peterswerder

hallo habe das hier schon behandelte Problem mit diesem Loudmo sch...

in Firefox ändert sich das Fenster häufig und plötzlich in eine Werbung..Der Tab heisst dann Powered by Loudmo...

Habe Asus A52J Windows 7 64Bit.....

hier mein Gored Fix Ergebnis



GooredFix by jpshortstuff (03.07.10.1)
Log created at 20:07 on 15/07/2010 (Samir)
Firefox version 3.6.6 (de)

========== GooredScan ==========


========== GooredLog ==========

C:\Program Files (x86)\Mozilla Firefox\extensions\
{2433bf0f-be7e-bbcd-dd68-c52537f49676} [12:09 29/05/2010]
{972ce4c6-7e08-4474-a285-3208198ce6fd} [11:31 16/06/2010]
{AB2CE124-6272-4b12-94A9-7303C7397BD1} [19:04 07/05/2010]

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extens ions]
(Key not found)

-=E.O.F=-

hoffe ihr könnt mir helfen...danke im Voraus...

Larusso

Downloade Dir bitte Load.exe

Das Tool benötigt eine aktive Internetverbindung, aber keinen offenen Browser
Sollte deine Firewall meckern, die Anwendung bitte zulassen.

• Speichere die Datei am Desktop.
• Doppelklick auf die load.exe
• Belasse die Häckchen wie sie sind.
• Schließe nun alle offenen Programme.
• Klicke auf Download
• Bitte während dem Download nicht in das Fenster klicken.
• Folge den Anweisungen auf dem Bildschirm.
• Wenn das Fenster Status aufpoppt klicke Start.

Nach dem Neustart findest Du einen Ordner MFTools auf dem Desktop. Darin befindet sich eine Anleitung.pdf.
Diese bitte öffnen und die darin beschriebenen Schritte abarbeiten.

peterswerder

hi...erstmal vielen Dank für die deataillierte Anleitung...

Leider bin ich stecken geblieben beim abarbeiten. Wo finde ich otl.exe? Habe ausser ERUNT nur noch NTREGOPT auf dem Desktop. Ist dies das gleiche?

Und Malwarebytes hatte ich schon und beim damaligen Versuch hatte ich auch schon Sachen gelöscht. Beim quick scan gab es jetzt keine Funde mehr.

Larusso

Hy und sorry. Ein paar DownloadServer was verwendet werden sind derzeit offline. Wartungsarbeiten

CustomScan mit OTL

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop

• Starte bitte die OTL.exe.
  Vista und Win7 User mit Rechtsklick "als Administrator starten"
• Kopiere nun den Inhalt in die Textbox.

• Schliesse bitte nun alle Programme. (Wichtig)
• Klicke nun bitte auf den Quick Scan Button.
• Klick auf .
• Kopiere nun den Inhalt aus OTL.txt und Extra.txt hier in Deinen Thread

Poste mir ebenfalls eine Malwarebytes Logfile, wo ich sehen kann was gelöscht wurde

peterswerder

hi Daniel...

also...hier otl.txt


OTL logfile created on: 22.07.2010 16:50:35 - Run 2
OTL by OldTimer - Version 3.2.9.1 Folder = C:\Users\Samir\Downloads
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

4,00 Gb Total Physical Memory | 3,00 Gb Available Physical Memory | 66,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 79,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 116,44 Gb Total Space | 82,85 Gb Free Space | 71,15% Space Free | Partition Type: NTFS
Drive D: | 334,67 Gb Total Space | 334,63 Gb Free Space | 99,99% Space Free | Partition Type: NTFS
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded

Computer Name: SAMIR-PC
Current User Name: Samir
Logged in as Administrator.

Current Boot Mode: Normal
Scan Mode: Current user
Include 64bit Scans
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 90 Days
Output = Standard
Quick Scan

========== Processes (SafeList) ==========

PRC - [2010.07.22 16:41:50 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Samir\Downloads\OTL.exe
PRC - [2010.06.25 14:06:05 | 000,077,824 | ---- | M] () -- C:\Windows\KMService.exe
PRC - [2010.06.03 02:50:58 | 001,144,104 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2010.04.01 13:33:15 | 000,267,432 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2010.03.02 11:28:23 | 000,282,792 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010.02.24 10:28:01 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2010.01.23 19:04:40 | 003,054,136 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe
PRC - [2009.11.24 11:32:22 | 000,234,792 | ---- | M] (Skype Technologies S.A.) -- C:\Program Files (x86)\Skype\Toolbars\Shared\SkypeNames2.exe
PRC - [2009.11.12 20:10:06 | 001,597,440 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
PRC - [2009.11.10 05:20:36 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
PRC - [2009.11.03 00:21:26 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2009.10.30 13:57:08 | 000,369,200 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
PRC - [2009.10.27 06:29:32 | 006,998,656 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
PRC - [2009.10.26 20:10:42 | 000,174,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
PRC - [2009.10.01 05:34:22 | 002,314,240 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2009.10.01 05:33:08 | 000,262,144 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2009.09.24 23:50:02 | 000,053,888 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
PRC - [2009.08.20 06:31:48 | 000,170,624 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
PRC - [2009.06.24 22:30:18 | 000,272,952 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
PRC - [2009.06.19 20:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
PRC - [2009.06.19 20:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
PRC - [2009.06.16 03:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
PRC - [2009.05.19 11:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2009.05.19 01:59:10 | 000,428,600 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\smartlogon.exe
PRC - [2009.05.19 01:58:38 | 000,305,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
PRC - [2008.12.23 03:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
PRC - [2008.03.31 12:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
PRC - [2007.11.30 21:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
PRC - [2007.07.19 12:17:44 | 003,539,968 | ---- | M] (1&1 Internet AG) -- C:\Program Files (x86)\GMX\GMX SMS-Manager\SMSMngr.exe
PRC - [2003.04.18 19:06:26 | 000,008,192 | ---- | M] () -- C:\Windows\SysWOW64\srvany.exe


========== Modules (SafeList) ==========

MOD - [2010.07.22 16:41:50 | 000,574,976 | ---- | M] (OldTimer Tools) -- C:\Users\Samir\Downloads\OTL.exe
MOD - [2009.07.14 03:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\msscript.ocx
MOD - [2009.07.14 03:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_4211 89da2b7fabfc\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - File not found [Auto | Running] -- C:\Windows\SysNative\srvany.exe -- (KMService)
SRV:64bit: - [2010.02.23 13:21:40 | 000,859,640 | ---- | M] (Trend Micro Inc.) [Auto | Running] -- C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe -- (SfCtlCom)
SRV:64bit: - [2009.11.18 07:45:39 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009.09.29 18:32:31 | 000,570,632 | ---- | M] (Trend Micro Inc.) [On_Demand | Stopped] -- C:\Program Files\Trend Micro\BM\TMBMSRV.exe -- (TMBMServer)
SRV:64bit: - [2009.09.29 18:32:29 | 000,917,768 | ---- | M] (Trend Micro Inc.) [On_Demand | Stopped] -- C:\Program Files\Trend Micro\Internet Security\TmProxy.exe -- (TmProxy)
SRV:64bit: - [2009.09.17 21:36:34 | 000,359,552 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysNative\FBAgent.exe -- (AFBAgent)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2010.04.01 13:33:15 | 000,267,432 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010.03.25 10:25:22 | 030,969,208 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2010.02.24 10:28:01 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2009.11.10 05:20:36 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2009.10.01 05:34:22 | 002,314,240 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2009.10.01 05:33:08 | 000,262,144 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2009.09.15 03:03:42 | 000,044,312 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Asus\Game Park\GameConsole\OberonGameConsoleService.exe -- (OberonGameConsoleService)
SRV - [2009.06.16 03:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe -- (ASLDRService)
SRV - [2009.05.19 11:36:18 | 000,240,512 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort)
SRV - [2008.12.08 17:01:58 | 000,533,344 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
SRV - [2008.03.31 12:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) [On_Demand | Running] -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe -- (ADSMService)
SRV - [2003.04.18 19:06:26 | 000,008,192 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\srvany.exe -- (KMService)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2010.05.10 20:27:03 | 000,834,544 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2010.03.02 13:35:01 | 000,116,568 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2010.02.16 14:24:00 | 000,081,072 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2009.12.04 18:40:30 | 000,265,744 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmxpflt.sys -- (tmxpflt)
DRV:64bit: - [2009.12.04 18:39:44 | 000,042,000 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmpreflt.sys -- (tmpreflt)
DRV:64bit: - [2009.12.04 18:30:22 | 002,007,056 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vsapint.sys -- (vsapint)
DRV:64bit: - [2009.11.18 08:21:19 | 006,171,136 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009.10.30 04:50:03 | 000,704,512 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV:64bit: - [2009.10.15 11:23:19 | 000,117,760 | ---- | M] (ELAN Microelectronic Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2009.10.05 03:33:59 | 001,542,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009.09.30 03:34:31 | 000,121,872 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2009.09.29 18:33:17 | 000,107,536 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tmtdi.sys -- (tmtdi)
DRV:64bit: - [2009.09.17 22:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel(R)
DRV:64bit: - [2009.08.18 10:23:31 | 000,143,472 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR)
DRV:64bit: - [2009.08.14 08:36:01 | 000,102,000 | ---- | M] (JMicron Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\JME.sys -- (JME) JMicron Ethernet Adapter NDIS6 Driver (Amd64 Bits)
DRV:64bit: - [2009.08.06 23:24:13 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009.07.20 11:29:39 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
DRV:64bit: - [2009.07.14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009.07.14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 01:31:10 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2009.06.18 22:18:10 | 000,015,928 | ---- | M] (Windows (R) Win 7 DDK provider) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\lullaby.sys -- (lullaby)
DRV:64bit: - [2009.06.10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009.06.10 22:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.06.05 12:15:55 | 001,806,400 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV:64bit: - [2009.05.13 03:07:19 | 000,015,928 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATK64AMD.sys -- (MTsensor)
DRV:64bit: - [2008.12.08 17:35:52 | 000,061,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2008.05.24 03:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2009.07.03 03:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

peterswerder

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - Reg Error: Key error. File not found

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Asus | MSN
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Asus | MSN
IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings: "ProxyOverride" = local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.de/ig?hl=de"
FF - prefs.js..extensions.enabledItems: {2433bf0f-be7e-bbcd-dd68-c52537f49676}:4.6.6.9
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:4.2.0.5198
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.2.1
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:2.0.0.4
FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=2.0.0.4&q="


FF - HKLM\software\mozilla\Mozilla Firefox 3.6.7\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.07.21 12:30:37 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.7\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.07.21 12:30:37 | 000,000,000 | ---D | M]

[2010.06.16 13:32:55 | 000,000,000 | ---D | M] -- C:\Users\Samir\AppData\Roaming\mozilla\Extensions
[2010.06.28 15:32:44 | 000,000,000 | ---D | M] -- C:\Users\Samir\AppData\Roaming\mozilla\Firefox\Pro files\a4t2wtk8.default\extensions
[2010.06.28 15:32:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Samir\AppData\Roaming\mozilla\Firefox\Pro files\a4t2wtk8.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010.06.26 13:34:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Samir\AppData\Roaming\mozilla\Firefox\Pro files\a4t2wtk8.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2010.06.24 15:11:32 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Samir\AppData\Roaming\mozilla\Firefox\Pro files\a4t2wtk8.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010.07.22 02:20:22 | 000,000,000 | ---D | M] -- C:\Users\Samir\AppData\Roaming\mozilla\Firefox\Pro files\pnedz550.default\extensions
[2010.06.28 15:32:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Samir\AppData\Roaming\mozilla\Firefox\Pro files\pnedz550.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010.06.26 13:34:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Samir\AppData\Roaming\mozilla\Firefox\Pro files\pnedz550.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2010.06.24 15:12:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Samir\AppData\Roaming\mozilla\Firefox\Pro files\pnedz550.default\extensions\{b2e293ee-fd7e-4c71-a714-5f4750d8d7b7}
[2010.07.10 14:01:55 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Samir\AppData\Roaming\mozilla\Firefox\Pro files\pnedz550.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2010.06.24 15:12:08 | 000,000,000 | ---D | M] -- C:\Users\Samir\AppData\Roaming\mozilla\Firefox\Pro files\pnedz550.default\extensions\firefox@tvunetwo rks.com
[2010.06.28 15:32:53 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions
[2010.05.29 14:09:22 | 000,000,000 | ---D | M] (LoudMo Contextual Ad Assistant) -- C:\Program Files (x86)\mozilla firefox\extensions\{2433bf0f-be7e-bbcd-dd68-c52537f49676}
[2010.05.07 21:04:04 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files (x86)\mozilla firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010.06.25 04:47:16 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.06.25 04:47:16 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2010.06.25 04:47:16 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.06.25 04:47:16 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.06.25 04:47:16 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml

O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [EeeStorageBackup] C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe ()
O4:64bit: - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
O4:64bit: - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe ()
O4:64bit: - HKLM..\Run: [UfSeAgnt.exe] C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe (Trend Micro Inc.)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [BCSSync] C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMen u.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu. exe (CyberLink Corp.)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [GMX SMS-Manager] C:\Program Files (x86)\GMX\GMX SMS-Manager\SMSMngr.exe (1&1 Internet AG)
O4 - HKCU..\Run: [OE] C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe (Trend Micro Inc.)
O4 - Startup: C:\Users\Samir\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files (x86)\ERUNT\AUTOBACK.EXE ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Samir\AppData\Roaming\DVDVideoSoftIEHelpe rs\youtubetomp3.htm ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Samir\AppData\Roaming\DVDVideoSoftIEHelpe rs\youtubetomp3.htm ()
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe File not found
O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe File not found
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.e xe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.ex e (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{e9479de9-5c61-11df-baad-e0cb4e36e3e2}\Shell - "" = AutoRun
O33 - MountPoints2\{e9479de9-5c61-11df-baad-e0cb4e36e3e2}\Shell\AutoRun\command - "" = F:\SETUP.EXE -- File not found
O33 - MountPoints2\{e9479de9-5c61-11df-baad-e0cb4e36e3e2}\Shell\configure\command - "" = F:\SETUP.EXE -- File not found
O33 - MountPoints2\{e9479de9-5c61-11df-baad-e0cb4e36e3e2}\Shell\install\command - "" = F:\SETUP.EXE -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*


CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 90 Days ==========

[2010.07.22 13:46:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CCleaner
[2010.07.22 01:57:38 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2010.07.22 01:54:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ERUNT
[2010.07.22 01:48:43 | 000,000,000 | ---D | C] -- C:\Users\Samir\Desktop\MFTools
[2010.07.15 20:07:29 | 000,000,000 | ---D | C] -- C:\Users\Samir\Desktop\GooredFix Backups
[2010.07.14 00:04:51 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Roaming\Avira
[2010.07.07 17:15:14 | 000,116,568 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys
[2010.07.07 17:15:14 | 000,081,072 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2010.07.07 17:15:14 | 000,051,992 | ---- | C] (AVIRA GmbH) -- C:\Windows\SysWow64\drivers\avgntdd.sys
[2010.07.07 17:15:14 | 000,017,016 | ---- | C] (AVIRA GmbH) -- C:\Windows\SysWow64\drivers\avgntmgr.sys
[2010.07.07 17:15:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2010.07.07 17:15:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira
[2010.07.04 17:35:12 | 000,000,000 | ---D | C] -- C:\Users\Samir\Documents\ICQ
[2010.06.29 16:08:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Symantec Shared
[2010.06.29 08:52:37 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Roaming\Malwarebytes
[2010.06.29 08:52:26 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010.06.29 08:52:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.06.29 08:52:24 | 000,024,664 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010.06.29 08:52:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010.06.28 15:32:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ICQ6Toolbar
[2010.06.28 15:32:26 | 000,000,000 | ---D | C] -- C:\ProgramData\ICQ
[2010.06.28 15:32:15 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Roaming\ICQ
[2010.06.28 15:32:14 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Local\AOL
[2010.06.28 15:32:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ICQ7.2
[2010.06.28 13:07:24 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2010.06.28 12:56:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Symantec
[2010.06.28 12:56:14 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NSSx64
[2010.06.28 12:56:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton Security Scan
[2010.06.28 12:56:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
[2010.06.28 12:56:14 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NSSx64\0207030.022
[2010.06.28 12:56:10 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller
[2010.06.28 12:56:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NortonInstaller
[2010.06.28 01:36:43 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Roaming\DivX

peterswerder

[2010.06.28 01:36:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine
[2010.06.28 01:36:11 | 000,000,000 | ---D | C] -- C:\Program Files\DivX
[2010.06.28 01:35:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DivX Shared
[2010.06.28 01:34:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DivX
[2010.06.28 01:34:17 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
[2010.06.26 13:34:01 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Roaming\DVDVideoSoftIEHelpe rs
[2010.06.26 13:33:54 | 000,000,000 | ---D | C] -- C:\Users\Samir\Documents\DVDVideoSoft
[2010.06.26 13:33:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVDVideoSoft
[2010.06.26 13:33:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DVDVideoSoft
[2010.06.25 14:10:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSECache
[2010.06.25 13:34:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Synchronization Services
[2010.06.25 13:34:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2010.06.25 13:33:43 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2010.06.25 13:33:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2010.06.24 13:20:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services
[2010.06.07 16:08:29 | 000,000,000 | ---D | C] -- C:\Users\Samir\Desktop\Diplomarbeit Wagner
[2010.05.29 14:09:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BabelFish
[2010.05.29 14:09:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit
[2010.05.26 15:47:28 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Local\Diagnostics
[2010.05.25 20:09:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2010.05.24 21:06:51 | 000,000,000 | ---D | C] -- C:\Users\Samir\Documents\Meine empfangenen Dateien
[2010.05.21 14:19:06 | 000,000,000 | ---D | C] -- C:\Users\Samir\Documents\Downloads
[2010.05.18 19:09:21 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Roaming\GameConsole
[2010.05.18 19:09:13 | 000,000,000 | -HSD | C] -- C:\Users\Samir\AppData\Roaming\.#
[2010.05.16 20:06:40 | 000,000,000 | ---D | C] -- C:\Users\Samir\Desktop\Ufü
[2010.05.16 19:58:38 | 000,000,000 | ---D | C] -- C:\Users\Samir\laptop
[2010.05.16 15:51:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ubisoft
[2010.05.15 13:58:00 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2010.05.11 14:53:50 | 000,000,000 | ---D | C] -- C:\Users\Samir\Documents\SafeNet Sentinel
[2010.05.11 14:53:50 | 000,000,000 | ---D | C] -- C:\ProgramData\SafeNet Sentinel
[2010.05.11 14:53:50 | 000,000,000 | ---D | C] -- C:\Users\Samir\.spss
[2010.05.11 12:12:46 | 000,000,000 | ---D | C] -- C:\Users\Samir\Tracing
[2010.05.10 20:47:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts
[2010.05.10 20:46:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Electronic Arts
[2010.05.10 20:46:27 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Roaming\Leadertech
[2010.05.10 20:32:15 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\DAEMON Tools Images
[2010.05.10 20:26:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite
[2010.05.10 20:25:09 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Roaming\DAEMON Tools Lite
[2010.05.10 20:25:06 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2010.05.10 18:55:52 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Roaming\CyberLink
[2010.05.10 18:40:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8
[2010.05.10 18:40:30 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Local\Microsoft Help
[2010.05.10 17:04:49 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Roaming\WinRAR
[2010.05.10 17:04:16 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2010.05.10 11:16:43 | 000,000,000 | ---D | C] -- C:\Users\Samir\Documents\ASUS
[2010.05.10 11:16:34 | 000,000,000 | ---D | C] -- C:\ProgramData\ASUS
[2010.05.10 11:16:33 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Local\ASUS
[2010.05.09 23:26:35 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Local\Boss Media
[2010.05.09 23:26:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Boss Media
[2010.05.09 23:26:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ParadisePoker
[2010.05.09 23:19:16 | 000,000,000 | ---D | C] -- C:\Casino
[2010.05.09 14:29:43 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Service
[2010.05.09 14:12:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SopCast
[2010.05.09 14:11:43 | 000,000,000 | ---D | C] -- C:\Users\Samir\Documents\SopCast329
[2010.05.09 14:05:51 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Roaming\vlc
[2010.05.09 14:04:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2010.05.09 14:00:04 | 000,000,000 | ---D | C] -- C:\Users\Samir\Documents\UseNeXT
[2010.05.09 14:00:03 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Roaming\UseNeXT
[2010.05.09 13:59:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\UseNeXT
[2010.05.09 12:01:50 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Local\TVU Networks
[2010.05.09 12:01:50 | 000,000,000 | ---D | C] -- C:\ProgramData\TVU Networks
[2010.05.09 12:00:15 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\TVUAx
[2010.05.08 16:15:42 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2010.05.08 15:58:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GMX
[2010.05.08 15:01:29 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Local\Adobe
[2010.05.08 11:04:47 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Roaming\Asus WebStorage
[2010.05.07 23:40:42 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Local\Microsoft Games
[2010.05.07 23:08:59 | 000,000,000 | ---D | C] -- C:\Programs
[2010.05.07 21:18:31 | 002,007,056 | ---- | C] (Trend Micro Inc.) -- C:\Windows\SysNative\drivers\vsapint.sys
[2010.05.07 21:18:31 | 000,265,744 | ---- | C] (Trend Micro Inc.) -- C:\Windows\SysNative\drivers\tmxpflt.sys
[2010.05.07 21:18:31 | 000,042,000 | ---- | C] (Trend Micro Inc.) -- C:\Windows\SysNative\drivers\tmpreflt.sys
[2010.05.07 21:09:05 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Roaming\skypePM
[2010.05.07 21:06:08 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\log
[2010.05.07 21:04:20 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Roaming\Skype
[2010.05.07 21:04:12 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Local\Google
[2010.05.07 21:04:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2010.05.07 21:03:47 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2010.05.07 21:03:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2010.05.07 21:03:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2010.05.07 21:00:46 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Roaming\Mozilla
[2010.05.07 21:00:46 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Local\Mozilla
[2010.05.07 21:00:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2010.05.07 20:56:49 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Roaming\Macromedia
[2010.05.07 20:56:48 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Roaming\Adobe
[2010.05.07 20:45:01 | 000,000,000 | ---D | C] -- C:\Users\Samir\Documents\ASUS WebStorage
[2010.05.07 20:45:00 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Roaming\ATI
[2010.05.07 20:45:00 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Local\ATI
[2010.05.07 20:44:59 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Local\SRS Labs
[2010.05.07 20:44:39 | 000,000,000 | R--D | C] -- C:\Users\Samir\Searches
[2010.05.07 20:44:32 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Roaming\Identities
[2010.05.07 20:44:27 | 000,000,000 | R--D | C] -- C:\Users\Samir\Contacts
[2010.05.07 20:41:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2010.05.07 20:41:13 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2010.05.07 20:41:12 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live
[2010.05.07 20:40:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Sync Framework
[2010.05.07 20:37:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[2010.05.07 20:36:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft
[2010.05.07 20:36:36 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2010.05.07 20:36:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live SkyDrive
[2010.05.07 20:36:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live
[2010.05.07 20:34:48 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Local\Power2Go
[2010.05.07 20:34:44 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Local\VirtualStore
[2010.05.07 20:34:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Windows Live
[2010.05.07 20:34:17 | 000,000,000 | -H-D | C] -- C:\asus.dat
[2010.05.07 20:33:49 | 000,000,000 | --SD | C] -- C:\Users\Samir\AppData\Roaming\Microsoft
[2010.05.07 20:33:49 | 000,000,000 | R--D | C] -- C:\Users\Samir\Videos
[2010.05.07 20:33:49 | 000,000,000 | R--D | C] -- C:\Users\Samir\Saved Games
[2010.05.07 20:33:49 | 000,000,000 | R--D | C] -- C:\Users\Samir\Pictures
[2010.05.07 20:33:49 | 000,000,000 | R--D | C] -- C:\Users\Samir\Music
[2010.05.07 20:33:49 | 000,000,000 | R--D | C] -- C:\Users\Samir\Links
[2010.05.07 20:33:49 | 000,000,000 | R--D | C] -- C:\Users\Samir\Favorites
[2010.05.07 20:33:49 | 000,000,000 | R--D | C] -- C:\Users\Samir\Downloads
[2010.05.07 20:33:49 | 000,000,000 | R--D | C] -- C:\Users\Samir\Documents
[2010.05.07 20:33:49 | 000,000,000 | R--D | C] -- C:\Users\Samir\Desktop
[2010.05.07 20:33:49 | 000,000,000 | -HSD | C] -- C:\Users\Samir\Vorlagen
[2010.05.07 20:33:49 | 000,000,000 | -HSD | C] -- C:\Users\Samir\AppData\Local\Verlauf

peterswerder

[2010.05.07 20:33:49 | 000,000,000 | -HSD | C] -- C:\Users\Samir\AppData\Local\Temporary Internet Files
[2010.05.07 20:33:49 | 000,000,000 | -HSD | C] -- C:\Users\Samir\Startmenü
[2010.05.07 20:33:49 | 000,000,000 | -HSD | C] -- C:\Users\Samir\SendTo
[2010.05.07 20:33:49 | 000,000,000 | -HSD | C] -- C:\Users\Samir\Recent
[2010.05.07 20:33:49 | 000,000,000 | -HSD | C] -- C:\Users\Samir\Netzwerkumgebung
[2010.05.07 20:33:49 | 000,000,000 | -HSD | C] -- C:\Users\Samir\Lokale Einstellungen
[2010.05.07 20:33:49 | 000,000,000 | -HSD | C] -- C:\Users\Samir\Documents\Eigene Videos
[2010.05.07 20:33:49 | 000,000,000 | -HSD | C] -- C:\Users\Samir\Documents\Eigene Musik
[2010.05.07 20:33:49 | 000,000,000 | -HSD | C] -- C:\Users\Samir\Eigene Dateien
[2010.05.07 20:33:49 | 000,000,000 | -HSD | C] -- C:\Users\Samir\Documents\Eigene Bilder
[2010.05.07 20:33:49 | 000,000,000 | -HSD | C] -- C:\Users\Samir\Druckumgebung
[2010.05.07 20:33:49 | 000,000,000 | -HSD | C] -- C:\Users\Samir\Cookies
[2010.05.07 20:33:49 | 000,000,000 | -HSD | C] -- C:\Users\Samir\AppData\Local\Anwendungsdaten
[2010.05.07 20:33:49 | 000,000,000 | -HSD | C] -- C:\Users\Samir\Anwendungsdaten
[2010.05.07 20:33:49 | 000,000,000 | -H-D | C] -- C:\Users\Samir\AppData
[2010.05.07 20:33:49 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Local\Temp
[2010.05.07 20:33:49 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Local\Microsoft
[2010.05.07 20:33:49 | 000,000,000 | ---D | C] -- C:\Users\Samir\AppData\Roaming\Media Center Programs
[2010.04.27 00:04:42 | 000,353,592 | ---- | C] (DivX, Inc.) -- C:\Windows\SysWow64\DivXControlPanelApplet.cpl

========== Files - Modified Within 90 Days ==========

[2010.07.22 16:50:35 | 006,029,312 | -HS- | M] () -- C:\Users\Samir\ntuser.dat
[2010.07.22 16:31:00 | 000,001,118 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2689079528-3819561334-3384744718-1000UA.job
[2010.07.22 16:26:00 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.07.22 13:49:00 | 000,081,842 | ---- | M] () -- C:\Users\Samir\Documents\cc_20100722_134840.reg
[2010.07.22 13:46:11 | 000,001,013 | ---- | M] () -- C:\Users\Samir\Desktop\CCleaner.lnk
[2010.07.22 12:08:54 | 000,010,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.07.22 12:08:54 | 000,010,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.07.22 12:02:02 | 000,001,878 | ---- | M] () -- C:\Windows\SysNative\AutoRunFilter.ini
[2010.07.22 12:01:30 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.07.22 12:01:26 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.07.22 12:01:22 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.07.22 12:01:17 | 3105,259,520 | -HS- | M] () -- C:\hiberfil.sys
[2010.07.22 03:51:35 | 003,369,885 | -H-- | M] () -- C:\Users\Samir\AppData\Local\IconCache.db
[2010.07.22 01:54:19 | 000,001,110 | ---- | M] () -- C:\Users\Samir\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2010.07.22 01:54:17 | 000,000,930 | ---- | M] () -- C:\Users\Samir\Desktop\NTREGOPT.lnk
[2010.07.22 01:54:17 | 000,000,911 | ---- | M] () -- C:\Users\Samir\Desktop\ERUNT.lnk
[2010.07.22 01:40:57 | 000,122,360 | ---- | M] () -- C:\Users\Samir\AppData\Local\GDIPFONTCACHEV1.DAT
[2010.07.22 01:40:43 | 000,446,928 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010.07.18 22:02:43 | 000,313,899 | ---- | M] () -- C:\Users\Samir\Desktop\DSC00276.JPG
[2010.07.15 18:47:00 | 000,000,498 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for Samir.job
[2010.07.13 11:47:01 | 000,001,617 | ---- | M] () -- C:\Users\Samir\Desktop\DivX Movies.lnk
[2010.07.13 11:46:20 | 000,001,118 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2010.07.10 04:31:00 | 000,001,066 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2689079528-3819561334-3384744718-1000Core.job
[2010.07.09 15:01:33 | 000,419,012 | ---- | M] () -- C:\Users\Samir\Desktop\la mienne.jpg
[2010.07.07 23:31:08 | 000,001,333 | ---- | M] () -- C:\Windows\SysNative\ServiceFilter.ini
[2010.07.07 17:15:17 | 000,002,072 | ---- | M] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2010.07.07 16:59:18 | 000,000,824 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\tmvsthfud.bin
[2010.07.07 16:55:14 | 000,000,824 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\tmvsthfss.bin
[2010.07.04 16:19:34 | 000,002,016 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010.07.04 03:11:26 | 002,000,282 | ---- | M] () -- C:\Users\Samir\Documents\Foto0221.jpg
[2010.06.30 15:20:17 | 001,480,602 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010.06.30 15:20:17 | 000,647,376 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2010.06.30 15:20:17 | 000,610,094 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010.06.30 15:20:17 | 000,127,404 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2010.06.30 15:20:17 | 000,104,412 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010.06.30 14:44:00 | 000,002,266 | ---- | M] () -- C:\Users\Samir\Desktop\Scanner.lnk
[2010.06.30 14:13:40 | 001,785,991 | ---- | M] () -- C:\Users\Samir\Documents\Foto0220.jpg
[2010.06.29 08:52:29 | 000,001,015 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.06.28 12:56:19 | 000,001,085 | ---- | M] () -- C:\Users\Public\Desktop\Norton Security Scan.lnk
[2010.06.28 12:56:14 | 000,000,172 | ---- | M] () -- C:\Windows\SysNative\drivers\NSSx64\0207030.022\is olate.ini
[2010.06.26 13:33:59 | 000,001,245 | ---- | M] () -- C:\Users\Samir\Desktop\DVDVideoSoft Free Studio.lnk
[2010.06.25 14:13:56 | 001,500,444 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.06.25 14:06:05 | 000,077,824 | ---- | M] () -- C:\Windows\KMService.exe
[2010.06.25 13:44:38 | 000,000,478 | ---- | M] () -- C:\Windows\win.ini
[2010.06.24 16:58:09 | 000,524,288 | -HS- | M] () -- C:\Users\Samir\ntuser.dat{9e254b2f-7f88-11df-ae50-e0cb4e36e3e2}.TMContainer00000000000000000002.regt rans-ms
[2010.06.24 16:58:09 | 000,524,288 | -HS- | M] () -- C:\Users\Samir\ntuser.dat{9e254b2f-7f88-11df-ae50-e0cb4e36e3e2}.TMContainer00000000000000000001.regt rans-ms
[2010.06.24 16:58:09 | 000,065,536 | -HS- | M] () -- C:\Users\Samir\ntuser.dat{9e254b2f-7f88-11df-ae50-e0cb4e36e3e2}.TM.blf
[2010.06.22 11:48:44 | 000,066,644 | ---- | M] () -- C:\Users\Samir\Desktop\pic21487.jpg
[2010.06.15 13:57:02 | 000,006,003 | ---- | M] () -- C:\Users\Samir\Desktop\app_full_proxy.php.jpg
[2010.06.08 19:02:47 | 000,063,720 | ---- | M] () -- C:\Users\Samir\long.jpg
[2010.05.29 13:43:43 | 000,005,118 | ---- | M] () -- C:\Users\Samir\bar.jpg
[2010.05.24 00:27:09 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01 _09_00.Wdf
[2010.05.11 15:37:27 | 000,000,063 | ---- | M] () -- C:\Users\Samir\Documents\lkanguage.sps
[2010.05.11 15:37:11 | 000,001,098 | ---- | M] () -- C:\Users\Samir\Documents\laqnguage.spv
[2010.05.11 15:29:47 | 000,001,035 | ---- | M] () -- C:\Users\Samir\Documents\language.spv
[2010.05.11 15:23:56 | 000,001,039 | ---- | M] () -- C:\Users\Samir\Documents\lang.spv
[2010.05.10 20:27:03 | 000,834,544 | ---- | M] () -- C:\Windows\SysNative\drivers\sptd.sys
[2010.05.09 15:39:22 | 000,000,600 | ---- | M] () -- C:\Users\Samir\PUTTY.RND
[2010.05.09 14:06:59 | 018,499,623 | ---- | M] () -- C:\Users\Samir\Documents\vlc-1.0.5-win32.exe
[2010.05.08 10:53:25 | 000,000,080 | ---- | M] () -- C:\Windows\SysNative\Defrag.ini
[2010.05.07 21:09:06 | 000,000,056 | -H-- | M] () -- C:\ProgramData\ezsidmv.dat
[2010.05.07 21:04:41 | 000,524,288 | -HS- | M] () -- C:\Users\Samir\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regt rans-ms
[2010.05.07 21:04:41 | 000,524,288 | -HS- | M] () -- C:\Users\Samir\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regt rans-ms
[2010.05.07 21:04:41 | 000,065,536 | -HS- | M] () -- C:\Users\Samir\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2010.05.07 20:55:01 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\1043_ASUSTeK_K52Jr.alu
[2010.05.07 20:33:49 | 000,000,020 | -HS- | M] () -- C:\Users\Samir\ntuser.ini
[2010.05.07 12:35:03 | 000,052,953 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2010.05.07 12:35:03 | 000,052,953 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2010.04.29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010.04.29 15:39:28 | 000,024,664 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010.04.27 00:04:42 | 000,353,592 | ---- | M] (DivX, Inc.) -- C:\Windows\SysWow64\DivXControlPanelApplet.cpl

========== Files Created - No Company Name ==========

[2010.07.22 13:48:46 | 000,081,842 | ---- | C] () -- C:\Users\Samir\Documents\cc_20100722_134840.reg
[2010.07.22 13:46:11 | 000,001,013 | ---- | C] () -- C:\Users\Samir\Desktop\CCleaner.lnk
[2010.07.22 01:54:19 | 000,001,110 | ---- | C] () -- C:\Users\Samir\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2010.07.22 01:54:17 | 000,000,930 | ---- | C] () -- C:\Users\Samir\Desktop\NTREGOPT.lnk
[2010.07.22 01:54:17 | 000,000,911 | ---- | C] () -- C:\Users\Samir\Desktop\ERUNT.lnk
[2010.07.18 22:02:39 | 000,313,899 | ---- | C] () -- C:\Users\Samir\Desktop\DSC00276.JPG
[2010.07.13 11:47:01 | 000,001,617 | ---- | C] () -- C:\Users\Samir\Desktop\DivX Movies.lnk
[2010.07.13 11:46:20 | 000,001,118 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2010.07.09 15:01:27 | 000,419,012 | ---- | C] () -- C:\Users\Samir\Desktop\la mienne.jpg
[2010.07.07 17:15:17 | 000,002,072 | ---- | C] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2010.07.04 16:40:55 | 001,785,991 | ---- | C] () -- C:\Users\Samir\Documents\Foto0220.jpg
[2010.07.04 16:40:42 | 002,000,282 | ---- | C] () -- C:\Users\Samir\Documents\Foto0221.jpg
[2010.07.04 16:19:34 | 000,002,016 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010.06.30 14:44:00 | 000,002,266 | ---- | C] () -- C:\Users\Samir\Desktop\Scanner.lnk
[2010.06.29 08:52:29 | 000,001,015 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.06.28 12:56:20 | 000,000,498 | -H-- | C] () -- C:\Windows\tasks\Norton Security Scan for Samir.job
[2010.06.28 12:56:19 | 000,001,085 | ---- | C] () -- C:\Users\Public\Desktop\Norton Security Scan.lnk
[2010.06.28 12:56:14 | 000,000,172 | ---- | C] () -- C:\Windows\SysNative\drivers\NSSx64\0207030.022\is olate.ini
[2010.06.26 13:33:55 | 000,001,245 | ---- | C] () -- C:\Users\Samir\Desktop\DVDVideoSoft Free Studio.lnk
[2010.06.25 14:13:56 | 001,500,444 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.06.25 14:06:42 | 000,077,824 | ---- | C] () -- C:\Windows\KMService.exe
[2010.06.25 14:06:41 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\srvany.exe
[2010.06.24 15:14:07 | 000,524,288 | -HS- | C] () -- C:\Users\Samir\ntuser.dat{9e254b2f-7f88-11df-ae50-e0cb4e36e3e2}.TMContainer00000000000000000002.regt rans-ms
[2010.06.24 15:14:07 | 000,524,288 | -HS- | C] () -- C:\Users\Samir\ntuser.dat{9e254b2f-7f88-11df-ae50-e0cb4e36e3e2}.TMContainer00000000000000000001.regt rans-ms
[2010.06.24 15:14:07 | 000,065,536 | -HS- | C] () -- C:\Users\Samir\ntuser.dat{9e254b2f-7f88-11df-ae50-e0cb4e36e3e2}.TM.blf
[2010.06.22 11:48:44 | 000,066,644 | ---- | C] () -- C:\Users\Samir\Desktop\pic21487.jpg
[2010.06.17 12:28:41 | 000,000,175 | ---- | C] () -- C:\ProgramData\OutlookFail.20100617.log
[2010.06.15 13:57:02 | 000,006,003 | ---- | C] () -- C:\Users\Samir\Desktop\app_full_proxy.php.jpg
[2010.06.09 01:04:41 | 000,000,175 | ---- | C] () -- C:\ProgramData\OutlookFail.20100609.log
[2010.05.29 13:44:15 | 000,063,720 | ---- | C] () -- C:\Users\Samir\long.jpg
[2010.05.29 13:44:08 | 000,019,968 | -HS- | C] () -- C:\Users\Samir\Thumbs.db
[2010.05.29 13:43:42 | 000,005,118 | ---- | C] () -- C:\Users\Samir\bar.jpg
[2010.05.24 00:27:09 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01 _09_00.Wdf
[2010.05.21 14:18:09 | 000,001,118 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2689079528-3819561334-3384744718-1000UA.job
[2010.05.21 14:18:09 | 000,001,066 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2689079528-3819561334-3384744718-1000Core.job
[2010.05.21 12:27:21 | 000,000,175 | ---- | C] () -- C:\ProgramData\OutlookFail.20100521.log
[2010.05.19 11:36:30 | 000,000,175 | ---- | C] () -- C:\ProgramData\OutlookFail.20100519.log
[2010.05.18 16:58:41 | 000,000,175 | ---- | C] () -- C:\ProgramData\OutlookFail.20100518.log
[2010.05.17 21:30:09 | 000,000,174 | ---- | C] () -- C:\ProgramData\OutlookFail.20100517.log
[2010.05.11 15:37:27 | 000,000,063 | ---- | C] () -- C:\Users\Samir\Documents\lkanguage.sps
[2010.05.11 15:37:11 | 000,001,098 | ---- | C] () -- C:\Users\Samir\Documents\laqnguage.spv
[2010.05.11 15:23:55 | 000,001,039 | ---- | C] () -- C:\Users\Samir\Documents

peterswerder

\lang.spv
[2010.05.11 15:21:14 | 000,001,035 | ---- | C] () -- C:\Users\Samir\Documents\language.spv
[2010.05.10 23:05:44 | 000,000,523 | ---- | C] () -- C:\ProgramData\OutlookFail.20100510.log
[2010.05.10 20:27:03 | 000,834,544 | ---- | C] () -- C:\Windows\SysNative\drivers\sptd.sys
[2010.05.09 23:18:37 | 000,000,175 | ---- | C] () -- C:\ProgramData\OutlookFail.20100509.log
[2010.05.09 14:35:46 | 000,000,600 | ---- | C] () -- C:\Users\Samir\PUTTY.RND
[2010.05.09 14:06:29 | 018,499,623 | ---- | C] () -- C:\Users\Samir\Documents\vlc-1.0.5-win32.exe
[2010.05.07 21:14:45 | 000,001,108 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.05.07 21:14:45 | 000,001,104 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.05.07 21:09:06 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.05.07 20:55:01 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\1043_ASUSTeK_K52Jr.alu
[2010.05.07 20:33:49 | 000,524,288 | -HS- | C] () -- C:\Users\Samir\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regt rans-ms
[2010.05.07 20:33:49 | 000,524,288 | -HS- | C] () -- C:\Users\Samir\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regt rans-ms
[2010.05.07 20:33:49 | 000,262,144 | -HS- | C] () -- C:\Users\Samir\ntuser.dat.LOG1
[2010.05.07 20:33:49 | 000,065,536 | -HS- | C] () -- C:\Users\Samir\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2010.05.07 20:33:49 | 000,000,020 | -HS- | C] () -- C:\Users\Samir\ntuser.ini
[2010.05.07 20:33:49 | 000,000,000 | -HS- | C] () -- C:\Users\Samir\ntuser.dat.LOG2
[2010.05.07 20:33:48 | 006,029,312 | -HS- | C] () -- C:\Users\Samir\ntuser.dat
[2010.05.07 12:32:19 | 3105,259,520 | -HS- | C] () -- C:\hiberfil.sys
[2010.01.23 19:03:54 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\LogonStart.dll
[2009.08.19 10:33:09 | 000,000,035 | ---- | C] () -- C:\Windows\OOBEPlayer.ini
[2009.07.29 07:20:40 | 000,000,010 | ---- | C] () -- C:\Windows\SysWow64\ABLKSR.ini
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

========== LOP Check ==========

[2010.05.18 19:09:40 | 000,000,000 | -HSD | M] -- C:\Users\Samir\AppData\Roaming\.#
[2010.05.08 11:12:49 | 000,000,000 | ---D | M] -- C:\Users\Samir\AppData\Roaming\Asus WebStorage
[2010.05.10 20:33:01 | 000,000,000 | ---D | M] -- C:\Users\Samir\AppData\Roaming\DAEMON Tools Lite
[2010.06.26 13:34:01 | 000,000,000 | ---D | M] -- C:\Users\Samir\AppData\Roaming\DVDVideoSoftIEHelpe rs
[2010.05.18 19:09:21 | 000,000,000 | ---D | M] -- C:\Users\Samir\AppData\Roaming\GameConsole
[2010.07.14 15:49:07 | 000,000,000 | ---D | M] -- C:\Users\Samir\AppData\Roaming\ICQ
[2010.05.10 20:46:27 | 000,000,000 | ---D | M] -- C:\Users\Samir\AppData\Roaming\Leadertech
[2010.07.21 15:26:41 | 000,000,000 | ---D | M] -- C:\Users\Samir\AppData\Roaming\UseNeXT
[2010.06.29 12:53:50 | 000,032,618 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< Code: >

< --------- >

< %SYSTEMDRIVE%\*.* >
[2009.06.15 13:11:59 | 000,000,054 | ---- | M] () -- C:\AdobeReader.log
[2009.07.14 03:38:58 | 000,383,562 | RHS- | M] () -- C:\bootmgr
[2009.07.29 08:03:37 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2010.01.23 19:08:12 | 000,014,645 | ---- | M] () -- C:\devlist.txt
[2010.01.23 19:08:12 | 000,000,009 | ---- | M] () -- C:\Finish.log
[2010.07.22 12:01:17 | 3105,259,520 | -HS- | M] () -- C:\hiberfil.sys
[2010.01.23 18:59:53 | 000,963,209 | ---- | M] () -- C:\inject.log.txt
[2009.12.18 07:17:27 | 002,097,152 | -H-- | M] () -- C:\K52Jr.BIN
[2009.12.21 05:14:26 | 000,000,019 | ---- | M] () -- C:\K52JR_K62JR_WIN7.20
[2009.12.01 04:15:57 | 002,097,152 | -H-- | M] () -- C:\K62Jr.BIN
[2009.06.12 03:32:00 | 000,000,057 | ---- | M] () -- C:\OFFICE2007_L.TXT
[2010.07.22 12:01:19 | 4140,347,392 | -HS- | M] () -- C:\pagefile.sys
[2010.01.23 04:26:10 | 000,000,146 | ---- | M] () -- C:\Pass.txt
[2009.12.17 07:48:04 | 000,000,277 | ---- | M] () -- C:\Patch_Win7.log
[2009.12.21 05:14:26 | 000,000,014 | ---- | M] () -- C:\RECOVERY.DAT
[2010.01.23 19:04:14 | 000,000,090 | ---- | M] () -- C:\setup.log
[2006.05.14 10:22:24 | 000,000,005 | ---- | M] () -- C:\store.log
[2010.01.23 18:18:05 | 000,000,170 | ---- | M] () -- C:\SumHidd.txt
[2010.01.23 18:16:35 | 000,000,098 | ---- | M] () -- C:\SumOS.txt
[2009.09.16 20:04:46 | 000,000,024 | ---- | M] () -- C:\v82.txt

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.dll /lockedfiles %systemroot%\Tasks\*.job /lockedfiles %systemroot%\System32\config\*.sav >
Invalid Switch: lockedfiles %systemroot%\System32\config\*.sav

< %systemroot%\system32\drivers\*.sys /90 >

peterswerder

[2010.06.25 04:47:16 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.06.25 04:47:16 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.06.25 04:47:16 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml

O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [EeeStorageBackup] C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe ()
O4:64bit: - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
O4:64bit: - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe ()
O4:64bit: - HKLM..\Run: [UfSeAgnt.exe] C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe (Trend Micro Inc.)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [BCSSync] C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMen u.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu. exe (CyberLink Corp.)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [GMX SMS-Manager] C:\Program Files (x86)\GMX\GMX SMS-Manager\SMSMngr.exe (1&1 Internet AG)
O4 - HKCU..\Run: [OE] C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe (Trend Micro Inc.)
O4 - Startup: C:\Users\Samir\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files (x86)\ERUNT\AUTOBACK.EXE ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\pol icies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Samir\AppData\Roaming\DVDVideoSoftIEHelpe rs\youtubetomp3.htm ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Samir\AppData\Roaming\DVDVideoSoftIEHelpe rs\youtubetomp3.htm ()
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe File not found
O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe File not found
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.e xe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.ex e (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found