"(file missing)"

**Hero** · 03.11.2011, 11:23

Es fehlen Dateien ,der Internetexplorer öffnet sich nach jedem neustart von alleine und will eine Seite automatisch als Startseite laden.

Code:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:13:00, on 03.11.2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Marvell\storage\tray\MarvellTray.exe
C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe
C:\Windows\SysWOW64\Ctxfihlp.exe
C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe
C:\Fraps\fraps.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\use\Downloads\HiJackThis204.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - URLSearchHook: ZoneAlarm-Sicherheit Toolbar - {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Program Files (x86)\ZoneAlarm-Sicherheit\prxtbZone.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\ievkbd.dll
O2 - BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\klwtbbho.dll
O2 - BHO: ZoneAlarm-Sicherheit - {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Program Files (x86)\ZoneAlarm-Sicherheit\prxtbZone.dll
O3 - Toolbar: ZoneAlarm-Sicherheit Toolbar - {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Program Files (x86)\ZoneAlarm-Sicherheit\prxtbZone.dll
O3 - Toolbar: ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll
O4 - HKLM\..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe"
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [MSUTray] C:\Program Files (x86)\Marvell\storage\tray\MarvellTray.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [AudioDrvEmulator] "C:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files (x86)\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll"
O4 - HKLM\..\Run: [UpdatePSTShortCut] "C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [VolPanel] "C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe" /r
O4 - HKLM\..\Run: [UpdReg] C:\Windows\UpdReg.EXE
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\RunOnce: [CtxfiReg] CTXFIREG.EXE /FORCE
O4 - HKLM\..\RunOnce: [SMC] C:\Program Files (x86)\gigabyte\smc\scachepretray.exe
O4 - HKLM\..\RunOnce: [EasyTuneVI] C:\Program Files (x86)\GIGABYTE\ET6\ETCall.exe
O4 - HKLM\..\RunOnce: [Console Launcher] "C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Console Launcher\MixerDef.exe" /a "PCI\VEN_1102&DEV_0005&SUBSYS_00211102"
O4 - HKLM\..\RunOnce: [InstallShieldSetup] C:\PROGRA~2\INSTAL~1\{88834~1\setup.exe -rebootC:\PROGRA~2\INSTAL~1\{88834~1\reboot.ini  -l0x7
O4 - HKLM\..\RunOnce: [InstallShieldSetup1] C:\PROGRA~2\INSTAL~1\{17E96~1\setup.exe -rebootC:\PROGRA~2\INSTAL~1\{17E96~1\reboot.ini  -l0x7
O4 - HKLM\..\RunOnce: [InstallShieldSetup2] C:\PROGRA~2\INSTAL~1\{FCCDA~1\setup.exe -rebootC:\PROGRA~2\INSTAL~1\{FCCDA~1\reboot.ini  -l0x7
O4 - HKLM\..\RunOnce: [InstallShieldSetup3] C:\PROGRA~2\INSTAL~1\{20288~1\SETUP.EXE -rebootC:\PROGRA~2\INSTAL~1\{20288~1\reboot.ini  -l0x7
O4 - HKLM\..\RunOnce: [CT_ReRegSvr_1] "C:\Program Files (x86)\Creative\MediaSource5\CTRegSvU.exe" /s:success C:\Program Files (x86)\Creative\MediaSource5\CTBrnCDU.dco
O4 - HKLM\..\RunOnce: [CT_ReRegSvr_2] "C:\Program Files (x86)\Creative\MediaSource5\CTRegSvU.exe" /s:success C:\Program Files (x86)\Creative\MediaSource5\CTBrnCDU.ecd
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [iSpy] C:\Program Files (x86)\iSpy\iSpy\iSpy.exe \S
O4 - HKCU\..\Run: [Rainlendar2] C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe
O4 - HKCU\..\Run: [EADM] "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
O4 - HKCU\..\RunOnce: [CTPostBootSequencer] "C:\Users\MAB\AppData\Local\Temp\CTPBSeq.exe" /reglaunch /self_destruct
O4 - HKCU\..\RunOnce: [CTSU] "C:\Program Files (x86)\Creative\Shared Files\Software Update\CTSURun.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-21-1267372750-804049950-451589816-1002\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1267372750-804049950-451589816-1002\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1267372750-804049950-451589816-1003\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User 'use')
O4 - Global Startup: fraps - Verknüpfung.lnk = C:\Fraps\fraps.exe
O8 - Extra context menu item: Free YouTube Download - C:\Users\MAB\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
O9 - Extra button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\ievkbd.dll
O9 - Extra button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\klwtbbho.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted IP range: http://127.0.0.1
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package 2) - http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} (Creative Software AutoUpdate 2) - http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwareupdate/ocx/15118/CTPID.cab
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AppleChargerSrv - Unknown owner - C:\Windows\system32\AppleChargerSrv.exe (file missing)
O23 - Service: Kaspersky Anti-Virus Service (AVP) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe
O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
O23 - Service: DES2 Service for Energy Saving. (DES2 Service) - Unknown owner - C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: ZoneAlarm Toolbar IswSvc (IswSvc) - Check Point Software Technologies - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LoaderService - Tools4Free - C:\Program Files (x86)\Tools4Free\Anti NetCut 3 Service Loader\LoaderService.exe
O23 - Service: Marvell Storage Management Service (Marvell Storage Management) - Marvell - C:\Program Files (x86)\Marvell\storage\svc\mvraidsvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MSU Web Service (MSUWebService) - Apache Software Foundation - C:\Program Files (x86)\Marvell\storage\Apache2\bin\httpd.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Sandboxie Service (SbieSvc) - SANDBOXIE L.T.D - C:\Program Files\Sandboxie\SbieSvc.exe
O23 - Service: Smart TimeLock Service (Smart TimeLock) - Gigabyte Technology CO., LTD. - C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Update Center Service (UpdateCenterService) - NVIDIA - C:\Program Files (x86)\NVIDIA Corporation\System Update\UpdateCenterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\SysWOW64\ZoneLabs\vsmon.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 14438 bytes

**kira** · 03.11.2011, 13:40

Herzlich Willkommen hier bei uns am HijackThis Supportboard!

**Bevor du mit Teil 1. der Aufgabe beginnst: HIER KLICKEN UND SORGFÄLTIG DURCHLESEN!** und ich bitte um kurze Bestätigung, dass du dies gelesen und akzeptiert hast!
Ein System zu bereinigen kann ein paar Tage dauern (je nach Art der Infektion), kann aber sogar so stark kompromittiert sein, so dass eine wirkungsvolle technische Säuberung ist nicht mehr möglich bzw Du es neu installieren musst

► Unrechtmäßig erworbene Software (durch Keygen, Crack, Keymaker) wird hier nicht geduldet, in diesem Fall wird der Support eingestellt.!

ANWEISUNGEN UND DEREN BEFOLGUNG, ERFOLGT AUF DEINE EIGENE VERANTWORTUNG!

Bitte lese Dir zuerst in Ruhe die Anweisungen durch und Du sollst dabei die Reihenfolge einhalten! Ansonsten verlangsamt unsere Arbeit, wenn wir immer wieder noch an Kleinigkeiten nachschlagen müssen und dadurch eventuell die Übersicht verloren geht...

► Erster Teil des 3-teiligen Verfahren, werden wir dein System auf Viren untersuchen, bzw nach einem anderen Verursacher suchen:
**Vista und Win7 Verwender: Alle Befehle bitte als Administrator ausführen! rechte Maustaste auf die Eingabeaufforderung und "als Administrator ausführen" auswählen

1.
Kaspersky läuft ohne oder mit Firewall?

2.
Das Program installieren und ausführen:
Anleitung:-> Bereinigung mit Malwarebytes' Anti-Malware (Vollständiger Suchlauf)

3.
Schliesse alle Programme einschliesslich Internet Explorer und fixe mit Hijackthis die Einträge aus der nachfolgenden Codebox (HijackThis mit Rechtsklick als Administrator starten--> `Do a system scan only`--> Einträge auswählen--> Häckhen setzen--> "Fix checked"klicken-->PC neu aufstarten) - fixe NUR Die von mir angegebenen Einträge!:
HijackThis erstellt ein Backup, Falls bei "Fixen" etwas schief geht, kann man unter "View the list of backups"- die Objekte wiederherstellen

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-21-1267372750-804049950-451589816-1002\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')

4.

Download den CCleaner
Software-Lizenzvereinbarung lesen, falls angeboten wird "Füge CCleaner Yahoo! Toolbar hinzu" - abwählen!)-> starten -> Falls nötig, unter Options settings -> "german" einstellen.
starten-> klick auf `Extras` (um auf deinem System installierte Software zu anzeigen)-> dann auf `Als Textdatei speichern...`
ein Textdatei wird automatisch erstellt, poste auch dieses Logfile (also die Liste alle installierten Programme...eine Textdatei)

5.
poste erneut - nach der vorgenommenen Reinigungsaktion:
► TrendMicro™ HijackThis™ -Logfile - Keine offenen Fenster, solang bis HijackThis läuft!!

6.
Systemscan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop

Doppelklick auf die OTL.exe
Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
Unter Extra Registry, wähle bitte Use SafeList
Klicke nun auf Run Scan links oben
Wenn der Scan beendet wurde werden 2 Logfiles erstellt OTL.txt und extra.txt
Poste die Logfiles in Code-Tags hier in den Thread.

Bitte alle Ergebnisse im Code-Tags posten!

vor dein Log schreibst Du (also am Anfang des Logfiles):[code]
hier kommt dein Logfile rein
dahinter - also am Ende der Logdatei:[/code]

gruß
kira

**Hero** · 03.11.2011, 19:51

1. Kaspersky ist bei mir nur der Virenscannner ohne Firewall.

**Hero** · 03.11.2011, 22:17

Code:

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Datenbank Version: 8078

Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421

03.11.2011 23:06:55
mbam-log-2011-11-03 (23-06-55).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|F:\|H:\|I:\|J:\|K:\|L:\|M:\|N:\|)
Durchsuchte Objekte: 354531
Laufzeit: 2 Stunde(n), 15 Minute(n), 53 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)

**Hero** · 03.11.2011, 22:39

Code:

7-Zip 9.20 (x64 edition)	Igor Pavlov	28.08.2011	4,53 MB	9.20.00.0
@BIOS	GIGABYTE	10.08.2011		2.12
Adobe Flash Player 10 Plugin	Adobe Systems Incorporated	24.09.2011	6,00 MB	10.3.183.10
Anti NetCut 3 Service Loader	Tools4Free	31.10.2011	0,49 MB	1.0.0
AntiNetCut3	Tools4Free	31.10.2011	0,33 MB	1.0.0
AutoGreen B10.1021.1	GIGABYTE	10.08.2011	4,77 MB	1.00.0000
Call of Duty(R) 4 - Modern Warfare(TM)	Activision	10.08.2011	6.379 MB	1.7
Canon Easy-PhotoPrint EX		13.08.2011		
Canon Inkjet Printer Driver Add-On Module		13.08.2011		
Canon My Printer		13.08.2011		
CCleaner	Piriform	06.10.2011		3.11
CD-LabelPrint		13.08.2011		
Creative Media Toolbox		08.10.2011		
Creative Systeminformationen		08.10.2011		
Crysis® 2	Electronic Arts	31.10.2011	7.757 MB	1.0.0.0
CrystalDiskMark 3.0.1b	Crystal Dew World	10.08.2011	2,55 MB	3.0.1b
DES 2.0	Gigabyte	10.08.2011		1.00.0000
Diagnostic Utility	Realtek	10.08.2011		1.00.0000
DiRT 3	Codemasters	13.08.2011		
DiRT2	Codemasters	13.08.2011		1.00.0000
Driver Sweeper Version 3.2.0	Phyxion.net	08.10.2011	13,1 MB	3.2.0
Easy Tune 6 B11.0630.1	GIGABYTE	10.08.2011	34,5 MB	1.00.0000
Epson Copy Utility 3.5		29.09.2011		3.5.0.0
EPSON Scan		29.09.2011		
EZ Smart Response B11.0714.01	GIGABYTE	10.08.2011		1.00.0000
Foxit Reader 5.0	Foxit Corporation	24.09.2011	24,9 MB	5.0.2.718
Fraps		10.08.2011		
Free YouTube Download version 3.0.815	DVDVideoSoft Ltd..	01.09.2011	41,9 MB	
GIMP 2.6.8		19.08.2011		
Intel(R) Control Center	Intel Corporation	11.08.2011		1.2.1.1007
Intel(R) Management Engine Components	Intel Corporation	11.08.2011		7.0.0.1118
Intel(R) Rapid Storage Technology	Intel Corporation	11.08.2011		10.6.0.1002
Java(TM) 6 Update 26	Oracle	19.08.2011	94,9 MB	6.0.260
Kaspersky Anti-Virus 2012	Kaspersky Lab	10.08.2011		12.0.0.374
LG Burning Tools	Nero AG	11.08.2011	789 MB	8.3.568
LG CyberLink LabelPrint	CyberLink Corp.	11.08.2011		2.0.3605
LG CyberLink PowerBackup	CyberLink Corp.	11.08.2011		2.5.4511
LG CyberLink PowerDVD 7.0	CyberLink Corp.	11.08.2011		7.0.3409.a
LG CyberLink PowerProducer	CyberLink Corp.	11.08.2011		085312a(3.7)_Vista_LG
LG CyberLink YouCam	CyberLink Corp.	11.08.2011	40,3 MB	1.0.2609
LG ODD Auto Firmware Update		11.08.2011		9.01.1124.01
LG Power Tools	CyberLink Corp.	11.08.2011	14,5 MB	6.0.2806
LightScribe System Software	LightScribe	11.08.2011	23,0 MB	1.18.1.1
Logitech SetPoint 6.30	Logitech	10.08.2011	39,1 MB	6.30.43
LogonStudio		23.08.2011		
Malwarebytes' Anti-Malware Version 1.51.2.1300	Malwarebytes Corporation	02.11.2011	13,8 MB	1.51.2.1300
Marvell Storage Utility V4	Marvell	10.08.2011		4.1.0.1915
Microsoft .NET Framework 4 Client Profile	Microsoft Corporation	10.08.2011	38,8 MB	4.0.30319
Microsoft .NET Framework 4 Client Profile DEU Language Pack	Microsoft Corporation	10.08.2011	2,94 MB	4.0.30319
Microsoft Games for Windows - LIVE Redistributable	Microsoft Corporation	13.08.2011	31,3 MB	3.5.88.0
Microsoft Games for Windows Marketplace	Microsoft Corporation	13.08.2011	6,04 MB	3.5.50.0
Microsoft LifeCam	Microsoft Corporation	18.08.2011	33,3 MB	3.60.253.0
Microsoft Silverlight	Microsoft Corporation	31.10.2011	40,5 MB	4.0.60831.0
Microsoft Visual C++ 2005 Redistributable	Microsoft Corporation	13.08.2011	2,38 MB	8.0.61001
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17	Microsoft Corporation	10.08.2011	0,77 MB	9.0.30729
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161	Microsoft Corporation	13.08.2011	0,77 MB	9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729	Microsoft Corporation	31.10.2011	0,23 MB	9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17	Microsoft Corporation	16.09.2011	0,58 MB	9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161	Microsoft Corporation	17.09.2011	0,59 MB	9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219	Microsoft Corporation	31.10.2011	13,8 MB	10.0.40219
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319	Microsoft Corporation	05.09.2011	11,0 MB	10.0.30319
Microsoft Windows Media Video 9 VCM		18.08.2011		
Mozilla Firefox 7.0.1 (x86 de)	Mozilla	30.09.2011	33,1 MB	7.0.1
MSXML 4.0 SP2 (KB954430)	Microsoft Corporation	11.08.2011	1,28 MB	4.20.9870.0
MSXML 4.0 SP2 (KB973688)	Microsoft Corporation	11.08.2011	1,33 MB	4.20.9876.0
NVIDIA 3D Vision Controller-Treiber 280.19	NVIDIA Corporation	10.08.2011		280.19
NVIDIA 3D Vision Treiber 280.26	NVIDIA Corporation	10.08.2011		280.26
NVIDIA Drivers	NVIDIA Corporation	12.08.2011		1.10
NVIDIA Grafiktreiber 280.26	NVIDIA Corporation	24.08.2011		280.26
NVIDIA HD-Audiotreiber 1.2.23.3	NVIDIA Corporation	24.08.2011		1.2.23.3
NVIDIA Performance	NVIDIA Corporation	12.08.2011	22,1 MB	6.5
NVIDIA PhysX-Systemsoftware 9.10.0514	NVIDIA Corporation	10.08.2011		9.10.0514
NVIDIA System Monitor	NVIDIA Corporation	12.08.2011	21,1 MB	6.5
NVIDIA System Update	NVIDIA Corporation	12.08.2011	4,98 MB	3.00
NVIDIA Update 1.4.28	NVIDIA Corporation	10.08.2011		1.4.28
ON_OFF Charge B11.0110.1	GIGABYTE	10.08.2011		1.00.0001
OpenAL		20.08.2011		
Origin	Electronic Arts, Inc.	31.10.2011		8.3.1.9
Rainlendar2 (remove only)		26.09.2011		
RAMDisk	Dataram, Inc.	07.10.2011	5,28 MB	3.5.130
Rapture3D 2.4.8 Game	Blue Ripple Sound	13.08.2011		
Realtek Ethernet Controller Driver	Realtek	10.08.2011		7.46.531.2011
Renesas Electronics USB 3.0 Host Controller Driver	Renesas Electronics Corporation	10.08.2011	1,01 MB	2.0.30.0
Sandboxie 3.56 (64-bit)		12.08.2011		
Skype™ 5.5	Skype Technologies S.A.	10.08.2011	17,0 MB	5.5.113
Smart 6 B11.0512.1	GIGABYTE	10.08.2011		1.00.0000
SMC B11.0511.01	GIGABYTE	10.08.2011		1.00.0000
Sound Blaster X-Fi		08.10.2011		1.0
StarCraft II	Blizzard Entertainment	31.10.2011		1.4.1.19776
Steam	Valve Corporation	13.08.2011	42,3 MB	1.0.0.0
TeamSpeak 3 Client	TeamSpeak Systems GmbH	15.08.2011		
The Witcher 2	CD Projekt Red	26.08.2011		1.00.0000
TouchBIOS B11.0720.1	GIGABYTE	10.08.2011		1.00.0000
Trillian	Cerulean Studios, LLC	10.08.2011		
VLC media player 1.1.11	VideoLAN	13.08.2011		1.1.11
WebTemp 3.38-pre10 (kostenlose Version)	http://www.webtemp.org	10.08.2011	5,45 MB	
Winamp	Nullsoft, Inc	14.08.2011		5.621 
Winamp Erkennungs-Plug-in	Nullsoft, Inc	14.08.2011	75,00 KB	1.0.0.1
Windows Live ID Sign-in Assistant	Microsoft Corporation	13.08.2011	10,0 MB	6.500.3165.0
WinPcap 4.1.2	CACE Technologies	31.10.2011		4.1.0.2001
ZoneAlarm	Check Point, Inc	01.10.2011		9.2.105.000
ZoneAlarm Toolbar	Check Point Software Technologies	01.10.2011

**Hero** · 03.11.2011, 22:43

Code:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:41:17, on 03.11.2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Marvell\storage\tray\MarvellTray.exe
C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe
C:\Windows\SysWOW64\Ctxfihlp.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\use\Downloads\HiJackThis204.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - URLSearchHook: ZoneAlarm-Sicherheit Toolbar - {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Program Files (x86)\ZoneAlarm-Sicherheit\prxtbZone.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\ievkbd.dll
O2 - BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\klwtbbho.dll
O2 - BHO: ZoneAlarm-Sicherheit - {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Program Files (x86)\ZoneAlarm-Sicherheit\prxtbZone.dll
O3 - Toolbar: ZoneAlarm-Sicherheit Toolbar - {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Program Files (x86)\ZoneAlarm-Sicherheit\prxtbZone.dll
O3 - Toolbar: ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll
O4 - HKLM\..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe"
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [MSUTray] C:\Program Files (x86)\Marvell\storage\tray\MarvellTray.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [AudioDrvEmulator] "C:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files (x86)\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll"
O4 - HKLM\..\Run: [UpdatePSTShortCut] "C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [VolPanel] "C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe" /r
O4 - HKLM\..\Run: [UpdReg] C:\Windows\UpdReg.EXE
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\RunOnce: [CtxfiReg] CTXFIREG.EXE /FORCE
O4 - HKLM\..\RunOnce: [SMC] C:\Program Files (x86)\gigabyte\smc\scachepretray.exe
O4 - HKLM\..\RunOnce: [EasyTuneVI] C:\Program Files (x86)\GIGABYTE\ET6\ETCall.exe
O4 - HKLM\..\RunOnce: [Console Launcher] "C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Console Launcher\MixerDef.exe" /a "PCI\VEN_1102&DEV_0005&SUBSYS_00211102"
O4 - HKLM\..\RunOnce: [InstallShieldSetup] C:\PROGRA~2\INSTAL~1\{88834~1\setup.exe -rebootC:\PROGRA~2\INSTAL~1\{88834~1\reboot.ini  -l0x7
O4 - HKLM\..\RunOnce: [InstallShieldSetup1] C:\PROGRA~2\INSTAL~1\{17E96~1\setup.exe -rebootC:\PROGRA~2\INSTAL~1\{17E96~1\reboot.ini  -l0x7
O4 - HKLM\..\RunOnce: [InstallShieldSetup2] C:\PROGRA~2\INSTAL~1\{FCCDA~1\setup.exe -rebootC:\PROGRA~2\INSTAL~1\{FCCDA~1\reboot.ini  -l0x7
O4 - HKLM\..\RunOnce: [InstallShieldSetup3] C:\PROGRA~2\INSTAL~1\{20288~1\SETUP.EXE -rebootC:\PROGRA~2\INSTAL~1\{20288~1\reboot.ini  -l0x7
O4 - HKLM\..\RunOnce: [CT_ReRegSvr_1] "C:\Program Files (x86)\Creative\MediaSource5\CTRegSvU.exe" /s:success C:\Program Files (x86)\Creative\MediaSource5\CTBrnCDU.dco
O4 - HKLM\..\RunOnce: [CT_ReRegSvr_2] "C:\Program Files (x86)\Creative\MediaSource5\CTRegSvU.exe" /s:success C:\Program Files (x86)\Creative\MediaSource5\CTBrnCDU.ecd
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [iSpy] C:\Program Files (x86)\iSpy\iSpy\iSpy.exe \S
O4 - HKCU\..\Run: [Rainlendar2] C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe
O4 - HKCU\..\Run: [EADM] "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
O4 - HKCU\..\RunOnce: [CTPostBootSequencer] "C:\Users\MAB\AppData\Local\Temp\CTPBSeq.exe" /reglaunch /self_destruct
O4 - HKCU\..\RunOnce: [CTSU] "C:\Program Files (x86)\Creative\Shared Files\Software Update\CTSURun.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-21-1267372750-804049950-451589816-1002\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1267372750-804049950-451589816-1002\..\Run: [iSpy] C:\Program Files (x86)\iSpy\iSpy\iSpy.exe \S (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1267372750-804049950-451589816-1002\..\Run: [Rainlendar2] C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1267372750-804049950-451589816-1002\..\RunOnce: [CTPostBootSequencer] "C:\Users\MAB\AppData\Local\Temp\CTPBSeq.exe" /reglaunch /self_destruct (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1267372750-804049950-451589816-1003\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User 'use')
O4 - Global Startup: fraps - Verknüpfung.lnk = C:\Fraps\fraps.exe
O8 - Extra context menu item: Free YouTube Download - C:\Users\MAB\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
O9 - Extra button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\ievkbd.dll
O9 - Extra button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\klwtbbho.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted IP range: http://127.0.0.1
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package 2) - http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} (Creative Software AutoUpdate 2) - http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwareupdate/ocx/15118/CTPID.cab
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AppleChargerSrv - Unknown owner - C:\Windows\system32\AppleChargerSrv.exe (file missing)
O23 - Service: Kaspersky Anti-Virus Service (AVP) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe
O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
O23 - Service: DES2 Service for Energy Saving. (DES2 Service) - Unknown owner - C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: ZoneAlarm Toolbar IswSvc (IswSvc) - Check Point Software Technologies - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LoaderService - Tools4Free - C:\Program Files (x86)\Tools4Free\Anti NetCut 3 Service Loader\LoaderService.exe
O23 - Service: Marvell Storage Management Service (Marvell Storage Management) - Marvell - C:\Program Files (x86)\Marvell\storage\svc\mvraidsvc.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: MSU Web Service (MSUWebService) - Apache Software Foundation - C:\Program Files (x86)\Marvell\storage\Apache2\bin\httpd.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Sandboxie Service (SbieSvc) - SANDBOXIE L.T.D - C:\Program Files\Sandboxie\SbieSvc.exe
O23 - Service: Smart TimeLock Service (Smart TimeLock) - Gigabyte Technology CO., LTD. - C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Update Center Service (UpdateCenterService) - NVIDIA - C:\Program Files (x86)\NVIDIA Corporation\System Update\UpdateCenterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\SysWOW64\ZoneLabs\vsmon.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 14995 bytes

**Hero** · 03.11.2011, 23:00

Code:

OTL logfile created on: 03.11.2011 23:46:24 - Run 1
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\use\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
15,98 Gb Total Physical Memory | 9,26 Gb Available Physical Memory | 57,96% Memory free
19,94 Gb Paging File | 12,88 Gb Available in Paging File | 64,60% Paging File free
Paging file location(s): h:\pagefile.sys 4070 4070 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 105,21 Gb Total Space | 54,68 Gb Free Space | 51,97% Space Free | Partition Type: NTFS
Drive D: | 390,62 Gb Total Space | 369,11 Gb Free Space | 94,49% Space Free | Partition Type: NTFS
Drive E: | 390,62 Gb Total Space | 390,53 Gb Free Space | 99,97% Space Free | Partition Type: NTFS
Drive F: | 488,28 Gb Total Space | 488,18 Gb Free Space | 99,98% Space Free | Partition Type: NTFS
Drive G: | 7,05 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive H: | 3,99 Gb Total Space | 0,03 Gb Free Space | 0,78% Space Free | Partition Type: FAT32
Drive I: | 1,91 Gb Total Space | 1,88 Gb Free Space | 98,40% Space Free | Partition Type: FAT32
Drive J: | 195,31 Gb Total Space | 5,56 Gb Free Space | 2,85% Space Free | Partition Type: NTFS
Drive K: | 195,31 Gb Total Space | 54,86 Gb Free Space | 28,09% Space Free | Partition Type: NTFS
Drive L: | 488,28 Gb Total Space | 487,92 Gb Free Space | 99,93% Space Free | Partition Type: NTFS
Drive M: | 195,31 Gb Total Space | 31,10 Gb Free Space | 15,92% Space Free | Partition Type: NTFS
Drive N: | 345,57 Gb Total Space | 231,59 Gb Free Space | 67,02% Space Free | Partition Type: NTFS
 
Computer Name: MAB-PC | User Name: MAB | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\use\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Users\use\Downloads\HiJackThis204.exe (Trend Micro Inc.)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Windows\SysWOW64\Ctxfihlp.exe (Creative Technology Ltd)
PRC - C:\Windows\SysWOW64\CTxfispi.exe (Creative Technology Ltd)
PRC - C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe ()
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\Tools4Free\AntiNetCut3\AntiNetCut3.exe (http://www.tools4free.net)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe (Kaspersky Lab ZAO)
PRC - C:\Program Files (x86)\Marvell\storage\svc\mvraidsvc.exe (Marvell)
PRC - C:\Program Files (x86)\Marvell\storage\tray\MarvellTray.exe ()
PRC - C:\Windows\SysWOW64\ZoneLabs\vsmon.exe (Check Point Software Technologies LTD)
PRC - C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
PRC - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
PRC - C:\Program Files (x86)\Marvell\storage\Apache2\bin\httpd.exe (Apache Software Foundation)
PRC - C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\AlarmClock.exe (Gigabyte Technology CO., LTD.)
PRC - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)
PRC - C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe (Gigabyte Technology CO., LTD.)
PRC - C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe (Creative Technology Ltd)
PRC - C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe ()
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\89933ca5a3d6ecfddac2f276746e939e\IAStorUtil.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\91fa5cc7230b88e3e42b3bccd198f681\IAStorCommon.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b2622080e047040fa044dd21a04ff10d\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6e592e424a204aafeadbe22b6b31b9db\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\3b2cfd85528a27eb71dc41d8067359a1\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\d7a64c28cf0c90e6c48af4f7d6f9ed41\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\130ad4d9719e566ca933ac7158a04203\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\abab08afa60a6f06bdde0fcc9649c379\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\2d5bcbeb9475ef62189f605bcca1cec6\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Program Files (x86)\Rainlendar2\plugins\iCalendarPlugin.dll ()
MOD - C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe ()
MOD - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll ()
MOD - C:\Windows\SysWOW64\CtxfiRes.dll ()
MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\QtGui4.dll ()
MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\QtSql4.dll ()
MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\QtScript4.dll ()
MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\QtNetwork4.dll ()
MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\QtCore4.dll ()
MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\QtDeclarative4.dll ()
MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\imageformats\qgif4.dll ()
MOD - C:\Program Files (x86)\Marvell\storage\tray\MarvellTray.exe ()
MOD - C:\Windows\SysWOW64\MvAccelerator.dll ()
MOD - C:\Windows\SysWOW64\mvwin.dll ()
MOD - C:\Windows\SysWOW64\mv2f.dll ()
MOD - C:\Program Files (x86)\Rainlendar2\wxmsw28u_xrc_vc_rny.dll ()
MOD - C:\Program Files (x86)\Rainlendar2\wxbase28u_xml_vc_rny.dll ()
MOD - C:\Program Files (x86)\Rainlendar2\wxmsw28u_html_vc_rny.dll ()
MOD - C:\Program Files (x86)\Rainlendar2\wxmsw28u_adv_vc_rny.dll ()
MOD - C:\Program Files (x86)\Rainlendar2\wxmsw28u_core_vc_rny.dll ()
MOD - C:\Program Files (x86)\Rainlendar2\wxbase28u_vc_rny.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Program Files (x86)\Rainlendar2\lfs.dll ()
MOD - C:\Program Files (x86)\Rainlendar2\lua51.dll ()
MOD - C:\Windows\SysWOW64\APOMngr.DLL ()
MOD - C:\Windows\SysWOW64\CmdRtr.DLL ()
MOD - C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll ()
MOD - C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll ()
MOD - C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll ()
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - (SbieSvc) -- C:\Program Files\Sandboxie\SbieSvc.exe (SANDBOXIE L.T.D)
SRV:64bit: - (IswSvc) -- C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe (Check Point Software Technologies)
SRV:64bit: - (MSCamSvc) -- C:\Program Files\Microsoft LifeCam\MSCamS64.exe (Microsoft Corporation)
SRV:64bit: - (AppleChargerSrv) -- C:\Windows\SysNative\AppleChargerSrv.exe ()
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (Creative ALchemy AL6 Licensing Service) -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe (Creative Labs)
SRV - (Creative Audio Engine Licensing Service) -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe (Creative Labs)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (LBTServ) -- C:\Programme\Common Files\LogiShrd\Bluetooth\LBTServ.exe (Logitech, Inc.)
SRV - (LoaderService) -- C:\Program Files (x86)\Tools4Free\Anti NetCut 3 Service Loader\LoaderService.exe (Tools4Free)
SRV - (IAStorDataMgrSvc) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (AVP) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe (Kaspersky Lab ZAO)
SRV - (Marvell Storage Management) -- C:\Program Files (x86)\Marvell\storage\svc\mvraidsvc.exe (Marvell)
SRV - (vsmon) -- C:\Windows\SysWOW64\ZoneLabs\vsmon.exe (Check Point Software Technologies LTD)
SRV - (MSUWebService) -- C:\Program Files (x86)\Marvell\storage\Apache2\bin\httpd.exe (Apache Software Foundation)
SRV - (rpcapd) Remote Packet Capture Protocol v.0 (experimental) -- C:\Program Files (x86)\WinPcap\rpcapd.exe (CACE Technologies, Inc.)
SRV - (nTuneService) -- C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe (NVIDIA)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (CTAudSvcService) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)
SRV - (UpdateCenterService) -- C:\Program Files (x86)\NVIDIA Corporation\System Update\UpdateCenterService.exe (NVIDIA)
SRV - (Smart TimeLock) -- C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe (Gigabyte Technology CO., LTD.)
SRV - (DES2 Service) -- C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe ()
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (ha20x2k) -- C:\Windows\SysNative\drivers\ha20x2k.sys (Creative Technology Ltd)
DRV:64bit: - (emupia) -- C:\Windows\SysNative\drivers\emupia2k.sys (Creative Technology Ltd)
DRV:64bit: - (ctsfm2k) -- C:\Windows\SysNative\drivers\ctsfm2k.sys (Creative Technology Ltd)
DRV:64bit: - (ctprxy2k) -- C:\Windows\SysNative\drivers\ctprxy2k.sys (Creative Technology Ltd)
DRV:64bit: - (ossrv) -- C:\Windows\SysNative\drivers\ctoss2k.sys (Creative Technology Ltd.)
DRV:64bit: - (ctaud2k) Creative Audio Driver (WDM) -- C:\Windows\SysNative\drivers\ctaud2k.sys (Creative Technology Ltd)
DRV:64bit: - (ctac32k) -- C:\Windows\SysNative\drivers\ctac32k.sys (Creative Technology Ltd)
DRV:64bit: - (CTEXFIFX.SYS) -- C:\Windows\SysNative\drivers\CTEXFIFX.sys (Creative Technology Ltd.)
DRV:64bit: - (CTEXFIFX) -- C:\Windows\SysNative\drivers\CTEXFIFX.sys (Creative Technology Ltd.)
DRV:64bit: - (CTHWIUT.SYS) -- C:\Windows\SysNative\drivers\CTHWIUT.sys (Creative Technology Ltd.)
DRV:64bit: - (CTHWIUT) -- C:\Windows\SysNative\drivers\CTHWIUT.sys (Creative Technology Ltd.)
DRV:64bit: - (CT20XUT.SYS) -- C:\Windows\SysNative\drivers\CT20XUT.sys (Creative Technology Ltd.)
DRV:64bit: - (CT20XUT) -- C:\Windows\SysNative\drivers\CT20XUT.sys (Creative Technology Ltd.)
DRV:64bit: - (KLIF) -- C:\Windows\SysNative\drivers\klif.sys (Kaspersky Lab)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek                                            )
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (LHidFilt) -- C:\Windows\SysNative\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV:64bit: - (LMouFilt) -- C:\Windows\SysNative\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (KLIM6) -- C:\Windows\SysNative\drivers\klim6.sys (Kaspersky Lab ZAO)
DRV:64bit: - (kl2) -- C:\Windows\SysNative\drivers\kl2.sys (Kaspersky Lab ZAO)
DRV:64bit: - (KL1) -- C:\Windows\SysNative\drivers\kl1.sys (Kaspersky Lab ZAO)
DRV:64bit: - (mv91cons) -- C:\Windows\SysNative\drivers\mv91cons.sys (Marvell Semiconductor Inc.)
DRV:64bit: - (AppleCharger) -- C:\Windows\SysNative\drivers\AppleCharger.sys ()
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (nusb3xhc) -- C:\Windows\SysNative\drivers\nusb3xhc.sys (Renesas Electronics Corporation)
DRV:64bit: - (nusb3hub) -- C:\Windows\SysNative\drivers\nusb3hub.sys (Renesas Electronics Corporation)
DRV:64bit: - (MEIx64) Intel(R) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (RAMDiskVE) -- C:\Windows\SysNative\drivers\RAMDiskVE.sys ()
DRV:64bit: - (NPF) -- C:\Windows\SysNative\drivers\npf.sys (CACE Technologies, Inc.)
DRV:64bit: - (vsdatant) -- C:\Windows\SysNative\drivers\vsdatant.sys (Check Point Software Technologies LTD)
DRV:64bit: - (TEAM) Realtek Virtual Miniport Driver for Teaming (NDIS 6.0) -- C:\Windows\SysNative\drivers\RtTeam60.sys (Realtek Corporation)
DRV:64bit: - (RTTEAMPT) Realtek Teaming Protocol Driver (NDIS 6.0) -- C:\Windows\SysNative\drivers\RtTeam60.sys (Realtek Corporation)
DRV:64bit: - (klmouflt) -- C:\Windows\SysNative\drivers\klmouflt.sys (Kaspersky Lab)
DRV:64bit: - (nvoclk64) -- C:\Windows\SysNative\drivers\nvoclk64.sys (NVIDIA Corp.)
DRV:64bit: - (xusb21) -- C:\Windows\SysNative\drivers\xusb21.sys (Microsoft Corporation)
DRV:64bit: - (RtNdPt60) -- C:\Windows\SysNative\drivers\RtNdPt60.sys (Realtek                                            )
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (VLAN) Realtek Virtual Miniport Driver for VLAN (NDIS 6.2) -- C:\Windows\SysNative\drivers\RtVlan60.sys (Windows (R) Codename Longhorn DDK provider)
DRV:64bit: - (RTVLANPT) Realtek Vlan Protocol Driver (NDIS 6.2) -- C:\Windows\SysNative\drivers\RtVlan60.sys (Windows (R) Codename Longhorn DDK provider)
DRV - (gdrv) -- C:\Windows\gdrv.sys (Windows (R) Server 2003 DDK provider)
DRV - (GVTDrv64) -- C:\Windows\GVTDrv64.sys ()
DRV - (SbieDrv) -- C:\Programme\Sandboxie\SbieDrv.sys (SANDBOXIE L.T.D)
DRV - (Mv_Process) -- c:\Windows\SysWOW64\Mv_Process.sys ()
DRV - (ISWKL) -- C:\Programme\CheckPoint\ZAForceField\ISWKL.sys (Check Point Software Technologies)
DRV - (vsdatant) -- C:\Windows\SysWOW64\drivers\vsdatant.sys (Check Point Software Technologies LTD)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\URLSearchHook: {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Program Files (x86)\ZoneAlarm-Sicherheit\prxtbZone.dll (Conduit Ltd.)
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = B8 9D 3F 5C 30 58 CC 01  [binary data]
IE - HKCU\..\URLSearchHook: {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Program Files (x86)\ZoneAlarm-Sicherheit\prxtbZone.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll ()
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.11: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
 
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\PROGRAM FILES\CHECKPOINT\ZAFORCEFIELD\TRUSTCHECKER [2011.10.03 10:55:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\linkfilter@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\FFExt\linkfilter@kaspersky.ru [2011.10.06 19:08:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtualKeyboard@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\FFExt\virtualKeyboard@kaspersky.ru [2011.10.06 19:08:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker [2011.10.02 22:42:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.10.01 12:52:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.08.20 16:38:47 | 000,000,000 | ---D | M]
 
[2011.08.11 18:14:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MAB\AppData\Roaming\mozilla\Extensions
[2011.10.02 22:42:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MAB\AppData\Roaming\mozilla\Firefox\Profiles\ttc6j85l.default\extensions
[2011.09.02 18:22:04 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\MAB\AppData\Roaming\mozilla\Firefox\Profiles\ttc6j85l.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.10.02 22:42:45 | 000,000,000 | ---D | M] (ZoneAlarm-Sicherheit Community Toolbar) -- C:\Users\MAB\AppData\Roaming\mozilla\Firefox\Profiles\ttc6j85l.default\extensions\{fc2b76fc-2132-4d80-a9a3-1f5c6e49066b}
[2011.10.01 12:52:17 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2011.08.20 16:38:48 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2011.10.06 19:08:21 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- C:\PROGRAM FILES (X86)\KASPERSKY LAB\KASPERSKY ANTI-VIRUS 2012\FFEXT\LINKFILTER@KASPERSKY.RU
[2011.10.06 19:08:21 | 000,000,000 | ---D | M] (Kaspersky Virtual Keyboard) -- C:\PROGRAM FILES (X86)\KASPERSKY LAB\KASPERSKY ANTI-VIRUS 2012\FFEXT\VIRTUALKEYBOARD@KASPERSKY.RU
[2011.09.29 08:09:51 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.08.20 16:38:45 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2011.07.11 22:48:12 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2011.09.29 02:24:37 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.09.29 02:16:42 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011.09.29 02:24:37 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2011.09.29 02:24:37 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.09.29 02:24:37 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.09.29 02:24:37 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\x64\ievkbd.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Programme\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2:64bit: - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\x64\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\ievkbd.dll (Kaspersky Lab ZAO)
O2 - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Programme\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (ZoneAlarm-Sicherheit Toolbar) - {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Program Files (x86)\ZoneAlarm-Sicherheit\prxtbZone.dll (Conduit Ltd.)
O3:64bit: - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Programme\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Programme\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKLM\..\Toolbar: (ZoneAlarm-Sicherheit Toolbar) - {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Program Files (x86)\ZoneAlarm-Sicherheit\prxtbZone.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies)
O4 - HKLM..\Run: [AudioDrvEmulator] C:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [CTxfiHlp] C:\Windows\SysWow64\Ctxfihlp.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [LifeCam] C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MSUTray] C:\Program Files (x86)\Marvell\storage\tray\MarvellTray.exe ()
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdReg] C:\Windows\Updreg.EXE (Creative Technology Ltd.)
O4 - HKLM..\Run: [VolPanel] C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
O4 - HKCU..\Run: [EADM] C:\Program Files (x86)\Origin\Origin.exe (Electronic Arts)
O4 - HKCU..\Run: [iSpy] C:\Program Files (x86)\iSpy\iSpy\iSpy.exe (iSpy.developerinabox.com)
O4 - HKCU..\Run: [ISUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup File not found
O4 - HKCU..\Run: [Rainlendar2] C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe ()
O4:64bit: - HKLM..\RunOnce: [RPMKickstart] C:\Programme\GIGABYTE\SMART6\Recovery\RPMKickstart.exe (Gigabyte Technology CO., LTD.)
O4 - HKLM..\RunOnce: [Console Launcher] C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Console Launcher\MixerDef.exe (Creative Technology Ltd)
O4 - HKLM..\RunOnce: [CT_ReRegSvr_1] C:\Program Files (x86)\Creative\MediaSource5\CTRegSvU.exe (Creative Technology Ltd)
O4 - HKLM..\RunOnce: [CT_ReRegSvr_2] C:\Program Files (x86)\Creative\MediaSource5\CTRegSvU.exe (Creative Technology Ltd)
O4 - HKLM..\RunOnce: [CtxfiReg] C:\Windows\SysWow64\CTxfiReg.exe (Creative Technology Ltd)
O4 - HKLM..\RunOnce: [EasyTuneVI] C:\Program Files (x86)\GIGABYTE\ET6\ETCall.exe ()
O4 - HKLM..\RunOnce: [InstallShieldSetup] C:\PROGRA~2\INSTAL~1\{88834~1\setup.exe -rebootC:\PROGRA~2\INSTAL~1\{88834~1\reboot.ini  -l0x7 File not found
O4 - HKLM..\RunOnce: [InstallShieldSetup1] C:\PROGRA~2\INSTAL~1\{17E96~1\setup.exe -rebootC:\PROGRA~2\INSTAL~1\{17E96~1\reboot.ini  -l0x7 File not found
O4 - HKLM..\RunOnce: [InstallShieldSetup2] C:\PROGRA~2\INSTAL~1\{FCCDA~1\setup.exe -rebootC:\PROGRA~2\INSTAL~1\{FCCDA~1\reboot.ini  -l0x7 File not found
O4 - HKLM..\RunOnce: [InstallShieldSetup3] C:\PROGRA~2\INSTAL~1\{20288~1\SETUP.EXE -rebootC:\PROGRA~2\INSTAL~1\{20288~1\reboot.ini  -l0x7 File not found
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\RunOnce: [SMC] C:\Program Files (x86)\gigabyte\smc\scachepretray.exe ()
O4 - HKCU..\RunOnce: [CTPostBootSequencer] "C:\Users\MAB\AppData\Local\Temp\CTPBSeq.exe" /reglaunch /self_destruct File not found
O4 - HKCU..\RunOnce: [CTSU] C:\Program Files (x86)\Creative\Shared Files\Software Update\CTSURun.exe (Creative Technology Ltd.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 60
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\MAB\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube Download - C:\Users\MAB\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O9:64bit: - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\x64\ievkbd.dll (Kaspersky Lab ZAO)
O9:64bit: - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\x64\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\ievkbd.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\klwtbbho.dll (Kaspersky Lab ZAO)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Ranges: Range1 ([http] in Trusted sites)
O15 - HKCU\..Trusted Ranges: Range1 ([https] in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab (Creative Software AutoUpdate Support Package 2)
O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab (Creative Software AutoUpdate 2)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwareupdate/ocx/15118/CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.100
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B6AC6C6E-A81E-4C0D-A904-5A4BE1334ADD}: DhcpNameServer = 192.168.0.100
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\klogon: DllName - (%SystemRoot%\System32\klogon.dll) - C:\Windows\SysNative\klogon.dll (Kaspersky Lab ZAO)
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Programme\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 0
O32 - AutoRun File - [2010.05.25 05:16:57 | 000,000,046 | -H-- | M] () - G:\autorun.inf -- [ UDF ]
O32 - AutoRun File - [2011.07.21 10:25:02 | 000,000,019 | ---- | M] () - I:\autoexec.bat -- [ FAT32 ]
O33 - MountPoints2\{c15f5cd5-c40a-11e0-ae32-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{c15f5cd5-c40a-11e0-ae32-806e6f6e6963}\Shell\AutoRun\command - "" = G:\setup\rsrc\Autorun.exe
O33 - MountPoints2\{c15f5cd5-c40a-11e0-ae32-806e6f6e6963}\Shell\dinstall\command - "" = G:\Directx\dxsetup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.11.03 20:47:31 | 000,000,000 | ---D | C] -- C:\Users\MAB\AppData\Roaming\Malwarebytes
[2011.11.03 20:47:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.11.03 20:47:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.11.03 20:47:15 | 000,025,416 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011.11.03 20:47:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011.11.03 09:36:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD
[2011.11.01 18:14:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Solidshield
[2011.11.01 18:08:31 | 000,000,000 | ---D | C] -- C:\ProgramData\EA Core
[2011.11.01 18:07:15 | 000,000,000 | ---D | C] -- C:\Users\MAB\AppData\Roaming\Origin
[2011.11.01 18:07:14 | 000,000,000 | ---D | C] -- C:\Users\MAB\AppData\Local\Origin
[2011.11.01 18:07:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
[2011.11.01 18:07:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Origin Games
[2011.11.01 18:06:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Origin
[2011.11.01 17:52:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AntiNetCut3
[2011.11.01 17:51:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Tools4Free
[2011.11.01 17:50:37 | 000,000,000 | ---D | C] -- C:\Users\MAB\AppData\Local\Electronic Arts
[2011.11.01 17:50:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Origin
[2011.11.01 17:50:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts
[2011.11.01 17:50:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Electronic Arts
[2011.11.01 17:49:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
[2011.11.01 17:49:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinPcap
[2011.11.01 17:34:10 | 005,554,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_42.dll
[2011.11.01 17:34:10 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_42.dll
[2011.11.01 17:34:10 | 002,582,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_42.dll
[2011.11.01 17:34:10 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_42.dll
[2011.11.01 17:34:09 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll
[2011.11.01 17:34:09 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll
[2011.11.01 17:34:09 | 000,285,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_42.dll
[2011.11.01 17:34:09 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_42.dll
[2011.11.01 17:34:07 | 002,475,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_42.dll
[2011.11.01 17:34:07 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll
[2011.11.01 17:34:05 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll
[2011.11.01 17:34:05 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll
[2011.11.01 17:18:58 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2011.11.01 17:18:58 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2011.11.01 17:18:58 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011.11.01 17:18:58 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011.11.01 17:18:57 | 002,309,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2011.11.01 17:18:57 | 000,818,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2011.11.01 17:18:57 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011.11.01 17:18:57 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011.11.01 17:18:57 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011.11.01 17:15:31 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2011.11.01 17:15:31 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll
[2011.11.01 17:15:30 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll
[2011.11.01 17:15:30 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll
[2011.11.01 17:15:30 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax
[2011.11.01 17:15:30 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax
[2011.10.09 15:00:24 | 000,090,112 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\Updreg.EXE
[2011.10.09 15:00:02 | 000,000,000 | ---D | C] -- C:\Program Files\Creative
[2011.10.09 14:38:18 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Creative Installation Information
[2011.10.09 14:38:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Creative Labs Shared
[2011.10.09 14:38:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Creative
[2011.10.09 14:37:36 | 000,107,008 | ---- | C] (Creative Technology Ltd) -- C:\Windows\SysNative\cttele64.dll
[2011.10.09 14:36:33 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Data
[2011.10.09 13:50:44 | 000,102,400 | ---- | C] (Creative Technology Ltd) -- C:\Windows\SysWow64\cttele32.dll
[2011.10.09 13:33:29 | 000,000,000 | ---D | C] -- C:\Users\MAB\Documents\ForceField Shared Files
[2011.10.09 13:33:29 | 000,000,000 | ---D | C] -- C:\Users\MAB\AppData\Roaming\CheckPoint
[2011.10.09 13:08:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Phyxion.net
[2011.10.09 13:08:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Phyxion.net
[2011.10.07 23:23:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RAMDisk
[2011.10.07 23:23:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dataram RAMDisk
[2011.10.07 22:52:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2011.10.07 22:52:15 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2011.09.28 10:15:52 | 000,060,928 | ---- | C] ( ) -- C:\Windows\SysWow64\a3d.dll
[2011.09.28 10:15:52 | 000,012,800 | ---- | C] ( ) -- C:\Windows\SysWow64\killapps.exe
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[2 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2011.11.03 23:49:31 | 000,000,512 | ---- | M] () -- C:\Windows\SysWow64\za_mv_raid.ev
[2011.11.03 23:46:59 | 000,114,688 | ---- | M] () -- C:\Windows\SysWow64\freqdb.db
[2011.11.03 23:35:42 | 000,014,960 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.11.03 23:35:42 | 000,014,960 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.11.03 23:34:11 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.11.03 23:34:11 | 000,653,928 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011.11.03 23:34:11 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.11.03 23:34:11 | 000,129,800 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011.11.03 23:34:11 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.11.03 23:27:15 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\Windows\gdrv.sys
[2011.11.03 23:27:12 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.11.03 23:26:42 | 4281,794,558 | -HS- | M] () -- C:\hiberfil.sys
[2011.11.03 23:25:38 | 000,061,520 | ---- | M] () -- C:\Windows\SysNative\BMXStateBkp-{0000000A-00000000-00000001-00001102-00000005-00211102}.rfx
[2011.11.03 23:25:38 | 000,061,520 | ---- | M] () -- C:\Windows\SysNative\BMXState-{0000000A-00000000-00000001-00001102-00000005-00211102}.rfx
[2011.11.03 23:25:38 | 000,000,788 | ---- | M] () -- C:\Windows\SysNative\DVCState-{0000000A-00000000-00000001-00001102-00000005-00211102}.rfx
[2011.11.03 20:47:19 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.11.03 09:48:50 | 000,002,102 | ---- | M] () -- C:\Users\Public\Desktop\MarvellTray.lnk
[2011.11.03 09:37:16 | 000,030,528 | ---- | M] () -- C:\Windows\GVTDrv64.sys
[2011.11.03 09:37:16 | 000,000,004 | ---- | M] () -- C:\Windows\SysWow64\GVTunner.ref
[2011.11.03 09:36:59 | 000,002,012 | ---- | M] () -- C:\Users\Public\Desktop\ET6.lnk
[2011.11.03 09:30:33 | 000,466,520 | ---- | M] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll
[2011.11.03 09:30:33 | 000,445,016 | ---- | M] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
[2011.11.03 09:30:33 | 000,123,480 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysNative\OpenAL32.dll
[2011.11.03 09:30:33 | 000,109,144 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysWow64\OpenAL32.dll
[2011.11.03 09:30:32 | 000,000,159 | RH-- | M] () -- C:\Windows\ctfile.rfc
[2011.11.01 20:32:22 | 000,000,620 | ---- | M] () -- C:\Users\Public\Desktop\StarCraft II.lnk
[2011.11.01 18:07:10 | 000,000,979 | ---- | M] () -- C:\Users\Public\Desktop\Origin.lnk
[2011.11.01 17:27:09 | 000,274,464 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011.10.09 13:08:37 | 000,001,233 | ---- | M] () -- C:\Users\Public\Desktop\Driver Sweeper.lnk
[2011.10.07 22:55:39 | 000,000,176 | ---- | M] () -- C:\Users\MAB\Documents\cc_20111007_235536.reg
[2011.10.07 22:55:29 | 000,004,264 | ---- | M] () -- C:\Users\MAB\Documents\cc_20111007_235526.reg
[2011.10.07 22:55:17 | 000,006,810 | ---- | M] () -- C:\Users\MAB\Documents\cc_20111007_235513.reg
[2011.10.07 22:52:16 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011.10.05 19:10:32 | 000,271,200 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2011.10.05 19:10:32 | 000,271,200 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[2 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2011.11.03 20:47:19 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.11.03 10:04:34 | 000,061,520 | ---- | C] () -- C:\Windows\SysNative\BMXState-{0000000A-00000000-00000001-00001102-00000005-00211102}.rfx
[2011.11.03 10:04:34 | 000,000,788 | ---- | C] () -- C:\Windows\SysNative\DVCState-{0000000A-00000000-00000001-00001102-00000005-00211102}.rfx
[2011.11.01 18:07:10 | 000,000,979 | ---- | C] () -- C:\Users\Public\Desktop\Origin.lnk
[2011.11.01 12:52:12 | 4281,794,558 | -HS- | C] () -- C:\hiberfil.sys
[2011.10.09 14:46:11 | 007,572,224 | ---- | C] () -- C:\Windows\SysWow64\CT8MGM.SF2
[2011.10.09 14:46:11 | 007,572,224 | ---- | C] () -- C:\Windows\SysNative\CT8MGM.SF2
[2011.10.09 14:46:11 | 004,174,814 | ---- | C] () -- C:\Windows\SysWow64\CT4MGM.SF2
[2011.10.09 14:46:11 | 004,174,814 | ---- | C] () -- C:\Windows\SysNative\CT4MGM.SF2
[2011.10.09 14:34:16 | 000,061,520 | ---- | C] () -- C:\Windows\SysNative\BMXStateBkp-{0000000A-00000000-00000001-00001102-00000005-00211102}.rfx
[2011.10.09 13:08:37 | 000,001,233 | ---- | C] () -- C:\Users\Public\Desktop\Driver Sweeper.lnk
[2011.10.07 22:55:37 | 000,000,176 | ---- | C] () -- C:\Users\MAB\Documents\cc_20111007_235536.reg
[2011.10.07 22:55:27 | 000,004,264 | ---- | C] () -- C:\Users\MAB\Documents\cc_20111007_235526.reg
[2011.10.07 22:55:14 | 000,006,810 | ---- | C] () -- C:\Users\MAB\Documents\cc_20111007_235513.reg
[2011.10.07 22:52:16 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011.10.07 12:47:20 | 000,190,976 | ---- | C] () -- C:\Windows\SysNative\APOMgr64.DLL
[2011.10.07 12:47:20 | 000,148,480 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2011.10.07 12:47:20 | 000,089,088 | ---- | C] () -- C:\Windows\SysNative\CmdRtr64.DLL
[2011.10.07 12:47:20 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2011.10.07 12:47:20 | 000,000,159 | RH-- | C] () -- C:\Windows\ctfile.rfc
[2011.09.28 10:15:52 | 000,007,680 | ---- | C] () -- C:\Windows\SysWow64\enlocstr.exe
[2011.09.28 10:15:52 | 000,002,560 | ---- | C] () -- C:\Windows\SysWow64\CtxfiRes.dll
[2011.09.28 10:15:50 | 000,321,512 | ---- | C] () -- C:\Windows\SysWow64\ctdlang.dat
[2011.09.28 10:15:50 | 000,056,509 | ---- | C] () -- C:\Windows\SysWow64\ctdnlstr.dat
[2011.09.28 10:15:50 | 000,021,208 | ---- | C] () -- C:\Windows\SysWow64\instwdm.ini
[2011.08.28 23:35:34 | 000,000,029 | ---- | C] () -- C:\Windows\sfbm.INI
[2011.08.22 00:34:28 | 000,007,604 | ---- | C] () -- C:\Users\MAB\AppData\Local\Resmon.ResmonCfg
[2011.08.19 11:54:22 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2011.08.13 13:11:33 | 000,001,628 | ---- | C] () -- C:\Windows\Sandboxie.ini
[2011.08.12 09:46:09 | 000,000,272 | ---- | C] () -- C:\Windows\lgfwup.ini
[2011.08.11 20:00:24 | 000,271,200 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011.08.11 20:00:23 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011.08.11 20:00:22 | 000,000,300 | ---- | C] () -- C:\Windows\game.ini
[2011.08.11 19:13:35 | 000,000,079 | ---- | C] () -- C:\Users\MAB\AppData\Local\CrystalDiskMark30.ini
[2011.08.11 17:55:35 | 000,030,528 | ---- | C] () -- C:\Windows\GVTDrv64.sys
[2011.08.11 17:09:02 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\mvcli.ini
[2011.08.11 16:58:36 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\drivers\IntelMEFWVer.dll
[2011.08.11 12:21:28 | 000,017,408 | ---- | C] () -- C:\Users\MAB\AppData\Local\WebpageIcons.db
[2011.08.04 22:35:55 | 000,000,285 | ---- | C] () -- C:\Windows\SysWow64\kill.ini
[2011.08.04 22:23:51 | 000,000,054 | ---- | C] () -- C:\Windows\SysWow64\ctzapxx.ini
[2011.08.03 02:31:54 | 000,311,912 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2011.04.09 17:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011.02.25 05:09:44 | 002,365,440 | ---- | C] () -- C:\Windows\SysWow64\MvAccelerator.dll
[2011.02.25 04:58:40 | 000,061,440 | ---- | C] () -- C:\Windows\SysWow64\mvwin.dll
[2011.02.25 04:58:36 | 000,158,208 | ---- | C] () -- C:\Windows\SysWow64\mv2f.dll
[2011.02.25 04:57:34 | 000,014,376 | ---- | C] () -- C:\Windows\SysWow64\Mv_Process.sys
[2011.01.20 08:39:54 | 000,141,824 | ---- | C] () -- C:\Windows\SysWow64\eventshare.dll
[2010.06.25 18:03:12 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll
[2009.09.30 02:44:52 | 000,000,127 | ---- | C] () -- C:\Windows\zraidtray.ini
[2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

< End of report >

Code:

OTL logfile created on: 03.11.2011 23:46:24 - Run 1
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\use\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
15,98 Gb Total Physical Memory | 9,26 Gb Available Physical Memory | 57,96% Memory free
19,94 Gb Paging File | 12,88 Gb Available in Paging File | 64,60% Paging File free
Paging file location(s): h:\pagefile.sys 4070 4070 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 105,21 Gb Total Space | 54,68 Gb Free Space | 51,97% Space Free | Partition Type: NTFS
Drive D: | 390,62 Gb Total Space | 369,11 Gb Free Space | 94,49% Space Free | Partition Type: NTFS
Drive E: | 390,62 Gb Total Space | 390,53 Gb Free Space | 99,97% Space Free | Partition Type: NTFS
Drive F: | 488,28 Gb Total Space | 488,18 Gb Free Space | 99,98% Space Free | Partition Type: NTFS
Drive G: | 7,05 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive H: | 3,99 Gb Total Space | 0,03 Gb Free Space | 0,78% Space Free | Partition Type: FAT32
Drive I: | 1,91 Gb Total Space | 1,88 Gb Free Space | 98,40% Space Free | Partition Type: FAT32
Drive J: | 195,31 Gb Total Space | 5,56 Gb Free Space | 2,85% Space Free | Partition Type: NTFS
Drive K: | 195,31 Gb Total Space | 54,86 Gb Free Space | 28,09% Space Free | Partition Type: NTFS
Drive L: | 488,28 Gb Total Space | 487,92 Gb Free Space | 99,93% Space Free | Partition Type: NTFS
Drive M: | 195,31 Gb Total Space | 31,10 Gb Free Space | 15,92% Space Free | Partition Type: NTFS
Drive N: | 345,57 Gb Total Space | 231,59 Gb Free Space | 67,02% Space Free | Partition Type: NTFS
 
Computer Name: MAB-PC | User Name: MAB | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\use\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Users\use\Downloads\HiJackThis204.exe (Trend Micro Inc.)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Windows\SysWOW64\Ctxfihlp.exe (Creative Technology Ltd)
PRC - C:\Windows\SysWOW64\CTxfispi.exe (Creative Technology Ltd)
PRC - C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe ()
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\Tools4Free\AntiNetCut3\AntiNetCut3.exe (http://www.tools4free.net)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe (Kaspersky Lab ZAO)
PRC - C:\Program Files (x86)\Marvell\storage\svc\mvraidsvc.exe (Marvell)
PRC - C:\Program Files (x86)\Marvell\storage\tray\MarvellTray.exe ()
PRC - C:\Windows\SysWOW64\ZoneLabs\vsmon.exe (Check Point Software Technologies LTD)
PRC - C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
PRC - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
PRC - C:\Program Files (x86)\Marvell\storage\Apache2\bin\httpd.exe (Apache Software Foundation)
PRC - C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\AlarmClock.exe (Gigabyte Technology CO., LTD.)
PRC - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)
PRC - C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe (Gigabyte Technology CO., LTD.)
PRC - C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe (Creative Technology Ltd)
PRC - C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe ()
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\89933ca5a3d6ecfddac2f276746e939e\IAStorUtil.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\91fa5cc7230b88e3e42b3bccd198f681\IAStorCommon.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b2622080e047040fa044dd21a04ff10d\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6e592e424a204aafeadbe22b6b31b9db\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\3b2cfd85528a27eb71dc41d8067359a1\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\d7a64c28cf0c90e6c48af4f7d6f9ed41\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\130ad4d9719e566ca933ac7158a04203\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\abab08afa60a6f06bdde0fcc9649c379\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\2d5bcbeb9475ef62189f605bcca1cec6\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Program Files (x86)\Rainlendar2\plugins\iCalendarPlugin.dll ()
MOD - C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe ()
MOD - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll ()
MOD - C:\Windows\SysWOW64\CtxfiRes.dll ()
MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\QtGui4.dll ()
MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\QtSql4.dll ()
MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\QtScript4.dll ()
MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\QtNetwork4.dll ()
MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\QtCore4.dll ()
MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\QtDeclarative4.dll ()
MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\imageformats\qgif4.dll ()
MOD - C:\Program Files (x86)\Marvell\storage\tray\MarvellTray.exe ()
MOD - C:\Windows\SysWOW64\MvAccelerator.dll ()
MOD - C:\Windows\SysWOW64\mvwin.dll ()
MOD - C:\Windows\SysWOW64\mv2f.dll ()
MOD - C:\Program Files (x86)\Rainlendar2\wxmsw28u_xrc_vc_rny.dll ()
MOD - C:\Program Files (x86)\Rainlendar2\wxbase28u_xml_vc_rny.dll ()
MOD - C:\Program Files (x86)\Rainlendar2\wxmsw28u_html_vc_rny.dll ()
MOD - C:\Program Files (x86)\Rainlendar2\wxmsw28u_adv_vc_rny.dll ()
MOD - C:\Program Files (x86)\Rainlendar2\wxmsw28u_core_vc_rny.dll ()
MOD - C:\Program Files (x86)\Rainlendar2\wxbase28u_vc_rny.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Program Files (x86)\Rainlendar2\lfs.dll ()
MOD - C:\Program Files (x86)\Rainlendar2\lua51.dll ()
MOD - C:\Windows\SysWOW64\APOMngr.DLL ()
MOD - C:\Windows\SysWOW64\CmdRtr.DLL ()
MOD - C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll ()
MOD - C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll ()
MOD - C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll ()
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - (SbieSvc) -- C:\Program Files\Sandboxie\SbieSvc.exe (SANDBOXIE L.T.D)
SRV:64bit: - (IswSvc) -- C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe (Check Point Software Technologies)
SRV:64bit: - (MSCamSvc) -- C:\Program Files\Microsoft LifeCam\MSCamS64.exe (Microsoft Corporation)
SRV:64bit: - (AppleChargerSrv) -- C:\Windows\SysNative\AppleChargerSrv.exe ()
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (Creative ALchemy AL6 Licensing Service) -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe (Creative Labs)
SRV - (Creative Audio Engine Licensing Service) -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe (Creative Labs)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (LBTServ) -- C:\Programme\Common Files\LogiShrd\Bluetooth\LBTServ.exe (Logitech, Inc.)
SRV - (LoaderService) -- C:\Program Files (x86)\Tools4Free\Anti NetCut 3 Service Loader\LoaderService.exe (Tools4Free)
SRV - (IAStorDataMgrSvc) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (AVP) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe (Kaspersky Lab ZAO)
SRV - (Marvell Storage Management) -- C:\Program Files (x86)\Marvell\storage\svc\mvraidsvc.exe (Marvell)
SRV - (vsmon) -- C:\Windows\SysWOW64\ZoneLabs\vsmon.exe (Check Point Software Technologies LTD)
SRV - (MSUWebService) -- C:\Program Files (x86)\Marvell\storage\Apache2\bin\httpd.exe (Apache Software Foundation)
SRV - (rpcapd) Remote Packet Capture Protocol v.0 (experimental) -- C:\Program Files (x86)\WinPcap\rpcapd.exe (CACE Technologies, Inc.)
SRV - (nTuneService) -- C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe (NVIDIA)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (CTAudSvcService) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)
SRV - (UpdateCenterService) -- C:\Program Files (x86)\NVIDIA Corporation\System Update\UpdateCenterService.exe (NVIDIA)
SRV - (Smart TimeLock) -- C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe (Gigabyte Technology CO., LTD.)
SRV - (DES2 Service) -- C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe ()
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (ha20x2k) -- C:\Windows\SysNative\drivers\ha20x2k.sys (Creative Technology Ltd)
DRV:64bit: - (emupia) -- C:\Windows\SysNative\drivers\emupia2k.sys (Creative Technology Ltd)
DRV:64bit: - (ctsfm2k) -- C:\Windows\SysNative\drivers\ctsfm2k.sys (Creative Technology Ltd)
DRV:64bit: - (ctprxy2k) -- C:\Windows\SysNative\drivers\ctprxy2k.sys (Creative Technology Ltd)
DRV:64bit: - (ossrv) -- C:\Windows\SysNative\drivers\ctoss2k.sys (Creative Technology Ltd.)
DRV:64bit: - (ctaud2k) Creative Audio Driver (WDM) -- C:\Windows\SysNative\drivers\ctaud2k.sys (Creative Technology Ltd)
DRV:64bit: - (ctac32k) -- C:\Windows\SysNative\drivers\ctac32k.sys (Creative Technology Ltd)
DRV:64bit: - (CTEXFIFX.SYS) -- C:\Windows\SysNative\drivers\CTEXFIFX.sys (Creative Technology Ltd.)
DRV:64bit: - (CTEXFIFX) -- C:\Windows\SysNative\drivers\CTEXFIFX.sys (Creative Technology Ltd.)
DRV:64bit: - (CTHWIUT.SYS) -- C:\Windows\SysNative\drivers\CTHWIUT.sys (Creative Technology Ltd.)
DRV:64bit: - (CTHWIUT) -- C:\Windows\SysNative\drivers\CTHWIUT.sys (Creative Technology Ltd.)
DRV:64bit: - (CT20XUT.SYS) -- C:\Windows\SysNative\drivers\CT20XUT.sys (Creative Technology Ltd.)
DRV:64bit: - (CT20XUT) -- C:\Windows\SysNative\drivers\CT20XUT.sys (Creative Technology Ltd.)
DRV:64bit: - (KLIF) -- C:\Windows\SysNative\drivers\klif.sys (Kaspersky Lab)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek                                            )
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (LHidFilt) -- C:\Windows\SysNative\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV:64bit: - (LMouFilt) -- C:\Windows\SysNative\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (KLIM6) -- C:\Windows\SysNative\drivers\klim6.sys (Kaspersky Lab ZAO)
DRV:64bit: - (kl2) -- C:\Windows\SysNative\drivers\kl2.sys (Kaspersky Lab ZAO)
DRV:64bit: - (KL1) -- C:\Windows\SysNative\drivers\kl1.sys (Kaspersky Lab ZAO)
DRV:64bit: - (mv91cons) -- C:\Windows\SysNative\drivers\mv91cons.sys (Marvell Semiconductor Inc.)
DRV:64bit: - (AppleCharger) -- C:\Windows\SysNative\drivers\AppleCharger.sys ()
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (nusb3xhc) -- C:\Windows\SysNative\drivers\nusb3xhc.sys (Renesas Electronics Corporation)
DRV:64bit: - (nusb3hub) -- C:\Windows\SysNative\drivers\nusb3hub.sys (Renesas Electronics Corporation)
DRV:64bit: - (MEIx64) Intel(R) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (RAMDiskVE) -- C:\Windows\SysNative\drivers\RAMDiskVE.sys ()
DRV:64bit: - (NPF) -- C:\Windows\SysNative\drivers\npf.sys (CACE Technologies, Inc.)
DRV:64bit: - (vsdatant) -- C:\Windows\SysNative\drivers\vsdatant.sys (Check Point Software Technologies LTD)
DRV:64bit: - (TEAM) Realtek Virtual Miniport Driver for Teaming (NDIS 6.0) -- C:\Windows\SysNative\drivers\RtTeam60.sys (Realtek Corporation)
DRV:64bit: - (RTTEAMPT) Realtek Teaming Protocol Driver (NDIS 6.0) -- C:\Windows\SysNative\drivers\RtTeam60.sys (Realtek Corporation)
DRV:64bit: - (klmouflt) -- C:\Windows\SysNative\drivers\klmouflt.sys (Kaspersky Lab)
DRV:64bit: - (nvoclk64) -- C:\Windows\SysNative\drivers\nvoclk64.sys (NVIDIA Corp.)
DRV:64bit: - (xusb21) -- C:\Windows\SysNative\drivers\xusb21.sys (Microsoft Corporation)
DRV:64bit: - (RtNdPt60) -- C:\Windows\SysNative\drivers\RtNdPt60.sys (Realtek                                            )
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (VLAN) Realtek Virtual Miniport Driver for VLAN (NDIS 6.2) -- C:\Windows\SysNative\drivers\RtVlan60.sys (Windows (R) Codename Longhorn DDK provider)
DRV:64bit: - (RTVLANPT) Realtek Vlan Protocol Driver (NDIS 6.2) -- C:\Windows\SysNative\drivers\RtVlan60.sys (Windows (R) Codename Longhorn DDK provider)
DRV - (gdrv) -- C:\Windows\gdrv.sys (Windows (R) Server 2003 DDK provider)
DRV - (GVTDrv64) -- C:\Windows\GVTDrv64.sys ()
DRV - (SbieDrv) -- C:\Programme\Sandboxie\SbieDrv.sys (SANDBOXIE L.T.D)
DRV - (Mv_Process) -- c:\Windows\SysWOW64\Mv_Process.sys ()
DRV - (ISWKL) -- C:\Programme\CheckPoint\ZAForceField\ISWKL.sys (Check Point Software Technologies)
DRV - (vsdatant) -- C:\Windows\SysWOW64\drivers\vsdatant.sys (Check Point Software Technologies LTD)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\URLSearchHook: {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Program Files (x86)\ZoneAlarm-Sicherheit\prxtbZone.dll (Conduit Ltd.)
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = B8 9D 3F 5C 30 58 CC 01  [binary data]
IE - HKCU\..\URLSearchHook: {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Program Files (x86)\ZoneAlarm-Sicherheit\prxtbZone.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll ()
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.11: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
 
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\PROGRAM FILES\CHECKPOINT\ZAFORCEFIELD\TRUSTCHECKER [2011.10.03 10:55:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\linkfilter@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\FFExt\linkfilter@kaspersky.ru [2011.10.06 19:08:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtualKeyboard@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\FFExt\virtualKeyboard@kaspersky.ru [2011.10.06 19:08:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker [2011.10.02 22:42:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.10.01 12:52:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.08.20 16:38:47 | 000,000,000 | ---D | M]
 
[2011.08.11 18:14:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MAB\AppData\Roaming\mozilla\Extensions
[2011.10.02 22:42:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\MAB\AppData\Roaming\mozilla\Firefox\Profiles\ttc6j85l.default\extensions
[2011.09.02 18:22:04 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\MAB\AppData\Roaming\mozilla\Firefox\Profiles\ttc6j85l.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.10.02 22:42:45 | 000,000,000 | ---D | M] (ZoneAlarm-Sicherheit Community Toolbar) -- C:\Users\MAB\AppData\Roaming\mozilla\Firefox\Profiles\ttc6j85l.default\extensions\{fc2b76fc-2132-4d80-a9a3-1f5c6e49066b}
[2011.10.01 12:52:17 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2011.08.20 16:38:48 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2011.10.06 19:08:21 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- C:\PROGRAM FILES (X86)\KASPERSKY LAB\KASPERSKY ANTI-VIRUS 2012\FFEXT\LINKFILTER@KASPERSKY.RU
[2011.10.06 19:08:21 | 000,000,000 | ---D | M] (Kaspersky Virtual Keyboard) -- C:\PROGRAM FILES (X86)\KASPERSKY LAB\KASPERSKY ANTI-VIRUS 2012\FFEXT\VIRTUALKEYBOARD@KASPERSKY.RU
[2011.09.29 08:09:51 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.08.20 16:38:45 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2011.07.11 22:48:12 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2011.09.29 02:24:37 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.09.29 02:16:42 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011.09.29 02:24:37 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2011.09.29 02:24:37 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.09.29 02:24:37 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.09.29 02:24:37 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\x64\ievkbd.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Programme\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2:64bit: - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\x64\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\ievkbd.dll (Kaspersky Lab ZAO)
O2 - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Programme\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (ZoneAlarm-Sicherheit Toolbar) - {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Program Files (x86)\ZoneAlarm-Sicherheit\prxtbZone.dll (Conduit Ltd.)
O3:64bit: - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Programme\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Programme\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKLM\..\Toolbar: (ZoneAlarm-Sicherheit Toolbar) - {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Program Files (x86)\ZoneAlarm-Sicherheit\prxtbZone.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies)
O4 - HKLM..\Run: [AudioDrvEmulator] C:\Program Files (x86)\Creative\Shared Files\Module Loader\DLLML.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [CTxfiHlp] C:\Windows\SysWow64\Ctxfihlp.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [LifeCam] C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MSUTray] C:\Program Files (x86)\Marvell\storage\tray\MarvellTray.exe ()
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdReg] C:\Windows\Updreg.EXE (Creative Technology Ltd.)
O4 - HKLM..\Run: [VolPanel] C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
O4 - HKCU..\Run: [EADM] C:\Program Files (x86)\Origin\Origin.exe (Electronic Arts)
O4 - HKCU..\Run: [iSpy] C:\Program Files (x86)\iSpy\iSpy\iSpy.exe (iSpy.developerinabox.com)
O4 - HKCU..\Run: [ISUSPM Startup] C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup File not found
O4 - HKCU..\Run: [Rainlendar2] C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe ()
O4:64bit: - HKLM..\RunOnce: [RPMKickstart] C:\Programme\GIGABYTE\SMART6\Recovery\RPMKickstart.exe (Gigabyte Technology CO., LTD.)
O4 - HKLM..\RunOnce: [Console Launcher] C:\Program Files (x86)\Creative\Sound Blaster X-Fi\Console Launcher\MixerDef.exe (Creative Technology Ltd)
O4 - HKLM..\RunOnce: [CT_ReRegSvr_1] C:\Program Files (x86)\Creative\MediaSource5\CTRegSvU.exe (Creative Technology Ltd)
O4 - HKLM..\RunOnce: [CT_ReRegSvr_2] C:\Program Files (x86)\Creative\MediaSource5\CTRegSvU.exe (Creative Technology Ltd)
O4 - HKLM..\RunOnce: [CtxfiReg] C:\Windows\SysWow64\CTxfiReg.exe (Creative Technology Ltd)
O4 - HKLM..\RunOnce: [EasyTuneVI] C:\Program Files (x86)\GIGABYTE\ET6\ETCall.exe ()
O4 - HKLM..\RunOnce: [InstallShieldSetup] C:\PROGRA~2\INSTAL~1\{88834~1\setup.exe -rebootC:\PROGRA~2\INSTAL~1\{88834~1\reboot.ini  -l0x7 File not found
O4 - HKLM..\RunOnce: [InstallShieldSetup1] C:\PROGRA~2\INSTAL~1\{17E96~1\setup.exe -rebootC:\PROGRA~2\INSTAL~1\{17E96~1\reboot.ini  -l0x7 File not found
O4 - HKLM..\RunOnce: [InstallShieldSetup2] C:\PROGRA~2\INSTAL~1\{FCCDA~1\setup.exe -rebootC:\PROGRA~2\INSTAL~1\{FCCDA~1\reboot.ini  -l0x7 File not found
O4 - HKLM..\RunOnce: [InstallShieldSetup3] C:\PROGRA~2\INSTAL~1\{20288~1\SETUP.EXE -rebootC:\PROGRA~2\INSTAL~1\{20288~1\reboot.ini  -l0x7 File not found
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\RunOnce: [SMC] C:\Program Files (x86)\gigabyte\smc\scachepretray.exe ()
O4 - HKCU..\RunOnce: [CTPostBootSequencer] "C:\Users\MAB\AppData\Local\Temp\CTPBSeq.exe" /reglaunch /self_destruct File not found
O4 - HKCU..\RunOnce: [CTSU] C:\Program Files (x86)\Creative\Shared Files\Software Update\CTSURun.exe (Creative Technology Ltd.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 60
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\MAB\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube Download - C:\Users\MAB\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O9:64bit: - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\x64\ievkbd.dll (Kaspersky Lab ZAO)
O9:64bit: - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\x64\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\ievkbd.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\klwtbbho.dll (Kaspersky Lab ZAO)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Ranges: Range1 ([http] in Trusted sites)
O15 - HKCU\..Trusted Ranges: Range1 ([https] in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab (Creative Software AutoUpdate Support Package 2)
O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab (Creative Software AutoUpdate 2)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwareupdate/ocx/15118/CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.100
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B6AC6C6E-A81E-4C0D-A904-5A4BE1334ADD}: DhcpNameServer = 192.168.0.100
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\klogon: DllName - (%SystemRoot%\System32\klogon.dll) - C:\Windows\SysNative\klogon.dll (Kaspersky Lab ZAO)
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Programme\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 0
O32 - AutoRun File - [2010.05.25 05:16:57 | 000,000,046 | -H-- | M] () - G:\autorun.inf -- [ UDF ]
O32 - AutoRun File - [2011.07.21 10:25:02 | 000,000,019 | ---- | M] () - I:\autoexec.bat -- [ FAT32 ]
O33 - MountPoints2\{c15f5cd5-c40a-11e0-ae32-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{c15f5cd5-c40a-11e0-ae32-806e6f6e6963}\Shell\AutoRun\command - "" = G:\setup\rsrc\Autorun.exe
O33 - MountPoints2\{c15f5cd5-c40a-11e0-ae32-806e6f6e6963}\Shell\dinstall\command - "" = G:\Directx\dxsetup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.11.03 20:47:31 | 000,000,000 | ---D | C] -- C:\Users\MAB\AppData\Roaming\Malwarebytes
[2011.11.03 20:47:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.11.03 20:47:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.11.03 20:47:15 | 000,025,416 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011.11.03 20:47:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011.11.03 09:36:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD
[2011.11.01 18:14:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Solidshield
[2011.11.01 18:08:31 | 000,000,000 | ---D | C] -- C:\ProgramData\EA Core
[2011.11.01 18:07:15 | 000,000,000 | ---D | C] -- C:\Users\MAB\AppData\Roaming\Origin
[2011.11.01 18:07:14 | 000,000,000 | ---D | C] -- C:\Users\MAB\AppData\Local\Origin
[2011.11.01 18:07:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
[2011.11.01 18:07:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Origin Games
[2011.11.01 18:06:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Origin
[2011.11.01 17:52:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AntiNetCut3
[2011.11.01 17:51:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Tools4Free
[2011.11.01 17:50:37 | 000,000,000 | ---D | C] -- C:\Users\MAB\AppData\Local\Electronic Arts
[2011.11.01 17:50:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Origin
[2011.11.01 17:50:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts
[2011.11.01 17:50:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Electronic Arts
[2011.11.01 17:49:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
[2011.11.01 17:49:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinPcap
[2011.11.01 17:34:10 | 005,554,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dcsx_42.dll
[2011.11.01 17:34:10 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dcsx_42.dll
[2011.11.01 17:34:10 | 002,582,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DCompiler_42.dll
[2011.11.01 17:34:10 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DCompiler_42.dll
[2011.11.01 17:34:09 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll
[2011.11.01 17:34:09 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll
[2011.11.01 17:34:09 | 000,285,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx11_42.dll
[2011.11.01 17:34:09 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx11_42.dll
[2011.11.01 17:34:07 | 002,475,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\D3DX9_42.dll
[2011.11.01 17:34:07 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll
[2011.11.01 17:34:05 | 000,107,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\xinput1_3.dll
[2011.11.01 17:34:05 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\xinput1_3.dll
[2011.11.01 17:18:58 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2011.11.01 17:18:58 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2011.11.01 17:18:58 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011.11.01 17:18:58 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011.11.01 17:18:57 | 002,309,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2011.11.01 17:18:57 | 000,818,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2011.11.01 17:18:57 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011.11.01 17:18:57 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011.11.01 17:18:57 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011.11.01 17:15:31 | 000,861,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleaut32.dll
[2011.11.01 17:15:31 | 000,331,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\oleacc.dll
[2011.11.01 17:15:30 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisdecd.dll
[2011.11.01 17:15:30 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisdecd.dll
[2011.11.01 17:15:30 | 000,108,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\psisrndr.ax
[2011.11.01 17:15:30 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\psisrndr.ax
[2011.10.09 15:00:24 | 000,090,112 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\Updreg.EXE
[2011.10.09 15:00:02 | 000,000,000 | ---D | C] -- C:\Program Files\Creative
[2011.10.09 14:38:18 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Creative Installation Information
[2011.10.09 14:38:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Creative Labs Shared
[2011.10.09 14:38:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Creative
[2011.10.09 14:37:36 | 000,107,008 | ---- | C] (Creative Technology Ltd) -- C:\Windows\SysNative\cttele64.dll
[2011.10.09 14:36:33 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Data
[2011.10.09 13:50:44 | 000,102,400 | ---- | C] (Creative Technology Ltd) -- C:\Windows\SysWow64\cttele32.dll
[2011.10.09 13:33:29 | 000,000,000 | ---D | C] -- C:\Users\MAB\Documents\ForceField Shared Files
[2011.10.09 13:33:29 | 000,000,000 | ---D | C] -- C:\Users\MAB\AppData\Roaming\CheckPoint
[2011.10.09 13:08:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Phyxion.net
[2011.10.09 13:08:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Phyxion.net
[2011.10.07 23:23:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RAMDisk
[2011.10.07 23:23:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dataram RAMDisk
[2011.10.07 22:52:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2011.10.07 22:52:15 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2011.09.28 10:15:52 | 000,060,928 | ---- | C] ( ) -- C:\Windows\SysWow64\a3d.dll
[2011.09.28 10:15:52 | 000,012,800 | ---- | C] ( ) -- C:\Windows\SysWow64\killapps.exe
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[2 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2011.11.03 23:49:31 | 000,000,512 | ---- | M] () -- C:\Windows\SysWow64\za_mv_raid.ev
[2011.11.03 23:46:59 | 000,114,688 | ---- | M] () -- C:\Windows\SysWow64\freqdb.db
[2011.11.03 23:35:42 | 000,014,960 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.11.03 23:35:42 | 000,014,960 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.11.03 23:34:11 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.11.03 23:34:11 | 000,653,928 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011.11.03 23:34:11 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.11.03 23:34:11 | 000,129,800 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011.11.03 23:34:11 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.11.03 23:27:15 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\Windows\gdrv.sys
[2011.11.03 23:27:12 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.11.03 23:26:42 | 4281,794,558 | -HS- | M] () -- C:\hiberfil.sys
[2011.11.03 23:25:38 | 000,061,520 | ---- | M] () -- C:\Windows\SysNative\BMXStateBkp-{0000000A-00000000-00000001-00001102-00000005-00211102}.rfx
[2011.11.03 23:25:38 | 000,061,520 | ---- | M] () -- C:\Windows\SysNative\BMXState-{0000000A-00000000-00000001-00001102-00000005-00211102}.rfx
[2011.11.03 23:25:38 | 000,000,788 | ---- | M] () -- C:\Windows\SysNative\DVCState-{0000000A-00000000-00000001-00001102-00000005-00211102}.rfx
[2011.11.03 20:47:19 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.11.03 09:48:50 | 000,002,102 | ---- | M] () -- C:\Users\Public\Desktop\MarvellTray.lnk
[2011.11.03 09:37:16 | 000,030,528 | ---- | M] () -- C:\Windows\GVTDrv64.sys
[2011.11.03 09:37:16 | 000,000,004 | ---- | M] () -- C:\Windows\SysWow64\GVTunner.ref
[2011.11.03 09:36:59 | 000,002,012 | ---- | M] () -- C:\Users\Public\Desktop\ET6.lnk
[2011.11.03 09:30:33 | 000,466,520 | ---- | M] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll
[2011.11.03 09:30:33 | 000,445,016 | ---- | M] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
[2011.11.03 09:30:33 | 000,123,480 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysNative\OpenAL32.dll
[2011.11.03 09:30:33 | 000,109,144 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysWow64\OpenAL32.dll
[2011.11.03 09:30:32 | 000,000,159 | RH-- | M] () -- C:\Windows\ctfile.rfc
[2011.11.01 20:32:22 | 000,000,620 | ---- | M] () -- C:\Users\Public\Desktop\StarCraft II.lnk
[2011.11.01 18:07:10 | 000,000,979 | ---- | M] () -- C:\Users\Public\Desktop\Origin.lnk
[2011.11.01 17:27:09 | 000,274,464 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011.10.09 13:08:37 | 000,001,233 | ---- | M] () -- C:\Users\Public\Desktop\Driver Sweeper.lnk
[2011.10.07 22:55:39 | 000,000,176 | ---- | M] () -- C:\Users\MAB\Documents\cc_20111007_235536.reg
[2011.10.07 22:55:29 | 000,004,264 | ---- | M] () -- C:\Users\MAB\Documents\cc_20111007_235526.reg
[2011.10.07 22:55:17 | 000,006,810 | ---- | M] () -- C:\Users\MAB\Documents\cc_20111007_235513.reg
[2011.10.07 22:52:16 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011.10.05 19:10:32 | 000,271,200 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2011.10.05 19:10:32 | 000,271,200 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[2 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2011.11.03 20:47:19 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.11.03 10:04:34 | 000,061,520 | ---- | C] () -- C:\Windows\SysNative\BMXState-{0000000A-00000000-00000001-00001102-00000005-00211102}.rfx
[2011.11.03 10:04:34 | 000,000,788 | ---- | C] () -- C:\Windows\SysNative\DVCState-{0000000A-00000000-00000001-00001102-00000005-00211102}.rfx
[2011.11.01 18:07:10 | 000,000,979 | ---- | C] () -- C:\Users\Public\Desktop\Origin.lnk
[2011.11.01 12:52:12 | 4281,794,558 | -HS- | C] () -- C:\hiberfil.sys
[2011.10.09 14:46:11 | 007,572,224 | ---- | C] () -- C:\Windows\SysWow64\CT8MGM.SF2
[2011.10.09 14:46:11 | 007,572,224 | ---- | C] () -- C:\Windows\SysNative\CT8MGM.SF2
[2011.10.09 14:46:11 | 004,174,814 | ---- | C] () -- C:\Windows\SysWow64\CT4MGM.SF2
[2011.10.09 14:46:11 | 004,174,814 | ---- | C] () -- C:\Windows\SysNative\CT4MGM.SF2
[2011.10.09 14:34:16 | 000,061,520 | ---- | C] () -- C:\Windows\SysNative\BMXStateBkp-{0000000A-00000000-00000001-00001102-00000005-00211102}.rfx
[2011.10.09 13:08:37 | 000,001,233 | ---- | C] () -- C:\Users\Public\Desktop\Driver Sweeper.lnk
[2011.10.07 22:55:37 | 000,000,176 | ---- | C] () -- C:\Users\MAB\Documents\cc_20111007_235536.reg
[2011.10.07 22:55:27 | 000,004,264 | ---- | C] () -- C:\Users\MAB\Documents\cc_20111007_235526.reg
[2011.10.07 22:55:14 | 000,006,810 | ---- | C] () -- C:\Users\MAB\Documents\cc_20111007_235513.reg
[2011.10.07 22:52:16 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011.10.07 12:47:20 | 000,190,976 | ---- | C] () -- C:\Windows\SysNative\APOMgr64.DLL
[2011.10.07 12:47:20 | 000,148,480 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2011.10.07 12:47:20 | 000,089,088 | ---- | C] () -- C:\Windows\SysNative\CmdRtr64.DLL
[2011.10.07 12:47:20 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2011.10.07 12:47:20 | 000,000,159 | RH-- | C] () -- C:\Windows\ctfile.rfc
[2011.09.28 10:15:52 | 000,007,680 | ---- | C] () -- C:\Windows\SysWow64\enlocstr.exe
[2011.09.28 10:15:52 | 000,002,560 | ---- | C] () -- C:\Windows\SysWow64\CtxfiRes.dll
[2011.09.28 10:15:50 | 000,321,512 | ---- | C] () -- C:\Windows\SysWow64\ctdlang.dat
[2011.09.28 10:15:50 | 000,056,509 | ---- | C] () -- C:\Windows\SysWow64\ctdnlstr.dat
[2011.09.28 10:15:50 | 000,021,208 | ---- | C] () -- C:\Windows\SysWow64\instwdm.ini
[2011.08.28 23:35:34 | 000,000,029 | ---- | C] () -- C:\Windows\sfbm.INI
[2011.08.22 00:34:28 | 000,007,604 | ---- | C] () -- C:\Users\MAB\AppData\Local\Resmon.ResmonCfg
[2011.08.19 11:54:22 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2011.08.13 13:11:33 | 000,001,628 | ---- | C] () -- C:\Windows\Sandboxie.ini
[2011.08.12 09:46:09 | 000,000,272 | ---- | C] () -- C:\Windows\lgfwup.ini
[2011.08.11 20:00:24 | 000,271,200 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011.08.11 20:00:23 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011.08.11 20:00:22 | 000,000,300 | ---- | C] () -- C:\Windows\game.ini
[2011.08.11 19:13:35 | 000,000,079 | ---- | C] () -- C:\Users\MAB\AppData\Local\CrystalDiskMark30.ini
[2011.08.11 17:55:35 | 000,030,528 | ---- | C] () -- C:\Windows\GVTDrv64.sys
[2011.08.11 17:09:02 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\mvcli.ini
[2011.08.11 16:58:36 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\drivers\IntelMEFWVer.dll
[2011.08.11 12:21:28 | 000,017,408 | ---- | C] () -- C:\Users\MAB\AppData\Local\WebpageIcons.db
[2011.08.04 22:35:55 | 000,000,285 | ---- | C] () -- C:\Windows\SysWow64\kill.ini
[2011.08.04 22:23:51 | 000,000,054 | ---- | C] () -- C:\Windows\SysWow64\ctzapxx.ini
[2011.08.03 02:31:54 | 000,311,912 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2011.04.09 17:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011.02.25 05:09:44 | 002,365,440 | ---- | C] () -- C:\Windows\SysWow64\MvAccelerator.dll
[2011.02.25 04:58:40 | 000,061,440 | ---- | C] () -- C:\Windows\SysWow64\mvwin.dll
[2011.02.25 04:58:36 | 000,158,208 | ---- | C] () -- C:\Windows\SysWow64\mv2f.dll
[2011.02.25 04:57:34 | 000,014,376 | ---- | C] () -- C:\Windows\SysWow64\Mv_Process.sys
[2011.01.20 08:39:54 | 000,141,824 | ---- | C] () -- C:\Windows\SysWow64\eventshare.dll
[2010.06.25 18:03:12 | 000,053,299 | ---- | C] () -- C:\Windows\SysWow64\pthreadVC.dll
[2009.09.30 02:44:52 | 000,000,127 | ---- | C] () -- C:\Windows\zraidtray.ini
[2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

< End of report >

**kira** · 04.11.2011, 07:58

zu ZoneAlarm - ich würde an deiner Stelle überlegen ihn zu deinstallieren:
möchte Dir dafür 4 Gründe nennen, warum von Deinem System entfernen solltest:
1. In der letzten Zeit bei viele PC`s akutes Problem verbreitet hat, wie z.B.:
"Tastatur reagiert langsam, System plötzlich langsam wird, Desktopsymbole verschwunden, Programme reagieren verzögert, Abstürze usw..."

2. Bis auf die Tatsache, dass der Hersteller seine Unkosten durch "Adware " finanziert, daher für mich sieht das nicht seriös aus!!

IE - HKLM\..\URLSearchHook: {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Program Files (x86)\ZoneAlarm-Sicherheit\prxtbZone.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Program Files (x86)\ZoneAlarm-Sicherheit\prxtbZone.dll (Conduit Ltd.)
O2 - BHO: (ZoneAlarm-Sicherheit Toolbar) - {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Program Files (x86)\ZoneAlarm-Sicherheit\prxtbZone.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (ZoneAlarm-Sicherheit Toolbar) - {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Program Files (x86)\ZoneAlarm-Sicherheit\prxtbZone.dll (Conduit Ltd.)

solange ZA installiert, nach Entfernung installiert sich Conduit eh wieder...
3. meiner Meinung nach ZA-Firewall + AV-Kaspersky (beide sind relativ stark), das Systemleistung sehr beeinflussen/beanspruchen können
4. Der Angreifer kann sich jeder Zeit erhöhte Rechte verschaffen, Firewall und Virenschutz manipulieren und abschalten!

ich würde entweder AV-Kaspersky + Firewall (falls vorhanden) von Kaspersky einschalten bzw nutzen
Oder AV-Kaspersky + die Windows eigene Firewall einschalten

wie entscheidest Du dich?

**Hero** · 04.11.2011, 17:38

Ich entscheide mich für Kaspersky + Windows Firewall.

**Hero** · 04.11.2011, 18:11

Wenn ich in Crysis 2 bin dann stimmt etwas mit der Maus nicht mehr, das Fadenkreuz bewegt sich nicht mehr sauber, statt dessen ruckelt es leicht und das obwohl ich genügend FPS für ein flüssiges Spielen habe. Zudem habe ich gerade in meinen Headset gehört wie sich zwei unterhalten haben und das obwohl ich nicht im Spiel war und sonst auch keine anderen Programme an hatte, das soetwas verursachen könnte.

Thema: "(file missing)"

Themen-Optionen

"(file missing)"

AW: "(file missing)"

AW: "(file missing)"

AW: "(file missing)"

AW: "(file missing)"

AW: "(file missing)"

AW: "(file missing)"

AW: "(file missing)"

AW: "(file missing)"

AW: "(file missing)"

Aktive Benutzer

Aktive Benutzer

Ähnliche Themen

Windows 7 O23 - Service reported (incorrectly) as "file missing", safe to delete?

Windows 7 x64 // Hilfe bzg. Trojaner + "missing file" Einträge

Problem Dateien/Schlüssel, "unknown owner" + "file missing"

"file missing"? Warum schaut HJT im falschen ordner?

entfernen von unnötigen "file missing" einträgen

Berechtigungen