Trojaner-Board
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Internetsicherheitseinstellungen (https://www.trojaner-board.de/92189-internetsicherheitseinstellungen.html)

michaelddd1 25.10.2010 14:52
Internetsicherheitseinstellungen
 
Hallo
ich habe seid 3 tagen das problem das ich viele dienste unter windows nicht mehr ausführen kann wie z.B. das auswählen vom aufnahmemous
ind der Lautsrärkeregelung (unten rechts das icon) es erscheint jedesmal eine meldung http://yfrog.com/1r41639008j
die internetsicherheitseinstellungen herunterzuschreuben bringt leider auch nichts
außerdem problem nummer 2 ist das die minamal anwendungen nicht richtig angezeigt werden
ich benutze windows 7
ich habe 2 mal mit malwarebytes geprüft

Zitat:
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Datenbank Version: 4893

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

20.10.2010 21:30:56
mbam-log-2010-10-20 (21-30-56).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|K:\|)
Durchsuchte Objekte: 391406
Laufzeit: 2 Stunde(n), 42 Minute(n), 35 Sekunde(n)

Infizierte Speicherprozesse: 3
Infizierte Speichermodule: 1
Infizierte Registrierungsschlüssel: 4
Infizierte Registrierungswerte: 4
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 21

Infizierte Speicherprozesse:
C:\Windows\Ckifoa.exe (Rootkit.TDSS) -> Unloaded process successfully.
C:\Users\Michael\AppData\Local\Temp\Chi.exe (Rootkit.TDSS) -> Unloaded process successfully.
C:\Users\Michael\AppData\Local\Temp\Chh.exe (Rootkit.TDSS) -> Unloaded process successfully.

Infizierte Speichermodule:
C:\Windows\System32\sshnas21.dll (Rootkit.TDSS) -> Delete on reboot.

Infizierte Registrierungsschlüssel:
HKEY_CLASSES_ROOT\CLSID\{01398b87-61af-4ffb-9ab5-1a1c5fb39a9c} (Adware.WidgiToolbar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{01398b87-61af-4ffb-9ab5-1a1c5fb39a9c} (Adware.WidgiToolbar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{01398b87-61af-4ffb-9ab5-1a1c5fb39a9c} (Adware.WidgiToolbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{01398b87-61af-4ffb-9ab5-1a1c5fb39a9c} (Adware.WidgiToolbar) -> Quarantined and deleted successfully.

Infizierte Registrierungswerte:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\metropolis (Rootkit.TDSS) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\koo9rv9k4z (Rootkit.TDSS) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\Program Files (x86)\Dealio Toolbar\FF\components\dealioToolbarFF.dll (Adware.WidgiToolbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{01398b87-61af-4ffb-9ab5-1a1c5fb39a9c} (Adware.WidgiToolbar) -> Quarantined and deleted successfully.

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
C:\Windows\System32\sshnas21.dll (Rootkit.TDSS) -> Delete on reboot.
C:\Windows\Ckifoa.exe (Rootkit.TDSS) -> Quarantined and deleted successfully.
C:\Users\Hansi\AppData\Local\Temp\Chi.exe (Rootkit.TDSS) -> Delete on reboot.
C:\Users\Hansi\AppData\Local\Temp\Chh.exe (Rootkit.TDSS) -> Delete on reboot.
C:\Program Files (x86)\Dealio Toolbar\WidgiHelper.exe (Adware.WidgiToolbar) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Dealio Toolbar\FF\components\dealioToolbarFF.dll (Adware.WidgiToolbar) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Dealio Toolbar\IE\4.0.2\dealioToolbarIE.dll (Adware.WidgiToolbar) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\ubiorbitapi_r2.dll (Trojan.Agent.CK) -> Quarantined and deleted successfully.
C:\Users\Hansi\AppData\Local\Temp\Chf.exe (Rootkit.TDSS) -> Quarantined and deleted successfully.
C:\Users\Hansi\AppData\Local\Temp\Chg.exe (Rootkit.TDSS) -> Quarantined and deleted successfully.
C:\Users\Hansi\AppData\Local\Temp\Chj.exe (Rootkit.TDSS) -> Quarantined and deleted successfully.
C:\Users\Hansi\AppData\Local\Temp\Chk.exe (Rootkit.TDSS) -> Quarantined and deleted successfully.
C:\Users\Hansi\AppData\Local\Temp\Chl.exe (Rootkit.TDSS) -> Quarantined and deleted successfully.
C:\Users\Hansi\AppData\Local\Temp\Chm.exe (Rootkit.TDSS) -> Quarantined and deleted successfully.
C:\Users\Hansi\AppData\Local\Temp\Chn.exe (Rootkit.TDSS) -> Quarantined and deleted successfully.
C:\Users\Hansi\AppData\Local\Temp\Cho.exe (Rootkit.TDSS) -> Quarantined and deleted successfully.
C:\Users\Hansi\AppData\Local\Temp\Chp.exe (Rootkit.TDSS) -> Quarantined and deleted successfully.
C:\Users\Hansi\AppData\Local\Temp\Chq.exe (Rootkit.TDSS) -> Quarantined and deleted successfully.
C:\Users\Hansi\AppData\Local\Temp\sshnas21.dll (Rootkit.TDSS) -> Quarantined and deleted successfully.
C:\Windows\SysWOW64\sshnas21.dll (Rootkit.TDSS) -> Delete on reboot.
D:\desktop 12312\schule\Neuer Ordner\***.exe (Application.FindKey) -> Quarantined and deleted successfully.
Zitat:
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Datenbank Version: 4893

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

21.10.2010 14:45:44
mbam-log-2010-10-21 (14-45-44).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Durchsuchte Objekte: 452865
Laufzeit: 1 Stunde(n), 21 Minute(n), 23 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 3
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 3

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
HKEY_CURRENT_USER\SOFTWARE\NtWqIVLZEWZU (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\KOO9RV9K4Z (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> Quarantined and deleted successfully.

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
C:\Windows\Tasks\{BBAEAEAF-1275-40e2-BD6C-BC8F88BD114A}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Windows\Tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Windows\Tasks\{62C40AA6-4406-467a-A5A5-DFDF1B559B7A}.job (Trojan.FakeAlert) -> Quarantined and deleted successfully.

cosinus 25.10.2010 19:50
Zitat:
D:\desktop 12312\schule\Neuer Ordner\***.exe (Application.FindKey) -> Quarantined and deleted successfully.
Was wurde da zensiert?

michaelddd1 25.10.2010 20:01
nur ein key changer für warcraft 3 hatte den vor jahren mal benutzt hatte die cd kaputt und hab dann von einer anderen version den key auf mienen original key geändert also wenn dann hätte der schon vor 3 jahren was gemacht

cosinus 25.10.2010 20:04
Systemscan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Doppelklick auf die OTL.exe
  • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles hier in den Thread.

michaelddd1 25.10.2010 20:17
so der otl scan
OTL Logfile:
Code:
OTL logfile created on: 25.10.2010 21:12:35 - Run 1
OTL by OldTimer - Version 3.2.17.1    Folder = C:\Users\Michael\Downloads
64bit- Ultimate Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 45,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 73,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 48,83 Gb Total Space | 2,61 Gb Free Space | 5,34% Space Free | Partition Type: NTFS
Drive D: | 184,04 Gb Total Space | 44,76 Gb Free Space | 24,32% Space Free | Partition Type: NTFS
 
Computer Name: MICHAEL-PC | User Name: Michael | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Michael\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Mozilla Messaging)
PRC - C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
PRC - C:\Programme\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files (x86)\ICQ7.1\ICQ.exe (ICQ, LLC.)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - c:\program files (x86)\warcraft iii\war3.exe (Blizzard Entertainment)
PRC - C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe (Spigot, Inc.)
PRC - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe ()
PRC - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
PRC - C:\Windows\SysWOW64\vmnetdhcp.exe (VMware, Inc.)
PRC - D:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe (VMware, Inc.)
PRC - C:\Windows\SysWOW64\vmnat.exe (VMware, Inc.)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\Michael\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - (VMware NAT Service) -- C:\Windows\SysNative\vmnat.exe File not found
SRV:64bit: - (VMnetDHCP) -- C:\Windows\SysNative\vmnetdhcp.exe File not found
SRV:64bit: - (avast! Web Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV:64bit: - (avast! Mail Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV:64bit: - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (ServiceLayer) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (Application Updater) -- C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe (Spigot, Inc.)
SRV - (Nero BackItUp Scheduler 4.0) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (VMnetDHCP) -- C:\Windows\SysWOW64\vmnetdhcp.exe (VMware, Inc.)
SRV - (VMAuthdService) -- D:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe (VMware, Inc.)
SRV - (VMware NAT Service) -- C:\Windows\SysWOW64\vmnat.exe (VMware, Inc.)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions)
DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys ()
DRV:64bit: - (nmwcdx64) -- C:\Windows\SysNative\drivers\ccdcmbx64.sys (Nokia)
DRV:64bit: - (UsbserFilt) -- C:\Windows\SysNative\drivers\usbser_lowerfltx64j.sys (Nokia)
DRV:64bit: - (nmwcdcx64) -- C:\Windows\SysNative\drivers\ccdcmbox64.sys (Nokia)
DRV:64bit: - (upperdev) -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys (Nokia)
DRV:64bit: - (ggsemc) -- C:\Windows\SysNative\drivers\ggsemc.sys (Sony Ericsson Mobile Communications)
DRV:64bit: - (ggflt) -- C:\Windows\SysNative\drivers\ggflt.sys (Sony Ericsson Mobile Communications)
DRV:64bit: - (tbhsd) -- C:\Windows\SysNative\drivers\tbhsd.sys (RapidSolution Software AG)
DRV:64bit: - (RRNetCapMP) -- C:\Windows\SysNative\drivers\rrnetcap.sys (RapidSolution Software AG)
DRV:64bit: - (RRNetCap) -- C:\Windows\SysNative\drivers\rrnetcap.sys (RapidSolution Software AG)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (usbser) -- C:\Windows\SysNative\drivers\usbser.sys (Microsoft Corporation)
DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof ()
DRV:64bit: - (NVENETFD) -- C:\Windows\SysNative\drivers\nvm62x64.sys (NVIDIA Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (vmx86) -- C:\Windows\SysNative\drivers\vmx86.sys (VMware, Inc.)
DRV:64bit: - (vmci) -- C:\Windows\SysNative\drivers\vmci.sys (VMware, Inc.)
DRV:64bit: - (VMnetuserif) -- C:\Windows\SysNative\drivers\vmnetuserif.sys (VMware, Inc.)
DRV:64bit: - (hcmon) -- C:\Windows\SysNative\drivers\hcmon.sys (VMware, Inc.)
DRV:64bit: - (vmkbd) -- C:\Windows\SysNative\drivers\VMkbd.sys (VMware, Inc.)
DRV:64bit: - (VMnetBridge) -- C:\Windows\SysNative\drivers\vmnetbridge.sys (VMware, Inc.)
DRV:64bit: - (VMnetAdapter) -- C:\Windows\SysNative\drivers\vmnetadapter.sys (VMware, Inc.)
DRV:64bit: - (pccsmcfd) -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys (Nokia)
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = ICQ.com Suche
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN, Messenger und Hotmail sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = D0 B5 79 D3 AA E7 CA 01  [binary data]
IE - HKCU\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files (x86)\Search Settings\SearchSettings.dll (Spigot, Inc.)
IE - HKCU\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 192.168.244.4:3128
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "AutoConfigURL" = file://C:/Users/Michael/Music/Temp/Tunebite/.downloading/profile/rrproxy_ie_4afae4f0.pac
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=867034"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://de.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:de:official"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1
FF - prefs.js..extensions.enabledItems: 6
FF - prefs.js..extensions.enabledItems: 2
FF - prefs.js..extensions.enabledItems: 49
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8
FF - prefs.js..extensions.enabledItems: {EEE6C361-6118-11DC-9C72-001320C79847}:1.0.0.10
FF - prefs.js..extensions.enabledItems: {888d99e7-e8b5-46a3-851e-1ec45da1e644}:4.0.0
FF - prefs.js..extensions.enabledItems: smarterwiki@wikiatic.com:4.1.7
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:2.7.2.0
FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.9.1.14019
FF - prefs.js..extensions.enabledItems: foxyMeter@tim-wood.net:0.5.0
FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:1.1.10
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=2.0.0.3&q="
FF - prefs.js..network.proxy.autoconfig_url: "file:///C:/Users/Michael/Music/Temp/Tunebite/.downloading/profile/rrproxy_ffox_4afefd82.pac"
FF - prefs.js..network.proxy.ftp: "192.168.244.4"
FF - prefs.js..network.proxy.ftp_port: 3128
FF - prefs.js..network.proxy.gopher: "192.168.244.4"
FF - prefs.js..network.proxy.gopher_port: 3128
FF - prefs.js..network.proxy.http: "192.168.244.4"
FF - prefs.js..network.proxy.http_port: 3128
FF - prefs.js..network.proxy.ssl: "192.168.244.4"
FF - prefs.js..network.proxy.ssl_port: 3128
FF - prefs.js..network.proxy.type: 4
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "chrome://browser-region/locale/region.properties"
 
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2010.04.08 23:42:42 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.11\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.10.20 22:59:55 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.11\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.10.20 22:59:55 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.5\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2010.10.22 15:53:54 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.5\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2010.07.06 17:32:36 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2010.04.08 23:42:42 | 000,000,000 | ---D | M]
 
[2010.01.07 23:21:10 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\mozilla\Extensions
[2010.01.07 23:21:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Michael\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2010.10.25 18:11:09 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\mozilla\Firefox\Profiles\uqihgmfi.default\extensions
[2010.05.23 19:11:50 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Michael\AppData\Roaming\mozilla\Firefox\Profiles\uqihgmfi.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010.08.25 22:27:17 | 000,000,000 | ---D | M] (DVDVideoSoftTB Toolbar) -- C:\Users\Michael\AppData\Roaming\mozilla\Firefox\Profiles\uqihgmfi.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2010.08.05 00:14:34 | 000,000,000 | ---D | M] (ReloadEvery) -- C:\Users\Michael\AppData\Roaming\mozilla\Firefox\Profiles\uqihgmfi.default\extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}
[2010.08.25 22:22:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Michael\AppData\Roaming\mozilla\Firefox\Profiles\uqihgmfi.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2010.08.05 00:14:35 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Michael\AppData\Roaming\mozilla\Firefox\Profiles\uqihgmfi.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010.08.18 22:32:32 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Michael\AppData\Roaming\mozilla\Firefox\Profiles\uqihgmfi.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010.09.26 19:55:49 | 000,000,000 | ---D | M] (DownThemAll!) -- C:\Users\Michael\AppData\Roaming\mozilla\Firefox\Profiles\uqihgmfi.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
[2009.11.25 16:07:43 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus(R))) -- C:\Users\Michael\AppData\Roaming\mozilla\Firefox\Profiles\uqihgmfi.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2010.03.10 23:07:00 | 000,000,000 | ---D | M] (SweetIM Toolbar for Firefox) -- C:\Users\Michael\AppData\Roaming\mozilla\Firefox\Profiles\uqihgmfi.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
[2010.09.24 18:33:33 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\mozilla\Firefox\Profiles\uqihgmfi.default\extensions\foxyMeter@tim-wood.net
[2010.09.25 16:45:41 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\mozilla\Firefox\Profiles\uqihgmfi.default\extensions\smarterwiki@wikiatic.com
[2010.10.15 17:22:17 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\mozilla\Firefox\Profiles\uqihgmfi.default\extensions\toolbar@ask.com
[2010.10.24 18:02:17 | 000,000,950 | ---- | M] () -- C:\Users\Michael\AppData\Roaming\Mozilla\FireFox\Profiles\uqihgmfi.default\searchplugins\icqplugin-1.xml
[2010.07.28 11:36:49 | 000,000,950 | ---- | M] () -- C:\Users\Michael\AppData\Roaming\Mozilla\FireFox\Profiles\uqihgmfi.default\searchplugins\icqplugin-2.xml
[2010.06.28 23:10:17 | 000,000,947 | ---- | M] () -- C:\Users\Michael\AppData\Roaming\Mozilla\FireFox\Profiles\uqihgmfi.default\searchplugins\icqplugin.xml
[2010.02.04 14:16:44 | 000,003,915 | ---- | M] () -- C:\Users\Michael\AppData\Roaming\Mozilla\FireFox\Profiles\uqihgmfi.default\searchplugins\sweetim.xml
[2010.10.25 18:11:09 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions
[2010.10.01 14:12:34 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010.10.01 14:12:28 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2009.12.21 07:47:02 | 000,063,488 | ---- | M] (Nullsoft) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2010.07.28 00:06:18 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.07.28 00:06:18 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2010.07.28 00:06:18 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.07.28 00:06:18 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.07.28 00:06:18 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O2 - BHO: (SearchSettings Class) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files (x86)\Search Settings\SearchSettings.dll (Spigot, Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EEE6C35B-6118-11DC-9C72-001320C79847} - No CLSID value found.
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NapsterShell] C:\Program Files (x86)\Napster\napster.exe (Napster)
O4 - HKCU..\Run: []  File not found
O4 - HKCU..\Run: [ICQ] C:\Program Files (x86)\ICQ7.1\ICQ.exe (ICQ, LLC.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Michael\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm ()
O8:64bit: - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Michael\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O8 - Extra context menu item: Free YouTube Download - C:\Users\Michael\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Michael\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O9 - Extra Button: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files (x86)\ICQ7.1\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files (x86)\ICQ7.1\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000011 - D:\Program Files (x86)\VMware\VMware Workstation\vsocklib.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000012 - D:\Program Files (x86)\VMware\VMware Workstation\vsocklib.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - D:\Program Files (x86)\VMware\VMware Workstation\vsocklib.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - D:\Program Files (x86)\VMware\VMware Workstation\vsocklib.dll File not found
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_04-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{c7e5b2ab-4c6a-11df-af08-005056c00008}\Shell - "" = AutoRun
O33 - MountPoints2\{c7e5b2ab-4c6a-11df-af08-005056c00008}\Shell\AutoRun\command - "" = I:\CDautorun.exe -- File not found
O33 - MountPoints2\{d919e3e9-b68e-11df-a938-005056c00008}\Shell - "" = AutoRun
O33 - MountPoints2\{d919e3e9-b68e-11df-a938-005056c00008}\Shell\AutoRun\command - "" = G:\Suppress_AutoRun.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.10.23 16:14:59 | 000,000,000 | ---D | C] -- C:\Users\Michael\Desktop\Neuer Ordner (8)
[2010.10.22 14:33:53 | 000,000,000 | ---D | C] -- C:\Users\Michael\Desktop\Neuer Ordner (6)
[2010.10.21 20:31:33 | 000,000,000 | ---D | C] -- C:\Users\Michael\Desktop\rock neu
[2010.10.20 18:46:53 | 000,000,000 | ---D | C] -- C:\Users\Michael\AppData\Roaming\Malwarebytes
[2010.10.20 18:46:29 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010.10.20 18:46:27 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010.10.20 18:46:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.10.20 18:46:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010.10.08 12:58:00 | 000,155,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\LMRT.dll
[2010.10.08 12:58:00 | 000,140,800 | ---- | C] (The Duck Corporation) -- C:\Windows\SysWow64\tm20dec.ax
[2010.10.08 12:58:00 | 000,038,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\LMRTREND.dll
[2010.10.08 12:57:59 | 000,217,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\strmdll.dll
[2010.10.08 12:57:59 | 000,182,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxtmsft3.dll
[2010.10.08 12:57:59 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\unam4ie.exe
[2010.10.08 12:57:58 | 001,088,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\danim.dll
[2010.10.08 12:57:58 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mciqtz.drv
[2010.10.08 12:57:57 | 000,194,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qcut.dll
[2010.10.08 12:57:57 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\w95inf32.dll
[2010.10.08 12:57:57 | 000,002,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\w95inf16.dll
[2010.10.08 12:33:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LEGO Media
[2010.10.08 12:33:35 | 000,328,704 | ---- | C] (InstallShield Software Corporation ) -- C:\Windows\IsUn0407.exe
[2010.10.08 09:48:48 | 000,000,000 | ---D | C] -- C:\Users\Michael\AppData\Local\AOL
[2010.10.07 23:06:54 | 000,000,000 | ---D | C] -- C:\Programme\Defraggler
[2010.10.07 23:06:35 | 004,236,112 | ---- | C] (Piriform Ltd) -- C:\Users\Michael\Desktop\dfsetup121.exe
[2010.10.06 20:16:45 | 000,000,000 | ---D | C] -- C:\Users\Michael\Desktop\Neuer Ordner (10)
[2010.10.06 20:04:52 | 000,000,000 | ---D | C] -- C:\Users\Michael\AppData\Local\DVDVideoSoft_Ltd
[2010.10.06 19:18:27 | 000,000,000 | ---D | C] -- C:\Users\Michael\Documents\Freemake
[2010.10.06 19:18:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Freemake
[2010.10.06 19:18:11 | 000,000,000 | ---D | C] -- C:\Users\Michael\AppData\Roaming\DVDVideoSoft
[2010.10.06 19:12:25 | 000,000,000 | ---D | C] -- C:\Users\Michael\AppData\Roaming\AVS4YOU
[2010.10.06 19:11:40 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3a.dll
[2010.10.06 19:11:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AVSMedia
[2010.10.06 19:11:40 | 000,000,000 | ---D | C] -- C:\ProgramData\AVS4YOU
[2010.10.05 19:35:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Trymedia
[2010.10.05 18:54:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JDownloader
[2010.10.05 15:42:12 | 000,000,000 | ---D | C] -- C:\Users\Michael\Desktop\house
[2010.10.05 15:42:05 | 000,000,000 | ---D | C] -- C:\Users\Michael\Desktop\oldies
[2010.10.05 15:37:44 | 000,000,000 | ---D | C] -- C:\Users\Michael\Desktop\rock
[2010.10.04 19:50:13 | 000,000,000 | R--D | C] -- C:\Users\Michael\Documents\Notes
[2010.10.01 16:38:38 | 000,000,000 | ---D | C] -- C:\Users\Michael\Desktop\java
[2010.10.01 15:38:55 | 000,000,000 | ---D | C] -- C:\Users\Michael\.nbprofiler
[2010.10.01 15:38:54 | 000,000,000 | ---D | C] -- C:\Users\Michael\.netbeans
[2010.10.01 15:38:53 | 000,000,000 | ---D | C] -- C:\Users\Michael\AppData\Roaming\.visualvm
[2010.10.01 15:26:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JavaFX
[2010.10.01 15:15:58 | 000,000,000 | ---D | C] -- C:\Users\Michael\Desktop\hamster
[2010.10.01 14:55:41 | 000,000,000 | ---D | C] -- C:\Programme\hamstersimulator-v28-01
[2010.09.30 15:36:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Sonic Shared
[2010.09.30 15:36:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Roxio Shared
[2010.09.30 15:36:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Napster Shared
[2010.09.30 15:36:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Napster
[2010.09.30 15:35:54 | 000,000,000 | ---D | C] -- C:\Users\Michael\AppData\Roaming\InstallShield
[2010.09.29 22:23:00 | 000,000,000 | ---D | C] -- C:\Users\Michael\Desktop\Neuer Ordner (9)
[2010.09.28 15:13:25 | 000,000,000 | ---D | C] -- C:\Users\Michael\AppData\Local\DOSBox
[2010.09.28 15:13:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DOSBox-0.74
[2010.09.28 15:02:38 | 000,000,000 | ---D | C] -- C:\MPS
 
========== Files - Modified Within 30 Days ==========
 
[2010.10.25 16:59:22 | 000,023,552 | ---- | M] () -- C:\Users\Michael\Desktop\house.doc
[2010.10.25 15:41:12 | 000,029,518 | ---- | M] () -- C:\Users\Michael\Desktop\jk.JPG
[2010.10.25 14:53:51 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.10.25 14:53:51 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.10.25 14:48:41 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.10.25 14:48:32 | 3220,713,472 | -HS- | M] () -- C:\hiberfil.sys
[2010.10.23 16:22:45 | 000,000,965 | ---- | M] () -- C:\Users\Public\Desktop\Generals Zero.lnk
[2010.10.23 16:22:45 | 000,000,841 | ---- | M] () -- C:\Users\Public\Desktop\Generals.lnk
[2010.10.23 16:11:18 | 001,472,002 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010.10.23 16:11:18 | 000,643,628 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2010.10.23 16:11:18 | 000,606,992 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010.10.23 16:11:18 | 000,126,188 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2010.10.23 16:11:18 | 000,103,370 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010.10.20 18:46:32 | 000,001,013 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.10.19 23:45:45 | 000,025,088 | ---- | M] () -- C:\Users\Michael\Desktop\Microsoft Word-Dokument (neu) (3).doc
[2010.10.19 19:11:22 | 000,024,064 | ---- | M] () -- C:\Users\Michael\Desktop\Microsoft Word-Dokument (neu) (5).doc
[2010.10.19 16:59:26 | 000,024,064 | ---- | M] () -- C:\Users\Michael\Desktop\napster.doc
[2010.10.17 20:52:52 | 000,000,171 | ---- | M] () -- C:\Users\Michael\Desktop\file-231042330.flv
[2010.10.14 17:46:45 | 000,121,856 | ---- | M] () -- C:\Users\Michael\Documents\Dok2.doc
[2010.10.10 21:03:11 | 000,001,768 | ---- | M] () -- C:\Users\Michael\Desktop\Defraggler.lnk
[2010.10.08 12:57:56 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\w95inf32.dll
[2010.10.08 12:57:56 | 000,002,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\w95inf16.dll
[2010.10.08 12:57:52 | 000,001,293 | ---- | M] () -- C:\Users\Public\Desktop\LEGO Racers.lnk
[2010.10.07 23:06:36 | 004,236,112 | ---- | M] (Piriform Ltd) -- C:\Users\Michael\Desktop\dfsetup121.exe
[2010.10.06 19:18:26 | 000,001,210 | ---- | M] () -- C:\Users\Public\Desktop\Freemake Video Converter.lnk
[2010.10.06 19:18:24 | 000,001,243 | ---- | M] () -- C:\Users\Michael\Desktop\DVDVideoSoft Free Studio.lnk
[2010.10.05 19:27:42 | 000,002,221 | ---- | M] () -- C:\Users\Public\Desktop\Need For Speed World.lnk
[2010.10.05 18:54:50 | 000,001,025 | ---- | M] () -- C:\Users\Public\Desktop\JDownloader.lnk
[2010.10.01 14:12:28 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2010.10.01 14:12:28 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2010.10.01 14:12:28 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2010.10.01 14:12:28 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2010.09.30 15:37:03 | 000,001,885 | ---- | M] () -- C:\Users\Public\Desktop\Napster.lnk
[2010.09.28 15:13:06 | 000,001,922 | ---- | M] () -- C:\Users\Public\Desktop\DOSBox 0.74.lnk
 
========== Files Created - No Company Name ==========
 
[2010.10.25 15:41:10 | 000,029,518 | ---- | C] () -- C:\Users\Michael\Desktop\jk.JPG
[2010.10.22 14:12:12 | 000,229,376 | ---- | C] () -- C:\Users\Michael\Desktop\SMS Ton - Schrei.mp3
[2010.10.20 18:46:32 | 000,001,013 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.10.19 19:11:11 | 000,024,064 | ---- | C] () -- C:\Users\Michael\Desktop\Microsoft Word-Dokument (neu) (5).doc
[2010.10.17 23:17:26 | 004,814,976 | ---- | C] () -- C:\Users\Michael\Desktop\PETERLICHT - SONNENDECK [RADIO-FASSUNG (EKIMAS  PROPPE REMIX].MP3
[2010.10.17 20:52:50 | 000,000,171 | ---- | C] () -- C:\Users\Michael\Desktop\file-231042330.flv
[2010.10.14 17:46:45 | 000,121,856 | ---- | C] () -- C:\Users\Michael\Documents\Dok2.doc
[2010.10.14 16:53:48 | 000,024,064 | ---- | C] () -- C:\Users\Michael\Desktop\napster.doc
[2010.10.08 12:57:58 | 000,010,240 | ---- | C] () -- C:\Windows\SysWow64\vidx16.dll
[2010.10.08 12:57:58 | 000,005,672 | ---- | C] () -- C:\Windows\SysWow64\quartz.vxd
[2010.10.08 12:33:46 | 000,001,293 | ---- | C] () -- C:\Users\Public\Desktop\LEGO Racers.lnk
[2010.10.07 23:06:55 | 000,001,768 | ---- | C] () -- C:\Users\Michael\Desktop\Defraggler.lnk
[2010.10.06 19:18:26 | 000,001,210 | ---- | C] () -- C:\Users\Public\Desktop\Freemake Video Converter.lnk
[2010.10.05 19:27:42 | 000,002,221 | ---- | C] () -- C:\Users\Public\Desktop\Need For Speed World.lnk
[2010.10.05 18:54:50 | 000,001,025 | ---- | C] () -- C:\Users\Public\Desktop\JDownloader.lnk
[2010.09.30 15:37:03 | 000,001,885 | ---- | C] () -- C:\Users\Public\Desktop\Napster.lnk
[2010.09.28 15:13:06 | 000,001,922 | ---- | C] () -- C:\Users\Public\Desktop\DOSBox 0.74.lnk
[2010.09.02 19:45:41 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\CmdLineExt03.dll
[2010.04.11 20:29:21 | 000,006,656 | ---- | C] () -- C:\Users\Michael\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.03.17 16:42:12 | 001,499,556 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.02.16 17:15:54 | 000,000,048 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.02.09 22:37:18 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\mgxasio2.dll
[2010.02.09 22:36:24 | 000,120,200 | ---- | C] () -- C:\Windows\SysWow64\DLLDEV32i.dll
[2010.02.09 22:36:03 | 000,007,119 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2010.01.24 17:09:53 | 000,004,940 | ---- | C] () -- C:\ProgramData\mtbjfghn.xbe
[2010.01.10 18:30:47 | 000,290,904 | R--- | C] () -- C:\Windows\SysWow64\vc6-re200l.dll
[2009.12.07 17:05:05 | 000,007,598 | ---- | C] () -- C:\Users\Michael\AppData\Local\Resmon.ResmonCfg
[2009.11.25 13:40:50 | 000,085,504 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2009.11.17 14:58:09 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2009.08.07 20:51:34 | 000,178,430 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

< End of report >
--- --- ---

OTL Logfile:
Code:
OTL Extras logfile created on: 25.10.2010 21:12:35 - Run 1
OTL by OldTimer - Version 3.2.17.1    Folder = C:\Users\Michael\Downloads
64bit- Ultimate Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 45,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 73,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 48,83 Gb Total Space | 2,61 Gb Free Space | 5,34% Space Free | Partition Type: NTFS
Drive D: | 184,04 Gb Total Space | 44,76 Gb Free Space | 24,32% Space Free | Partition Type: NTFS
 
Computer Name: MICHAEL-PC | User Name: Michael | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)
.js [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found
.txt [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [open] -- Reg Error: Key error.
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [open] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"Defraggler" = Defraggler
"FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0)
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"WinRAR archiver" = WinRAR
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}" = Battlefield 2(TM)
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216021FF}" = Java(TM) 6 Update 21
"{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1" = ConvertHelper 2.2
"{2E660A2A-A55F-43CD-9F73-CAD7382EEB78}" = Microsoft Games for Windows - LIVE Redistributable
"{3248F0A8-6813-11D6-A77B-00B0D0160040}" = Java(TM) 6 Update 4
"{32A3A4F4-B792-11D6-A78A-00B0D0160040}" = Java(TM) SE Development Kit 6 Update 4
"{32A3A4F4-B792-11D6-A78A-00B0D0160210}" = Java(TM) SE Development Kit 6 Update 21
"{33CF58F5-48D8-4575-83D6-96F574E4D83A}" = Nero DriveSpeed
"{34A6ADBE-2521-4634-96AA-E4B9C3F0BF20}" = AVRStudio4
"{359CFC0A-BEB1-440D-95BA-CF63A86DA34F}" = Nero Recode
"{362D5167-9716-44BE-89FD-BF9EB6EF814B}" = DawnOfWar
"{368BA326-73AD-4351-84ED-3C0A7A52CC53}" = Nero Rescue Agent
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{43E39830-1826-415D-8BAE-86845787B54B}" = Nero Vision
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E1CD3D5-D4EE-4246-AE24-F0FD5A60390D}" = OviMPlatform
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{595A3116-40BB-4E0F-A2E8-D7951DA56270}" = NeroExpress
"{5aa47dba-b584-4d47-a626-76e53f010300}" = JavaFX(TM) 1.3 SDK
"{5D39E57E-2F0E-45B2-A754-76F9EE3B7463}" = RSDownloader 2.3
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5F05C28D-DEA9-4AD6-A73A-064175988EAB}" = Search Settings v1.2.3
"{60DED9C2-22BF-47A3-B6C8-6B141BA31DFD}" = Ovi Desktop Sync Engine
"{62AC81F6-BDD3-4110-9D36-3E9EAAB40999}" = Nero CoverDesigner
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{71BFC818-0CED-42D6-9C87-5142918957EE}" = ICQ7.1
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7397EDED-F38A-4654-B669-BF61065803D0}" = PC Connectivity Solution
"{7748AC8C-18E3-43BB-959B-088FAEA16FB2}" = Nero StartSmart
"{7829DB6F-A066-4E40-8912-CB07887C20BB}" = Nero BurnRights
"{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1" = Need For Speed™ World
"{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}" = Text-To-Speech-Runtime
"{7DFFB3EF-F6B5-468E-9C8D-C4FD574C2A22}" = MP3-Tag-Editor
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}" = Assassin's Creed II
"{869200DB-287A-4DC0-B02B-2B6787FBCD4C}" = Nero DiscSpeed
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8DCE550C-CA43-4E82-92DF-FFC4A48F5BE1}" = Napster Burn Engine
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{A209525B-3377-43F4-B886-32F6B6E7356F}" = Nero WaveEditor
"{A3FF5CB2-FB35-4658-8751-9EDE1D65B3AA}" = VMware Workstation
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A8D647C8-65AC-409F-B7B2-3C0FEE1A32F2}" = PixiePack Codec Pack
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3.1 - Deutsch
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{af14fffe-c441-4f11-aedb-10993015ada0}" = Nero 9 Trial
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B1ADF008-E898-4FE2-8A1F-690D9A06ACAF}" = DolbyFiles
"{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center
"{B78120A0-CF84-4366-A393-4D0A59BC546C}" = Menu Templates - Starter Kit
"{B9C9DB4C-6D77-4AE9-AD1C-C708C23239A0}" = Nokia Connectivity Cable Driver
"{BBBCAE4B-B416-4182-A6F2-438180894A81}" = Napster
"{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter
"{C0090327-77F4-455C-AA1A-F9456BDB7F7F}" = Tunebite
"{C009B19F-7F1E-D9D5-BECC-D733430FAEAD}" = Antenna
"{C5A7CB6C-E76D-408F-BA0E-85605420FE9D}" = SoundTrax
"{C86E7C99-E4AD-79C7-375B-1AEF9A91EC2B}" = Acrobat.com
"{C878CD69-85DB-426B-81A3-E71175AAEB91}" = Dealio Toolbar v4.0.2
"{CD49361E-3FE6-457E-90A1-9C59E29B5D02}" = Java DB 10.3.1.4
"{D025A639-B9C9-417D-8531-208859000AF8}" = NeroBurningROM
"{D5D88F8F-FDA4-4CF4-9F3E-3F40118C2120}" = AVRStudio4
"{DEA314C4-0929-4250-BC92-98E4C105F28D}" = NVIDIA PhysX
"{DEE1E2E5-B553-4F88-9DE7-23CBEA5D739C}" = Nokia Ovi Suite
"{DF6F459C-8B89-4F88-B63F-A2E136BB6B79}" = SweetIM for Messenger 2.8
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E498385E-1C51-459A-B45F-1721E37AA1A0}" = Movie Templates - Starter Kit
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype™ 5.0
"{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer
"{F112F66E-25CA-42DD-983C-6118EB38F606}" = Microsoft Games for Windows - LIVE
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1861F30-3419-44DB-B2A1-C274825698B3}" = Nero Disc Copy Gadget
"{FBCDFD61-7DCF-4E71-9226-873BA0053139}" = Nero InfoTool
"ABC 3GP/MP4 Converter" = ABC 3GP/MP4 Converter 3.00
"AC3Filter" = AC3Filter (remove only)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"avast5" = avast! Free Antivirus
"BitTorrent" = BitTorrent
"Cartoonist_is1" = Cartoonist 1.3
"CCleaner" = CCleaner
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Acrobat.com
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup.divx.com" = DivX-Setup
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"Fake Webcam_is1" = Fake Webcam 6.1.3
"FileZilla Client" = FileZilla Client 3.2.7.1
"Foxit Reader" = Foxit Reader
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4
"Free Studio_is1" = Free Studio version 4.9
"Free Video Dub_is1" = Free Video Dub version 1.8
"Free Video to MP3 Converter_is1" = Free Video to MP3 Converter version 3.3
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.8
"Freemake Video Converter_is1" = Freemake Video Converter version 1.1.11
"hon" = Heroes of Newerth
"ImgBurn" = ImgBurn
"InstallShield_{362D5167-9716-44BE-89FD-BF9EB6EF814B}" = DawnOfWar
"JDownloader" = JDownloader
"LEGO Racers" = LEGO Racers
"MAGIX Music Maker 15 Trial D" = MAGIX Music Maker 15 Trial 15.0.1.5 (D)
"MAGIX Screenshare D" = MAGIX Screenshare 4.3.6.1987 (D)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"MegaTrainer eXperience_is1" = MegaTrainer eXperience V1.0.0.5
"Miranda IM" = Miranda IM 0.8.12
"Mozilla Firefox (3.6.11)" = Mozilla Firefox (3.6.11)
"Mozilla Thunderbird (3.1.5)" = Mozilla Thunderbird (3.1.5)
"Nokia Ovi Suite" = Nokia Ovi Suite
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"org.bcdef.antenna.43FD862ECBF25EB623FC234EF1704635B78E3AB6.1" = Antenna
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VLC media player 1.0.3
"Warcraft III" = Warcraft III
"WinAVR" = WinAVR 20070525 (remove only)
"WinAVR-20070525" = WinAVR 20070525 (remove only)
"WinGimp-2.0_is1" = GIMP 2.6.8
"xp-AntiSpy" = xp-AntiSpy 3.97-9
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Winamp Detect" = Winamp Anwendungserkennung
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 19.10.2010 14:30:42 | Computer Name = Michael-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Michael\Downloads\SoftonicDownloader63369.exe".
 Fehler in  Manifest- oder Richtliniendatei "" in Zeile .  Eine für die Anwendung erforderliche
 Komponentenversion steht in Konflikt mit  einer anderen, bereits aktiven Komponentenversion.
In
 Konflikt stehende Komponenten:.  Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest.
 
Error - 19.10.2010 14:30:42 | Computer Name = Michael-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Michael\Downloads\SoftonicDownloader_fuer_defraggler.exe".
 Fehler in  Manifest- oder Richtliniendatei "" in Zeile .  Eine für die Anwendung erforderliche
 Komponentenversion steht in Konflikt mit  einer anderen, bereits aktiven Komponentenversion.
In
 Konflikt stehende Komponenten:.  Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest.
 
Error - 20.10.2010 11:31:43 | Computer Name = Michael-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Michael\Downloads\SoftonicDownloader63369.exe".
 Fehler in  Manifest- oder Richtliniendatei "" in Zeile .  Eine für die Anwendung erforderliche
 Komponentenversion steht in Konflikt mit  einer anderen, bereits aktiven Komponentenversion.
In
 Konflikt stehende Komponenten:.  Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest.
 
Error - 20.10.2010 11:32:26 | Computer Name = Michael-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Michael\Downloads\SoftonicDownloader63369.exe".
 Fehler in  Manifest- oder Richtliniendatei "" in Zeile .  Eine für die Anwendung erforderliche
 Komponentenversion steht in Konflikt mit  einer anderen, bereits aktiven Komponentenversion.
In
 Konflikt stehende Komponenten:.  Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest.
 
Error - 20.10.2010 11:38:33 | Computer Name = Michael-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Michael\Downloads\SoftonicDownloader_fuer_defraggler.exe".
 Fehler in  Manifest- oder Richtliniendatei "" in Zeile .  Eine für die Anwendung erforderliche
 Komponentenversion steht in Konflikt mit  einer anderen, bereits aktiven Komponentenversion.
In
 Konflikt stehende Komponenten:.  Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest.
 
Error - 20.10.2010 11:38:33 | Computer Name = Michael-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Michael\Downloads\SoftonicDownloader63369.exe".
 Fehler in  Manifest- oder Richtliniendatei "" in Zeile .  Eine für die Anwendung erforderliche
 Komponentenversion steht in Konflikt mit  einer anderen, bereits aktiven Komponentenversion.
In
 Konflikt stehende Komponenten:.  Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest.
 
Error - 20.10.2010 11:43:03 | Computer Name = Michael-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Michael\Downloads\SoftonicDownloader_fuer_defraggler.exe".
 Fehler in  Manifest- oder Richtliniendatei "" in Zeile .  Eine für die Anwendung erforderliche
 Komponentenversion steht in Konflikt mit  einer anderen, bereits aktiven Komponentenversion.
In
 Konflikt stehende Komponenten:.  Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest.
 
Error - 20.10.2010 11:43:03 | Computer Name = Michael-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Michael\Downloads\SoftonicDownloader63369.exe".
 Fehler in  Manifest- oder Richtliniendatei "" in Zeile .  Eine für die Anwendung erforderliche
 Komponentenversion steht in Konflikt mit  einer anderen, bereits aktiven Komponentenversion.
In
 Konflikt stehende Komponenten:.  Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest.
 
Error - 20.10.2010 12:02:59 | Computer Name = Michael-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Michael\Downloads\SoftonicDownloader63369.exe".
 Fehler in  Manifest- oder Richtliniendatei "" in Zeile .  Eine für die Anwendung erforderliche
 Komponentenversion steht in Konflikt mit  einer anderen, bereits aktiven Komponentenversion.
In
 Konflikt stehende Komponenten:.  Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest.
 
Error - 20.10.2010 12:43:38 | Computer Name = Michael-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Michael\Downloads\SoftonicDownloader_fuer_defraggler.exe".
 Fehler in  Manifest- oder Richtliniendatei "" in Zeile .  Eine für die Anwendung erforderliche
 Komponentenversion steht in Konflikt mit  einer anderen, bereits aktiven Komponentenversion.
In
 Konflikt stehende Komponenten:.  Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest.
 
[ System Events ]
Error - 25.10.2010 08:48:41 | Computer Name = Michael-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?24.?10.?2010 um 23:15:52 unerwartet heruntergefahren.
 
Error - 24.10.2010 17:16:54 | Computer Name = Michael-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "Kryptografiedienste" wurde unerwartet beendet. Dies ist bereits
 1 Mal passiert.
 
Error - 24.10.2010 17:16:54 | Computer Name = Michael-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "DNS-Client" wurde unerwartet beendet. Dies ist bereits 1 Mal
 passiert.
 
Error - 24.10.2010 17:16:54 | Computer Name = Michael-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "Arbeitsstationsdienst" wurde unerwartet beendet. Dies ist
bereits 1 Mal passiert.
 
Error - 24.10.2010 17:16:54 | Computer Name = Michael-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "NLA (Network Location Awareness)" wurde unerwartet beendet.
 Dies ist bereits 1 Mal passiert.
 
Error - 25.10.2010 08:48:30 | Computer Name = Michael-PC | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 6
Description = Einige Funktionen zur Energieverwaltung im Leistungsstatus wurden
im Prozessor aufgrund eines bekannten Firmwareproblems deaktiviert. Wenden Sie sich
 an den Computerhersteller, um aktualisierte Firmware zu erhalten.
 
Error - 25.10.2010 08:48:50 | Computer Name = Michael-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Vstor2 WS60 Virtual Storage Driver" wurde aufgrund folgenden
 Fehlers nicht gestartet:  %%2
 
Error - 25.10.2010 08:51:08 | Computer Name = Michael-PC | Source = WMPNetworkSvc | ID = 866306
Description =
 
Error - 25.10.2010 08:51:08 | Computer Name = Michael-PC | Source = WMPNetworkSvc | ID = 866306
Description =
 
Error - 25.10.2010 15:02:15 | Computer Name = Michael-PC | Source = volsnap | ID = 393252
Description = Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher
 nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
 
 
< End of report >
--- --- ---

cosinus 27.10.2010 07:38
Beende alle Programme, starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)


Code:
:OTL
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 192.168.244.4:3128
FF - prefs.js..network.proxy.autoconfig_url: "file:///C:/Users/Michael/Music/Temp/Tunebite/.downloading/profile/rrproxy_ffox_4afefd82.pac"
FF - prefs.js..network.proxy.ftp: "192.168.244.4"
FF - prefs.js..network.proxy.ftp_port: 3128
FF - prefs.js..network.proxy.gopher: "192.168.244.4"
FF - prefs.js..network.proxy.gopher_port: 3128
FF - prefs.js..network.proxy.http: "192.168.244.4"
FF - prefs.js..network.proxy.http_port: 3128
FF - prefs.js..network.proxy.ssl: "192.168.244.4"
FF - prefs.js..network.proxy.ssl_port: 3128
FF - prefs.js..network.proxy.type: 4
O4 - HKCU..\Run: []  File not found
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{c7e5b2ab-4c6a-11df-af08-005056c00008}\Shell - "" = AutoRun
O33 - MountPoints2\{c7e5b2ab-4c6a-11df-af08-005056c00008}\Shell\AutoRun\command - "" = I:\CDautorun.exe -- File not found
O33 - MountPoints2\{d919e3e9-b68e-11df-a938-005056c00008}\Shell - "" = AutoRun
O33 - MountPoints2\{d919e3e9-b68e-11df-a938-005056c00008}\Shell\AutoRun\command - "" = G:\Suppress_AutoRun.exe -- File not found
[2010.02.09 22:36:03 | 000,007,119 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2010.01.24 17:09:53 | 000,004,940 | ---- | C] () -- C:\ProgramData\mtbjfghn.xbe
:Commands
[purity]
[resethosts]
[emptytemp]
Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

michaelddd1 27.10.2010 13:25
habe alles gemacht musste den pc auch neustarten aber es hat sich keine logdatei erstellt und es wurde auch keine geöffnet

michaelddd1 27.10.2010 13:28
jetzt hab ich das gefunden unter c: otl
Zitat:
All processes killed
========== OTL ==========
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer| /E : value set successfully!
Prefs.js: "file:///C:/Users/Michael/Music/Temp/Tunebite/.downloading/profile/rrproxy_ffox_4afefd82.pac" removed from network.proxy.autoconfig_url
Prefs.js: "192.168.244.4" removed from network.proxy.ftp
Prefs.js: 3128 removed from network.proxy.ftp_port
Prefs.js: "192.168.244.4" removed from network.proxy.gopher
Prefs.js: 3128 removed from network.proxy.gopher_port
Prefs.js: "192.168.244.4" removed from network.proxy.http
Prefs.js: 3128 removed from network.proxy.http_port
Prefs.js: "192.168.244.4" removed from network.proxy.ssl
Prefs.js: 3128 removed from network.proxy.ssl_port
Prefs.js: 4 removed from network.proxy.type
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c7e5b2ab-4c6a-11df-af08-005056c00008}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c7e5b2ab-4c6a-11df-af08-005056c00008}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c7e5b2ab-4c6a-11df-af08-005056c00008}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c7e5b2ab-4c6a-11df-af08-005056c00008}\ not found.
File I:\CDautorun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d919e3e9-b68e-11df-a938-005056c00008}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d919e3e9-b68e-11df-a938-005056c00008}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d919e3e9-b68e-11df-a938-005056c00008}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d919e3e9-b68e-11df-a938-005056c00008}\ not found.
File G:\Suppress_AutoRun.exe not found.
C:\Windows\mgxoschk.ini moved successfully.
C:\ProgramData\mtbjfghn.xbe moved successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 56504 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Michael
->Temp folder emptied: 232004 bytes
->Temporary Internet Files folder emptied: 4379803 bytes
->Java cache emptied: 28906655 bytes
->FireFox cache emptied: 74602063 bytes
->Flash cache emptied: 135635 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 608 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 85096 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 103,00 mb


OTL by OldTimer - Version 3.2.17.1 log created on 10272010_141627

Files\Folders moved on Reboot...
C:\Users\Michael\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\Windows\temp\_avast5_\Webshlock.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...

cosinus 27.10.2010 17:10
CustomScan mit OTL

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
Code:
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT

michaelddd1 27.10.2010 19:08
so der scan
OTL Logfile:
Code:
OTL logfile created on: 27.10.2010 19:41:42 - Run 2
OTL by OldTimer - Version 3.2.17.1    Folder = C:\Users\Michael\Desktop
64bit- Ultimate Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 73,00% Memory free
8,00 Gb Paging File | 7,00 Gb Available in Paging File | 86,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 48,83 Gb Total Space | 2,48 Gb Free Space | 5,08% Space Free | Partition Type: NTFS
Drive D: | 184,04 Gb Total Space | 44,76 Gb Free Space | 24,32% Space Free | Partition Type: NTFS
 
Computer Name: MICHAEL-PC | User Name: Michael | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Michael\Desktop\OTL(2).exe (OldTimer Tools)
PRC - C:\Programme\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe (Spigot, Inc.)
PRC - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
PRC - C:\Windows\SysWOW64\vmnetdhcp.exe (VMware, Inc.)
PRC - D:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe (VMware, Inc.)
PRC - C:\Windows\SysWOW64\vmnat.exe (VMware, Inc.)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\Michael\Desktop\OTL(2).exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - (VMware NAT Service) -- C:\Windows\SysNative\vmnat.exe File not found
SRV:64bit: - (VMnetDHCP) -- C:\Windows\SysNative\vmnetdhcp.exe File not found
SRV:64bit: - (avast! Web Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV:64bit: - (avast! Mail Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV:64bit: - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (ServiceLayer) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (Application Updater) -- C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe (Spigot, Inc.)
SRV - (Nero BackItUp Scheduler 4.0) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (VMnetDHCP) -- C:\Windows\SysWOW64\vmnetdhcp.exe (VMware, Inc.)
SRV - (VMAuthdService) -- D:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe (VMware, Inc.)
SRV - (VMware NAT Service) -- C:\Windows\SysWOW64\vmnat.exe (VMware, Inc.)
 
 
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
 
MsConfig:64bit - StartUpReg: Acrobat Assistant 8.0 - hkey= - key= - D:\Program Files (x86)\adobie\Acrobat 9.0\Acrobat\Acrotray.exe File not found
MsConfig:64bit - StartUpReg: Adobe Acrobat Speed Launcher - hkey= - key= - D:\Program Files (x86)\adobie\Acrobat 9.0\Acrobat\Acrobat_sl.exe File not found
MsConfig:64bit - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig:64bit - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
MsConfig:64bit - StartUpReg: AdobeCS4ServiceManager - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe File not found
MsConfig:64bit - StartUpReg: Adobe_ID0ENQBO - hkey= - key= - C:\PROGRA~2\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE File not found
MsConfig:64bit - StartUpReg: BitTorrent - hkey= - key= - C:\Program Files (x86)\BitTorrent\BitTorrent.exe (BitTorrent, Inc.)
MsConfig:64bit - StartUpReg: DAEMON Tools Lite - hkey= - key= - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
MsConfig:64bit - StartUpReg: DivXUpdate - hkey= - key= - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
MsConfig:64bit - StartUpReg: NapsterShell - hkey= - key= - C:\Program Files (x86)\Napster\napster.exe (Napster)
MsConfig:64bit - StartUpReg: NokiaMServer - hkey= - key= - C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
MsConfig:64bit - StartUpReg: NokiaOviSuite2 - hkey= - key= - C:\Program Files (x86)\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe (Nokia)
MsConfig:64bit - StartUpReg: SearchSettings - hkey= - key= - C:\Program Files (x86)\Search Settings\SearchSettings.exe (Spigot, Inc.)
MsConfig:64bit - StartUpReg: Skype - hkey= - key= - C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)
MsConfig:64bit - StartUpReg: SweetIM - hkey= - key= - C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe File not found
MsConfig:64bit - StartUpReg: vmware-tray - hkey= - key= - D:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe File not found
MsConfig:64bit - StartUpReg: wdfmgrs - hkey= - key= - C:\Users\Michael\AppData\Local\Temp\wdfmgrs.exe File not found
MsConfig:64bit - StartUpReg: WinampAgent - hkey= - key= - C:\Program Files (x86)\Winamp\winampa.exe File not found
MsConfig:64bit - State: "startup" - Reg Error: Key error.
 
SafeBootMin:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: vmms - Service
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {8C44CB9C-BC77-8C45-D2D4-AB2990C30B26} - Themes Setup
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Windows Media Player 5.2
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Webordner
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {88B7A632-C918-D8E5-F7E9-01BBE258EDD2} - Themes Setup
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {A8D647C8-65AC-409F-B7B2-3C0FEE1A32F2} - C:\Program Files (x86)\PixiePack Codec Pack\InstallerHelper.exe
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDF099AA-6E91-9D4B-431F-4746DD83D03B} - Browser Customizations
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.ac3filter - ac3filter.acm File not found
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)
Drivers32: VIDC.VMnc - C:\Windows\SysWow64\vmnc.dll (VMware, Inc.)
Drivers32: vidc.VP60 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
Drivers32: vidc.yv12 - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.10.27 19:27:05 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Michael\Desktop\OTL(2).exe
[2010.10.27 14:16:27 | 000,000,000 | ---D | C] -- C:\_OTL
[2010.10.26 22:01:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2010.10.26 22:01:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2010.10.26 18:38:29 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2010.10.23 16:14:59 | 000,000,000 | ---D | C] -- C:\Users\Michael\Desktop\Neuer Ordner (8)
[2010.10.22 14:33:53 | 000,000,000 | ---D | C] -- C:\Users\Michael\Desktop\Neuer Ordner (6)
[2010.10.21 20:31:33 | 000,000,000 | ---D | C] -- C:\Users\Michael\Desktop\rock neu
[2010.10.20 18:46:53 | 000,000,000 | ---D | C] -- C:\Users\Michael\AppData\Roaming\Malwarebytes
[2010.10.20 18:46:29 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010.10.20 18:46:27 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010.10.20 18:46:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.10.20 18:46:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010.10.08 12:58:00 | 000,155,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\LMRT.dll
[2010.10.08 12:58:00 | 000,140,800 | ---- | C] (The Duck Corporation) -- C:\Windows\SysWow64\tm20dec.ax
[2010.10.08 12:58:00 | 000,038,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\LMRTREND.dll
[2010.10.08 12:57:59 | 000,217,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\strmdll.dll
[2010.10.08 12:57:59 | 000,182,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxtmsft3.dll
[2010.10.08 12:57:59 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\unam4ie.exe
[2010.10.08 12:57:58 | 001,088,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\danim.dll
[2010.10.08 12:57:58 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mciqtz.drv
[2010.10.08 12:57:57 | 000,194,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qcut.dll
[2010.10.08 12:57:57 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\w95inf32.dll
[2010.10.08 12:57:57 | 000,002,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\w95inf16.dll
[2010.10.08 12:33:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LEGO Media
[2010.10.08 09:48:48 | 000,000,000 | ---D | C] -- C:\Users\Michael\AppData\Local\AOL
[2010.10.07 23:06:54 | 000,000,000 | ---D | C] -- C:\Programme\Defraggler
[2010.10.07 23:06:35 | 004,236,112 | ---- | C] (Piriform Ltd) -- C:\Users\Michael\Desktop\dfsetup121.exe
[2010.10.06 20:16:45 | 000,000,000 | ---D | C] -- C:\Users\Michael\Desktop\Neuer Ordner (10)
[2010.10.06 20:04:52 | 000,000,000 | ---D | C] -- C:\Users\Michael\AppData\Local\DVDVideoSoft_Ltd
[2010.10.06 19:18:27 | 000,000,000 | ---D | C] -- C:\Users\Michael\Documents\Freemake
[2010.10.06 19:18:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Freemake
[2010.10.06 19:18:11 | 000,000,000 | ---D | C] -- C:\Users\Michael\AppData\Roaming\DVDVideoSoft
[2010.10.06 19:12:25 | 000,000,000 | ---D | C] -- C:\Users\Michael\AppData\Roaming\AVS4YOU
[2010.10.06 19:11:40 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3a.dll
[2010.10.06 19:11:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AVSMedia
[2010.10.06 19:11:40 | 000,000,000 | ---D | C] -- C:\ProgramData\AVS4YOU
[2010.10.05 19:35:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Trymedia
[2010.10.05 18:54:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JDownloader
[2010.10.05 15:42:12 | 000,000,000 | ---D | C] -- C:\Users\Michael\Desktop\house
[2010.10.05 15:42:05 | 000,000,000 | ---D | C] -- C:\Users\Michael\Desktop\oldies
[2010.10.05 15:37:44 | 000,000,000 | ---D | C] -- C:\Users\Michael\Desktop\rock
[2010.10.04 19:50:13 | 000,000,000 | R--D | C] -- C:\Users\Michael\Documents\Notes
[2010.10.01 16:38:38 | 000,000,000 | ---D | C] -- C:\Users\Michael\Desktop\java
[2010.10.01 15:38:55 | 000,000,000 | ---D | C] -- C:\Users\Michael\.nbprofiler
[2010.10.01 15:38:54 | 000,000,000 | ---D | C] -- C:\Users\Michael\.netbeans
[2010.10.01 15:38:53 | 000,000,000 | ---D | C] -- C:\Users\Michael\AppData\Roaming\.visualvm
[2010.10.01 15:26:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JavaFX
[2010.10.01 15:15:58 | 000,000,000 | ---D | C] -- C:\Users\Michael\Desktop\hamster
[2010.10.01 14:55:41 | 000,000,000 | ---D | C] -- C:\Programme\hamstersimulator-v28-01
[2010.09.30 15:36:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Sonic Shared
[2010.09.30 15:36:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Roxio Shared
[2010.09.30 15:36:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Napster Shared
[2010.09.30 15:36:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Napster
[2010.09.30 15:35:54 | 000,000,000 | ---D | C] -- C:\Users\Michael\AppData\Roaming\InstallShield
[2010.09.29 22:23:00 | 000,000,000 | ---D | C] -- C:\Users\Michael\Desktop\Neuer Ordner (9)
[2010.09.28 15:13:25 | 000,000,000 | ---D | C] -- C:\Users\Michael\AppData\Local\DOSBox
[2010.09.28 15:13:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DOSBox-0.74
[2010.09.28 15:02:38 | 000,000,000 | ---D | C] -- C:\MPS
 
========== Files - Modified Within 30 Days ==========
 
[2010.10.27 19:26:51 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Michael\Desktop\OTL(2).exe
[2010.10.27 14:30:03 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.10.27 14:30:03 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.10.27 14:24:55 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.10.27 14:24:50 | 3220,713,472 | -HS- | M] () -- C:\hiberfil.sys
[2010.10.27 14:23:44 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2010.10.26 22:06:28 | 000,423,309 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20101026-220659.backup
[2010.10.26 22:01:11 | 000,001,262 | ---- | M] () -- C:\Users\Michael\Desktop\Spybot - Search & Destroy.lnk
[2010.10.26 14:19:15 | 000,000,217 | ---- | M] () -- C:\Users\Michael\Desktop\ICQ Spiele.url
[2010.10.25 16:59:22 | 000,023,552 | ---- | M] () -- C:\Users\Michael\Desktop\house.doc
[2010.10.25 15:41:12 | 000,029,518 | ---- | M] () -- C:\Users\Michael\Desktop\jk.JPG
[2010.10.23 16:11:18 | 001,472,002 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010.10.23 16:11:18 | 000,643,628 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2010.10.23 16:11:18 | 000,606,992 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010.10.23 16:11:18 | 000,126,188 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2010.10.23 16:11:18 | 000,103,370 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010.10.20 18:46:32 | 000,001,013 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.10.19 23:45:45 | 000,025,088 | ---- | M] () -- C:\Users\Michael\Desktop\Microsoft Word-Dokument (neu) (3).doc
[2010.10.19 19:11:22 | 000,024,064 | ---- | M] () -- C:\Users\Michael\Desktop\Microsoft Word-Dokument (neu) (5).doc
[2010.10.19 16:59:26 | 000,024,064 | ---- | M] () -- C:\Users\Michael\Desktop\napster.doc
[2010.10.17 20:52:52 | 000,000,171 | ---- | M] () -- C:\Users\Michael\Desktop\file-231042330.flv
[2010.10.14 17:46:45 | 000,121,856 | ---- | M] () -- C:\Users\Michael\Documents\Dok2.doc
[2010.10.08 12:57:56 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\w95inf32.dll
[2010.10.08 12:57:56 | 000,002,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\w95inf16.dll
[2010.10.08 12:57:52 | 000,001,293 | ---- | M] () -- C:\Users\Public\Desktop\LEGO Racers.lnk
[2010.10.07 23:06:36 | 004,236,112 | ---- | M] (Piriform Ltd) -- C:\Users\Michael\Desktop\dfsetup121.exe
[2010.10.06 19:18:26 | 000,001,210 | ---- | M] () -- C:\Users\Public\Desktop\Freemake Video Converter.lnk
[2010.10.06 19:18:24 | 000,001,243 | ---- | M] () -- C:\Users\Michael\Desktop\DVDVideoSoft Free Studio.lnk
[2010.10.05 19:27:42 | 000,002,221 | ---- | M] () -- C:\Users\Public\Desktop\Need For Speed World.lnk
[2010.10.05 18:54:50 | 000,001,025 | ---- | M] () -- C:\Users\Public\Desktop\JDownloader.lnk
[2010.09.30 15:37:03 | 000,001,885 | ---- | M] () -- C:\Users\Public\Desktop\Napster.lnk
[2010.09.28 15:13:06 | 000,001,922 | ---- | M] () -- C:\Users\Public\Desktop\DOSBox 0.74.lnk
 
========== Files Created - No Company Name ==========
 
[2010.10.26 22:01:11 | 000,001,262 | ---- | C] () -- C:\Users\Michael\Desktop\Spybot - Search & Destroy.lnk
[2010.10.26 14:19:15 | 000,000,217 | ---- | C] () -- C:\Users\Michael\Desktop\ICQ Spiele.url
[2010.10.25 15:41:10 | 000,029,518 | ---- | C] () -- C:\Users\Michael\Desktop\jk.JPG
[2010.10.22 14:12:12 | 000,229,376 | ---- | C] () -- C:\Users\Michael\Desktop\SMS Ton - Schrei.mp3
[2010.10.20 18:46:32 | 000,001,013 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.10.19 19:11:11 | 000,024,064 | ---- | C] () -- C:\Users\Michael\Desktop\Microsoft Word-Dokument (neu) (5).doc
[2010.10.17 23:17:26 | 004,814,976 | ---- | C] () -- C:\Users\Michael\Desktop\PETERLICHT - SONNENDECK [RADIO-FASSUNG (EKIMAS  PROPPE REMIX].MP3
[2010.10.17 20:52:50 | 000,000,171 | ---- | C] () -- C:\Users\Michael\Desktop\file-231042330.flv
[2010.10.14 17:46:45 | 000,121,856 | ---- | C] () -- C:\Users\Michael\Documents\Dok2.doc
[2010.10.14 16:53:48 | 000,024,064 | ---- | C] () -- C:\Users\Michael\Desktop\napster.doc
[2010.10.08 12:57:58 | 000,010,240 | ---- | C] () -- C:\Windows\SysWow64\vidx16.dll
[2010.10.08 12:57:58 | 000,005,672 | ---- | C] () -- C:\Windows\SysWow64\quartz.vxd
[2010.10.08 12:33:46 | 000,001,293 | ---- | C] () -- C:\Users\Public\Desktop\LEGO Racers.lnk
[2010.10.06 19:18:26 | 000,001,210 | ---- | C] () -- C:\Users\Public\Desktop\Freemake Video Converter.lnk
[2010.10.05 19:27:42 | 000,002,221 | ---- | C] () -- C:\Users\Public\Desktop\Need For Speed World.lnk
[2010.10.05 18:54:50 | 000,001,025 | ---- | C] () -- C:\Users\Public\Desktop\JDownloader.lnk
[2010.09.30 15:37:03 | 000,001,885 | ---- | C] () -- C:\Users\Public\Desktop\Napster.lnk
[2010.09.28 15:13:06 | 000,001,922 | ---- | C] () -- C:\Users\Public\Desktop\DOSBox 0.74.lnk
[2010.09.02 19:45:41 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\CmdLineExt03.dll
[2010.04.11 20:29:21 | 000,006,656 | ---- | C] () -- C:\Users\Michael\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.03.17 16:42:12 | 001,499,556 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.02.16 17:15:54 | 000,000,048 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.02.09 22:37:18 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\mgxasio2.dll
[2010.02.09 22:36:24 | 000,120,200 | ---- | C] () -- C:\Windows\SysWow64\DLLDEV32i.dll
[2010.01.10 18:30:47 | 000,290,904 | R--- | C] () -- C:\Windows\SysWow64\vc6-re200l.dll
[2009.12.07 17:05:05 | 000,007,598 | ---- | C] () -- C:\Users\Michael\AppData\Local\Resmon.ResmonCfg
[2009.11.25 13:40:50 | 000,085,504 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2009.11.17 14:58:09 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2009.08.07 20:51:34 | 000,178,430 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
 
========== Custom Scans ==========
 
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2010.10.01 15:38:53 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\.visualvm
[2010.08.06 10:34:54 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\Adobe
[2010.10.06 19:12:25 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\AVS4YOU
[2009.12.01 21:56:06 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\Bioshock
[2010.10.14 19:56:46 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\BitTorrent
[2009.11.18 15:07:56 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\Canneverbe_Limited
[2010.04.22 15:08:51 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\com.adobe.ExMan
[2010.04.20 12:56:59 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\DAEMON Tools Lite
[2010.03.12 21:47:34 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\Dexpot
[2010.07.12 23:02:50 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\DivX
[2010.10.27 18:03:32 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\dvdcss
[2010.10.06 20:04:07 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\DVDVideoSoft
[2010.10.06 19:18:28 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\DVDVideoSoftIEHelpers
[2010.09.13 14:24:09 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\FileZilla
[2010.02.16 15:42:55 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\Foxit
[2009.11.20 20:52:44 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\FreeFLVConverter
[2010.04.22 17:05:34 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\gtk-2.0
[2010.10.27 19:28:26 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\ICQ
[2009.11.10 18:10:05 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\Identities
[2010.01.07 18:31:59 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\ImgBurn
[2010.09.30 15:35:54 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\InstallShield
[2009.12.01 17:18:12 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\L4dOgerLauncher
[2009.11.10 18:26:25 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\Macromedia
[2010.02.09 22:37:41 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\MAGIX
[2010.10.20 18:46:53 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\Malwarebytes
[2009.07.14 20:18:19 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\Media Center Programs
[2010.08.14 15:04:10 | 000,000,000 | --SD | M] -- C:\Users\Michael\AppData\Roaming\Microsoft
[2010.01.18 17:14:04 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\Miranda
[2009.11.10 18:19:51 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\Mozilla
[2010.01.18 17:37:01 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\Nero
[2010.04.09 17:22:15 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\Nokia
[2010.04.14 23:33:21 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\org.bcdef.antenna.43FD862ECBF25EB623FC234EF1704635B78E3AB6.1
[2010.06.09 14:02:17 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\PC Suite
[2010.10.11 19:50:38 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\Roxio
[2009.12.01 21:47:14 | 000,000,000 | RH-D | M] -- C:\Users\Michael\AppData\Roaming\SecuROM
[2010.10.07 23:18:51 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\Skype
[2010.10.07 19:43:38 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\skypePM
[2010.01.07 23:21:09 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\Thunderbird
[2010.05.02 19:25:58 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\Ubisoft
[2010.10.27 19:28:20 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\vlc
[2010.10.24 23:15:18 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\VMware
[2009.11.24 16:11:36 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\WinRAR
 
< %APPDATA%\*.exe /s >
[2010.09.19 21:51:35 | 000,010,134 | R--- | M] () -- C:\Users\Michael\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
[2009.11.06 10:20:16 | 000,022,352 | ---- | M] (NOS Microsystems Ltd.) -- C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\uqihgmfi.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\chrome\content\getPlusPlus_Adobe_reg.exe
[2009.11.06 10:20:16 | 000,034,112 | ---- | M] (NOS Microsystems Ltd.) -- C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\uqihgmfi.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\chrome\content\getPlusPlus_Adobe_reg_bootstrap.exe
[2010.10.14 16:36:46 | 003,056,008 | ---- | M] (Ask) -- C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\uqihgmfi.default\extensions\toolbar@ask.com\chrome\temp\askToolbar.exe
 
< %SYSTEMDRIVE%\*.exe >
 
 
< MD5 for: AGP440.SYS  >
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysWow64\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysWow64\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
 
< MD5 for: IASTORV.SYS  >
[2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\SysWow64\DriverStore\FileRepository\iastorv.inf_amd64_neutral_18cccb83b34e1453\iaStorV.sys
[2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2009.07.14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysWow64\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvstor.sys
[2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
 
< MD5 for: USER32.DLL  >
[2009.07.14 03:41:56 | 001,008,640 | ---- | M] (Microsoft Corporation) MD5=72D7B3EA16946E8F0CF7458150031CC6 -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll
[2009.07.14 03:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\SysWOW64\user32.dll
[2009.07.14 03:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\SysWOW64\user32.dll
[2009.07.14 03:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
 
< MD5 for: WININIT.EXE  >
[2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe
 
< MD5 for: WINLOGON.EXE  >
[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.10.28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >

< End of report >
--- --- ---

========== Processes (SafeList) ==========

PRC - C:\Users\Michael\Desktop\OTL(2).exe (OldTimer Tools)
PRC - C:\Programme\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe (Spigot, Inc.)
PRC - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
PRC - C:\Windows\SysWOW64\vmnetdhcp.exe (VMware, Inc.)
PRC - D:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe (VMware, Inc.)
PRC - C:\Windows\SysWOW64\vmnat.exe (VMware, Inc.)


========== Modules (SafeList) ==========

MOD - C:\Users\Michael\Desktop\OTL(2).exe (OldTimer Tools)
MOD - C:\Windows\SysWOW64\normaliz.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation)


========== Win32 Services (SafeList) ==========

SRV:64bit: - (VMware NAT Service) -- C:\Windows\SysNative\vmnat.exe File not found
SRV:64bit: - (VMnetDHCP) -- C:\Windows\SysNative\vmnetdhcp.exe File not found
SRV:64bit: - (avast! Web Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV:64bit: - (avast! Mail Scanner) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV:64bit: - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (ServiceLayer) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (Application Updater) -- C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe (Spigot, Inc.)
SRV - (Nero BackItUp Scheduler 4.0) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (VMnetDHCP) -- C:\Windows\SysWOW64\vmnetdhcp.exe (VMware, Inc.)
SRV - (VMAuthdService) -- D:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe (VMware, Inc.)
SRV - (VMware NAT Service) -- C:\Windows\SysWOW64\vmnat.exe (VMware, Inc.)


========== Driver Services (SafeList) ==========

DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions)
DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys ()
DRV:64bit: - (nmwcdx64) -- C:\Windows\SysNative\drivers\ccdcmbx64.sys (Nokia)
DRV:64bit: - (UsbserFilt) -- C:\Windows\SysNative\drivers\usbser_lowerfltx64j.sys (Nokia)
DRV:64bit: - (nmwcdcx64) -- C:\Windows\SysNative\drivers\ccdcmbox64.sys (Nokia)
DRV:64bit: - (upperdev) -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys (Nokia)
DRV:64bit: - (ggsemc) -- C:\Windows\SysNative\drivers\ggsemc.sys (Sony Ericsson Mobile Communications)
DRV:64bit: - (ggflt) -- C:\Windows\SysNative\drivers\ggflt.sys (Sony Ericsson Mobile Communications)
DRV:64bit: - (tbhsd) -- C:\Windows\SysNative\drivers\tbhsd.sys (RapidSolution Software AG)
DRV:64bit: - (RRNetCapMP) -- C:\Windows\SysNative\drivers\rrnetcap.sys (RapidSolution Software AG)
DRV:64bit: - (RRNetCap) -- C:\Windows\SysNative\drivers\rrnetcap.sys (RapidSolution Software AG)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (usbser) -- C:\Windows\SysNative\drivers\usbser.sys (Microsoft Corporation)
DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof ()
DRV:64bit: - (NVENETFD) -- C:\Windows\SysNative\drivers\nvm62x64.sys (NVIDIA Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (vmx86) -- C:\Windows\SysNative\drivers\vmx86.sys (VMware, Inc.)
DRV:64bit: - (vmci) -- C:\Windows\SysNative\drivers\vmci.sys (VMware, Inc.)
DRV:64bit: - (VMnetuserif) -- C:\Windows\SysNative\drivers\vmnetuserif.sys (VMware, Inc.)
DRV:64bit: - (hcmon) -- C:\Windows\SysNative\drivers\hcmon.sys (VMware, Inc.)
DRV:64bit: - (vmkbd) -- C:\Windows\SysNative\drivers\VMkbd.sys (VMware, Inc.)
DRV:64bit: - (VMnetBridge) -- C:\Windows\SysNative\drivers\vmnetbridge.sys (VMware, Inc.)
DRV:64bit: - (VMnetAdapter) -- C:\Windows\SysNative\drivers\vmnetadapter.sys (VMware, Inc.)
DRV:64bit: - (pccsmcfd) -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys (Nokia)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = ICQ.com Suche
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN, Messenger und Hotmail sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = D0 B5 79 D3 AA E7 CA 01 [binary data]
IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files (x86)\Search Settings\SearchSettings.dll (Spigot, Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "AutoConfigURL" = file://C:/Users/Michael/Music/Temp/Tunebite/.downloading/profile/rrproxy_ie_4afae4f0.pac

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=867034"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://de.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:de:official"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.2
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1
FF - prefs.js..extensions.enabledItems: 6
FF - prefs.js..extensions.enabledItems: 2
FF - prefs.js..extensions.enabledItems: 49
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8
FF - prefs.js..extensions.enabledItems: {888d99e7-e8b5-46a3-851e-1ec45da1e644}:4.0.0
FF - prefs.js..extensions.enabledItems: smarterwiki@wikiatic.com:4.1.7
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:2.7.2.0
FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.9.1.14019
FF - prefs.js..extensions.enabledItems: foxyMeter@tim-wood.net:0.5.0
FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:1.1.10
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=2.0.0.3&q="
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "chrome://browser-region/locale/region.properties"


FF - HKLM\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2010.04.08 23:42:42 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.11\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.10.20 22:59:55 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.11\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.10.20 22:59:55 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.5\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2010.10.22 15:53:54 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.5\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2010.07.06 17:32:36 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2010.04.08 23:42:42 | 000,000,000 | ---D | M]

[2010.01.07 23:21:10 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\mozilla\Extensions
[2010.01.07 23:21:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Michael\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2010.10.26 22:27:39 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\mozilla\Firefox\Profiles\uqihgmfi.default\extensions
[2010.05.23 19:11:50 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Michael\AppData\Roaming\mozilla\Firefox\Profiles\uqihgmfi.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010.08.25 22:27:17 | 000,000,000 | ---D | M] (DVDVideoSoftTB Toolbar) -- C:\Users\Michael\AppData\Roaming\mozilla\Firefox\Profiles\uqihgmfi.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2010.08.05 00:14:34 | 000,000,000 | ---D | M] (ReloadEvery) -- C:\Users\Michael\AppData\Roaming\mozilla\Firefox\Profiles\uqihgmfi.default\extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}
[2010.08.25 22:22:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Michael\AppData\Roaming\mozilla\Firefox\Profiles\uqihgmfi.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2010.08.05 00:14:35 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Michael\AppData\Roaming\mozilla\Firefox\Profiles\uqihgmfi.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010.08.18 22:32:32 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Michael\AppData\Roaming\mozilla\Firefox\Profiles\uqihgmfi.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010.09.26 19:55:49 | 000,000,000 | ---D | M] (DownThemAll!) -- C:\Users\Michael\AppData\Roaming\mozilla\Firefox\Profiles\uqihgmfi.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
[2009.11.25 16:07:43 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus(R))) -- C:\Users\Michael\AppData\Roaming\mozilla\Firefox\Profiles\uqihgmfi.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2010.09.24 18:33:33 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\mozilla\Firefox\Profiles\uqihgmfi.default\extensions\foxyMeter@tim-wood.net
[2010.09.25 16:45:41 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\mozilla\Firefox\Profiles\uqihgmfi.default\extensions\smarterwiki@wikiatic.com
[2010.10.15 17:22:17 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\mozilla\Firefox\Profiles\uqihgmfi.default\extensions\toolbar@ask.com
[2010.10.24 18:02:17 | 000,000,950 | ---- | M] () -- C:\Users\Michael\AppData\Roaming\Mozilla\FireFox\Profiles\uqihgmfi.default\searchplugins\icqplugin-1.xml
[2010.07.28 11:36:49 | 000,000,950 | ---- | M] () -- C:\Users\Michael\AppData\Roaming\Mozilla\FireFox\Profiles\uqihgmfi.default\searchplugins\icqplugin-2.xml
[2010.06.28 23:10:17 | 000,000,947 | ---- | M] () -- C:\Users\Michael\AppData\Roaming\Mozilla\FireFox\Profiles\uqihgmfi.default\searchplugins\icqplugin.xml
[2010.10.26 21:00:28 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions
[2010.10.01 14:12:34 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010.10.01 14:12:28 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2009.12.21 07:47:02 | 000,063,488 | ---- | M] (Nullsoft) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2010.07.28 00:06:18 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.07.28 00:06:18 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2010.07.28 00:06:18 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.07.28 00:06:18 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.07.28 00:06:18 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml

O1 HOSTS File: ([2010.10.27 14:23:44 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O2 - BHO: (SearchSettings Class) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files (x86)\Search Settings\SearchSettings.dll (Spigot, Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NapsterShell] C:\Program Files (x86)\Napster\napster.exe (Napster)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Michael\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm ()
O8:64bit: - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Michael\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O8 - Extra context menu item: Free YouTube Download - C:\Users\Michael\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Michael\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O9 - Extra Button: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files (x86)\ICQ7.1\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files (x86)\ICQ7.1\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll (Safer Networking Limited)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000011 - D:\Program Files (x86)\VMware\VMware Workstation\vsocklib.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000012 - D:\Program Files (x86)\VMware\VMware Workstation\vsocklib.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - D:\Program Files (x86)\VMware\VMware Workstation\vsocklib.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - D:\Program Files (x86)\VMware\VMware Workstation\vsocklib.dll File not found
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_04-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010.10.27 19:27:05 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Michael\Desktop\OTL(2).exe
[2010.10.27 14:16:27 | 000,000,000 | ---D | C] -- C:\_OTL
[2010.10.26 22:01:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2010.10.26 22:01:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2010.10.26 18:38:29 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2010.10.23 16:14:59 | 000,000,000 | ---D | C] -- C:\Users\Michael\Desktop\Neuer Ordner (8)
[2010.10.22 14:33:53 | 000,000,000 | ---D | C] -- C:\Users\Michael\Desktop\Neuer Ordner (6)
[2010.10.21 20:31:33 | 000,000,000 | ---D | C] -- C:\Users\Michael\Desktop\rock neu
[2010.10.20 18:46:53 | 000,000,000 | ---D | C] -- C:\Users\Michael\AppData\Roaming\Malwarebytes
[2010.10.20 18:46:29 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010.10.20 18:46:27 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010.10.20 18:46:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.10.20 18:46:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010.10.08 12:58:00 | 000,155,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\LMRT.dll
[2010.10.08 12:58:00 | 000,140,800 | ---- | C] (The Duck Corporation) -- C:\Windows\SysWow64\tm20dec.ax
[2010.10.08 12:58:00 | 000,038,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\LMRTREND.dll
[2010.10.08 12:57:59 | 000,217,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\strmdll.dll
[2010.10.08 12:57:59 | 000,182,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxtmsft3.dll
[2010.10.08 12:57:59 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\unam4ie.exe
[2010.10.08 12:57:58 | 001,088,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\danim.dll
[2010.10.08 12:57:58 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mciqtz.drv
[2010.10.08 12:57:57 | 000,194,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qcut.dll
[2010.10.08 12:57:57 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\w95inf32.dll
[2010.10.08 12:57:57 | 000,002,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\w95inf16.dll
[2010.10.08 12:33:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LEGO Media
[2010.10.08 12:33:35 | 000,328,704 | ---- | C] (InstallShield Software Corporation ) -- C:\Windows\IsUn0407.exe
[2010.10.08 09:48:48 | 000,000,000 | ---D | C] -- C:\Users\Michael\AppData\Local\AOL
[2010.10.07 23:06:54 | 000,000,000 | ---D | C] -- C:\Programme\Defraggler
[2010.10.07 23:06:35 | 004,236,112 | ---- | C] (Piriform Ltd) -- C:\Users\Michael\Desktop\dfsetup121.exe
[2010.10.06 20:16:45 | 000,000,000 | ---D | C] -- C:\Users\Michael\Desktop\Neuer Ordner (10)
[2010.10.06 20:04:52 | 000,000,000 | ---D | C] -- C:\Users\Michael\AppData\Local\DVDVideoSoft_Ltd
[2010.10.06 19:18:27 | 000,000,000 | ---D | C] -- C:\Users\Michael\Documents\Freemake
[2010.10.06 19:18:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Freemake
[2010.10.06 19:18:11 | 000,000,000 | ---D | C] -- C:\Users\Michael\AppData\Roaming\DVDVideoSoft
[2010.10.06 19:12:25 | 000,000,000 | ---D | C] -- C:\Users\Michael\AppData\Roaming\AVS4YOU
[2010.10.06 19:11:40 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3a.dll
[2010.10.06 19:11:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AVSMedia
[2010.10.06 19:11:40 | 000,000,000 | ---D | C] -- C:\ProgramData\AVS4YOU
[2010.10.05 19:35:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Trymedia
[2010.10.05 18:54:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JDownloader
[2010.10.05 15:42:12 | 000,000,000 | ---D | C] -- C:\Users\Michael\Desktop\house
[2010.10.05 15:42:05 | 000,000,000 | ---D | C] -- C:\Users\Michael\Desktop\oldies
[2010.10.05 15:37:44 | 000,000,000 | ---D | C] -- C:\Users\Michael\Desktop\rock
[2010.10.04 19:50:13 | 000,000,000 | R--D | C] -- C:\Users\Michael\Documents\Notes
[2010.10.01 16:38:38 | 000,000,000 | ---D | C] -- C:\Users\Michael\Desktop\java
[2010.10.01 15:38:55 | 000,000,000 | ---D | C] -- C:\Users\Michael\.nbprofiler
[2010.10.01 15:38:54 | 000,000,000 | ---D | C] -- C:\Users\Michael\.netbeans
[2010.10.01 15:38:53 | 000,000,000 | ---D | C] -- C:\Users\Michael\AppData\Roaming\.visualvm
[2010.10.01 15:26:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JavaFX
[2010.10.01 15:15:58 | 000,000,000 | ---D | C] -- C:\Users\Michael\Desktop\hamster
[2010.10.01 14:55:41 | 000,000,000 | ---D | C] -- C:\Programme\hamstersimulator-v28-01
[2010.09.30 15:36:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Sonic Shared
[2010.09.30 15:36:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Roxio Shared
[2010.09.30 15:36:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Napster Shared
[2010.09.30 15:36:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Napster
[2010.09.30 15:35:54 | 000,000,000 | ---D | C] -- C:\Users\Michael\AppData\Roaming\InstallShield
[2010.09.29 22:23:00 | 000,000,000 | ---D | C] -- C:\Users\Michael\Desktop\Neuer Ordner (9)
[2010.09.28 15:13:25 | 000,000,000 | ---D | C] -- C:\Users\Michael\AppData\Local\DOSBox
[2010.09.28 15:13:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DOSBox-0.74
[2010.09.28 15:02:38 | 000,000,000 | ---D | C] -- C:\MPS

========== Files - Modified Within 30 Days ==========

[2010.10.27 19:26:51 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Michael\Desktop\OTL(2).exe
[2010.10.27 14:30:03 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.10.27 14:30:03 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.10.27 14:24:55 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.10.27 14:24:50 | 3220,713,472 | -HS- | M] () -- C:\hiberfil.sys
[2010.10.27 14:23:44 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2010.10.26 22:06:28 | 000,423,309 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20101026-220659.backup
[2010.10.26 22:01:11 | 000,001,262 | ---- | M] () -- C:\Users\Michael\Desktop\Spybot - Search & Destroy.lnk
[2010.10.26 14:19:15 | 000,000,217 | ---- | M] () -- C:\Users\Michael\Desktop\ICQ Spiele.url
[2010.10.25 16:59:22 | 000,023,552 | ---- | M] () -- C:\Users\Michael\Desktop\house.doc
[2010.10.25 15:41:12 | 000,029,518 | ---- | M] () -- C:\Users\Michael\Desktop\jk.JPG
[2010.10.23 16:11:18 | 001,472,002 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010.10.23 16:11:18 | 000,643,628 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2010.10.23 16:11:18 | 000,606,992 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010.10.23 16:11:18 | 000,126,188 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2010.10.23 16:11:18 | 000,103,370 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010.10.20 18:46:32 | 000,001,013 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.10.19 23:45:45 | 000,025,088 | ---- | M] () -- C:\Users\Michael\Desktop\Microsoft Word-Dokument (neu) (3).doc
[2010.10.19 19:11:22 | 000,024,064 | ---- | M] () -- C:\Users\Michael\Desktop\Microsoft Word-Dokument (neu) (5).doc
[2010.10.19 16:59:26 | 000,024,064 | ---- | M] () -- C:\Users\Michael\Desktop\napster.doc
[2010.10.17 20:52:52 | 000,000,171 | ---- | M] () -- C:\Users\Michael\Desktop\file-231042330.flv
[2010.10.14 17:46:45 | 000,121,856 | ---- | M] () -- C:\Users\Michael\Documents\Dok2.doc
[2010.10.08 12:57:56 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\w95inf32.dll
[2010.10.08 12:57:56 | 000,002,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\w95inf16.dll
[2010.10.08 12:57:52 | 000,001,293 | ---- | M] () -- C:\Users\Public\Desktop\LEGO Racers.lnk
[2010.10.07 23:06:36 | 004,236,112 | ---- | M] (Piriform Ltd) -- C:\Users\Michael\Desktop\dfsetup121.exe
[2010.10.06 19:18:26 | 000,001,210 | ---- | M] () -- C:\Users\Public\Desktop\Freemake Video Converter.lnk
[2010.10.06 19:18:24 | 000,001,243 | ---- | M] () -- C:\Users\Michael\Desktop\DVDVideoSoft Free Studio.lnk
[2010.10.05 19:27:42 | 000,002,221 | ---- | M] () -- C:\Users\Public\Desktop\Need For Speed World.lnk
[2010.10.05 18:54:50 | 000,001,025 | ---- | M] () -- C:\Users\Public\Desktop\JDownloader.lnk
[2010.10.01 14:12:28 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2010.10.01 14:12:28 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2010.10.01 14:12:28 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2010.10.01 14:12:28 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2010.09.30 15:37:03 | 000,001,885 | ---- | M] () -- C:\Users\Public\Desktop\Napster.lnk
[2010.09.28 15:13:06 | 000,001,922 | ---- | M] () -- C:\Users\Public\Desktop\DOSBox 0.74.lnk

========== Files Created - No Company Name ==========

[2010.10.26 22:01:11 | 000,001,262 | ---- | C] () -- C:\Users\Michael\Desktop\Spybot - Search & Destroy.lnk
[2010.10.26 14:19:15 | 000,000,217 | ---- | C] () -- C:\Users\Michael\Desktop\ICQ Spiele.url
[2010.10.25 15:41:10 | 000,029,518 | ---- | C] () -- C:\Users\Michael\Desktop\jk.JPG
[2010.10.22 14:12:12 | 000,229,376 | ---- | C] () -- C:\Users\Michael\Desktop\SMS Ton - Schrei.mp3
[2010.10.20 18:46:32 | 000,001,013 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.10.19 19:11:11 | 000,024,064 | ---- | C] () -- C:\Users\Michael\Desktop\Microsoft Word-Dokument (neu) (5).doc
[2010.10.17 23:17:26 | 004,814,976 | ---- | C] () -- C:\Users\Michael\Desktop\PETERLICHT - SONNENDECK [RADIO-FASSUNG (EKIMAS PROPPE REMIX].MP3
[2010.10.17 20:52:50 | 000,000,171 | ---- | C] () -- C:\Users\Michael\Desktop\file-231042330.flv
[2010.10.14 17:46:45 | 000,121,856 | ---- | C] () -- C:\Users\Michael\Documents\Dok2.doc
[2010.10.14 16:53:48 | 000,024,064 | ---- | C] () -- C:\Users\Michael\Desktop\napster.doc
[2010.10.08 12:57:58 | 000,010,240 | ---- | C] () -- C:\Windows\SysWow64\vidx16.dll
[2010.10.08 12:57:58 | 000,005,672 | ---- | C] () -- C:\Windows\SysWow64\quartz.vxd
[2010.10.08 12:33:46 | 000,001,293 | ---- | C] () -- C:\Users\Public\Desktop\LEGO Racers.lnk
[2010.10.06 19:18:26 | 000,001,210 | ---- | C] () -- C:\Users\Public\Desktop\Freemake Video Converter.lnk
[2010.10.05 19:27:42 | 000,002,221 | ---- | C] () -- C:\Users\Public\Desktop\Need For Speed World.lnk
[2010.10.05 18:54:50 | 000,001,025 | ---- | C] () -- C:\Users\Public\Desktop\JDownloader.lnk
[2010.09.30 15:37:03 | 000,001,885 | ---- | C] () -- C:\Users\Public\Desktop\Napster.lnk
[2010.09.28 15:13:06 | 000,001,922 | ---- | C] () -- C:\Users\Public\Desktop\DOSBox 0.74.lnk
[2010.09.02 19:45:41 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\CmdLineExt03.dll
[2010.04.11 20:29:21 | 000,006,656 | ---- | C] () -- C:\Users\Michael\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.03.17 16:42:12 | 001,499,556 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.02.16 17:15:54 | 000,000,048 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.02.09 22:37:18 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\mgxasio2.dll
[2010.02.09 22:36:24 | 000,120,200 | ---- | C] () -- C:\Windows\SysWow64\DLLDEV32i.dll
[2010.01.10 18:30:47 | 000,290,904 | R--- | C] () -- C:\Windows\SysWow64\vc6-re200l.dll
[2009.12.07 17:05:05 | 000,007,598 | ---- | C] () -- C:\Users\Michael\AppData\Local\Resmon.ResmonCfg
[2009.11.25 13:40:50 | 000,085,504 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2009.11.17 14:58:09 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2009.08.07 20:51:34 | 000,178,430 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

========== Custom Scans ==========


< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2010.10.01 15:38:53 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\.visualvm
[2010.08.06 10:34:54 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\Adobe
[2010.10.06 19:12:25 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\AVS4YOU
[2009.12.01 21:56:06 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\Bioshock
[2010.10.14 19:56:46 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\BitTorrent
[2009.11.18 15:07:56 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\Canneverbe_Limited
[2010.04.22 15:08:51 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\com.adobe.ExMan
[2010.04.20 12:56:59 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\DAEMON Tools Lite
[2010.03.12 21:47:34 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\Dexpot
[2010.07.12 23:02:50 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\DivX
[2010.10.27 18:03:32 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\dvdcss
[2010.10.06 20:04:07 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\DVDVideoSoft
[2010.10.06 19:18:28 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\DVDVideoSoftIEHelpers
[2010.09.13 14:24:09 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\FileZilla
[2010.02.16 15:42:55 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\Foxit
[2009.11.20 20:52:44 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\FreeFLVConverter
[2010.04.22 17:05:34 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\gtk-2.0
[2010.10.27 19:28:26 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\ICQ
[2009.11.10 18:10:05 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\Identities
[2010.01.07 18:31:59 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\ImgBurn
[2010.09.30 15:35:54 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\InstallShield
[2009.12.01 17:18:12 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\L4dOgerLauncher
[2009.11.10 18:26:25 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\Macromedia
[2010.02.09 22:37:41 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\MAGIX
[2010.10.20 18:46:53 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\Malwarebytes
[2009.07.14 20:18:19 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\Media Center Programs
[2010.08.14 15:04:10 | 000,000,000 | --SD | M] -- C:\Users\Michael\AppData\Roaming\Microsoft
[2010.01.18 17:14:04 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\Miranda
[2009.11.10 18:19:51 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\Mozilla
[2010.01.18 17:37:01 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\Nero
[2010.04.09 17:22:15 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\Nokia
[2010.04.14 23:33:21 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\org.bcdef.antenna.43FD862ECBF25EB623FC234EF1704635B78E3AB6.1
[2010.06.09 14:02:17 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\PC Suite
[2010.10.11 19:50:38 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\Roxio
[2009.12.01 21:47:14 | 000,000,000 | RH-D | M] -- C:\Users\Michael\AppData\Roaming\SecuROM
[2010.10.07 23:18:51 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\Skype
[2010.10.07 19:43:38 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\skypePM
[2010.01.07 23:21:09 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\Thunderbird
[2010.05.02 19:25:58 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\Ubisoft
[2010.10.27 19:28:20 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\vlc
[2010.10.24 23:15:18 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\VMware
[2009.11.24 16:11:36 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\WinRAR

< %APPDATA%\*.exe /s >
[2010.09.19 21:51:35 | 000,010,134 | R--- | M] () -- C:\Users\Michael\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
[2009.11.06 10:20:16 | 000,022,352 | ---- | M] (NOS Microsystems Ltd.) -- C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\uqihgmfi.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\chrome\content\getPlusPlus_Adobe_reg.exe
[2009.11.06 10:20:16 | 000,034,112 | ---- | M] (NOS Microsystems Ltd.) -- C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\uqihgmfi.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\chrome\content\getPlusPlus_Adobe_reg_bootstrap.exe
[2010.10.14 16:36:46 | 003,056,008 | ---- | M] (Ask) -- C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\uqihgmfi.default\extensions\toolbar@ask.com\chrome\temp\askToolbar.exe

< %SYSTEMDRIVE%\*.exe >


< MD5 for: AGP440.SYS >
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysWow64\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysWow64\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys

< MD5 for: CNGAUDIT.DLL >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

< MD5 for: IASTORV.SYS >
[2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\SysWow64\DriverStore\FileRepository\iastorv.inf_amd64_neutral_18cccb83b34e1453\iaStorV.sys
[2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys

< MD5 for: NETLOGON.DLL >
[2009.07.14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll

< MD5 for: NVSTOR.SYS >
[2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysWow64\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvstor.sys
[2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys

< MD5 for: SCECLI.DLL >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll

< MD5 for: USER32.DLL >
[2009.07.14 03:41:56 | 001,008,640 | ---- | M] (Microsoft Corporation) MD5=72D7B3EA16946E8F0CF7458150031CC6 -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll
[2009.07.14 03:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\SysWOW64\user32.dll
[2009.07.14 03:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\SysWOW64\user32.dll
[2009.07.14 03:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll

< MD5 for: USERINIT.EXE >
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe

< MD5 for: WININIT.EXE >
[2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe

< MD5 for: WINLOGON.EXE >
[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.10.28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< MD5 for: WS2IFSL.SYS >
[2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< End of report >
FF - HKLM\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2010.04.08 23:42:42 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.11\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.10.20 22:59:55 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.11\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.10.20 22:59:55 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.5\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2010.10.22 15:53:54 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.5\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2010.07.06 17:32:36 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2010.04.08 23:42:42 | 000,000,000 | ---D | M]

[2010.01.07 23:21:10 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\mozilla\Extensions
[2010.01.07 23:21:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Michael\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2010.10.26 22:27:39 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\mozilla\Firefox\Profiles\uqihgmfi.default\extensions
[2010.05.23 19:11:50 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Michael\AppData\Roaming\mozilla\Firefox\Profiles\uqihgmfi.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010.08.25 22:27:17 | 000,000,000 | ---D | M] (DVDVideoSoftTB Toolbar) -- C:\Users\Michael\AppData\Roaming\mozilla\Firefox\Profiles\uqihgmfi.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2010.08.05 00:14:34 | 000,000,000 | ---D | M] (ReloadEvery) -- C:\Users\Michael\AppData\Roaming\mozilla\Firefox\Profiles\uqihgmfi.default\extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}
[2010.08.25 22:22:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Michael\AppData\Roaming\mozilla\Firefox\Profiles\uqihgmfi.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2010.08.05 00:14:35 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Michael\AppData\Roaming\mozilla\Firefox\Profiles\uqihgmfi.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010.08.18 22:32:32 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Michael\AppData\Roaming\mozilla\Firefox\Profiles\uqihgmfi.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010.09.26 19:55:49 | 000,000,000 | ---D | M] (DownThemAll!) -- C:\Users\Michael\AppData\Roaming\mozilla\Firefox\Profiles\uqihgmfi.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
[2009.11.25 16:07:43 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus(R))) -- C:\Users\Michael\AppData\Roaming\mozilla\Firefox\Profiles\uqihgmfi.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2010.09.24 18:33:33 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\mozilla\Firefox\Profiles\uqihgmfi.default\extensions\foxyMeter@tim-wood.net
[2010.09.25 16:45:41 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\mozilla\Firefox\Profiles\uqihgmfi.default\extensions\smarterwiki@wikiatic.com
[2010.10.15 17:22:17 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\mozilla\Firefox\Profiles\uqihgmfi.default\extensions\toolbar@ask.com
[2010.10.24 18:02:17 | 000,000,950 | ---- | M] () -- C:\Users\Michael\AppData\Roaming\Mozilla\FireFox\Profiles\uqihgmfi.default\searchplugins\icqplugin-1.xml
[2010.07.28 11:36:49 | 000,000,950 | ---- | M] () -- C:\Users\Michael\AppData\Roaming\Mozilla\FireFox\Profiles\uqihgmfi.default\searchplugins\icqplugin-2.xml
[2010.06.28 23:10:17 | 000,000,947 | ---- | M] () -- C:\Users\Michael\AppData\Roaming\Mozilla\FireFox\Profiles\uqihgmfi.default\searchplugins\icqplugin.xml
[2010.10.26 21:00:28 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions
[2010.10.01 14:12:34 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010.10.01 14:12:28 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2009.12.21 07:47:02 | 000,063,488 | ---- | M] (Nullsoft) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2010.07.28 00:06:18 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.07.28 00:06:18 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2010.07.28 00:06:18 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.07.28 00:06:18 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.07.28 00:06:18 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml

O1 HOSTS File: ([2010.10.27 14:23:44 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O2 - BHO: (SearchSettings Class) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files (x86)\Search Settings\SearchSettings.dll (Spigot, Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NapsterShell] C:\Program Files (x86)\Napster\napster.exe (Napster)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Michael\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm ()
O8:64bit: - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Michael\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O8 - Extra context menu item: Free YouTube Download - C:\Users\Michael\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Michael\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O9 - Extra Button: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files (x86)\ICQ7.1\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files (x86)\ICQ7.1\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll (Safer Networking Limited)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000011 - D:\Program Files (x86)\VMware\VMware Workstation\vsocklib.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000012 - D:\Program Files (x86)\VMware\VMware Workstation\vsocklib.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - D:\Program Files (x86)\VMware\VMware Workstation\vsocklib.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - D:\Program Files (x86)\VMware\VMware Workstation\vsocklib.dll File not found
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_04-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2010.10.27 19:27:05 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Michael\Desktop\OTL(2).exe
[2010.10.27 14:16:27 | 000,000,000 | ---D | C] -- C:\_OTL
[2010.10.26 22:01:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2010.10.26 22:01:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2010.10.26 18:38:29 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2010.10.23 16:14:59 | 000,000,000 | ---D | C] -- C:\Users\Michael\Desktop\Neuer Ordner (8)
[2010.10.22 14:33:53 | 000,000,000 | ---D | C] -- C:\Users\Michael\Desktop\Neuer Ordner (6)
[2010.10.21 20:31:33 | 000,000,000 | ---D | C] -- C:\Users\Michael\Desktop\rock neu
[2010.10.20 18:46:53 | 000,000,000 | ---D | C] -- C:\Users\Michael\AppData\Roaming\Malwarebytes
[2010.10.20 18:46:29 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010.10.20 18:46:27 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010.10.20 18:46:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.10.20 18:46:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010.10.08 12:58:00 | 000,155,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\LMRT.dll
[2010.10.08 12:58:00 | 000,140,800 | ---- | C] (The Duck Corporation) -- C:\Windows\SysWow64\tm20dec.ax
[2010.10.08 12:58:00 | 000,038,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\LMRTREND.dll
[2010.10.08 12:57:59 | 000,217,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\strmdll.dll
[2010.10.08 12:57:59 | 000,182,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dxtmsft3.dll
[2010.10.08 12:57:59 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\unam4ie.exe
[2010.10.08 12:57:58 | 001,088,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\danim.dll
[2010.10.08 12:57:58 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mciqtz.drv
[2010.10.08 12:57:57 | 000,194,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qcut.dll
[2010.10.08 12:57:57 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\w95inf32.dll
[2010.10.08 12:57:57 | 000,002,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\w95inf16.dll
[2010.10.08 12:33:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LEGO Media
[2010.10.08 12:33:35 | 000,328,704 | ---- | C] (InstallShield Software Corporation ) -- C:\Windows\IsUn0407.exe
[2010.10.08 09:48:48 | 000,000,000 | ---D | C] -- C:\Users\Michael\AppData\Local\AOL
[2010.10.07 23:06:54 | 000,000,000 | ---D | C] -- C:\Programme\Defraggler
[2010.10.07 23:06:35 | 004,236,112 | ---- | C] (Piriform Ltd) -- C:\Users\Michael\Desktop\dfsetup121.exe
[2010.10.06 20:16:45 | 000,000,000 | ---D | C] -- C:\Users\Michael\Desktop\Neuer Ordner (10)
[2010.10.06 20:04:52 | 000,000,000 | ---D | C] -- C:\Users\Michael\AppData\Local\DVDVideoSoft_Ltd
[2010.10.06 19:18:27 | 000,000,000 | ---D | C] -- C:\Users\Michael\Documents\Freemake
[2010.10.06 19:18:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Freemake
[2010.10.06 19:18:11 | 000,000,000 | ---D | C] -- C:\Users\Michael\AppData\Roaming\DVDVideoSoft
[2010.10.06 19:12:25 | 000,000,000 | ---D | C] -- C:\Users\Michael\AppData\Roaming\AVS4YOU
[2010.10.06 19:11:40 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3a.dll
[2010.10.06 19:11:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AVSMedia
[2010.10.06 19:11:40 | 000,000,000 | ---D | C] -- C:\ProgramData\AVS4YOU
[2010.10.05 19:35:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Trymedia
[2010.10.05 18:54:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JDownloader
[2010.10.05 15:42:12 | 000,000,000 | ---D | C] -- C:\Users\Michael\Desktop\house
[2010.10.05 15:42:05 | 000,000,000 | ---D | C] -- C:\Users\Michael\Desktop\oldies
[2010.10.05 15:37:44 | 000,000,000 | ---D | C] -- C:\Users\Michael\Desktop\rock
[2010.10.04 19:50:13 | 000,000,000 | R--D | C] -- C:\Users\Michael\Documents\Notes
[2010.10.01 16:38:38 | 000,000,000 | ---D | C] -- C:\Users\Michael\Desktop\java
[2010.10.01 15:38:55 | 000,000,000 | ---D | C] -- C:\Users\Michael\.nbprofiler
[2010.10.01 15:38:54 | 000,000,000 | ---D | C] -- C:\Users\Michael\.netbeans
[2010.10.01 15:38:53 | 000,000,000 | ---D | C] -- C:\Users\Michael\AppData\Roaming\.visualvm
[2010.10.01 15:26:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JavaFX
[2010.10.01 15:15:58 | 000,000,000 | ---D | C] -- C:\Users\Michael\Desktop\hamster
[2010.10.01 14:55:41 | 000,000,000 | ---D | C] -- C:\Programme\hamstersimulator-v28-01
[2010.09.30 15:36:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Sonic Shared
[2010.09.30 15:36:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Roxio Shared
[2010.09.30 15:36:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Napster Shared
[2010.09.30 15:36:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Napster
[2010.09.30 15:35:54 | 000,000,000 | ---D | C] -- C:\Users\Michael\AppData\Roaming\InstallShield
[2010.09.29 22:23:00 | 000,000,000 | ---D | C] -- C:\Users\Michael\Desktop\Neuer Ordner (9)
[2010.09.28 15:13:25 | 000,000,000 | ---D | C] -- C:\Users\Michael\AppData\Local\DOSBox
[2010.09.28 15:13:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DOSBox-0.74
[2010.09.28 15:02:38 | 000,000,000 | ---D | C] -- C:\MPS

========== Files - Modified Within 30 Days ==========

[2010.10.27 19:26:51 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Michael\Desktop\OTL(2).exe
[2010.10.27 14:30:03 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.10.27 14:30:03 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.10.27 14:24:55 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.10.27 14:24:50 | 3220,713,472 | -HS- | M] () -- C:\hiberfil.sys
[2010.10.27 14:23:44 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2010.10.26 22:06:28 | 000,423,309 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.20101026-220659.backup
[2010.10.26 22:01:11 | 000,001,262 | ---- | M] () -- C:\Users\Michael\Desktop\Spybot - Search & Destroy.lnk
[2010.10.26 14:19:15 | 000,000,217 | ---- | M] () -- C:\Users\Michael\Desktop\ICQ Spiele.url
[2010.10.25 16:59:22 | 000,023,552 | ---- | M] () -- C:\Users\Michael\Desktop\house.doc
[2010.10.25 15:41:12 | 000,029,518 | ---- | M] () -- C:\Users\Michael\Desktop\jk.JPG
[2010.10.23 16:11:18 | 001,472,002 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010.10.23 16:11:18 | 000,643,628 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2010.10.23 16:11:18 | 000,606,992 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010.10.23 16:11:18 | 000,126,188 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2010.10.23 16:11:18 | 000,103,370 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010.10.20 18:46:32 | 000,001,013 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.10.19 23:45:45 | 000,025,088 | ---- | M] () -- C:\Users\Michael\Desktop\Microsoft Word-Dokument (neu) (3).doc
[2010.10.19 19:11:22 | 000,024,064 | ---- | M] () -- C:\Users\Michael\Desktop\Microsoft Word-Dokument (neu) (5).doc
[2010.10.19 16:59:26 | 000,024,064 | ---- | M] () -- C:\Users\Michael\Desktop\napster.doc
[2010.10.17 20:52:52 | 000,000,171 | ---- | M] () -- C:\Users\Michael\Desktop\file-231042330.flv
[2010.10.14 17:46:45 | 000,121,856 | ---- | M] () -- C:\Users\Michael\Documents\Dok2.doc
[2010.10.08 12:57:56 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\w95inf32.dll
[2010.10.08 12:57:56 | 000,002,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\w95inf16.dll
[2010.10.08 12:57:52 | 000,001,293 | ---- | M] () -- C:\Users\Public\Desktop\LEGO Racers.lnk
[2010.10.07 23:06:36 | 004,236,112 | ---- | M] (Piriform Ltd) -- C:\Users\Michael\Desktop\dfsetup121.exe
[2010.10.06 19:18:26 | 000,001,210 | ---- | M] () -- C:\Users\Public\Desktop\Freemake Video Converter.lnk
[2010.10.06 19:18:24 | 000,001,243 | ---- | M] () -- C:\Users\Michael\Desktop\DVDVideoSoft Free Studio.lnk
[2010.10.05 19:27:42 | 000,002,221 | ---- | M] () -- C:\Users\Public\Desktop\Need For Speed World.lnk
[2010.10.05 18:54:50 | 000,001,025 | ---- | M] () -- C:\Users\Public\Desktop\JDownloader.lnk
[2010.10.01 14:12:28 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2010.10.01 14:12:28 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2010.10.01 14:12:28 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2010.10.01 14:12:28 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2010.09.30 15:37:03 | 000,001,885 | ---- | M] () -- C:\Users\Public\Desktop\Napster.lnk
[2010.09.28 15:13:06 | 000,001,922 | ---- | M] () -- C:\Users\Public\Desktop\DOSBox 0.74.lnk

========== Files Created - No Company Name ==========

[2010.10.26 22:01:11 | 000,001,262 | ---- | C] () -- C:\Users\Michael\Desktop\Spybot - Search & Destroy.lnk
[2010.10.26 14:19:15 | 000,000,217 | ---- | C] () -- C:\Users\Michael\Desktop\ICQ Spiele.url
[2010.10.25 15:41:10 | 000,029,518 | ---- | C] () -- C:\Users\Michael\Desktop\jk.JPG
[2010.10.22 14:12:12 | 000,229,376 | ---- | C] () -- C:\Users\Michael\Desktop\SMS Ton - Schrei.mp3
[2010.10.20 18:46:32 | 000,001,013 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.10.19 19:11:11 | 000,024,064 | ---- | C] () -- C:\Users\Michael\Desktop\Microsoft Word-Dokument (neu) (5).doc
[2010.10.17 23:17:26 | 004,814,976 | ---- | C] () -- C:\Users\Michael\Desktop\PETERLICHT - SONNENDECK [RADIO-FASSUNG (EKIMAS PROPPE REMIX].MP3
[2010.10.17 20:52:50 | 000,000,171 | ---- | C] () -- C:\Users\Michael\Desktop\file-231042330.flv
[2010.10.14 17:46:45 | 000,121,856 | ---- | C] () -- C:\Users\Michael\Documents\Dok2.doc
[2010.10.14 16:53:48 | 000,024,064 | ---- | C] () -- C:\Users\Michael\Desktop\napster.doc
[2010.10.08 12:57:58 | 000,010,240 | ---- | C] () -- C:\Windows\SysWow64\vidx16.dll
[2010.10.08 12:57:58 | 000,005,672 | ---- | C] () -- C:\Windows\SysWow64\quartz.vxd
[2010.10.08 12:33:46 | 000,001,293 | ---- | C] () -- C:\Users\Public\Desktop\LEGO Racers.lnk
[2010.10.06 19:18:26 | 000,001,210 | ---- | C] () -- C:\Users\Public\Desktop\Freemake Video Converter.lnk
[2010.10.05 19:27:42 | 000,002,221 | ---- | C] () -- C:\Users\Public\Desktop\Need For Speed World.lnk
[2010.10.05 18:54:50 | 000,001,025 | ---- | C] () -- C:\Users\Public\Desktop\JDownloader.lnk
[2010.09.30 15:37:03 | 000,001,885 | ---- | C] () -- C:\Users\Public\Desktop\Napster.lnk
[2010.09.28 15:13:06 | 000,001,922 | ---- | C] () -- C:\Users\Public\Desktop\DOSBox 0.74.lnk
[2010.09.02 19:45:41 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\CmdLineExt03.dll
[2010.04.11 20:29:21 | 000,006,656 | ---- | C] () -- C:\Users\Michael\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.03.17 16:42:12 | 001,499,556 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.02.16 17:15:54 | 000,000,048 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.02.09 22:37:18 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\mgxasio2.dll
[2010.02.09 22:36:24 | 000,120,200 | ---- | C] () -- C:\Windows\SysWow64\DLLDEV32i.dll
[2010.01.10 18:30:47 | 000,290,904 | R--- | C] () -- C:\Windows\SysWow64\vc6-re200l.dll
[2009.12.07 17:05:05 | 000,007,598 | ---- | C] () -- C:\Users\Michael\AppData\Local\Resmon.ResmonCfg
[2009.11.25 13:40:50 | 000,085,504 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2009.11.17 14:58:09 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2009.08.07 20:51:34 | 000,178,430 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

========== Custom Scans ==========


< %ALLUSERSPROFILE%\Application Data\*. >

< %ALLUSERSPROFILE%\Application Data\*.exe /s >

< %APPDATA%\*. >
[2010.10.01 15:38:53 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\.visualvm
[2010.08.06 10:34:54 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\Adobe
[2010.10.06 19:12:25 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\AVS4YOU
[2009.12.01 21:56:06 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\Bioshock
[2010.10.14 19:56:46 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\BitTorrent
[2009.11.18 15:07:56 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\Canneverbe_Limited
[2010.04.22 15:08:51 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\com.adobe.ExMan
[2010.04.20 12:56:59 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\DAEMON Tools Lite
[2010.03.12 21:47:34 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\Dexpot
[2010.07.12 23:02:50 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\DivX
[2010.10.27 18:03:32 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\dvdcss
[2010.10.06 20:04:07 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\DVDVideoSoft
[2010.10.06 19:18:28 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\DVDVideoSoftIEHelpers
[2010.09.13 14:24:09 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\FileZilla
[2010.02.16 15:42:55 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\Foxit
[2009.11.20 20:52:44 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\FreeFLVConverter
[2010.04.22 17:05:34 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\gtk-2.0
[2010.10.27 19:28:26 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\ICQ
[2009.11.10 18:10:05 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\Identities
[2010.01.07 18:31:59 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\ImgBurn
[2010.09.30 15:35:54 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\InstallShield
[2009.12.01 17:18:12 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\L4dOgerLauncher
[2009.11.10 18:26:25 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\Macromedia
[2010.02.09 22:37:41 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\MAGIX
[2010.10.20 18:46:53 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\Malwarebytes
[2009.07.14 20:18:19 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\Media Center Programs
[2010.08.14 15:04:10 | 000,000,000 | --SD | M] -- C:\Users\Michael\AppData\Roaming\Microsoft
[2010.01.18 17:14:04 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\Miranda
[2009.11.10 18:19:51 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\Mozilla
[2010.01.18 17:37:01 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\Nero
[2010.04.09 17:22:15 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\Nokia
[2010.04.14 23:33:21 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\org.bcdef.antenna.43FD862ECBF25EB623FC234EF1704635B78E3AB6.1
[2010.06.09 14:02:17 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\PC Suite
[2010.10.11 19:50:38 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\Roxio
[2009.12.01 21:47:14 | 000,000,000 | RH-D | M] -- C:\Users\Michael\AppData\Roaming\SecuROM
[2010.10.07 23:18:51 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\Skype
[2010.10.07 19:43:38 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\skypePM
[2010.01.07 23:21:09 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\Thunderbird
[2010.05.02 19:25:58 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\Ubisoft
[2010.10.27 19:28:20 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\vlc
[2010.10.24 23:15:18 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\VMware
[2009.11.24 16:11:36 | 000,000,000 | ---D | M] -- C:\Users\Michael\AppData\Roaming\WinRAR

< %APPDATA%\*.exe /s >
[2010.09.19 21:51:35 | 000,010,134 | R--- | M] () -- C:\Users\Michael\AppData\Roaming\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe
[2009.11.06 10:20:16 | 000,022,352 | ---- | M] (NOS Microsystems Ltd.) -- C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\uqihgmfi.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\chrome\content\getPlusPlus_Adobe_reg.exe
[2009.11.06 10:20:16 | 000,034,112 | ---- | M] (NOS Microsystems Ltd.) -- C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\uqihgmfi.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}\chrome\content\getPlusPlus_Adobe_reg_bootstrap.exe
[2010.10.14 16:36:46 | 003,056,008 | ---- | M] (Ask) -- C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\uqihgmfi.default\extensions\toolbar@ask.com\chrome\temp\askToolbar.exe

< %SYSTEMDRIVE%\*.exe >


< MD5 for: AGP440.SYS >
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysWow64\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysWow64\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys

< MD5 for: CNGAUDIT.DLL >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

< MD5 for: IASTORV.SYS >
[2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\SysWow64\DriverStore\FileRepository\iastorv.inf_amd64_neutral_18cccb83b34e1453\iaStorV.sys
[2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys

< MD5 for: NETLOGON.DLL >
[2009.07.14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll

< MD5 for: NVSTOR.SYS >
[2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysWow64\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvstor.sys
[2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys

< MD5 for: SCECLI.DLL >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll

< MD5 for: USER32.DLL >
[2009.07.14 03:41:56 | 001,008,640 | ---- | M] (Microsoft Corporation) MD5=72D7B3EA16946E8F0CF7458150031CC6 -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll
[2009.07.14 03:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\SysWOW64\user32.dll
[2009.07.14 03:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\SysWOW64\user32.dll
[2009.07.14 03:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll

< MD5 for: USERINIT.EXE >
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe

< MD5 for: WININIT.EXE >
[2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe

< MD5 for: WINLOGON.EXE >
[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.10.28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

< MD5 for: WS2IFSL.SYS >
[2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys

< %systemroot%\system32\drivers\*.sys /lockedfiles >

< %systemroot%\System32\config\*.sav >

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles >

< End of report >
[/QUOTE]

cosinus 27.10.2010 21:15
Sieht ok aus. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SASW und poste die Logs.
Denk dran beide Tools zu updaten vor dem Scan!!

michaelddd1 27.10.2010 22:05
ok mach ich morgen und danke schonmal

michaelddd1 28.10.2010 14:42
schon mal die logfile von malware




Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Datenbank Version: 4936

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

28.10.2010 15:43:04
mbam-log-2010-10-28 (15-43-04).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Durchsuchte Objekte: 454789
Laufzeit: 1 Stunde(n), 10 Minute(n), 50 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)

michaelddd1 02.11.2010 15:42
SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com

Generated 11/01/2010 at 10:53 PM

Application Version : 4.45.1000

Core Rules Database Version : 5792
Trace Rules Database Version: 3604

Scan type : Complete Scan
Total Scan Time : 02:42:47

Memory items scanned : 543
Memory threats detected : 0
Registry items scanned : 13287
Registry threats detected : 0
File items scanned : 317960
File threats detected : 9

Adware.Tracking Cookie
C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Cookies\michael@atwola[1].txt
C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Cookies\michael@ad.yieldmanager[2].txt
C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Cookies\michael@doubleclick[1].txt
C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Cookies\michael@tracking.quisma[1].txt
C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Cookies\michael@2o7[1].txt
C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Cookies\michael@content.yieldmanager[2].txt
C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Cookies\michael@tradedoubler[1].txt
C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Cookies\michael@content.yieldmanager[3].txt

Adware.Vundo/Variant-MSFake
D:\AGE OF EMPIRES II\AGE2_X1.EXE

cosinus 02.11.2010 15:45
Zitat:
Adware.Vundo/Variant-MSFake
D:\AGE OF EMPIRES II\AGE2_X1.EXE
Wasndas hier?


Alle Zeitangaben in WEZ +1. Es ist jetzt 22:09 Uhr.
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19