Trojaner-Board - Win32/Injector.JRX Trojaner C:\Users\XXXXX\AppData\Roaming\WinHost\host.exe

Hey,
nachfolgend die Malwarebytes Berichte.

Code:

Malwarebytes Anti-Malware (Test) 1.61.0.1400

www.malwarebytes.org
 

Datenbank Version: v2012.04.28.04
 

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

Jonathan :: JONATHAN-PC [Administrator]
 

Schutz: Deaktiviert
 

28.04.2012 14:24:44

mbam-log-2012-04-28 (14-24-44).txt
 

Art des Suchlaufs: Vollständiger Suchlauf

Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM

Deaktivierte Suchlaufeinstellungen: P2P

Durchsuchte Objekte: 667886

Laufzeit: 1 Stunde(n), 20 Minute(n), 40 Sekunde(n)
 

Infizierte Speicherprozesse: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Speichermodule: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Registrierungsschlüssel: 2

HKCR\CLSID\{PCL3DI80-M738-434I-820B-KTNY77G7I787} (Backdoor.Agent) -> Erfolgreich gelöscht und in Quarantäne gestellt.

HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{PCL3DI80-M738-434I-820B-KTNY77G7I787} (Backdoor.Agent) -> Erfolgreich gelöscht und in Quarantäne gestellt.
 

Infizierte Registrierungswerte: 2

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Windows Systemhost (Backdoor.Agent) -> Daten: C:\Windows\Host\svchost.exe -> Erfolgreich gelöscht und in Quarantäne gestellt.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Windows Systemhost (Backdoor.Agent) -> Daten: C:\Windows\Host\svchost.exe -> Erfolgreich gelöscht und in Quarantäne gestellt.
 

Infizierte Dateiobjekte der Registrierung: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Verzeichnisse: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Dateien: 8

C:\Windows\Host\svchost.exe (Backdoor.Agent) -> Erfolgreich gelöscht und in Quarantäne gestellt.

C:\Users\Jonathan\AppData\Roaming\logs.dat (Bifrose.Trace) -> Erfolgreich gelöscht und in Quarantäne gestellt.

C:\Users\Jonathan\AppData\Local\Temp\MSN.abc (Malware.Trace) -> Erfolgreich gelöscht und in Quarantäne gestellt.

C:\Users\Jonathan\AppData\Local\Temp\UuU.uUu (Malware.Trace) -> Erfolgreich gelöscht und in Quarantäne gestellt.

C:\Users\Jonathan\AppData\Local\Temp\XxX.xXx (Malware.Trace) -> Erfolgreich gelöscht und in Quarantäne gestellt.

C:\Users\Jonathan\AppData\Local\Temp\xxxyyyzzz.dat (Malware.Trace) -> Erfolgreich gelöscht und in Quarantäne gestellt.

C:\Windows\System32\WinHost\host.exe (Backdoor.Agent) -> Erfolgreich gelöscht und in Quarantäne gestellt.

C:\Windows\SysWOW64\WinHost\host.exe (Backdoor.Agent) -> Erfolgreich gelöscht und in Quarantäne gestellt.
 

(Ende)

Code:

Malwarebytes Anti-Malware (Test) 1.61.0.1400

www.malwarebytes.org
 

Datenbank Version: v2012.04.28.04
 

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

Jonathan :: JONATHAN-PC [Administrator]
 

Schutz: Deaktiviert
 

28.04.2012 16:13:10

mbam-log-2012-04-28 (16-13-10).txt
 

Art des Suchlaufs: Vollständiger Suchlauf

Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM

Deaktivierte Suchlaufeinstellungen: P2P

Durchsuchte Objekte: 436471

Laufzeit: 48 Minute(n), 36 Sekunde(n)
 

Infizierte Speicherprozesse: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Speichermodule: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Registrierungsschlüssel: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Registrierungswerte: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Dateiobjekte der Registrierung: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Verzeichnisse: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Dateien: 1

C:\Users\Jonathan\AppData\Local\Temp\xxxyyyzzz.dat (Malware.Trace) -> Erfolgreich gelöscht und in Quarantäne gestellt.
 

(Ende)

Zusätzlich auch der Otl Bericht

Code:

OTL logfile created on: 28.04.2012 18:12:13 - Run 1

OTL by OldTimer - Version 3.2.42.1     Folder = C:\Users\XXXXX\Desktop

64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

15,98 Gb Total Physical Memory | 11,41 Gb Available Physical Memory | 71,44% Memory free

31,95 Gb Paging File | 27,62 Gb Available in Paging File | 86,43% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 130,64 Gb Total Space | 14,25 Gb Free Space | 10,91% Space Free | Partition Type: NTFS

Drive D: | 800,78 Gb Total Space | 70,54 Gb Free Space | 8,81% Space Free | Partition Type: NTFS

 

Computer Name: XXXXX-PC | User Name: XXXXX | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Processes (SafeList) ==========

 

PRC - C:\Users\XXXXX\Desktop\OTL.exe (OldTimer Tools)

PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

PRC - C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe ()

PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()

PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)

PRC - C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe ()

PRC - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH)

PRC - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe ()

PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)

PRC - C:\Program Files (x86)\Razer\Naga\RazerNagaSysTray.exe (Razer USA Ltd)

PRC - C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe (AnchorFree Inc.)

PRC - C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerApp.exe (ESET)

PRC - C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe ()

PRC - C:\Program Files (x86)\TwonkyMedia\twonkymediaserverwatchdog.exe (PacketVideo)

PRC - C:\Program Files (x86)\TwonkyMedia\TwonkyMediaServer.exe ()

PRC - C:\Windows\SysWOW64\explorer.exe (Microsoft Corporation)

PRC - C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe (ASUSTeK Computer Inc.)

PRC - C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe (ASUSTeK Computer Inc.)

PRC - C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe ()

PRC - C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe (ASUSTeK Computer Inc.)

PRC - C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\pnSvc.exe (ASUSTeK Computer Inc.)

PRC - C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe (ASUSTeK Computer Inc.)

PRC - C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\EC Simulator.exe (ASUSTeK Computer Inc.)

PRC - C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe ()

PRC - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe ()

PRC - C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\VRMHelp.exe (ASUSTeK Computer Inc.)

PRC - C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe (ASUSTeK Computer Inc.)

PRC - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (StarWind Software)

 

 
 ========== Modules (No Company Name) ==========

 

MOD - C:\Program Files (x86)\Mozilla Firefox\extensions\afurladvisor@anchorfree.com\components\afurladvisor12.dll ()

MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()

MOD - C:\Program Files (x86)\VideoLAN\VLC\libvlc.dll ()

MOD - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe ()

MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_output\libwaveout_plugin.dll ()

MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_output\libaout_directx_plugin.dll ()

MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\mmxext\libmemcpymmxext_plugin.dll ()

MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libmkv_plugin.dll ()

MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libsid_plugin.dll ()

MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\liblive555_plugin.dll ()

MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libplaylist_plugin.dll ()

MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libogg_plugin.dll ()

MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libmpc_plugin.dll ()

MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libavi_plugin.dll ()

MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libasf_plugin.dll ()

MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libflacsys_plugin.dll ()

MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libnuv_plugin.dll ()

MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libwav_plugin.dll ()

MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libsmf_plugin.dll ()

MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libtta_plugin.dll ()

MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libdirac_plugin.dll ()

MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\gui\libqt4_plugin.dll ()

MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libmp4_plugin.dll ()

MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libes_plugin.dll ()

MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\librawvid_plugin.dll ()

MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libtheora_plugin.dll ()

MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\lua\liblua_plugin.dll ()

MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libflac_plugin.dll ()

MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libpng_plugin.dll ()

MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libspeex_plugin.dll ()

MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libaraw_plugin.dll ()

MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libcvdsub_plugin.dll ()

MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libcdg_plugin.dll ()

MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\liblibass_plugin.dll ()

MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libvorbis_plugin.dll ()

MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libschroedinger_plugin.dll ()

MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libfaad_plugin.dll ()

MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libdvdnav_plugin.dll ()

MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\access\liblibbluray_plugin.dll ()

MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libdshow_plugin.dll ()

MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libaccess_bd_plugin.dll ()

MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libaccess_http_plugin.dll ()

MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libzip_plugin.dll ()

MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libaccess_vdr_plugin.dll ()

MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\liblpcm_plugin.dll ()

MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libdts_plugin.dll ()

MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libspudec_plugin.dll ()

MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libmpeg_audio_plugin.dll ()

MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libsvcdsub_plugin.dll ()

MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\librawvideo_plugin.dll ()

MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libaes3_plugin.dll ()

MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libstream_filter_rar_plugin.dll ()

MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libfilesystem_plugin.dll ()

MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\meta_engine\libtaglib_plugin.dll ()

MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\packetizer\libpacketizer_h264_plugin.dll ()

MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\services_discovery\libsap_plugin.dll ()

MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\packetizer\libpacketizer_mpeg4audio_plugin.dll ()

MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\packetizer\libpacketizer_dirac_plugin.dll ()

MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\packetizer\libpacketizer_vc1_plugin.dll ()

MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\packetizer\libpacketizer_mpegvideo_plugin.dll ()

MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\packetizer\libpacketizer_flac_plugin.dll ()

MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\packetizer\libpacketizer_mpeg4video_plugin.dll ()

MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\packetizer\libpacketizer_mlp_plugin.dll ()

MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\meta_engine\libfolder_plugin.dll ()

MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\misc\libxml_plugin.dll ()

MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\libstream_filter_dash_plugin.dll ()

MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\libstream_filter_httplive_plugin.dll ()

MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\video_output\libdirectx_plugin.dll ()

MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\control\libhotkeys_plugin.dll ()

MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\control\libglobalhotkeys_plugin.dll ()

MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\libstream_filter_record_plugin.dll ()

MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libdtstofloat32_plugin.dll ()

MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libspeex_resampler_plugin.dll ()

MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libdtstospdif_plugin.dll ()

MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libconverter_fixed_plugin.dll ()

MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libugly_resampler_plugin.dll ()

MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\liba52tospdif_plugin.dll ()

MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_mixer\libfloat32_mixer_plugin.dll ()

MOD - C:\Program Files (x86)\VideoLAN\VLC\libvlccore.dll ()

MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libsamplerate_plugin.dll ()

MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libmpgatofixed32_plugin.dll ()

MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\liba52tofloat32_plugin.dll ()

MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libaudio_format_plugin.dll ()

MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libscaletempo_plugin.dll ()

MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libsimple_channel_mixer_plugin.dll ()

MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libtrivial_channel_mixer_plugin.dll ()

MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libdolby_surround_decoder_plugin.dll ()

MOD - C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe ()

MOD - D:\Programme\SplitMediaLabs\XSplit\avformat-53.dll ()

MOD - D:\Programme\SplitMediaLabs\XSplit\avutil-51.dll ()

MOD - D:\Programme\SplitMediaLabs\XSplit\avcodec-53.dll ()

MOD - D:\Programme\SplitMediaLabs\XSplit\swscale-0.dll ()

MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()

MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()

MOD - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf ()

MOD - C:\Program Files (x86)\ASUS\AI Suite II\AI Charger+\AIChargerPlus.dll ()

MOD - C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\BarGadget.dll ()

MOD - C:\Program Files (x86)\ASUS\AI Suite II\Sensor\Sensor.dll ()

MOD - C:\Program Files (x86)\ASUS\AI Suite II\AssistFunc.dll ()

MOD - C:\Program Files (x86)\ASUS\AI Suite II\Settings\Settings.dll ()

MOD - C:\Program Files (x86)\ASUS\AI Suite II\Bluetooth Go!\BluetoothGo.dll ()

MOD - C:\Program Files (x86)\ASUS\AI Suite II\Probe_II\ProbeII.dll ()

MOD - C:\Program Files (x86)\ASUS\AI Suite II\MyLogo\MyLogo.dll ()

MOD - C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\AsNetlib.dll ()

MOD - C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\CpuFreq.dll ()

MOD - C:\Program Files (x86)\ASUS\AI Suite II\ASUS Update\Update.dll ()

MOD - C:\Program Files (x86)\ASUS\AI Suite II\Sensor Graph\SensorGraph.dll ()

MOD - C:\Windows\SysWOW64\IccLibDll.dll ()

MOD - C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMLib.dll ()

MOD - C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\TabGadget.dll ()

MOD - C:\Program Files (x86)\ASUS\AI Suite II\Splitter\Splitter.dll ()

MOD - C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\asacpiEx.dll ()

MOD - C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\aaHMLib.dll ()

MOD - C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\pngio.dll ()

MOD - C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\ImageHelper.dll ()

MOD - C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\AssistFunc.dll ()

MOD - C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\ImageHelper.dll ()

MOD - C:\Program Files (x86)\ASUS\AI Suite II\ImageHelper.dll ()

MOD - C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\aaHMLib.dll ()

MOD - C:\Program Files (x86)\ASUS\AI Suite II\pngio.dll ()

MOD - C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\pngio.dll ()

MOD - C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\HookKey32.dll ()

MOD - C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\AsMultiLang.dll ()

 

 
 ========== Win32 Services (SafeList) ==========

 

SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)

SRV - (xsherlock) -- C:\Windows\SysWOW64\xsherlock.xem (Wellbia.com Co., Ltd.)

SRV - (HssTrayService) -- C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE ()

SRV - (hshld) -- C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe ()

SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()

SRV - (HiPatchService) -- d:\Programme\Hi-Rez Studios\HiPatchService.exe (Hi-Rez Studios)

SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)

SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)

SRV - (HssWd) -- C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe ()

SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)

SRV - (TeamViewer7) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH)

SRV - (TunngleService) -- d:\Programme\Tunngle\TnglCtrl.exe (Tunngle.net GmbH)

SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)

SRV - (HssSrv) -- C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe (AnchorFree Inc.)

SRV - (MSSQLSERVER) SQL Server (MSSQLSERVER) -- C:\Programme\Microsoft SQL Server\MSSQL10.MSSQLSERVER\MSSQL\Binn\sqlservr.exe (Microsoft Corporation)

SRV - (MSSQL$SQLEXPRESS) SQL Server (SQLEXPRESS) -- C:\Programme\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe (Microsoft Corporation)

SRV - (SQLWriter) -- C:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation)

SRV - (SQLSERVERAGENT) SQL Server-Agent (MSSQLSERVER) -- C:\Programme\Microsoft SQL Server\MSSQL10.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE (Microsoft Corporation)

SRV - (SQLAgent$SQLEXPRESS) SQL Server-Agent (SQLEXPRESS) -- C:\Programme\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE (Microsoft Corporation)

SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)

SRV - (TwonkyMedia) -- C:\Program Files (x86)\TwonkyMedia\twonkymediaserverwatchdog.exe (PacketVideo)

SRV - (DTSAudioService) -- C:\Programme\Realtek\Audio\HDA\DTSAudioService64.exe (DTS)

SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)

SRV - (asHmComSvc) -- C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe ()

SRV - (asComSvc) -- C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe ()

SRV - (AtherosSvc) -- C:\Program Files (x86)\Bluetooth Suite\adminservice.exe (Atheros Commnucations)

SRV - (AsSysCtrlService) -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe ()

SRV - (npggsvc) -- C:\Windows\SysWOW64\GameMon.des (INCA Internet Co., Ltd.)

SRV - (nTuneService) -- C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe (NVIDIA)

SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)

SRV - (osppsvc) -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)

SRV - (StarWindServiceAE) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (StarWind Software)

SRV - (UpdateCenterService) -- C:\Program Files (x86)\NVIDIA Corporation\System Update\UpdateCenterService.exe (NVIDIA)

SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)

SRV - (MSSQLServerADHelper100) -- C:\Programme\Microsoft SQL Server\100\Shared\sqladhlp.exe (Microsoft Corporation)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV:64bit: - (HssDrv) -- C:\Windows\SysNative\drivers\HssDrv.sys (AnchorFree Inc.)

DRV:64bit: - (taphss) -- C:\Windows\SysNative\drivers\taphss.sys (AnchorFree Inc)

DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)

DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys ()

DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)

DRV:64bit: - (asmtxhci) -- C:\Windows\SysNative\drivers\asmtxhci.sys (ASMedia Technology Inc)

DRV:64bit: - (asmthub3) -- C:\Windows\SysNative\drivers\asmthub3.sys (ASMedia Technology Inc)

DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)

DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)

DRV:64bit: - (RzSynapse) -- C:\Windows\SysNative\drivers\RzSynapse.sys (Razer USA Ltd)

DRV:64bit: - (RsFx0105) -- C:\Windows\SysNative\drivers\RsFx0105.sys (Microsoft Corporation)

DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek                                            )

DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)

DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)

DRV:64bit: - (TFsExDisk) -- C:\Windows\SysNative\drivers\TFsExDisk.sys (Teruten Inc)

DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)

DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)

DRV:64bit: - (cpuz135) -- C:\Windows\SysNative\drivers\cpuz135_x64.sys (CPUID)

DRV:64bit: - (AiChargerPlus) -- C:\Windows\SysNative\drivers\AiChargerPlus.sys (ASUSTek Computer Inc.)

DRV:64bit: - (BTATH_A2DP) -- C:\Windows\SysNative\drivers\btath_a2dp.sys (Atheros)

DRV:64bit: - (BtFilter) -- C:\Windows\SysNative\drivers\btfilter.sys (Atheros)

DRV:64bit: - (BTATH_HCRP) -- C:\Windows\SysNative\drivers\btath_hcrp.sys (Atheros)

DRV:64bit: - (BTATH_RCP) -- C:\Windows\SysNative\drivers\btath_rcp.sys (Atheros)

DRV:64bit: - (BTATH_LWFLT) -- C:\Windows\SysNative\drivers\btath_lwflt.sys (Atheros)

DRV:64bit: - (ATHDFU) -- C:\Windows\SysNative\drivers\AthDfu.sys (Windows (R) Win 7 DDK provider)

DRV:64bit: - (AthBTPort) -- C:\Windows\SysNative\drivers\btath_flt.sys (Atheros)

DRV:64bit: - (BTATH_BUS) -- C:\Windows\SysNative\drivers\btath_bus.sys (Atheros)

DRV:64bit: - (MEIx64) Intel(R) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)

DRV:64bit: - (ss_bmdm) -- C:\Windows\SysNative\drivers\ss_bmdm.sys (MCCI Corporation)

DRV:64bit: - (ss_bserd) -- C:\Windows\SysNative\drivers\ss_bserd.sys (MCCI Corporation)

DRV:64bit: - (ss_bbus) SAMSUNG USB Mobile Device (WDM) -- C:\Windows\SysNative\drivers\ss_bbus.sys (MCCI)

DRV:64bit: - (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter) -- C:\Windows\SysNative\drivers\ss_bmdfl.sys (MCCI Corporation)

DRV:64bit: - (ICCWDT) Intel(R) Watchdog Timer Driver (Intel(R) WDT) -- C:\Windows\SysNative\drivers\ICCWDT.sys (Intel Corporation)

DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions)

DRV:64bit: - (cpuz134) -- C:\Windows\SysNative\drivers\cpuz134_x64.sys (Windows (R) Win 7 DDK provider)

DRV:64bit: - (nm3) -- C:\Windows\SysNative\drivers\nm3.sys (Microsoft Corporation)

DRV:64bit: - (USTOR2K) -- C:\Windows\SysNative\drivers\ustor2k.sys (Genesys Logic)

DRV:64bit: - (dgderdrv) -- C:\Windows\SysNative\drivers\dgderdrv.sys (Devguru Co., Ltd)

DRV:64bit: - (Lycosa) -- C:\Windows\SysNative\drivers\Lycosa.sys (Razer USA Ltd.)

DRV:64bit: - (tap0901t) TAP-Win32 Adapter V9 (Tunngle) -- C:\Windows\SysNative\drivers\tap0901t.sys (Tunngle.net)

DRV:64bit: - (nvoclk64) -- C:\Windows\SysNative\drivers\nvoclk64.sys (NVIDIA Corp.)

DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)

DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)

DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)

DRV:64bit: - (1394hub) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)

DRV:64bit: - (WSDPrintDevice) -- C:\Windows\SysNative\drivers\WSDPrint.sys (Microsoft Corporation)

DRV:64bit: - (StillCam) -- C:\Windows\SysNative\drivers\serscan.sys (Microsoft Corporation)

DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)

DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)

DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)

DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)

DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)

DRV:64bit: - (hamachi) -- C:\Windows\SysNative\drivers\hamachi.sys (LogMeIn, Inc.)

DRV:64bit: - (KoneFltr) -- C:\Windows\SysNative\drivers\Kone.sys (ROCCAT Ltd)

DRV:64bit: - (epmntdrv) -- C:\Windows\SysNative\epmntdrv.sys ()

DRV:64bit: - (EuGdiDrv) -- C:\Windows\SysNative\EuGdiDrv.sys ()

DRV:64bit: - (PCAMp50a64) -- C:\Windows\SysNative\drivers\PCAMp50a64.sys (Printing Communications Assoc., Inc. (PCAUSA))

DRV:64bit: - (PCASp50a64) -- C:\Windows\SysNative\drivers\PCASp50a64.sys (Printing Communications Assoc., Inc. (PCAUSA))

DRV - (gdrv) -- C:\Windows\gdrv.sys (Windows (R) Server 2003 DDK provider)

DRV - (cpudrv64) -- C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys ()

DRV - (GVTDrv64) -- C:\Windows\GVTDrv64.sys ()

DRV - (etdrv) -- C:\Windows\etdrv.sys (Windows (R) Server 2003 DDK provider)

DRV - (TFsExDisk) -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys (Teruten Inc)

DRV - (UnlockerDriver5) -- C:\Programme\Unlocker\UnlockerDriver5.sys ()

DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)

DRV - (epmntdrv) -- C:\Windows\SysWOW64\epmntdrv.sys ()

DRV - (EuGdiDrv) -- C:\Windows\SysWOW64\EuGdiDrv.sys ()

DRV - (NPPTNT2) -- C:\Windows\SysWOW64\npptNT2.sys (INCA Internet Co., Ltd.)

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = C:\Users\XXXXX\Desktop

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = ED C7 D3 09 86 56 CB 01  [binary data]

IE - HKCU\..\SearchScopes,DefaultScope = {560AAF3E-4B30-4AB4-B2E1-3B2A26A5F009}

IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC

IE - HKCU\..\SearchScopes\{560AAF3E-4B30-4AB4-B2E1-3B2A26A5F009}: "URL" = hxxp://www.google.de/search?q={searchTerms}

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 203.232.208.116:8080

 
 ========== FireFox ==========

 

FF - prefs.js..network.proxy.type: 0

FF - user.js - File not found

 

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_231.dll File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)

FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.0.0: C:\Windows\system32\npDeployJava1.dll File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.0.0: C:\Program Files\Java\jre8\bin\new_plugin\npjp2.dll (Oracle Corporation)

FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation)

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_231.dll ()

FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: D:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()

FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)

FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)

FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.0: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll File not found

FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)

FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.104.0: C:\Program Files (x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dll File not found

FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.116.0: C:\Program Files (x86)\Battlelog Web Plugins\1.116.0\npesnlaunch.dll (ESN Social Software AB)

FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.118.0: C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll (ESN Social Software AB)

FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.96.0: C:\Program Files (x86)\Battlelog Web Plugins\1.96.0\npesnlaunch.dll File not found

FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon)

FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF - HKLM\Software\MozillaPlugins\@Webzen.com/NPBrowserExt: C:\Program Files (x86)\WEBZEN\BrowserExtension\NPWZCmnCtrl.dll (WEBZEN)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\XXXXX\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\XXXXX\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Users\XXXXX\AppData\Local\Facebook\Messenger\2.0.4478.0\npFbDesktopPlugin.dll (Facebook, Inc.)

FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

 

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Minefield 4.0b7pre\extensions\\Components: C:\PROGRAM FILES (X86)\MINEFIELD\COMPONENTS

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Minefield 4.0b7pre\extensions\\Plugins: C:\PROGRAM FILES (X86)\MINEFIELD\PLUGINS

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Nightly 14.0a1\extensions\\Components: C:\PROGRAM FILES\NIGHTLY\COMPONENTS [2012.04.03 23:55:23 | 000,000,000 | ---D | M]

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Nightly 14.0a1\extensions\\Plugins: C:\PROGRAM FILES\NIGHTLY\PLUGINS

FF - HKEY_LOCAL_MACHINE\software\mozilla\Aurora 13.0a2\extensions\\Components: C:\Program Files (x86)\Aurora\components [2012.03.24 20:43:25 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Aurora 13.0a2\extensions\\Plugins: C:\Program Files (x86)\Aurora\plugins [2012.04.11 00:08:05 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\web2pdfextension@web2pdf.adobedotcom: D:\Programme\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2011.06.13 21:23:50 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}: D:\Programme\Adobe\Adobe Contribute CS5.1\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2011.06.13 21:36:04 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.02.28 19:37:43 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.04.24 16:38:29 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.04.11 00:08:05 | 000,000,000 | ---D | M]

 

[2011.08.29 15:22:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\XXXXX\AppData\Roaming\mozilla\Extensions

[2012.04.25 21:46:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\XXXXX\AppData\Roaming\mozilla\Firefox\Profiles\k0yziiq9.default\extensions

[2012.04.06 01:30:36 | 000,000,000 | ---D | M] (WOT) -- C:\Users\XXXXX\AppData\Roaming\mozilla\Firefox\Profiles\k0yziiq9.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}

[2011.08.30 14:09:32 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\XXXXX\AppData\Roaming\mozilla\Firefox\Profiles\k0yziiq9.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}

[2012.04.20 21:46:14 | 000,000,000 | ---D | M] (Better Battlelog (BBLog)) -- C:\Users\XXXXX\AppData\Roaming\mozilla\Firefox\Profiles\k0yziiq9.default\extensions\jid1-qQSMEVsYTOjgYA@jetpack

[2012.04.26 00:08:26 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions

[2012.04.26 00:08:26 | 000,000,000 | ---D | M] (Hotspot Shield Helper (Please allow this installation)) -- C:\Program Files (x86)\mozilla firefox\extensions\afurladvisor@anchorfree.com

() (No name found) -- C:\USERS\XXXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K0YZIIQ9.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI

() (No name found) -- C:\USERS\XXXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K0YZIIQ9.DEFAULT\EXTENSIONS\{EF522540-89F5-46B9-B6FE-1829E2B572C6}.XPI

() (No name found) -- C:\USERS\XXXXX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K0YZIIQ9.DEFAULT\EXTENSIONS\ICH@MALTEGOETZ.DE.XPI

[2012.04.21 03:18:00 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll

[2012.03.21 19:53:37 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll

[2012.04.21 03:54:08 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml

[2012.04.21 03:54:08 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml

[2012.04.21 03:54:08 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml

[2012.04.21 03:54:08 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml

[2012.04.21 03:54:08 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml

[2012.04.21 03:54:08 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml

 
 ========== Chrome  ==========

 

CHR - default_search_provider: Google (Enabled)

CHR - default_search_provider: search_url = hxxp://www.google.de/search?q={searchTerms}

CHR - default_search_provider: suggest_url = 

CHR - plugin: Shockwave Flash (Enabled) = C:\Users\XXXXX\AppData\Local\Google\Chrome\Application\19.0.1055.1\gcswf32.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll

CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll

CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll

CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll

CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll

CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll

CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll

CHR - plugin: Java Deployment Toolkit 6.0.270.7 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll

CHR - plugin: Java(TM) Platform SE 6 U27 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll

CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll

CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll

CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll

CHR - plugin: DivX Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll

CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL

CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL

CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\Users\XXXXX\AppData\Local\Google\Chrome\Application\19.0.1055.1\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\XXXXX\AppData\Local\Google\Chrome\Application\19.0.1055.1\pdf.dll

CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\1.96.0\npesnlaunch.dll

CHR - plugin: ESN Sonar API (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.3\npesnsonar.dll

CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll

CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll

CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

CHR - plugin: VLC Multimedia Plug-in (Enabled) = D:\Programme\VLC\npvlc.dll

CHR - plugin: iTunes Application Detector (Enabled) = D:\Programme\iTunes\Mozilla Plugins\npitunes.dll

CHR - plugin: Veetle TV Player (Enabled) = d:\Programme\Veetle\Player\npvlc.dll

CHR - plugin: Veetle TV Core (Enabled) = d:\Programme\Veetle\plugins\npVeetle.dll

CHR - plugin: Default Plug-in (Enabled) = default_plugin

CHR - Extension: Adblock Plus (Beta) = C:\Users\XXXXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\

CHR - Extension: Mehr Leistung und Videoformate f\u00FCr dein HTML5 \u003Cvideo\u003E = C:\Users\XXXXX\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\

 

O1 HOSTS File: ([2012.04.25 07:33:43 | 000,440,865 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O1 - Hosts: 127.0.0.1        activate.adobe.com

O1 - Hosts: 127.0.0.1        practivate.adobe.com

O1 - Hosts: 127.0.0.1        serial.alcohol-soft.com

O1 - Hosts: 127.0.0.1        alcohol-soft.com

O1 - Hosts: 127.0.0.1        images.alcohol-soft.com

O1 - Hosts: 127.0.0.1        mermaidconsulting.dk

O1 - Hosts: 127.0.0.1        www.007guard.com

O1 - Hosts: 127.0.0.1        007guard.com

O1 - Hosts: 127.0.0.1        008i.com

O1 - Hosts: 127.0.0.1        www.008k.com

O1 - Hosts: 127.0.0.1        008k.com

O1 - Hosts: 127.0.0.1        www.00hq.com

O1 - Hosts: 127.0.0.1        00hq.com

O1 - Hosts: 127.0.0.1        010402.com

O1 - Hosts: 127.0.0.1        www.032439.com

O1 - Hosts: 127.0.0.1        032439.com

O1 - Hosts: 127.0.0.1        www.0scan.com

O1 - Hosts: 127.0.0.1        0scan.com

O1 - Hosts: 127.0.0.1        1000gratisproben.com

O1 - Hosts: 127.0.0.1        www.1000gratisproben.com

O1 - Hosts: 127.0.0.1        1001namen.com

O1 - Hosts: 127.0.0.1        www.1001namen.com

O1 - Hosts: 127.0.0.1        100888290cs.com

O1 - Hosts: 127.0.0.1        www.100888290cs.com

O1 - Hosts: 127.0.0.1        www.100sexlinks.com

O1 - Hosts: 15179 more lines...

O2:64bit: - BHO: (Messenger Plus! Community SmartbarEngine) - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - mscoree.dll File not found

O2:64bit: - BHO: (GBHO.BHO) - {45d30484-7ded-43d9-957a-d2fd1f046511} - mscoree.dll File not found

O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)

O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre8\bin\ssv.dll (Oracle Corporation)

O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)

O2:64bit: - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll (AnchorFree Inc.)

O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - D:\Programme\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)

O2 - BHO: (Messenger Plus! Community SmartbarEngine) - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - mscoree.dll File not found

O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)

O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL (Microsoft Corporation)

O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No CLSID value found.

O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)

O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL (Microsoft Corporation)

O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll File not found

O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O2 - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE.dll (AnchorFree Inc.)

O3:64bit: - HKLM\..\Toolbar: (Smart Recovery 2) - {1d09c093-f71e-43c3-b948-19316cbd695e} - mscoree.dll File not found

O3:64bit: - HKLM\..\Toolbar: (Messenger Plus! Community Smartbar) - {ae07101b-46d4-4a98-af68-0333ea26e113} - mscoree.dll File not found

O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - D:\Programme\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)

O3 - HKLM\..\Toolbar: (Messenger Plus! Community Smartbar) - {ae07101b-46d4-4a98-af68-0333ea26e113} - mscoree.dll File not found

O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O4:64bit: - HKLM..\Run: [RtHDVBg_DTS] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)

O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)

O4 - HKLM..\Run: []  File not found

O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)

O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)

O4 - HKLM..\Run: [Razer Naga Driver] C:\Program Files (x86)\Razer\Naga\RazerNagaSysTray.exe (Razer USA Ltd)

O4 - HKLM..\Run: [Windows Firewall] C:\Users\XXXXX\AppData\Roaming\WinHost\host.exe ()

O4 - HKCU..\Run: [ISUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup File not found

O4 - HKCU..\Run: [Windows Firewall] C:\Users\XXXXX\AppData\Roaming\WinHost\host.exe ()

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 24

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O8:64bit: - Extra context menu item: An OneNote s&enden - res://D:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 File not found

O8:64bit: - Extra context menu item: An vorhandene PDF-Datei anfügen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\XXXXX\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()

O8:64bit: - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\XXXXX\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()

O8:64bit: - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8:64bit: - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8:64bit: - Extra context menu item: Linkziel in Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://D:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 File not found

O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000 File not found

O8 - Extra context menu item: An OneNote s&enden - res://D:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 File not found

O8 - Extra context menu item: An vorhandene PDF-Datei anfügen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8 - Extra context menu item: Free YouTube Download - C:\Users\XXXXX\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()

O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\XXXXX\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()

O8 - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8 - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8 - Extra context menu item: Linkziel in Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://D:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 File not found

O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000 File not found

O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)

O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)

O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - Reg Error: Value error. File not found

O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)

O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)

O9 - Extra Button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe (ICQ, LLC.)

O9 - Extra 'Tools' menuitem : ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe (ICQ, LLC.)

O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)

O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)

O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)

O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)

O1364bit: - gopher Prefix: missing

O13 - gopher Prefix: missing

O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Vertrauenswürdige Sites)

O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Vertrauenswürdige Sites)

O15 - HKCU\..Trusted Domains: soe.com ([]* in Vertrauenswürdige Sites)

O15 - HKCU\..Trusted Domains: sony.com ([]* in Vertrauenswürdige Sites)

O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0-windows-i586.cab (Java Plug-in 11.0.0)

O16:64bit: - DPF: {CAFEEFAC-0018-0000-0000-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0-windows-i586.cab (Java Plug-in 1.8.0)

O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0-windows-i586.cab (Java Plug-in 1.8.0)

O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab (System Requirements Lab Class)

O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} hxxp://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab (NVIDIA Smart Scan)

O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.5.3.0.cab (SysInfo Class)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2EF43142-0B2B-4283-93BA-78CDB9D902B5}: DhcpNameServer = 192.168.0.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6411EDA3-9F69-4F69-9F21-A6F7CC902595}: DhcpNameServer = 7.254.254.254

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9FE850AE-F5C7-4C64-B4BE-90543C09B9DB}: DhcpNameServer = 192.168.0.1

O18:64bit: - Protocol\Handler\livecall - No CLSID value found

O18:64bit: - Protocol\Handler\ms-help - No CLSID value found

O18:64bit: - Protocol\Handler\msnim - No CLSID value found

O18:64bit: - Protocol\Handler\skype4com - No CLSID value found

O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found

O18:64bit: - Protocol\Handler\wlpg - No CLSID value found

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)

O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found

O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found

O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found

O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)

O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found

O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found

O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) -  File not found

O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) -  File not found

O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found

O20 - HKLM Winlogon: Shell - (explorer.exe) -  File not found

O20 - HKLM Winlogon: UserInit - (userinit.exe) -  File not found

O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) -  File not found

O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found

O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) -  File not found

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)

O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL (Microsoft Corporation)

O29:64bit: - HKLM SecurityProviders - (credssp.dll) -  File not found

O29 - HKLM SecurityProviders - (credssp.dll) -  File not found

O32 - HKLM CDRom: AutoRun - 1

O33 - MountPoints2\{0e13d570-c279-11df-86f5-6cf049e33371}\Shell - "" = AutoRun

O33 - MountPoints2\{0e13d570-c279-11df-86f5-6cf049e33371}\Shell\AutoRun\command - "" = G:\SETUP.EXE

O33 - MountPoints2\{6dece52f-bc2d-11df-8579-6cf049e33371}\Shell - "" = AutoRun

O33 - MountPoints2\{6dece52f-bc2d-11df-8579-6cf049e33371}\Shell\AutoRun\command - "" = G:\autorun.exe

O34 - HKLM BootExecute: (autocheck autochk *)

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2012.04.28 18:10:37 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\XXXXX\Desktop\OTL.exe

[2012.04.28 18:03:32 | 002,322,184 | ---- | C] (ESET) -- C:\Users\XXXXX\Desktop\esetsmartinstaller_deu.exe

[2012.04.28 18:01:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET

[2012.04.28 14:19:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware

[2012.04.28 14:19:18 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys

[2012.04.28 14:19:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware

[2012.04.27 20:00:08 | 000,000,000 | ---D | C] -- C:\Users\XXXXX\AppData\Local\{FFF6B359-C324-42A5-859E-41D6056B63FB}

[2012.04.27 19:59:56 | 000,000,000 | ---D | C] -- C:\Users\XXXXX\AppData\Local\{3357BFEE-7A17-47AC-BC98-E4FCE21CB4CE}

[2012.04.27 09:15:15 | 000,000,000 | ---D | C] -- C:\ProgramData\hssff

[2012.04.26 09:17:14 | 000,000,000 | ---D | C] -- C:\Users\XXXXX\AppData\Roaming\.minecraft

[2012.04.26 00:26:39 | 000,000,000 | ---D | C] -- C:\Users\XXXXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft Cracked

[2012.04.26 00:09:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Hotspot Shield

[2012.04.26 00:09:24 | 000,000,000 | ---D | C] -- C:\Hotspot Shield

[2012.04.26 00:09:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotspot Shield

[2012.04.26 00:08:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hotspot Shield

[2012.04.24 17:57:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Nexon

[2012.04.24 17:55:44 | 000,000,000 | ---D | C] -- C:\Users\XXXXX\Documents\Vindictus EU

[2012.04.24 17:54:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexon

[2012.04.24 17:54:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BandiMPEG1

[2012.04.24 17:52:57 | 000,000,000 | ---D | C] -- C:\ProgramData\NexonEU

[2012.04.24 17:16:17 | 000,000,000 | ---D | C] -- C:\Download

[2012.04.24 17:15:36 | 000,000,000 | ---D | C] -- C:\Nexon

[2012.04.24 17:15:35 | 000,446,464 | ---- | C] (NEXON Inc.) -- C:\Windows\NEXON_EU_DownloaderUpdater.exe

[2012.04.21 13:30:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth

[2012.04.20 17:16:05 | 000,000,000 | ---D | C] -- C:\Users\XXXXX\Documents\Diablo III

[2012.04.19 18:56:24 | 000,000,000 | ---D | C] -- C:\Users\XXXXX\AppData\Local\{20170289-CD8C-4FFC-8E0D-D9BA5277BAF6}

[2012.04.19 18:56:13 | 000,000,000 | ---D | C] -- C:\Users\XXXXX\AppData\Local\{1A7178CA-6B8D-4B9E-B259-7A108F17F18F}

[2012.04.18 21:19:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hi-Rez Studios

[2012.04.18 21:19:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Hi-Rez Studios

[2012.04.18 14:00:22 | 000,000,000 | ---D | C] -- C:\Users\XXXXX\AppData\Roaming\Malwarebytes

[2012.04.18 14:00:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2012.04.16 19:49:02 | 000,670,816 | ---- | C] (Wellbia.com Co., Ltd.) -- C:\Windows\SysWow64\xsherlock.xem

[2012.04.16 19:48:53 | 000,000,000 | ---D | C] -- C:\Users\XXXXX\Documents\C9

[2012.04.16 19:47:25 | 000,230,920 | ---- | C] (WEBZEN, INC.) -- C:\Windows\SysWow64\EPWZCmnCtrl.dll

[2012.04.16 19:47:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WEBZEN

[2012.04.16 19:47:18 | 000,000,000 | ---D | C] -- C:\ProgramData\WEBZEN

[2012.04.16 19:45:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\C9

[2012.04.14 18:25:52 | 000,000,000 | ---D | C] -- C:\Users\XXXXX\AppData\Roaming\TuneUp Software

[2012.04.14 18:24:44 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software

[2012.04.14 18:24:37 | 000,000,000 | -HSD | C] -- C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936}

[2012.04.14 18:24:37 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files

[2012.04.13 00:07:45 | 000,000,000 | ---D | C] -- C:\Users\XXXXX\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Facebook

[2012.04.13 00:07:38 | 000,000,000 | ---D | C] -- C:\Users\XXXXX\AppData\Local\Facebook

[2012.04.11 17:40:28 | 000,056,832 | ---- | C] (AnchorFree Inc.) -- C:\Windows\SysNative\drivers\HssDrv.sys

[2012.04.10 23:46:17 | 002,311,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll

[2012.04.10 23:46:17 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll

[2012.04.10 23:46:17 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll

[2012.04.10 23:46:16 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl

[2012.04.10 23:46:16 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl

[2012.04.10 23:46:16 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll

[2012.04.10 23:46:16 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll

[2012.04.10 23:46:16 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll

[2012.04.10 23:46:16 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll

[2012.04.10 23:46:16 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll

[2012.04.10 23:46:16 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll

[2012.04.10 23:46:08 | 005,559,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe

[2012.04.10 23:46:08 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe

[2012.04.10 23:46:08 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe

[2012.04.10 23:43:47 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll

[2012.04.10 23:43:47 | 000,023,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys

[2012.04.10 23:43:46 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll

[2012.04.09 21:02:30 | 025,720,128 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll

[2012.04.09 21:02:30 | 025,246,528 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll

[2012.04.09 21:02:30 | 019,584,320 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll

[2012.04.09 21:02:30 | 017,984,320 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll

[2012.04.09 21:02:30 | 017,551,680 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll

[2012.04.09 21:02:30 | 008,138,048 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll

[2012.04.09 21:02:30 | 005,981,504 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll

[2012.04.09 21:02:30 | 002,881,344 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll

[2012.04.09 21:02:30 | 002,681,152 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll

[2012.04.09 21:02:30 | 002,524,992 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll

[2012.04.09 21:02:30 | 002,444,608 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll

[2012.04.09 21:02:30 | 000,818,496 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll

[2012.04.09 21:02:30 | 000,364,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdecodemft.dll

[2012.04.09 21:02:30 | 000,301,376 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvdecodemft.dll

[2012.04.09 21:02:30 | 000,246,592 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll

[2012.04.09 21:02:30 | 000,202,048 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll

[2012.04.06 20:15:10 | 000,038,632 | ---- | C] (AnchorFree Inc) -- C:\Windows\SysNative\drivers\taphss.sys

[2012.04.04 00:00:13 | 000,000,000 | ---D | C] -- C:\Users\XXXXX\AppData\Local\Smartbar

[2012.04.04 00:00:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Yuna Software

[2012.04.03 23:58:18 | 000,000,000 | ---D | C] -- C:\Users\XXXXX\AppData\Local\{44915BBA-A93C-4D9D-8F93-D33EFB0C99E5}

[2012.04.03 23:56:51 | 000,000,000 | ---D | C] -- C:\Windows\de

[2012.04.03 23:54:49 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live

[2012.04.03 23:52:00 | 000,000,000 | ---D | C] -- C:\Users\XXXXX\AppData\Local\{F534CB5C-8B96-438A-935B-E84F41D2787E}

[2012.04.01 20:30:28 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee

[2012.03.31 13:52:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM

[2012.03.31 13:51:01 | 002,605,400 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib.dll

[2012.03.31 13:51:01 | 001,361,336 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\SysNative\tosade.dll

[2012.03.31 13:51:01 | 000,836,544 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\SysNative\tadefxapo264.dll

[2012.03.31 13:51:01 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll

[2012.03.31 13:51:01 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll

[2012.03.31 13:51:01 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll

[2012.03.31 13:51:01 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll

[2012.03.31 13:51:01 | 000,148,416 | ---- | C] (TOSHIBA Corporation) -- C:\Windows\SysNative\tadefxapo.dll

[2012.03.31 13:51:01 | 000,065,944 | ---- | C] (TOSHIBA CORPORATION.) -- C:\Windows\SysNative\tepeqapo64.dll

[2012.03.31 13:51:00 | 003,608,680 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkAPO64.dll

[2012.03.31 13:51:00 | 002,886,656 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoRes64.dat

[2012.03.31 13:51:00 | 002,670,696 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtPgEx64.dll

[2012.03.31 13:51:00 | 001,560,168 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTSnMg64.cpl

[2012.03.31 13:51:00 | 001,251,432 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTCOM64.dll

[2012.03.31 13:51:00 | 000,824,424 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkApi64.dll

[2012.03.31 13:51:00 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll

[2012.03.31 13:51:00 | 000,331,880 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtlCPAPI64.dll

[2012.03.31 13:51:00 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll

[2012.03.31 13:51:00 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll

[2012.03.31 13:51:00 | 000,221,024 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFNHK64.dll

[2012.03.31 13:51:00 | 000,220,776 | ---- | C] (Sony Corporation) -- C:\Windows\SysNative\SFSS_APO.dll

[2012.03.31 13:51:00 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll

[2012.03.31 13:51:00 | 000,149,608 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCfg64.dll

[2012.03.31 13:51:00 | 000,102,504 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoInstII64.dll

[2012.03.31 13:51:00 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll

[2012.03.31 13:51:00 | 000,081,248 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFCOM64.dll

[2012.03.31 13:51:00 | 000,078,688 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFAPO64.dll

[2012.03.31 13:51:00 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll

[2012.03.31 13:51:00 | 000,074,064 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysWow64\SFCOM.dll

[2012.03.31 13:51:00 | 000,014,952 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCoLDR64.dll

[2012.03.31 13:50:59 | 008,363,864 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek.dll

[2012.03.31 13:50:59 | 007,163,744 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEP64A.dll

[2012.03.31 13:50:59 | 002,131,288 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ.dll

[2012.03.31 13:50:59 | 001,247,576 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek264.dll

[2012.03.31 13:50:59 | 000,978,776 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPOShell64.dll

[2012.03.31 13:50:59 | 000,603,984 | ---- | C] (Knowles Acoustics ) -- C:\Windows\SysNative\KAAPORT64.dll

[2012.03.31 13:50:59 | 000,433,504 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EED64A.dll

[2012.03.31 13:50:59 | 000,396,632 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxVolumeSDAPO.dll

[2012.03.31 13:50:59 | 000,341,336 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO30.dll

[2012.03.31 13:50:59 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll

[2012.03.31 13:50:59 | 000,137,056 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEL64A.dll

[2012.03.31 13:50:59 | 000,120,160 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEA64A.dll

[2012.03.31 13:50:59 | 000,075,104 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEG64A.dll

[2012.03.31 13:50:57 | 002,528,832 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll

[2012.03.31 13:50:57 | 000,693,352 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSVoiceClarityDLL64.dll

[2012.03.31 13:50:57 | 000,449,392 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSU2PREC64.dll

[2012.03.31 13:50:56 | 001,756,264 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2SpeakerDLL64.dll

[2012.03.31 13:50:56 | 001,568,360 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2HeadphoneDLL64.dll

[2012.03.31 13:50:56 | 001,486,952 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBoostDLL64.dll

[2012.03.31 13:50:56 | 000,728,680 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBassEnhancementDLL64.dll

[2012.03.31 13:50:56 | 000,712,296 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSSymmetryDLL64.dll

[2012.03.31 13:50:56 | 000,537,456 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSU2PLFX64.dll

[2012.03.31 13:50:56 | 000,524,656 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSU2PGFX64.dll

[2012.03.31 13:50:56 | 000,491,112 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSNeoPCDLL64.dll

[2012.03.31 13:50:56 | 000,432,744 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLimiterDLL64.dll

[2012.03.31 13:50:56 | 000,428,648 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGainCompensatorDLL64.dll

[2012.03.31 13:50:56 | 000,242,792 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLFXAPO64.dll

[2012.03.31 13:50:56 | 000,242,792 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPO64.dll

[2012.03.31 13:50:56 | 000,241,768 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPONS64.dll

[2012.03.31 13:50:56 | 000,202,336 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAC64.dll

[2012.03.31 13:50:56 | 000,108,640 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAR64.dll

[2012.03.30 07:30:44 | 000,000,000 | ---D | C] -- C:\Program Files\Raxco

[2012.03.30 07:30:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Raxco

[2012.03.30 00:15:12 | 000,000,000 | ---D | C] -- C:\Users\XXXXX\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1

[2012.03.29 21:46:12 | 000,000,000 | ---D | C] -- C:\Users\XXXXX\AppData\Roaming\Auslogics

[2012.03.29 20:37:58 | 000,000,000 | ---D | C] -- C:\swsetup

[2012.03.29 20:33:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ASM104xUSB3

[2010.09.08 17:34:34 | 001,531,392 | ---- | C] (Toshiba Samsung Storage Technology Corporation) -- C:\Users\XXXXX\AppData\Roaming\tsdnwin.dll

[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[2 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]

[2 C:\Users\XXXXX\Desktop\*.tmp files -> C:\Users\XXXXX\Desktop\*.tmp -> ]

[15 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

[1 C:\Users\XXXXX\AppData\Roaming\*.tmp files -> C:\Users\XXXXX\AppData\Roaming\*.tmp -> ]

 
 ========== Files - Modified Within 30 Days ==========

 

[2012.04.28 18:12:00 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2049909741-599357140-3550662648-1001UA.job

[2012.04.28 18:10:38 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\XXXXX\Desktop\OTL.exe

[2012.04.28 18:10:14 | 000,001,114 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2012.04.28 18:08:23 | 000,101,782 | -H-- | M] () -- C:\Users\XXXXX\AppData\Roaming\XXXXXlog.dat

[2012.04.28 18:03:33 | 002,322,184 | ---- | M] (ESET) -- C:\Users\XXXXX\Desktop\esetsmartinstaller_deu.exe

[2012.04.28 17:48:02 | 000,001,132 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2049909741-599357140-3550662648-1001UA.job

[2012.04.28 17:48:02 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job

[2012.04.28 17:29:04 | 000,283,304 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr

[2012.04.28 17:29:04 | 000,283,304 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe

[2012.04.28 17:20:57 | 000,283,304 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0

[2012.04.28 16:05:33 | 000,023,040 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2012.04.28 16:05:33 | 000,023,040 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2012.04.28 15:58:47 | 000,000,206 | ---- | M] () -- C:\Windows\tasks\AutoKMS.job

[2012.04.28 15:58:44 | 000,000,202 | ---- | M] () -- C:\Windows\tasks\AutoKMSDaily.job

[2012.04.28 15:58:17 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2012.04.28 15:57:43 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl

[2012.04.28 15:57:12 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2012.04.28 15:56:59 | 4276,682,750 | -HS- | M] () -- C:\hiberfil.sys

[2012.04.28 14:19:19 | 000,001,148 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

[2012.04.28 01:48:01 | 000,001,080 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2049909741-599357140-3550662648-1001Core.job

[2012.04.28 00:12:00 | 000,000,918 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2049909741-599357140-3550662648-1001Core.job

[2012.04.27 21:04:44 | 002,100,957 | ---- | M] () -- C:\Users\XXXXX\Desktop\iCraft nein danke.png

[2012.04.27 17:37:44 | 733,308,928 | ---- | M] () -- C:\Users\XXXXX\Desktop\One.United.Power.-.Berlin.2011.DVDRip.XviD-AEROHOLiCS.avi

[2012.04.26 00:10:04 | 000,001,183 | ---- | M] () -- C:\Users\Public\Desktop\Hotspot Shield Launch.lnk

[2012.04.25 07:33:43 | 000,440,865 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts

[2012.04.24 17:54:11 | 000,000,187 | ---- | M] () -- C:\Users\Public\Desktop\Vindictus EU.url

[2012.04.24 17:51:34 | 002,015,458 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

[2012.04.24 17:51:34 | 000,839,424 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat

[2012.04.24 17:51:34 | 000,793,986 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

[2012.04.24 17:51:34 | 000,202,634 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat

[2012.04.24 17:51:34 | 000,175,660 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

[2012.04.24 17:15:36 | 000,000,235 | ---- | M] () -- C:\Windows\SysWow64\nxEuUninstall.bat

[2012.04.24 17:15:35 | 000,446,464 | ---- | M] (NEXON Inc.) -- C:\Windows\NEXON_EU_DownloaderUpdater.exe

[2012.04.19 01:42:11 | 000,426,144 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe

[2012.04.19 01:42:11 | 000,070,304 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

[2012.04.18 00:30:14 | 000,440,865 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20120425-073343.backup

[2012.04.17 23:49:59 | 000,670,816 | ---- | M] (Wellbia.com Co., Ltd.) -- C:\Windows\SysWow64\xsherlock.xem

[2012.04.11 17:40:28 | 000,056,832 | ---- | M] (AnchorFree Inc.) -- C:\Windows\SysNative\drivers\HssDrv.sys

[2012.04.11 00:30:13 | 000,440,865 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20120418-003013.backup

[2012.04.09 21:09:49 | 000,000,045 | ---- | M] () -- C:\Windows\SysWow64\initdebug.nfo

[2012.04.06 20:15:10 | 000,038,632 | ---- | M] (AnchorFree Inc) -- C:\Windows\SysNative\drivers\taphss.sys

[2012.04.05 17:42:39 | 000,076,888 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe

[2012.04.04 15:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys

[2012.04.04 07:15:01 | 000,440,865 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20120411-003013.backup

[2012.04.03 19:18:00 | 025,720,128 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll

[2012.04.03 19:18:00 | 025,246,528 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll

[2012.04.03 19:18:00 | 019,584,320 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll

[2012.04.03 19:18:00 | 017,984,320 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll

[2012.04.03 19:18:00 | 017,551,680 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll

[2012.04.03 19:18:00 | 015,279,424 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll

[2012.04.03 19:18:00 | 010,102,592 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll

[2012.04.03 19:18:00 | 008,138,048 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll

[2012.04.03 19:18:00 | 008,029,504 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll

[2012.04.03 19:18:00 | 005,981,504 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll

[2012.04.03 19:18:00 | 002,881,344 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll

[2012.04.03 19:18:00 | 002,740,544 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll

[2012.04.03 19:18:00 | 002,681,152 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll

[2012.04.03 19:18:00 | 002,524,992 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll

[2012.04.03 19:18:00 | 002,444,608 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll

[2012.04.03 19:18:00 | 002,367,808 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll

[2012.04.03 19:18:00 | 001,738,048 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco64.dll

[2012.04.03 19:18:00 | 001,466,176 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvgenco64.dll

[2012.04.03 19:18:00 | 000,948,544 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvumdshimx.dll

[2012.04.03 19:18:00 | 000,818,496 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll

[2012.04.03 19:18:00 | 000,364,352 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdecodemft.dll

[2012.04.03 19:18:00 | 000,301,376 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvdecodemft.dll

[2012.04.03 19:18:00 | 000,246,592 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll

[2012.04.03 19:18:00 | 000,202,048 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll

[2012.04.03 19:18:00 | 000,068,928 | ---- | M] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll

[2012.04.03 19:18:00 | 000,061,248 | ---- | M] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll

[2012.04.03 19:18:00 | 000,014,252 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb

[2012.04.03 15:19:14 | 000,118,080 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll

[2012.04.03 15:19:13 | 002,561,856 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll

[2012.04.03 15:19:12 | 002,553,991 | ---- | M] () -- C:\Windows\SysNative\nvcoproc.bin

[2012.04.03 15:19:12 | 000,063,296 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll

[2012.04.03 15:19:00 | 003,149,632 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll

[2012.04.03 15:15:00 | 006,122,816 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll

[2012.04.03 07:16:04 | 000,423,744 | ---- | M] () -- C:\Windows\SysWow64\nvStreaming.exe

[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[2 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]

[2 C:\Users\XXXXX\Desktop\*.tmp files -> C:\Users\XXXXX\Desktop\*.tmp -> ]

[15 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

[1 C:\Users\XXXXX\AppData\Roaming\*.tmp files -> C:\Users\XXXXX\AppData\Roaming\*.tmp -> ]

 
 ========== Files Created - No Company Name ==========

 

[2012.04.28 14:19:19 | 000,001,148 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

[2012.04.27 21:04:12 | 002,100,957 | ---- | C] () -- C:\Users\XXXXX\Desktop\iCraft nein danke.png

[2012.04.27 17:32:40 | 733,308,928 | ---- | C] () -- C:\Users\XXXXX\Desktop\One.United.Power.-.Berlin.2011.DVDRip.XviD-AEROHOLiCS.avi

[2012.04.26 00:10:04 | 000,001,183 | ---- | C] () -- C:\Users\Public\Desktop\Hotspot Shield Launch.lnk

[2012.04.24 17:54:11 | 000,000,187 | ---- | C] () -- C:\Users\Public\Desktop\Vindictus EU.url

[2012.04.24 17:15:36 | 000,000,235 | ---- | C] () -- C:\Windows\SysWow64\nxEuUninstall.bat

[2012.04.13 00:07:39 | 000,000,940 | ---- | C] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2049909741-599357140-3550662648-1001UA.job

[2012.04.13 00:07:39 | 000,000,918 | ---- | C] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2049909741-599357140-3550662648-1001Core.job

[2012.04.03 07:16:04 | 000,423,744 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe

[2012.03.31 13:51:00 | 000,272,629 | ---- | C] () -- C:\Windows\SysNative\drivers\RTAIODAT.DAT

[2012.02.22 15:49:14 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini

[2012.02.18 01:23:32 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll

[2011.12.30 03:15:10 | 000,000,258 | ---- | C] () -- C:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini

[2011.12.24 00:37:47 | 000,021,840 | ---- | C] () -- C:\Windows\SysWow64\SIntfNT.dll

[2011.12.24 00:37:47 | 000,017,212 | ---- | C] () -- C:\Windows\SysWow64\SIntf32.dll

[2011.12.24 00:37:47 | 000,012,067 | ---- | C] () -- C:\Windows\SysWow64\SIntf16.dll

[2011.11.29 00:41:54 | 000,000,440 | ---- | C] () -- C:\Windows\ODBC.INI

[2011.11.07 20:10:33 | 000,000,021 | ---- | C] () -- C:\Windows\SurCode.INI

[2011.09.07 23:48:42 | 002,097,152 | ---- | C] () -- C:\Users\XXXXX\AppData\Roaming\AUTORUN.BIN

[2011.09.07 12:33:30 | 000,017,408 | ---- | C] () -- C:\Users\XXXXX\AppData\Local\WebpageIcons.db

[2011.08.31 15:03:14 | 000,000,193 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc

[2011.08.17 13:43:02 | 000,472,064 | ---- | C] () -- C:\Windows\SysWow64\NTFSFormat.dll

[2011.08.17 13:43:02 | 000,225,280 | ---- | C] () -- C:\Windows\SysWow64\BootMan.exe

[2011.08.17 13:43:02 | 000,180,736 | ---- | C] () -- C:\Windows\SysWow64\DeviceManager.dll

[2011.08.17 13:43:02 | 000,139,776 | ---- | C] () -- C:\Windows\SysWow64\NTFSCopy.dll

[2011.08.17 13:43:02 | 000,093,184 | ---- | C] () -- C:\Windows\SysWow64\Partition.dll

[2011.08.17 13:43:02 | 000,086,528 | ---- | C] () -- C:\Windows\SysWow64\NTFSLib.dll

[2011.08.17 13:43:02 | 000,086,408 | ---- | C] () -- C:\Windows\SysWow64\setupempdrv03.exe

[2011.08.17 13:43:02 | 000,086,016 | ---- | C] () -- C:\Windows\SysWow64\ResizeNTFS.dll

[2011.08.17 13:43:02 | 000,068,096 | ---- | C] () -- C:\Windows\SysWow64\Device.dll

[2011.08.17 13:43:02 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\FatCopy.dll

[2011.08.17 13:43:02 | 000,061,952 | ---- | C] () -- C:\Windows\SysWow64\FatResizeMove.dll

[2011.08.17 13:43:02 | 000,045,568 | ---- | C] () -- C:\Windows\SysWow64\FileSystemCheck.dll

[2011.08.17 13:43:02 | 000,031,744 | ---- | C] () -- C:\Windows\SysWow64\FatLib.dll

[2011.08.17 13:43:02 | 000,025,088 | ---- | C] () -- C:\Windows\SysWow64\FATFileSystemAnalyser.dll

[2011.08.17 13:43:02 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\NTFSFileSystemAnalyser.dll

[2011.08.17 13:43:02 | 000,022,016 | ---- | C] () -- C:\Windows\SysWow64\FatFormat.dll

[2011.08.17 13:43:02 | 000,021,504 | ---- | C] () -- C:\Windows\SysWow64\Fixup.dll

[2011.08.17 13:43:02 | 000,017,920 | ---- | C] () -- C:\Windows\SysWow64\SectorCopy.dll

[2011.08.17 13:43:02 | 000,014,848 | ---- | C] () -- C:\Windows\SysWow64\FileSystemAnalyser.dll

[2011.08.17 13:43:02 | 000,014,848 | ---- | C] () -- C:\Windows\SysWow64\EuEpmGdi.dll

[2011.08.17 13:43:02 | 000,010,752 | ---- | C] () -- C:\Windows\SysWow64\DeviceAdapter.dll

[2011.08.17 13:43:02 | 000,009,728 | ---- | C] () -- C:\Windows\SysWow64\epmntdrv.sys

[2011.08.17 13:43:02 | 000,006,656 | ---- | C] () -- C:\Windows\SysWow64\CallbackOperator.dll

[2011.08.17 13:43:02 | 000,003,072 | ---- | C] () -- C:\Windows\SysWow64\EuGdiDrv.sys

[2011.08.13 12:09:31 | 000,139,264 | ---- | C] () -- C:\Windows\SysWow64\ustor.dll

[2011.08.13 12:09:31 | 000,040,960 | ---- | C] () -- C:\Windows\SysWow64\UMonit.exe

[2011.08.13 12:09:29 | 000,001,371 | ---- | C] () -- C:\Windows\SysWow64\IconCfg0.ini

[2011.08.13 12:09:29 | 000,000,643 | ---- | C] () -- C:\Windows\SysWow64\ProductName.ini

[2011.08.06 13:01:40 | 001,071,408 | ---- | C] () -- C:\Windows\PE_File.dll

[2011.08.06 09:13:50 | 000,000,000 | ---- | C] () -- C:\Users\XXXXX\AppData\Local\{51064707-6EB5-4592-AD78-0E6936F088FB}

[2011.08.05 19:57:23 | 001,025,568 | ---- | C] () -- C:\Windows\PE_Rom.dll

[2011.08.05 19:46:17 | 000,094,208 | ---- | C] () -- C:\Windows\SysWow64\IccLibDll.dll

[2011.08.05 19:43:03 | 000,013,440 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys

[2011.08.05 19:43:00 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys

[2011.08.05 19:23:07 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini

[2011.08.05 19:23:03 | 000,024,463 | ---- | C] () -- C:\Windows\Ascd_tmp.ini

[2011.08.01 19:33:25 | 000,000,000 | ---- | C] () -- C:\Users\XXXXX\AppData\Local\{7D5A8522-28BB-4158-972F-D2447CAD81F2}

[2011.07.10 08:36:22 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\CmdLineExt03.dll

[2011.07.08 04:05:02 | 000,000,521 | ---- | C] () -- C:\Windows\eReg.dat

[2011.06.30 20:37:08 | 000,120,320 | ---- | C] () -- C:\Users\XXXXX\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2011.06.13 14:13:25 | 012,576,867 | ---- | C] () -- C:\Program Files (x86)\Z4[j5-1]vk-w.dat

[2011.06.09 16:22:28 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI

[2011.05.31 16:21:21 | 000,647,168 | ---- | C] () -- C:\Windows\AutoKMS.exe

[2011.05.31 16:21:21 | 000,000,184 | ---- | C] () -- C:\Windows\AutoKMS.ini

[2011.05.31 08:39:50 | 000,058,368 | ---- | C] () -- C:\Windows\SysWow64\bdmpegv.dll

[2011.05.31 08:38:18 | 000,015,360 | ---- | C] () -- C:\Windows\SysWow64\bdmjpeg.dll

[2011.05.20 12:00:29 | 000,002,172 | ---- | C] () -- C:\Windows\wininit.ini

[2011.05.06 18:01:41 | 000,000,000 | ---- | C] () -- C:\Users\XXXXX\AppData\Local\{D77741A0-939B-4C5D-AD64-9154E2381A7A}

[2011.04.12 20:37:06 | 000,000,219 | ---- | C] () -- C:\Windows\iepreview.ini

[2011.04.09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat

[2011.03.10 20:29:37 | 000,147,880 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat

[2011.02.22 22:25:26 | 000,283,304 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe

[2011.01.21 21:27:46 | 000,001,528 | ---- | C] () -- C:\Users\XXXXX\AppData\Local\RecConfig.xml

[2011.01.04 17:10:58 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe

[2011.01.04 17:10:56 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll

[2011.01.04 17:10:56 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll

[2011.01.04 17:10:56 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll

[2011.01.04 17:10:56 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll

[2010.12.04 13:03:26 | 000,021,504 | ---- | C] () -- C:\Windows\jestertb.dll

[2010.11.22 21:36:32 | 000,000,058 | ---- | C] () -- C:\Users\XXXXX\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat

[2010.10.22 09:58:15 | 000,000,096 | ---- | C] () -- C:\Users\XXXXX\AppData\Local\fusioncache.dat

[2010.10.01 21:08:24 | 002,601,752 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_moh.exe

[2010.10.01 20:57:57 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe

[2010.09.28 17:45:18 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat

[2010.09.19 19:10:39 | 000,100,352 | ---- | C] () -- C:\Windows\SysWow64\zlib1.dll

[2010.09.19 19:10:38 | 000,162,304 | ---- | C] () -- C:\Windows\SysWow64\libpng13.dll

[2010.09.19 19:10:37 | 001,202,763 | ---- | C] () -- C:\Windows\unins000.exe

[2010.09.19 19:10:37 | 000,394,752 | ---- | C] () -- C:\Windows\SysWow64\cygwinb19.dll

[2010.09.19 19:10:37 | 000,109,315 | ---- | C] () -- C:\Windows\unins000.dat

[2010.09.15 00:02:51 | 000,030,528 | ---- | C] () -- C:\Windows\GVTDrv64.sys

[2010.09.12 20:00:44 | 001,619,516 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

[2010.09.12 01:47:00 | 000,007,601 | ---- | C] () -- C:\Users\XXXXX\AppData\Local\Resmon.ResmonCfg

[2010.09.11 00:38:51 | 002,580,552 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe

[2010.09.11 00:38:51 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe

[2010.09.08 17:30:27 | 000,000,452 | ---- | C] () -- C:\Users\XXXXX\AppData\Roaming\SamsungLiveUpdateConfig.ini

[2010.09.08 16:41:03 | 000,000,037 | ---- | C] () -- C:\Windows\GSetup.ini

[2010.09.07 22:19:54 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat

[2010.08.03 07:21:24 | 000,014,464 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsUpIO.sys

[2010.06.21 05:38:36 | 000,007,764 | ---- | C] () -- C:\Windows\cadx2.ini

 
 ========== LOP Check ==========

 

[2012.04.28 00:29:49 | 000,000,000 | ---D | M] -- C:\Users\XXXXX\AppData\Roaming\.minecraft

[2010.09.08 16:11:10 | 000,000,000 | ---D | M] -- C:\Users\XXXXX\AppData\Roaming\Acreon

[2012.03.29 21:46:12 | 000,000,000 | ---D | M] -- C:\Users\XXXXX\AppData\Roaming\Auslogics

[2011.06.13 13:51:03 | 000,000,000 | ---D | M] -- C:\Users\XXXXX\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant

[2012.04.28 14:29:00 | 000,000,000 | ---D | M] -- C:\Users\XXXXX\AppData\Roaming\Dropbox

[2012.03.20 10:23:56 | 000,000,000 | ---D | M] -- C:\Users\XXXXX\AppData\Roaming\DVDVideoSoft

[2011.03.06 16:58:47 | 000,000,000 | ---D | M] -- C:\Users\XXXXX\AppData\Roaming\DVDVideoSoftIEHelpers

[2011.06.05 23:18:58 | 000,000,000 | ---D | M] -- C:\Users\XXXXX\AppData\Roaming\GetRightToGo

[2011.06.06 18:44:23 | 000,000,000 | ---D | M] -- C:\Users\XXXXX\AppData\Roaming\gtk-2.0

[2011.06.20 01:34:31 | 000,000,000 | ---D | M] -- C:\Users\XXXXX\AppData\Roaming\Hobbyist Software

[2012.02.28 19:39:51 | 000,000,000 | ---D | M] -- C:\Users\XXXXX\AppData\Roaming\ICQ

[2010.09.13 18:50:46 | 000,000,000 | ---D | M] -- C:\Users\XXXXX\AppData\Roaming\LolClient

[2011.06.26 13:35:38 | 000,000,000 | ---D | M] -- C:\Users\XXXXX\AppData\Roaming\MySQL-Front

[2011.10.21 10:53:51 | 000,000,000 | ---D | M] -- C:\Users\XXXXX\AppData\Roaming\Origin

[2011.11.07 20:10:33 | 000,000,000 | ---D | M] -- C:\Users\XXXXX\AppData\Roaming\PACE Anti-Piracy

[2011.08.10 17:51:39 | 000,000,000 | ---D | M] -- C:\Users\XXXXX\AppData\Roaming\PunkBuster

[2011.09.30 14:50:51 | 000,000,000 | ---D | M] -- C:\Users\XXXXX\AppData\Roaming\pymclevel

[2011.08.29 15:15:51 | 000,000,000 | ---D | M] -- C:\Users\XXXXX\AppData\Roaming\RayV

[2012.02.04 20:16:54 | 000,000,000 | ---D | M] -- C:\Users\XXXXX\AppData\Roaming\RIFT

[2012.04.17 00:38:45 | 000,000,000 | ---D | M] -- C:\Users\XXXXX\AppData\Roaming\Samsung

[2012.02.12 15:16:31 | 000,000,000 | ---D | M] -- C:\Users\XXXXX\AppData\Roaming\Shark007

[2011.04.02 02:37:02 | 000,000,000 | ---D | M] -- C:\Users\XXXXX\AppData\Roaming\Sony

[2012.01.02 15:40:56 | 000,000,000 | ---D | M] -- C:\Users\XXXXX\AppData\Roaming\SplitMediaLabs

[2012.03.30 00:15:12 | 000,000,000 | ---D | M] -- C:\Users\XXXXX\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1

[2011.04.02 03:04:00 | 000,000,000 | ---D | M] -- C:\Users\XXXXX\AppData\Roaming\TeamViewer

[2012.04.27 18:58:33 | 000,000,000 | ---D | M] -- C:\Users\XXXXX\AppData\Roaming\TS3Client

[2012.04.14 18:25:52 | 000,000,000 | ---D | M] -- C:\Users\XXXXX\AppData\Roaming\TuneUp Software

[2012.03.31 22:40:57 | 000,000,000 | ---D | M] -- C:\Users\XXXXX\AppData\Roaming\Tunngle

[2010.10.06 15:37:40 | 000,000,000 | ---D | M] -- C:\Users\XXXXX\AppData\Roaming\Windows Live Writer

[2006.06.15 10:02:11 | 000,000,000 | RHSD | M] -- C:\Users\XXXXX\AppData\Roaming\WinHost

[2012.04.28 15:58:47 | 000,000,206 | ---- | M] () -- C:\Windows\Tasks\AutoKMS.job

[2012.04.28 15:58:44 | 000,000,202 | ---- | M] () -- C:\Windows\Tasks\AutoKMSDaily.job

[2012.04.28 00:12:00 | 000,000,918 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2049909741-599357140-3550662648-1001Core.job

[2012.04.28 18:12:00 | 000,000,940 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2049909741-599357140-3550662648-1001UA.job

[2012.03.30 21:55:11 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

 
 ========== Purity Check ==========

 

 

 
 ========== Alternate Data Streams ==========

 

@Alternate Data Stream - 1200 bytes -> C:\ProgramData\Microsoft:9pUiWAEWbR4RMfdNvtLfwo3

@Alternate Data Stream - 1197 bytes -> C:\Program Files\Common Files\Microsoft Shared:Hetsvm6RCmiVesRkj7Q3yS

@Alternate Data Stream - 1102 bytes -> C:\ProgramData\Microsoft:eJu0bBOaDmqCSGWUW

@Alternate Data Stream - 1070 bytes -> C:\Program Files\Common Files\System:9IPoWJ5iQohpfhakT4t7n2PVSO

@Alternate Data Stream - 1056 bytes -> C:\ProgramData\Temp:966F7784
 

< End of report >