API tools faq
paste
Advertisement
Guest User

OTL Log

a guest
Oct 18th, 2012
153
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 76.83 KB | None | 0 0
raw download clone embed print report
  1. CN OTL logfile created on: 18.10.2012 17:26:37 - Run 1
  2. OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Kai\Downloads
  3. 64bit- Professional (Version = 6.1.7600) - Type = NTWorkstation
  4. Internet Explorer (Version = 9.0.8112.16421)
  5. Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
  6.  
  7. 7,99 Gb Total Physical Memory | 4,50 Gb Available Physical Memory | 56,33% Memory free
  8. 15,98 Gb Paging File | 11,46 Gb Available in Paging File | 71,72% Paging File free
  9. Paging file location(s): ?:\pagefile.sys [binary data]
  10.  
  11. %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
  12. Drive C: | 585,94 Gb Total Space | 286,63 Gb Free Space | 48,92% Space Free | Partition Type: NTFS
  13. Drive D: | 298,09 Gb Total Space | 264,30 Gb Free Space | 88,67% Space Free | Partition Type: NTFS
  14. Drive E: | 52,50 Gb Total Space | 33,59 Gb Free Space | 63,98% Space Free | Partition Type: NTFS
  15. Drive F: | 698,46 Gb Total Space | 498,20 Gb Free Space | 71,33% Space Free | Partition Type: FAT32
  16. Drive G: | 657,09 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
  17. Drive S: | 97,66 Gb Total Space | 69,70 Gb Free Space | 71,37% Space Free | Partition Type: NTFS
  18.  
  19. Computer Name: KOMPUTER | User Name: Kai | Logged in as Administrator.
  20. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
  21. Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
  22.  
  23. [color=#E56717]========== Processes (SafeList) ==========[/color]
  24.  
  25. PRC - [2012.10.18 17:25:51 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Kai\Downloads\OTL.exe
  26. PRC - [2012.10.14 20:34:53 | 001,564,368 | ---- | M] () -- C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe
  27. PRC - [2012.10.14 18:22:30 | 001,807,800 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe
  28. PRC - [2012.10.14 18:09:23 | 006,045,848 | ---- | M] () -- c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe
  29. PRC - [2012.10.04 20:59:04 | 000,071,464 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\GameOverlayUI.exe
  30. PRC - [2012.10.04 20:58:53 | 000,529,744 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
  31. PRC - [2012.09.20 21:35:56 | 003,341,464 | ---- | M] (Electronic Arts) -- C:\Program Files (x86)\Origin\Origin.exe
  32. PRC - [2012.09.18 20:23:02 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
  33. PRC - [2012.08.21 11:02:26 | 001,193,176 | ---- | M] () -- C:\Users\Kai\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
  34. PRC - [2012.08.17 18:26:14 | 001,353,080 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
  35. PRC - [2012.08.03 03:16:04 | 000,408,944 | ---- | M] (AnchorFree Inc.) -- C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe
  36. PRC - [2012.08.03 03:12:18 | 000,387,440 | ---- | M] () -- C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
  37. PRC - [2012.08.03 03:10:40 | 000,476,016 | ---- | M] () -- C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe
  38. PRC - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
  39. PRC - [2012.07.23 16:18:42 | 000,383,128 | ---- | M] (BlueStack Systems, Inc.) -- C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
  40. PRC - [2012.07.16 16:31:32 | 002,673,064 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
  41. PRC - [2012.05.19 16:55:25 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
  42. PRC - [2012.05.15 02:21:40 | 000,382,272 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
  43. PRC - [2012.03.20 11:16:08 | 000,247,872 | ---- | M] () -- C:\PROGRA~2\ICQ6TO~1\ICQSER~1.EXE
  44. PRC - [2012.01.26 15:08:56 | 003,665,752 | ---- | M] () -- C:\Program Files (x86)\Tobit Radio.fx\Server\rfx-server.exe
  45. PRC - [2012.01.26 14:14:27 | 006,819,160 | ---- | M] (Tobit.Software) -- C:\Program Files (x86)\Tobit Radio.fx\Client\rfx-client.exe
  46. PRC - [2012.01.18 10:44:33 | 002,057,048 | ---- | M] (Tobit.Software) -- C:\Program Files (x86)\Tobit Radio.fx\Client\rfx-tray.exe
  47. PRC - [2011.12.24 12:24:36 | 000,202,296 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\avp.exe
  48. PRC - [2011.08.22 17:07:32 | 000,354,416 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWOW64\vmnetdhcp.exe
  49. PRC - [2011.08.22 17:06:56 | 000,432,752 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWOW64\vmnat.exe
  50. PRC - [2011.08.22 15:28:42 | 000,079,872 | ---- | M] (VMware, Inc.) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
  51. PRC - [2010.09.07 11:46:56 | 000,072,280 | ---- | M] () -- C:\Windows\SysWOW64\XSrvSetup.exe
  52. PRC - [2009.12.21 17:34:38 | 000,743,992 | ---- | M] (Infowatch) -- C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe
  53.  
  54.  
  55. [color=#E56717]========== Modules (No Company Name) ==========[/color]
  56.  
  57. MOD - [2012.10.18 17:11:53 | 000,155,232 | -H-- | M] () -- C:\Users\Kai\AppData\Local\Temp\~4B34.tmp
  58. MOD - [2012.10.14 18:22:30 | 009,814,968 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll
  59. MOD - [2012.10.14 18:09:23 | 006,045,848 | ---- | M] () -- c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe
  60. MOD - [2012.10.04 20:58:50 | 020,317,008 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll
  61. MOD - [2012.10.04 20:58:48 | 000,902,480 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.DLL
  62. MOD - [2012.10.04 20:58:46 | 000,123,232 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-51.dll
  63. MOD - [2012.10.04 20:58:44 | 000,190,816 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-53.dll
  64. MOD - [2012.10.04 20:58:42 | 001,099,616 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-53.dll
  65. MOD - [2012.09.18 20:23:02 | 002,244,064 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
  66. MOD - [2012.08.21 11:02:26 | 001,193,176 | ---- | M] () -- C:\Users\Kai\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
  67. MOD - [2012.05.29 09:33:09 | 000,012,288 | ---- | M] () -- c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\miles\mssds3d.flt
  68. MOD - [2012.05.29 03:32:26 | 000,153,088 | ---- | M] () -- c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\miles\mssvoice.asi
  69. MOD - [2012.05.29 02:26:17 | 000,093,696 | ---- | M] () -- c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\miles\mssmp3.asi
  70. MOD - [2012.05.29 00:09:39 | 000,099,840 | ---- | M] () -- c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\miles\milesEq.flt
  71. MOD - [2012.05.28 23:14:28 | 000,058,368 | ---- | M] () -- c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\miles\msseax.flt
  72. MOD - [2012.05.15 02:21:26 | 000,368,448 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll
  73. MOD - [2012.02.20 21:29:04 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
  74. MOD - [2012.02.20 21:28:42 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
  75. MOD - [2012.01.26 12:39:32 | 009,560,576 | ---- | M] () -- C:\Program Files (x86)\Tobit Radio.fx\Client\TOBITCLT.dll
  76. MOD - [2012.01.26 11:13:36 | 000,215,552 | ---- | M] () -- C:\Program Files (x86)\Tobit Radio.fx\Client\rfx-client$.ger
  77. MOD - [2011.12.24 12:22:20 | 007,422,352 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\QtGui4.dll
  78. MOD - [2011.12.24 12:22:20 | 000,795,024 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\QtNetwork4.dll
  79. MOD - [2011.12.24 12:22:16 | 001,270,160 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\QtScript4.dll
  80. MOD - [2011.12.24 12:22:16 | 000,192,912 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\QtSql4.dll
  81. MOD - [2011.12.24 12:22:14 | 002,453,904 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\QtDeclarative4.dll
  82. MOD - [2011.12.24 12:22:12 | 002,126,224 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\QtCore4.dll
  83. MOD - [2011.12.24 12:21:10 | 000,459,152 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\dblite.dll
  84. MOD - [2011.09.05 19:36:52 | 000,025,088 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\imageformats\qgif4.dll
  85. MOD - [2011.09.05 19:36:50 | 000,180,224 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\imageformats\qjpeg4.dll
  86. MOD - [2009.08.23 19:58:06 | 000,094,208 | ---- | M] () -- C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
  87.  
  88.  
  89. [color=#E56717]========== Services (SafeList) ==========[/color]
  90.  
  91. SRV:[b]64bit:[/b] - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
  92. SRV - [2012.10.17 14:24:31 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
  93. SRV - [2012.10.15 12:02:21 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
  94. SRV - [2012.10.14 20:34:53 | 001,564,368 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe -- (Guard.Mail.ru)
  95. SRV - [2012.10.04 20:58:53 | 000,529,744 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
  96. SRV - [2012.09.04 12:16:08 | 000,678,416 | ---- | M] () [Auto | Running] -- C:\Programme\EslWire\service\WireHelperSvc.exe -- (EslWireHelper)
  97. SRV - [2012.08.29 12:03:36 | 002,369,960 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
  98. SRV - [2012.08.03 03:20:24 | 000,078,072 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE -- (HssTrayService)
  99. SRV - [2012.08.03 03:16:04 | 000,408,944 | ---- | M] (AnchorFree Inc.) [Auto | Running] -- C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe -- (HssSrv)
  100. SRV - [2012.08.03 03:12:18 | 000,387,440 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe -- (HssWd)
  101. SRV - [2012.08.03 03:10:40 | 000,476,016 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe -- (hshld)
  102. SRV - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
  103. SRV - [2012.07.25 18:58:26 | 000,126,976 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe -- (Te.Service)
  104. SRV - [2012.07.25 18:13:16 | 000,139,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe -- (fussvc)
  105. SRV - [2012.07.23 16:18:42 | 000,383,128 | ---- | M] (BlueStack Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe -- (BstHdLogRotatorSvc)
  106. SRV - [2012.07.23 16:18:16 | 000,395,416 | ---- | M] (BlueStack Systems, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\BlueStacks\HD-Service.exe -- (BstHdAndroidSvc)
  107. SRV - [2012.07.16 16:31:32 | 002,673,064 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
  108. SRV - [2012.07.13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
  109. SRV - [2012.07.09 00:40:10 | 000,104,912 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
  110. SRV - [2012.06.17 09:52:14 | 000,098,576 | ---- | M] (SANDBOXIE L.T.D) [Auto | Running] -- C:\Programme\Sandboxie\SbieSvc.exe -- (SbieSvc)
  111. SRV - [2012.05.19 16:55:25 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
  112. SRV - [2012.05.15 12:48:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
  113. SRV - [2012.05.15 02:21:40 | 000,382,272 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
  114. SRV - [2012.03.26 15:28:58 | 005,404,472 | ---- | M] (Moonware Studios) [On_Demand | Stopped] -- C:\Program Files (x86)\webcamXP 5\wService.exe -- (wxpSvc)
  115. SRV - [2012.03.20 11:16:08 | 000,247,872 | ---- | M] () [Auto | Running] -- C:\PROGRA~2\ICQ6TO~1\ICQSER~1.EXE -- (ICQ Service)
  116. SRV - [2012.02.11 08:55:04 | 000,129,624 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter)
  117. SRV - [2012.01.26 15:08:56 | 003,665,752 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Tobit Radio.fx\Server\rfx-server.exe -- (Radio.fx)
  118. SRV - [2011.12.24 12:24:36 | 000,202,296 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\avp.exe -- (AVP)
  119. SRV - [2011.12.15 19:29:42 | 000,014,848 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe -- (OpenVPNService)
  120. SRV - [2011.08.22 17:07:32 | 000,354,416 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vmnetdhcp.exe -- (VMnetDHCP)
  121. SRV - [2011.08.22 17:06:56 | 000,432,752 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vmnat.exe -- (VMware NAT Service)
  122. SRV - [2011.08.22 16:34:52 | 011,837,440 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe -- (VMwareHostd)
  123. SRV - [2011.08.22 15:28:42 | 000,079,872 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe -- (VMAuthdService)
  124. SRV - [2011.08.21 23:11:28 | 000,846,448 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe -- (VMUSBArbService)
  125. SRV - [2010.09.07 11:46:56 | 000,072,280 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\XSrvSetup.exe -- (JMB36X)
  126. SRV - [2010.02.19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
  127. SRV - [2009.12.21 17:34:38 | 000,743,992 | ---- | M] (Infowatch) [Auto | Running] -- C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe -- (CSObjectsSrv)
  128. SRV - [2009.08.18 12:48:02 | 002,291,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
  129. SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
  130. SRV - [2007.11.21 12:16:02 | 000,020,480 | ---- | M] () [Auto | Running] -- C:\Programme\Hercules\Audio\DJ Console Series\HerculesDJControlMP3.EXE -- (HerculesDJControlMP3)
  131.  
  132.  
  133. [color=#E56717]========== Driver Services (SafeList) ==========[/color]
  134.  
  135. DRV:[b]64bit:[/b] - [2012.09.25 20:14:23 | 000,025,216 | ---- | M] (Dev47Apps) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\droidcam.sys -- (DroidCam)
  136. DRV:[b]64bit:[/b] - [2012.09.04 12:16:00 | 000,147,472 | ---- | M] (<Turtle Entertainment>) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\ESLWireACD.sys -- (ESLWireAC)
  137. DRV:[b]64bit:[/b] - [2012.07.10 04:48:18 | 000,041,704 | ---- | M] (AnchorFree Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\hssdrv6.sys -- (HssDRV6)
  138. DRV:[b]64bit:[/b] - [2012.05.19 12:43:38 | 000,639,280 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klif.sys -- (KLIF)
  139. DRV:[b]64bit:[/b] - [2012.04.18 19:08:03 | 000,188,736 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
  140. DRV:[b]64bit:[/b] - [2012.03.01 08:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
  141. DRV:[b]64bit:[/b] - [2012.02.15 11:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
  142. DRV:[b]64bit:[/b] - [2012.01.05 01:01:54 | 000,037,888 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\taphss.sys -- (taphss)
  143. DRV:[b]64bit:[/b] - [2011.10.20 11:48:00 | 000,458,032 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\kl1.sys -- (KL1)
  144. DRV:[b]64bit:[/b] - [2011.10.20 11:48:00 | 000,013,616 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kl2.sys -- (kl2)
  145. DRV:[b]64bit:[/b] - [2011.09.29 11:30:34 | 000,646,248 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
  146. DRV:[b]64bit:[/b] - [2011.08.22 17:07:58 | 000,062,064 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmx86.sys -- (vmx86)
  147. DRV:[b]64bit:[/b] - [2011.08.22 17:07:50 | 000,031,344 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\VMparport.sys -- (VMparport)
  148. DRV:[b]64bit:[/b] - [2011.08.22 17:06:14 | 000,030,320 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetuserif.sys -- (VMnetuserif)
  149. DRV:[b]64bit:[/b] - [2011.08.22 15:12:26 | 000,045,680 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetbridge.sys -- (VMnetBridge)
  150. DRV:[b]64bit:[/b] - [2011.08.22 15:12:26 | 000,020,080 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmnetadapter.sys -- (VMnetAdapter)
  151. DRV:[b]64bit:[/b] - [2011.08.21 23:11:26 | 000,039,024 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\hcmon.sys -- (hcmon)
  152. DRV:[b]64bit:[/b] - [2011.08.08 14:59:12 | 000,116,336 | ---- | M] (VMware, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vmci.sys -- (vmci)
  153. DRV:[b]64bit:[/b] - [2011.04.26 11:21:06 | 000,031,232 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)
  154. DRV:[b]64bit:[/b] - [2011.03.11 08:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
  155. DRV:[b]64bit:[/b] - [2011.03.11 08:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
  156. DRV:[b]64bit:[/b] - [2011.03.10 18:36:24 | 000,029,488 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klim6.sys -- (KLIM6)
  157. DRV:[b]64bit:[/b] - [2010.12.24 11:43:40 | 000,029,288 | -H-- | M] (Wondershare) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apowersoft_AudioDevice.sys -- (Apowersoft_AudioDevice)
  158. DRV:[b]64bit:[/b] - [2010.09.07 04:37:28 | 000,121,432 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\jraid.sys -- (JRAID)
  159. DRV:[b]64bit:[/b] - [2009.12.14 12:44:24 | 000,085,048 | ---- | M] (Infowatch) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\CSCrySec.sys -- (CSCrySec)
  160. DRV:[b]64bit:[/b] - [2009.12.14 12:44:24 | 000,066,104 | ---- | M] (Infowatch) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\CSVirtualDiskDrv.sys -- (CSVirtualDiskDrv)
  161. DRV:[b]64bit:[/b] - [2009.12.01 15:49:52 | 000,038,992 | ---- | M] (Screaming Bee LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ScreamingBAudio64.sys -- (ScreamBAudioSvc)
  162. DRV:[b]64bit:[/b] - [2009.11.24 03:38:00 | 000,016,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGVirHid.sys -- (LGVirHid)
  163. DRV:[b]64bit:[/b] - [2009.11.23 17:37:50 | 000,022,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGBusEnum.sys -- (LGBusEnum)
  164. DRV:[b]64bit:[/b] - [2009.11.02 20:27:10 | 000,022,544 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klmouflt.sys -- (klmouflt)
  165. DRV:[b]64bit:[/b] - [2009.10.02 10:33:12 | 000,144,896 | ---- | M] (© Guillemot R&D, 2009. All rights reserved.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HDJMidi.sys -- (HDJMidi)
  166. DRV:[b]64bit:[/b] - [2009.10.02 10:33:06 | 000,154,112 | ---- | M] (© Guillemot R&D, 2009. All rights reserved.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HDJBulk.sys -- (Bulk)
  167. DRV:[b]64bit:[/b] - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
  168. DRV:[b]64bit:[/b] - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
  169. DRV:[b]64bit:[/b] - [2009.07.14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
  170. DRV:[b]64bit:[/b] - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
  171. DRV:[b]64bit:[/b] - [2009.07.01 11:54:54 | 000,030,728 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGPBTDD.sys -- (LGPBTDD)
  172. DRV:[b]64bit:[/b] - [2009.06.22 20:01:16 | 000,132,608 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbnet.sys -- (ewusbnet)
  173. DRV:[b]64bit:[/b] - [2009.06.22 19:38:34 | 000,116,992 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard)
  174. DRV:[b]64bit:[/b] - [2009.06.22 19:26:40 | 000,113,792 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbdev.sys -- (hwusbdev)
  175. DRV:[b]64bit:[/b] - [2009.06.10 22:35:36 | 000,867,328 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr28ux.sys -- (netr28ux)
  176. DRV:[b]64bit:[/b] - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
  177. DRV:[b]64bit:[/b] - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
  178. DRV:[b]64bit:[/b] - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
  179. DRV:[b]64bit:[/b] - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
  180. DRV:[b]64bit:[/b] - [2009.05.18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
  181. DRV:[b]64bit:[/b] - [2009.03.18 16:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
  182. DRV - [2012.07.26 14:38:00 | 000,070,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys -- (VSPerfDrv110)
  183. DRV - [2012.07.23 16:18:42 | 000,072,856 | ---- | M] (BlueStack Systems) [Kernel | Auto | Running] -- C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys -- (BstHdDrv)
  184. DRV - [2012.06.17 09:52:12 | 000,166,576 | ---- | M] (SANDBOXIE L.T.D) [Kernel | On_Demand | Running] -- C:\Programme\Sandboxie\SbieDrv.sys -- (SbieDrv)
  185. DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
  186.  
  187.  
  188. [color=#E56717]========== Standard Registry (SafeList) ==========[/color]
  189.  
  190.  
  191. [color=#E56717]========== Internet Explorer ==========[/color]
  192.  
  193. IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
  194. IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
  195. IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
  196. IE - HKLM\..\URLSearchHook: - No CLSID value found
  197. IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
  198. IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
  199. IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
  200.  
  201. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.icq.com/
  202. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://de.msn.com/?ocid=iehp
  203. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
  204. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = C7 A5 09 59 18 35 CD 01 [binary data]
  205. IE - HKCU\..\URLSearchHook: - No CLSID value found
  206. IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
  207. IE - HKCU\..\URLSearchHook: {c95a4e8e-816d-4655-8c79-d736da1adb6d} - No CLSID value found
  208. IE - HKCU\..\SearchScopes,DefaultScope = {6552C7DD-90A4-4387-B795-F8F96747DE19}
  209. IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
  210. IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=110819&tt=100512_2_&babsrc=SP_ss&mntrId=b6396a2c0000000000001c6f65468cdd
  211. IE - HKCU\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = http://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
  212. IE - HKCU\..\SearchScopes\{86F14831-D88C-4BC8-B871-C8FB24D95D9B}: "URL" = http://www.questbasic.com/?prt=QstbscWD&keywords={searchTerms}
  213. IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
  214. IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopback>
  215. IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8888;https=127.0.0.1:8888
  216.  
  217. [color=#E56717]========== FireFox ==========[/color]
  218.  
  219. FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
  220. FF - prefs.js..browser.search.selectedEngine: "Google"
  221. FF - prefs.js..browser.startup.homepage: "http://google.de"
  222. FF - prefs.js..extensions.enabledAddons: afurladvisor@anchorfree.com:1.0
  223. FF - prefs.js..extensions.enabledAddons: {c45c406e-ab73-11d8-be73-000a95be3b12}:1.2.2
  224. FF - prefs.js..extensions.enabledAddons: {800b5000-a755-47e1-992b-48a1c1357f07}:1.5.3
  225. FF - prefs.js..keyword.URL: "http://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.5.3&q="
  226.  
  227.  
  228. FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll File not found
  229. FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
  230. FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
  231. FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
  232. FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
  233. FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
  234. FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
  235. FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
  236. FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.122.0: C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll (ESN Social Software AB)
  237. FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.138.0: C:\Program Files (x86)\Battlelog Web Plugins\1.138.0\npesnlaunch.dll (ESN Social Software AB)
  238. FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
  239. FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
  240. FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
  241. FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
  242. FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
  243. FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
  244. FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Kai\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
  245. FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Kai\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
  246.  
  247. FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\linkfilter@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\FFExt\linkfilter@kaspersky.ru [2012.06.13 16:08:31 | 000,000,000 | ---D | M]
  248. FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtualKeyboard@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\FFExt\virtualKeyboard@kaspersky.ru [2012.06.13 16:08:31 | 000,000,000 | ---D | M]
  249. FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\KavAntiBanner@Kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\FFExt\KavAntiBanner@Kaspersky.ru [2012.06.13 16:08:31 | 000,000,000 | ---D | M]
  250. FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.09.18 20:23:02 | 000,000,000 | ---D | M]
  251. FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
  252. FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 16.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012.10.15 19:56:42 | 000,000,000 | ---D | M]
  253. FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 16.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
  254. FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.09.18 20:23:02 | 000,000,000 | ---D | M]
  255. FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
  256.  
  257. [2012.05.18 19:38:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kai\AppData\Roaming\mozilla\Extensions
  258. [2012.10.17 14:06:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kai\AppData\Roaming\mozilla\Firefox\Profiles\4ik4zyhc.default\extensions
  259. [2012.10.17 14:06:20 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Kai\AppData\Roaming\mozilla\Firefox\Profiles\4ik4zyhc.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
  260. [2012.08.21 11:10:30 | 000,000,000 | ---D | M] (Hotspot Shield) -- C:\Users\Kai\AppData\Roaming\mozilla\Firefox\Profiles\4ik4zyhc.default\extensions\{c95a4e8e-816d-4655-8c79-d736da1adb6d}
  261. [2012.10.14 18:25:26 | 000,215,605 | ---- | M] () (No name found) -- C:\Users\Kai\AppData\Roaming\mozilla\firefox\profiles\4ik4zyhc.default\extensions\fbdislike@doweb.fr.xpi
  262. [2012.10.14 18:25:29 | 000,340,281 | ---- | M] () (No name found) -- C:\Users\Kai\AppData\Roaming\mozilla\firefox\profiles\4ik4zyhc.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi
  263. [2012.09.25 20:24:51 | 000,269,659 | ---- | M] () (No name found) -- C:\Users\Kai\AppData\Roaming\mozilla\firefox\profiles\4ik4zyhc.default\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi
  264. [2012.09.24 14:05:05 | 001,268,546 | ---- | M] () (No name found) -- C:\Users\Kai\AppData\Roaming\mozilla\firefox\profiles\4ik4zyhc.default\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi
  265. [2012.09.26 16:09:37 | 000,741,958 | ---- | M] () (No name found) -- C:\Users\Kai\AppData\Roaming\mozilla\firefox\profiles\4ik4zyhc.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
  266. [2012.07.08 14:22:24 | 000,172,310 | ---- | M] () (No name found) -- C:\Users\Kai\AppData\Roaming\mozilla\firefox\profiles\4ik4zyhc.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi
  267. [2012.07.24 14:48:30 | 000,000,168 | ---- | M] () -- C:\Users\Kai\AppData\Roaming\mozilla\firefox\profiles\4ik4zyhc.default\searchplugins\icqplugin.gif
  268. [2012.07.24 14:48:30 | 000,000,618 | ---- | M] () -- C:\Users\Kai\AppData\Roaming\mozilla\firefox\profiles\4ik4zyhc.default\searchplugins\icqplugin.src
  269. [2012.10.17 14:06:24 | 000,000,950 | ---- | M] () -- C:\Users\Kai\AppData\Roaming\mozilla\firefox\profiles\4ik4zyhc.default\searchplugins\icqplugin.xml
  270. [2012.08.18 22:20:06 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
  271. [2012.07.13 14:47:42 | 000,000,000 | ---D | M] (QuestBasic) -- C:\Program Files (x86)\mozilla firefox\extensions\{1CE72EFA-E2D1-48FA-A5EC-D7111C2C5BB6}
  272. [2012.07.13 14:45:13 | 000,000,000 | ---D | M] (z) -- C:\Program Files (x86)\mozilla firefox\extensions\{3e5ce861-0818-99c9-aa67-ac1c58fbaa8b}
  273. [2012.08.18 22:20:06 | 000,000,000 | ---D | M] (Hotspot Shield Helper (Please allow this installation)) -- C:\Program Files (x86)\mozilla firefox\extensions\afurladvisor@anchorfree.com
  274. [2012.09.18 20:23:02 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
  275. [2012.07.14 02:45:08 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
  276. [2012.09.18 20:23:01 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
  277. [2012.07.14 02:45:08 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
  278. [2012.07.14 02:45:08 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
  279. [2012.07.14 02:45:08 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
  280. [2012.07.14 02:45:07 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
  281.  
  282. [color=#E56717]========== Chrome ==========[/color]
  283.  
  284. CHR - homepage: http://www.google.com/
  285. CHR - default_search_provider: Google (Enabled)
  286. CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
  287. CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms},
  288. CHR - homepage: http://www.google.com/
  289. CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
  290. CHR - plugin: Native Client (Enabled) = C:\Users\Kai\AppData\Local\Google\Chrome\Application\22.0.1229.94\ppGoogleNaClPluginChrome.dll
  291. CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Kai\AppData\Local\Google\Chrome\Application\22.0.1229.94\pdf.dll
  292. CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Kai\AppData\Local\Google\Chrome\Application\22.0.1229.94\gcswf32.dll
  293. CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Kai\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
  294. CHR - plugin: Google Update (Enabled) = C:\Users\Kai\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
  295. CHR - Extension: di.slik.es = C:\Users\Kai\AppData\Local\Google\Chrome\User Data\Default\Extensions\acmlfebmbccbmdaihmpefcfehaodlecb\1.3.0.3_0\
  296. CHR - Extension: Angry Birds = C:\Users\Kai\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\
  297. CHR - Extension: StyleYourFacebook = C:\Users\Kai\AppData\Local\Google\Chrome\User Data\Default\Extensions\baoldehlchpdgkdhlobagfmbdfbjoapd\2.2_0\
  298. CHR - Extension: YouTube = C:\Users\Kai\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
  299. CHR - Extension: Adblock Plus (Beta) = C:\Users\Kai\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\
  300. CHR - Extension: Google-Suche = C:\Users\Kai\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
  301. CHR - Extension: Modul zur Link-Untersuchung = C:\Users\Kai\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.1.288_1\
  302. CHR - Extension: Stylish = C:\Users\Kai\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe\0.10_0\
  303. CHR - Extension: Dislike the web = C:\Users\Kai\AppData\Local\Google\Chrome\User Data\Default\Extensions\hlbglppdmdnehajdanndnbdafoceoill\2.3_0\
  304. CHR - Extension: Virtuelle Tastatur = C:\Users\Kai\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.1.288_1\
  305. CHR - Extension: SweetIM for Facebook = C:\Users\Kai\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.0.0.0_0\Copy of
  306. CHR - Extension: SweetIM for Facebook = C:\Users\Kai\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.0.0.0_0\
  307. CHR - Extension: Dislike Anything = C:\Users\Kai\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpkgedojiglligeocnkladaopfejngao\0.4.2_0\
  308. CHR - Extension: Dislike FB 2.0 = C:\Users\Kai\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhelohobibckfhpgnamoidiofmfanjee\2.0_0\
  309. CHR - Extension: Skype Click to Call = C:\Users\Kai\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.10.0.9560_0\
  310. CHR - Extension: Google Mail = C:\Users\Kai\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
  311. CHR - Extension: Anti-Banner = C:\Users\Kai\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.1.288_0\
  312. CHR - Extension: di.slik.es = C:\Users\Kai\AppData\Local\Google\Chrome\User Data\Default\Extensions\acmlfebmbccbmdaihmpefcfehaodlecb\1.3.0.3_0\
  313. CHR - Extension: Angry Birds = C:\Users\Kai\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\
  314. CHR - Extension: StyleYourFacebook = C:\Users\Kai\AppData\Local\Google\Chrome\User Data\Default\Extensions\baoldehlchpdgkdhlobagfmbdfbjoapd\2.2_0\
  315. CHR - Extension: YouTube = C:\Users\Kai\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
  316. CHR - Extension: Adblock Plus (Beta) = C:\Users\Kai\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\
  317. CHR - Extension: Google-Suche = C:\Users\Kai\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
  318. CHR - Extension: Modul zur Link-Untersuchung = C:\Users\Kai\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.1.288_1\
  319. CHR - Extension: Stylish = C:\Users\Kai\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe\0.10_0\
  320. CHR - Extension: Dislike the web = C:\Users\Kai\AppData\Local\Google\Chrome\User Data\Default\Extensions\hlbglppdmdnehajdanndnbdafoceoill\2.3_0\
  321. CHR - Extension: Virtuelle Tastatur = C:\Users\Kai\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.1.288_1\
  322. CHR - Extension: SweetIM for Facebook = C:\Users\Kai\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.0.0.0_0\Copy of
  323. CHR - Extension: SweetIM for Facebook = C:\Users\Kai\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.0.0.0_0\
  324. CHR - Extension: Dislike Anything = C:\Users\Kai\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpkgedojiglligeocnkladaopfejngao\0.4.2_0\
  325. CHR - Extension: Dislike FB 2.0 = C:\Users\Kai\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhelohobibckfhpgnamoidiofmfanjee\2.0_0\
  326. CHR - Extension: Skype Click to Call = C:\Users\Kai\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.10.0.9560_0\
  327. CHR - Extension: Google Mail = C:\Users\Kai\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
  328. CHR - Extension: Anti-Banner = C:\Users\Kai\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.1.288_0\
  329.  
  330. O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
  331. O2:[b]64bit:[/b] - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\x64\ievkbd.dll (Kaspersky Lab ZAO)
  332. O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
  333. O2:[b]64bit:[/b] - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
  334. O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
  335. O2:[b]64bit:[/b] - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\x64\klwtbbho.dll (Kaspersky Lab ZAO)
  336. O2:[b]64bit:[/b] - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll (AnchorFree Inc.)
  337. O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\ievkbd.dll (Kaspersky Lab ZAO)
  338. O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
  339. O2 - BHO: (Microsoft Web Test Recorder 10.0 Helper) - {876d9f09-c6d6-4324-a2cc-04dd9a4de12f} - C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll (Microsoft Corporation)
  340. O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
  341. O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
  342. O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\klwtbbho.dll (Kaspersky Lab ZAO)
  343. O2 - BHO: (SweetPacks Browser Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
  344. O2 - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE.dll (AnchorFree Inc.)
  345. O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
  346. O3 - HKLM\..\Toolbar: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
  347. O3 - HKCU\..\Toolbar\WebBrowser: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
  348. O4:[b]64bit:[/b] - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
  349. O4:[b]64bit:[/b] - HKLM..\Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech Inc.)
  350. O4:[b]64bit:[/b] - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
  351. O4 - HKLM..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin File not found
  352. O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
  353. O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)
  354. O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
  355. O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\avp.exe (Kaspersky Lab ZAO)
  356. O4 - HKLM..\Run: [Hercules DJ Series] C:\Program Files\Hercules\Audio\DJ Console Series\HDJSeriesCPL.exe (Hercules®)
  357. O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
  358. O4 - HKCU..\Run: [AdobeBridge] File not found
  359. O4 - HKCU..\Run: [EADM] C:\Program Files (x86)\Origin\Origin.exe (Electronic Arts)
  360. O4 - HKCU..\Run: [ESL Wire] C:\Program Files\EslWire\wire.exe (Turtle Entertainment GmbH)
  361. O4 - HKCU..\Run: [Firewall] C:\Program Files\Java\jre7\bin\javaw.exe (Oracle Corporation)
  362. O4 - HKCU..\Run: [ICQ] C:\Program Files (x86)\ICQ7M\ICQ.exe (ICQ, LLC.)
  363. O4 - HKCU..\Run: [rfxsrvtray] C:\Program Files (x86)\Tobit Radio.fx\Client\rfx-tray.exe (Tobit.Software)
  364. O4 - HKCU..\Run: [RocketDock] C:\Program Files (x86)\RocketDock\RocketDock.exe ()
  365. O4 - HKCU..\Run: [SandboxieControl] C:\Program Files\Sandboxie\SbieCtrl.exe (SANDBOXIE L.T.D)
  366. O4 - HKCU..\Run: [Spotify] C:\Users\Kai\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd)
  367. O4 - HKCU..\Run: [Spotify Web Helper] C:\Users\Kai\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe ()
  368. O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
  369. O4 - Startup: C:\Users\Kai\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Kai\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
  370. O4 - Startup: C:\Users\Kai\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk = C:\Programme\Rainmeter\Rainmeter.exe ()
  371. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
  372. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
  373. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
  374. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
  375. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
  376. O8:[b]64bit:[/b] - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\ie_banner_deny.htm ()
  377. O8 - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\ie_banner_deny.htm ()
  378. O9:[b]64bit:[/b] - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\x64\ievkbd.dll (Kaspersky Lab ZAO)
  379. O9:[b]64bit:[/b] - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\x64\klwtbbho.dll (Kaspersky Lab ZAO)
  380. O9 - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\ievkbd.dll (Kaspersky Lab ZAO)
  381. O9 - Extra Button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe (ICQ, LLC.)
  382. O9 - Extra 'Tools' menuitem : ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Program Files (x86)\ICQ7M\ICQ.exe (ICQ, LLC.)
  383. O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
  384. O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
  385. O9 - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 2.0\klwtbbho.dll (Kaspersky Lab ZAO)
  386. O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
  387. O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
  388. O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
  389. O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000011 - C:\Windows\SysNative\vsocklib.dll (VMware, Inc.)
  390. O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000012 - C:\Windows\SysNative\vsocklib.dll (VMware, Inc.)
  391. O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
  392. O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\vsocklib.dll (VMware, Inc.)
  393. O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\SysWOW64\vsocklib.dll (VMware, Inc.)
  394. O13[b]64bit:[/b] - gopher Prefix: missing
  395. O13 - gopher Prefix: missing
  396. O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
  397. O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
  398. O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{541E9696-50F7-4625-BE7B-61BBFABB93EF}: DhcpNameServer = 192.168.1.1
  399. O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8DE44935-7CDD-4D36-A309-DA87C8AF0022}: DhcpNameServer = 139.7.30.125 139.7.30.126
  400. O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DB6BC001-7B78-41BA-A7B9-1386083E7AE2}: DhcpNameServer = 8.8.8.8
  401. O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EB49F06B-574A-44BB-9966-235274B663F3}: DhcpNameServer = 192.168.178.1
  402. O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found
  403. O18:[b]64bit:[/b] - Protocol\Handler\skype-ie-addon-data - No CLSID value found
  404. O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
  405. O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
  406. O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
  407. O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
  408. O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
  409. O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
  410. O20 - HKCU Winlogon: Shell - (expstart.exe) - C:\Windows\expstart.exe ()
  411. O20:[b]64bit:[/b] - Winlogon\Notify\klogon: DllName - (%SystemRoot%\System32\klogon.dll) - C:\Windows\SysNative\klogon.dll (Kaspersky Lab ZAO)
  412. O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
  413. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
  414. O32 - HKLM CDRom: AutoRun - 1
  415. O32 - AutoRun File - [2012.08.18 10:45:33 | 000,041,425 | ---- | M] () - C:\autohaus1.amx -- [ NTFS ]
  416. O32 - AutoRun File - [2008.04.28 17:16:00 | 000,000,074 | R--- | M] () - G:\Autorun.inf -- [ CDFS ]
  417. O33 - MountPoints2\{420aa4e8-a10a-11e1-9c85-806e6f6e6963}\Shell - "" = AutoRun
  418. O33 - MountPoints2\{420aa4e8-a10a-11e1-9c85-806e6f6e6963}\Shell\AutoRun\command - "" = G:\0data\cobi.exe -- [2009.03.16 12:03:06 | 001,144,320 | R--- | M] (getanet.MEDIA)
  419. O34 - HKLM BootExecute: (autocheck autochk *)
  420. O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
  421. O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
  422. O35 - HKLM\..comfile [open] -- "%1" %*
  423. O35 - HKLM\..exefile [open] -- "%1" %*
  424. O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
  425. O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
  426. O37 - HKLM\...com [@ = comfile] -- "%1" %*
  427. O37 - HKLM\...exe [@ = exefile] -- "%1" %*
  428. O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
  429. O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
  430. O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
  431.  
  432. [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
  433.  
  434. [2012.10.18 14:32:24 | 000,000,000 | ---D | C] -- C:\Users\Kai\AppData\Roaming\.minecraft
  435. [2012.10.18 14:08:06 | 000,000,000 | ---D | C] -- C:\Users\Kai\AppData\Roaming\.spoutcraft
  436. [2012.10.16 19:11:50 | 000,000,000 | ---D | C] -- C:\Users\Kai\AppData\Roaming\SA-MP Audio Plugin
  437. [2012.10.16 17:10:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SIX Networks
  438. [2012.10.16 13:06:43 | 000,000,000 | ---D | C] -- C:\Users\Kai\AppData\Local\Chromium
  439. [2012.10.16 13:04:46 | 000,000,000 | ---D | C] -- C:\Users\Kai\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SA-MP Live
  440. [2012.10.16 13:02:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Rockstar Games
  441. [2012.10.15 16:37:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
  442. [2012.10.15 16:37:40 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
  443. [2012.10.15 13:22:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
  444. [2012.10.15 13:22:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi
  445. [2012.10.15 12:10:22 | 000,000,000 | ---D | C] -- C:\Users\Kai\Desktop\Smoke-RL (c)
  446. [2012.10.14 20:43:22 | 000,000,000 | ---D | C] -- C:\Users\Kai\Desktop\LyL
  447. [2012.10.14 20:35:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICQ7M
  448. [2012.10.14 20:35:02 | 000,000,000 | ---D | C] -- C:\Users\Kai\AppData\Roaming\ICQ Search
  449. [2012.10.14 20:34:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ICQ6Toolbar
  450. [2012.10.14 20:34:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Guard-ICQ
  451. [2012.10.14 20:34:42 | 000,000,000 | ---D | C] -- C:\ProgramData\ICQ
  452. [2012.10.14 20:34:09 | 000,000,000 | ---D | C] -- C:\Users\Kai\AppData\Roaming\ICQ
  453. [2012.10.14 20:34:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ICQ7M
  454. [2012.10.14 19:37:21 | 000,000,000 | ---D | C] -- C:\Users\Kai\Desktop\World of San Andreas 4.0.2
  455. [2012.10.06 12:14:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MySQL
  456. [2012.10.06 12:14:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MySQL
  457. [2012.10.05 22:01:21 | 000,000,000 | ---D | C] -- C:\Users\Kai\Desktop\Hidden Ordner.{ED7BA470-8E54-465E-825C-99712043E01C}
  458. [2012.10.05 18:25:20 | 000,000,000 | --SD | C] -- C:\Users\Kai\AppData\Roaming\Frutas
  459. [2012.10.05 17:01:51 | 000,000,000 | ---D | C] -- C:\Users\Kai\Desktop\Script
  460. [2012.10.05 17:01:50 | 000,000,000 | ---D | C] -- C:\Users\Kai\Desktop\Pawno
  461. [2012.10.04 21:48:31 | 000,574,200 | -H-- | C] (Bytescout) -- C:\Windows\SysNative\BytescoutScreenCapturing.dll
  462. [2012.10.04 21:48:31 | 000,362,232 | -H-- | C] (Bytescout) -- C:\Windows\SysNative\BytescoutScreenCapturingFilter.dll
  463. [2012.10.04 21:48:31 | 000,231,672 | -H-- | C] (Bytescout) -- C:\Windows\SysNative\BytescoutVideoMixerFilter.dll
  464. [2012.10.04 21:48:31 | 000,175,864 | -H-- | C] (Bytescout) -- C:\Windows\SysWow64\BytescoutVideoMixerFilter.dll
  465. [2012.10.04 21:48:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apowersoft
  466. [2012.10.04 21:48:30 | 000,257,784 | -H-- | C] (Bytescout) -- C:\Windows\SysWow64\BytescoutScreenCapturingFilter.dll
  467. [2012.10.04 21:48:27 | 000,421,624 | -H-- | C] (Bytescout) -- C:\Windows\SysWow64\BytescoutScreenCapturing.dll
  468. [2012.10.04 21:48:27 | 000,029,288 | -H-- | C] (Wondershare) -- C:\Windows\SysNative\drivers\Apowersoft_AudioDevice.sys
  469. [2012.10.04 21:48:27 | 000,000,000 | ---D | C] -- C:\Users\Kai\AppData\Roaming\Apowersoft
  470. [2012.10.04 21:48:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apowersoft
  471. [2012.10.04 21:46:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GetFLV
  472. [2012.10.04 21:46:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GetFLV
  473. [2012.10.04 21:31:43 | 000,000,000 | ---D | C] -- C:\Users\Kai\AppData\Roaming\iFunbox_UserCache
  474. [2012.10.04 21:31:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\i-Funbox DevTeam
  475. [2012.10.04 21:31:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\i-Funbox DevTeam
  476. [2012.10.03 20:04:04 | 000,000,000 | ---D | C] -- C:\Users\Kai\AppData\Roaming\XnView
  477. [2012.10.03 20:04:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XnView
  478. [2012.10.03 20:03:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\XnView
  479. [2012.10.03 17:33:24 | 000,000,000 | ---D | C] -- C:\Users\Kai\AppData\Roaming\MAXON
  480. [2012.10.03 14:30:47 | 000,000,000 | ---D | C] -- C:\Windows\pss
  481. [2012.10.03 14:20:02 | 000,000,000 | ---D | C] -- C:\bin
  482. [2012.10.03 14:20:02 | 000,000,000 | ---D | C] -- C:\backup
  483. [2012.09.30 16:41:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cinema 4D R12
  484. [2012.09.30 16:38:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cinema 4D R12
  485. [2012.09.28 16:59:20 | 000,000,000 | ---D | C] -- C:\Users\Kai\Desktop\Wheelman
  486. [2012.09.26 17:53:57 | 000,000,000 | ---D | C] -- C:\Users\Kai\Desktop\Super Spambot v3 by IQONMAN
  487. [2012.09.26 17:31:09 | 000,000,000 | ---D | C] -- C:\ProgramData\webcamXP 5
  488. [2012.09.26 17:31:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\webcamXP 5
  489. [2012.09.26 17:31:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\webcamXP 5
  490. [2012.09.25 20:14:21 | 000,025,216 | ---- | C] (Dev47Apps) -- C:\Windows\SysNative\drivers\droidcam.sys
  491. [2012.09.25 20:14:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DroidCam
  492. [2012.09.24 12:41:41 | 000,000,000 | ---D | C] -- C:\Encryption
  493. [2012.09.24 10:56:27 | 000,000,000 | R--D | C] -- C:\Users\Kai\Desktop\GFX
  494. [2012.09.23 21:47:01 | 000,000,000 | ---D | C] -- C:\Users\Kai\Documents\Cross Fire
  495. [2012.09.23 21:47:00 | 000,000,000 | ---D | C] -- C:\CFLog
  496. [2012.09.23 12:42:47 | 000,000,000 | ---D | C] -- C:\Users\Kai\AppData\Local\Play withSIX
  497. [2012.09.22 16:21:12 | 000,000,000 | ---D | C] -- C:\Users\Kai\AppData\Roaming\six-zsync
  498. [2012.09.22 16:20:45 | 000,000,000 | ---D | C] -- C:\Users\Kai\AppData\Roaming\Play withSIX
  499. [2012.09.22 16:20:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SIX Networks
  500. [2012.09.22 16:19:01 | 000,000,000 | ---D | C] -- C:\Users\Kai\AppData\Local\Downloaded Installations
  501. [2012.09.22 14:19:24 | 000,000,000 | ---D | C] -- C:\Users\Kai\Documents\ArmA 2 Other Profiles
  502. [2012.09.22 14:06:05 | 000,000,000 | ---D | C] -- C:\Users\Kai\AppData\Local\ArmA 2 OA
  503. [2012.09.22 14:06:05 | 000,000,000 | ---D | C] -- C:\Users\Kai\Documents\ArmA 2
  504. [2012.09.22 14:04:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Caphyon
  505. [2012.09.22 14:04:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DayZ
  506. [2012.09.22 14:04:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Arma 2
  507. [2012.09.22 14:04:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ArmA 2
  508. [2012.09.22 13:53:51 | 000,000,000 | ---D | C] -- C:\Users\Kai\AppData\Roaming\DayZ-Dev
  509. [2012.09.22 13:42:02 | 000,000,000 | ---D | C] -- C:\Users\Kai\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive
  510. [2012.09.22 13:41:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive
  511. [2012.09.22 13:27:01 | 000,000,000 | ---D | C] -- C:\Program Files\Bohemia Interactive
  512. [2012.09.22 13:24:41 | 000,000,000 | ---D | C] -- C:\Users\Kai\AppData\Local\DayZCommander
  513. [2012.09.22 13:24:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Dotjosh Studios
  514. [2012.09.21 21:09:20 | 000,000,000 | ---D | C] -- C:\Users\Kai\Desktop\Vorstellung
  515. [2012.09.21 19:13:53 | 000,000,000 | ---D | C] -- C:\Users\Kai\AppData\Local\__
  516. [2012.09.21 19:13:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Z8Games
  517. [2012.09.21 19:10:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Z8Games
  518. [2012.09.21 18:40:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BP DOWNLOADER
  519. [2012.09.19 22:12:51 | 000,000,000 | ---D | C] -- C:\Users\Kai\Desktop\Life Your Life RealLife
  520. [2012.09.18 18:00:17 | 000,000,000 | ---D | C] -- C:\Users\Kai\Desktop\Aktuellfrügiova
  521. [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
  522.  
  523. [color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
  524.  
  525. [2012.10.18 17:24:00 | 000,001,112 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2696722131-1725500217-3407015960-1001UA.job
  526. [2012.10.18 17:22:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
  527. [2012.10.18 17:13:55 | 000,014,640 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
  528. [2012.10.18 17:13:55 | 000,014,640 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
  529. [2012.10.18 17:08:53 | 010,537,064 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
  530. [2012.10.18 17:00:29 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
  531. [2012.10.18 16:59:47 | 2140,790,783 | -HS- | M] () -- C:\hiberfil.sys
  532. [2012.10.18 14:26:30 | 001,625,922 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
  533. [2012.10.18 14:26:30 | 000,701,102 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
  534. [2012.10.18 14:26:30 | 000,656,180 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
  535. [2012.10.18 14:26:30 | 000,150,034 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
  536. [2012.10.18 14:26:30 | 000,122,818 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
  537. [2012.10.18 14:07:54 | 002,528,475 | ---- | M] () -- C:\Users\Kai\Desktop\Spoutcraft.exe
  538. [2012.10.17 16:24:00 | 000,001,060 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2696722131-1725500217-3407015960-1001Core.job
  539. [2012.10.16 15:47:14 | 002,147,328 | ---- | M] () -- C:\Users\Kai\Desktop\GRPLauncher.exe
  540. [2012.10.16 13:02:15 | 000,206,050 | ---- | M] () -- C:\Users\Kai\Desktop\samp-live_beta-1.2.4.exe
  541. [2012.10.15 16:37:41 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
  542. [2012.10.15 16:32:30 | 000,000,600 | ---- | M] () -- C:\Users\Kai\AppData\Local\PUTTY.RND
  543. [2012.10.15 15:09:08 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
  544. [2012.10.15 15:09:08 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
  545. [2012.10.15 12:09:27 | 002,620,225 | ---- | M] () -- C:\Users\Kai\Desktop\Smoke-RL (c).rar
  546. [2012.10.14 21:16:19 | 000,000,600 | ---- | M] () -- C:\Users\Kai\AppData\Roaming\winscp.rnd
  547. [2012.10.14 16:56:16 | 006,422,998 | ---- | M] () -- C:\Users\Kai\Desktop\LyL.rar
  548. [2012.10.14 04:37:16 | 229,172,310 | ---- | M] () -- C:\Users\Kai\Desktop\- Schriftarten -.rar
  549. [2012.10.14 03:17:50 | 405,367,689 | ---- | M] () -- C:\Users\Kai\Desktop\2000.rar
  550. [2012.10.06 12:14:47 | 001,652,610 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
  551. [2012.10.05 22:26:35 | 000,294,727 | ---- | M] () -- C:\Users\Kai\Documents\ts3_clientui-win64-1343657352-2012-10-05 22_26_34.622836.dmp
  552. [2012.10.05 15:41:48 | 005,376,539 | ---- | M] () -- C:\DRP.amx
  553. [2012.10.04 19:14:51 | 000,232,616 | ---- | M] () -- C:\Users\Kai\Desktop\Keybinder.rar
  554. [2012.10.04 15:43:45 | 001,288,520 | ---- | M] () -- C:\selfmade.amx
  555. [2012.10.04 15:12:18 | 000,001,738 | ---- | M] () -- C:\Windows\Sandboxie.ini
  556. [2012.10.03 20:53:13 | 000,000,132 | ---- | M] () -- C:\Users\Kai\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen
  557. [2012.10.03 14:05:25 | 000,000,023 | ---- | M] () -- C:\Windows\ODBCINST.INI
  558. [2012.10.03 13:03:20 | 000,000,132 | ---- | M] () -- C:\Users\Kai\AppData\Roaming\Adobe CS6-GIF-Format - Voreinstellungen
  559. [2012.10.01 18:04:20 | 000,007,671 | ---- | M] () -- C:\Users\Kai\AppData\Local\Resmon.ResmonCfg
  560. [2012.09.26 17:37:07 | 000,000,034 | ---- | M] () -- C:\ProgramData\droidcam-settings
  561. [2012.09.25 21:59:28 | 000,307,059 | ---- | M] () -- C:\Users\Kai\Documents\ts3_clientui-win64-1343657352-2012-09-25 21_59_26.915381.dmp
  562. [2012.09.25 20:14:23 | 000,025,216 | ---- | M] (Dev47Apps) -- C:\Windows\SysNative\drivers\droidcam.sys
  563. [2012.09.24 12:39:22 | 000,003,383 | ---- | M] () -- C:\Users\Kai\Documents\hacker.pctl
  564. [2012.09.22 18:16:12 | 006,579,789 | ---- | M] () -- C:\Users\Kai\Documents\Time 4 You - Script.rar
  565. [2012.09.19 22:06:41 | 000,300,500 | ---- | M] () -- C:\Users\Kai\Documents\ts3_clientui-win64-1343657352-2012-09-19 22_06_40.266465.dmp
  566. [2012.09.19 16:18:43 | 000,005,003 | ---- | M] () -- C:\Users\Kai\Documents\[FS]Alkatraz.rar
  567. [2012.09.19 16:18:41 | 000,005,443 | ---- | M] () -- C:\Users\Kai\Documents\Ocean.rar
  568. [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
  569.  
  570. [color=#E56717]========== Files Created - No Company Name ==========[/color]
  571.  
  572. [2012.10.18 14:06:55 | 002,528,475 | ---- | C] () -- C:\Users\Kai\Desktop\Spoutcraft.exe
  573. [2012.10.16 15:47:06 | 002,147,328 | ---- | C] () -- C:\Users\Kai\Desktop\GRPLauncher.exe
  574. [2012.10.16 13:02:13 | 000,206,050 | ---- | C] () -- C:\Users\Kai\Desktop\samp-live_beta-1.2.4.exe
  575. [2012.10.15 16:37:41 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
  576. [2012.10.15 12:08:18 | 002,620,225 | ---- | C] () -- C:\Users\Kai\Desktop\Smoke-RL (c).rar
  577. [2012.10.14 18:28:39 | 229,172,310 | ---- | C] () -- C:\Users\Kai\Desktop\- Schriftarten -.rar
  578. [2012.10.14 18:28:27 | 405,367,689 | ---- | C] () -- C:\Users\Kai\Desktop\2000.rar
  579. [2012.10.14 18:23:13 | 006,422,998 | ---- | C] () -- C:\Users\Kai\Desktop\LyL.rar
  580. [2012.10.05 22:26:34 | 000,294,727 | ---- | C] () -- C:\Users\Kai\Documents\ts3_clientui-win64-1343657352-2012-10-05 22_26_34.622836.dmp
  581. [2012.10.05 15:41:48 | 005,376,539 | ---- | C] () -- C:\DRP.amx
  582. [2012.10.04 19:14:51 | 000,232,616 | ---- | C] () -- C:\Users\Kai\Desktop\Keybinder.rar
  583. [2012.10.03 14:18:32 | 005,498,995 | ---- | C] () -- C:\READ ME first !!.pdf
  584. [2012.10.03 14:18:32 | 000,035,328 | ---- | C] () -- C:\bspatch.exe
  585. [2012.10.03 14:18:32 | 000,002,802 | ---- | C] () -- C:\install.cmd
  586. [2012.10.03 14:18:32 | 000,001,448 | ---- | C] () -- C:\uninstall.cmd
  587. [2012.09.25 21:59:26 | 000,307,059 | ---- | C] () -- C:\Users\Kai\Documents\ts3_clientui-win64-1343657352-2012-09-25 21_59_26.915381.dmp
  588. [2012.09.25 20:16:11 | 000,000,034 | ---- | C] () -- C:\ProgramData\droidcam-settings
  589. [2012.09.25 20:15:27 | 000,001,056 | ---- | C] () -- C:\Users\Kai\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DroidCam.lnk
  590. [2012.09.24 13:34:39 | 000,000,132 | ---- | C] () -- C:\Users\Kai\AppData\Roaming\Adobe CS6-GIF-Format - Voreinstellungen
  591. [2012.09.24 13:24:32 | 000,007,671 | ---- | C] () -- C:\Users\Kai\AppData\Local\Resmon.ResmonCfg
  592. [2012.09.24 12:39:22 | 000,003,383 | ---- | C] () -- C:\Users\Kai\Documents\hacker.pctl
  593. [2012.09.19 22:06:40 | 000,300,500 | ---- | C] () -- C:\Users\Kai\Documents\ts3_clientui-win64-1343657352-2012-09-19 22_06_40.266465.dmp
  594. [2012.09.19 16:18:41 | 000,005,003 | ---- | C] () -- C:\Users\Kai\Documents\[FS]Alkatraz.rar
  595. [2012.09.19 16:18:37 | 000,005,443 | ---- | C] () -- C:\Users\Kai\Documents\Ocean.rar
  596. [2012.09.16 17:20:12 | 000,925,184 | ---- | C] () -- C:\Windows\expstart.exe
  597. [2012.08.31 15:53:52 | 000,075,896 | ---- | C] () -- C:\Users\Kai\final_bstSnapshot_91792.jpg
  598. [2012.08.31 15:53:06 | 000,076,203 | ---- | C] () -- C:\Users\Kai\final_bstSnapshot_14588.jpg
  599. [2012.08.27 21:56:00 | 001,589,248 | ---- | C] () -- C:\Windows\SysWow64\libmysql_d.dll
  600. [2012.07.26 22:53:03 | 000,000,243 | ---- | C] () -- C:\Users\Kai\SciTE.session
  601. [2012.07.26 14:27:41 | 000,000,132 | ---- | C] () -- C:\Users\Kai\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen
  602. [2012.07.13 14:45:14 | 000,075,118 | ---- | C] () -- C:\Windows\SysWow64\1b6f8cb.exe
  603. [2012.07.13 14:45:06 | 000,000,000 | ---- | C] () -- C:\ProgramData\f91865f3e006a0a23ca1478d1cd29a00_c
  604. [2012.07.12 16:22:48 | 000,001,738 | ---- | C] () -- C:\Windows\Sandboxie.ini
  605. [2012.07.11 16:34:23 | 003,146,960 | ---- | C] () -- C:\Users\Kai\ts3_recording_12_07_11_16_34_22.wav
  606. [2012.07.01 20:18:01 | 012,493,520 | ---- | C] () -- C:\Users\Kai\ts3_recording_12_07_01_20_18_0.wav
  607. [2012.06.28 18:07:15 | 000,168,864 | ---- | C] () -- C:\Program Files\Common Files\WireHelpSvc.exe
  608. [2012.06.24 11:50:51 | 000,000,023 | ---- | C] () -- C:\Windows\ODBCINST.INI
  609. [2012.06.23 16:38:48 | 000,000,600 | ---- | C] () -- C:\Users\Kai\AppData\Roaming\winscp.rnd
  610. [2012.05.27 13:31:52 | 001,652,610 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
  611. [2012.05.25 15:47:58 | 002,681,344 | ---- | C] () -- C:\Windows\SysWow64\dvmsg.dll
  612. [2012.05.19 18:26:19 | 000,000,600 | ---- | C] () -- C:\Users\Kai\AppData\Local\PUTTY.RND
  613. [2012.05.19 12:46:19 | 000,017,408 | ---- | C] () -- C:\Users\Kai\AppData\Local\WebpageIcons.db
  614. [2012.05.19 01:16:46 | 000,280,904 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
  615. [2012.05.19 01:16:45 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
  616. [2012.05.18 19:12:19 | 000,072,280 | ---- | C] () -- C:\Windows\SysWow64\XSrvSetup.exe
  617. [2012.05.15 02:21:50 | 000,423,744 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
  618. [2011.09.28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
  619. [2011.09.19 09:07:46 | 000,015,360 | ---- | C] () -- C:\Windows\SysWow64\bdmjpeg.dll
  620. [2011.09.19 09:07:32 | 000,058,368 | ---- | C] () -- C:\Windows\SysWow64\bdmpegv.dll
  621. [2011.07.03 00:00:00 | 000,026,622 | ---- | C] () -- C:\Users\Kai\logo.png
  622. [2010.10.27 11:10:27 | 000,007,764 | ---- | C] () -- C:\Windows\cadx2.ini
  623.  
  624. [color=#E56717]========== ZeroAccess Check ==========[/color]
  625.  
  626. [2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
  627.  
  628. [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
  629.  
  630. [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
  631.  
  632. [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
  633.  
  634. [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
  635.  
  636. [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
  637. "" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:30:56 | 014,165,504 | ---- | M] (Microsoft Corporation)
  638. "ThreadingModel" = Apartment
  639.  
  640. [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
  641. "" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:46:56 | 012,868,608 | ---- | M] (Microsoft Corporation)
  642. "ThreadingModel" = Apartment
  643.  
  644. [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
  645. "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
  646. "ThreadingModel" = Free
  647.  
  648. [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
  649. "" = %systemroot%\system32\wbem\fastprox.dll -- [2009.07.14 03:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
  650. "ThreadingModel" = Free
  651.  
  652. [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
  653. "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
  654. "ThreadingModel" = Both
  655.  
  656. [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
  657.  
  658. [color=#E56717]========== LOP Check ==========[/color]
  659.  
  660. [2012.10.18 14:32:24 | 000,000,000 | ---D | M] -- C:\Users\Kai\AppData\Roaming\.minecraft
  661. [2012.10.18 14:10:29 | 000,000,000 | ---D | M] -- C:\Users\Kai\AppData\Roaming\.spoutcraft
  662. [2012.06.26 18:44:14 | 000,000,000 | ---D | M] -- C:\Users\Kai\AppData\Roaming\.techniclauncher
  663. [2012.10.04 21:48:27 | 000,000,000 | ---D | M] -- C:\Users\Kai\AppData\Roaming\Apowersoft
  664. [2012.09.11 19:19:00 | 000,000,000 | ---D | M] -- C:\Users\Kai\AppData\Roaming\Audacity
  665. [2012.05.19 18:00:43 | 000,000,000 | ---D | M] -- C:\Users\Kai\AppData\Roaming\Babylon
  666. [2012.09.08 14:36:26 | 000,000,000 | ---D | M] -- C:\Users\Kai\AppData\Roaming\BANDISOFT
  667. [2012.05.23 17:56:32 | 000,000,000 | ---D | M] -- C:\Users\Kai\AppData\Roaming\Canneverbe Limited
  668. [2012.07.03 17:24:54 | 000,000,000 | ---D | M] -- C:\Users\Kai\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
  669. [2012.07.18 22:53:51 | 000,000,000 | -HSD | M] -- C:\Users\Kai\AppData\Roaming\Common
  670. [2012.09.22 13:53:51 | 000,000,000 | ---D | M] -- C:\Users\Kai\AppData\Roaming\DayZ-Dev
  671. [2012.10.18 17:04:37 | 000,000,000 | ---D | M] -- C:\Users\Kai\AppData\Roaming\Dropbox
  672. [2012.10.15 16:52:03 | 000,000,000 | ---D | M] -- C:\Users\Kai\AppData\Roaming\FileZilla
  673. [2012.10.05 18:25:20 | 000,000,000 | --SD | M] -- C:\Users\Kai\AppData\Roaming\Frutas
  674. [2012.10.18 17:04:50 | 000,000,000 | ---D | M] -- C:\Users\Kai\AppData\Roaming\ICQ
  675. [2012.10.14 20:35:02 | 000,000,000 | ---D | M] -- C:\Users\Kai\AppData\Roaming\ICQ Search
  676. [2012.10.04 21:31:43 | 000,000,000 | ---D | M] -- C:\Users\Kai\AppData\Roaming\iFunbox_UserCache
  677. [2012.08.25 11:41:10 | 000,000,000 | ---D | M] -- C:\Users\Kai\AppData\Roaming\Lansoftware
  678. [2012.05.18 20:12:53 | 000,000,000 | ---D | M] -- C:\Users\Kai\AppData\Roaming\Leadertech
  679. [2012.10.03 17:33:24 | 000,000,000 | ---D | M] -- C:\Users\Kai\AppData\Roaming\MAXON
  680. [2012.05.18 23:06:32 | 000,000,000 | ---D | M] -- C:\Users\Kai\AppData\Roaming\Notepad++
  681. [2012.07.08 22:40:46 | 000,000,000 | ---D | M] -- C:\Users\Kai\AppData\Roaming\nspaces_bytesignals
  682. [2012.08.20 18:39:32 | 000,000,000 | ---D | M] -- C:\Users\Kai\AppData\Roaming\OpenOffice.org
  683. [2012.09.05 16:32:29 | 000,000,000 | ---D | M] -- C:\Users\Kai\AppData\Roaming\Origin
  684. [2012.10.16 16:54:58 | 000,000,000 | ---D | M] -- C:\Users\Kai\AppData\Roaming\Play withSIX
  685. [2012.05.20 12:59:04 | 000,000,000 | ---D | M] -- C:\Users\Kai\AppData\Roaming\Publish Providers
  686. [2012.07.15 14:25:14 | 000,000,000 | ---D | M] -- C:\Users\Kai\AppData\Roaming\Rainmeter
  687. [2012.10.16 19:16:50 | 000,000,000 | ---D | M] -- C:\Users\Kai\AppData\Roaming\SA-MP Audio Plugin
  688. [2012.08.30 20:27:24 | 000,000,000 | ---D | M] -- C:\Users\Kai\AppData\Roaming\Screaming Bee
  689. [2012.09.22 16:21:12 | 000,000,000 | ---D | M] -- C:\Users\Kai\AppData\Roaming\six-zsync
  690. [2012.05.20 13:20:56 | 000,000,000 | ---D | M] -- C:\Users\Kai\AppData\Roaming\Sony
  691. [2012.10.18 17:07:35 | 000,000,000 | ---D | M] -- C:\Users\Kai\AppData\Roaming\Spotify
  692. [2012.06.10 13:42:16 | 000,000,000 | ---D | M] -- C:\Users\Kai\AppData\Roaming\Steganos
  693. [2012.06.10 13:42:32 | 000,000,000 | ---D | M] -- C:\Users\Kai\AppData\Roaming\Steganos VPN
  694. [2012.08.25 11:41:59 | 000,000,000 | ---D | M] -- C:\Users\Kai\AppData\Roaming\Subversion
  695. [2012.05.24 19:07:51 | 000,000,000 | ---D | M] -- C:\Users\Kai\AppData\Roaming\TeamViewer
  696. [2012.07.16 13:25:20 | 000,000,000 | ---D | M] -- C:\Users\Kai\AppData\Roaming\TestApp
  697. [2012.09.11 21:57:27 | 000,000,000 | ---D | M] -- C:\Users\Kai\AppData\Roaming\The other Universe
  698. [2012.05.18 19:38:13 | 000,000,000 | ---D | M] -- C:\Users\Kai\AppData\Roaming\Thunderbird
  699. [2012.05.25 15:48:34 | 000,000,000 | ---D | M] -- C:\Users\Kai\AppData\Roaming\Tobit
  700. [2012.10.15 16:47:37 | 000,000,000 | ---D | M] -- C:\Users\Kai\AppData\Roaming\TS3Client
  701. [2012.07.16 16:43:00 | 000,000,000 | ---D | M] -- C:\Users\Kai\AppData\Roaming\ts3overlay
  702. [2012.05.19 18:07:47 | 000,000,000 | ---D | M] -- C:\Users\Kai\AppData\Roaming\Ubisoft
  703. [2012.06.03 20:30:42 | 000,000,000 | ---D | M] -- C:\Users\Kai\AppData\Roaming\WindSolutions
  704. [2012.10.03 20:04:35 | 000,000,000 | ---D | M] -- C:\Users\Kai\AppData\Roaming\XnView
  705.  
  706. [color=#E56717]========== Purity Check ==========[/color]
  707.  
  708.  
  709.  
  710. [color=#E56717]========== Alternate Data Streams ==========[/color]
  711.  
  712. @Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:8CE646EE
  713.  
  714. < End of report >
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!