Falsche Websites (T-Online Navigationshilfe anstelle von Youtube)

NoMonkey89 · 14.09.2011, 18:26

Hallo!
Ich habe jetzt seit einiger Zeit das Problem, dass wenn ich z.B. auf www.youtube.com gehen möchte, ich auf hxxp://navigationshilfe1.t-online.de/dnserror?url=hxxp://www.youtube.com/#! lande.
Oder wenn ich auf eine Wikipediaseite gehe z.B. hxxp://de.wikipedia.org/wiki/Multi-Agenten-Simulation lande ich auf www.adac.de/wiki/Multi-Agenten-Simulation.
Manchmal komme ich bei den "kaputten" Seiten auch einfach auf eine Seite wo "404 - Not found" steht.
Der Fehler tritt immer mal auf und geht auch immer mal wieder von alleine weg. Der Fehler tritt auf allen PCs im WLAN sowie LAN auf.
Rücksetzen des Routers (Gigaset SE515) auf Werkseinstellungen hat auch garnichts gebracht. Genausowenig Chronik, Cookies, etc. löschen.
Die Seiten welche anstelle meiner gewünschten Seiten angezeigt werden sind unterschiedlich. Am häufigsten ist es jedoch die T-Online Navigationshilfe.
Hoffe ihr könnt mir irgendwie helfen.
Hier unten ist noch das was OLT ausgespuckt hat und mein IP config. Hab irgendwie den verdacht, dass es was mit DNS zutun haben könnte.
Grüße,
Kilian

Code:

ATTFilter

Windows IP Configuration


Ethernet adapter Bluetooth Network Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :

Wireless LAN adapter Wireless Network Connection 2:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :

Wireless LAN adapter Wireless Network Connection:

   Connection-specific DNS Suffix  . : home
   Link-local IPv6 Address . . . . . : fe80::6857:7eda:d707:a14e%11
   IPv4 Address. . . . . . . . . . . : 192.168.1.4
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.1.1

Ethernet adapter Local Area Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :

Tunnel adapter Reusable ISATAP Interface {18C587FE-A05C-431F-8B6F-F7D75BE7B0F1}:


   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : home

Tunnel adapter isatap.{49AA11B7-E1F7-4DB5-A137-D08D325849F7}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :

Tunnel adapter isatap.{AEE6AE80-5196-477B-9CAA-E453D0E2284E}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :

Tunnel adapter Local Area Connection* 11:

   Connection-specific DNS Suffix  . :
   IPv6 Address. . . . . . . . . . . : 2001:0:3e9d:8c85:c7a:30aa:3f57:fefb
   Link-local IPv6 Address . . . . . : fe80::c7a:30aa:3f57:fefb%20
   Default Gateway . . . . . . . . . : ::

Code:

ATTFilter

OTL logfile created on: 14.09.2011 19:05:27 - Run 1
OTL by OldTimer - Version 3.2.28.0     Folder = C:\Users\Kilian\Desktop
64bit- An unknown product Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,80 Gb Total Physical Memory | 2,01 Gb Available Physical Memory | 52,78% Memory free
7,60 Gb Paging File | 5,67 Gb Available in Paging File | 74,52% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 97,56 Gb Total Space | 50,09 Gb Free Space | 51,34% Space Free | Partition Type: NTFS
Drive D: | 97,66 Gb Total Space | 18,62 Gb Free Space | 19,07% Space Free | Partition Type: NTFS
Drive E: | 102,78 Gb Total Space | 64,58 Gb Free Space | 62,84% Space Free | Partition Type: NTFS
Drive F: | 5,81 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive I: | 931,51 Gb Total Space | 617,71 Gb Free Space | 66,31% Space Free | Partition Type: NTFS
 
Computer Name: KILIAN-NOTEBOOK | User Name: Kilian | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Kilian\Desktop\OTL.exe (OldTimer Tools)
PRC - D:\Programme\AnyDVD\AnyDVDtray.exe (SlySoft, Inc.)
PRC - C:\Users\Kilian\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
PRC - D:\Programme\Avast\AvastUI.exe (AVAST Software)
PRC - D:\Programme\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
PRC - D:\Programme\Orbirt Downloader\orbitdm.exe (Orbitdownloader.com)
PRC - D:\Programme\Orbirt Downloader\orbitnet.exe (Orbitdownloader.com)
PRC - C:\Windows\SysWOW64\ZoneLabs\vsmon.exe (Check Point Software Technologies LTD)
PRC - D:\Programme\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
PRC - C:\Program Files (x86)\Hotkey OSD Driver\HotKeyOSD.exe (Dritek System Inc.)
PRC - C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe (Broadcom Corporation.)
PRC - C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe ()
PRC - D:\Programme\Star Office\program\soffice.bin (Sun Microsystems, Inc.)
PRC - D:\Programme\Star Office\program\soffice.exe (Sun Microsystems, Inc.)
 
 
========== Modules (No Company Name) ==========
 
MOD - D:\Programme\Orbirt Downloader\wtlctrl.dll ()
MOD - C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll ()
MOD - D:\Programme\Star Office\program\libxml2.dll ()
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - (btwdins) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV:64bit: - (msvsmon90) -- C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe (Microsoft Corporation)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (avast! Antivirus) -- D:\Programme\Avast\AvastSvc.exe (AVAST Software)
SRV - (npggsvc) -- C:\Windows\SysWow64\GameMon.des (INCA Internet Co., Ltd.)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
SRV - (vsmon) -- C:\Windows\SysWOW64\ZoneLabs\vsmon.exe (Check Point Software Technologies LTD)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (OMSI download service) -- C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe ()
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (atksgt) -- C:\Windows\SysNative\drivers\atksgt.sys ()
DRV:64bit: - (lirsgt) -- C:\Windows\SysNative\drivers\lirsgt.sys ()
DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software)
DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software)
DRV:64bit: - (aswTdi) -- C:\Windows\SysNative\drivers\aswTdi.sys (AVAST Software)
DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr.sys (AVAST Software)
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (aswFsBlk) -- C:\Windows\SysNative\drivers\aswFsBlk.sys (AVAST Software)
DRV:64bit: - (nvpciflt) -- C:\Windows\SysNative\drivers\nvpciflt.sys (NVIDIA Corporation)
DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (ElbyCDIO) -- C:\Windows\SysNative\drivers\ElbyCDIO.sys (Elaborate Bytes AG)
DRV:64bit: - (AnyDVD) -- C:\Windows\SysNative\drivers\AnyDVD.sys (SlySoft, Inc.)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (Vsdatant) -- C:\Windows\SysNative\drivers\vsdatant.sys (Check Point Software Technologies LTD)
DRV:64bit: - (rtl8192se) -- C:\Windows\SysNative\drivers\rtl8192se.sys (Realtek Semiconductor Corporation                           )
DRV:64bit: - (Impcd) -- C:\Windows\SysNative\drivers\Impcd.sys (Intel Corporation)
DRV:64bit: - (IntcDAud) Intel(R) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (L1C) -- C:\Windows\SysNative\drivers\L1C62x64.sys (Atheros Communications, Inc.)
DRV:64bit: - (fspad_wlh64) -- C:\Windows\SysNative\drivers\fspad_wlh64.sys (Sentelic Corporation)
DRV:64bit: - (s1039unic) Sony Ericsson Device 1039 USB Ethernet Emulation (WDM) -- C:\Windows\SysNative\drivers\s1039unic.sys (MCCI Corporation)
DRV:64bit: - (s1039obex) -- C:\Windows\SysNative\drivers\s1039obex.sys (MCCI Corporation)
DRV:64bit: - (s1039nd5) Sony Ericsson Device 1039 USB Ethernet Emulation (NDIS) -- C:\Windows\SysNative\drivers\s1039nd5.sys (MCCI Corporation)
DRV:64bit: - (s1039mgmt) Sony Ericsson Device 1039 USB WMC Device Management Drivers (WDM) -- C:\Windows\SysNative\drivers\s1039mgmt.sys (MCCI Corporation)
DRV:64bit: - (s1039mdm) -- C:\Windows\SysNative\drivers\s1039mdm.sys (MCCI Corporation)
DRV:64bit: - (s1039mdfl) -- C:\Windows\SysNative\drivers\s1039mdfl.sys (MCCI Corporation)
DRV:64bit: - (s1039bus) Sony Ericsson Device 1039 driver (WDM) -- C:\Windows\SysNative\drivers\s1039bus.sys (MCCI Corporation)
DRV:64bit: - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.)
DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.)
DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\drivers\btwrchid.sys (Broadcom Corporation.)
DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions)
DRV:64bit: - (btusbflt) -- C:\Windows\SysNative\drivers\btusbflt.sys (Broadcom Corporation.)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (USBMULCD) -- C:\Windows\SysNative\drivers\CM10664.sys (C-Media Electronics Inc)
DRV:64bit: - (btwl2cap) -- C:\Windows\SysNative\drivers\btwl2cap.sys (Broadcom Corporation.)
DRV:64bit: - (s816bus) Sony Ericsson Device 816 driver (WDM) -- C:\Windows\SysNative\drivers\s816bus.sys (MCCI Corporation)
DRV - (AnyDVD) -- C:\Windows\SysWOW64\drivers\AnyDVD.sys (SlySoft, Inc.)
DRV - (Vsdatant) -- C:\Windows\SysWOW64\drivers\vsdatant.sys (Check Point Software Technologies LTD)
DRV - (VSPerfDrv100) -- D:\Programme\Visual Studio 2010\Team Tools\Performance Tools\x64\VSPerfDrv100.sys (Microsoft Corporation)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (NPPTNT2) -- C:\Windows\SysWOW64\npptNT2.sys (INCA Internet Co., Ltd.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 80 89 C4 0D 02 35 CC 01  [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: D:\Programme\Java\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@Webzen.com/NPGameWebStarter: C:\Program Files (x86)\WEBZEN\WebzenGameStarter\NPGameWebStarter.dll (WEBZEN)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Kilian\AppData\Local\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Kilian\AppData\Local\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Kilian\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.10\extensions\\Components: D:\Programme\Thunderbird\components [2011.08.25 16:48:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.10\extensions\\Plugins: D:\Programme\Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 6.0.2\extensions\\Components: D:\Programme\Thunderbird\components [2011.08.25 16:48:35 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 6.0.2\extensions\\Plugins: D:\Programme\Thunderbird\plugins
 
[2011.05.08 16:05:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kilian\AppData\Roaming\Mozilla\Extensions
[2011.05.08 16:05:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kilian\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011.07.29 20:10:59 | 000,000,000 | ---D | M] (Lightning) -- C:\USERS\KILIAN\APPDATA\ROAMING\THUNDERBIRD\PROFILES\A38DQ26O.DEFAULT\EXTENSIONS\{E2FDA1A4-762B-4020-B5AD-A41DF1933103}
 
O1 HOSTS File: ([2011.05.08 16:04:05 | 000,002,601 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 adobeereg.com
O1 - Hosts: 127.0.0.1 www.adobeereg.com
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 192.150.18.108
O1 - Hosts: 127.0.0.1 activate.adobe.com:443
O1 - Hosts: 127.0.0.1 3dns.adobe.com
O1 - Hosts: 127.0.0.1 3dns-1.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-4.adobe.com
O1 - Hosts: 127.0.0.1 adobeereg.com
O1 - Hosts: 127.0.0.1 www.adobeereg.com
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 192.150.18.108
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-1.adobe.com
O1 - Hosts: 35 more lines...
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - D:\Programme\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (Octh Class) - {000123B4-9B42-4900-B3F7-F4B073EFC214} - D:\Programme\Orbirt Downloader\orbitcth.dll (Orbitdownloader.com)
O2 - BHO: (FGCatchUrl) - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - D:\Programme\FlashGet\jccatch.dll (www.flashget.com)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Programme\Java\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - D:\Programme\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Programme\Java\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Microsoft-Webtestaufzeichnung 10.0-Hilfsprogramm) - {DDA57003-0068-4ed2-9D32-4D1EC707D94D} - D:\Programme\Visual Studio 2010\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll (Microsoft Corporation)
O2 - BHO: (FlashGet GetFlash Class) - {F156768E-81EF-470C-9057-481BA8380DBA} - D:\Programme\FlashGet\getflash.dll (www.flashget.com)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - D:\Programme\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - D:\Programme\Avast\aswWebRepIE.dll (AVAST Software)
O3:64bit: - HKCU\..\Toolbar\WebBrowser - No CLSID value found.
O3: - HKCU\..\Toolbar\WebBrowser - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No CLSID value found.
O4:64bit: - HKLM..\Run: [Cm106Sound] C:\Windows\Syswow64\cm106.dll (C-Media Corporation)
O4:64bit: - HKLM..\Run: [fspuip] C:\Program Files\FSP\FspUip.exe (Sentelic Corporation)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [avast] D:\Programme\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [HotKeyOSD] C:\Program Files (x86)\Hotkey OSD Driver\HotKeyOSD.exe (Dritek System Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] "D:\Programme\Java\bin\jusched.exe" File not found
O4 - HKLM..\Run: [TQ566808] "F:\Setup.exe" File not found
O4 - HKLM..\Run: [ZoneAlarm Client] D:\Programme\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
O4 - HKCU..\Run: [AnyDVD] D:\Programme\AnyDVD\AnyDVDtray.exe (SlySoft, Inc.)
O4 - HKCU..\Run: [ICQ] D:\Programme\ICQ7.5\ICQ.exe (ICQ, LLC.)
O4 - Startup: C:\Users\Kilian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Kilian\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Kilian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\StarOffice 8.lnk = D:\Programme\Star Office\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8:64bit: - Extra context menu item: &Alles mit FlashGet laden - D:\Programme\FlashGet\JC_ALL.HTM ()
O8:64bit: - Extra context menu item: &Download by Orbit - D:\Programme\Orbirt Downloader\orbitmxt.dll (Orbitdownloader.com)
O8:64bit: - Extra context menu item: &Grab video by Orbit - D:\Programme\Orbirt Downloader\orbitmxt.dll (Orbitdownloader.com)
O8:64bit: - Extra context menu item: &Mit FlashGet laden - D:\Programme\FlashGet\JC_LINK.HTM ()
O8:64bit: - Extra context menu item: An vorhandene PDF-Datei anfügen - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html File not found
O8:64bit: - Extra context menu item: Do&wnload selected by Orbit - D:\Programme\Orbirt Downloader\orbitmxt.dll (Orbitdownloader.com)
O8:64bit: - Extra context menu item: Down&load all by Orbit - D:\Programme\Orbirt Downloader\orbitmxt.dll (Orbitdownloader.com)
O8:64bit: - Extra context menu item: In Adobe PDF konvertieren - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html File not found
O8:64bit: - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html File not found
O8:64bit: - Extra context menu item: Linkziel in Adobe PDF konvertieren - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html File not found
O8:64bit: - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: &Alles mit FlashGet laden - D:\Programme\FlashGet\JC_ALL.HTM ()
O8 - Extra context menu item: &Download by Orbit - D:\Programme\Orbirt Downloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: &Grab video by Orbit - D:\Programme\Orbirt Downloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: &Mit FlashGet laden - D:\Programme\FlashGet\JC_LINK.HTM ()
O8 - Extra context menu item: An vorhandene PDF-Datei anfügen - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html File not found
O8 - Extra context menu item: Do&wnload selected by Orbit - D:\Programme\Orbirt Downloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Down&load all by Orbit - D:\Programme\Orbirt Downloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: In Adobe PDF konvertieren - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html File not found
O8 - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html File not found
O8 - Extra context menu item: Linkziel in Adobe PDF konvertieren - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html File not found
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - D:\Programme\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - D:\Programme\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\Programme\FlashGet\flashget.exe (FlashGet.com)
O9 - Extra 'Tools' menuitem : FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\Programme\FlashGet\flashget.exe (FlashGet.com)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4A5B4F39-AB7A-48A7-B16A-721C9A2C7E67}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) -C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.11.05 07:15:47 | 000,000,000 | RH-D | M] - I:\autorun -- [ NTFS ]
O32 - AutoRun File - [2002.10.16 20:56:50 | 000,000,036 | RH-- | M] () - I:\autorun.inf -- [ NTFS ]
O33 - MountPoints2\{345d2deb-795d-11e0-9c4c-c80aa96893c1}\Shell - "" = AutoRun
O33 - MountPoints2\{345d2deb-795d-11e0-9c4c-c80aa96893c1}\Shell\AutoRun\command - "" = H:\Setup.exe
O33 - MountPoints2\{acec8c49-cee9-11e0-b728-000df0840df2}\Shell - "" = AutoRun
O33 - MountPoints2\{acec8c49-cee9-11e0-b728-000df0840df2}\Shell\AutoRun\command - "" = G:\Startme.exe
O33 - MountPoints2\{c139179f-93fd-11e0-ad2c-c80aa96893c1}\Shell - "" = AutoRun
O33 - MountPoints2\{c139179f-93fd-11e0-ad2c-c80aa96893c1}\Shell\AutoRun\command - "" = G:\LaunchU3.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
 
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.09.14 18:46:28 | 000,581,632 | ---- | C] (OldTimer Tools) -- C:\Users\Kilian\Desktop\OTL.exe
[2011.09.14 08:40:06 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices
[2011.09.13 14:29:29 | 008,126,464 | R--- | C] (C-Media Corporation) -- C:\Windows\SysWow64\CM106.dll
[2011.09.13 14:29:28 | 000,200,704 | R--- | C] (C-Media) -- C:\Windows\SysWow64\cmpa106.dll
[2011.09.13 14:27:46 | 001,306,624 | ---- | C] (C-Media Electronics Inc) -- C:\Windows\SysNative\drivers\CM10664.sys
[2011.09.13 14:27:46 | 000,315,392 | ---- | C] (C-Media Electronics Inc.) -- C:\Windows\System\fltr106.dll
[2011.09.13 10:27:55 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Roaming\StarOffice8
[2011.09.13 10:26:33 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarOffice 8
[2011.09.12 18:33:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 2.5
[2011.09.07 10:40:08 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
[2011.09.07 10:39:32 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Roaming\Dropbox
[2011.09.07 08:31:25 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programmieren
[2011.09.06 17:54:50 | 000,000,000 | ---D | C] -- C:\ProgramData\DVD Shrink
[2011.09.06 17:54:06 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Roaming\Gutscheinmieze
[2011.09.06 17:50:45 | 000,000,000 | ---D | C] -- C:\Users\Kilian\Documents\AnyDVDHD
[2011.09.06 17:47:59 | 000,000,000 | ---D | C] -- C:\ProgramData\SlySoft
[2011.09.04 16:47:32 | 000,000,000 | ---D | C] -- C:\Users\Kilian\Desktop\Videos
[2011.09.04 16:41:28 | 000,719,872 | ---- | C] (Abysmal Software) -- C:\Windows\SysWow64\devil.dll
[2011.09.04 16:41:28 | 000,369,152 | ---- | C] (The Public) -- C:\Windows\SysWow64\avisynth.dll
[2011.09.04 16:41:25 | 000,070,656 | ---- | C] (www.helixcommunity.org) -- C:\Windows\SysWow64\yv12vfw.dll
[2011.09.04 16:41:25 | 000,070,656 | ---- | C] (www.helixcommunity.org) -- C:\Windows\SysWow64\i420vfw.dll
[2011.09.04 16:41:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AviSynth 2.5
[2011.09.01 12:19:56 | 000,000,000 | ---D | C] -- C:\Users\Kilian\.idlerc
[2011.09.01 12:08:59 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Roaming\Notepad++
[2011.08.30 10:40:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
[2011.08.29 11:07:06 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Messaging
[2011.08.29 11:06:56 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Multimedia
[2011.08.29 11:06:45 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Uni
[2011.08.29 11:04:15 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2011.08.25 16:55:40 | 000,000,000 | ---D | C] -- C:\ProgramData\BVRP Software
[2011.08.25 16:52:22 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\Sony
[2011.08.25 16:52:16 | 000,000,000 | ---D | C] -- C:\Users\Kilian\Podcasts
[2011.08.25 16:52:16 | 000,000,000 | ---D | C] -- C:\Users\Kilian\Documents\Media Go
[2011.08.25 16:50:06 | 000,148,736 | ---- | C] (Avanquest Software) -- C:\ProgramData\hpe717F.dll
[2011.08.25 16:49:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Sony Shared
[2011.08.25 16:49:05 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\Downloaded Installations
[2011.08.25 16:49:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony Corporation
[2011.08.25 16:49:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sony
[2011.08.25 16:48:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2011.08.25 16:47:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2011.08.25 16:47:29 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\Apple
[2011.08.25 16:47:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2011.08.25 16:47:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2011.08.25 16:44:00 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Roaming\Sony Setup
[2011.08.25 16:44:00 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Roaming\Sony
[2011.08.25 16:41:10 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\Sony Ericsson
[2011.08.25 16:40:57 | 000,161,904 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\s1039mdm.sys
[2011.08.25 16:40:57 | 000,158,320 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\s1039unic.sys
[2011.08.25 16:40:57 | 000,141,424 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\s1039mgmt.sys
[2011.08.25 16:40:57 | 000,137,328 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\s1039obex.sys
[2011.08.25 16:40:57 | 000,127,600 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\s1039bus.sys
[2011.08.25 16:40:57 | 000,034,416 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\s1039nd5.sys
[2011.08.25 16:40:57 | 000,019,568 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\s1039mdfl.sys
[2011.08.25 16:40:57 | 000,015,984 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\s1039whnt.sys
[2011.08.25 16:40:57 | 000,015,984 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\s1039wh.sys
[2011.08.25 16:40:57 | 000,015,472 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\s1039cmnt.sys
[2011.08.25 16:40:57 | 000,015,472 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\s1039cm.sys
[2011.08.25 16:40:57 | 000,014,960 | ---- | C] (MCCI Corporation) -- C:\Windows\SysNative\drivers\s1039cr.sys
[2011.08.25 16:40:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony Ericsson
[2011.08.25 16:40:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sony Ericsson
[2011.08.24 17:32:02 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Local\Risen
[2011.08.24 16:49:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2011.08.24 16:32:50 | 004,063,280 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\SysWow64\GameMon.des
[2011.08.24 16:31:53 | 000,004,682 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\SysWow64\npptNT2.sys
[2011.08.24 16:31:52 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\INCA Shared
[2011.08.24 14:20:10 | 000,364,912 | ---- | C] (WEBZEN) -- C:\Windows\SysWow64\CMStarterCore.exe
[2011.08.24 14:20:10 | 000,053,616 | ---- | C] (WEBZEN) -- C:\Windows\SysWow64\CMStarter_Kor.dll
[2011.08.24 14:20:10 | 000,053,616 | ---- | C] (WEBZEN) -- C:\Windows\SysWow64\CMStarter_Eng.dll
[2011.08.24 14:20:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WEBZEN
[2011.08.19 14:31:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\7-Zip
[2011.08.19 12:33:18 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Roaming\NaturalGrafiX
[2011.08.18 14:35:13 | 000,000,000 | ---D | C] -- C:\Users\Kilian\AppData\Roaming\Amazon
[2011.08.17 21:24:40 | 000,000,000 | ---D | C] -- C:\Users\Kilian\Documents\Prototype
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2011.09.14 19:07:03 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4266435874-1497137412-241179680-1000UA.job
[2011.09.14 18:46:10 | 000,581,632 | ---- | M] (OldTimer Tools) -- C:\Users\Kilian\Desktop\OTL.exe
[2011.09.14 18:44:15 | 000,050,477 | ---- | M] () -- C:\Users\Kilian\Desktop\Defogger.exe
[2011.09.14 16:25:08 | 000,871,626 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.09.14 16:25:08 | 000,717,928 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.09.14 16:25:08 | 000,145,950 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.09.14 16:21:17 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.09.14 08:44:12 | 000,015,344 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.09.14 08:44:12 | 000,015,344 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.09.14 08:36:29 | 000,000,040 | -HS- | M] () -- C:\ProgramData\.zreglib
[2011.09.14 08:35:23 | 3062,255,616 | -HS- | M] () -- C:\hiberfil.sys
[2011.09.13 22:07:00 | 000,001,072 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4266435874-1497137412-241179680-1000Core.job
[2011.09.13 14:32:01 | 004,892,648 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011.09.13 14:29:35 | 000,000,374 | ---- | M] () -- C:\Windows\Cm106.ini.cfl
[2011.09.13 14:29:27 | 000,000,133 | ---- | M] () -- C:\Windows\System\Dlap.pfx
[2011.09.13 14:29:23 | 000,000,744 | ---- | M] () -- C:\Windows\Cm106.ini.imi
[2011.09.13 14:27:28 | 000,000,693 | ---- | M] () -- C:\Windows\System\Cm106.ini
[2011.09.13 10:28:36 | 000,000,789 | ---- | M] () -- C:\Users\Kilian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\StarOffice 8.lnk
[2011.09.12 18:37:07 | 000,004,986 | ---- | M] () -- C:\Users\Kilian\Desktop\Level1Egg.egg
[2011.09.12 17:59:03 | 000,000,755 | ---- | M] () -- C:\Users\Kilian\Desktop\Blender 2.4.lnk
[2011.09.08 00:56:48 | 000,000,825 | ---- | M] () -- C:\Users\Kilian\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Thunderbird.lnk
[2011.09.07 10:40:16 | 000,001,027 | ---- | M] () -- C:\Users\Kilian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2011.09.05 16:08:22 | 005,435,551 | ---- | M] () -- C:\Users\Kilian\Desktop\03 - Geburtstagsjodler.mp3
[2011.08.29 22:30:37 | 000,007,647 | ---- | M] () -- C:\Users\Kilian\AppData\Local\Resmon.ResmonCfg
[2011.08.29 10:59:10 | 000,045,502 | ---- | M] () -- C:\Users\Kilian\.recently-used.xbel
[2011.08.28 15:12:22 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2011.08.28 00:04:28 | 001,444,794 | ---- | M] () -- C:\Users\Kilian\Desktop\Max Boublil - Depuis que tu nes plus lÃ*.mp3
[2011.08.27 23:28:33 | 004,851,408 | ---- | M] () -- C:\Users\Kilian\Desktop\9783830434382.pdf
[2011.08.27 23:28:32 | 011,493,674 | ---- | M] () -- C:\Users\Kilian\Desktop\978-3-89416-014-2.pdf
[2011.08.27 23:28:30 | 006,304,346 | ---- | M] () -- C:\Users\Kilian\Desktop\978-3-8304-2224-2.pdf
[2011.08.25 16:50:06 | 000,148,736 | ---- | M] (Avanquest Software) -- C:\ProgramData\hpe717F.dll
[2011.08.24 16:49:41 | 000,314,016 | ---- | M] () -- C:\Windows\SysNative\drivers\atksgt.sys
[2011.08.24 16:49:40 | 000,043,680 | ---- | M] () -- C:\Windows\SysNative\drivers\lirsgt.sys
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2011.09.14 18:45:11 | 000,050,477 | ---- | C] () -- C:\Users\Kilian\Desktop\Defogger.exe
[2011.09.13 14:29:34 | 000,491,520 | R--- | C] () -- C:\Windows\System\cmau106.dll
[2011.09.13 14:29:34 | 000,389,120 | R--- | C] () -- C:\Windows\SysNative\CM106.cpl
[2011.09.13 14:29:34 | 000,221,184 | R--- | C] () -- C:\Windows\System\cm106eye.exe
[2011.09.13 14:29:34 | 000,143,360 | R--- | C] () -- C:\Windows\Vmix106.dll
[2011.09.13 14:29:27 | 000,000,374 | ---- | C] () -- C:\Windows\Cm106.ini.cfl
[2011.09.13 14:29:23 | 000,779,776 | R--- | C] () -- C:\Windows\SysNative\Cmeau106.exe
[2011.09.13 14:29:23 | 000,000,133 | ---- | C] () -- C:\Windows\System\Dlap.pfx
[2011.09.13 14:27:28 | 000,354,304 | R--- | C] () -- C:\Windows\SysNative\CmiInstallResAll64.dll
[2011.09.13 14:27:28 | 000,002,391 | R--- | C] () -- C:\Windows\Cm106.ini.cfg
[2011.09.13 14:27:28 | 000,000,744 | ---- | C] () -- C:\Windows\Cm106.ini.imi
[2011.09.13 10:28:36 | 000,000,789 | ---- | C] () -- C:\Users\Kilian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\StarOffice 8.lnk
[2011.09.12 18:37:07 | 000,004,986 | ---- | C] () -- C:\Users\Kilian\Desktop\Level1Egg.egg
[2011.09.12 18:07:43 | 000,364,032 | ---- | C] () -- C:\Windows\System\SDL.dll
[2011.09.12 18:07:29 | 000,364,032 | ---- | C] () -- C:\Windows\SysNative\SDL.dll
[2011.09.12 17:59:03 | 000,000,755 | ---- | C] () -- C:\Users\Kilian\Desktop\Blender 2.4.lnk
[2011.09.07 10:40:16 | 000,001,027 | ---- | C] () -- C:\Users\Kilian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2011.09.06 17:47:51 | 000,000,040 | -HS- | C] () -- C:\ProgramData\.zreglib
[2011.09.05 18:25:53 | 005,435,551 | ---- | C] () -- C:\Users\Kilian\Desktop\03 - Geburtstagsjodler.mp3
[2011.09.04 16:41:25 | 000,027,648 | ---- | C] () -- C:\Windows\SysWow64\AVSredirect.dll
[2011.08.29 10:59:10 | 000,045,502 | ---- | C] () -- C:\Users\Kilian\.recently-used.xbel
[2011.08.28 10:41:42 | 000,057,948 | ---- | C] () -- C:\Users\Kilian\Desktop\Heinzel jpg.jpg
[2011.08.28 00:02:10 | 001,444,794 | ---- | C] () -- C:\Users\Kilian\Desktop\Max Boublil - Depuis que tu nes plus lÃ*.mp3
[2011.08.27 23:28:32 | 004,851,408 | ---- | C] () -- C:\Users\Kilian\Desktop\9783830434382.pdf
[2011.08.27 23:28:30 | 011,493,674 | ---- | C] () -- C:\Users\Kilian\Desktop\978-3-89416-014-2.pdf
[2011.08.27 23:28:28 | 006,304,346 | ---- | C] () -- C:\Users\Kilian\Desktop\978-3-8304-2224-2.pdf
[2011.08.24 16:49:41 | 000,314,016 | ---- | C] () -- C:\Windows\SysNative\drivers\atksgt.sys
[2011.08.24 16:49:40 | 000,043,680 | ---- | C] () -- C:\Windows\SysNative\drivers\lirsgt.sys
[2011.08.24 16:31:53 | 000,005,174 | ---- | C] () -- C:\Windows\SysWow64\nppt9x.vxd
[2011.08.13 15:31:33 | 000,000,001 | ---- | C] () -- C:\Windows\SysWow64\SI.bin
[2011.06.15 14:37:53 | 000,000,600 | ---- | C] () -- C:\Users\Kilian\AppData\Local\PUTTY.RND
[2011.05.30 23:03:17 | 000,007,647 | ---- | C] () -- C:\Users\Kilian\AppData\Local\Resmon.ResmonCfg
[2011.05.24 18:21:18 | 000,007,168 | ---- | C] () -- C:\Users\Kilian\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.05.20 22:35:28 | 000,304,744 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2011.05.19 14:48:58 | 000,000,106 | ---- | C] () -- C:\ProgramData\.sdplic
[2011.05.12 20:54:34 | 000,000,316 | ---- | C] () -- C:\Windows\ODBC.INI
[2011.05.11 13:08:08 | 000,000,132 | ---- | C] () -- C:\Users\Kilian\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2011.05.08 12:43:54 | 000,857,538 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.04.09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011.02.11 19:15:08 | 000,874,048 | ---- | C] () -- C:\Windows\SysWow64\igkrng575.bin
[2010.08.25 19:34:30 | 000,127,868 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin
[2010.08.25 19:34:30 | 000,104,796 | ---- | C] () -- C:\Windows\SysWow64\igfcg575m.bin
[2009.07.14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2007.11.29 17:45:10 | 000,000,806 | R--- | C] () -- C:\Windows\cm106.ini
[2001.11.08 02:27:16 | 000,237,568 | ---- | C] () -- C:\Windows\SysWow64\glut32.dll
 
========== LOP Check ==========
 
[2011.08.18 14:35:13 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\Amazon
[2011.05.18 18:30:08 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\Blender Foundation
[2011.07.17 12:46:56 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\Canon
[2011.08.30 10:16:24 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011.08.30 10:21:20 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\com.adobe.AdobeStory.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011.05.08 12:37:57 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\DAEMON Tools Lite
[2011.09.14 18:47:03 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\Dropbox
[2011.06.05 15:00:45 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\FlashGet
[2011.08.29 10:59:10 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\gtk-2.0
[2011.09.06 17:54:06 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\Gutscheinmieze
[2011.09.14 19:03:20 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\ICQ
[2011.08.12 16:11:55 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\Kalypso Media
[2011.07.11 17:33:54 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\MonoDevelop-Unity
[2011.09.14 09:22:43 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\MyPhoneExplorer
[2011.08.19 12:33:18 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\NaturalGrafiX
[2011.09.01 12:13:38 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\Notepad++
[2011.05.17 13:00:44 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\OpenOffice.org
[2011.09.14 18:46:11 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\Orbit
[2011.05.18 15:27:40 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\PACE Anti-Piracy
[2011.06.06 19:31:11 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\ProgSense
[2011.05.19 14:53:36 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\Rational
[2011.08.25 16:52:15 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\Sony
[2011.08.25 16:46:03 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\Sony Setup
[2011.09.14 08:37:12 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\StarOffice8
[2011.05.08 14:13:16 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\Subversion
[2011.05.08 12:25:48 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\SystemRequirementsLab
[2011.07.11 19:40:10 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\The Longest Journey
[2011.07.11 16:17:33 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\The Path
[2011.05.08 16:05:50 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\Thunderbird
[2011.05.18 15:48:59 | 000,000,000 | ---D | M] -- C:\Users\Kilian\AppData\Roaming\Unity
[2011.08.28 09:04:36 | 000,032,620 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
 
< %SYSTEMDRIVE%\*. >
[2011.07.13 13:11:38 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2009.07.14 07:08:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2011.05.08 11:21:57 | 000,000,000 | ---D | M] -- C:\Intel
[2011.05.12 20:34:50 | 000,000,000 | RH-D | M] -- C:\MSOCache
[2011.05.08 12:18:56 | 000,000,000 | ---D | M] -- C:\NVIDIA
[2011.05.21 20:41:03 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2011.08.30 10:00:39 | 000,000,000 | R--D | M] -- C:\Program Files
[2011.09.04 16:41:23 | 000,000,000 | R--D | M] -- C:\Program Files (x86)
[2011.09.06 17:54:50 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2011.05.08 11:15:46 | 000,000,000 | -HSD | M] -- C:\Recovery
[2011.09.14 19:07:35 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2011.05.18 18:14:54 | 000,000,000 | ---D | M] -- C:\tmp
[2011.05.08 11:24:35 | 000,000,000 | R--D | M] -- C:\Users
[2011.09.14 08:35:20 | 000,000,000 | ---D | M] -- C:\Windows
 
< %PROGRAMFILES%\*.exe >
 
< %LOCALAPPDATA%\*.exe >
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.manifest /3 >
 
 
< MD5 for: EXPLORER.EXE  >
[2011.02.26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009.08.03 08:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009.10.31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010.11.20 15:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009.10.31 08:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011.02.26 08:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009.08.03 08:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
 
< MD5 for: REGEDIT.EXE  >
[2009.07.14 03:39:29 | 000,427,008 | ---- | M] (Microsoft Corporation) MD5=2E2C937846A0B8789E5E91739284D17A -- C:\Windows\winsxs\amd64_microsoft-windows-registry-editor_31bf3856ad364e35_6.1.7600.16385_none_5023a70bf589ad3e\regedit.exe
[2009.07.14 03:39:29 | 000,427,008 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\regedit.exe
[2009.07.14 03:14:30 | 000,398,336 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\SysWOW64\regedit.exe
[2009.07.14 03:14:30 | 000,398,336 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\winsxs\wow64_microsoft-windows-registry-editor_31bf3856ad364e35_6.1.7600.16385_none_5a78515e29ea6f39\regedit.exe
 
< MD5 for: USERINIT.EXE  >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
 
< MD5 for: WININIT.EXE  >
[2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe
[2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe
 
< MD5 for: WINLOGON.EXE  >
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.10.28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
 
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
 
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 1137 bytes -> C:\Users\Kilian\AppData\Local\rfbCSSm1KH2jsY:xybh1FenrKnlVfY3nX
@Alternate Data Stream - 1115 bytes -> C:\Users\Kilian\AppData\Local\Temp:Mohgi8RUS7kCnpma7

< End of report >

Falsche Websites (T-Online Navigationshilfe anstelle von Youtube)

Plagegeister aller Art und deren Bekämpfung: Falsche Websites (T-Online Navigationshilfe anstelle von Youtube)

Falsche Websites (T-Online Navigationshilfe anstelle von Youtube)

Ähnliche Themen: Falsche Websites (T-Online Navigationshilfe anstelle von Youtube)