC-FFE6655A1F1F}
[2011/10/30 11:12:41 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{BD25716A-C11F-4ABF-B874-D226EA86DCFB}
[2011/10/29 23:12:14 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{B2A3859C-ECBE-4FA4-8DF1-D765B86EC299}
[2011/10/29 23:12:03 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{A21F202E-BFAC-4068-9373-06A1379AEB5E}
[2011/10/29 11:11:36 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{C7D47131-CB38-4A39-90EB-0604C71D1D35}
[2011/10/29 11:11:24 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{CE2176F9-590D-4A1F-AE67-0010488D5B8A}
[2011/10/28 23:10:57 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{38413A2D-154A-4177-BEF3-DF2DB471895C}
[2011/10/28 23:10:45 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{CC751866-8EE4-454D-A43C-A95DF28862A2}
[2011/10/28 11:10:18 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{4B5D20EF-EEE1-48D4-AC00-CA71F6B34D23}
[2011/10/28 11:10:06 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{BAE744CE-7C32-489B-8E28-91DA71559E57}
[2011/10/27 23:09:39 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{2222ED6E-C3A9-4AA7-B193-F99AC58F0C97}
[2011/10/27 23:09:27 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{7C5ABA93-F4D8-46F0-9908-1770832048CB}
[2011/10/27 11:08:59 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{A3567F77-6FFF-4288-B3BF-3A1F11D55375}
[2011/10/27 11:08:32 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{FE0835F6-12E9-4C9C-864E-E2285563B947}
[2011/10/26 12:20:42 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{239DB737-E6B2-4793-B544-C853C064A4D2}
[2011/10/26 12:20:30 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{61EE020C-08CE-46E6-AABA-56AD6CD683EB}
[2011/10/25 11:28:52 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{B6B1C5C4-AA40-4A76-82D0-A86E6430C1D1}
[2011/10/25 11:28:39 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{78859CD7-0CFF-4A9B-BA2E-8B3E6CBB253A}
[2011/10/24 21:56:43 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{0DDC3E53-0DCF-4F09-8D34-6BBFD725A46C}
[2011/10/24 21:56:32 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{B407D6E1-416D-464D-A7AD-5FB0827979DC}
[2011/10/24 09:56:01 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{FF532406-76C2-4BCD-B2CE-9BE80B0ADD83}
[2011/10/24 09:55:49 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{52F9747B-36B8-4867-BDCA-D4AC4790DE51}
[2011/10/23 16:53:09 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{B405E183-7B77-4ACB-A1A6-BC536B841A8F}
[2011/10/23 16:52:48 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{1856462E-FEEE-47D3-8A4F-8FCBE5BD0727}
[2011/10/22 20:50:49 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{0B9F10AF-81FD-4045-812E-2EA72E9A0715}
[2011/10/22 20:50:19 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{E4F01377-29D8-4D71-8D3C-FF24D5AB6B16}
[2011/10/21 23:10:00 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{512F5EC5-0362-4968-8DF5-33D3DF456FF6}
[2011/10/21 23:09:48 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{090E5F39-476D-4ABA-A02A-27D67B13493C}
[2011/10/21 11:09:18 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{6E23105D-3B57-4203-8970-CFBD25E81E2F}
[2011/10/21 11:09:05 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{679C9EC2-5F0F-4B81-8AFD-C6110E6D239C}
[2011/10/20 11:38:16 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{48786813-C3F5-474C-A883-751B6FCB7D2F}
[2011/10/20 11:38:04 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{F14C98CF-FBEA-4E96-BB2B-AC8705D47FA1}
[2011/10/18 22:57:52 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{FB188636-3959-4DA9-AA45-B8DB70E4E3A2}
[2011/10/18 22:57:40 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{621493C3-44FE-4B12-9EED-9CDFA6CC365C}
[2011/10/18 10:57:00 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{0BA5F3BE-C59F-4530-8A70-0C0C52C90278}
[2011/10/18 10:56:45 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{22D09CF1-9935-444C-8B8F-66438CD3DECF}
[2011/10/17 22:42:12 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{0F96646D-9AB7-4730-9DE1-B8E188C47709}
[2011/10/17 10:41:46 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{F17F8024-21CD-4660-B09F-2A5C6062DC88}
[2011/10/17 10:41:34 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{1ECEDF93-7719-46CB-B279-7C679CD11B01}
[2011/10/16 21:58:03 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{298090E2-0CF2-42D2-83F0-5740F4C74533}
[2011/10/16 21:57:51 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{40FB5D3D-0828-4F1F-9EDE-155B2A0B12DF}
[2011/10/16 09:57:22 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{B0EAC5D7-BEA2-473E-887B-E738BA14CFC1}
[2011/10/16 09:57:10 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\{DEAC23E0-1875-4166-818C-77B839F39D84}
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/11/14 23:09:00 | 000,000,000 | ---- | M] () -- C:\Users\*****\defogger_reenable
[2011/11/14 23:00:48 | 000,015,568 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/11/14 23:00:48 | 000,015,568 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/11/14 22:52:37 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/11/14 22:52:35 | 536,322,047 | -HS- | M] () -- C:\hiberfil.sys
[2011/11/14 22:33:51 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/11/14 21:24:08 | 001,845,358 | ---- | M] () -- C:\Windows\SysNative\drivers\Cat.DB
[2011/11/14 21:22:46 | 000,002,022 | ---- | M] () -- C:\Users\Public\Desktop\Spyware Doctor.lnk
[2011/11/14 21:18:53 | 000,512,992 | ---- | M] () -- C:\Users\*****\Desktop\fasterpc.exe
[2011/11/14 21:17:49 | 000,000,432 | ---- | M] () -- C:\ProgramData\gohO3ZswT2WugB
[2011/11/14 21:11:05 | 000,000,288 | ---- | M] () -- C:\ProgramData\~gohO3ZswT2WugB
[2011/11/14 21:11:05 | 000,000,216 | ---- | M] () -- C:\ProgramData\~gohO3ZswT2WugBr
[2011/11/14 20:43:30 | 000,000,651 | ---- | M] () -- C:\Users\*****\Desktop\System Fix.lnk
[2011/11/14 18:09:01 | 000,000,928 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2069348105-253727359-2489619733-1000UA.job
[2011/11/14 00:09:11 | 000,000,906 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2069348105-253727359-2489619733-1000Core.job
[2011/11/11 19:45:20 | 000,000,332 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForTarik.job
[2011/11/09 17:33:35 | 004,912,240 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/11/03 13:53:20 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/11/03 13:53:20 | 000,653,928 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011/11/03 13:53:20 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/11/03 13:53:20 | 000,129,800 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011/11/03 13:53:20 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/11/01 22:58:14 | 000,117,520 | ---- | M] (MotioninJoy) -- C:\Windows\SysNative\drivers\MijXfilt.sys
[2011/10/24 13:17:25 | 000,000,317 | -H-- | M] () -- C:\Windows\MSUTIL.INI
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/11/14 23:09:00 | 000,000,000 | ---- | C] () -- C:\Users\*****\defogger_reenable
[2011/11/14 22:33:51 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/11/14 21:23:00 | 001,845,358 | ---- | C] () -- C:\Windows\SysNative\drivers\Cat.DB
[2011/11/14 21:22:46 | 000,002,022 | ---- | C] () -- C:\Users\Public\Desktop\Spyware Doctor.lnk
[2011/11/14 21:19:11 | 000,512,992 | ---- | C] () -- C:\Users\*****\Desktop\fasterpc.exe
[2011/11/14 20:43:29 | 000,000,651 | ---- | C] () -- C:\Users\*****\Desktop\System Fix.lnk
[2011/11/14 20:43:29 | 000,000,216 | ---- | C] () -- C:\ProgramData\~gohO3ZswT2WugBr
[2011/11/14 20:43:28 | 000,000,288 | ---- | C] () -- C:\ProgramData\~gohO3ZswT2WugB
[2011/11/14 20:43:17 | 000,000,432 | ---- | C] () -- C:\ProgramData\gohO3ZswT2WugB
[2011/11/10 00:04:55 | 000,000,928 | ---- | C] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2069348105-253727359-2489619733-1000UA.job
[2011/11/10 00:04:54 | 000,000,906 | ---- | C] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2069348105-253727359-2489619733-1000Core.job
[2011/10/05 20:57:28 | 000,000,317 | -H-- | C] () -- C:\Windows\MSUTIL.INI
[2011/05/24 22:44:26 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011/05/09 19:51:57 | 000,027,648 | ---- | C] () -- C:\Windows\SysWow64\AVSredirect.dll
[2011/04/09 13:44:56 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2011/03/31 21:45:26 | 000,000,056 | ---- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2011/03/17 18:51:44 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2010/12/02 04:30:41 | 000,009,988 | ---- | C] () -- C:\Windows\SysWow64\ezdigsgn.dat
[2010/12/02 03:58:59 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010/09/28 13:00:12 | 000,012,800 | ---- | C] () -- C:\Windows\LPRES.DLL
[2010/01/22 23:04:16 | 000,000,605 | -H-- | C] () -- C:\Windows\m3jpeg.ini
[2009/07/14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

========== LOP Check ==========

[2011/04/15 12:51:18 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\Azureus
[2011/06/05 08:50:55 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2011/04/11 18:50:13 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\Foxit Software
[2011/04/01 13:36:11 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\MotioninJoy
[2011/11/12 13:11:56 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\Mp3tag
[2011/04/05 17:59:22 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\Publish Providers
[2011/04/09 22:31:51 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\Raptr
[2011/10/24 11:03:37 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\Sony
[2011/10/04 09:41:47 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\Sony Creative Software Inc
[2011/05/12 23:01:29 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\TuneUp Software
[2011/04/08 19:25:52 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\WinBatch
[2011/04/29 23:00:41 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\Windows Live Writer
[2011/11/14 00:09:11 | 000,000,906 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2069348105-253727359-2489619733-1000Core.job
[2011/11/14 18:09:01 | 000,000,928 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2069348105-253727359-2489619733-1000UA.job
[2011/10/01 07:35:41 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 193 bytes -> C:\ProgramData\Temp:DFC5A2B2

< End of report >
Sollte ich den Pc trodzdem neu installieren?

kira 15.11.2011 07:33

Hallo und Herzlich Willkommen! :)

Bevor wir unsere Zusammenarbeit beginnen, [Bitte Vollständig lesen]:
Zitat:

  • "Fernbehandlungen/Fernhilfe" und die damit verbundenen Haftungsrisken:
    - da die Fehlerprüfung und Handlung werden über große Entfernungen durchgeführt, besteht keine Haftung unsererseits für die daraus entstehenden Folgen.
    - also, jede Haftung für die daraus entstandene Schäden wird ausgeschlossen, ANWEISUNGEN UND DEREN BEFOLGUNG, ERFOLGT AUF DEINE EIGENE VERANTWORTUNG!
  • Charakteristische Merkmale/Profilinformationen:
    - aus der verwendeten Loglisten oder Logdateien - wie z.B. deinen Realnamen, Seriennummer in Programm etc)- kannst Du herauslöschen oder durch [X] ersetzen
  • Die Systemprüfung und Bereinigung:
    - kann einige Zeit in Anspruch nehmen (je nach Art der Infektion), kann aber sogar so stark kompromittiert sein, so dass eine wirkungsvolle technische Säuberung ist nicht mehr möglich bzw Du es neu installieren musst
  • Ich empfehle Dir die Anweisungen erst einmal komplett durchzulesen, bevor du es anwendest, weil wenn du etwas falsch machst, kann es wirklich gefährlich werden. Wenn du meinen Anweisungen Schritt für Schritt folgst, kann eigentlich nichts schief gehen.
  • Innerhalb der Betreuungszeit:
    - ohne Abspräche bitte nicht auf eigene Faust handeln!- bei Problemen nachfragen.
  • Die Reihenfolge:
    - genau so wie beschrieben bitte einhalten, nicht selbst die Reihenfolge wählen!
  • GECRACKTE SOFTWARE werden hier nicht geduldet!!!!
  • Ansonsten unsere Forumsregeln:
    - Bitte erst lesen, dann posten!-> Für alle Hilfesuchenden! Was muss ich vor der Eröffnung eines Themas beachten?
  • Alle Logfile mit einem vBCode Tag eingefügen, das bietet hier eine gute Übersicht, erleichtert mir die Arbeit! Falls das Logfile zu groß, teile es in mehrere Teile auf.

Sobald Du diesen Einführungstext gelesen hast, kannst Du beginnen:)
Für Vista und Win7:
Wichtig: Alle Befehle bitte als Administrator ausführen! rechte Maustaste auf die Eingabeaufforderung und "als Administrator ausführen" auswählen
Auf der angewählten Anwendung einen Rechtsklick (rechte Maustaste) und "Als Administrator ausführen" wählen!

1.
Zitat:

Falls treten folgende Symptome auf:
Ordner sind leer, unter Startmenü Programme fehlen etc., dieses Tool bietet dir die Lösung:

  • Lade Dir Unhide.exe (http://filepony.de/download-unhide/) (by Grinler) herunter und speichere auf deinem Desktop
    für Windows 7 und Vista mit Rechtsklick als Administrator ausführen
  • Doppelklick auf das Unhide.exe Icon auf dem Desktop - Alles braucht seine Zeit, also ein bisschen Geduld
<Achtung!>: Wenn Dateien etc, die absichtlich von Dir verborgen waren, also unter eigenschaften versteckt eingestellt hast, musst Du wieder auszublenden, nachdem das Tool ausgeführt wird.

Zitat:

Alles wieder sichtbar? Bitte kontrolliere es und berichte mir genau über den Zustand!
2.
Hast du den Rechner bereits auf Viren überprüft? Folgende Ergebnisse möchte ich noch sehen:
Code:

Malwarebytes
(alle vorhandenen Protokolle!)

► Falls es Meldung/Bericht von deinem Antivirenprogramm oder andere Schutzprogramme gibt, bitte posten! Was gefunden und vor allem wo...
► Beschreibe, welche Versuche du unternommen hast, um das Problem zu lösen (die schon vorhandenen Ergebnisse auch posten)

3.
erneut einen Systemscan mit OTL
  • Doppelklick auf die OTL.exe
  • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt - OTL.txt und Extras.txt
  • Poste die Logfiles in Code-Tags hier in den Thread.

4.
Ich würde gerne noch all deine installierten Programme sehen:
Lade dir das Tool CCleaner herunter
Download
installieren (Software-Lizenzvereinbarung lesen, falls angeboten wird "Füge CCleaner Yahoo! Toolbar hinzu" abwählen)→ starten→ Sprache → Deutsch auswählen
dann klick auf "Extra (um die installierten Programme auch anzuzeigen)→ weiter auf "Als Textdatei speichern..."
wird eine Textdatei (*.txt) erstellt, kopiere dazu den Inhalt und füge ihn da ein

Zitat:

Damit dein Thread übersichtlicher und schön lesbar bleibt, am besten nutze den Code-Tags für deinen Post:
→ vor dein Log schreibst Du (also am Anfang des Logfiles):[code]
hier kommt dein Logfile rein - z.B OTL-Logfile o. sonstiges
→ dahinter - also am Ende der Logdatei: [/code]

** Möglichst nicht ins internet gehen, kein Online-Banking, File-sharing, Chatprogramme usw
gruß
kira

Chiko 15.11.2011 14:12

Danke für die Hilfe!

1. Ich habe Unhide geöffnet und nach einer Weile kam nur die Meldung
Code:

your files should now be visible. if you are still missing start menu items,please temporarily disable your Antivirus
or security programs and try again in the event that they interefered with the restoral process

Alle Programme sind noch weg!
Ausser der Verknüpfung zum ''Computer'' Ordner waren keine weiteren Ordner zu sehen. Jetzt habe ich aber durch den rechts klick > Eigenschaften > Startmenü Anpassen, die verknüpfungen wieder geholt, nur halt die ganzen Programme fehlen noch.

2. Malwarebytes fand durch den Quick Scan keine Infizierten Objekte.
ich habe das Problem, nach eurem theard ''Data Recovery entfernen'', versucht zu lösen.
ich poste aba mal die Logdatei von Gestern wo noch mein Pc richtig befallen war

Quick Scan Gestern
Code:

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Datenbank Version: 8163

Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421

14.11.2011 22:50:55
mbam-log-2011-11-14 (22-50-55).txt

Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 168104
Laufzeit: 5 Minute(n), 57 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 1
Infizierte Dateiobjekte der Registrierung: 2
Infizierte Verzeichnisse: 0
Infizierte Dateien: 5

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\WNicVIllUbjiXg.exe (Trojan.FakeAlert) -> Value: WNicVIllUbjiXg.exe -> Quarantined and deleted successfully.

Infizierte Dateiobjekte der Registrierung:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowMyComputer (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowSearch (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
c:\programdata\wnicvillubjixg.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\programdata\goho3zswt2wugb.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\Users\*****\AppData\Local\Temp\678F.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\Users\*****\AppData\Local\Temp\Install.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\Users\*****\AppData\Local\Temp\uqscfquyy6rngu.exe.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.

3.
hier die Logfiles

Extras:
Code:

OTL Extras logfile created on: 11/15/2011 1:33:54 PM - Run 2
OTL by OldTimer - Version 3.2.31.0    Folder = C:\Users\Tarik\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
6.00 Gb Total Physical Memory | 3.47 Gb Available Physical Memory | 57.80% Memory free
12.00 Gb Paging File | 9.34 Gb Available in Paging File | 77.87% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 917.81 Gb Total Space | 713.61 Gb Free Space | 77.75% Space Free | Partition Type: NTFS
Drive D: | 13.60 Gb Total Space | 1.68 Gb Free Space | 12.39% Space Free | Partition Type: NTFS
Drive G: | 232.88 Gb Total Space | 150.88 Gb Free Space | 64.79% Space Free | Partition Type: NTFS
 
Computer Name: TARIK-HP | User Name: Tarik | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{11BA2B00-1495-47B8-BFA8-D08C605AB2CC}" = Windows Live Family Safety
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{31A6FA40-E935-11E0-95F9-F04DA23A5C58}" = Vegas Pro 11.0 (64-bit)
"{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1" = MotioninJoy ds3 driver version 0.6.0001
"{33C19CDE-E935-11E0-A0DA-F04DA23A5C58}" = MSVCRT Redists
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{51317AF5-D39F-49EC-A4B5-87451466B837}" = AMD Fuel
"{54E192A6-AA33-1963-C96A-26AA7A3B41B4}" = ccc-utility64
"{5857E7BE-2F6F-D41A-42B2-B668B19A5F30}" = AMD Media Foundation Decoders
"{5B08AF35-B699-4A44-BB89-3E51E70611E8}" = HP MediaSmart SmartMenu
"{5DF57DB1-D971-3DA3-B4BB-F6FC7D73A997}" = AMD Drag and Drop Transcoding
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}" = Windows Mobile-Gerätecenter
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{C9608300-11F5-11E0-A64B-0013D3D69929}" = MSVCRT Redists
"{CEA21F20-DBF4-464C-8B81-28B8508AFDDD}" = Windows Live Family Safety
"{CFF9D801-1EC4-B8F5-2CAB-4A1790C95A18}" = ATI Catalyst Install Manager
"{D3A82E80-D0A5-11DF-B425-0013D3D69929}" = Vegas Pro 10.0 (64-bit)
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D79A02E9-6713-4335-9668-AAC7474C0C0E}" = HP Vision Hardware Diagnostics
"{D81C035E-D0A5-11DF-9450-0013D3D69929}" = MSVCRT Redists
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player ActiveX 64" = Adobe Flash Player 10 ActiveX 64-bit
"CCleaner" = CCleaner
"GenArts SapphireEdge Plug-ins for OFX_is1" = GenArts SapphireEdge Plug-ins 1.0 for OFX
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"NVIDIA Drivers" = NVIDIA Drivers
"WinRAR archiver" = WinRAR 4.00 (64-Bit)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}" = Messenger Companion
"{06E6E30D-B498-442F-A943-07DE41D7F785}" = Microsoft Search Enhancement Pack
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{19A492A0-888F-44A0-9B21-D91700763F62}" = Catalyst Control Center - Branding
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1C7108CF-774A-11E0-B3C5-0013D3D69929}" = Vegas Pro 10.0
"{1D7CE340-70C3-4848-BCCF-215950328A4C}" = Facebook Video Calling 1.0.0.8953
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1F77C418-2C90-459C-BD33-B56A4182B9FA}" = System Requirements Lab CYRI
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{229B6751-774A-11E0-BCAE-0013D3D69929}" = MSVCRT Redists
"{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}" = TuneUp Utilities 2011
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 22
"{3023EBDA-BF1B-4831-B347-E5018555F26E}" = Movie Theme Pack for HP MediaSmart Video
"{30D659E4-4405-6925-CDCF-EB8CD0C80DAC}" = Catalyst Control Center Graphics Previews Common
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3CA2B4FD-AEF2-ED4F-F5E5-0095DDA47AC7}" = Adobe Download Assistant
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}" = HP Advisor
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = Recovery Manager
"{46BA053F-57B3-4153-BDB6-D37EEC8B12D7}" = LightScribe System Software
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync
"{5D4C60AA-84E6-4E1A-8A68-69970D387BE1}" = TuneUp Utilities Language Pack (de-DE)
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{60DE7978-4F13-5584-5E53-DCEE1CB115A5}" = AMD VISION Engine Control Center
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}" = HP MediaSmart Photo
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.1.1.0
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72D90DB3-A16A-4545-B555-868471101833}" = HP Setup
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{85268C72-C609-E50A-7AB3-9B3582DFEE66}" = CCC Help English
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.SingleImage_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0407-1000-0000000FF1CE}_Office14.SingleImage_{594128C9-2CDF-43CE-8103-DC100CF013B6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.SingleImage_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.SingleImage_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}" = HP MediaSmart Music
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{AFF7E080-1974-45BF-9310-10DE1A1F5ED0}" = Adobe AIR
"{AFF8C8F4-E4BB-891F-8636-5E71F946C5B6}" = Catalyst Control Center InstallProxy
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B8AC1A89-FFD1-4F97-8051-E505A160F562}" = HP Odometer
"{B95B1BA9-F887-4B3C-8D3A-CCD4C4675120}" = Microsoft Default Manager
"{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}" = HP Support Information
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{CA43FE4F-9FF2-4AD7-88F0-CC3BAC17B226}" = HP Support Assistant
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D12E3E7F-1B13-4933-A915-16C7DD37A095}" = HP MediaSmart Video
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"{DE77FE3F-A33D-499A-87AD-5FC406617B40}" = HP Update
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}" = DVD Menu Pack for HP MediaSmart Video
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"aTube Catcher" = aTube Catcher
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant
"DivX Setup.divx.com" = DivX-Setup
"Foxit Creator" = Foxit Creator
"Foxit Reader" = Foxit Reader
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}" = Movie Theme Pack for HP MediaSmart Video
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}" = HP MediaSmart Photo
"InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}" = HP MediaSmart Music
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095}" = HP MediaSmart Video
"InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}" = DVD Menu Pack for HP MediaSmart Video
"JDownloader" = JDownloader
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware Version 1.51.2.1300
"Mozilla Firefox 8.0 (x86 de)" = Mozilla Firefox 8.0 (x86 de)
"Mp3tag" = Mp3tag v2.49
"MusicStationNetstaller" = MusicStation
"NewBlue 3D Explosions for Windows" = NewBlue 3D Explosions for Windows
"NewBlue 3D Transformations for Windows" = NewBlue 3D Transformations for Windows
"NewBlue Art Blends for Windows" = NewBlue Art Blends for Windows
"NewBlue Art Effects for Windows" = NewBlue Art Effects for Windows
"NewBlue Film Effects for Windows" = NewBlue Film Effects for Windows
"NewBlue Motion Blends for Windows" = NewBlue Motion Blends for Windows
"NewBlue Motion Effects for Windows" = NewBlue Motion Effects for Windows
"NewBlue Video Essentials for Windows" = NewBlue Video Essentials for Windows
"NIS" = Norton Internet Security
"Office14.SingleImage" = Microsoft Office Home and Business 2010
"PDF Complete" = PDF Complete Special Edition
"RocketDock_is1" = RocketDock 1.3.5
"TuneUp Utilities 2011" = TuneUp Utilities 2011
"WinLiveSuite" = Windows Live Essentials
 
========== Last 10 Event Log Errors ==========
 
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
 
< End of report >

OTL:


Code:

OTL logfile created on: 11/15/2011 1:33:54 PM - Run 2
OTL by OldTimer - Version 3.2.31.0    Folder = C:\Users\Tarik\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
6.00 Gb Total Physical Memory | 3.47 Gb Available Physical Memory | 57.80% Memory free
12.00 Gb Paging File | 9.34 Gb Available in Paging File | 77.87% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 917.81 Gb Total Space | 713.61 Gb Free Space | 77.75% Space Free | Partition Type: NTFS
Drive D: | 13.60 Gb Total Space | 1.68 Gb Free Space | 12.39% Space Free | Partition Type: NTFS
Drive G: | 232.88 Gb Total Space | 150.88 Gb Free Space | 64.79% Space Free | Partition Type: NTFS
 
Computer Name: TARIK-HP | User Name: Tarik | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Tarik\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\ccsvchst.exe (Symantec Corporation)
PRC - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Company)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Windows\SysWOW64\ezSharedSvcHost.exe (EasyBits Software AS)
PRC - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe (Adobe Systems Incorporated)
PRC - C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
PRC - C:\Program Files (x86)\PDF Complete\pdfsvc.exe (PDF Complete Inc)
PRC - C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)
PRC - C:\Program Files (x86)\RocketDock\RocketDock.exe ()
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
MOD - C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
MOD - C:\Program Files (x86)\RocketDock\RocketDock.exe ()
MOD - C:\Program Files (x86)\RocketDock\RocketDock.dll ()
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - (UxTuneUp) -- C:\Windows\SysNative\uxtuneup.dll (TuneUp Software)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (AMD FUEL Service) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Advanced Micro Devices, Inc.)
SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV:64bit: - (nSvcIp) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe ()
SRV:64bit: - (ForceWare Intelligent Application Manager (IAM)) -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe ()
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe (TuneUp Software)
SRV - (UxTuneUp) -- C:\Windows\SysWOW64\uxtuneup.dll (TuneUp Software)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (HP Support Assistant Service) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe (Hewlett-Packard Company)
SRV - (NIS) -- C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe (Symantec Corporation)
SRV - (HPDrvMntSvc.exe) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Company)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (pdfcDispatcher) -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe (PDF Complete Inc)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation)
SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (MotioninJoyXFilter) -- C:\Windows\SysNative\drivers\MijXfilt.sys (MotioninJoy)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (SymNetS) -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\symnets.sys (Symantec Corporation)
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (SymEvent) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS (Symantec Corporation)
DRV:64bit: - (SRTSP) -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\srtsp64.sys (Symantec Corporation)
DRV:64bit: - (SRTSPX) Symantec Real Time Storage Protection (PEL) -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\srtspx64.sys (Symantec Corporation)
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices)
DRV:64bit: - (SymEFA) -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\symefa64.sys (Symantec Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (SymDS) -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\symds64.sys (Symantec Corporation)
DRV:64bit: - (SymIRON) -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\ironx64.sys (Symantec Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
DRV:64bit: - (xusb21) -- C:\Windows\SysNative\drivers\xusb21.sys (Microsoft Corporation)
DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.)
DRV:64bit: - (NVNET) -- C:\Windows\SysNative\drivers\nvmf6264.sys (NVIDIA Corporation)
DRV:64bit: - (amdiox64) -- C:\Windows\SysNative\drivers\amdiox64.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (usb_rndisx) -- C:\Windows\SysNative\drivers\usb8023x.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (NAVEX15) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\VirusDefs\20110531.002\EX64.SYS (Symantec Corporation)
DRV - (NAVENG) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\VirusDefs\20110531.002\ENG64.SYS (Symantec Corporation)
DRV - (eeCtrl) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys (Symantec Corporation)
DRV - (EraserUtilRebootDrv) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)
DRV - (BHDrvx64) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\BASHDefs\20110518.001\BHDrvx64.sys (Symantec Corporation)
DRV - (IDSVia64) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\Definitions\IPSDefs\20110527.001\IDSviA64.sys (Symantec Corporation)
DRV - (TuneUpUtilitiesDrv) -- C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys (TuneUp Software)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPDSK/4
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPDSK/4
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPDSK/4
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPDSK/4
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPDSK/4
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - No CLSID value found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "Google.de"
FF - prefs.js..keyword.URL: "hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q="
FF - prefs.js..network.proxy.backup.ftp: "98.166.234.138"
FF - prefs.js..network.proxy.backup.ftp_port: 8085
FF - prefs.js..network.proxy.backup.socks: "98.166.234.138"
FF - prefs.js..network.proxy.backup.socks_port: 8085
FF - prefs.js..network.proxy.backup.ssl: "98.166.234.138"
FF - prefs.js..network.proxy.backup.ssl_port: 8085
FF - prefs.js..network.proxy.ftp: "68.169.39.192"
FF - prefs.js..network.proxy.ftp_port: 22085
FF - prefs.js..network.proxy.http: "68.169.39.192"
FF - prefs.js..network.proxy.http_port: 22085
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: "68.169.39.192"
FF - prefs.js..network.proxy.socks_port: 22085
FF - prefs.js..network.proxy.ssl: "68.169.39.192"
FF - prefs.js..network.proxy.ssl_port: 22085
FF - prefs.js..network.proxy.type: 0
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Tarik\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\IPSFFPlgn\ [2011/09/27 15:37:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.0.0.128\coFFPlgn_2011_7_3_6 [2011/11/15 11:27:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011/05/08 15:24:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011/05/08 15:24:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/11/09 13:50:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/05/07 22:43:53 | 000,000,000 | ---D | M]
 
[2011/03/31 12:40:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tarik\AppData\Roaming\mozilla\Extensions
[2011/11/15 00:01:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tarik\AppData\Roaming\mozilla\Firefox\Profiles\79wa8i6p.default\extensions
[2011/10/05 08:52:10 | 000,002,401 | ---- | M] () -- C:\Users\Tarik\AppData\Roaming\Mozilla\Firefox\Profiles\79wa8i6p.default\searchplugins\askcom.xml
[2011/11/09 17:32:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
() (No name found) -- C:\USERS\TARIK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\79WA8I6P.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\USERS\TARIK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\79WA8I6P.DEFAULT\EXTENSIONS\FINDER@MEINGUTSCHEINCODE.DE.XPI
[2011/11/09 13:50:10 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2010/01/01 09:00:00 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010/01/01 09:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2010/01/01 09:00:00 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2010/01/01 09:00:00 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2010/01/01 09:00:00 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2010/01/01 09:00:00 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\coieplg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\ips\ipsbho.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\coieplg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\coieplg.dll (Symantec Corporation)
O4:64bit: - HKLM..\Run: [hpsysdrv] c:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)
O4:64bit: - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
O4:64bit: - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe (PDF Complete Inc)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [Facebook Update] C:\Users\Tarik\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [RocketDock] C:\Program Files (x86)\RocketDock\RocketDock.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5C5B8455-A49D-4FC1-8E82-BD73DF535F3A}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O27:64bit: - HKLM IFEO\ezsecshield.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\ezsecshield.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe (TuneUp Software)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/07/01 15:23:43 | 000,000,000 | R--D | M] - G:\autorun -- [ NTFS ]
O32 - Unable to obtain root file information for disk G:\
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011/11/15 00:31:14 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{CE68F8B0-8323-4E6C-BD7A-2DD385D8350E}
[2011/11/15 00:31:01 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{C7E02587-ECF6-42AB-AE10-195ED19EC478}
[2011/11/14 22:34:08 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Roaming\Malwarebytes
[2011/11/14 22:33:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/11/14 22:33:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/11/14 22:33:43 | 000,025,416 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011/11/14 22:33:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011/11/14 21:22:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Tools Security
[2011/11/14 21:22:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PC Tools
[2011/11/14 21:19:11 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2011/11/14 12:30:33 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{CA8F7788-D333-416D-A424-B67918D4A732}
[2011/11/14 12:30:21 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{E98A1CCA-B7F9-43F1-B0C9-7787C16DE465}
[2011/11/13 21:15:30 | 000,000,000 | ---D | C] -- C:\Users\Tarik\Documents\Hörbuch
[2011/11/13 21:05:06 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{C9DDE7A6-2C7B-4CB3-B16E-A56508734A19}
[2011/11/13 21:04:53 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{C03462B5-712E-48CC-9574-3DA1D9791343}
[2011/11/13 09:04:06 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{7A3599DA-FD12-4FDB-93A4-3988F9DBE3C3}
[2011/11/13 09:03:52 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{1B01A0B9-48F9-422A-990D-CC7AD704025E}
[2011/11/12 10:59:19 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{13A121A4-AC2E-489A-ACED-C5E4D633CC81}
[2011/11/12 10:59:08 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{9D24F2E8-717E-47CB-B0D6-97F3CE157FF8}
[2011/11/11 22:58:39 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{DD178FEE-9F2F-4DD3-901A-402E92CC5EA3}
[2011/11/11 22:58:27 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{67E05047-5FAD-4124-A2B6-75BEA77A634A}
[2011/11/11 10:57:56 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{1EA9DD86-73EA-4D65-BD9D-AA0091BECACC}
[2011/11/11 10:57:41 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{D96036F6-82D3-451E-A939-366293381B69}
[2011/11/11 00:10:05 | 000,000,000 | ---D | C] -- C:\Users\Tarik\Documents\Quali 2010
[2011/11/11 00:09:20 | 000,000,000 | ---D | C] -- C:\Users\Tarik\Documents\Links2
[2011/11/11 00:08:48 | 000,000,000 | ---D | C] -- C:\Users\Tarik\Documents\Meine empfangenen Dateien
[2011/11/11 00:01:22 | 000,000,000 | ---D | C] -- C:\Users\Tarik\Documents\Photoshop
[2011/11/10 23:59:50 | 000,000,000 | ---D | C] -- C:\Users\Tarik\Documents\Sony Vegas
[2011/11/10 11:39:12 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{798F60D4-0C40-43B6-B4B6-614FCF2BF5A8}
[2011/11/10 11:39:01 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{23AC28EB-D829-4A34-BABD-00B74A9F56AC}
[2011/11/10 00:04:35 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\Facebook
[2011/11/09 23:38:34 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{F65050C3-FFFF-4AA3-9C0A-8A51B181147C}
[2011/11/09 23:38:22 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{8ECBE330-F342-44CB-A32A-02B176934D87}
[2011/11/09 11:37:42 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{4645F517-EF7E-4FD2-8D0E-D26B6B676F3E}
[2011/11/09 11:37:29 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{03E18D2A-D0E2-44BB-AF28-8AB1D34AAA3E}
[2011/11/08 23:16:14 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{4B637F14-14EA-4933-AA9B-34D1B9328EA9}
[2011/11/08 23:16:01 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{1D54B9D2-DF01-4192-A9BC-E93FDD114FB0}
[2011/11/08 11:15:33 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{4A92C528-D8F7-4135-81AA-BBBA178E3598}
[2011/11/08 11:15:20 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{20D0B301-BE7A-435F-BD3C-C58AE881314C}
[2011/11/07 20:50:04 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2011/11/07 17:10:49 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{9BA818B0-77C7-43CC-8AA1-16DF4D17515D}
[2011/11/07 17:10:33 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{70DCF78A-F80D-4CF5-A93C-1C4D6FA9F9D3}
[2011/11/06 23:34:29 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{6CA0EB60-A7A3-41CB-8944-566F35B027FA}
[2011/11/06 11:33:56 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{A448F4DC-E21E-41BF-A573-C9FFA14774EA}
[2011/11/06 11:33:39 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{1B02F3A4-97C7-4916-B961-FDAA168BEEA4}
[2011/11/05 16:04:45 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{573D1738-C157-4908-8C05-2646E25E8CDA}
[2011/11/05 16:04:26 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{31CC02F7-31B2-4E5C-8D16-3652D9BF3E1A}
[2011/11/04 23:20:48 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{0FE081F2-130A-4D7A-BFF1-76EA7C245231}
[2011/11/04 23:20:37 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{3AD3AE58-E7A0-42BF-8F35-32114ECBF853}
[2011/11/04 11:20:06 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{D23716BE-6041-446D-A8D8-51A3CE2F1A1B}
[2011/11/04 11:19:54 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{D1ADA8F5-E048-42BF-A374-21CB1F24A398}
[2011/11/03 20:22:44 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{B3149E1F-375F-45C1-B8DF-B6FF394F7237}
[2011/11/03 20:22:32 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{1ABFDCF9-BF1A-48BB-8198-C6B431A0EAC9}
[2011/11/03 08:22:01 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{2E57C71B-2791-4876-BA02-117A22B5AD60}
[2011/11/03 08:21:48 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{7D07CAA3-063B-4D81-9C7D-6537B18B6627}
[2011/11/02 18:56:18 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{095DF9A8-AB33-41FE-899F-6C9705069FC0}
[2011/11/02 18:56:05 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{E81719A6-9D6F-4497-8D12-C6F400890756}
[2011/11/01 23:30:54 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{7E6F863C-97AB-4946-B5E9-0600136AA57E}
[2011/11/01 23:30:43 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{00F69401-1B11-41BC-B9EB-3AC8AEB00168}
[2011/11/01 11:30:14 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{46BE2058-0C7D-401A-AA17-458C486FEE3C}
[2011/11/01 11:30:02 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{5CDAD7B6-172B-49FE-A1CA-AA5D33CCBAF3}
[2011/10/31 23:26:31 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{5BAC46B5-31E2-47CC-BBB8-7F0D7FD83888}
[2011/10/31 23:26:19 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{CE1953CA-8D19-4198-ABFC-6BBAA4F2C13B}
[2011/10/31 11:14:13 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{E3DE74F4-1B7E-4C0C-9CC6-5703E94CA988}
[2011/10/31 11:13:59 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{17CCB99A-50E4-43CE-9B94-79B18E91EBBF}
[2011/10/30 23:13:32 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{9C85C78C-62D7-4FC5-A243-993F931D9566}
[2011/10/30 23:13:20 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{4F0B5EBA-AC19-405B-886A-EF41F2759637}
[2011/10/30 11:12:53 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{35926FE3-BBA7-4F12-92AC-FFE6655A1F1F}
[2011/10/30 11:12:41 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{BD25716A-C11F-4ABF-B874-D226EA86DCFB}
[2011/10/29 23:12:14 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{B2A3859C-ECBE-4FA4-8DF1-D765B86EC299}
[2011/10/29 23:12:03 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{A21F202E-BFAC-4068-9373-06A1379AEB5E}
[2011/10/29 11:11:36 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{C7D47131-CB38-4A39-90EB-0604C71D1D35}
[2011/10/29 11:11:24 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{CE2176F9-590D-4A1F-AE67-0010488D5B8A}
[2011/10/28 23:10:57 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{38413A2D-154A-4177-BEF3-DF2DB471895C}
[2011/10/28 23:10:45 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{CC751866-8EE4-454D-A43C-A95DF28862A2}
[2011/10/28 11:10:18 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{4B5D20EF-EEE1-48D4-AC00-CA71F6B34D23}
[2011/10/28 11:10:06 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{BAE744CE-7C32-489B-8E28-91DA71559E57}
[2011/10/27 23:09:39 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{2222ED6E-C3A9-4AA7-B193-F99AC58F0C97}
[2011/10/27 23:09:27 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{7C5ABA93-F4D8-46F0-9908-1770832048CB}
[2011/10/27 11:08:59 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{A3567F77-6FFF-4288-B3BF-3A1F11D55375}
[2011/10/27 11:08:32 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{FE0835F6-12E9-4C9C-864E-E2285563B947}
[2011/10/26 12:20:42 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{239DB737-E6B2-4793-B544-C853C064A4D2}
[2011/10/26 12:20:30 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{61EE020C-08CE-46E6-AABA-56AD6CD683EB}
[2011/10/25 11:28:52 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{B6B1C5C4-AA40-4A76-82D0-A86E6430C1D1}
[2011/10/25 11:28:39 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{78859CD7-0CFF-4A9B-BA2E-8B3E6CBB253A}
[2011/10/24 21:56:43 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{0DDC3E53-0DCF-4F09-8D34-6BBFD725A46C}
[2011/10/24 21:56:32 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{B407D6E1-416D-464D-A7AD-5FB0827979DC}
[2011/10/24 09:56:01 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{FF532406-76C2-4BCD-B2CE-9BE80B0ADD83}
[2011/10/24 09:55:49 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{52F9747B-36B8-4867-BDCA-D4AC4790DE51}
[2011/10/23 16:53:09 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{B405E183-7B77-4ACB-A1A6-BC536B841A8F}
[2011/10/23 16:52:48 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{1856462E-FEEE-47D3-8A4F-8FCBE5BD0727}
[2011/10/22 20:50:49 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{0B9F10AF-81FD-4045-812E-2EA72E9A0715}
[2011/10/22 20:50:19 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{E4F01377-29D8-4D71-8D3C-FF24D5AB6B16}
[2011/10/21 23:10:00 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{512F5EC5-0362-4968-8DF5-33D3DF456FF6}
[2011/10/21 23:09:48 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{090E5F39-476D-4ABA-A02A-27D67B13493C}
[2011/10/21 11:09:18 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{6E23105D-3B57-4203-8970-CFBD25E81E2F}
[2011/10/21 11:09:05 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{679C9EC2-5F0F-4B81-8AFD-C6110E6D239C}
[2011/10/20 11:38:16 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{48786813-C3F5-474C-A883-751B6FCB7D2F}
[2011/10/20 11:38:04 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{F14C98CF-FBEA-4E96-BB2B-AC8705D47FA1}
[2011/10/18 22:57:52 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{FB188636-3959-4DA9-AA45-B8DB70E4E3A2}
[2011/10/18 22:57:40 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{621493C3-44FE-4B12-9EED-9CDFA6CC365C}
[2011/10/18 10:57:00 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{0BA5F3BE-C59F-4530-8A70-0C0C52C90278}
[2011/10/18 10:56:45 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{22D09CF1-9935-444C-8B8F-66438CD3DECF}
[2011/10/17 22:42:12 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{0F96646D-9AB7-4730-9DE1-B8E188C47709}
[2011/10/17 10:41:46 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{F17F8024-21CD-4660-B09F-2A5C6062DC88}
[2011/10/17 10:41:34 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{1ECEDF93-7719-46CB-B279-7C679CD11B01}
[2011/10/16 21:58:03 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{298090E2-0CF2-42D2-83F0-5740F4C74533}
[2011/10/16 21:57:51 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{40FB5D3D-0828-4F1F-9EDE-155B2A0B12DF}
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2011/11/15 12:09:03 | 000,000,928 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2069348105-253727359-2489619733-1000UA.job
[2011/11/15 11:36:03 | 000,015,568 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/11/15 11:36:03 | 000,015,568 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/11/15 11:27:39 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/11/15 11:27:32 | 536,322,047 | -HS- | M] () -- C:\hiberfil.sys
[2011/11/15 00:09:00 | 000,000,906 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2069348105-253727359-2489619733-1000Core.job
[2011/11/14 23:09:00 | 000,000,000 | ---- | M] () -- C:\Users\Tarik\defogger_reenable
[2011/11/14 22:46:03 | 000,684,297 | ---- | M] () -- C:\Users\Tarik\Desktop\unhide.exe
[2011/11/14 22:33:51 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/11/14 21:24:08 | 001,845,358 | ---- | M] () -- C:\Windows\SysNative\drivers\Cat.DB
[2011/11/14 21:18:53 | 000,512,992 | ---- | M] () -- C:\Users\Tarik\Desktop\fasterpc.exe
[2011/11/14 21:17:49 | 000,000,432 | ---- | M] () -- C:\ProgramData\gohO3ZswT2WugB
[2011/11/14 21:11:05 | 000,000,288 | ---- | M] () -- C:\ProgramData\~gohO3ZswT2WugB
[2011/11/14 21:11:05 | 000,000,216 | ---- | M] () -- C:\ProgramData\~gohO3ZswT2WugBr
[2011/11/11 19:45:20 | 000,000,332 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForTarik.job
[2011/11/09 17:33:35 | 004,912,240 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/11/03 13:53:20 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/11/03 13:53:20 | 000,653,928 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011/11/03 13:53:20 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/11/03 13:53:20 | 000,129,800 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011/11/03 13:53:20 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/11/01 22:58:14 | 000,117,520 | ---- | M] (MotioninJoy) -- C:\Windows\SysNative\drivers\MijXfilt.sys
[2011/10/24 13:17:25 | 000,000,317 | ---- | M] () -- C:\Windows\MSUTIL.INI
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2011/11/14 23:09:00 | 000,000,000 | ---- | C] () -- C:\Users\Tarik\defogger_reenable
[2011/11/14 22:45:53 | 000,684,297 | ---- | C] () -- C:\Users\Tarik\Desktop\unhide.exe
[2011/11/14 22:33:51 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/11/14 21:23:00 | 001,845,358 | ---- | C] () -- C:\Windows\SysNative\drivers\Cat.DB
[2011/11/14 21:19:11 | 000,512,992 | ---- | C] () -- C:\Users\Tarik\Desktop\fasterpc.exe
[2011/11/14 20:43:29 | 000,000,216 | ---- | C] () -- C:\ProgramData\~gohO3ZswT2WugBr
[2011/11/14 20:43:28 | 000,000,288 | ---- | C] () -- C:\ProgramData\~gohO3ZswT2WugB
[2011/11/14 20:43:17 | 000,000,432 | ---- | C] () -- C:\ProgramData\gohO3ZswT2WugB
[2011/11/10 00:04:55 | 000,000,928 | ---- | C] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2069348105-253727359-2489619733-1000UA.job
[2011/11/10 00:04:54 | 000,000,906 | ---- | C] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2069348105-253727359-2489619733-1000Core.job
[2011/10/05 20:57:28 | 000,000,317 | ---- | C] () -- C:\Windows\MSUTIL.INI
[2011/05/24 22:44:26 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011/05/09 19:51:57 | 000,027,648 | ---- | C] () -- C:\Windows\SysWow64\AVSredirect.dll
[2011/04/09 13:44:56 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2011/03/31 21:45:26 | 000,000,056 | ---- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2011/03/17 18:51:44 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2010/12/02 04:30:41 | 000,009,988 | ---- | C] () -- C:\Windows\SysWow64\ezdigsgn.dat
[2010/12/02 03:58:59 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010/09/28 13:00:12 | 000,012,800 | ---- | C] () -- C:\Windows\LPRES.DLL
[2010/01/22 23:04:16 | 000,000,605 | ---- | C] () -- C:\Windows\m3jpeg.ini
[2009/07/14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 153 bytes -> C:\ProgramData\Temp:DFC5A2B2

< End of report >


4.Hier die Liste meiner Programme
Code:

7-Zip 9.20 (x64 edition)        Igor Pavlov        03.04.2011        4,53MB        9.20.00.0
Adobe AIR        Adobe Systems Incorporated        04.06.2011                2.6.0.19140
Adobe Download Assistant        Adobe Systems Incorporated        04.06.2011                1.0.1
Adobe Flash Player 10 ActiveX        Adobe Systems Incorporated        01.12.2010                10.0.42.34
Adobe Flash Player 10 ActiveX 64-bit        Adobe Systems Incorporated        09.07.2011        6,00MB        10.3.162.28
Adobe Flash Player 10 Plugin        Adobe Systems Incorporated        24.09.2011        6,00MB        10.3.183.10
Adobe Photoshop CS5        Adobe Systems Incorporated        04.06.2011        1.646MB        12.0
Adobe Shockwave Player 11.6        Adobe Systems, Inc.        22.08.2011                11.6.1.629
ATI Catalyst Install Manager        ATI Technologies, Inc.        22.06.2011        22,5MB        3.0.829.0
aTube Catcher        DsNET Corp        29.10.2011                2.6.769
Avira AntiVir Personal - Free Antivirus        Avira GmbH        17.10.2011        70,6MB        10.2.0.704
CCleaner        Piriform        04.11.2011                3.12
CyberLink DVD Suite Deluxe        CyberLink Corp.        30.11.2010        36,5MB        7.0.2823
DivX-Setup        DivX, LLC        29.04.2011                2.5.0.8
DVD Menu Pack for HP MediaSmart Video        Hewlett-Packard        30.11.2010        102,0MB        4.1.4030
Facebook Video Calling 1.0.0.8953        Skype Limited        14.11.2011        3,93MB        1.0.8953
Foxit Creator        Foxit Corporation        10.04.2011                3,0,2,0506
Foxit Reader        Foxit Corporation        10.04.2011        11,6MB        4.3.1.323
GenArts SapphireEdge Plug-ins 1.0 for OFX                04.10.2011        398MB       
HP Advisor        Hewlett-Packard        07.04.2011        54,5MB        3.4.12850.3526
HP MediaSmart DVD        Hewlett-Packard        30.11.2010        98,9MB        4.1.4229
HP MediaSmart Music        Hewlett-Packard        30.11.2010        73,1MB        4.1.4301
HP MediaSmart Photo        Hewlett-Packard        30.11.2010        262MB        4.1.4211
HP MediaSmart SmartMenu        Hewlett-Packard        30.11.2010        2,03MB        3.1.1.12
HP MediaSmart Video        Hewlett-Packard        30.11.2010        303MB        4.1.4214
HP Odometer        Hewlett-Packard        30.11.2010        48,00KB        2.10.0000
HP Setup        Hewlett-Packard        30.11.2010                8.1.4186.3400
HP Support Assistant        Hewlett-Packard Company        15.09.2011        64,7MB        6.0.5.4
HP Support Information        Hewlett-Packard        30.11.2010        0,15MB        10.1.0002
HP Update        Hewlett-Packard        30.11.2010        2,97MB        5.002.003.003
HP Vision Hardware Diagnostics        Hewlett-Packard        30.11.2010        11,3MB        2.1.2.27173
Java(TM) 6 Update 22        Oracle        31.03.2011        95,0MB        6.0.220
JDownloader        AppWork UG (haftungsbeschränkt)        31.03.2011               
LabelPrint        CyberLink Corp.        30.11.2010        231MB        2.5.2823
LightScribe System Software        LightScribe        30.11.2010        24,6MB        1.18.15.1
Malwarebytes' Anti-Malware Version 1.51.2.1300        Malwarebytes Corporation        13.11.2011        13,8MB        1.51.2.1300
Microsoft .NET Framework 4 Client Profile        Microsoft Corporation        01.04.2011        38,8MB        4.0.30319
Microsoft .NET Framework 4 Client Profile DEU Language Pack        Microsoft Corporation        01.04.2011        2,94MB        4.0.30319
Microsoft Office Home and Business 2010        Microsoft Corporation        04.10.2011                14.0.6029.1000
Microsoft Silverlight        Microsoft Corporation        11.10.2011        140,1MB        4.0.60831.0
Microsoft SQL Server 2005 Compact Edition [ENU]        Microsoft Corporation        30.03.2011        1,72MB        3.1.0000
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053        Microsoft Corporation        01.04.2011        0,25MB        8.0.50727.4053
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053        Microsoft Corporation        01.04.2011        0,24MB        8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable        Microsoft Corporation        23.10.2011        2,38MB        8.0.61001
Microsoft Visual C++ 2005 Redistributable (x64)        Microsoft Corporation        23.10.2011        0,82MB        8.0.61000
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022        Microsoft Corporation        04.10.2011        1,43MB        9.0.21022
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17        Microsoft Corporation        30.11.2010        0,77MB        9.0.30729
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148        Microsoft Corporation        30.11.2010        0,77MB        9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161        Microsoft Corporation        16.06.2011        0,77MB        9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022        Microsoft Corporation        04.10.2011        1,42MB        9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17        Microsoft Corporation        30.11.2010        0,58MB        9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148        Microsoft Corporation        30.11.2010        0,58MB        9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161        Microsoft Corporation        16.06.2011        0,59MB        9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319        Microsoft Corporation        01.09.2011        15,1MB        10.0.30319
MotioninJoy ds3 driver version 0.6.0001        www.motioninjoy.com        31.03.2011        3,40MB        0.5.0001
Movie Theme Pack for HP MediaSmart Video        Hewlett-Packard        30.11.2010        430MB        4.1.4030
Mozilla Firefox 8.0 (x86 de)        Mozilla        08.11.2011        35,2MB        8.0
Mp3tag v2.49        Florian Heidenreich        01.06.2011                v2.49
MSXML 4.0 SP2 (KB954430)        Microsoft Corporation        01.04.2011        1,28MB        4.20.9870.0
MSXML 4.0 SP2 (KB973688)        Microsoft Corporation        01.04.2011        1,33MB        4.20.9876.0
MusicStation        Hewlett-Packard        01.12.2010                1.0.1.5
NewBlue 3D Explosions for Windows                04.04.2011               
NewBlue 3D Transformations for Windows                04.04.2011               
NewBlue Art Blends for Windows                04.04.2011               
NewBlue Art Effects for Windows                04.04.2011               
NewBlue Film Effects for Windows                04.04.2011               
NewBlue Motion Blends for Windows                04.04.2011               
NewBlue Motion Effects for Windows                04.04.2011               
NewBlue Video Essentials for Windows                04.04.2011               
Norton Internet Security        Symantec Corporation        30.11.2010                18.6.0.29
NVIDIA Drivers        NVIDIA Corporation        01.12.2010        3,25MB        1.10.61.39
NVIDIA ForceWare Network Access Manager        NVIDIA Corporation        30.11.2010                1.00.7330.0
PDF Complete Special Edition        PDF Complete, Inc        01.12.2010                3.5.111
PhotoNow!        CyberLink Corp.        30.11.2010        34,2MB        1.1.6904
PlayReady PC Runtime amd64        Microsoft Corporation        30.11.2010        2,06MB        1.3.0
Power2Go        CyberLink Corp.        30.11.2010        169,7MB        6.1.4022
PowerDirector        CyberLink Corp.        30.11.2010        855MB        8.0.2906
Realtek High Definition Audio Driver        Realtek Semiconductor Corp.        30.11.2010                6.0.1.6132
RocketDock 1.3.5        Punk Software        22.04.2011               
System Requirements Lab CYRI        Husdawg, LLC        05.06.2011        0,45MB        4.4.26.0
TuneUp Utilities 2011        TuneUp Software        01.10.2011                10.0.4410.1
Vegas Pro 10.0        Sony        05.05.2011        373MB        10.0.669
Vegas Pro 10.0 (64-bit)        Sony        04.04.2011        447MB        10.0.388
Vegas Pro 11.0 (64-bit)        Sony        23.10.2011        507MB        11.0.371
Windows Live Essentials        Microsoft Corporation        08.08.2011                15.4.3538.0513
Windows Live Mesh ActiveX control for remote connections        Microsoft Corporation        31.03.2011        5,58MB        15.4.5722.2
Windows Live Sync        Microsoft Corporation        30.03.2011        2,79MB        14.0.8117.416
Windows Media Player Firefox Plugin        Microsoft Corp        06.05.2011        0,29MB        1.0.0.8
Windows Mobile-Gerätecenter        Microsoft Corporation        12.04.2011        27,4MB        6.1.6965.0
WinRAR 4.00 (64-Bit)        win.rar GmbH        31.03.2011                4.00.0


Chiko 15.11.2011 21:24

Mein Problem bitte nicht vergessen, danke nochmal für die Hilfe bis jetzt

kira 16.11.2011 17:24

1.
Du hast deinen Rechner mit zwei Anti-Viren-Programmen generell `geschwächt`:
Zitat:

Avira und Norton
Wichtig:
Nur eine Firewall sowie ein Antiviren Programm verwenden, welche sich immer auf dem aktuellsten Stand befinden sollten!
Mehr AV Programme bedeutet nicht mehr Sicherheit!Die Scanner behindern sich gegenseitig (bei beiden den On-Access Scan aktiviert bzw laufen ständig im Hintergrund) und ein Systemcrash kann die Folge sein oder im schlechtesten fall, kannst Du über eine komplette Neuinstallation freuen! Deinstalliere also eines der AV-Programme und lass nur noch eins auf deinem PC laufen.
Zitat:

►Bevor du ein anderes Antivirenprogramm installierst solltest du auf jeden Fall das vorherige vollständig deinstallieren!
Je nachdem, wie Du Dich entscheidest:

Removal Tools oder Deinstallationsanleitungen für diverse Antiviren Software :
-> Removal Tools oder Deinstallationsanleitungen für diverse Antiviren Software
AV Deinstallations Hinweise
also Entscheide Dich für NUR einen Virenscanner und benutze diesen regelmäßig!

2.
TDSSKiller von Kaspersky
  • Lade den TDSSKiller und entpacke das Archiv auf Deinen Desktop.
  • Vergewissere Dich, dass die TDSSKiller.exe direkt auf dem Desktop liegt (nicht in einem Ordner auf dem Desktop).
  • deaktiviere vorübergehend dein AntiVirus-Programm
  • Starte die TDSSKiller.exe durch Doppelklick.
  • Nach Beendigung der Arbeit schlägt das Tool vor, das System neu zu starten.
    Bestätige das ggfs. mit Y(es).
    Beim Hochfahren des Systems führt der Treiber alle geplanten Operationen aus löscht sich danach.
  • Poste mir den Inhalt von C:\TDSSKiller<random>.txt hier in den Thread.
Hier findest Du eine ausführlichere Anleitung.

3.
erneut einen Scan mit OTL:
  • Doppelklick auf die OTL.exe
  • Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
  • Oben findest Du ein Kästchen mit Ausgabe.
    Wähle bitte Standard-Ausgabe
  • Unter Extra-Registrierung wähle bitte Benutze SafeList.
  • Mache Häckchen bei LOP- und Purity-Prüfung.
  • Klicke nun auf Scan links oben.
  • Wenn der Scan beendet wurde werden zwei Logfiles erstellt.
    Du findest die Logfiles auf Deinem Desktop => OTL.txt und Extras.txt
  • Poste die Logfiles in Code-Tags hier in den Thread.

4.
Unhide bitte nochmal ausführen

Chiko 16.11.2011 20:58

1. Ich habe Norton Internet Deinstalliert

2. Habe das Programm, wie vorgeschrieben, geöffnet. Nach dem es fertig war mit dem Scan stand da nur ''No threats found'', keine frage ob der Computer neu gestarten soll

kira 17.11.2011 13:16

Punkt 3. noch bitte!

Chiko 17.11.2011 22:14

3.

Extras:
Code:

OTL Extras logfile created on: 11/17/2011 2:46:06 PM - Run 3
OTL by OldTimer - Version 3.2.31.0    Folder = C:\Users\Tarik\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
6.00 Gb Total Physical Memory | 4.27 Gb Available Physical Memory | 71.12% Memory free
12.00 Gb Paging File | 9.74 Gb Available in Paging File | 81.18% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 917.81 Gb Total Space | 717.59 Gb Free Space | 78.18% Space Free | Partition Type: NTFS
Drive D: | 13.60 Gb Total Space | 1.68 Gb Free Space | 12.39% Space Free | Partition Type: NTFS
Drive G: | 232.88 Gb Total Space | 150.81 Gb Free Space | 64.76% Space Free | Partition Type: NTFS
 
Computer Name: TARIK-HP | User Name: Tarik | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{11BA2B00-1495-47B8-BFA8-D08C605AB2CC}" = Windows Live Family Safety
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{31A6FA40-E935-11E0-95F9-F04DA23A5C58}" = Vegas Pro 11.0 (64-bit)
"{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1" = MotioninJoy ds3 driver version 0.6.0001
"{33C19CDE-E935-11E0-A0DA-F04DA23A5C58}" = MSVCRT Redists
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{51317AF5-D39F-49EC-A4B5-87451466B837}" = AMD Fuel
"{54E192A6-AA33-1963-C96A-26AA7A3B41B4}" = ccc-utility64
"{5857E7BE-2F6F-D41A-42B2-B668B19A5F30}" = AMD Media Foundation Decoders
"{5B08AF35-B699-4A44-BB89-3E51E70611E8}" = HP MediaSmart SmartMenu
"{5DF57DB1-D971-3DA3-B4BB-F6FC7D73A997}" = AMD Drag and Drop Transcoding
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}" = Windows Mobile-Gerätecenter
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{C9608300-11F5-11E0-A64B-0013D3D69929}" = MSVCRT Redists
"{CEA21F20-DBF4-464C-8B81-28B8508AFDDD}" = Windows Live Family Safety
"{CFF9D801-1EC4-B8F5-2CAB-4A1790C95A18}" = ATI Catalyst Install Manager
"{D3A82E80-D0A5-11DF-B425-0013D3D69929}" = Vegas Pro 10.0 (64-bit)
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D79A02E9-6713-4335-9668-AAC7474C0C0E}" = HP Vision Hardware Diagnostics
"{D81C035E-D0A5-11DF-9450-0013D3D69929}" = MSVCRT Redists
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player ActiveX 64" = Adobe Flash Player 10 ActiveX 64-bit
"CCleaner" = CCleaner
"GenArts SapphireEdge Plug-ins for OFX_is1" = GenArts SapphireEdge Plug-ins 1.0 for OFX
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"NVIDIA Drivers" = NVIDIA Drivers
"WinRAR archiver" = WinRAR 4.00 (64-Bit)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}" = Messenger Companion
"{06E6E30D-B498-442F-A943-07DE41D7F785}" = Microsoft Search Enhancement Pack
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{19A492A0-888F-44A0-9B21-D91700763F62}" = Catalyst Control Center - Branding
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1C7108CF-774A-11E0-B3C5-0013D3D69929}" = Vegas Pro 10.0
"{1D7CE340-70C3-4848-BCCF-215950328A4C}" = Facebook Video Calling 1.0.0.8953
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1F77C418-2C90-459C-BD33-B56A4182B9FA}" = System Requirements Lab CYRI
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{229B6751-774A-11E0-BCAE-0013D3D69929}" = MSVCRT Redists
"{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}" = TuneUp Utilities 2011
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 22
"{3023EBDA-BF1B-4831-B347-E5018555F26E}" = Movie Theme Pack for HP MediaSmart Video
"{30D659E4-4405-6925-CDCF-EB8CD0C80DAC}" = Catalyst Control Center Graphics Previews Common
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3CA2B4FD-AEF2-ED4F-F5E5-0095DDA47AC7}" = Adobe Download Assistant
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}" = HP Advisor
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = Recovery Manager
"{46BA053F-57B3-4153-BDB6-D37EEC8B12D7}" = LightScribe System Software
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync
"{5D4C60AA-84E6-4E1A-8A68-69970D387BE1}" = TuneUp Utilities Language Pack (de-DE)
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{60DE7978-4F13-5584-5E53-DCEE1CB115A5}" = AMD VISION Engine Control Center
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}" = HP MediaSmart Photo
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.1.1.0
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72D90DB3-A16A-4545-B555-868471101833}" = HP Setup
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{85268C72-C609-E50A-7AB3-9B3582DFEE66}" = CCC Help English
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.SingleImage_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0407-1000-0000000FF1CE}_Office14.SingleImage_{594128C9-2CDF-43CE-8103-DC100CF013B6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.SingleImage_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.SingleImage_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}" = HP MediaSmart Music
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{AFF7E080-1974-45BF-9310-10DE1A1F5ED0}" = Adobe AIR
"{AFF8C8F4-E4BB-891F-8636-5E71F946C5B6}" = Catalyst Control Center InstallProxy
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B8AC1A89-FFD1-4F97-8051-E505A160F562}" = HP Odometer
"{B95B1BA9-F887-4B3C-8D3A-CCD4C4675120}" = Microsoft Default Manager
"{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}" = HP Support Information
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{CA43FE4F-9FF2-4AD7-88F0-CC3BAC17B226}" = HP Support Assistant
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D12E3E7F-1B13-4933-A915-16C7DD37A095}" = HP MediaSmart Video
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"{DE77FE3F-A33D-499A-87AD-5FC406617B40}" = HP Update
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}" = DVD Menu Pack for HP MediaSmart Video
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"aTube Catcher" = aTube Catcher
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant
"DivX Setup.divx.com" = DivX-Setup
"Foxit Creator" = Foxit Creator
"Foxit Reader" = Foxit Reader
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}" = Movie Theme Pack for HP MediaSmart Video
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}" = HP MediaSmart Photo
"InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}" = HP MediaSmart Music
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095}" = HP MediaSmart Video
"InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}" = DVD Menu Pack for HP MediaSmart Video
"JDownloader" = JDownloader
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware Version 1.51.2.1300
"Mozilla Firefox 8.0 (x86 de)" = Mozilla Firefox 8.0 (x86 de)
"Mp3tag" = Mp3tag v2.49
"MusicStationNetstaller" = MusicStation
"NewBlue 3D Explosions for Windows" = NewBlue 3D Explosions for Windows
"NewBlue 3D Transformations for Windows" = NewBlue 3D Transformations for Windows
"NewBlue Art Blends for Windows" = NewBlue Art Blends for Windows
"NewBlue Art Effects for Windows" = NewBlue Art Effects for Windows
"NewBlue Film Effects for Windows" = NewBlue Film Effects for Windows
"NewBlue Motion Blends for Windows" = NewBlue Motion Blends for Windows
"NewBlue Motion Effects for Windows" = NewBlue Motion Effects for Windows
"NewBlue Video Essentials for Windows" = NewBlue Video Essentials for Windows
"Office14.SingleImage" = Microsoft Office Home and Business 2010
"PDF Complete" = PDF Complete Special Edition
"RocketDock_is1" = RocketDock 1.3.5
"TuneUp Utilities 2011" = TuneUp Utilities 2011
"WinLiveSuite" = Windows Live Essentials
 
========== Last 10 Event Log Errors ==========
 
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
 
< End of report >

OTL:
Code:

OTL logfile created on: 11/17/2011 2:46:06 PM - Run 3
OTL by OldTimer - Version 3.2.31.0    Folder = C:\Users\Tarik\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
6.00 Gb Total Physical Memory | 4.27 Gb Available Physical Memory | 71.12% Memory free
12.00 Gb Paging File | 9.74 Gb Available in Paging File | 81.18% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 917.81 Gb Total Space | 717.59 Gb Free Space | 78.18% Space Free | Partition Type: NTFS
Drive D: | 13.60 Gb Total Space | 1.68 Gb Free Space | 12.39% Space Free | Partition Type: NTFS
Drive G: | 232.88 Gb Total Space | 150.81 Gb Free Space | 64.76% Space Free | Partition Type: NTFS
 
Computer Name: TARIK-HP | User Name: Tarik | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2011/11/17 14:44:43 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Tarik\Downloads\OTL.exe
PRC - [2011/11/09 13:50:10 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2011/08/31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011/06/28 15:55:22 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2011/03/28 16:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2011/03/28 15:15:04 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2011/03/28 15:14:56 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010/04/23 21:00:00 | 000,514,232 | ---- | M] (EasyBits Software AS) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe
PRC - [2010/01/18 19:21:08 | 000,568,888 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
PRC - [2009/10/15 00:53:20 | 000,635,416 | ---- | M] (PDF Complete Inc) -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe
PRC - [2008/11/20 19:47:28 | 000,062,768 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
PRC - [2007/09/02 12:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2011/11/09 13:50:10 | 001,989,592 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2011/09/25 07:03:16 | 006,277,280 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
MOD - [2010/01/18 19:21:08 | 000,568,888 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
MOD - [2007/09/02 12:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.exe
MOD - [2007/09/02 12:57:36 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2011/09/16 15:44:36 | 000,036,160 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp)
SRV:64bit: - [2011/05/25 04:03:38 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2011/05/24 22:18:38 | 000,365,568 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2010/09/22 17:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/03/05 02:25:36 | 000,209,000 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe -- (nSvcIp)
SRV:64bit: - [2010/03/05 02:25:34 | 000,496,232 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe -- (ForceWare Intelligent Application Manager (IAM))
SRV:64bit: - [2009/07/14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2011/09/16 15:51:20 | 002,027,840 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)
SRV - [2011/09/16 15:44:28 | 000,029,504 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp)
SRV - [2011/08/31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/06/28 15:55:22 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011/06/21 14:57:34 | 000,085,560 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe -- (HP Support Assistant Service)
SRV - [2011/03/28 16:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2011/03/28 15:15:04 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/10/15 00:53:20 | 000,635,416 | ---- | M] (PDF Complete Inc) [Auto | Running] -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe -- (pdfcDispatcher)
SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007/05/31 16:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007/05/31 16:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2011/11/01 22:58:14 | 000,117,520 | ---- | M] (MotioninJoy) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MijXfilt.sys -- (MotioninJoyXFilter)
DRV:64bit: - [2011/08/31 17:00:50 | 000,025,416 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2011/06/28 15:55:22 | 000,123,784 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2011/06/28 15:55:22 | 000,088,288 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2011/05/25 05:26:56 | 009,359,872 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011/05/25 03:25:42 | 000,309,760 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011/03/30 19:46:44 | 000,114,704 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2011/03/11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/09/22 23:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010/08/19 18:24:34 | 000,074,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2010/04/08 00:12:02 | 000,124,944 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2010/03/04 12:26:58 | 000,349,416 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvmf6264.sys -- (NVNET)
DRV:64bit: - [2010/02/18 08:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/14 01:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2011/05/10 10:52:12 | 000,481,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2011/05/10 10:52:12 | 000,136,824 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2011/02/10 09:22:58 | 000,011,856 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)
DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPDSK/4
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPDSK/4
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPDSK/4
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPDSK/4
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPDSK/4
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - No CLSID value found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "Google.de"
FF - prefs.js..keyword.URL: "hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q="
FF - prefs.js..network.proxy.backup.ftp: "98.166.234.138"
FF - prefs.js..network.proxy.backup.ftp_port: 8085
FF - prefs.js..network.proxy.backup.socks: "98.166.234.138"
FF - prefs.js..network.proxy.backup.socks_port: 8085
FF - prefs.js..network.proxy.backup.ssl: "98.166.234.138"
FF - prefs.js..network.proxy.backup.ssl_port: 8085
FF - prefs.js..network.proxy.ftp: "68.169.39.192"
FF - prefs.js..network.proxy.ftp_port: 22085
FF - prefs.js..network.proxy.http: "68.169.39.192"
FF - prefs.js..network.proxy.http_port: 22085
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: "68.169.39.192"
FF - prefs.js..network.proxy.socks_port: 22085
FF - prefs.js..network.proxy.ssl: "68.169.39.192"
FF - prefs.js..network.proxy.ssl_port: 22085
FF - prefs.js..network.proxy.type: 0
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Tarik\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011/05/08 15:24:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011/05/08 15:24:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/11/09 13:50:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/05/07 22:43:53 | 000,000,000 | ---D | M]
 
[2011/03/31 12:40:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tarik\AppData\Roaming\mozilla\Extensions
[2011/11/15 00:01:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tarik\AppData\Roaming\mozilla\Firefox\Profiles\79wa8i6p.default\extensions
[2011/10/05 08:52:10 | 000,002,401 | ---- | M] () -- C:\Users\Tarik\AppData\Roaming\Mozilla\Firefox\Profiles\79wa8i6p.default\searchplugins\askcom.xml
[2011/11/09 17:32:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
() (No name found) -- C:\USERS\TARIK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\79WA8I6P.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\USERS\TARIK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\79WA8I6P.DEFAULT\EXTENSIONS\FINDER@MEINGUTSCHEINCODE.DE.XPI
[2011/11/09 13:50:10 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2010/01/01 09:00:00 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010/01/01 09:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2010/01/01 09:00:00 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2010/01/01 09:00:00 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2010/01/01 09:00:00 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2010/01/01 09:00:00 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4:64bit: - HKLM..\Run: [hpsysdrv] c:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)
O4:64bit: - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
O4:64bit: - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe (PDF Complete Inc)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [Facebook Update] C:\Users\Tarik\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [RocketDock] C:\Program Files (x86)\RocketDock\RocketDock.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5C5B8455-A49D-4FC1-8E82-BD73DF535F3A}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O27:64bit: - HKLM IFEO\ezsecshield.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\ezsecshield.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe (TuneUp Software)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/07/01 15:23:43 | 000,000,000 | R--D | M] - G:\autorun -- [ NTFS ]
O32 - Unable to obtain root file information for disk G:\
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011/11/17 10:06:03 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{58C47C14-2F37-4212-A8C8-06D631DABC38}
[2011/11/17 10:05:50 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{CDE349A0-3FD1-40B3-B26D-2D512A4193A6}
[2011/11/16 20:52:44 | 001,564,976 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Tarik\Desktop\TDSSKiller.exe
[2011/11/16 12:26:20 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{6EDC96CF-70D2-4ED3-97C1-585C2C5BFD26}
[2011/11/16 12:26:08 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{B95BAF7C-92AB-4E60-814B-D032A1C11FE8}
[2011/11/15 18:55:12 | 000,000,000 | ---D | C] -- C:\Users\Tarik\Documents\OFX Presets
[2011/11/15 17:29:41 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{864F6873-79C6-4B82-B165-F596FF9443B4}
[2011/11/15 17:29:26 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{A6E0ADC7-7B61-458A-AFDB-ADDE890B2DEB}
[2011/11/15 00:31:14 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{CE68F8B0-8323-4E6C-BD7A-2DD385D8350E}
[2011/11/15 00:31:01 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{C7E02587-ECF6-42AB-AE10-195ED19EC478}
[2011/11/14 22:34:08 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Roaming\Malwarebytes
[2011/11/14 22:33:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/11/14 22:33:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/11/14 22:33:43 | 000,025,416 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011/11/14 22:33:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011/11/14 21:22:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Tools Security
[2011/11/14 21:22:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PC Tools
[2011/11/14 21:19:11 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2011/11/14 12:30:33 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{CA8F7788-D333-416D-A424-B67918D4A732}
[2011/11/14 12:30:21 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{E98A1CCA-B7F9-43F1-B0C9-7787C16DE465}
[2011/11/13 21:15:30 | 000,000,000 | ---D | C] -- C:\Users\Tarik\Documents\Hörbuch
[2011/11/13 21:05:06 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{C9DDE7A6-2C7B-4CB3-B16E-A56508734A19}
[2011/11/13 21:04:53 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{C03462B5-712E-48CC-9574-3DA1D9791343}
[2011/11/13 09:04:06 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{7A3599DA-FD12-4FDB-93A4-3988F9DBE3C3}
[2011/11/13 09:03:52 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{1B01A0B9-48F9-422A-990D-CC7AD704025E}
[2011/11/12 10:59:19 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{13A121A4-AC2E-489A-ACED-C5E4D633CC81}
[2011/11/12 10:59:08 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{9D24F2E8-717E-47CB-B0D6-97F3CE157FF8}
[2011/11/11 22:58:39 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{DD178FEE-9F2F-4DD3-901A-402E92CC5EA3}
[2011/11/11 22:58:27 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{67E05047-5FAD-4124-A2B6-75BEA77A634A}
[2011/11/11 10:57:56 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{1EA9DD86-73EA-4D65-BD9D-AA0091BECACC}
[2011/11/11 10:57:41 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{D96036F6-82D3-451E-A939-366293381B69}
[2011/11/11 00:10:05 | 000,000,000 | ---D | C] -- C:\Users\Tarik\Documents\Quali 2010
[2011/11/11 00:09:20 | 000,000,000 | ---D | C] -- C:\Users\Tarik\Documents\Links2
[2011/11/11 00:08:48 | 000,000,000 | ---D | C] -- C:\Users\Tarik\Documents\Meine empfangenen Dateien
[2011/11/11 00:01:22 | 000,000,000 | ---D | C] -- C:\Users\Tarik\Documents\Photoshop
[2011/11/10 23:59:50 | 000,000,000 | ---D | C] -- C:\Users\Tarik\Documents\Sony Vegas
[2011/11/10 11:39:12 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{798F60D4-0C40-43B6-B4B6-614FCF2BF5A8}
[2011/11/10 11:39:01 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{23AC28EB-D829-4A34-BABD-00B74A9F56AC}
[2011/11/10 00:04:35 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\Facebook
[2011/11/09 23:38:34 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{F65050C3-FFFF-4AA3-9C0A-8A51B181147C}
[2011/11/09 23:38:22 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{8ECBE330-F342-44CB-A32A-02B176934D87}
[2011/11/09 11:37:42 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{4645F517-EF7E-4FD2-8D0E-D26B6B676F3E}
[2011/11/09 11:37:29 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{03E18D2A-D0E2-44BB-AF28-8AB1D34AAA3E}
[2011/11/08 23:16:14 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{4B637F14-14EA-4933-AA9B-34D1B9328EA9}
[2011/11/08 23:16:01 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{1D54B9D2-DF01-4192-A9BC-E93FDD114FB0}
[2011/11/08 11:15:33 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{4A92C528-D8F7-4135-81AA-BBBA178E3598}
[2011/11/08 11:15:20 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{20D0B301-BE7A-435F-BD3C-C58AE881314C}
[2011/11/07 20:50:04 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2011/11/07 17:10:49 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{9BA818B0-77C7-43CC-8AA1-16DF4D17515D}
[2011/11/07 17:10:33 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{70DCF78A-F80D-4CF5-A93C-1C4D6FA9F9D3}
[2011/11/06 23:34:29 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{6CA0EB60-A7A3-41CB-8944-566F35B027FA}
[2011/11/06 11:33:56 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{A448F4DC-E21E-41BF-A573-C9FFA14774EA}
[2011/11/06 11:33:39 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{1B02F3A4-97C7-4916-B961-FDAA168BEEA4}
[2011/11/05 16:04:45 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{573D1738-C157-4908-8C05-2646E25E8CDA}
[2011/11/05 16:04:26 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{31CC02F7-31B2-4E5C-8D16-3652D9BF3E1A}
[2011/11/04 23:20:48 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{0FE081F2-130A-4D7A-BFF1-76EA7C245231}
[2011/11/04 23:20:37 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{3AD3AE58-E7A0-42BF-8F35-32114ECBF853}
[2011/11/04 11:20:06 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{D23716BE-6041-446D-A8D8-51A3CE2F1A1B}
[2011/11/04 11:19:54 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{D1ADA8F5-E048-42BF-A374-21CB1F24A398}
[2011/11/03 20:22:44 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{B3149E1F-375F-45C1-B8DF-B6FF394F7237}
[2011/11/03 20:22:32 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{1ABFDCF9-BF1A-48BB-8198-C6B431A0EAC9}
[2011/11/03 08:22:01 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{2E57C71B-2791-4876-BA02-117A22B5AD60}
[2011/11/03 08:21:48 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{7D07CAA3-063B-4D81-9C7D-6537B18B6627}
[2011/11/02 18:56:18 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{095DF9A8-AB33-41FE-899F-6C9705069FC0}
[2011/11/02 18:56:05 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{E81719A6-9D6F-4497-8D12-C6F400890756}
[2011/11/01 23:30:54 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{7E6F863C-97AB-4946-B5E9-0600136AA57E}
[2011/11/01 23:30:43 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{00F69401-1B11-41BC-B9EB-3AC8AEB00168}
[2011/11/01 11:30:14 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{46BE2058-0C7D-401A-AA17-458C486FEE3C}
[2011/11/01 11:30:02 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{5CDAD7B6-172B-49FE-A1CA-AA5D33CCBAF3}
[2011/10/31 23:26:31 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{5BAC46B5-31E2-47CC-BBB8-7F0D7FD83888}
[2011/10/31 23:26:19 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{CE1953CA-8D19-4198-ABFC-6BBAA4F2C13B}
[2011/10/31 11:14:13 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{E3DE74F4-1B7E-4C0C-9CC6-5703E94CA988}
[2011/10/31 11:13:59 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{17CCB99A-50E4-43CE-9B94-79B18E91EBBF}
[2011/10/30 23:13:32 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{9C85C78C-62D7-4FC5-A243-993F931D9566}
[2011/10/30 23:13:20 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{4F0B5EBA-AC19-405B-886A-EF41F2759637}
[2011/10/30 11:12:53 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{35926FE3-BBA7-4F12-92AC-FFE6655A1F1F}
[2011/10/30 11:12:41 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{BD25716A-C11F-4ABF-B874-D226EA86DCFB}
[2011/10/29 23:12:14 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{B2A3859C-ECBE-4FA4-8DF1-D765B86EC299}
[2011/10/29 23:12:03 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{A21F202E-BFAC-4068-9373-06A1379AEB5E}
[2011/10/29 11:11:36 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{C7D47131-CB38-4A39-90EB-0604C71D1D35}
[2011/10/29 11:11:24 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{CE2176F9-590D-4A1F-AE67-0010488D5B8A}
[2011/10/28 23:10:57 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{38413A2D-154A-4177-BEF3-DF2DB471895C}
[2011/10/28 23:10:45 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{CC751866-8EE4-454D-A43C-A95DF28862A2}
[2011/10/28 11:10:18 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{4B5D20EF-EEE1-48D4-AC00-CA71F6B34D23}
[2011/10/28 11:10:06 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{BAE744CE-7C32-489B-8E28-91DA71559E57}
[2011/10/27 23:09:39 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{2222ED6E-C3A9-4AA7-B193-F99AC58F0C97}
[2011/10/27 23:09:27 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{7C5ABA93-F4D8-46F0-9908-1770832048CB}
[2011/10/27 11:08:59 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{A3567F77-6FFF-4288-B3BF-3A1F11D55375}
[2011/10/27 11:08:32 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{FE0835F6-12E9-4C9C-864E-E2285563B947}
[2011/10/26 12:20:42 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{239DB737-E6B2-4793-B544-C853C064A4D2}
[2011/10/26 12:20:30 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{61EE020C-08CE-46E6-AABA-56AD6CD683EB}
[2011/10/25 11:28:52 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{B6B1C5C4-AA40-4A76-82D0-A86E6430C1D1}
[2011/10/25 11:28:39 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{78859CD7-0CFF-4A9B-BA2E-8B3E6CBB253A}
[2011/10/24 21:56:43 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{0DDC3E53-0DCF-4F09-8D34-6BBFD725A46C}
[2011/10/24 21:56:32 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{B407D6E1-416D-464D-A7AD-5FB0827979DC}
[2011/10/24 09:56:01 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{FF532406-76C2-4BCD-B2CE-9BE80B0ADD83}
[2011/10/24 09:55:49 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{52F9747B-36B8-4867-BDCA-D4AC4790DE51}
[2011/10/23 16:53:09 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{B405E183-7B77-4ACB-A1A6-BC536B841A8F}
[2011/10/23 16:52:48 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{1856462E-FEEE-47D3-8A4F-8FCBE5BD0727}
[2011/10/22 20:50:49 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{0B9F10AF-81FD-4045-812E-2EA72E9A0715}
[2011/10/22 20:50:19 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{E4F01377-29D8-4D71-8D3C-FF24D5AB6B16}
[2011/10/21 23:10:00 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{512F5EC5-0362-4968-8DF5-33D3DF456FF6}
[2011/10/21 23:09:48 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{090E5F39-476D-4ABA-A02A-27D67B13493C}
[2011/10/21 11:09:18 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{6E23105D-3B57-4203-8970-CFBD25E81E2F}
[2011/10/21 11:09:05 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{679C9EC2-5F0F-4B81-8AFD-C6110E6D239C}
[2011/10/20 11:38:16 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{48786813-C3F5-474C-A883-751B6FCB7D2F}
[2011/10/20 11:38:04 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{F14C98CF-FBEA-4E96-BB2B-AC8705D47FA1}
[2011/10/18 22:57:52 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{FB188636-3959-4DA9-AA45-B8DB70E4E3A2}
[2011/10/18 22:57:40 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{621493C3-44FE-4B12-9EED-9CDFA6CC365C}
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2011/11/17 12:22:50 | 000,015,568 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/11/17 12:22:50 | 000,015,568 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/11/17 12:15:24 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/11/17 12:15:18 | 536,322,047 | -HS- | M] () -- C:\hiberfil.sys
[2011/11/17 00:09:02 | 000,000,928 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2069348105-253727359-2489619733-1000UA.job
[2011/11/17 00:09:01 | 000,000,906 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2069348105-253727359-2489619733-1000Core.job
[2011/11/16 20:51:48 | 001,545,858 | ---- | M] () -- C:\Users\Tarik\Desktop\tdsskiller.zip
[2011/11/16 12:21:12 | 001,564,976 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Tarik\Desktop\TDSSKiller.exe
[2011/11/14 23:09:00 | 000,000,000 | ---- | M] () -- C:\Users\Tarik\defogger_reenable
[2011/11/14 22:46:03 | 000,684,297 | ---- | M] () -- C:\Users\Tarik\Desktop\unhide.exe
[2011/11/14 22:33:51 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/11/14 21:24:08 | 001,845,358 | ---- | M] () -- C:\Windows\SysNative\drivers\Cat.DB
[2011/11/14 21:17:49 | 000,000,432 | ---- | M] () -- C:\ProgramData\gohO3ZswT2WugB
[2011/11/14 21:11:05 | 000,000,288 | ---- | M] () -- C:\ProgramData\~gohO3ZswT2WugB
[2011/11/14 21:11:05 | 000,000,216 | ---- | M] () -- C:\ProgramData\~gohO3ZswT2WugBr
[2011/11/11 19:45:20 | 000,000,332 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForTarik.job
[2011/11/09 17:33:35 | 004,912,240 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/11/03 13:53:20 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/11/03 13:53:20 | 000,653,928 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011/11/03 13:53:20 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/11/03 13:53:20 | 000,129,800 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011/11/03 13:53:20 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/11/01 22:58:14 | 000,117,520 | ---- | M] (MotioninJoy) -- C:\Windows\SysNative\drivers\MijXfilt.sys
[2011/10/24 13:17:25 | 000,000,317 | ---- | M] () -- C:\Windows\MSUTIL.INI
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2011/11/16 20:51:48 | 001,545,858 | ---- | C] () -- C:\Users\Tarik\Desktop\tdsskiller.zip
[2011/11/14 23:09:00 | 000,000,000 | ---- | C] () -- C:\Users\Tarik\defogger_reenable
[2011/11/14 22:45:53 | 000,684,297 | ---- | C] () -- C:\Users\Tarik\Desktop\unhide.exe
[2011/11/14 22:33:51 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/11/14 21:23:00 | 001,845,358 | ---- | C] () -- C:\Windows\SysNative\drivers\Cat.DB
[2011/11/14 20:43:29 | 000,000,216 | ---- | C] () -- C:\ProgramData\~gohO3ZswT2WugBr
[2011/11/14 20:43:28 | 000,000,288 | ---- | C] () -- C:\ProgramData\~gohO3ZswT2WugB
[2011/11/14 20:43:17 | 000,000,432 | ---- | C] () -- C:\ProgramData\gohO3ZswT2WugB
[2011/11/10 00:04:55 | 000,000,928 | ---- | C] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2069348105-253727359-2489619733-1000UA.job
[2011/11/10 00:04:54 | 000,000,906 | ---- | C] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2069348105-253727359-2489619733-1000Core.job
[2011/10/05 20:57:28 | 000,000,317 | ---- | C] () -- C:\Windows\MSUTIL.INI
[2011/05/24 22:44:26 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011/05/09 19:51:57 | 000,027,648 | ---- | C] () -- C:\Windows\SysWow64\AVSredirect.dll
[2011/04/09 13:44:56 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2011/03/31 21:45:26 | 000,000,056 | ---- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2011/03/17 18:51:44 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2010/12/02 04:30:41 | 000,009,988 | ---- | C] () -- C:\Windows\SysWow64\ezdigsgn.dat
[2010/12/02 03:58:59 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010/09/28 13:00:12 | 000,012,800 | ---- | C] () -- C:\Windows\LPRES.DLL
[2010/01/22 23:04:16 | 000,000,605 | ---- | C] () -- C:\Windows\m3jpeg.ini
[2009/07/14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
 
========== LOP Check ==========
 
[2011/04/15 12:51:18 | 000,000,000 | ---D | M] -- C:\Users\Tarik\AppData\Roaming\Azureus
[2011/06/05 08:50:55 | 000,000,000 | ---D | M] -- C:\Users\Tarik\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2011/04/11 18:50:13 | 000,000,000 | ---D | M] -- C:\Users\Tarik\AppData\Roaming\Foxit Software
[2011/04/01 13:36:11 | 000,000,000 | ---D | M] -- C:\Users\Tarik\AppData\Roaming\MotioninJoy
[2011/11/12 13:11:56 | 000,000,000 | ---D | M] -- C:\Users\Tarik\AppData\Roaming\Mp3tag
[2011/04/05 17:59:22 | 000,000,000 | ---D | M] -- C:\Users\Tarik\AppData\Roaming\Publish Providers
[2011/04/09 22:31:51 | 000,000,000 | ---D | M] -- C:\Users\Tarik\AppData\Roaming\Raptr
[2011/10/24 11:03:37 | 000,000,000 | ---D | M] -- C:\Users\Tarik\AppData\Roaming\Sony
[2011/10/04 09:41:47 | 000,000,000 | ---D | M] -- C:\Users\Tarik\AppData\Roaming\Sony Creative Software Inc
[2011/05/12 23:01:29 | 000,000,000 | ---D | M] -- C:\Users\Tarik\AppData\Roaming\TuneUp Software
[2011/04/08 19:25:52 | 000,000,000 | ---D | M] -- C:\Users\Tarik\AppData\Roaming\WinBatch
[2011/04/29 23:00:41 | 000,000,000 | ---D | M] -- C:\Users\Tarik\AppData\Roaming\Windows Live Writer
[2011/11/17 00:09:01 | 000,000,906 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2069348105-253727359-2489619733-1000Core.job
[2011/11/17 00:09:02 | 000,000,928 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2069348105-253727359-2489619733-1000UA.job
[2011/10/01 07:35:41 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 153 bytes -> C:\ProgramData\Temp:DFC5A2B2

< End of report >


Chiko 17.11.2011 22:16

3.

Extras:
Code:

OTL Extras logfile created on: 11/17/2011 2:46:06 PM - Run 3
OTL by OldTimer - Version 3.2.31.0    Folder = C:\Users\Tarik\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
6.00 Gb Total Physical Memory | 4.27 Gb Available Physical Memory | 71.12% Memory free
12.00 Gb Paging File | 9.74 Gb Available in Paging File | 81.18% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 917.81 Gb Total Space | 717.59 Gb Free Space | 78.18% Space Free | Partition Type: NTFS
Drive D: | 13.60 Gb Total Space | 1.68 Gb Free Space | 12.39% Space Free | Partition Type: NTFS
Drive G: | 232.88 Gb Total Space | 150.81 Gb Free Space | 64.76% Space Free | Partition Type: NTFS
 
Computer Name: TARIK-HP | User Name: Tarik | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{11BA2B00-1495-47B8-BFA8-D08C605AB2CC}" = Windows Live Family Safety
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{31A6FA40-E935-11E0-95F9-F04DA23A5C58}" = Vegas Pro 11.0 (64-bit)
"{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1" = MotioninJoy ds3 driver version 0.6.0001
"{33C19CDE-E935-11E0-A0DA-F04DA23A5C58}" = MSVCRT Redists
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{51317AF5-D39F-49EC-A4B5-87451466B837}" = AMD Fuel
"{54E192A6-AA33-1963-C96A-26AA7A3B41B4}" = ccc-utility64
"{5857E7BE-2F6F-D41A-42B2-B668B19A5F30}" = AMD Media Foundation Decoders
"{5B08AF35-B699-4A44-BB89-3E51E70611E8}" = HP MediaSmart SmartMenu
"{5DF57DB1-D971-3DA3-B4BB-F6FC7D73A997}" = AMD Drag and Drop Transcoding
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}" = Windows Mobile-Gerätecenter
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{C9608300-11F5-11E0-A64B-0013D3D69929}" = MSVCRT Redists
"{CEA21F20-DBF4-464C-8B81-28B8508AFDDD}" = Windows Live Family Safety
"{CFF9D801-1EC4-B8F5-2CAB-4A1790C95A18}" = ATI Catalyst Install Manager
"{D3A82E80-D0A5-11DF-B425-0013D3D69929}" = Vegas Pro 10.0 (64-bit)
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D79A02E9-6713-4335-9668-AAC7474C0C0E}" = HP Vision Hardware Diagnostics
"{D81C035E-D0A5-11DF-9450-0013D3D69929}" = MSVCRT Redists
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player ActiveX 64" = Adobe Flash Player 10 ActiveX 64-bit
"CCleaner" = CCleaner
"GenArts SapphireEdge Plug-ins for OFX_is1" = GenArts SapphireEdge Plug-ins 1.0 for OFX
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"NVIDIA Drivers" = NVIDIA Drivers
"WinRAR archiver" = WinRAR 4.00 (64-Bit)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}" = Messenger Companion
"{06E6E30D-B498-442F-A943-07DE41D7F785}" = Microsoft Search Enhancement Pack
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{19A492A0-888F-44A0-9B21-D91700763F62}" = Catalyst Control Center - Branding
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1C7108CF-774A-11E0-B3C5-0013D3D69929}" = Vegas Pro 10.0
"{1D7CE340-70C3-4848-BCCF-215950328A4C}" = Facebook Video Calling 1.0.0.8953
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1F77C418-2C90-459C-BD33-B56A4182B9FA}" = System Requirements Lab CYRI
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{229B6751-774A-11E0-BCAE-0013D3D69929}" = MSVCRT Redists
"{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}" = TuneUp Utilities 2011
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 22
"{3023EBDA-BF1B-4831-B347-E5018555F26E}" = Movie Theme Pack for HP MediaSmart Video
"{30D659E4-4405-6925-CDCF-EB8CD0C80DAC}" = Catalyst Control Center Graphics Previews Common
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3CA2B4FD-AEF2-ED4F-F5E5-0095DDA47AC7}" = Adobe Download Assistant
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}" = HP Advisor
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = Recovery Manager
"{46BA053F-57B3-4153-BDB6-D37EEC8B12D7}" = LightScribe System Software
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync
"{5D4C60AA-84E6-4E1A-8A68-69970D387BE1}" = TuneUp Utilities Language Pack (de-DE)
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{60DE7978-4F13-5584-5E53-DCEE1CB115A5}" = AMD VISION Engine Control Center
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}" = HP MediaSmart Photo
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.1.1.0
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72D90DB3-A16A-4545-B555-868471101833}" = HP Setup
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{85268C72-C609-E50A-7AB3-9B3582DFEE66}" = CCC Help English
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.SingleImage_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0407-1000-0000000FF1CE}_Office14.SingleImage_{594128C9-2CDF-43CE-8103-DC100CF013B6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.SingleImage_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.SingleImage_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}" = HP MediaSmart Music
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{AFF7E080-1974-45BF-9310-10DE1A1F5ED0}" = Adobe AIR
"{AFF8C8F4-E4BB-891F-8636-5E71F946C5B6}" = Catalyst Control Center InstallProxy
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B8AC1A89-FFD1-4F97-8051-E505A160F562}" = HP Odometer
"{B95B1BA9-F887-4B3C-8D3A-CCD4C4675120}" = Microsoft Default Manager
"{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}" = HP Support Information
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{CA43FE4F-9FF2-4AD7-88F0-CC3BAC17B226}" = HP Support Assistant
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D12E3E7F-1B13-4933-A915-16C7DD37A095}" = HP MediaSmart Video
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"{DE77FE3F-A33D-499A-87AD-5FC406617B40}" = HP Update
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}" = DVD Menu Pack for HP MediaSmart Video
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"aTube Catcher" = aTube Catcher
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant
"DivX Setup.divx.com" = DivX-Setup
"Foxit Creator" = Foxit Creator
"Foxit Reader" = Foxit Reader
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}" = Movie Theme Pack for HP MediaSmart Video
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}" = HP MediaSmart Photo
"InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}" = HP MediaSmart Music
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095}" = HP MediaSmart Video
"InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}" = DVD Menu Pack for HP MediaSmart Video
"JDownloader" = JDownloader
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware Version 1.51.2.1300
"Mozilla Firefox 8.0 (x86 de)" = Mozilla Firefox 8.0 (x86 de)
"Mp3tag" = Mp3tag v2.49
"MusicStationNetstaller" = MusicStation
"NewBlue 3D Explosions for Windows" = NewBlue 3D Explosions for Windows
"NewBlue 3D Transformations for Windows" = NewBlue 3D Transformations for Windows
"NewBlue Art Blends for Windows" = NewBlue Art Blends for Windows
"NewBlue Art Effects for Windows" = NewBlue Art Effects for Windows
"NewBlue Film Effects for Windows" = NewBlue Film Effects for Windows
"NewBlue Motion Blends for Windows" = NewBlue Motion Blends for Windows
"NewBlue Motion Effects for Windows" = NewBlue Motion Effects for Windows
"NewBlue Video Essentials for Windows" = NewBlue Video Essentials for Windows
"Office14.SingleImage" = Microsoft Office Home and Business 2010
"PDF Complete" = PDF Complete Special Edition
"RocketDock_is1" = RocketDock 1.3.5
"TuneUp Utilities 2011" = TuneUp Utilities 2011
"WinLiveSuite" = Windows Live Essentials
 
========== Last 10 Event Log Errors ==========
 
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
 
< End of report >

OTL:
Code:

OTL logfile created on: 11/17/2011 2:46:06 PM - Run 3
OTL by OldTimer - Version 3.2.31.0    Folder = C:\Users\Tarik\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
6.00 Gb Total Physical Memory | 4.27 Gb Available Physical Memory | 71.12% Memory free
12.00 Gb Paging File | 9.74 Gb Available in Paging File | 81.18% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 917.81 Gb Total Space | 717.59 Gb Free Space | 78.18% Space Free | Partition Type: NTFS
Drive D: | 13.60 Gb Total Space | 1.68 Gb Free Space | 12.39% Space Free | Partition Type: NTFS
Drive G: | 232.88 Gb Total Space | 150.81 Gb Free Space | 64.76% Space Free | Partition Type: NTFS
 
Computer Name: TARIK-HP | User Name: Tarik | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2011/11/17 14:44:43 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Tarik\Downloads\OTL.exe
PRC - [2011/11/09 13:50:10 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2011/08/31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011/06/28 15:55:22 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2011/03/28 16:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2011/03/28 15:15:04 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2011/03/28 15:14:56 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010/04/23 21:00:00 | 000,514,232 | ---- | M] (EasyBits Software AS) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe
PRC - [2010/01/18 19:21:08 | 000,568,888 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
PRC - [2009/10/15 00:53:20 | 000,635,416 | ---- | M] (PDF Complete Inc) -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe
PRC - [2008/11/20 19:47:28 | 000,062,768 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
PRC - [2007/09/02 12:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2011/11/09 13:50:10 | 001,989,592 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2011/09/25 07:03:16 | 006,277,280 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
MOD - [2010/01/18 19:21:08 | 000,568,888 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
MOD - [2007/09/02 12:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.exe
MOD - [2007/09/02 12:57:36 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2011/09/16 15:44:36 | 000,036,160 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp)
SRV:64bit: - [2011/05/25 04:03:38 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2011/05/24 22:18:38 | 000,365,568 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2010/09/22 17:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/03/05 02:25:36 | 000,209,000 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe -- (nSvcIp)
SRV:64bit: - [2010/03/05 02:25:34 | 000,496,232 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe -- (ForceWare Intelligent Application Manager (IAM))
SRV:64bit: - [2009/07/14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2011/09/16 15:51:20 | 002,027,840 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)
SRV - [2011/09/16 15:44:28 | 000,029,504 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp)
SRV - [2011/08/31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/06/28 15:55:22 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011/06/21 14:57:34 | 000,085,560 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe -- (HP Support Assistant Service)
SRV - [2011/03/28 16:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2011/03/28 15:15:04 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/10/15 00:53:20 | 000,635,416 | ---- | M] (PDF Complete Inc) [Auto | Running] -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe -- (pdfcDispatcher)
SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007/05/31 16:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007/05/31 16:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2011/11/01 22:58:14 | 000,117,520 | ---- | M] (MotioninJoy) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MijXfilt.sys -- (MotioninJoyXFilter)
DRV:64bit: - [2011/08/31 17:00:50 | 000,025,416 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2011/06/28 15:55:22 | 000,123,784 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2011/06/28 15:55:22 | 000,088,288 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2011/05/25 05:26:56 | 009,359,872 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011/05/25 03:25:42 | 000,309,760 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011/03/30 19:46:44 | 000,114,704 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2011/03/11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/09/22 23:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010/08/19 18:24:34 | 000,074,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2010/04/08 00:12:02 | 000,124,944 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2010/03/04 12:26:58 | 000,349,416 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvmf6264.sys -- (NVNET)
DRV:64bit: - [2010/02/18 08:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/14 01:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2011/05/10 10:52:12 | 000,481,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2011/05/10 10:52:12 | 000,136,824 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2011/02/10 09:22:58 | 000,011,856 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)
DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPDSK/4
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPDSK/4
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPDSK/4
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPDSK/4
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPDSK/4
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - No CLSID value found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "Google.de"
FF - prefs.js..keyword.URL: "hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q="
FF - prefs.js..network.proxy.backup.ftp: "98.166.234.138"
FF - prefs.js..network.proxy.backup.ftp_port: 8085
FF - prefs.js..network.proxy.backup.socks: "98.166.234.138"
FF - prefs.js..network.proxy.backup.socks_port: 8085
FF - prefs.js..network.proxy.backup.ssl: "98.166.234.138"
FF - prefs.js..network.proxy.backup.ssl_port: 8085
FF - prefs.js..network.proxy.ftp: "68.169.39.192"
FF - prefs.js..network.proxy.ftp_port: 22085
FF - prefs.js..network.proxy.http: "68.169.39.192"
FF - prefs.js..network.proxy.http_port: 22085
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: "68.169.39.192"
FF - prefs.js..network.proxy.socks_port: 22085
FF - prefs.js..network.proxy.ssl: "68.169.39.192"
FF - prefs.js..network.proxy.ssl_port: 22085
FF - prefs.js..network.proxy.type: 0
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Tarik\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011/05/08 15:24:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011/05/08 15:24:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/11/09 13:50:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/05/07 22:43:53 | 000,000,000 | ---D | M]
 
[2011/03/31 12:40:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tarik\AppData\Roaming\mozilla\Extensions
[2011/11/15 00:01:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tarik\AppData\Roaming\mozilla\Firefox\Profiles\79wa8i6p.default\extensions
[2011/10/05 08:52:10 | 000,002,401 | ---- | M] () -- C:\Users\Tarik\AppData\Roaming\Mozilla\Firefox\Profiles\79wa8i6p.default\searchplugins\askcom.xml
[2011/11/09 17:32:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
() (No name found) -- C:\USERS\TARIK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\79WA8I6P.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\USERS\TARIK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\79WA8I6P.DEFAULT\EXTENSIONS\FINDER@MEINGUTSCHEINCODE.DE.XPI
[2011/11/09 13:50:10 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2010/01/01 09:00:00 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010/01/01 09:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2010/01/01 09:00:00 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2010/01/01 09:00:00 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2010/01/01 09:00:00 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2010/01/01 09:00:00 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4:64bit: - HKLM..\Run: [hpsysdrv] c:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)
O4:64bit: - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
O4:64bit: - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe (PDF Complete Inc)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [Facebook Update] C:\Users\Tarik\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [RocketDock] C:\Program Files (x86)\RocketDock\RocketDock.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5C5B8455-A49D-4FC1-8E82-BD73DF535F3A}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O27:64bit: - HKLM IFEO\ezsecshield.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\ezsecshield.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe (TuneUp Software)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/07/01 15:23:43 | 000,000,000 | R--D | M] - G:\autorun -- [ NTFS ]
O32 - Unable to obtain root file information for disk G:\
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011/11/17 10:06:03 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{58C47C14-2F37-4212-A8C8-06D631DABC38}
[2011/11/17 10:05:50 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{CDE349A0-3FD1-40B3-B26D-2D512A4193A6}
[2011/11/16 20:52:44 | 001,564,976 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Tarik\Desktop\TDSSKiller.exe
[2011/11/16 12:26:20 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{6EDC96CF-70D2-4ED3-97C1-585C2C5BFD26}
[2011/11/16 12:26:08 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{B95BAF7C-92AB-4E60-814B-D032A1C11FE8}
[2011/11/15 18:55:12 | 000,000,000 | ---D | C] -- C:\Users\Tarik\Documents\OFX Presets
[2011/11/15 17:29:41 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{864F6873-79C6-4B82-B165-F596FF9443B4}
[2011/11/15 17:29:26 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{A6E0ADC7-7B61-458A-AFDB-ADDE890B2DEB}
[2011/11/15 00:31:14 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{CE68F8B0-8323-4E6C-BD7A-2DD385D8350E}
[2011/11/15 00:31:01 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{C7E02587-ECF6-42AB-AE10-195ED19EC478}
[2011/11/14 22:34:08 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Roaming\Malwarebytes
[2011/11/14 22:33:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/11/14 22:33:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/11/14 22:33:43 | 000,025,416 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011/11/14 22:33:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011/11/14 21:22:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Tools Security
[2011/11/14 21:22:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PC Tools
[2011/11/14 21:19:11 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2011/11/14 12:30:33 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{CA8F7788-D333-416D-A424-B67918D4A732}
[2011/11/14 12:30:21 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{E98A1CCA-B7F9-43F1-B0C9-7787C16DE465}
[2011/11/13 21:15:30 | 000,000,000 | ---D | C] -- C:\Users\Tarik\Documents\Hörbuch
[2011/11/13 21:05:06 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{C9DDE7A6-2C7B-4CB3-B16E-A56508734A19}
[2011/11/13 21:04:53 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{C03462B5-712E-48CC-9574-3DA1D9791343}
[2011/11/13 09:04:06 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{7A3599DA-FD12-4FDB-93A4-3988F9DBE3C3}
[2011/11/13 09:03:52 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{1B01A0B9-48F9-422A-990D-CC7AD704025E}
[2011/11/12 10:59:19 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{13A121A4-AC2E-489A-ACED-C5E4D633CC81}
[2011/11/12 10:59:08 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{9D24F2E8-717E-47CB-B0D6-97F3CE157FF8}
[2011/11/11 22:58:39 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{DD178FEE-9F2F-4DD3-901A-402E92CC5EA3}
[2011/11/11 22:58:27 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{67E05047-5FAD-4124-A2B6-75BEA77A634A}
[2011/11/11 10:57:56 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{1EA9DD86-73EA-4D65-BD9D-AA0091BECACC}
[2011/11/11 10:57:41 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{D96036F6-82D3-451E-A939-366293381B69}
[2011/11/11 00:10:05 | 000,000,000 | ---D | C] -- C:\Users\Tarik\Documents\Quali 2010
[2011/11/11 00:09:20 | 000,000,000 | ---D | C] -- C:\Users\Tarik\Documents\Links2
[2011/11/11 00:08:48 | 000,000,000 | ---D | C] -- C:\Users\Tarik\Documents\Meine empfangenen Dateien
[2011/11/11 00:01:22 | 000,000,000 | ---D | C] -- C:\Users\Tarik\Documents\Photoshop
[2011/11/10 23:59:50 | 000,000,000 | ---D | C] -- C:\Users\Tarik\Documents\Sony Vegas
[2011/11/10 11:39:12 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{798F60D4-0C40-43B6-B4B6-614FCF2BF5A8}
[2011/11/10 11:39:01 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{23AC28EB-D829-4A34-BABD-00B74A9F56AC}
[2011/11/10 00:04:35 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\Facebook
[2011/11/09 23:38:34 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{F65050C3-FFFF-4AA3-9C0A-8A51B181147C}
[2011/11/09 23:38:22 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{8ECBE330-F342-44CB-A32A-02B176934D87}
[2011/11/09 11:37:42 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{4645F517-EF7E-4FD2-8D0E-D26B6B676F3E}
[2011/11/09 11:37:29 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{03E18D2A-D0E2-44BB-AF28-8AB1D34AAA3E}
[2011/11/08 23:16:14 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{4B637F14-14EA-4933-AA9B-34D1B9328EA9}
[2011/11/08 23:16:01 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{1D54B9D2-DF01-4192-A9BC-E93FDD114FB0}
[2011/11/08 11:15:33 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{4A92C528-D8F7-4135-81AA-BBBA178E3598}
[2011/11/08 11:15:20 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{20D0B301-BE7A-435F-BD3C-C58AE881314C}
[2011/11/07 20:50:04 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2011/11/07 17:10:49 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{9BA818B0-77C7-43CC-8AA1-16DF4D17515D}
[2011/11/07 17:10:33 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{70DCF78A-F80D-4CF5-A93C-1C4D6FA9F9D3}
[2011/11/06 23:34:29 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{6CA0EB60-A7A3-41CB-8944-566F35B027FA}
[2011/11/06 11:33:56 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{A448F4DC-E21E-41BF-A573-C9FFA14774EA}
[2011/11/06 11:33:39 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{1B02F3A4-97C7-4916-B961-FDAA168BEEA4}
[2011/11/05 16:04:45 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{573D1738-C157-4908-8C05-2646E25E8CDA}
[2011/11/05 16:04:26 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{31CC02F7-31B2-4E5C-8D16-3652D9BF3E1A}
[2011/11/04 23:20:48 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{0FE081F2-130A-4D7A-BFF1-76EA7C245231}
[2011/11/04 23:20:37 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{3AD3AE58-E7A0-42BF-8F35-32114ECBF853}
[2011/11/04 11:20:06 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{D23716BE-6041-446D-A8D8-51A3CE2F1A1B}
[2011/11/04 11:19:54 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{D1ADA8F5-E048-42BF-A374-21CB1F24A398}
[2011/11/03 20:22:44 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{B3149E1F-375F-45C1-B8DF-B6FF394F7237}
[2011/11/03 20:22:32 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{1ABFDCF9-BF1A-48BB-8198-C6B431A0EAC9}
[2011/11/03 08:22:01 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{2E57C71B-2791-4876-BA02-117A22B5AD60}
[2011/11/03 08:21:48 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{7D07CAA3-063B-4D81-9C7D-6537B18B6627}
[2011/11/02 18:56:18 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{095DF9A8-AB33-41FE-899F-6C9705069FC0}
[2011/11/02 18:56:05 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{E81719A6-9D6F-4497-8D12-C6F400890756}
[2011/11/01 23:30:54 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{7E6F863C-97AB-4946-B5E9-0600136AA57E}
[2011/11/01 23:30:43 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{00F69401-1B11-41BC-B9EB-3AC8AEB00168}
[2011/11/01 11:30:14 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{46BE2058-0C7D-401A-AA17-458C486FEE3C}
[2011/11/01 11:30:02 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{5CDAD7B6-172B-49FE-A1CA-AA5D33CCBAF3}
[2011/10/31 23:26:31 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{5BAC46B5-31E2-47CC-BBB8-7F0D7FD83888}
[2011/10/31 23:26:19 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{CE1953CA-8D19-4198-ABFC-6BBAA4F2C13B}
[2011/10/31 11:14:13 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{E3DE74F4-1B7E-4C0C-9CC6-5703E94CA988}
[2011/10/31 11:13:59 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{17CCB99A-50E4-43CE-9B94-79B18E91EBBF}
[2011/10/30 23:13:32 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{9C85C78C-62D7-4FC5-A243-993F931D9566}
[2011/10/30 23:13:20 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{4F0B5EBA-AC19-405B-886A-EF41F2759637}
[2011/10/30 11:12:53 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{35926FE3-BBA7-4F12-92AC-FFE6655A1F1F}
[2011/10/30 11:12:41 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{BD25716A-C11F-4ABF-B874-D226EA86DCFB}
[2011/10/29 23:12:14 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{B2A3859C-ECBE-4FA4-8DF1-D765B86EC299}
[2011/10/29 23:12:03 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{A21F202E-BFAC-4068-9373-06A1379AEB5E}
[2011/10/29 11:11:36 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{C7D47131-CB38-4A39-90EB-0604C71D1D35}
[2011/10/29 11:11:24 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{CE2176F9-590D-4A1F-AE67-0010488D5B8A}
[2011/10/28 23:10:57 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{38413A2D-154A-4177-BEF3-DF2DB471895C}
[2011/10/28 23:10:45 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{CC751866-8EE4-454D-A43C-A95DF28862A2}
[2011/10/28 11:10:18 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{4B5D20EF-EEE1-48D4-AC00-CA71F6B34D23}
[2011/10/28 11:10:06 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{BAE744CE-7C32-489B-8E28-91DA71559E57}
[2011/10/27 23:09:39 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{2222ED6E-C3A9-4AA7-B193-F99AC58F0C97}
[2011/10/27 23:09:27 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{7C5ABA93-F4D8-46F0-9908-1770832048CB}
[2011/10/27 11:08:59 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{A3567F77-6FFF-4288-B3BF-3A1F11D55375}
[2011/10/27 11:08:32 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{FE0835F6-12E9-4C9C-864E-E2285563B947}
[2011/10/26 12:20:42 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{239DB737-E6B2-4793-B544-C853C064A4D2}
[2011/10/26 12:20:30 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{61EE020C-08CE-46E6-AABA-56AD6CD683EB}
[2011/10/25 11:28:52 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{B6B1C5C4-AA40-4A76-82D0-A86E6430C1D1}
[2011/10/25 11:28:39 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{78859CD7-0CFF-4A9B-BA2E-8B3E6CBB253A}
[2011/10/24 21:56:43 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{0DDC3E53-0DCF-4F09-8D34-6BBFD725A46C}
[2011/10/24 21:56:32 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{B407D6E1-416D-464D-A7AD-5FB0827979DC}
[2011/10/24 09:56:01 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{FF532406-76C2-4BCD-B2CE-9BE80B0ADD83}
[2011/10/24 09:55:49 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{52F9747B-36B8-4867-BDCA-D4AC4790DE51}
[2011/10/23 16:53:09 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{B405E183-7B77-4ACB-A1A6-BC536B841A8F}
[2011/10/23 16:52:48 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{1856462E-FEEE-47D3-8A4F-8FCBE5BD0727}
[2011/10/22 20:50:49 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{0B9F10AF-81FD-4045-812E-2EA72E9A0715}
[2011/10/22 20:50:19 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{E4F01377-29D8-4D71-8D3C-FF24D5AB6B16}
[2011/10/21 23:10:00 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{512F5EC5-0362-4968-8DF5-33D3DF456FF6}
[2011/10/21 23:09:48 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{090E5F39-476D-4ABA-A02A-27D67B13493C}
[2011/10/21 11:09:18 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{6E23105D-3B57-4203-8970-CFBD25E81E2F}
[2011/10/21 11:09:05 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{679C9EC2-5F0F-4B81-8AFD-C6110E6D239C}
[2011/10/20 11:38:16 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{48786813-C3F5-474C-A883-751B6FCB7D2F}
[2011/10/20 11:38:04 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{F14C98CF-FBEA-4E96-BB2B-AC8705D47FA1}
[2011/10/18 22:57:52 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{FB188636-3959-4DA9-AA45-B8DB70E4E3A2}
[2011/10/18 22:57:40 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{621493C3-44FE-4B12-9EED-9CDFA6CC365C}
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2011/11/17 12:22:50 | 000,015,568 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/11/17 12:22:50 | 000,015,568 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/11/17 12:15:24 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/11/17 12:15:18 | 536,322,047 | -HS- | M] () -- C:\hiberfil.sys
[2011/11/17 00:09:02 | 000,000,928 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2069348105-253727359-2489619733-1000UA.job
[2011/11/17 00:09:01 | 000,000,906 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2069348105-253727359-2489619733-1000Core.job
[2011/11/16 20:51:48 | 001,545,858 | ---- | M] () -- C:\Users\Tarik\Desktop\tdsskiller.zip
[2011/11/16 12:21:12 | 001,564,976 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Tarik\Desktop\TDSSKiller.exe
[2011/11/14 23:09:00 | 000,000,000 | ---- | M] () -- C:\Users\Tarik\defogger_reenable
[2011/11/14 22:46:03 | 000,684,297 | ---- | M] () -- C:\Users\Tarik\Desktop\unhide.exe
[2011/11/14 22:33:51 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/11/14 21:24:08 | 001,845,358 | ---- | M] () -- C:\Windows\SysNative\drivers\Cat.DB
[2011/11/14 21:17:49 | 000,000,432 | ---- | M] () -- C:\ProgramData\gohO3ZswT2WugB
[2011/11/14 21:11:05 | 000,000,288 | ---- | M] () -- C:\ProgramData\~gohO3ZswT2WugB
[2011/11/14 21:11:05 | 000,000,216 | ---- | M] () -- C:\ProgramData\~gohO3ZswT2WugBr
[2011/11/11 19:45:20 | 000,000,332 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForTarik.job
[2011/11/09 17:33:35 | 004,912,240 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/11/03 13:53:20 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/11/03 13:53:20 | 000,653,928 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011/11/03 13:53:20 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/11/03 13:53:20 | 000,129,800 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011/11/03 13:53:20 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/11/01 22:58:14 | 000,117,520 | ---- | M] (MotioninJoy) -- C:\Windows\SysNative\drivers\MijXfilt.sys
[2011/10/24 13:17:25 | 000,000,317 | ---- | M] () -- C:\Windows\MSUTIL.INI
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2011/11/16 20:51:48 | 001,545,858 | ---- | C] () -- C:\Users\Tarik\Desktop\tdsskiller.zip
[2011/11/14 23:09:00 | 000,000,000 | ---- | C] () -- C:\Users\Tarik\defogger_reenable
[2011/11/14 22:45:53 | 000,684,297 | ---- | C] () -- C:\Users\Tarik\Desktop\unhide.exe
[2011/11/14 22:33:51 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/11/14 21:23:00 | 001,845,358 | ---- | C] () -- C:\Windows\SysNative\drivers\Cat.DB
[2011/11/14 20:43:29 | 000,000,216 | ---- | C] () -- C:\ProgramData\~gohO3ZswT2WugBr
[2011/11/14 20:43:28 | 000,000,288 | ---- | C] () -- C:\ProgramData\~gohO3ZswT2WugB
[2011/11/14 20:43:17 | 000,000,432 | ---- | C] () -- C:\ProgramData\gohO3ZswT2WugB
[2011/11/10 00:04:55 | 000,000,928 | ---- | C] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2069348105-253727359-2489619733-1000UA.job
[2011/11/10 00:04:54 | 000,000,906 | ---- | C] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2069348105-253727359-2489619733-1000Core.job
[2011/10/05 20:57:28 | 000,000,317 | ---- | C] () -- C:\Windows\MSUTIL.INI
[2011/05/24 22:44:26 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011/05/09 19:51:57 | 000,027,648 | ---- | C] () -- C:\Windows\SysWow64\AVSredirect.dll
[2011/04/09 13:44:56 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2011/03/31 21:45:26 | 000,000,056 | ---- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2011/03/17 18:51:44 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2010/12/02 04:30:41 | 000,009,988 | ---- | C] () -- C:\Windows\SysWow64\ezdigsgn.dat
[2010/12/02 03:58:59 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010/09/28 13:00:12 | 000,012,800 | ---- | C] () -- C:\Windows\LPRES.DLL
[2010/01/22 23:04:16 | 000,000,605 | ---- | C] () -- C:\Windows\m3jpeg.ini
[2009/07/14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
 
========== LOP Check ==========
 
[2011/04/15 12:51:18 | 000,000,000 | ---D | M] -- C:\Users\Tarik\AppData\Roaming\Azureus
[2011/06/05 08:50:55 | 000,000,000 | ---D | M] -- C:\Users\Tarik\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2011/04/11 18:50:13 | 000,000,000 | ---D | M] -- C:\Users\Tarik\AppData\Roaming\Foxit Software
[2011/04/01 13:36:11 | 000,000,000 | ---D | M] -- C:\Users\Tarik\AppData\Roaming\MotioninJoy
[2011/11/12 13:11:56 | 000,000,000 | ---D | M] -- C:\Users\Tarik\AppData\Roaming\Mp3tag
[2011/04/05 17:59:22 | 000,000,000 | ---D | M] -- C:\Users\Tarik\AppData\Roaming\Publish Providers
[2011/04/09 22:31:51 | 000,000,000 | ---D | M] -- C:\Users\Tarik\AppData\Roaming\Raptr
[2011/10/24 11:03:37 | 000,000,000 | ---D | M] -- C:\Users\Tarik\AppData\Roaming\Sony
[2011/10/04 09:41:47 | 000,000,000 | ---D | M] -- C:\Users\Tarik\AppData\Roaming\Sony Creative Software Inc
[2011/05/12 23:01:29 | 000,000,000 | ---D | M] -- C:\Users\Tarik\AppData\Roaming\TuneUp Software
[2011/04/08 19:25:52 | 000,000,000 | ---D | M] -- C:\Users\Tarik\AppData\Roaming\WinBatch
[2011/04/29 23:00:41 | 000,000,000 | ---D | M] -- C:\Users\Tarik\AppData\Roaming\Windows Live Writer
[2011/11/17 00:09:01 | 000,000,906 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2069348105-253727359-2489619733-1000Core.job
[2011/11/17 00:09:02 | 000,000,928 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2069348105-253727359-2489619733-1000UA.job
[2011/10/01 07:35:41 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 153 bytes -> C:\ProgramData\Temp:DFC5A2B2

< End of report >


kira 18.11.2011 09:36

Zitat:

Achtung wichtig!:
Falls Du selber im Logfile Änderungen vorgenommen hast, musst Du durch die Originalbezeichnung ersetzen und so in Script einfügen! sonst funktioniert nicht!
(Benutzerordner, dein Name oder sonstige Änderungen durch X, Stern oder andere Namen ersetzt)
1.
Fixen mit OTL
  • Starte die OTL.exe.
  • Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
  • Kopiere folgendes Skript:
Code:

:OTL
DRV - [2011/05/10 10:52:12 | 000,481,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2011/05/10 10:52:12 | 000,136,824 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPDSK/4
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPDSK/4
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPDSK/4
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPDSK/4
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPDSK/4
IE - HKCU\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - No CLSID value found
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
[2011/10/05 08:52:10 | 000,002,401 | ---- | M] () -- C:\Users\Tarik\AppData\Roaming\Mozilla\Firefox\Profiles\79wa8i6p.default\searchplugins\askcom.xml
[2010/01/01 09:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2010/01/01 09:00:00 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKCU..\Run: [Facebook Update] C:\Users\Tarik\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
[2011/11/17 00:09:02 | 000,000,928 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2069348105-253727359-2489619733-1000UA.job
[2011/11/17 00:09:01 | 000,000,906 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2069348105-253727359-2489619733-1000Core.job
[2011/11/14 21:17:49 | 000,000,432 | ---- | M] () -- C:\ProgramData\gohO3ZswT2WugB
[2011/11/14 21:11:05 | 000,000,288 | ---- | M] () -- C:\ProgramData\~gohO3ZswT2WugB
[2011/11/14 21:11:05 | 000,000,216 | ---- | M] () -- C:\ProgramData\~gohO3ZswT2WugBr
[2011/04/15 12:51:18 | 000,000,000 | ---D | M] -- C:\Users\Tarik\AppData\Roaming\Azureus
@Alternate Data Stream - 153 bytes -> C:\ProgramData\Temp:DFC5A2B2
:Commands
[purity]
[REBOOT]


2.
Hast Du absichtlich die IP 204.15.149.58 als Proxy eingestellt? Wenn ja, warum? Wenn nein:
wenn du keinen Proxyserver lokal installiert hast, nimm die Proxyeinstellungen aus den Interneteinstellungen raus

im Firefox:
Extras => Einstellungen => Erweitert => Netzwerk => Einstellungen.
Dort unter Verbindungs-Einstellungen => Kein Proxy anhaken.

Code:

FF - prefs.js..network.proxy.backup.ftp: "98.166.234.138"
FF - prefs.js..network.proxy.backup.ftp_port: 8085
FF - prefs.js..network.proxy.backup.socks: "98.166.234.138"
FF - prefs.js..network.proxy.backup.socks_port: 8085
FF - prefs.js..network.proxy.backup.ssl: "98.166.234.138"
FF - prefs.js..network.proxy.backup.ssl_port: 8085
FF - prefs.js..network.proxy.ftp: "68.169.39.192"
FF - prefs.js..network.proxy.ftp_port: 22085
FF - prefs.js..network.proxy.http: "68.169.39.192"
FF - prefs.js..network.proxy.http_port: 22085
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: "68.169.39.192"
FF - prefs.js..network.proxy.socks_port: 22085
FF - prefs.js..network.proxy.ssl: "68.169.39.192"
FF - prefs.js..network.proxy.ssl_port: 22085
FF - prefs.js..network.proxy.type: 0

3.
erneut einen Scan mit OTL:
  • Doppelklick auf die OTL.exe
  • Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
  • Oben findest Du ein Kästchen mit Ausgabe.
    Wähle bitte Standard-Ausgabe
  • Unter Extra-Registrierung wähle bitte Benutze SafeList.
  • Mache Häckchen bei LOP- und Purity-Prüfung.
  • Klicke nun auf Scan links oben.
  • Wenn der Scan beendet wurde werden zwei Logfiles erstellt.
    Du findest die Logfiles auf Deinem Desktop => OTL.txt und Extras.txt
  • Poste die Logfiles in Code-Tags hier in den Thread.

Zitat:

► Berichte mir kurz über alle Umsetzungsschritte (Fragen beantworten usw), die Du erledigt hast!

Chiko 18.11.2011 15:07

1. es kam nach dem neustart kein textdokument bzw. fand ich keins

2. es war schon ein Haken bei ''Kein Proxy''

3. OTL
Code:

OTL logfile created on: 11/18/2011 2:55:26 PM - Run 4
OTL by OldTimer - Version 3.2.31.0    Folder = C:\Users\Tarik\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
6.00 Gb Total Physical Memory | 4.08 Gb Available Physical Memory | 68.08% Memory free
12.00 Gb Paging File | 9.80 Gb Available in Paging File | 81.67% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 917.81 Gb Total Space | 713.93 Gb Free Space | 77.79% Space Free | Partition Type: NTFS
Drive D: | 13.60 Gb Total Space | 1.68 Gb Free Space | 12.39% Space Free | Partition Type: NTFS
Drive G: | 232.88 Gb Total Space | 150.81 Gb Free Space | 64.76% Space Free | Partition Type: NTFS
 
Computer Name: TARIK-HP | User Name: Tarik | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2011/11/18 14:01:17 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Tarik\Downloads\OTL.exe
PRC - [2011/11/09 13:50:10 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2011/08/31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011/06/28 15:55:22 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2011/03/28 16:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2011/03/28 15:15:04 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2011/03/28 15:14:56 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010/11/20 13:17:56 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
PRC - [2010/04/23 21:00:00 | 000,514,232 | ---- | M] (EasyBits Software AS) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe
PRC - [2010/01/18 19:21:08 | 000,568,888 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
PRC - [2009/10/15 00:53:20 | 000,635,416 | ---- | M] (PDF Complete Inc) -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe
PRC - [2008/11/20 19:47:28 | 000,062,768 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
PRC - [2007/09/02 12:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2011/11/09 13:50:10 | 001,989,592 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2010/01/18 19:21:08 | 000,568,888 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
MOD - [2007/09/02 12:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.exe
MOD - [2007/09/02 12:57:36 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2011/09/16 15:44:36 | 000,036,160 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp)
SRV:64bit: - [2011/05/25 04:03:38 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2011/05/24 22:18:38 | 000,365,568 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2010/09/22 17:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/03/05 02:25:36 | 000,209,000 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe -- (nSvcIp)
SRV:64bit: - [2010/03/05 02:25:34 | 000,496,232 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe -- (ForceWare Intelligent Application Manager (IAM))
SRV:64bit: - [2009/07/14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2011/09/16 15:51:20 | 002,027,840 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)
SRV - [2011/09/16 15:44:28 | 000,029,504 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp)
SRV - [2011/08/31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/06/28 15:55:22 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011/06/21 14:57:34 | 000,085,560 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe -- (HP Support Assistant Service)
SRV - [2011/03/28 16:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2011/03/28 15:15:04 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/10/15 00:53:20 | 000,635,416 | ---- | M] (PDF Complete Inc) [Auto | Running] -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe -- (pdfcDispatcher)
SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007/05/31 16:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007/05/31 16:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2011/11/01 22:58:14 | 000,117,520 | ---- | M] (MotioninJoy) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MijXfilt.sys -- (MotioninJoyXFilter)
DRV:64bit: - [2011/08/31 17:00:50 | 000,025,416 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2011/06/28 15:55:22 | 000,123,784 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2011/06/28 15:55:22 | 000,088,288 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2011/05/25 05:26:56 | 009,359,872 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011/05/25 03:25:42 | 000,309,760 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011/03/30 19:46:44 | 000,114,704 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2011/03/11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/09/22 23:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010/08/19 18:24:34 | 000,074,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2010/04/08 00:12:02 | 000,124,944 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2010/03/04 12:26:58 | 000,349,416 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvmf6264.sys -- (NVNET)
DRV:64bit: - [2010/02/18 08:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/14 01:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2011/02/10 09:22:58 | 000,011,856 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)
DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultengine: ""
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "Google.de"
FF - prefs.js..keyword.URL: "hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q="
FF - prefs.js..network.proxy.backup.ftp: "98.166.234.138"
FF - prefs.js..network.proxy.backup.ftp_port: 8085
FF - prefs.js..network.proxy.backup.socks: "98.166.234.138"
FF - prefs.js..network.proxy.backup.socks_port: 8085
FF - prefs.js..network.proxy.backup.ssl: "98.166.234.138"
FF - prefs.js..network.proxy.backup.ssl_port: 8085
FF - prefs.js..network.proxy.ftp: "68.169.39.192"
FF - prefs.js..network.proxy.ftp_port: 22085
FF - prefs.js..network.proxy.http: "68.169.39.192"
FF - prefs.js..network.proxy.http_port: 22085
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: "68.169.39.192"
FF - prefs.js..network.proxy.socks_port: 22085
FF - prefs.js..network.proxy.ssl: "68.169.39.192"
FF - prefs.js..network.proxy.ssl_port: 22085
FF - prefs.js..network.proxy.type: 0
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Tarik\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011/05/08 15:24:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011/05/08 15:24:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/11/09 13:50:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/05/07 22:43:53 | 000,000,000 | ---D | M]
 
[2011/03/31 12:40:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tarik\AppData\Roaming\mozilla\Extensions
[2011/11/15 00:01:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tarik\AppData\Roaming\mozilla\Firefox\Profiles\79wa8i6p.default\extensions
[2011/11/09 17:32:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
() (No name found) -- C:\USERS\TARIK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\79WA8I6P.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\USERS\TARIK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\79WA8I6P.DEFAULT\EXTENSIONS\FINDER@MEINGUTSCHEINCODE.DE.XPI
[2011/11/09 13:50:10 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2010/01/01 09:00:00 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010/01/01 09:00:00 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2010/01/01 09:00:00 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2010/01/01 09:00:00 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
 
O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O4:64bit: - HKLM..\Run: [hpsysdrv] c:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)
O4:64bit: - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
O4:64bit: - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe (PDF Complete Inc)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [RocketDock] C:\Program Files (x86)\RocketDock\RocketDock.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5C5B8455-A49D-4FC1-8E82-BD73DF535F3A}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O27:64bit: - HKLM IFEO\ezsecshield.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\ezsecshield.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe (TuneUp Software)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/07/01 15:23:43 | 000,000,000 | R--D | M] - G:\autorun -- [ NTFS ]
O32 - Unable to obtain root file information for disk G:\
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011/11/18 14:39:28 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/11/18 11:27:05 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{E8D4881C-EED0-48DE-94BB-5D81C5A164B8}
[2011/11/18 11:26:53 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{DE470A4B-A8FC-487C-B6B5-51CFF1D4672B}
[2011/11/18 00:28:24 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2011/11/17 22:06:52 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{15C086CE-7C1F-49E3-84DA-4FC768099956}
[2011/11/17 22:06:40 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{3825B2D8-84D8-47B2-BE31-BE236A6A37E7}
[2011/11/17 10:06:03 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{58C47C14-2F37-4212-A8C8-06D631DABC38}
[2011/11/17 10:05:50 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{CDE349A0-3FD1-40B3-B26D-2D512A4193A6}
[2011/11/17 00:40:11 | 000,000,000 | ---D | C] -- C:\Users\Tarik\Documents\Men's Fitness 12-2011 Dezember Deutsch
[2011/11/16 12:26:20 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{6EDC96CF-70D2-4ED3-97C1-585C2C5BFD26}
[2011/11/16 12:26:08 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{B95BAF7C-92AB-4E60-814B-D032A1C11FE8}
[2011/11/15 18:55:12 | 000,000,000 | ---D | C] -- C:\Users\Tarik\Documents\OFX Presets
[2011/11/15 17:29:41 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{864F6873-79C6-4B82-B165-F596FF9443B4}
[2011/11/15 17:29:26 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{A6E0ADC7-7B61-458A-AFDB-ADDE890B2DEB}
[2011/11/15 00:31:14 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{CE68F8B0-8323-4E6C-BD7A-2DD385D8350E}
[2011/11/15 00:31:01 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{C7E02587-ECF6-42AB-AE10-195ED19EC478}
[2011/11/14 22:34:08 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Roaming\Malwarebytes
[2011/11/14 22:33:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/11/14 22:33:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/11/14 22:33:43 | 000,025,416 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011/11/14 22:33:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011/11/14 21:22:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Tools Security
[2011/11/14 21:22:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PC Tools
[2011/11/14 21:19:11 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2011/11/14 12:30:33 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{CA8F7788-D333-416D-A424-B67918D4A732}
[2011/11/14 12:30:21 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{E98A1CCA-B7F9-43F1-B0C9-7787C16DE465}
[2011/11/13 21:15:30 | 000,000,000 | ---D | C] -- C:\Users\Tarik\Documents\Hörbuch
[2011/11/13 21:05:06 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{C9DDE7A6-2C7B-4CB3-B16E-A56508734A19}
[2011/11/13 21:04:53 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{C03462B5-712E-48CC-9574-3DA1D9791343}
[2011/11/13 09:04:06 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{7A3599DA-FD12-4FDB-93A4-3988F9DBE3C3}
[2011/11/13 09:03:52 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{1B01A0B9-48F9-422A-990D-CC7AD704025E}
[2011/11/12 10:59:19 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{13A121A4-AC2E-489A-ACED-C5E4D633CC81}
[2011/11/12 10:59:08 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{9D24F2E8-717E-47CB-B0D6-97F3CE157FF8}
[2011/11/11 22:58:39 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{DD178FEE-9F2F-4DD3-901A-402E92CC5EA3}
[2011/11/11 22:58:27 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{67E05047-5FAD-4124-A2B6-75BEA77A634A}
[2011/11/11 10:57:56 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{1EA9DD86-73EA-4D65-BD9D-AA0091BECACC}
[2011/11/11 10:57:41 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{D96036F6-82D3-451E-A939-366293381B69}
[2011/11/11 00:10:05 | 000,000,000 | ---D | C] -- C:\Users\Tarik\Documents\Quali 2010
[2011/11/11 00:09:20 | 000,000,000 | ---D | C] -- C:\Users\Tarik\Documents\Links2
[2011/11/11 00:08:48 | 000,000,000 | ---D | C] -- C:\Users\Tarik\Documents\Meine empfangenen Dateien
[2011/11/11 00:01:22 | 000,000,000 | ---D | C] -- C:\Users\Tarik\Documents\Photoshop
[2011/11/10 23:59:50 | 000,000,000 | ---D | C] -- C:\Users\Tarik\Documents\Sony Vegas
[2011/11/10 11:39:12 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{798F60D4-0C40-43B6-B4B6-614FCF2BF5A8}
[2011/11/10 11:39:01 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{23AC28EB-D829-4A34-BABD-00B74A9F56AC}
[2011/11/10 00:04:35 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\Facebook
[2011/11/09 23:38:34 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{F65050C3-FFFF-4AA3-9C0A-8A51B181147C}
[2011/11/09 23:38:22 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{8ECBE330-F342-44CB-A32A-02B176934D87}
[2011/11/09 11:37:42 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{4645F517-EF7E-4FD2-8D0E-D26B6B676F3E}
[2011/11/09 11:37:29 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{03E18D2A-D0E2-44BB-AF28-8AB1D34AAA3E}
[2011/11/08 23:16:14 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{4B637F14-14EA-4933-AA9B-34D1B9328EA9}
[2011/11/08 23:16:01 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{1D54B9D2-DF01-4192-A9BC-E93FDD114FB0}
[2011/11/08 11:15:33 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{4A92C528-D8F7-4135-81AA-BBBA178E3598}
[2011/11/08 11:15:20 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{20D0B301-BE7A-435F-BD3C-C58AE881314C}
[2011/11/07 20:50:04 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2011/11/07 17:10:49 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{9BA818B0-77C7-43CC-8AA1-16DF4D17515D}
[2011/11/07 17:10:33 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{70DCF78A-F80D-4CF5-A93C-1C4D6FA9F9D3}
[2011/11/06 23:34:29 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{6CA0EB60-A7A3-41CB-8944-566F35B027FA}
[2011/11/06 11:33:56 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{A448F4DC-E21E-41BF-A573-C9FFA14774EA}
[2011/11/06 11:33:39 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{1B02F3A4-97C7-4916-B961-FDAA168BEEA4}
[2011/11/05 16:04:45 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{573D1738-C157-4908-8C05-2646E25E8CDA}
[2011/11/05 16:04:26 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{31CC02F7-31B2-4E5C-8D16-3652D9BF3E1A}
[2011/11/04 23:20:48 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{0FE081F2-130A-4D7A-BFF1-76EA7C245231}
[2011/11/04 23:20:37 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{3AD3AE58-E7A0-42BF-8F35-32114ECBF853}
[2011/11/04 11:20:06 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{D23716BE-6041-446D-A8D8-51A3CE2F1A1B}
[2011/11/04 11:19:54 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{D1ADA8F5-E048-42BF-A374-21CB1F24A398}
[2011/11/03 20:22:44 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{B3149E1F-375F-45C1-B8DF-B6FF394F7237}
[2011/11/03 20:22:32 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{1ABFDCF9-BF1A-48BB-8198-C6B431A0EAC9}
[2011/11/03 08:22:01 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{2E57C71B-2791-4876-BA02-117A22B5AD60}
[2011/11/03 08:21:48 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{7D07CAA3-063B-4D81-9C7D-6537B18B6627}
[2011/11/02 18:56:18 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{095DF9A8-AB33-41FE-899F-6C9705069FC0}
[2011/11/02 18:56:05 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{E81719A6-9D6F-4497-8D12-C6F400890756}
[2011/11/01 23:30:54 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{7E6F863C-97AB-4946-B5E9-0600136AA57E}
[2011/11/01 23:30:43 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{00F69401-1B11-41BC-B9EB-3AC8AEB00168}
[2011/11/01 11:30:14 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{46BE2058-0C7D-401A-AA17-458C486FEE3C}
[2011/11/01 11:30:02 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{5CDAD7B6-172B-49FE-A1CA-AA5D33CCBAF3}
[2011/10/31 23:26:31 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{5BAC46B5-31E2-47CC-BBB8-7F0D7FD83888}
[2011/10/31 23:26:19 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{CE1953CA-8D19-4198-ABFC-6BBAA4F2C13B}
[2011/10/31 11:14:13 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{E3DE74F4-1B7E-4C0C-9CC6-5703E94CA988}
[2011/10/31 11:13:59 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{17CCB99A-50E4-43CE-9B94-79B18E91EBBF}
[2011/10/30 23:13:32 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{9C85C78C-62D7-4FC5-A243-993F931D9566}
[2011/10/30 23:13:20 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{4F0B5EBA-AC19-405B-886A-EF41F2759637}
[2011/10/30 11:12:53 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{35926FE3-BBA7-4F12-92AC-FFE6655A1F1F}
[2011/10/30 11:12:41 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{BD25716A-C11F-4ABF-B874-D226EA86DCFB}
[2011/10/29 23:12:14 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{B2A3859C-ECBE-4FA4-8DF1-D765B86EC299}
[2011/10/29 23:12:03 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{A21F202E-BFAC-4068-9373-06A1379AEB5E}
[2011/10/29 11:11:36 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{C7D47131-CB38-4A39-90EB-0604C71D1D35}
[2011/10/29 11:11:24 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{CE2176F9-590D-4A1F-AE67-0010488D5B8A}
[2011/10/28 23:10:57 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{38413A2D-154A-4177-BEF3-DF2DB471895C}
[2011/10/28 23:10:45 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{CC751866-8EE4-454D-A43C-A95DF28862A2}
[2011/10/28 11:10:18 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{4B5D20EF-EEE1-48D4-AC00-CA71F6B34D23}
[2011/10/28 11:10:06 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{BAE744CE-7C32-489B-8E28-91DA71559E57}
[2011/10/27 23:09:39 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{2222ED6E-C3A9-4AA7-B193-F99AC58F0C97}
[2011/10/27 23:09:27 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{7C5ABA93-F4D8-46F0-9908-1770832048CB}
[2011/10/27 11:08:59 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{A3567F77-6FFF-4288-B3BF-3A1F11D55375}
[2011/10/27 11:08:32 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{FE0835F6-12E9-4C9C-864E-E2285563B947}
[2011/10/26 12:20:42 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{239DB737-E6B2-4793-B544-C853C064A4D2}
[2011/10/26 12:20:30 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{61EE020C-08CE-46E6-AABA-56AD6CD683EB}
[2011/10/25 11:28:52 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{B6B1C5C4-AA40-4A76-82D0-A86E6430C1D1}
[2011/10/25 11:28:39 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{78859CD7-0CFF-4A9B-BA2E-8B3E6CBB253A}
[2011/10/24 21:56:43 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{0DDC3E53-0DCF-4F09-8D34-6BBFD725A46C}
[2011/10/24 21:56:32 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{B407D6E1-416D-464D-A7AD-5FB0827979DC}
[2011/10/24 09:56:01 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{FF532406-76C2-4BCD-B2CE-9BE80B0ADD83}
[2011/10/24 09:55:49 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{52F9747B-36B8-4867-BDCA-D4AC4790DE51}
[2011/10/23 16:53:09 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{B405E183-7B77-4ACB-A1A6-BC536B841A8F}
[2011/10/23 16:52:48 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{1856462E-FEEE-47D3-8A4F-8FCBE5BD0727}
[2011/10/22 20:50:49 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{0B9F10AF-81FD-4045-812E-2EA72E9A0715}
[2011/10/22 20:50:19 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{E4F01377-29D8-4D71-8D3C-FF24D5AB6B16}
[2011/10/21 23:10:00 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{512F5EC5-0362-4968-8DF5-33D3DF456FF6}
[2011/10/21 23:09:48 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{090E5F39-476D-4ABA-A02A-27D67B13493C}
[2011/10/21 11:09:18 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{6E23105D-3B57-4203-8970-CFBD25E81E2F}
[2011/10/21 11:09:05 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{679C9EC2-5F0F-4B81-8AFD-C6110E6D239C}
[2011/10/20 11:38:16 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{48786813-C3F5-474C-A883-751B6FCB7D2F}
[2011/10/20 11:38:04 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{F14C98CF-FBEA-4E96-BB2B-AC8705D47FA1}
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2011/11/18 14:51:31 | 000,015,568 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/11/18 14:51:31 | 000,015,568 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/11/18 14:43:56 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/11/18 14:43:54 | 536,322,047 | -HS- | M] () -- C:\hiberfil.sys
[2011/11/18 14:32:42 | 000,110,459 | ---- | M] () -- C:\Users\Tarik\Desktop\bookmarks-2011-11-18.json
[2011/11/18 14:29:04 | 000,000,332 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForTarik.job
[2011/11/14 21:24:08 | 001,845,358 | ---- | M] () -- C:\Windows\SysNative\drivers\Cat.DB
[2011/11/09 17:33:35 | 004,912,240 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/11/03 13:53:20 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/11/03 13:53:20 | 000,653,928 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011/11/03 13:53:20 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/11/03 13:53:20 | 000,129,800 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011/11/03 13:53:20 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/11/01 22:58:14 | 000,117,520 | ---- | M] (MotioninJoy) -- C:\Windows\SysNative\drivers\MijXfilt.sys
[2011/10/24 13:17:25 | 000,000,317 | ---- | M] () -- C:\Windows\MSUTIL.INI
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2011/11/18 14:32:42 | 000,110,459 | ---- | C] () -- C:\Users\Tarik\Desktop\bookmarks-2011-11-18.json
[2011/11/17 00:40:50 | 044,381,525 | ---- | C] () -- C:\Users\Tarik\Documents\Die Perfekte Masche Von Neil Strauss.pdf
[2011/11/17 00:40:07 | 011,496,185 | ---- | C] () -- C:\Users\Tarik\Documents\Muskel Guide - Gezieltes Krafttraining.pdf
[2011/11/14 21:23:00 | 001,845,358 | ---- | C] () -- C:\Windows\SysNative\drivers\Cat.DB
[2011/10/05 20:57:28 | 000,000,317 | ---- | C] () -- C:\Windows\MSUTIL.INI
[2011/05/24 22:44:26 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011/05/09 19:51:57 | 000,027,648 | ---- | C] () -- C:\Windows\SysWow64\AVSredirect.dll
[2011/04/09 13:44:56 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2011/03/31 21:45:26 | 000,000,056 | ---- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2011/03/17 18:51:44 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2010/12/02 04:30:41 | 000,009,988 | ---- | C] () -- C:\Windows\SysWow64\ezdigsgn.dat
[2010/12/02 03:58:59 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010/09/28 13:00:12 | 000,012,800 | ---- | C] () -- C:\Windows\LPRES.DLL
[2010/01/22 23:04:16 | 000,000,605 | ---- | C] () -- C:\Windows\m3jpeg.ini
[2009/07/14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
 
========== LOP Check ==========
 
[2011/06/05 08:50:55 | 000,000,000 | ---D | M] -- C:\Users\Tarik\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2011/04/11 18:50:13 | 000,000,000 | ---D | M] -- C:\Users\Tarik\AppData\Roaming\Foxit Software
[2011/04/01 13:36:11 | 000,000,000 | ---D | M] -- C:\Users\Tarik\AppData\Roaming\MotioninJoy
[2011/11/12 13:11:56 | 000,000,000 | ---D | M] -- C:\Users\Tarik\AppData\Roaming\Mp3tag
[2011/04/05 17:59:22 | 000,000,000 | ---D | M] -- C:\Users\Tarik\AppData\Roaming\Publish Providers
[2011/04/09 22:31:51 | 000,000,000 | ---D | M] -- C:\Users\Tarik\AppData\Roaming\Raptr
[2011/10/24 11:03:37 | 000,000,000 | ---D | M] -- C:\Users\Tarik\AppData\Roaming\Sony
[2011/10/04 09:41:47 | 000,000,000 | ---D | M] -- C:\Users\Tarik\AppData\Roaming\Sony Creative Software Inc
[2011/05/12 23:01:29 | 000,000,000 | ---D | M] -- C:\Users\Tarik\AppData\Roaming\TuneUp Software
[2011/04/08 19:25:52 | 000,000,000 | ---D | M] -- C:\Users\Tarik\AppData\Roaming\WinBatch
[2011/04/29 23:00:41 | 000,000,000 | ---D | M] -- C:\Users\Tarik\AppData\Roaming\Windows Live Writer
[2011/10/01 07:35:41 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 

< End of report >

Extras
Code:

OTL Extras logfile created on: 11/18/2011 2:55:26 PM - Run 4
OTL by OldTimer - Version 3.2.31.0    Folder = C:\Users\Tarik\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
6.00 Gb Total Physical Memory | 4.08 Gb Available Physical Memory | 68.08% Memory free
12.00 Gb Paging File | 9.80 Gb Available in Paging File | 81.67% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 917.81 Gb Total Space | 713.93 Gb Free Space | 77.79% Space Free | Partition Type: NTFS
Drive D: | 13.60 Gb Total Space | 1.68 Gb Free Space | 12.39% Space Free | Partition Type: NTFS
Drive G: | 232.88 Gb Total Space | 150.81 Gb Free Space | 64.76% Space Free | Partition Type: NTFS
 
Computer Name: TARIK-HP | User Name: Tarik | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{11BA2B00-1495-47B8-BFA8-D08C605AB2CC}" = Windows Live Family Safety
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{31A6FA40-E935-11E0-95F9-F04DA23A5C58}" = Vegas Pro 11.0 (64-bit)
"{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1" = MotioninJoy ds3 driver version 0.6.0001
"{33C19CDE-E935-11E0-A0DA-F04DA23A5C58}" = MSVCRT Redists
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{51317AF5-D39F-49EC-A4B5-87451466B837}" = AMD Fuel
"{54E192A6-AA33-1963-C96A-26AA7A3B41B4}" = ccc-utility64
"{5857E7BE-2F6F-D41A-42B2-B668B19A5F30}" = AMD Media Foundation Decoders
"{5B08AF35-B699-4A44-BB89-3E51E70611E8}" = HP MediaSmart SmartMenu
"{5DF57DB1-D971-3DA3-B4BB-F6FC7D73A997}" = AMD Drag and Drop Transcoding
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}" = Windows Mobile-Gerätecenter
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{C9608300-11F5-11E0-A64B-0013D3D69929}" = MSVCRT Redists
"{CEA21F20-DBF4-464C-8B81-28B8508AFDDD}" = Windows Live Family Safety
"{CFF9D801-1EC4-B8F5-2CAB-4A1790C95A18}" = ATI Catalyst Install Manager
"{D3A82E80-D0A5-11DF-B425-0013D3D69929}" = Vegas Pro 10.0 (64-bit)
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D79A02E9-6713-4335-9668-AAC7474C0C0E}" = HP Vision Hardware Diagnostics
"{D81C035E-D0A5-11DF-9450-0013D3D69929}" = MSVCRT Redists
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player ActiveX 64" = Adobe Flash Player 10 ActiveX 64-bit
"CCleaner" = CCleaner
"GenArts SapphireEdge Plug-ins for OFX_is1" = GenArts SapphireEdge Plug-ins 1.0 for OFX
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"NVIDIA Drivers" = NVIDIA Drivers
"WinRAR archiver" = WinRAR 4.00 (64-Bit)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}" = Messenger Companion
"{06E6E30D-B498-442F-A943-07DE41D7F785}" = Microsoft Search Enhancement Pack
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{19A492A0-888F-44A0-9B21-D91700763F62}" = Catalyst Control Center - Branding
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1C7108CF-774A-11E0-B3C5-0013D3D69929}" = Vegas Pro 10.0
"{1D7CE340-70C3-4848-BCCF-215950328A4C}" = Facebook Video Calling 1.0.0.8953
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1F77C418-2C90-459C-BD33-B56A4182B9FA}" = System Requirements Lab CYRI
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{229B6751-774A-11E0-BCAE-0013D3D69929}" = MSVCRT Redists
"{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}" = TuneUp Utilities 2011
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 22
"{3023EBDA-BF1B-4831-B347-E5018555F26E}" = Movie Theme Pack for HP MediaSmart Video
"{30D659E4-4405-6925-CDCF-EB8CD0C80DAC}" = Catalyst Control Center Graphics Previews Common
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3CA2B4FD-AEF2-ED4F-F5E5-0095DDA47AC7}" = Adobe Download Assistant
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}" = HP Advisor
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = Recovery Manager
"{46BA053F-57B3-4153-BDB6-D37EEC8B12D7}" = LightScribe System Software
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync
"{5D4C60AA-84E6-4E1A-8A68-69970D387BE1}" = TuneUp Utilities Language Pack (de-DE)
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{60DE7978-4F13-5584-5E53-DCEE1CB115A5}" = AMD VISION Engine Control Center
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}" = HP MediaSmart Photo
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.1.1.0
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72D90DB3-A16A-4545-B555-868471101833}" = HP Setup
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{85268C72-C609-E50A-7AB3-9B3582DFEE66}" = CCC Help English
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.SingleImage_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0407-1000-0000000FF1CE}_Office14.SingleImage_{594128C9-2CDF-43CE-8103-DC100CF013B6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.SingleImage_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.SingleImage_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}" = HP MediaSmart Music
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{AFF7E080-1974-45BF-9310-10DE1A1F5ED0}" = Adobe AIR
"{AFF8C8F4-E4BB-891F-8636-5E71F946C5B6}" = Catalyst Control Center InstallProxy
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B8AC1A89-FFD1-4F97-8051-E505A160F562}" = HP Odometer
"{B95B1BA9-F887-4B3C-8D3A-CCD4C4675120}" = Microsoft Default Manager
"{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}" = HP Support Information
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{CA43FE4F-9FF2-4AD7-88F0-CC3BAC17B226}" = HP Support Assistant
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D12E3E7F-1B13-4933-A915-16C7DD37A095}" = HP MediaSmart Video
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"{DE77FE3F-A33D-499A-87AD-5FC406617B40}" = HP Update
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}" = DVD Menu Pack for HP MediaSmart Video
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"aTube Catcher" = aTube Catcher
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant
"DivX Setup.divx.com" = DivX-Setup
"Foxit Creator" = Foxit Creator
"Foxit Reader" = Foxit Reader
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}" = Movie Theme Pack for HP MediaSmart Video
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}" = HP MediaSmart Photo
"InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}" = HP MediaSmart Music
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095}" = HP MediaSmart Video
"InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}" = DVD Menu Pack for HP MediaSmart Video
"JDownloader" = JDownloader
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware Version 1.51.2.1300
"Mozilla Firefox 8.0 (x86 de)" = Mozilla Firefox 8.0 (x86 de)
"Mp3tag" = Mp3tag v2.49
"MusicStationNetstaller" = MusicStation
"NewBlue 3D Explosions for Windows" = NewBlue 3D Explosions for Windows
"NewBlue 3D Transformations for Windows" = NewBlue 3D Transformations for Windows
"NewBlue Art Blends for Windows" = NewBlue Art Blends for Windows
"NewBlue Art Effects for Windows" = NewBlue Art Effects for Windows
"NewBlue Film Effects for Windows" = NewBlue Film Effects for Windows
"NewBlue Motion Blends for Windows" = NewBlue Motion Blends for Windows
"NewBlue Motion Effects for Windows" = NewBlue Motion Effects for Windows
"NewBlue Video Essentials for Windows" = NewBlue Video Essentials for Windows
"Office14.SingleImage" = Microsoft Office Home and Business 2010
"PDF Complete" = PDF Complete Special Edition
"RocketDock_is1" = RocketDock 1.3.5
"TuneUp Utilities 2011" = TuneUp Utilities 2011
"WinLiveSuite" = Windows Live Essentials
 
========== Last 10 Event Log Errors ==========
 
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
 
< End of report >


Chiko 18.11.2011 15:11

1. es kam nach dem neustart kein textdokument bzw. fand ich keins

2. es war schon ein Haken bei ''Kein Proxy''

3. OTL
Code:

OTL logfile created on: 11/18/2011 2:55:26 PM - Run 4
OTL by OldTimer - Version 3.2.31.0    Folder = C:\Users\Tarik\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
6.00 Gb Total Physical Memory | 4.08 Gb Available Physical Memory | 68.08% Memory free
12.00 Gb Paging File | 9.80 Gb Available in Paging File | 81.67% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 917.81 Gb Total Space | 713.93 Gb Free Space | 77.79% Space Free | Partition Type: NTFS
Drive D: | 13.60 Gb Total Space | 1.68 Gb Free Space | 12.39% Space Free | Partition Type: NTFS
Drive G: | 232.88 Gb Total Space | 150.81 Gb Free Space | 64.76% Space Free | Partition Type: NTFS
 
Computer Name: TARIK-HP | User Name: Tarik | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2011/11/18 14:01:17 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Tarik\Downloads\OTL.exe
PRC - [2011/11/09 13:50:10 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2011/08/31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011/06/28 15:55:22 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2011/03/28 16:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2011/03/28 15:15:04 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2011/03/28 15:14:56 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010/11/20 13:17:56 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
PRC - [2010/04/23 21:00:00 | 000,514,232 | ---- | M] (EasyBits Software AS) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe
PRC - [2010/01/18 19:21:08 | 000,568,888 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
PRC - [2009/10/15 00:53:20 | 000,635,416 | ---- | M] (PDF Complete Inc) -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe
PRC - [2008/11/20 19:47:28 | 000,062,768 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
PRC - [2007/09/02 12:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2011/11/09 13:50:10 | 001,989,592 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2010/01/18 19:21:08 | 000,568,888 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
MOD - [2007/09/02 12:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.exe
MOD - [2007/09/02 12:57:36 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2011/09/16 15:44:36 | 000,036,160 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp)
SRV:64bit: - [2011/05/25 04:03:38 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2011/05/24 22:18:38 | 000,365,568 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2010/09/22 17:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/03/05 02:25:36 | 000,209,000 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe -- (nSvcIp)
SRV:64bit: - [2010/03/05 02:25:34 | 000,496,232 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe -- (ForceWare Intelligent Application Manager (IAM))
SRV:64bit: - [2009/07/14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2011/09/16 15:51:20 | 002,027,840 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)
SRV - [2011/09/16 15:44:28 | 000,029,504 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp)
SRV - [2011/08/31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/06/28 15:55:22 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011/06/21 14:57:34 | 000,085,560 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe -- (HP Support Assistant Service)
SRV - [2011/03/28 16:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2011/03/28 15:15:04 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010/03/18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/10/15 00:53:20 | 000,635,416 | ---- | M] (PDF Complete Inc) [Auto | Running] -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe -- (pdfcDispatcher)
SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007/05/31 16:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007/05/31 16:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2011/11/01 22:58:14 | 000,117,520 | ---- | M] (MotioninJoy) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MijXfilt.sys -- (MotioninJoyXFilter)
DRV:64bit: - [2011/08/31 17:00:50 | 000,025,416 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2011/06/28 15:55:22 | 000,123,784 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2011/06/28 15:55:22 | 000,088,288 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2011/05/25 05:26:56 | 009,359,872 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011/05/25 03:25:42 | 000,309,760 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011/03/30 19:46:44 | 000,114,704 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2011/03/11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/09/22 23:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010/08/19 18:24:34 | 000,074,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2010/04/08 00:12:02 | 000,124,944 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2010/03/04 12:26:58 | 000,349,416 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvmf6264.sys -- (NVNET)
DRV:64bit: - [2010/02/18 08:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/14 01:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2011/02/10 09:22:58 | 000,011,856 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)
DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultengine: ""
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "Google.de"
FF - prefs.js..keyword.URL: "hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q="
FF - prefs.js..network.proxy.backup.ftp: "98.166.234.138"
FF - prefs.js..network.proxy.backup.ftp_port: 8085
FF - prefs.js..network.proxy.backup.socks: "98.166.234.138"
FF - prefs.js..network.proxy.backup.socks_port: 8085
FF - prefs.js..network.proxy.backup.ssl: "98.166.234.138"
FF - prefs.js..network.proxy.backup.ssl_port: 8085
FF - prefs.js..network.proxy.ftp: "68.169.39.192"
FF - prefs.js..network.proxy.ftp_port: 22085
FF - prefs.js..network.proxy.http: "68.169.39.192"
FF - prefs.js..network.proxy.http_port: 22085
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: "68.169.39.192"
FF - prefs.js..network.proxy.socks_port: 22085
FF - prefs.js..network.proxy.ssl: "68.169.39.192"
FF - prefs.js..network.proxy.ssl_port: 22085
FF - prefs.js..network.proxy.type: 0
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Tarik\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011/05/08 15:24:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011/05/08 15:24:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/11/09 13:50:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/05/07 22:43:53 | 000,000,000 | ---D | M]
 
[2011/03/31 12:40:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tarik\AppData\Roaming\mozilla\Extensions
[2011/11/15 00:01:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tarik\AppData\Roaming\mozilla\Firefox\Profiles\79wa8i6p.default\extensions
[2011/11/09 17:32:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
() (No name found) -- C:\USERS\TARIK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\79WA8I6P.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\USERS\TARIK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\79WA8I6P.DEFAULT\EXTENSIONS\FINDER@MEINGUTSCHEINCODE.DE.XPI
[2011/11/09 13:50:10 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2010/01/01 09:00:00 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010/01/01 09:00:00 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2010/01/01 09:00:00 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2010/01/01 09:00:00 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
 
O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O4:64bit: - HKLM..\Run: [hpsysdrv] c:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)
O4:64bit: - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
O4:64bit: - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe (PDF Complete Inc)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [RocketDock] C:\Program Files (x86)\RocketDock\RocketDock.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5C5B8455-A49D-4FC1-8E82-BD73DF535F3A}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O27:64bit: - HKLM IFEO\ezsecshield.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\ezsecshield.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe (TuneUp Software)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/07/01 15:23:43 | 000,000,000 | R--D | M] - G:\autorun -- [ NTFS ]
O32 - Unable to obtain root file information for disk G:\
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011/11/18 14:39:28 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/11/18 11:27:05 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{E8D4881C-EED0-48DE-94BB-5D81C5A164B8}
[2011/11/18 11:26:53 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{DE470A4B-A8FC-487C-B6B5-51CFF1D4672B}
[2011/11/18 00:28:24 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2011/11/17 22:06:52 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{15C086CE-7C1F-49E3-84DA-4FC768099956}
[2011/11/17 22:06:40 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{3825B2D8-84D8-47B2-BE31-BE236A6A37E7}
[2011/11/17 10:06:03 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{58C47C14-2F37-4212-A8C8-06D631DABC38}
[2011/11/17 10:05:50 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{CDE349A0-3FD1-40B3-B26D-2D512A4193A6}
[2011/11/17 00:40:11 | 000,000,000 | ---D | C] -- C:\Users\Tarik\Documents\Men's Fitness 12-2011 Dezember Deutsch
[2011/11/16 12:26:20 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{6EDC96CF-70D2-4ED3-97C1-585C2C5BFD26}
[2011/11/16 12:26:08 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{B95BAF7C-92AB-4E60-814B-D032A1C11FE8}
[2011/11/15 18:55:12 | 000,000,000 | ---D | C] -- C:\Users\Tarik\Documents\OFX Presets
[2011/11/15 17:29:41 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{864F6873-79C6-4B82-B165-F596FF9443B4}
[2011/11/15 17:29:26 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{A6E0ADC7-7B61-458A-AFDB-ADDE890B2DEB}
[2011/11/15 00:31:14 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{CE68F8B0-8323-4E6C-BD7A-2DD385D8350E}
[2011/11/15 00:31:01 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{C7E02587-ECF6-42AB-AE10-195ED19EC478}
[2011/11/14 22:34:08 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Roaming\Malwarebytes
[2011/11/14 22:33:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/11/14 22:33:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/11/14 22:33:43 | 000,025,416 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011/11/14 22:33:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011/11/14 21:22:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Tools Security
[2011/11/14 21:22:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PC Tools
[2011/11/14 21:19:11 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2011/11/14 12:30:33 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{CA8F7788-D333-416D-A424-B67918D4A732}
[2011/11/14 12:30:21 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{E98A1CCA-B7F9-43F1-B0C9-7787C16DE465}
[2011/11/13 21:15:30 | 000,000,000 | ---D | C] -- C:\Users\Tarik\Documents\Hörbuch
[2011/11/13 21:05:06 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{C9DDE7A6-2C7B-4CB3-B16E-A56508734A19}
[2011/11/13 21:04:53 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{C03462B5-712E-48CC-9574-3DA1D9791343}
[2011/11/13 09:04:06 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{7A3599DA-FD12-4FDB-93A4-3988F9DBE3C3}
[2011/11/13 09:03:52 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{1B01A0B9-48F9-422A-990D-CC7AD704025E}
[2011/11/12 10:59:19 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{13A121A4-AC2E-489A-ACED-C5E4D633CC81}
[2011/11/12 10:59:08 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{9D24F2E8-717E-47CB-B0D6-97F3CE157FF8}
[2011/11/11 22:58:39 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{DD178FEE-9F2F-4DD3-901A-402E92CC5EA3}
[2011/11/11 22:58:27 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{67E05047-5FAD-4124-A2B6-75BEA77A634A}
[2011/11/11 10:57:56 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{1EA9DD86-73EA-4D65-BD9D-AA0091BECACC}
[2011/11/11 10:57:41 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{D96036F6-82D3-451E-A939-366293381B69}
[2011/11/11 00:10:05 | 000,000,000 | ---D | C] -- C:\Users\Tarik\Documents\Quali 2010
[2011/11/11 00:09:20 | 000,000,000 | ---D | C] -- C:\Users\Tarik\Documents\Links2
[2011/11/11 00:08:48 | 000,000,000 | ---D | C] -- C:\Users\Tarik\Documents\Meine empfangenen Dateien
[2011/11/11 00:01:22 | 000,000,000 | ---D | C] -- C:\Users\Tarik\Documents\Photoshop
[2011/11/10 23:59:50 | 000,000,000 | ---D | C] -- C:\Users\Tarik\Documents\Sony Vegas
[2011/11/10 11:39:12 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{798F60D4-0C40-43B6-B4B6-614FCF2BF5A8}
[2011/11/10 11:39:01 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{23AC28EB-D829-4A34-BABD-00B74A9F56AC}
[2011/11/10 00:04:35 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\Facebook
[2011/11/09 23:38:34 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{F65050C3-FFFF-4AA3-9C0A-8A51B181147C}
[2011/11/09 23:38:22 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{8ECBE330-F342-44CB-A32A-02B176934D87}
[2011/11/09 11:37:42 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{4645F517-EF7E-4FD2-8D0E-D26B6B676F3E}
[2011/11/09 11:37:29 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{03E18D2A-D0E2-44BB-AF28-8AB1D34AAA3E}
[2011/11/08 23:16:14 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{4B637F14-14EA-4933-AA9B-34D1B9328EA9}
[2011/11/08 23:16:01 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{1D54B9D2-DF01-4192-A9BC-E93FDD114FB0}
[2011/11/08 11:15:33 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{4A92C528-D8F7-4135-81AA-BBBA178E3598}
[2011/11/08 11:15:20 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{20D0B301-BE7A-435F-BD3C-C58AE881314C}
[2011/11/07 20:50:04 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2011/11/07 17:10:49 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{9BA818B0-77C7-43CC-8AA1-16DF4D17515D}
[2011/11/07 17:10:33 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{70DCF78A-F80D-4CF5-A93C-1C4D6FA9F9D3}
[2011/11/06 23:34:29 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{6CA0EB60-A7A3-41CB-8944-566F35B027FA}
[2011/11/06 11:33:56 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{A448F4DC-E21E-41BF-A573-C9FFA14774EA}
[2011/11/06 11:33:39 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{1B02F3A4-97C7-4916-B961-FDAA168BEEA4}
[2011/11/05 16:04:45 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{573D1738-C157-4908-8C05-2646E25E8CDA}
[2011/11/05 16:04:26 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{31CC02F7-31B2-4E5C-8D16-3652D9BF3E1A}
[2011/11/04 23:20:48 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{0FE081F2-130A-4D7A-BFF1-76EA7C245231}
[2011/11/04 23:20:37 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{3AD3AE58-E7A0-42BF-8F35-32114ECBF853}
[2011/11/04 11:20:06 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{D23716BE-6041-446D-A8D8-51A3CE2F1A1B}
[2011/11/04 11:19:54 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{D1ADA8F5-E048-42BF-A374-21CB1F24A398}
[2011/11/03 20:22:44 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{B3149E1F-375F-45C1-B8DF-B6FF394F7237}
[2011/11/03 20:22:32 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{1ABFDCF9-BF1A-48BB-8198-C6B431A0EAC9}
[2011/11/03 08:22:01 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{2E57C71B-2791-4876-BA02-117A22B5AD60}
[2011/11/03 08:21:48 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{7D07CAA3-063B-4D81-9C7D-6537B18B6627}
[2011/11/02 18:56:18 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{095DF9A8-AB33-41FE-899F-6C9705069FC0}
[2011/11/02 18:56:05 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{E81719A6-9D6F-4497-8D12-C6F400890756}
[2011/11/01 23:30:54 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{7E6F863C-97AB-4946-B5E9-0600136AA57E}
[2011/11/01 23:30:43 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{00F69401-1B11-41BC-B9EB-3AC8AEB00168}
[2011/11/01 11:30:14 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{46BE2058-0C7D-401A-AA17-458C486FEE3C}
[2011/11/01 11:30:02 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{5CDAD7B6-172B-49FE-A1CA-AA5D33CCBAF3}
[2011/10/31 23:26:31 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{5BAC46B5-31E2-47CC-BBB8-7F0D7FD83888}
[2011/10/31 23:26:19 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{CE1953CA-8D19-4198-ABFC-6BBAA4F2C13B}
[2011/10/31 11:14:13 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{E3DE74F4-1B7E-4C0C-9CC6-5703E94CA988}
[2011/10/31 11:13:59 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{17CCB99A-50E4-43CE-9B94-79B18E91EBBF}
[2011/10/30 23:13:32 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{9C85C78C-62D7-4FC5-A243-993F931D9566}
[2011/10/30 23:13:20 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{4F0B5EBA-AC19-405B-886A-EF41F2759637}
[2011/10/30 11:12:53 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{35926FE3-BBA7-4F12-92AC-FFE6655A1F1F}
[2011/10/30 11:12:41 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{BD25716A-C11F-4ABF-B874-D226EA86DCFB}
[2011/10/29 23:12:14 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{B2A3859C-ECBE-4FA4-8DF1-D765B86EC299}
[2011/10/29 23:12:03 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{A21F202E-BFAC-4068-9373-06A1379AEB5E}
[2011/10/29 11:11:36 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{C7D47131-CB38-4A39-90EB-0604C71D1D35}
[2011/10/29 11:11:24 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{CE2176F9-590D-4A1F-AE67-0010488D5B8A}
[2011/10/28 23:10:57 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{38413A2D-154A-4177-BEF3-DF2DB471895C}
[2011/10/28 23:10:45 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{CC751866-8EE4-454D-A43C-A95DF28862A2}
[2011/10/28 11:10:18 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{4B5D20EF-EEE1-48D4-AC00-CA71F6B34D23}
[2011/10/28 11:10:06 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{BAE744CE-7C32-489B-8E28-91DA71559E57}
[2011/10/27 23:09:39 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{2222ED6E-C3A9-4AA7-B193-F99AC58F0C97}
[2011/10/27 23:09:27 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{7C5ABA93-F4D8-46F0-9908-1770832048CB}
[2011/10/27 11:08:59 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{A3567F77-6FFF-4288-B3BF-3A1F11D55375}
[2011/10/27 11:08:32 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{FE0835F6-12E9-4C9C-864E-E2285563B947}
[2011/10/26 12:20:42 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{239DB737-E6B2-4793-B544-C853C064A4D2}
[2011/10/26 12:20:30 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{61EE020C-08CE-46E6-AABA-56AD6CD683EB}
[2011/10/25 11:28:52 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{B6B1C5C4-AA40-4A76-82D0-A86E6430C1D1}
[2011/10/25 11:28:39 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{78859CD7-0CFF-4A9B-BA2E-8B3E6CBB253A}
[2011/10/24 21:56:43 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{0DDC3E53-0DCF-4F09-8D34-6BBFD725A46C}
[2011/10/24 21:56:32 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{B407D6E1-416D-464D-A7AD-5FB0827979DC}
[2011/10/24 09:56:01 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{FF532406-76C2-4BCD-B2CE-9BE80B0ADD83}
[2011/10/24 09:55:49 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{52F9747B-36B8-4867-BDCA-D4AC4790DE51}
[2011/10/23 16:53:09 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{B405E183-7B77-4ACB-A1A6-BC536B841A8F}
[2011/10/23 16:52:48 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{1856462E-FEEE-47D3-8A4F-8FCBE5BD0727}
[2011/10/22 20:50:49 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{0B9F10AF-81FD-4045-812E-2EA72E9A0715}
[2011/10/22 20:50:19 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{E4F01377-29D8-4D71-8D3C-FF24D5AB6B16}
[2011/10/21 23:10:00 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{512F5EC5-0362-4968-8DF5-33D3DF456FF6}
[2011/10/21 23:09:48 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{090E5F39-476D-4ABA-A02A-27D67B13493C}
[2011/10/21 11:09:18 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{6E23105D-3B57-4203-8970-CFBD25E81E2F}
[2011/10/21 11:09:05 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{679C9EC2-5F0F-4B81-8AFD-C6110E6D239C}
[2011/10/20 11:38:16 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{48786813-C3F5-474C-A883-751B6FCB7D2F}
[2011/10/20 11:38:04 | 000,000,000 | ---D | C] -- C:\Users\Tarik\AppData\Local\{F14C98CF-FBEA-4E96-BB2B-AC8705D47FA1}
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2011/11/18 14:51:31 | 000,015,568 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/11/18 14:51:31 | 000,015,568 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/11/18 14:43:56 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/11/18 14:43:54 | 536,322,047 | -HS- | M] () -- C:\hiberfil.sys
[2011/11/18 14:32:42 | 000,110,459 | ---- | M] () -- C:\Users\Tarik\Desktop\bookmarks-2011-11-18.json
[2011/11/18 14:29:04 | 000,000,332 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForTarik.job
[2011/11/14 21:24:08 | 001,845,358 | ---- | M] () -- C:\Windows\SysNative\drivers\Cat.DB
[2011/11/09 17:33:35 | 004,912,240 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011/11/03 13:53:20 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/11/03 13:53:20 | 000,653,928 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011/11/03 13:53:20 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/11/03 13:53:20 | 000,129,800 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011/11/03 13:53:20 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/11/01 22:58:14 | 000,117,520 | ---- | M] (MotioninJoy) -- C:\Windows\SysNative\drivers\MijXfilt.sys
[2011/10/24 13:17:25 | 000,000,317 | ---- | M] () -- C:\Windows\MSUTIL.INI
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2011/11/18 14:32:42 | 000,110,459 | ---- | C] () -- C:\Users\Tarik\Desktop\bookmarks-2011-11-18.json
[2011/11/17 00:40:50 | 044,381,525 | ---- | C] () -- C:\Users\Tarik\Documents\Die Perfekte Masche Von Neil Strauss.pdf
[2011/11/17 00:40:07 | 011,496,185 | ---- | C] () -- C:\Users\Tarik\Documents\Muskel Guide - Gezieltes Krafttraining.pdf
[2011/11/14 21:23:00 | 001,845,358 | ---- | C] () -- C:\Windows\SysNative\drivers\Cat.DB
[2011/10/05 20:57:28 | 000,000,317 | ---- | C] () -- C:\Windows\MSUTIL.INI
[2011/05/24 22:44:26 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011/05/09 19:51:57 | 000,027,648 | ---- | C] () -- C:\Windows\SysWow64\AVSredirect.dll
[2011/04/09 13:44:56 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2011/03/31 21:45:26 | 000,000,056 | ---- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2011/03/17 18:51:44 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2010/12/02 04:30:41 | 000,009,988 | ---- | C] () -- C:\Windows\SysWow64\ezdigsgn.dat
[2010/12/02 03:58:59 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010/09/28 13:00:12 | 000,012,800 | ---- | C] () -- C:\Windows\LPRES.DLL
[2010/01/22 23:04:16 | 000,000,605 | ---- | C] () -- C:\Windows\m3jpeg.ini
[2009/07/14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
 
========== LOP Check ==========
 
[2011/06/05 08:50:55 | 000,000,000 | ---D | M] -- C:\Users\Tarik\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2011/04/11 18:50:13 | 000,000,000 | ---D | M] -- C:\Users\Tarik\AppData\Roaming\Foxit Software
[2011/04/01 13:36:11 | 000,000,000 | ---D | M] -- C:\Users\Tarik\AppData\Roaming\MotioninJoy
[2011/11/12 13:11:56 | 000,000,000 | ---D | M] -- C:\Users\Tarik\AppData\Roaming\Mp3tag
[2011/04/05 17:59:22 | 000,000,000 | ---D | M] -- C:\Users\Tarik\AppData\Roaming\Publish Providers
[2011/04/09 22:31:51 | 000,000,000 | ---D | M] -- C:\Users\Tarik\AppData\Roaming\Raptr
[2011/10/24 11:03:37 | 000,000,000 | ---D | M] -- C:\Users\Tarik\AppData\Roaming\Sony
[2011/10/04 09:41:47 | 000,000,000 | ---D | M] -- C:\Users\Tarik\AppData\Roaming\Sony Creative Software Inc
[2011/05/12 23:01:29 | 000,000,000 | ---D | M] -- C:\Users\Tarik\AppData\Roaming\TuneUp Software
[2011/04/08 19:25:52 | 000,000,000 | ---D | M] -- C:\Users\Tarik\AppData\Roaming\WinBatch
[2011/04/29 23:00:41 | 000,000,000 | ---D | M] -- C:\Users\Tarik\AppData\Roaming\Windows Live Writer
[2011/10/01 07:35:41 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 

< End of report >

Extras
Code:

OTL Extras logfile created on: 11/18/2011 2:55:26 PM - Run 4
OTL by OldTimer - Version 3.2.31.0    Folder = C:\Users\Tarik\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
6.00 Gb Total Physical Memory | 4.08 Gb Available Physical Memory | 68.08% Memory free
12.00 Gb Paging File | 9.80 Gb Available in Paging File | 81.67% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 917.81 Gb Total Space | 713.93 Gb Free Space | 77.79% Space Free | Partition Type: NTFS
Drive D: | 13.60 Gb Total Space | 1.68 Gb Free Space | 12.39% Space Free | Partition Type: NTFS
Drive G: | 232.88 Gb Total Space | 150.81 Gb Free Space | 64.76% Space Free | Partition Type: NTFS
 
Computer Name: TARIK-HP | User Name: Tarik | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{11BA2B00-1495-47B8-BFA8-D08C605AB2CC}" = Windows Live Family Safety
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{31A6FA40-E935-11E0-95F9-F04DA23A5C58}" = Vegas Pro 11.0 (64-bit)
"{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1" = MotioninJoy ds3 driver version 0.6.0001
"{33C19CDE-E935-11E0-A0DA-F04DA23A5C58}" = MSVCRT Redists
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{51317AF5-D39F-49EC-A4B5-87451466B837}" = AMD Fuel
"{54E192A6-AA33-1963-C96A-26AA7A3B41B4}" = ccc-utility64
"{5857E7BE-2F6F-D41A-42B2-B668B19A5F30}" = AMD Media Foundation Decoders
"{5B08AF35-B699-4A44-BB89-3E51E70611E8}" = HP MediaSmart SmartMenu
"{5DF57DB1-D971-3DA3-B4BB-F6FC7D73A997}" = AMD Drag and Drop Transcoding
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}" = Windows Mobile-Gerätecenter
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{C9608300-11F5-11E0-A64B-0013D3D69929}" = MSVCRT Redists
"{CEA21F20-DBF4-464C-8B81-28B8508AFDDD}" = Windows Live Family Safety
"{CFF9D801-1EC4-B8F5-2CAB-4A1790C95A18}" = ATI Catalyst Install Manager
"{D3A82E80-D0A5-11DF-B425-0013D3D69929}" = Vegas Pro 10.0 (64-bit)
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D79A02E9-6713-4335-9668-AAC7474C0C0E}" = HP Vision Hardware Diagnostics
"{D81C035E-D0A5-11DF-9450-0013D3D69929}" = MSVCRT Redists
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player ActiveX 64" = Adobe Flash Player 10 ActiveX 64-bit
"CCleaner" = CCleaner
"GenArts SapphireEdge Plug-ins for OFX_is1" = GenArts SapphireEdge Plug-ins 1.0 for OFX
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"NVIDIA Drivers" = NVIDIA Drivers
"WinRAR archiver" = WinRAR 4.00 (64-Bit)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}" = Messenger Companion
"{06E6E30D-B498-442F-A943-07DE41D7F785}" = Microsoft Search Enhancement Pack
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{15FEDA5F-141C-4127-8D7E-B962D1742728}" = Adobe Photoshop CS5
"{19A492A0-888F-44A0-9B21-D91700763F62}" = Catalyst Control Center - Branding
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1C7108CF-774A-11E0-B3C5-0013D3D69929}" = Vegas Pro 10.0
"{1D7CE340-70C3-4848-BCCF-215950328A4C}" = Facebook Video Calling 1.0.0.8953
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1F77C418-2C90-459C-BD33-B56A4182B9FA}" = System Requirements Lab CYRI
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{229B6751-774A-11E0-BCAE-0013D3D69929}" = MSVCRT Redists
"{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}" = TuneUp Utilities 2011
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 22
"{3023EBDA-BF1B-4831-B347-E5018555F26E}" = Movie Theme Pack for HP MediaSmart Video
"{30D659E4-4405-6925-CDCF-EB8CD0C80DAC}" = Catalyst Control Center Graphics Previews Common
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3CA2B4FD-AEF2-ED4F-F5E5-0095DDA47AC7}" = Adobe Download Assistant
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}" = HP Advisor
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = Recovery Manager
"{46BA053F-57B3-4153-BDB6-D37EEC8B12D7}" = LightScribe System Software
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync
"{5D4C60AA-84E6-4E1A-8A68-69970D387BE1}" = TuneUp Utilities Language Pack (de-DE)
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{60DE7978-4F13-5584-5E53-DCEE1CB115A5}" = AMD VISION Engine Control Center
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}" = HP MediaSmart Photo
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.1.1.0
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72D90DB3-A16A-4545-B555-868471101833}" = HP Setup
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{85268C72-C609-E50A-7AB3-9B3582DFEE66}" = CCC Help English
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.SingleImage_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0407-1000-0000000FF1CE}_Office14.SingleImage_{594128C9-2CDF-43CE-8103-DC100CF013B6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.SingleImage_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.SingleImage_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}" = HP MediaSmart Music
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{AFF7E080-1974-45BF-9310-10DE1A1F5ED0}" = Adobe AIR
"{AFF8C8F4-E4BB-891F-8636-5E71F946C5B6}" = Catalyst Control Center InstallProxy
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B8AC1A89-FFD1-4F97-8051-E505A160F562}" = HP Odometer
"{B95B1BA9-F887-4B3C-8D3A-CCD4C4675120}" = Microsoft Default Manager
"{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}" = HP Support Information
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{CA43FE4F-9FF2-4AD7-88F0-CC3BAC17B226}" = HP Support Assistant
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D12E3E7F-1B13-4933-A915-16C7DD37A095}" = HP MediaSmart Video
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"{DE77FE3F-A33D-499A-87AD-5FC406617B40}" = HP Update
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}" = DVD Menu Pack for HP MediaSmart Video
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"aTube Catcher" = aTube Catcher
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant
"DivX Setup.divx.com" = DivX-Setup
"Foxit Creator" = Foxit Creator
"Foxit Reader" = Foxit Reader
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}" = Movie Theme Pack for HP MediaSmart Video
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}" = HP MediaSmart Photo
"InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}" = HP MediaSmart Music
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095}" = HP MediaSmart Video
"InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}" = DVD Menu Pack for HP MediaSmart Video
"JDownloader" = JDownloader
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware Version 1.51.2.1300
"Mozilla Firefox 8.0 (x86 de)" = Mozilla Firefox 8.0 (x86 de)
"Mp3tag" = Mp3tag v2.49
"MusicStationNetstaller" = MusicStation
"NewBlue 3D Explosions for Windows" = NewBlue 3D Explosions for Windows
"NewBlue 3D Transformations for Windows" = NewBlue 3D Transformations for Windows
"NewBlue Art Blends for Windows" = NewBlue Art Blends for Windows
"NewBlue Art Effects for Windows" = NewBlue Art Effects for Windows
"NewBlue Film Effects for Windows" = NewBlue Film Effects for Windows
"NewBlue Motion Blends for Windows" = NewBlue Motion Blends for Windows
"NewBlue Motion Effects for Windows" = NewBlue Motion Effects for Windows
"NewBlue Video Essentials for Windows" = NewBlue Video Essentials for Windows
"Office14.SingleImage" = Microsoft Office Home and Business 2010
"PDF Complete" = PDF Complete Special Edition
"RocketDock_is1" = RocketDock 1.3.5
"TuneUp Utilities 2011" = TuneUp Utilities 2011
"WinLiveSuite" = Windows Live Essentials
 
========== Last 10 Event Log Errors ==========
 
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
 
< End of report >

Und jetzt spinnt auch noch mein Firefox, seiten wie youtube, facebook usw. werden nicht vollständig geladen, ich sehe nur einen weißen bildschirm mit der schrieft der seiten, sonst nix!

Habe alles bis jetzt so gemacht wie beschrieben.

EDIT!

Fire fox problem dank ccleaner gelöst

kira 18.11.2011 20:56

1.
Fixen mit OTL
  • Starte die OTL.exe.
  • Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
  • Kopiere folgendes Skript:
Code:

:OTL
FF - prefs.js..browser.search.defaultengine: ""
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.order.1: ""
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "Google.de"
FF - prefs.js..keyword.URL: "http://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q="
FF - prefs.js..network.proxy.backup.ftp: "98.166.234.138"
FF - prefs.js..network.proxy.backup.ftp_port: 8085
FF - prefs.js..network.proxy.backup.socks: "98.166.234.138"
FF - prefs.js..network.proxy.backup.socks_port: 8085
FF - prefs.js..network.proxy.backup.ssl: "98.166.234.138"
FF - prefs.js..network.proxy.backup.ssl_port: 8085
FF - prefs.js..network.proxy.ftp: "68.169.39.192"
FF - prefs.js..network.proxy.ftp_port: 22085
FF - prefs.js..network.proxy.http: "68.169.39.192"
FF - prefs.js..network.proxy.http_port: 22085
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: "68.169.39.192"
FF - prefs.js..network.proxy.socks_port: 22085
FF - prefs.js..network.proxy.ssl: "68.169.39.192"
FF - prefs.js..network.proxy.ssl_port: 22085
FF - prefs.js..network.proxy.type: 0
:Commands
[purity]
[emptytemp]


2.
reinige dein System mit Ccleaner:
  • "Cleaner"→ "Analysieren"→ Klick auf den Button "Start CCleaner"
  • "Registry""Fehler suchen"→ "Fehler beheben"→ "Alle beheben"
  • Starte dein System neu auf

3.
TDSSKiller von Kaspersky
  • Lade den TDSSKiller und entpacke das Archiv auf Deinen Desktop.
  • Vergewissere Dich, dass die TDSSKiller.exe direkt auf dem Desktop liegt (nicht in einem Ordner auf dem Desktop).
  • deaktiviere vorübergehend dein AntiVirus-Programm
  • Starte die TDSSKiller.exe durch Doppelklick.
  • Nach Beendigung der Arbeit schlägt das Tool vor, das System neu zu starten.
    Bestätige das ggfs. mit Y(es).
    Beim Hochfahren des Systems führt der Treiber alle geplanten Operationen aus löscht sich danach.
  • Poste mir den Inhalt von C:\TDSSKiller<random>.txt hier in den Thread.
Hier findest Du eine ausführlichere Anleitung.

Chiko 20.11.2011 23:49

1. hier das texdokument
Code:

All processes killed
========== OTL ==========
Prefs.js: "" removed from browser.search.defaultengine
Prefs.js: "" removed from browser.search.defaultenginename
Prefs.js: "" removed from browser.search.order.1
Prefs.js: "Google" removed from browser.search.selectedEngine
Prefs.js: true removed from browser.search.useDBForOrder
Prefs.js: "Google.de" removed from browser.startup.homepage
Prefs.js: "hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q=" removed from keyword.URL
Prefs.js: "98.166.234.138" removed from network.proxy.backup.ftp
Prefs.js: 8085 removed from network.proxy.backup.ftp_port
Prefs.js: "98.166.234.138" removed from network.proxy.backup.socks
Prefs.js: 8085 removed from network.proxy.backup.socks_port
Prefs.js: "98.166.234.138" removed from network.proxy.backup.ssl
Prefs.js: 8085 removed from network.proxy.backup.ssl_port
Prefs.js: "68.169.39.192" removed from network.proxy.ftp
Prefs.js: 22085 removed from network.proxy.ftp_port
Prefs.js: "68.169.39.192" removed from network.proxy.http
Prefs.js: 22085 removed from network.proxy.http_port
Prefs.js: true removed from network.proxy.share_proxy_settings
Prefs.js: "68.169.39.192" removed from network.proxy.socks
Prefs.js: 22085 removed from network.proxy.socks_port
Prefs.js: "68.169.39.192" removed from network.proxy.ssl
Prefs.js: 22085 removed from network.proxy.ssl_port
Prefs.js: 0 removed from network.proxy.type
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56466 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Public
 
User: Tarik
->Temp folder emptied: 362473 bytes
->Temporary Internet Files folder emptied: 46837786 bytes
->Java cache emptied: 26320287 bytes
->FireFox cache emptied: 669750948 bytes
->Flash cache emptied: 8185085 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 48151 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67832 bytes
RecycleBin emptied: 110459 bytes
 
Total Files Cleaned = 717.00 mb
 
 
OTL by OldTimer - Version 3.2.31.0 log created on 11202011_222954

Files\Folders moved on Reboot...
C:\Users\Tarik\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...

2. Pc ist geccleanert!

3. TDSSKILLER hat wieder nix gefunden und somit auch kein vorschlag auf einen Neustart.

kira 21.11.2011 12:53

1.
** Update Malwarebytes Anti-Malware, lass es nochmal anhand der folgenden Anleitung laufen:
  • per Doppelklick starten.
  • gleich mal die Datenbanken zu aktualisieren - online updaten
  • Vollständiger Suchlauf wählen (überall Haken setzen)
  • wenn der Scanvorgang beendet ist, klicke auf "Zeige Resultate"
  • alle Funde bis auf - falls MBAM meldet in C:\System Volume Information - den Haken bitte entfernen - markieren und auf "Löschen" - "Ausgewähltes entfernen") klicken.
  • Poste das Ergebnis hier in den Thread - den Bericht findest Du unter "Scan-Berichte"
eine bebilderte Anleitung findest Du hier: Anleitung

2.
Deine Javaversion ist nicht aktuell!
→ Downloade nun die Offline-Version von Java Version 6 Update 29 von Oracle herunter
Achte darauf, eventuell angebotene Toolbars abwählen (den Haken bei der Toolbar entfernen)!

3.
reinige dein System mit Ccleaner:
  • "Cleaner"→ "Analysieren"→ Klick auf den Button "Start CCleaner"
  • "Registry""Fehler suchen"→ "Fehler beheben"→ "Alle beheben"
  • Starte dein System neu auf

4.
  • lade Dir SUPERAntiSpyware FREE Edition herunter.
  • installiere das Programm und update online.
  • starte SUPERAntiSpyware und klicke auf "Ihren Computer durchsuchen"
  • setze ein Häkchen bei "Kompletter Scan" und klicke auf "Weiter"
  • anschließend alle gefundenen Schadprogramme werden aufgelistet, bei alle Funde Häkchen setzen und mit "OK" bestätigen
  • auf "Weiter" klicken dann "OK" und auf "Fertig stellen"
  • um die Ergebnisse anzuzeigen: auf "Präferenzen" dann auf den "Statistiken und Protokolle" klicken
  • drücke auf "Protokoll anzeigen" - anschließend diesen Bericht bitte speichern und hier posten

5.
Auch auf USB-Sticks, selbstgebrannten Datenträgern, externen Festplatten und anderen Datenträgern können Viren transportiert werden. Man muss daher durch regelmäßige Prüfungen auf Schäden, die durch Malware ("Worm.Win32.Autorun") verursacht worden sein können, überwacht werden. Hierfür sind ser gut geegnet und empfohlen, die auf dem Speichermedium gesicherten Daten, mit Hilfe des kostenlosen Online Scanners zu prüfen.
Schließe jetzt alle externe Datenträgeran (USB Sticks etc) Deinen Rechner an, dabei die Hochstell-Taste [Shift-Taste] gedrückt halten, damit die Autorun-Funktion nicht ausgeführt wird. (So verhindest Du die Ausführung der AUTORUN-Funktion) - Man kann die AUTORUN-Funktion aber auch generell abschalten.►Anleitung

-> Führe dann einen Komplett-Systemcheck mit Eset Online Scanner (NOD32)Kostenlose Online Scanner durch
Achtung!: >>Du sollst nicht die Antivirus-Sicherheitssoftware installieren, sondern dein System nur online scannen<<

► wie verhält sich den dein System?


Alle Zeitangaben in WEZ +1. Es ist jetzt 15:32 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131