Hallo,

habe heute spybot durchlaufen lassen und der hat den Trojaner (WIN32.BHO.acw)entdeckt, nur bekomm ich ihn nicht vom Rechner runter.Wie bekomm ich den denn runter vom Rechner?

Mit ner Spachtel abkratzen

Was soll ich mit der Info anfangen? Wo wurde er gefunden? Logfiles?

Wenn ich Dir sag mein Auto macht komisch, die Farbe is blau, kannst Du mir dann auch helfen?

Win32.BHO.acw: [SBI $6E6ECB72] Anwendungs-ID (Registrierungsdatenbank-Schlüssel, nothing done)
HKEY_CLASSES_ROOT\AppID\extension.DLL

DoubleClick: Verfolgender Cookie (Internet Explorer: Sweetheart) (Cookie, nothing done)


MediaPlex: Verfolgender Cookie (Internet Explorer: Sweetheart) (Cookie, nothing done)


MediaPlex: Verfolgender Cookie (Internet Explorer: Sweetheart) (Cookie, nothing done)



--- Spybot - Search & Destroy version: 1.6.2 (build: 20090126) ---

2009-01-26 blindman.exe (1.0.0.8)
2009-01-26 SDFiles.exe (1.6.1.7)
2009-01-26 SDMain.exe (1.0.0.6)
2009-01-26 SDShred.exe (1.0.2.5)
2009-01-26 SDUpdate.exe (1.6.0.12)
2009-01-26 SDWinSec.exe (1.0.0.12)
2009-01-26 SpybotSD.exe (1.6.2.46)
2009-01-26 TeaTimer.exe (1.6.4.26)
2009-11-28 unins000.exe (51.49.0.0)
2009-01-26 Update.exe (1.6.0.7)
2009-01-26 advcheck.dll (1.6.2.15)
2007-04-02 aports.dll (2.1.0.0)
2008-06-14 DelZip179.dll (1.79.11.1)
2009-01-26 SDHelper.dll (1.6.2.14)
2008-06-19 sqlite3.dll
2009-01-26 Tools.dll (2.1.6.10)
2009-01-16 UninsSrv.dll (1.0.0.0)
2009-10-08 Includes\Adware.sbi (*)
2009-11-24 Includes\AdwareC.sbi (*)
2009-01-22 Includes\Cookies.sbi (*)
2009-11-03 Includes\Dialer.sbi (*)
2009-11-24 Includes\DialerC.sbi (*)
2009-01-22 Includes\HeavyDuty.sbi (*)
2009-05-26 Includes\Hijackers.sbi (*)
2009-11-24 Includes\HijackersC.sbi (*)
2009-10-20 Includes\Keyloggers.sbi (*)
2009-11-24 Includes\KeyloggersC.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2009-11-24 Includes\Malware.sbi (*)
2009-11-25 Includes\MalwareC.sbi (*)
2009-03-25 Includes\PUPS.sbi (*)
2009-11-24 Includes\PUPSC.sbi (*)
2009-01-22 Includes\Revision.sbi (*)
2009-01-13 Includes\Security.sbi (*)
2009-11-24 Includes\SecurityC.sbi (*)
2008-06-03 Includes\Spybots.sbi (*)
2008-06-03 Includes\SpybotsC.sbi (*)
2009-11-03 Includes\Spyware.sbi (*)
2009-11-24 Includes\SpywareC.sbi (*)
2009-06-08 Includes\Tracks.uti
2009-11-17 Includes\Trojans.sbi (*)
2009-11-24 Includes\TrojansC.sbi (*)
2008-03-04 Plugins\Chai.dll
2008-03-05 Plugins\Fennel.dll
2008-02-26 Plugins\Mate.dll
2007-12-24 Plugins\TCPIPAddress.dll

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop

• Starte bitte die OTL.exe.
• Kopiere nun den Inhalt aus der Codebox in die Textbox.

Code: Alles auswählenAufklappen

ATTFilter

activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
%windir%\installer\*. /5
%localappdata%\*. /5
CREATERESTOREPOINT
         

• Schliesse bitte nun alle Programme. (Wichtig)
• Klicke nun bitte auf den Quick Scan Button.
• Kopiere nun den Inhalt aus OTL.txt und Extra.txt hier in Deinen Thread

OTL Logfile:

Code: Alles auswählenAufklappen

ATTFilter

OTL logfile created on: 12.10.2012 11:11:34 - Run 3
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Sweetheart\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,32 Gb Available Physical Memory | 44,16% Memory free
6,20 Gb Paging File | 3,80 Gb Available in Paging File | 61,30% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 298,09 Gb Total Space | 65,60 Gb Free Space | 22,01% Space Free | Partition Type: NTFS
 
Computer Name: KUSCHELMONSTER | User Name: Sweetheart | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.10.11 23:10:28 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Sweetheart\Downloads\OTL (1).exe
PRC - [2012.10.05 11:14:56 | 002,203,160 | ---- | M] () -- C:\ProgramData\Browser Manager\2.3.765.24\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe
PRC - [2012.10.03 23:57:42 | 000,711,112 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.0.0\ToolbarUpdater.exe
PRC - [2012.09.25 11:43:01 | 001,239,064 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2012.09.19 11:29:44 | 001,869,152 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe
PRC - [2012.09.19 11:29:42 | 001,699,168 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe
PRC - [2012.09.13 23:18:56 | 000,471,040 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2012.09.13 23:18:20 | 000,217,600 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2012.09.07 17:04:46 | 000,676,936 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.09.07 17:04:46 | 000,399,432 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012.09.07 17:04:44 | 000,766,536 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012.09.03 10:11:56 | 011,325,376 | ---- | M] (Innovative Solutions) -- C:\Program Files\Innovative Solutions\DriverMax\drivermax.exe
PRC - [2012.08.20 09:33:01 | 000,348,664 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.06.11 16:22:16 | 000,240,208 | ---- | M] (Microsoft Corporation.) -- C:\Program Files\Microsoft\BingBar\7.1.391.0\SeaPort.EXE
PRC - [2012.06.08 09:02:24 | 000,521,344 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Online Games Manager\ogmservice.exe
PRC - [2012.06.01 08:02:20 | 000,366,536 | ---- | M] (IncrediMail, Ltd.) -- C:\Program Files\IncrediMail\Bin\IncMail.exe
PRC - [2012.06.01 08:02:20 | 000,264,136 | ---- | M] (IncrediMail, Ltd.) -- C:\Program Files\IncrediMail\Bin\ImApp.exe
PRC - [2012.05.08 16:12:35 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.05.08 16:12:35 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2012.05.08 16:12:35 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2012.05.08 15:14:30 | 000,185,856 | ---- | M] () -- C:\Program Files\Web Assistant\ExtensionUpdaterService.exe
PRC - [2011.10.17 15:12:52 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2011.10.07 11:40:42 | 001,387,288 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPointP\SetPoint.exe
PRC - [2011.09.27 21:05:24 | 000,149,784 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
PRC - [2009.11.28 21:39:39 | 000,403,968 | ---- | M] (Hansenet) -- C:\Program Files\Alice\Signup\AliceCnn.exe
PRC - [2009.08.22 12:31:06 | 005,148,672 | ---- | M] () -- C:\Program Files\Rainlendar2\Rainlendar2.exe
PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.01.26 16:31:16 | 002,144,088 | RHS- | M] (Safer Networking Limited) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009.01.26 16:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2008.01.19 09:38:38 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2008.01.19 09:33:27 | 000,151,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\schtasks.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.10.12 11:06:21 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\f2691cfa7671cdc58179e56ba9227591\System.Windows.Forms.ni.dll
MOD - [2012.10.12 11:06:09 | 001,592,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\18f9789aa214c657113e676b3a9015aa\System.Drawing.ni.dll
MOD - [2012.10.12 11:05:25 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d2630342a066a7cb9056d9eb6157687a\System.Xml.ni.dll
MOD - [2012.10.12 11:05:17 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\bd76aaaa03ddc15d1840207b5a480644\System.Configuration.ni.dll
MOD - [2012.10.12 11:04:49 | 007,953,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\28d633338fc8d29f8af31935ef7d001b\System.ni.dll
MOD - [2012.10.12 11:04:27 | 011,492,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\af9c9e9d7e0523cd444f8b551baa9cbf\mscorlib.ni.dll
MOD - [2012.10.12 00:26:14 | 000,073,728 | ---- | M] () -- C:\Users\Sweetheart\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph\1.0_0\spext.dll
MOD - [2012.10.05 11:14:56 | 002,203,160 | ---- | M] () -- C:\ProgramData\Browser Manager\2.3.765.24\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe
MOD - [2012.10.05 11:14:15 | 002,106,392 | ---- | M] () -- c:\ProgramData\Browser Manager\2.3.765.24\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll
MOD - [2012.10.03 23:57:43 | 000,134,600 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\13.0.0\SiteSafety.dll
MOD - [2012.09.25 11:42:58 | 000,460,312 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\22.0.1229.79\ppgooglenaclpluginchrome.dll
MOD - [2012.09.25 11:42:57 | 012,278,808 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\22.0.1229.79\PepperFlash\pepflashplayer.dll
MOD - [2012.09.25 11:42:55 | 004,005,912 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\22.0.1229.79\pdf.dll
MOD - [2012.09.25 11:41:39 | 000,578,072 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\22.0.1229.79\libglesv2.dll
MOD - [2012.09.25 11:41:38 | 000,123,416 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\22.0.1229.79\libegl.dll
MOD - [2012.09.25 11:41:27 | 000,156,712 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\22.0.1229.79\avutil-51.dll
MOD - [2012.09.25 11:41:26 | 000,275,496 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\22.0.1229.79\avformat-54.dll
MOD - [2012.09.25 11:41:24 | 002,168,360 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\22.0.1229.79\avcodec-54.dll
MOD - [2012.09.13 22:53:32 | 000,037,376 | ---- | M] () -- C:\Windows\System32\atitmpxx.dll
MOD - [2012.07.31 11:07:52 | 000,008,648 | ---- | M] () -- C:\Program Files\Innovative Solutions\DriverMax\sync.dll
MOD - [2012.06.01 08:02:23 | 000,071,624 | ---- | M] () -- C:\Program Files\IncrediMail\Bin\wlessfp1.dll
MOD - [2012.06.01 08:02:21 | 000,268,232 | ---- | M] () -- C:\Program Files\IncrediMail\Bin\ImLookExU.dll
MOD - [2012.06.01 08:02:20 | 000,133,064 | ---- | M] () -- C:\Program Files\IncrediMail\Bin\ImComUtlU.dll
MOD - [2012.06.01 08:02:20 | 000,079,816 | ---- | M] () -- C:\Program Files\IncrediMail\Bin\ImAppRU.dll
MOD - [2012.06.01 08:02:20 | 000,032,648 | ---- | M] () -- C:\Program Files\IncrediMail\Bin\IMHttpComm.dll
MOD - [2011.10.07 11:41:16 | 000,879,896 | ---- | M] () -- C:\Program Files\Logitech\SetPointP\Macros\MacroCore.dll
MOD - [2011.01.30 16:19:12 | 000,107,896 | ---- | M] () -- C:\Program Files\IncrediMail\Bin\PMC.dll
MOD - [2011.01.04 22:54:12 | 000,243,712 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
MOD - [2009.12.12 16:12:03 | 000,141,824 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2009.08.22 12:32:50 | 000,724,992 | ---- | M] () -- C:\Program Files\Rainlendar2\plugins\iCalendarPlugin.dll
MOD - [2009.08.22 12:31:06 | 005,148,672 | ---- | M] () -- C:\Program Files\Rainlendar2\Rainlendar2.exe
MOD - [2009.03.30 06:42:12 | 000,434,176 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll
MOD - [2009.03.30 06:42:12 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll
MOD - [2009.03.30 06:42:12 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll
MOD - [2009.03.30 06:42:11 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2008.11.07 22:00:46 | 000,009,216 | ---- | M] () -- C:\Program Files\Rainlendar2\lfs.dll
MOD - [2008.11.07 21:59:08 | 000,131,072 | ---- | M] () -- C:\Program Files\Rainlendar2\lua51.dll
MOD - [2007.03.24 22:44:22 | 000,114,688 | ---- | M] () -- C:\Program Files\Alice\Signup\sys.plg
MOD - [2007.02.12 18:54:32 | 000,253,952 | ---- | M] () -- C:\Program Files\Alice\Signup\dslsetup.plg
MOD - [2005.10.04 18:28:40 | 000,081,920 | ---- | M] () -- C:\Program Files\Alice\Signup\htmlpars.plg
MOD - [2005.09.23 19:10:22 | 000,081,920 | ---- | M] () -- C:\Program Files\Alice\Signup\alice.plg
MOD - [2005.08.17 20:36:28 | 000,090,112 | ---- | M] () -- C:\Program Files\Alice\Signup\Support.plg
MOD - [2005.04.15 13:35:50 | 000,077,824 | ---- | M] () -- C:\Program Files\Alice\Signup\SueDsl.plg
 
 
========== Services (SafeList) ==========
 
SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SBSDWSCService)
SRV - [2012.10.08 23:10:40 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.10.05 11:14:56 | 002,203,160 | ---- | M] () [Auto | Running] -- C:\ProgramData\Browser Manager\2.3.765.24\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe -- (Browser Manager)
SRV - [2012.10.03 23:57:42 | 000,711,112 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.0.0\ToolbarUpdater.exe -- (vToolbarUpdater13.0.0)
SRV - [2012.09.19 11:29:42 | 001,699,168 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2012.09.13 23:18:20 | 000,217,600 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2012.09.11 09:12:29 | 004,537,664 | ---- | M] () [Auto | Running] -- c:\program files\common files\akamai/netsession_win_5891ae0.dll -- (Akamai)
SRV - [2012.09.07 17:04:46 | 000,676,936 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.09.07 17:04:46 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012.09.05 14:05:50 | 000,124,472 | ---- | M] (MSI) [Disabled | Stopped] -- C:\MSI\MSI SUITE\Super-Charger\SuiteChargeService.exe -- (MSI_SuiteCharger)
SRV - [2012.08.30 14:08:28 | 000,102,968 | ---- | M] (MSI) [Disabled | Stopped] -- C:\MSI\MSI SUITE\FastBoot\SuiteFastBootService.exe -- (MSI_SuiteFastBoot)
SRV - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.07.12 13:20:54 | 003,947,320 | ---- | M] (Trend Micro Inc.) [Disabled | Stopped] -- C:\Program Files\Trend Micro SafeSync\hrfscore.exe -- (OnlineStorageService)
SRV - [2012.06.29 17:56:30 | 000,136,704 | ---- | M] (MSI) [Disabled | Stopped] -- C:\Program Files\MSI\Super-Charger\ChargeService.exe -- (MSI_SuperCharger)
SRV - [2012.06.11 16:22:16 | 000,240,208 | ---- | M] (Microsoft Corporation.) [On_Demand | Running] -- C:\Program Files\Microsoft\BingBar\7.1.391.0\SeaPort.EXE -- (BBUpdate)
SRV - [2012.06.11 16:22:16 | 000,193,616 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files\Microsoft\BingBar\7.1.391.0\BBSvc.EXE -- (BBSvc)
SRV - [2012.06.08 09:02:24 | 000,521,344 | ---- | M] (RealNetworks, Inc.) [Auto | Running] -- C:\Program Files\Online Games Manager\ogmservice.exe -- (ogmservice)
SRV - [2012.05.08 16:12:35 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.05.08 16:12:35 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.05.08 15:14:30 | 000,185,856 | ---- | M] () [Auto | Running] -- C:\Program Files\Web Assistant\ExtensionUpdaterService.exe -- (Web Assistant Updater)
SRV - [2012.04.23 09:36:32 | 000,010,752 | ---- | M] () [Disabled | Stopped] -- C:\MSI\MSI SUITE\MSIMonitor\MSIFileSyncMonitor.exe -- (MSIFileSyncMonitor)
SRV - [2012.04.22 10:05:38 | 000,474,168 | ---- | M] (Sony Corporation) [Disabled | Stopped] -- C:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)
SRV - [2012.04.17 14:01:42 | 000,075,280 | ---- | M] (MSI) [Disabled | Stopped] -- C:\MSI\MSI SUITE\ControlCenter\ComCenService.exe -- (MSI_ComCenService)
SRV - [2011.10.17 15:12:52 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2011.09.27 21:03:28 | 000,295,192 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2011.07.18 20:10:37 | 000,040,960 | ---- | M] () [Disabled | Stopped] -- C:\Users\Sweetheart\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe -- (SearchAnonymizer)
SRV - [2010.10.08 11:06:48 | 000,030,016 | ---- | M] (TuneUp Software) [Auto | Stopped] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp)
SRV - [2010.06.14 15:07:14 | 000,615,936 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010.01.05 00:41:00 | 003,670,928 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\System32\GameMon.des -- (npggsvc)
SRV - [2008.01.19 09:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\XDva360.sys -- (XDva360)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\EagleNT.sys -- (EagleNT)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - File not found [Kernel | Boot | Stopped] -- System32\drivers\nagcnh.sys -- (anepufr)
DRV - [2012.10.03 23:57:43 | 000,026,984 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtpx86.sys -- (avgtp)
DRV - [2012.09.19 10:50:50 | 000,010,088 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2012.09.14 00:00:10 | 009,106,432 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2012.09.14 00:00:10 | 009,106,432 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2012.09.13 22:55:00 | 000,370,176 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2012.09.07 17:04:46 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012.08.01 23:02:36 | 000,015,248 | ---- | M] (PenMount) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\pmkbdfltr.sys -- (pmkbdfltr)
DRV - [2012.05.23 13:56:52 | 000,161,640 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\mv61xx.sys -- (mv61xx)
DRV - [2012.05.08 16:12:36 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2012.05.08 16:12:36 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2012.03.30 15:26:30 | 000,007,680 | ---- | M] (MSI) [Kernel | On_Demand | Stopped] -- C:\MSI\MSI SUITE\NTIOLib.sys -- (NTIOLib_1_0_C)
DRV - [2012.02.23 14:31:36 | 000,083,984 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtihdLH3.sys -- (AtiHDAudioService)
DRV - [2011.12.29 13:37:44 | 000,028,464 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\LPCFilter.sys -- (LPCFilter)
DRV - [2011.09.20 11:08:12 | 000,007,680 | ---- | M] (MSI) [Kernel | On_Demand | Stopped] -- C:\MSI\MSI SUITE\ControlCenter\NTIOLib.sys -- (NTIOLib_1_0_D)
DRV - [2011.09.16 17:08:07 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2011.09.02 08:31:28 | 000,039,192 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2011.09.02 08:31:28 | 000,030,360 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV - [2011.09.02 08:31:20 | 000,041,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2010.11.04 15:18:04 | 000,102,728 | ---- | M] (Matrox Graphics Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\MxEFUF32.sys -- (MxEFUF)
DRV - [2010.10.20 14:43:08 | 000,007,680 | ---- | M] (MSI) [Kernel | On_Demand | Stopped] -- C:\Program Files\MSI\Live Update 5\NTIOLib.sys -- (NTIOLib_1_0_4)
DRV - [2010.03.16 21:20:51 | 000,685,816 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2010.02.27 10:30:29 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV - [2010.02.26 14:32:58 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2010.02.26 14:32:46 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2010.02.26 14:32:44 | 000,022,528 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2010.02.26 14:32:44 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2010.02.16 08:57:42 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2009.12.30 13:55:14 | 000,007,680 | ---- | M] (MSI) [Kernel | On_Demand | Stopped] -- C:\Program Files\MSI\Super-Charger\NTIOLib.sys -- (NTIOLib_1_0_3)
DRV - [2009.10.08 17:55:33 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2008.08.26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.02.19 08:09:10 | 000,072,704 | ---- | M] (Point Grey Research) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HS3dSensor1394.sys -- (PGR1394b)
DRV - [2007.04.13 14:22:56 | 000,228,224 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express)
DRV - [2006.11.28 23:46:24 | 000,028,224 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PDNMp50.sys -- (PDNMp50)
DRV - [2006.11.28 23:46:22 | 000,027,072 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PDNSp50.sys -- (PDNSp50)
DRV - [2002.06.10 15:20:50 | 000,039,936 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvcd.sys -- (QCDonner)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://alice.aol.de
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://alice.aol.de
IE - HKLM\..\URLSearchHook:  - No CLSID value found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKLM\..\URLSearchHook: {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - C:\Program Files\IncrediMail_MediaBar_2\prxtbInc0.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA74C8}: "URL" = hxxp://www.searchqu.com/web?src=ieb&q={searchTerms}
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2405280
IE - HKLM\..\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: "URL" = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&query={searchTerms}&invocationType=tb50winampie7
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://search.babylon.com/?affID=110824&tt=101012_24_4112_2&babsrc=HP_ss&mntrId=5a9e0d6b000000000000000000000000
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.babylon.com/?affID=110824&tt=101012_24_4112_2&babsrc=HP_ss&mntrId=5a9e0d6b000000000000000000000000
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook:  - No CLSID value found
IE - HKCU\..\URLSearchHook: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - No CLSID value found
IE - HKCU\..\URLSearchHook: {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - C:\Program Files\IncrediMail_MediaBar_2\prxtbInc0.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {CFF4DB9B-135F-47c0-9269-B4C6572FD61A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com.anonymize-me.de/?anonymto=687474703A2F2F7777772E62696E672E636F6D2F7365617263683F464F524D3D4945464D3126713D7B7365617263685465726D737D267372633D7B72656665727265723A736F757263653F7D&st={searchTerms}&clid=e85d924a-6695-4cd1-a5e0-f1a1f9ae29e7&pid=freewarede&k=0
IE - HKCU\..\SearchScopes\{299622BC-AC86-494D-9E5C-9B385816C0D6}: "URL" = hxxp://www.amazon.de.anonymize-me.de/?to=616D617A6F6E2E6465&st={searchTerms}&clid=e85d924a-6695-4cd1-a5e0-f1a1f9ae29e7&pid=freewarede&mode=bounce&k=0
IE - HKCU\..\SearchScopes\{2DA5735A-B19D-4322-8CC1-D93D0CFE630E}: "URL" = hxxp://de.wikipedia.org.anonymize-me.de/?to=64652E77696B6970656469612E6F7267&st={searchTerms}&clid=e85d924a-6695-4cd1-a5e0-f1a1f9ae29e7&pid=freewarede&mode=bounce&k=0
IE - HKCU\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
IE - HKCU\..\SearchScopes\{79262CC3-E08A-4E62-868B-482145ABA554}: "URL" = hxxp://www.otto.de.anonymize-me.de/?to=6F74746F2E6465&st={searchTerms}&clid=e85d924a-6695-4cd1-a5e0-f1a1f9ae29e7&pid=freewarede&mode=bounce&k=0
IE - HKCU\..\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA74C8}: "URL" = hxxp://www.searchqu.com.anonymize-me.de/?anonymto=687474703A2F2F7777772E73656172636871752E636F6D2F7765623F7372633D69656226713D7B7365617263685465726D737D&st={searchTerms}&clid=e85d924a-6695-4cd1-a5e0-f1a1f9ae29e7&pid=freewarede&k=0
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = https://isearch.avg.com/search?cid={0EAE350D-72C5-45AB-9C68-BFFEBE009481}&mid=7ab495e403bf47d0905c19b4330d3284-f1b2ed4f9eb8b0b53f1fcc3916f29e6d0c224b70&lang=de&ds=tt014&pr=sa&d=2012-10-03 23:58:20&v=13.0.0.7&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{A92D9454-CA97-4F63-B91F-68786D2099D6}: "URL" = hxxp://www.pricerunner.de.anonymize-me.de/?to=707269636572756E6E65722E6465&st={searchTerms}&clid=e85d924a-6695-4cd1-a5e0-f1a1f9ae29e7&pid=freewarede&mode=bounce&k=0
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com.anonymize-me.de/?anonymto=687474703A2F2F7365617263682E636F6E647569742E636F6D2F526573756C74734578742E617370783F713D7B7365617263685465726D737D26536561726368536F757263653D3426637469643D435432343035323830&st={searchTerms}&clid=e85d924a-6695-4cd1-a5e0-f1a1f9ae29e7&pid=freewarede&k=0
IE - HKCU\..\SearchScopes\{CA0339FC-CDA1-46FB-96DD-E89D390B0413}: "URL" = hxxp://www.myvideo.de.anonymize-me.de/?to=6D79766964656F2E6465&st={searchTerms}&clid=e85d924a-6695-4cd1-a5e0-f1a1f9ae29e7&pid=freewarede&mode=bounce&k=0
IE - HKCU\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = hxxp://mystart.incredimail.com/mb156/?search={searchTerms}&loc=search_box&a=1eynR4mkr3R
IE - HKCU\..\SearchScopes\{F4BB98EE-A332-4FDF-8E77-93BE46555CAA}: "URL" = hxxp://search.ebay.de.anonymize-me.de/?to=656261792E6465&st={searchTerms}&clid=e85d924a-6695-4cd1-a5e0-f1a1f9ae29e7&pid=freewarede&mode=bounce&k=0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.defaultthis.engineName: "Softonic-Eng7 Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2405280&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "Web Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://search.babylon.com/?affID=110824&tt=101012_24_4112_2&babsrc=HP_ss&mntrId=5a9e0d6b000000000000000000000000"
FF - prefs.js..extensions.enabledAddons: {336D0C35-8A85-403a-B9D2-65C292C39087}:2.0.0.441
FF - prefs.js..extensions.enabledAddons: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}:6.0.33
FF - prefs.js..extensions.enabledAddons: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}:6.0.35
FF - prefs.js..extensions.enabledAddons: {800b5000-a755-47e1-992b-48a1c1357f07}:1.5.3
FF - prefs.js..extensions.enabledAddons: avg@toolbar:13.0.0.7
FF - prefs.js..extensions.enabledItems: {0b38152b-1b20-484d-a11f-5e04a9b0661f}:5.6.12.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.3.42
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.2.5.2
FF - prefs.js..extensions.enabledItems: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}:3.2.1.3
FF - prefs.js..extensions.enabledItems: {000F1EA4-5E08-4564-A29B-29076F63A37A}:1.0.3.139
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0}:2.7.2.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..keyword.URL: "https://isearch.avg.com/search?cid=%7B9662d32d-8d32-4e79-82bd-59e5281d4751%7D&mid=7ab495e403bf47d0905c19b4330d3284-f1b2ed4f9eb8b0b53f1fcc3916f29e6d0c224b70&ds=tt014&v=13.0.0.7&lang=de&pr=sa&d=2012-10-03%2023%3A58%3A20&sap=ku&q="
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\13.0.0\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_35: C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@soe.sony.com/installer,version=1.0.3: C:\Users\Sweetheart\AppData\Roaming\Mozilla\Firefox\Profiles\28endelp.default\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}\plugins\npsoe.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Program Files\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKLM\Software\MozillaPlugins\@Webzen.com/NPGameWebStarter: C:\Program Files\WEBZEN\WebzenGameStarter\NPGameWebStarter.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2010.08.19 20:52:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\Web Assistant\Firefox [2012.06.01 08:02:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\FireFoxExt\13.0.0.7 [2012.10.03 23:58:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.06.06 22:02:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.08.16 15:48:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2010.08.19 20:52:52 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\finder@meingutscheincode.de: C:\Program Files\Mein Gutscheincode Finder\Firefox [2011.07.18 20:10:40 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{b64982b1-d112-42b5-b1e4-d3867c4533f8}: C:\ProgramData\Browser Manager\2.3.765.24\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension [2012.10.11 23:07:25 | 000,000,000 | ---D | M]
 
[2009.11.28 21:52:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sweetheart\AppData\Roaming\mozilla\Extensions
[2012.10.11 23:08:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sweetheart\AppData\Roaming\mozilla\Firefox\Profiles\28endelp.default\extensions
[2010.11.14 10:52:28 | 000,000,000 | ---D | M] () -- C:\Users\Sweetheart\AppData\Roaming\mozilla\Firefox\Profiles\28endelp.default\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}
[2010.02.08 22:28:12 | 000,000,000 | ---D | M] (Winamp Toolbar) -- C:\Users\Sweetheart\AppData\Roaming\mozilla\Firefox\Profiles\28endelp.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}
[2010.11.03 09:03:51 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Sweetheart\AppData\Roaming\mozilla\Firefox\Profiles\28endelp.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012.09.06 10:40:08 | 000,000,000 | ---D | M] (ST-Eng7 Community Toolbar) -- C:\Users\Sweetheart\AppData\Roaming\mozilla\Firefox\Profiles\28endelp.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}
[2010.05.20 20:13:50 | 000,000,000 | ---D | M] (Searchqu Toolbar) -- C:\Users\Sweetheart\AppData\Roaming\mozilla\Firefox\Profiles\28endelp.default\extensions\{7FF99715-3016-4381-84CE-E4E4C9673020}
[2012.09.07 10:47:12 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Sweetheart\AppData\Roaming\mozilla\Firefox\Profiles\28endelp.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2012.09.06 10:40:10 | 000,000,000 | ---D | M] (IncrediMail MediaBar 2 Community Toolbar) -- C:\Users\Sweetheart\AppData\Roaming\mozilla\Firefox\Profiles\28endelp.default\extensions\{d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0}
[2011.06.17 20:35:36 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Sweetheart\AppData\Roaming\mozilla\Firefox\Profiles\28endelp.default\extensions\engine@conduit.com
[2012.09.06 10:40:01 | 000,101,871 | ---- | M] () (No name found) -- C:\Users\Sweetheart\AppData\Roaming\mozilla\firefox\profiles\28endelp.default\extensions\ciuvo-extension@icq.de.xpi
[2011.07.18 20:10:40 | 000,001,135 | ---- | M] () -- C:\Users\Sweetheart\AppData\Roaming\mozilla\firefox\profiles\28endelp.default\searchplugins\conduit.xml
[2012.09.23 22:53:40 | 000,000,950 | ---- | M] () -- C:\Users\Sweetheart\AppData\Roaming\mozilla\firefox\profiles\28endelp.default\searchplugins\icqplugin-1.xml
[2012.10.04 12:45:06 | 000,000,950 | ---- | M] () -- C:\Users\Sweetheart\AppData\Roaming\mozilla\firefox\profiles\28endelp.default\searchplugins\icqplugin-2.xml
[2012.06.06 11:43:27 | 000,001,056 | ---- | M] () -- C:\Users\Sweetheart\AppData\Roaming\mozilla\firefox\profiles\28endelp.default\searchplugins\icqplugin.xml
[2011.04.04 07:56:32 | 000,002,185 | ---- | M] () -- C:\Users\Sweetheart\AppData\Roaming\mozilla\firefox\profiles\28endelp.default\searchplugins\MyStart Search.xml
[2010.04.12 14:01:50 | 000,005,495 | ---- | M] () -- C:\Users\Sweetheart\AppData\Roaming\mozilla\firefox\profiles\28endelp.default\searchplugins\SearchquWebSearch.xml
[2011.07.18 20:10:40 | 000,001,687 | ---- | M] () -- C:\Users\Sweetheart\AppData\Roaming\mozilla\firefox\profiles\28endelp.default\searchplugins\winamp-search.xml
[2011.07.18 20:10:40 | 000,001,870 | ---- | M] () -- C:\Users\Sweetheart\AppData\Roaming\mozilla\firefox\profiles\28endelp.default\searchplugins\{C9FFD529-F13F-47F5-9D04-488F9F9F6E79}.xml
[2011.07.18 20:10:40 | 000,002,077 | ---- | M] () -- C:\Users\Sweetheart\AppData\Roaming\mozilla\firefox\profiles\28endelp.default\searchplugins\{FA9D6423-B334-46A2-9214-7A64B933E387}.xml
[2011.07.18 20:10:40 | 000,002,188 | ---- | M] () -- C:\Users\Sweetheart\AppData\Roaming\mozilla\firefox\profiles\28endelp.default\searchplugins\{FEB502EE-54AB-4A4D-8404-1932DE660FCE}.xml
[2012.09.06 10:31:39 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012.07.30 19:33:39 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2012.09.06 10:31:40 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2012.06.01 08:02:01 | 000,000,000 | ---D | M] (Web Assistant) -- C:\PROGRAM FILES\WEB ASSISTANT\FIREFOX
[2012.10.03 23:58:50 | 000,000,000 | ---D | M] (AVG Security Toolbar) -- C:\PROGRAMDATA\AVG SECURE SEARCH\FIREFOXEXT\13.0.0.7
[2012.10.11 23:07:25 | 000,000,000 | ---D | M] (Browser Manager) -- C:\PROGRAMDATA\BROWSER MANAGER\2.3.765.24\{16CDFF19-861D-48E3-A751-D99A27784753}\FIREFOXEXTENSION
[2012.06.06 22:02:50 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.06.28 17:42:00 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2012.06.06 22:02:48 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.10.03 23:58:02 | 000,003,743 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
[2012.06.06 22:02:48 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.06.06 22:02:48 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.06.06 22:02:48 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.04.12 14:01:50 | 000,005,495 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\SearchquWebSearch.xml
[2012.06.06 22:02:48 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.06.06 22:02:48 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - homepage: hxxp://search.babylon.com/?affID=110824&tt=101012_24_4112_2&babsrc=HP_ss&mntrId=5a9e0d6b000000000000000000000000
CHR - default_search_provider: AVG Secure Search (Enabled)
CHR - default_search_provider: search_url = https://isearch.avg.com/search?cid={0EAE350D-72C5-45AB-9C68-BFFEBE009481}&mid=7ab495e403bf47d0905c19b4330d3284-f1b2ed4f9eb8b0b53f1fcc3916f29e6d0c224b70&lang=de&ds=tt014&pr=sa&d=&v=&sap=dsp&q={searchTerms}
CHR - default_search_provider: suggest_url = hxxp://clients5.google.com/complete/search?hl={language}&q={searchTerms}&client=ie8&inputencoding={inputEncoding}&outputencoding={outputEncoding}
CHR - homepage: hxxp://search.babylon.com/?affID=110824&tt=101012_24_4112_2&babsrc=HP_ss&mntrId=5a9e0d6b000000000000000000000000
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.79\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.79\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Sweetheart\AppData\Local\Google\Chrome\User Data\NPAPIFlash\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_278.dll
CHR - plugin: Injovo Extension Plugin (Enabled) = C:\Users\Sweetheart\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.441_0\npbrowserext.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Users\Sweetheart\AppData\Roaming\Mozilla\plugins\np-mswmp.dll
CHR - plugin: AVG SiteSafety plugin (Enabled) = C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\13.0.0\\npsitesafety.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 6 U35 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 6.0.350.10 (Enabled) = C:\Windows\system32\npdeployJava1.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Unity Player (Enabled) = C:\Program Files\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: SOE Web Installer (Enabled) = C:\Users\Sweetheart\AppData\Roaming\Mozilla\Firefox\Profiles\28endelp.default\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}\plugins\npsoe.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: YouTube = C:\Users\Sweetheart\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google-Suche = C:\Users\Sweetheart\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Web Assistant = C:\Users\Sweetheart\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.441_0\
CHR - Extension: preisspion.de = C:\Users\Sweetheart\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgfpelakfkbbkkdchaaaknckhoadkcbo\3.0.2_0\
CHR - Extension: AVG Secure Search = C:\Users\Sweetheart\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\13.0.0.7_0\
CHR - Extension: Settings Protector = C:\Users\Sweetheart\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph\1.0_0\
CHR - Extension: Google Mail = C:\Users\Sweetheart\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (Mein Gutscheincode Finder zeigt automatisch Shopping-Gutscheine an mit denen Sie beim Online-Einkauf sparen können.) - {1ED16E0A-E8C4-40A0-8BC2-79485D21F796} - C:\Program Files\Mein Gutscheincode Finder\Internet Explorer\x86\ConversionOneIE.dll (Conversion One GmbH)
O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (Web Assistant) - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension32.dll ()
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Searchqu Toolbar) - {7FF99715-3016-4381-84CE-E4E4C9673020} - C:\Program Files\Windows Searchqu Toolbar\ToolBar\SearchquDx.dll ()
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\13.0.0.7\AVG Secure Search_toolbar.dll ()
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll (Google Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (IncrediMail MediaBar 2 Toolbar) - {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - C:\Program Files\IncrediMail_MediaBar_2\prxtbInc0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {7FF99715-3016-4381-84CE-E4E4C9673020} - C:\Program Files\Windows Searchqu Toolbar\ToolBar\SearchquDx.dll ()
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\13.0.0.7\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - {D0F4A166-B8D4-48b8-9D63-80849FE137CB} - No CLSID value found.
O3 - HKLM\..\Toolbar: (IncrediMail MediaBar 2 Toolbar) - {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - C:\Program Files\IncrediMail_MediaBar_2\prxtbInc0.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (IncrediMail MediaBar 2 Toolbar) - {D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0} - C:\Program Files\IncrediMail_MediaBar_2\prxtbInc0.dll (Conduit Ltd.)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4 - HKLM..\Run: [MSI Suite] C:\MSI\MSI SUITE\StartMSISuite.exe ()
O4 - HKLM..\Run: [Ocs_SM] C:\Users\Sweetheart\AppData\Roaming\OCS\SM\SearchAnonymizer.exe (OCS)
O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Program Files\Sony\PlayMemories Home\PMBVolumeWatcher.exe (Sony Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [Super-Charger] C:\Program Files\MSI\Super-Charger\Super-Charger.exe (MSI)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: []  File not found
O4 - HKCU..\Run: [DriverMax] C:\Program Files\Innovative Solutions\DriverMax\drivermax.exe (Innovative Solutions)
O4 - HKCU..\Run: [DriverMax_RESTART] C:\Program Files\Innovative Solutions\DriverMax\drivermax.exe (Innovative Solutions)
O4 - HKCU..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe (IncrediMail, Ltd.)
O4 - HKCU..\Run: [Rainlendar2] C:\Program Files\Rainlendar2\Rainlendar2.exe ()
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4521BBEC-17A0-4C4D-A607-CF9B32D64006}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{71A460A0-92AC-4C40-9141-0B1041C1D07D}: NameServer = 62.109.123.7 213.191.92.86
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\13.0.0\ViProtocol.dll ()
O20 - AppInit_DLLs: (c:\progra~2\browse~1\23765~1.24\{16cdf~1\browse~1.dll) - c:\ProgramData\Browser Manager\2.3.765.24\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll ()
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Sweetheart\Pictures\Hintergrundbilder\drachen.jpg
O24 - Desktop BackupWallPaper: C:\Users\Sweetheart\Pictures\Hintergrundbilder\drachen.jpg
O27 - HKLM IFEO\diagnostictool.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\excel.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\groove.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\hpcustpartic.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\hpwucli.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\hrfsclient.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\imgstud.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\infopath.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\msaccess.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\msi suite.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\msoxmled.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\mspub.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\mstore.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\ois.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\onenote.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\onenotem.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\outlook.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\pmbbrowser.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\pmbinit.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\powerpnt.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\super-charger.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\unins000.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\winword.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
ActiveX: {0213C6AF-5562-4D09-884C-2ADCFC8C2F35} - Microsoft .NET Framework 1.1 Security Update (KB2656353)
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - 
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - 
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.7
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {A38B334A-A0A2-436D-BAA0-34FE5E517E44} - Microsoft .NET Framework 1.1 Security Update (KB2656370)
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Reg Error: Value error.
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
NetSvcs: UxTuneUp - C:\Windows\System32\uxtuneup.dll (TuneUp Software)
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.10.12 10:26:54 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Local\{882B453D-AC34-4177-A6A0-64E49C1E232A}
[2012.10.11 23:07:34 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Browser Manager
[2012.10.11 23:07:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Browser Manager
[2012.10.11 23:06:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon
[2012.10.11 23:06:54 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Roaming\Babylon
[2012.10.11 22:26:37 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Local\{C4481F9C-20C7-4C0A-BE6A-9C52BA4F54EB}
[2012.10.11 10:26:15 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Local\{308F0B84-DB51-45F1-A72C-7487F5B2133C}
[2012.10.10 13:26:10 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Local\{815B5E2E-6E92-49F1-A413-1BB0A79C1CAB}
[2012.10.09 23:26:52 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Local\{933D5892-15B0-44CB-9753-42EFB49C89FF}
[2012.10.09 14:01:25 | 001,801,592 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesGUILib.dll
[2012.10.09 14:01:18 | 007,161,736 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEP32A.dll
[2012.10.09 14:01:17 | 007,377,272 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioRealtek.dll
[2012.10.09 14:01:17 | 001,246,584 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioRealtek2.dll
[2012.10.09 14:01:17 | 000,351,112 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EED32A.dll
[2012.10.09 14:01:17 | 000,349,048 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxVolumeSDAPO.dll
[2012.10.09 14:01:17 | 000,106,376 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEL32A.dll
[2012.10.09 14:01:17 | 000,091,528 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEA32A.dll
[2012.10.09 14:01:17 | 000,061,832 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEG32A.dll
[2012.10.09 14:01:16 | 001,929,592 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioEQ.dll
[2012.10.09 14:01:16 | 000,717,176 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPOShell.dll
[2012.10.09 14:01:15 | 002,195,040 | ---- | C] (Fortemedia Corporation) -- C:\Windows\System32\FMAPO.dll
[2012.10.09 14:01:15 | 000,350,072 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO30.dll
[2012.10.09 14:01:13 | 000,090,624 | ---- | C] (Real Sound Lab SIA) -- C:\Windows\System32\CONEQMSAPOGUILibrary.dll
[2012.10.09 13:58:07 | 000,015,248 | ---- | C] (PenMount) -- C:\Windows\System32\drivers\pmkbdfltr.sys
[2012.10.09 11:26:37 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Local\{917B5FA0-BE0A-4C08-9C44-919E43237B04}
[2012.10.08 23:26:21 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Local\{F3F3C40E-9E74-48C1-BC02-FF09AB3A0747}
[2012.10.08 23:21:29 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Roaming\Magic3
[2012.10.08 11:29:43 | 000,028,464 | ---- | C] (COMPAL ELECTRONIC INC.) -- C:\Windows\System32\drivers\LPCFilter.sys
[2012.10.08 11:26:06 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Local\{47328226-A6A8-414D-BF78-AC938ABEEE4B}
[2012.10.07 23:25:51 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Local\{37A7F0E7-36B7-44B2-85DF-1137D5E1B8EE}
[2012.10.07 11:25:36 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Local\{0E93320C-D9FC-4B0E-BBDA-6C5DFE8ED582}
[2012.10.06 23:07:44 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Local\{4F8B0643-6196-4479-A77D-B2FBF564CCB0}
[2012.10.06 11:07:28 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Local\{DE896563-E8FB-4F68-99F5-946CD649BB4C}
[2012.10.06 10:44:33 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\System32\CSVer.dll
[2012.10.06 10:26:18 | 000,072,704 | ---- | C] (Point Grey Research) -- C:\Windows\System32\drivers\HS3dSensor1394.sys
[2012.10.06 10:23:47 | 000,161,640 | ---- | C] (Marvell Semiconductor, Inc.) -- C:\Windows\System32\drivers\mv61xx.sys
[2012.10.06 10:23:47 | 000,040,448 | ---- | C] (<Marvell>) -- C:\Windows\System32\mvcoinst.dll
[2012.10.06 10:23:47 | 000,014,184 | ---- | C] (Marvell Semiconductor Inc.) -- C:\Windows\System32\drivers\mv61xxmm.sys
[2012.10.06 10:18:43 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\.thinupload
[2012.10.06 03:23:49 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess
[2012.10.06 03:18:51 | 000,214,368 | ---- | C] (Synopsys, Inc.) -- C:\Windows\System32\SFNHK.dll
[2012.10.06 03:18:50 | 000,074,080 | ---- | C] (Synopsys, Inc.) -- C:\Windows\System32\SFCOM.dll
[2012.10.06 03:18:50 | 000,068,960 | ---- | C] (Synopsys, Inc.) -- C:\Windows\System32\SFAPO.dll
[2012.10.06 03:18:46 | 000,421,744 | ---- | C] (DTS) -- C:\Windows\System32\DTSU2PLFX32.dll
[2012.10.06 03:18:46 | 000,398,192 | ---- | C] (DTS) -- C:\Windows\System32\DTSU2PGFX32.dll
[2012.10.06 03:18:46 | 000,357,712 | ---- | C] (Knowles Acoustics ) -- C:\Windows\System32\KAAPORT.dll
[2012.10.06 03:18:46 | 000,335,216 | ---- | C] (DTS) -- C:\Windows\System32\DTSU2PREC32.dll
[2012.10.06 03:16:05 | 000,011,832 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\acpimof.dll
[2012.10.06 03:15:58 | 000,000,000 | ---D | C] -- C:\MSI
[2012.10.06 03:15:37 | 000,000,000 | -H-D | C] -- C:\SuperChargerProfile
[2012.10.06 03:14:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012.10.06 01:18:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Google
[2012.10.06 01:18:31 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2012.10.06 01:18:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Trend Micro
[2012.10.06 01:18:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trend Micro SafeSync
[2012.10.06 01:18:23 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro SafeSync
[2012.10.05 22:42:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI
[2012.10.05 22:42:40 | 000,000,000 | ---D | C] -- C:\Program Files\MSI
[2012.10.05 17:21:36 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Local\{80EC128F-6B89-4D55-82E1-47F4EA1A629D}
[2012.10.05 00:04:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in
[2012.10.04 23:51:59 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Local\{81ED33C1-BFAA-4BA1-957F-441D409073AE}
[2012.10.04 23:32:30 | 000,058,880 | ---- | C] (AMD) -- C:\Windows\System32\coinst_9.001.dll
[2012.10.04 23:32:29 | 000,163,840 | ---- | C] (AMD) -- C:\Windows\System32\atitmmxx.dll
[2012.10.04 23:32:25 | 000,020,992 | ---- | C] (AMD) -- C:\Windows\System32\atimuixx.dll
[2012.10.04 23:17:50 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Local\Innovative Solutions
[2012.10.04 23:17:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverMax
[2012.10.04 23:17:48 | 000,000,000 | ---D | C] -- C:\Program Files\Innovative Solutions
[2012.10.04 22:52:42 | 000,000,000 | ---D | C] -- C:\Windows\System32\RTCOM
[2012.10.04 22:51:51 | 001,783,056 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesLib.dll
[2012.10.04 22:51:50 | 000,345,328 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSXT.dll
[2012.10.04 22:51:50 | 000,185,584 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSHD.dll
[2012.10.04 22:51:50 | 000,173,296 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSHP360.dll
[2012.10.04 22:51:50 | 000,140,528 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSWOW.dll
[2012.10.04 22:51:45 | 000,359,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEP32A.dll
[2012.10.04 22:51:45 | 000,295,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DHT32.dll
[2012.10.04 22:51:45 | 000,295,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DAA32.dll
[2012.10.04 22:51:45 | 000,170,840 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEED32A.dll
[2012.10.04 22:51:45 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEL32A.dll
[2012.10.04 22:51:45 | 000,064,856 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEG32A.dll
[2012.10.04 22:51:44 | 000,232,792 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO20.dll
[2012.10.04 22:51:44 | 000,132,368 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO.dll
[2012.10.04 22:51:43 | 001,509,480 | ---- | C] (DTS) -- C:\Windows\System32\DTSS2SpeakerDLL.dll
[2012.10.04 22:51:43 | 001,292,904 | ---- | C] (DTS) -- C:\Windows\System32\DTSS2HeadphoneDLL.dll
[2012.10.04 22:51:43 | 001,220,200 | ---- | C] (DTS) -- C:\Windows\System32\DTSBoostDLL.dll
[2012.10.04 22:51:43 | 000,654,952 | ---- | C] (DTS) -- C:\Windows\System32\DTSBassEnhancementDLL.dll
[2012.10.04 22:51:43 | 000,631,400 | ---- | C] (DTS) -- C:\Windows\System32\DTSSymmetryDLL.dll
[2012.10.04 22:51:43 | 000,601,704 | ---- | C] (DTS) -- C:\Windows\System32\DTSVoiceClarityDLL.dll
[2012.10.04 22:51:43 | 000,458,344 | ---- | C] (DTS) -- C:\Windows\System32\DTSNeoPCDLL.dll
[2012.10.04 22:51:43 | 000,389,736 | ---- | C] (DTS) -- C:\Windows\System32\DTSGainCompensatorDLL.dll
[2012.10.04 22:51:43 | 000,375,400 | ---- | C] (DTS) -- C:\Windows\System32\DTSLimiterDLL.dll
[2012.10.04 22:51:43 | 000,218,728 | ---- | C] (DTS) -- C:\Windows\System32\DTSGFXAPONS.dll
[2012.10.04 22:51:43 | 000,218,728 | ---- | C] (DTS) -- C:\Windows\System32\DTSGFXAPO.dll
[2012.10.04 22:51:43 | 000,218,216 | ---- | C] (DTS) -- C:\Windows\System32\DTSLFXAPO.dll
[2012.10.04 21:52:45 | 000,000,000 | ---D | C] -- C:\Program Files\SystemRequirementsLab
[2012.10.04 19:40:00 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\SystemRequirementsLab
[2012.10.04 19:18:10 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Roaming\Intel Corporation
[2012.10.04 19:18:10 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Intel Corporation
[2012.10.04 15:07:14 | 000,000,000 | ---D | C] -- C:\ProgramData\HP Photo Creations
[2012.10.04 15:07:14 | 000,000,000 | ---D | C] -- C:\Program Files\HP Photo Creations
[2012.10.04 15:05:27 | 000,000,000 | ---D | C] -- C:\Program Files\HP
[2012.10.04 15:01:27 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
[2012.10.04 14:59:37 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Roaming\Leadertech
[2012.10.04 14:58:17 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\LogiShrd
[2012.10.04 14:57:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Logishrd
[2012.10.04 14:57:36 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\LogiShrd
[2012.10.04 14:56:57 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Roaming\Logitech
[2012.10.04 14:56:57 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Roaming\Logishrd
[2012.10.04 14:54:13 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2012.10.04 14:54:09 | 000,000,000 | -H-D | C] -- C:\Program Files\Temp
[2012.10.04 11:51:44 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Local\{ACC5CE56-0255-4CCB-950F-C13EC639AB4C}
[2012.10.04 07:26:43 | 000,000,000 | ---D | C] -- C:\Program Files\AMD APP
[2012.10.04 02:10:45 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Roaming\PCCUStubInstaller
[2012.10.04 02:10:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
[2012.10.04 02:10:21 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller
[2012.10.04 00:25:45 | 000,000,000 | ---D | C] -- C:\Program Files\SmartTweak Software
[2012.10.04 00:25:00 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Local\PackageAware
[2012.10.03 23:59:11 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Local\AVG Secure Search
[2012.10.03 23:59:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013
[2012.10.03 23:58:50 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG Secure Search
[2012.10.03 23:58:18 | 000,026,984 | ---- | C] (AVG Technologies) -- C:\Windows\System32\drivers\avgtpx86.sys
[2012.10.03 23:58:16 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AVG Secure Search
[2012.10.03 23:58:16 | 000,000,000 | ---D | C] -- C:\Program Files\AVG Secure Search
[2012.10.03 23:57:23 | 000,000,000 | ---D | C] -- C:\Program Files\TuneUp Utilities 2013
[2012.10.03 23:56:27 | 000,000,000 | -HSD | C] -- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
[2012.10.03 23:56:27 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2012.10.03 23:51:29 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Local\{AA42FCFF-900E-42A8-9AA6-5512A3E6C83A}
[2012.10.03 23:45:24 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Roaming\Easeware
[2012.10.03 23:45:22 | 000,000,000 | ---D | C] -- C:\Program Files\Easeware
[2012.10.03 23:35:48 | 000,017,280 | ---- | C] (Systweak Inc., (www.systweak.com)) -- C:\Windows\System32\roboot.exe
[2012.10.03 11:51:12 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Local\{9CDD3A9D-536B-42F8-8098-CE810FD878DA}
[2012.10.02 23:50:57 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Local\{83F62225-842A-44B8-B70F-C5A2D56F5224}
[2012.10.02 11:50:42 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Local\{566E9734-210E-4AF1-AA20-232CA2D3C1DB}
[2012.10.01 22:08:37 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Local\{F7A1A3ED-CE71-4924-BB3C-457279DF5F5C}
[2012.10.01 09:50:42 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Local\{B5F9EF2F-DD06-42AF-ACA2-776DBCA72584}
[2012.09.30 17:16:09 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Local\{A2AF122E-F70C-432E-B258-8F58D6820BB3}
[2012.09.29 18:23:22 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Local\{CACD1CB0-0C48-4AFE-94A6-6AB60674887B}
[2012.09.29 00:14:36 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Local\{44DFB7BF-048A-4977-8398-0C9CE4D4F6E3}
[2012.09.28 12:13:46 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Local\{263565D5-5096-4053-BC93-829B6F9F443B}
[2012.09.27 22:57:34 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Local\{441E7A89-73F0-4E70-964E-576D062F1863}
[2012.09.27 22:43:48 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Roaming\V-Games
[2012.09.27 22:42:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Purplehills
[2012.09.27 22:42:43 | 000,000,000 | ---D | C] -- C:\Program Files\Purplehills
[2012.09.27 10:57:20 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Local\{CDB2A17F-4C82-48DA-84A6-27952D8CF6A3}
[2012.09.26 22:18:47 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Local\{9E55831C-364C-4AF0-8101-20B27E72F5A3}
[2012.09.26 10:18:32 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Local\{3AA15C08-A0A4-4C0C-9CA9-B2B4275EBE29}
[2012.09.25 22:18:01 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Local\{3AD46BDE-E5BD-4C57-8E27-4586572A1FBF}
[2012.09.24 23:35:07 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Local\{C9A78311-E3E1-40C6-B29E-A73159FCE281}
[2012.09.24 23:17:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Trymedia
[2012.09.24 23:17:30 | 000,000,000 | ---D | C] -- C:\Program Files\Online Games Manager
[2012.09.24 23:17:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zylom
[2012.09.24 23:06:48 | 000,000,000 | ---D | C] -- C:\ProgramData\PopCap Games
[2012.09.24 11:34:52 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Local\{CA8AA90A-A087-4AA2-8A53-47DF51737103}
[2012.09.23 22:13:06 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Local\{BA6C85CB-0254-45C6-97DC-C95801261E5E}
[2012.09.23 10:07:45 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Local\{EF153F13-1396-4438-A7CF-AC9496081D6C}
[2012.09.22 11:13:56 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Local\{77735006-5D11-4E89-868A-77DEE39E4B32}
[2012.09.21 16:38:05 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Local\{2EEF052F-76F4-484E-9FF2-1D8505013A95}
[2012.09.20 22:07:52 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Local\{2D658D1A-EBE2-4E90-AAB5-9F71D46DC572}
[2012.09.20 09:49:23 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Local\{714FEBDC-AFB3-435F-9652-291129A72C13}
[2012.09.19 13:56:14 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Local\{4BF72F45-9414-4B73-B183-7D603531D3E1}
[2012.09.18 16:36:57 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Local\{818FDAE1-D3BF-400E-ACD1-63A30B552785}
[2012.09.17 14:53:25 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Local\{425E75EE-8B3D-48B3-BED6-58DDA84B8EC2}
[2012.09.16 22:18:41 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Local\{0E5B1A36-4068-4F87-931C-A3EB206527E7}
[2012.09.15 22:01:57 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Local\{FEC59C97-4A4E-4B5E-9F4B-5F072AC10050}
[2012.09.14 09:54:32 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Local\{51F21393-BBA4-4780-96BF-800A57D7EDDD}
[2012.09.13 09:23:08 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Local\{75924855-E4C4-4161-9B9B-AF77404A6B5A}
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Users\Sweetheart\AppData\Local\*.tmp files -> C:\Users\Sweetheart\AppData\Local\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.10.12 11:10:15 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.10.12 11:04:04 | 000,004,736 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.10.12 11:04:04 | 000,004,736 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.10.12 10:33:24 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.10.12 10:19:34 | 000,001,102 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.10.12 10:18:56 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.10.12 10:18:51 | 3219,304,448 | -HS- | M] () -- C:\hiberfil.sys
[2012.10.10 23:10:25 | 000,000,866 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.10.07 14:14:18 | 000,008,798 | ---- | M] () -- C:\Windows\System32\icrav03.rat
[2012.10.07 14:14:18 | 000,001,988 | ---- | M] () -- C:\Windows\System32\ticrf.rat
[2012.10.07 14:14:10 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2012.10.06 10:37:47 | 000,001,931 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012.10.06 10:27:09 | 000,636,998 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.10.06 10:27:09 | 000,604,074 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.10.06 10:27:09 | 000,130,596 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.10.06 10:27:09 | 000,108,468 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.10.05 22:42:42 | 000,001,748 | ---- | M] () -- C:\Users\Public\Desktop\Live Update 5.lnk
[2012.10.05 10:41:09 | 002,100,056 | ---- | M] () -- C:\Users\Sweetheart\Documents\anleitung waschmaschine.pdf
[2012.10.05 10:34:23 | 000,000,041 | -HS- | M] () -- C:\ProgramData\.zreglib
[2012.10.04 23:17:50 | 000,000,987 | ---- | M] () -- C:\Users\Sweetheart\Desktop\DriverMax.lnk
[2012.10.04 10:16:09 | 000,390,248 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.10.04 10:15:14 | 182,382,066 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012.10.03 23:59:04 | 000,001,829 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
[2012.10.03 23:59:04 | 000,001,825 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp Utilities 2013.lnk
[2012.10.03 23:57:43 | 000,026,984 | ---- | M] (AVG Technologies) -- C:\Windows\System32\drivers\avgtpx86.sys
[2012.09.30 00:12:05 | 000,001,236 | ---- | M] () -- C:\Users\Sweetheart\Desktop\Magic Encyclopedia 3 - Illusionen.lnk
[2012.09.30 00:10:44 | 000,001,008 | ---- | M] () -- C:\Users\Sweetheart\Desktop\Magic Encyclopedia 2.lnk
[2012.09.27 22:42:57 | 000,000,987 | ---- | M] () -- C:\Users\Sweetheart\Desktop\Magic Encyclopedia.lnk
[2012.09.24 22:10:20 | 000,047,686 | ---- | M] () -- C:\Users\Sweetheart\Documents\ihre_rechnung.pdf
[2012.09.19 11:29:46 | 000,031,584 | ---- | M] (TuneUp Software) -- C:\Windows\System32\TURegOpt.exe
[2012.09.19 11:29:40 | 000,021,344 | ---- | M] (TuneUp Software) -- C:\Windows\System32\authuitu.dll
[2012.09.14 11:29:56 | 000,750,452 | ---- | M] () -- C:\Users\Sweetheart\Documents\eMail_20120914_112547_59.PDF
[2012.09.14 11:14:24 | 000,000,736 | ---- | M] () -- C:\Users\Public\Desktop\Winamp.lnk
[2012.09.13 23:46:04 | 000,058,880 | ---- | M] (AMD) -- C:\Windows\System32\coinst_9.001.dll
[2012.09.13 23:43:16 | 000,276,752 | ---- | M] () -- C:\Windows\System32\atiapfxx.blb
[2012.09.13 23:18:56 | 000,471,040 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
[2012.09.13 23:18:20 | 000,217,600 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
[2012.09.13 23:17:06 | 000,163,840 | ---- | M] (AMD) -- C:\Windows\System32\atitmmxx.dll
[2012.09.13 23:16:58 | 000,020,992 | ---- | M] (AMD) -- C:\Windows\System32\atimuixx.dll
[2012.09.13 23:04:02 | 002,915,680 | ---- | M] () -- C:\Windows\System32\atiumdva.cap
[2012.09.13 22:53:32 | 000,037,376 | ---- | M] () -- C:\Windows\System32\atitmpxx.dll
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Users\Sweetheart\AppData\Local\*.tmp files -> C:\Users\Sweetheart\AppData\Local\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.10.12 10:18:50 | 3219,304,448 | -HS- | C] () -- C:\hiberfil.sys
[2012.10.10 23:10:25 | 000,000,866 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.10.09 14:01:18 | 000,336,393 | ---- | C] () -- C:\Windows\System32\drivers\RTAIODAT.DAT
[2012.10.07 14:14:10 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2012.10.06 03:14:44 | 000,001,931 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012.10.06 01:18:50 | 000,001,106 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.10.06 01:18:50 | 000,001,102 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.10.05 22:42:42 | 000,001,748 | ---- | C] () -- C:\Users\Public\Desktop\Live Update 5.lnk
[2012.10.05 10:41:03 | 002,100,056 | ---- | C] () -- C:\Users\Sweetheart\Documents\anleitung waschmaschine.pdf
[2012.10.04 23:32:30 | 002,915,680 | ---- | C] () -- C:\Windows\System32\atiumdva.cap
[2012.10.04 23:32:26 | 000,038,204 | ---- | C] () -- C:\Windows\atiogl.xml
[2012.10.04 23:32:24 | 000,632,252 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2012.10.04 23:32:21 | 000,276,752 | ---- | C] () -- C:\Windows\System32\atiapfxx.blb
[2012.10.04 23:17:50 | 000,000,987 | ---- | C] () -- C:\Users\Sweetheart\Desktop\DriverMax.lnk
[2012.10.03 23:59:04 | 000,001,829 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
[2012.10.03 23:59:04 | 000,001,825 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp Utilities 2013.lnk
[2012.10.03 23:59:03 | 000,001,837 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013.lnk
[2012.09.30 00:12:18 | 000,001,236 | ---- | C] () -- C:\Users\Sweetheart\Desktop\Magic Encyclopedia 3 - Illusionen.lnk
[2012.09.30 00:11:23 | 000,001,008 | ---- | C] () -- C:\Users\Sweetheart\Desktop\Magic Encyclopedia 2.lnk
[2012.09.27 22:43:45 | 000,000,987 | ---- | C] () -- C:\Users\Sweetheart\Desktop\Magic Encyclopedia.lnk
[2012.09.24 23:01:47 | 000,047,686 | ---- | C] () -- C:\Users\Sweetheart\Documents\ihre_rechnung.pdf
[2012.09.14 11:35:04 | 000,750,452 | ---- | C] () -- C:\Users\Sweetheart\Documents\eMail_20120914_112547_59.PDF
[2012.07.27 22:47:36 | 000,159,232 | ---- | C] () -- C:\Windows\System32\clinfo.exe
[2012.07.10 15:00:27 | 000,003,917 | ---- | C] () -- C:\Windows\System32\atipblag.dat
[2012.02.01 04:11:30 | 000,037,376 | ---- | C] () -- C:\Windows\System32\atitmpxx.dll
[2011.04.27 09:00:47 | 000,000,041 | -HS- | C] () -- C:\ProgramData\.zreglib
[2011.02.06 13:16:13 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010.11.16 08:18:00 | 000,000,098 | ---- | C] () -- C:\Users\Sweetheart\AppData\Local\fusioncache.dat
[2010.02.24 22:13:51 | 000,083,456 | ---- | C] () -- C:\Users\Sweetheart\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.12.15 22:14:55 | 000,000,000 | ---- | C] () -- C:\Users\Sweetheart\AppData\Roaming\AVSDVDPlayer.m3u
[2009.11.26 19:03:51 | 000,001,356 | ---- | C] () -- C:\Users\Sweetheart\AppData\Local\d3d9caps.dat
 
========== ZeroAccess Check ==========
 
[2006.11.02 14:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 19:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 08:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.11 08:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2011.12.19 13:42:01 | 000,000,000 | -HSD | M] -- C:\Users\Sweetheart\AppData\Roaming\.#
[2009.12.04 22:13:52 | 000,000,000 | ---D | M] -- C:\Users\Sweetheart\AppData\Roaming\Ankh
[2012.10.11 23:06:54 | 000,000,000 | ---D | M] -- C:\Users\Sweetheart\AppData\Roaming\Babylon
[2010.04.12 20:33:30 | 000,000,000 | ---D | M] -- C:\Users\Sweetheart\AppData\Roaming\casanova
[2012.10.03 23:45:24 | 000,000,000 | ---D | M] -- C:\Users\Sweetheart\AppData\Roaming\Easeware
[2012.06.24 08:04:15 | 000,000,000 | ---D | M] -- C:\Users\Sweetheart\AppData\Roaming\FOG Downloader
[2012.05.25 09:45:51 | 000,000,000 | ---D | M] -- C:\Users\Sweetheart\AppData\Roaming\ICQ
[2012.05.25 09:40:32 | 000,000,000 | ---D | M] -- C:\Users\Sweetheart\AppData\Roaming\ICQ Search
[2011.08.01 16:11:50 | 000,000,000 | ---D | M] -- C:\Users\Sweetheart\AppData\Roaming\Image Zone Express
[2012.10.04 14:59:37 | 000,000,000 | ---D | M] -- C:\Users\Sweetheart\AppData\Roaming\Leadertech
[2010.11.06 11:28:35 | 000,000,000 | ---D | M] -- C:\Users\Sweetheart\AppData\Roaming\LEGO Company
[2010.08.14 13:53:21 | 000,000,000 | ---D | M] -- C:\Users\Sweetheart\AppData\Roaming\LucasArts
[2012.10.08 23:21:29 | 000,000,000 | ---D | M] -- C:\Users\Sweetheart\AppData\Roaming\Magic3
[2010.04.08 12:21:50 | 000,000,000 | ---D | M] -- C:\Users\Sweetheart\AppData\Roaming\Mount&Blade Warband
[2011.03.15 21:23:47 | 000,000,000 | ---D | M] -- C:\Users\Sweetheart\AppData\Roaming\MysteryStudio
[2010.12.20 12:34:43 | 000,000,000 | ---D | M] -- C:\Users\Sweetheart\AppData\Roaming\NCH Swift Sound
[2010.08.19 21:14:51 | 000,000,000 | ---D | M] -- C:\Users\Sweetheart\AppData\Roaming\Nokia
[2011.07.18 20:10:37 | 000,000,000 | ---D | M] -- C:\Users\Sweetheart\AppData\Roaming\OCS
[2010.03.30 16:20:14 | 000,000,000 | ---D | M] -- C:\Users\Sweetheart\AppData\Roaming\Online Solutions
[2011.03.29 07:49:23 | 000,000,000 | ---D | M] -- C:\Users\Sweetheart\AppData\Roaming\OpenCandy
[2011.07.18 20:10:40 | 000,000,000 | ---D | M] -- C:\Users\Sweetheart\AppData\Roaming\Opera
[2012.02.14 09:18:00 | 000,000,000 | ---D | M] -- C:\Users\Sweetheart\AppData\Roaming\PC Suite
[2012.10.04 02:10:45 | 000,000,000 | ---D | M] -- C:\Users\Sweetheart\AppData\Roaming\PCCUStubInstaller
[2012.05.05 10:08:34 | 000,000,000 | ---D | M] -- C:\Users\Sweetheart\AppData\Roaming\PhotoScape
[2011.08.01 16:11:50 | 000,000,000 | ---D | M] -- C:\Users\Sweetheart\AppData\Roaming\Printer Info Cache
[2010.10.03 11:54:22 | 000,000,000 | ---D | M] -- C:\Users\Sweetheart\AppData\Roaming\searchqutb
[2010.03.16 21:44:12 | 000,000,000 | ---D | M] -- C:\Users\Sweetheart\AppData\Roaming\TeamViewer
[2010.08.10 21:38:39 | 000,000,000 | ---D | M] -- C:\Users\Sweetheart\AppData\Roaming\TS3Client
[2012.10.03 23:57:32 | 000,000,000 | ---D | M] -- C:\Users\Sweetheart\AppData\Roaming\TuneUp Software
[2011.03.15 21:23:53 | 000,000,000 | ---D | M] -- C:\Users\Sweetheart\AppData\Roaming\Ubisoft
[2012.09.30 20:57:35 | 000,000,000 | ---D | M] -- C:\Users\Sweetheart\AppData\Roaming\V-Games
[2010.02.25 22:00:55 | 000,000,000 | ---D | M] -- C:\Users\Sweetheart\AppData\Roaming\WinAVI
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %SYSTEMDRIVE%\*. >
[2012.06.06 11:53:07 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2010.02.06 22:10:06 | 000,000,000 | ---D | M] -- C:\.jagex_cache_32
[2009.12.15 10:26:43 | 000,000,000 | -HSD | M] -- C:\Boot
[2006.11.02 15:02:03 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2009.11.26 19:02:18 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2010.07.17 16:23:07 | 000,000,000 | ---D | M] -- C:\dvdshrink23de
[2012.03.05 08:50:17 | 000,000,000 | ---D | M] -- C:\gPotato.eu
[2012.10.06 03:16:57 | 000,000,000 | ---D | M] -- C:\MSI
[2010.01.16 15:28:52 | 000,000,000 | RH-D | M] -- C:\MSOCache
[2009.12.04 21:54:52 | 000,000,000 | ---D | M] -- C:\nDoors
[2012.09.11 10:31:30 | 000,000,000 | ---D | M] -- C:\output
[2009.12.10 17:22:35 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2012.10.12 00:26:05 | 000,000,000 | ---D | M] -- C:\Program Files
[2012.10.11 23:07:25 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2009.11.26 19:02:18 | 000,000,000 | -HSD | M] -- C:\Programme
[2012.06.06 21:03:06 | 000,000,000 | ---D | M] -- C:\schriften
[2012.10.06 03:15:38 | 000,000,000 | -H-D | M] -- C:\SuperChargerProfile
[2012.10.12 11:15:12 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2009.11.26 19:03:49 | 000,000,000 | R--D | M] -- C:\Users
[2010.01.18 22:15:56 | 000,000,000 | ---D | M] -- C:\VivoxLogs
[2012.10.12 10:19:54 | 000,000,000 | ---D | M] -- C:\Windows
 
< %PROGRAMFILES%\*.exe >
 
< %LOCALAPPDATA%\*.exe >
 
< %systemroot%\*. /mp /s >
 
< %windir%\installer\*. /5 >
[2012.10.10 23:28:58 | 000,000,000 | ---D | M] -- C:\Windows\installer\{90120000-0030-0000-0000-0000000FF1CE}
 
< %localappdata%\*. /5 >
[2012.10.07 12:42:34 | 000,000,000 | ---D | M] -- C:\Users\Sweetheart\AppData\Local\PMB Files
[2012.10.12 11:12:37 | 000,000,000 | ---D | M] -- C:\Users\Sweetheart\AppData\Local\Temp
[2012.10.07 11:25:37 | 000,000,000 | ---D | M] -- C:\Users\Sweetheart\AppData\Local\{0E93320C-D9FC-4B0E-BBDA-6C5DFE8ED582}
[2012.10.11 10:26:20 | 000,000,000 | ---D | M] -- C:\Users\Sweetheart\AppData\Local\{308F0B84-DB51-45F1-A72C-7487F5B2133C}
[2012.10.07 23:25:53 | 000,000,000 | ---D | M] -- C:\Users\Sweetheart\AppData\Local\{37A7F0E7-36B7-44B2-85DF-1137D5E1B8EE}
[2012.10.08 11:26:07 | 000,000,000 | ---D | M] -- C:\Users\Sweetheart\AppData\Local\{47328226-A6A8-414D-BF78-AC938ABEEE4B}
[2012.10.10 13:26:11 | 000,000,000 | ---D | M] -- C:\Users\Sweetheart\AppData\Local\{815B5E2E-6E92-49F1-A413-1BB0A79C1CAB}
[2012.10.12 10:26:55 | 000,000,000 | ---D | M] -- C:\Users\Sweetheart\AppData\Local\{882B453D-AC34-4177-A6A0-64E49C1E232A}
[2012.10.09 11:26:38 | 000,000,000 | ---D | M] -- C:\Users\Sweetheart\AppData\Local\{917B5FA0-BE0A-4C08-9C44-919E43237B04}
[2012.10.09 23:26:53 | 000,000,000 | ---D | M] -- C:\Users\Sweetheart\AppData\Local\{933D5892-15B0-44CB-9753-42EFB49C89FF}
[2012.10.11 22:26:39 | 000,000,000 | ---D | M] -- C:\Users\Sweetheart\AppData\Local\{C4481F9C-20C7-4C0A-BE6A-9C52BA4F54EB}
[2012.10.08 23:26:23 | 000,000,000 | ---D | M] -- C:\Users\Sweetheart\AppData\Local\{F3F3C40E-9E74-48C1-BC02-FF09AB3A0747}
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 24 bytes -> C:\Windows:5738951E5A09CC69

< End of report >
         

--- --- ---

Die Extras.txt fehlt noch

wie komm ich da ran? er hat mir nur das fenster mit der gepostet datei geöffnet

Schau mal unter C: ob es da liegt.

OTL EXTRAS Logfile:

Code: Alles auswählenAufklappen

ATTFilter

OTL Extras logfile created on: 11.10.2012 23:11:32 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Sweetheart\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 0,94 Gb Available Physical Memory | 31,47% Memory free
6,20 Gb Paging File | 3,16 Gb Available in Paging File | 50,97% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 298,09 Gb Total Space | 64,73 Gb Free Space | 21,72% Space Free | Partition Type: NTFS
 
Computer Name: KUSCHELMONSTER | User Name: Sweetheart | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1FF82B92-9F63-42F6-A4F8-B06F5B17B755}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
"{2147CBDD-765B-4964-8C67-6F5EC78BCB54}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface | 
"{3C2B7E16-B078-42CA-A117-604E1F032454}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{8D37166B-71B0-4AD2-8F2C-154A7E415FAF}" = lport=49160 | protocol=6 | dir=in | name=akamai netsession interface | 
"{D80F7629-06FE-4AE7-8366-C9C99F3812AA}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
"{FB944F08-5E88-421D-B130-43FC7DB1E04F}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{09416AD5-69E8-4BF7-8E44-C77752185378}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe | 
"{428FFF8F-A70B-4D10-88BE-6107AE323D25}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | 
"{45F0377D-7AD9-4B0D-8562-13E88D3556C7}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 
"{69DA9E93-5988-4645-9D56-6861547FC256}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe | 
"{6A58EE75-406F-412B-B857-901C6D39C16B}" = protocol=17 | dir=in | app=c:\users\sweetheart\appdata\local\akamai\netsession_win.exe | 
"{715FE989-4F68-4EB9-9648-1CDAFAA55FA3}" = protocol=6 | dir=in | app=c:\users\sweetheart\appdata\local\akamai\netsession_win.exe | 
"{79BD2FF8-6804-41B2-BF64-82AFE5461A83}" = protocol=6 | dir=in | app=c:\program files\hp\hp deskjet 1000 j110 series\bin\usbsetup.exe | 
"{7BDD2041-3DD6-4814-BBB5-644A5C36B089}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 
"{A1CA806F-E898-43B2-AEAB-AA58F8F85F89}" = protocol=17 | dir=in | app=c:\program files\hp\hp deskjet 1000 j110 series\bin\usbsetup.exe | 
"{A6CCB614-2C0A-466F-9E6E-A3224588E50D}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 
"{B0231CC1-9943-427F-BFF8-AD32DDE564B8}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{BF48D252-5961-4F12-B0F3-C5913717ABC2}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{CB422105-18AB-4EFF-BBF9-75B6460E61BF}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe | 
"{D34F5B63-D0EF-4C46-9C43-8B8A76177149}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 
"{E812DBAD-02AE-46B0-89F6-C419FECC4530}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 
"TCP Query User{0DF64179-C5F0-4FCE-81AA-93D9A741C03F}C:\program files\nokia\nokia ovi suite\nokiaovisuite.exe" = protocol=6 | dir=in | app=c:\program files\nokia\nokia ovi suite\nokiaovisuite.exe | 
"TCP Query User{22E920CE-EF5C-4CCA-BEBF-973AD27F2023}C:\users\sweetheart\downloads\runes_of_magic_5_0_0_2535_full (1).exe" = protocol=6 | dir=in | app=c:\users\sweetheart\downloads\runes_of_magic_5_0_0_2535_full (1).exe | 
"TCP Query User{2F2B9E5E-957B-4229-95AF-D15325CD1AC4}C:\program files\microsoft office\office12\groove.exe" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe | 
"TCP Query User{5D41422D-1781-496A-A85E-A2E5C1F8182E}C:\users\sweetheart\downloads\runes_of_magic_5_0_0_2535_full.exe" = protocol=6 | dir=in | app=c:\users\sweetheart\downloads\runes_of_magic_5_0_0_2535_full.exe | 
"TCP Query User{7965B354-5F97-4A42-AB53-4A530B8BB394}C:\program files\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files\winamp\winamp.exe | 
"TCP Query User{90E3FDC8-C25A-4C53-BBCC-8A5AB0CB0DA8}C:\program files\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files\winamp\winamp.exe | 
"TCP Query User{A1A38D07-11B0-4A09-B6AB-A70F353D763A}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=6 | dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe | 
"TCP Query User{B38B0425-942E-4A78-9D47-31A11E897A63}C:\program files\gameforge\nclauncher\nclauncher.exe" = protocol=6 | dir=in | app=c:\program files\gameforge\nclauncher\nclauncher.exe | 
"TCP Query User{D1827C1B-E817-402E-9877-1693D7F9707B}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | 
"TCP Query User{DB213AA7-C43F-412F-AA35-82ABB6AD7D99}C:\program files\runes of magic\client.exe" = protocol=6 | dir=in | app=c:\program files\runes of magic\client.exe | 
"UDP Query User{0F96647B-4A64-402F-874A-D4EF1A67F817}C:\program files\nokia\nokia ovi suite\nokiaovisuite.exe" = protocol=17 | dir=in | app=c:\program files\nokia\nokia ovi suite\nokiaovisuite.exe | 
"UDP Query User{61AE8E66-A7A4-4A65-A1E0-87017EC2D80D}C:\program files\gameforge\nclauncher\nclauncher.exe" = protocol=17 | dir=in | app=c:\program files\gameforge\nclauncher\nclauncher.exe | 
"UDP Query User{65F46603-0844-419C-8350-C8FFAA4E2754}C:\program files\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files\winamp\winamp.exe | 
"UDP Query User{91772487-948E-493D-A52E-66E9F9A00591}C:\program files\microsoft office\office12\groove.exe" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe | 
"UDP Query User{9C25587D-5DE0-4D53-A2B7-9F45DA2A061B}C:\users\sweetheart\downloads\runes_of_magic_5_0_0_2535_full (1).exe" = protocol=17 | dir=in | app=c:\users\sweetheart\downloads\runes_of_magic_5_0_0_2535_full (1).exe | 
"UDP Query User{A353D060-8CE0-4353-9DD3-E9E664F9FAB8}C:\program files\runes of magic\client.exe" = protocol=17 | dir=in | app=c:\program files\runes of magic\client.exe | 
"UDP Query User{A9E6D0E1-0681-4E0E-827D-AD1D320A9273}C:\program files\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files\winamp\winamp.exe | 
"UDP Query User{B27361BD-E1DE-44EB-B5A8-5B792A21514C}C:\users\sweetheart\downloads\runes_of_magic_5_0_0_2535_full.exe" = protocol=17 | dir=in | app=c:\users\sweetheart\downloads\runes_of_magic_5_0_0_2535_full.exe | 
"UDP Query User{D9DA6B8E-E9ED-4516-A925-6D6F76F270C2}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=17 | dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe | 
"UDP Query User{EEB93E03-986A-40AD-B745-D22A55C81B45}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{009E5DF2-3F97-480B-89DA-F2D5E672E14A}_is1" = Live Update 5
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{0A2063BC-CE17-420A-A629-D9D7AE6EC136}" = HP Deskjet 1000 J110 series - Grundlegende Software für das Gerät
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{11083C7A-D0D6-4DA4-8C3A-74B8389EC07B}" = ATI Catalyst Registration
"{1373559F-6DC6-44EA-9079-6ABDCCE8CDAD}" = OviMPlatform
"{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}" = Browser Manager
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1AE46C09-2AB8-4EE5-88FB-08CD0FF7F2DF}" = Bing Bar
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1E05CF2E-BF5F-4A43-9147-2CCBBE57BC3C}_is1" = Mein Gutscheincode Finder 1.0.0.0
"{1F025E3A-3074-48A3-A8F3-78E735739491}_is1" = MSI SUITE
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20CCA435-1465-4567-885C-4A0AFCD0EB05}" = F2100_Help
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{255FC1CF-2620-4B64-BE02-79B9E609BB3D}" = Webzen Game Starter
"{26A24AE4-039D-4CA4-87B4-2F83216032FF}" = Java(TM) 6 Update 35
"{29F563F4-8807-4496-8463-441EAA0E96AB}" = PC Connectivity Solution
"{2D10FC46-1D96-44C4-8855-85F21B9B011E}" = Ovi Desktop Sync Engine
"{32BC62C5-32B9-F838-ADD4-CFEF544C6888}" = ccc-core-static
"{336D0C35-8A85-403a-B9D2-65C292C39087}_is1" = Web Assistant 2.0.0.441
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{39EEEA22-34DE-46E2-8F17-A88948B635EE}" = Samsung USB Driver
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX
"{3F7A9E82-5A85-4119-A8A5-7D840A0F76DC}" = Photo Notifier and Animation Creator
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{50D25574-2C48-4AEC-8FFC-32AEAD2EAEFF}" = Nokia Ovi Player
"{543E938C-BDC4-4933-A612-01293996845F}" = UnloadSupport
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5A24DD7E-7B01-41AC-ADA8-F1776177A3BA}" = Logitech ImageStudio
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{5FD89EA1-99C2-40EE-BBF5-20F8991ED756}" = Catalyst Control Center - Branding
"{66EBD70F-A42C-475F-AEDF-277378151031}" = Nero 7 Essentials
"{6723E416-88C8-4451-BE53-AEE03DBA4DBA}" = Studie zur Verbesserung von HP Deskjet 1000 J110 series Produkten
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6A9EF6CF-7630-4E33-AE22-7D70F3AF4B05}" = AION Free-To-Play
"{6CF47FD1-3CF8-4206-BA24-A2B1E43D8CCA}" = IncrediMail
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{70B31335-50EE-4834-8431-27412CDE62BD}" = Nokia_Multimedia_Common_Components_2_5
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{75AE8014-1184-4BC0-B279-C879540719EE}" = PhotoMail Maker
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{771ABEA0-23AF-8F8E-63FE-168779F294B6}" = CCC Help English
"{777CA40C-0206-4EF6-A0FC-618BF06BF8D0}" = Intel(R) PRO Network Connections 12.1.12.0
"{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1" = Super-Charger
"{8070452B-15D6-4169-B9B9-FCC3B54588AD}" = Nokia Ovi Suite
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}" = The Lord of the Rings FREE Trial 
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{99C4EF41-3156-4675-BAA2-AF5D07FF146D}" = Yetisports World Tour
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A0D65C73-F2C5-432F-8788-90F8A2E99B98}" = Nokia Ovi Suite Software Updater
"{A25FF1C0-80B6-4B8B-A551-DC525697A408}" = AMD APP SDK Runtime
"{A2F166A0-F031-4E27-A057-C69733219434}_is1" = Runes of Magic
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Deutsch
"{AEC0CEBC-0FC7-4716-8222-1C4A742719B1}" = Samsung Master
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{AF7FC1CA-79DF-43c3-90A3-33EFEB9294CE}" = AIO_Scan
"{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}" = HP Update
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{BF9D2E61-64C4-64EA-6AF7-29EB5A110C26}" = AMD Catalyst Install Manager
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}" = TuneUp Utilities 2013
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{C71067FC-288F-4E0B-88C6-44DFDA8311E2}" = System Requirements Lab for Intel
"{C92C89BB-1D11-C8D5-1584-D5259818479A}" = ccc-utility
"{CA00F224-335F-6A70-DC7A-45D26F61C443}" = HydraVision
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DDDFCC77-7F9C-45E9-B38E-721BA599BA0C}" = HP Deskjet 1000 J110 series Hilfe
"{E03CD71A-F595-49DF-9ADC-0CFC93B1B211}" = PlayMemories Home
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E2662C24-B31E-4349-A084-32EB76E8B760}" = BufferChm
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E63E34A7-E552-412B-9E40-FD6FC5227ABA}_is1" = Uniblue RegistryBooster 2010
"{E6B43401-E818-4961-AFED-118DD8E87642}" = RAF
"{E9C18EBD-85BE-47D0-AA73-3FEDCC976B04}" = Toolbox
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{EECD7B96-1416-4D3A-B12D-0D2512120C36}" = EasyViewer
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1E63043-54FC-429B-AB2C-31AF9FBA4BC7}" = 32 Bit HP CIO Components Installer
"{F1FDAA01-988C-423F-AC12-0D8F333943FD}" = Nokia Connectivity Cable Driver
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F47C09DB-746B-2ABA-819B-8FC759034E74}" = Catalyst Control Center Graphics Previews Common
"{F4811919-F252-4B25-9AB2-8859A85810B5}" = TuneUp Utilities Language Pack (de-DE)
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FC54FD8D-789C-406D-BB88-F7C4421B7E83}_is1" = VideoGenie
"504244733D18C8F63FF584AEB290E3904E791693" = Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0)
"5513-1208-7298-9440" = JDownloader 0.9
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Akamai" = Akamai NetSession Interface Service
"Alice" = Alice-Installationsdateien entfernen
"AVG Secure Search" = AVG Security Toolbar
"Avira AntiVir Desktop" = Avira Free Antivirus
"AVS DVD Player_is1" = AVS DVD Player version 2.4
"BabylonToolbar" = Babylon toolbar 
"CCleaner" = CCleaner
"conduitEngine" = Conduit Engine 
"DMX5_is1" = DriverMax 6
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FinePix Genie_is1" = FUJIFILM MyFinePix Studio 2.0
"Google Chrome" = Google Chrome
"HFRS_is1" = Trend Micro SafeSync
"HP Photo Creations" = HP Photo Creations
"IncrediMail" = IncrediMail 2.0
"IncrediMail_MediaBar_2 Toolbar" = IncrediMail MediaBar 2 Toolbar
"InstallShield_{6A9EF6CF-7630-4E33-AE22-7D70F3AF4B05}" = AION Free-To-Play
"InstallShield_{EECD7B96-1416-4D3A-B12D-0D2512120C36}" = EasyViewer
"Magic Encyclopedia" = Magic Encyclopedia
"Magic Encyclopedia 2" = Magic Encyclopedia 2
"Magic Encyclopedia 3 - Illusionen" = Magic Encyclopedia 3 - Illusionen
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.65.0.1400
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 10.0.2 (x86 de)" = Mozilla Firefox 10.0.2 (x86 de)
"NCLauncher_GameForge" = NC Launcher (GameForge)
"Nokia Ovi Suite" = Nokia Ovi Suite
"Online Games Manager" = Online Games Manager v1.10
"Photo Notifier and Animation Creator" = Photo Notifier and Animation Creator
"PhotoMail" = PhotoMail Maker
"PhotoScape" = PhotoScape
"PROSetDX" = Intel(R) PRO Network Connections 12.1.12.0
"Rainlendar2" = Rainlendar2 (remove only)
"SearchAnonymizer" = SearchAnonymizer
"Searchqu MediaBar" = Windows Searchqu Toolbar
"sp6" = Logitech SetPoint 6.32
"Switch" = Switch Audiodatei-Konverter
"TuneUp Utilities 2011" = TuneUp Utilities 2011
"TuneUp Utilities 2013" = TuneUp Utilities 2013
"UnityWebPlayer" = Unity Web Player (All users)
"Winamp" = Winamp
"WinAVI Video Converter 10.0_is1" = WinAVI Video Converter
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
"Winamp Detect" = Winamp Erkennungs-Plug-in
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 10.10.2012 17:50:29 | Computer Name = Kuschelmonster | Source = Software Licensing Service | ID = 8193
Description = Der Lizenzaktivierungsplaner (SLUINotify.dll) ist mit folgendem Fehlercode
 fehlgeschlagen:  0x800401E4
 
Error - 11.10.2012 05:09:01 | Computer Name = Kuschelmonster | Source = Software Licensing Service | ID = 8193
Description = Der Lizenzaktivierungsplaner (SLUINotify.dll) ist mit folgendem Fehlercode
 fehlgeschlagen:  0x800401E4
 
Error - 11.10.2012 06:08:54 | Computer Name = Kuschelmonster | Source = Software Licensing Service | ID = 8193
Description = Der Lizenzaktivierungsplaner (SLUINotify.dll) ist mit folgendem Fehlercode
 fehlgeschlagen:  0x800401E4
 
Error - 11.10.2012 07:47:50 | Computer Name = Kuschelmonster | Source = Software Licensing Service | ID = 8193
Description = Der Lizenzaktivierungsplaner (SLUINotify.dll) ist mit folgendem Fehlercode
 fehlgeschlagen:  0x800401E4
 
Error - 11.10.2012 08:47:47 | Computer Name = Kuschelmonster | Source = Software Licensing Service | ID = 8193
Description = Der Lizenzaktivierungsplaner (SLUINotify.dll) ist mit folgendem Fehlercode
 fehlgeschlagen:  0x800401E4
 
Error - 11.10.2012 09:47:47 | Computer Name = Kuschelmonster | Source = Software Licensing Service | ID = 8193
Description = Der Lizenzaktivierungsplaner (SLUINotify.dll) ist mit folgendem Fehlercode
 fehlgeschlagen:  0x800401E4
 
Error - 11.10.2012 14:14:06 | Computer Name = Kuschelmonster | Source = Software Licensing Service | ID = 8193
Description = Der Lizenzaktivierungsplaner (SLUINotify.dll) ist mit folgendem Fehlercode
 fehlgeschlagen:  0x800401E4
 
Error - 11.10.2012 15:14:05 | Computer Name = Kuschelmonster | Source = Software Licensing Service | ID = 8193
Description = Der Lizenzaktivierungsplaner (SLUINotify.dll) ist mit folgendem Fehlercode
 fehlgeschlagen:  0x800401E4
 
Error - 11.10.2012 16:14:05 | Computer Name = Kuschelmonster | Source = Software Licensing Service | ID = 8193
Description = Der Lizenzaktivierungsplaner (SLUINotify.dll) ist mit folgendem Fehlercode
 fehlgeschlagen:  0x800401E4
 
Error - 11.10.2012 17:14:13 | Computer Name = Kuschelmonster | Source = Software Licensing Service | ID = 8193
Description = Der Lizenzaktivierungsplaner (SLUINotify.dll) ist mit folgendem Fehlercode
 fehlgeschlagen:  0x800401E4
 
[ System Events ]
Error - 11.10.2012 08:47:47 | Computer Name = Kuschelmonster | Source = Service Control Manager | ID = 7024
Description = 
 
Error - 11.10.2012 09:47:47 | Computer Name = Kuschelmonster | Source = Service Control Manager | ID = 7024
Description = 
 
Error - 11.10.2012 13:28:59 | Computer Name = Kuschelmonster | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 11.10.2012 um 16:17:41 unerwartet heruntergefahren.
 
Error - 11.10.2012 13:29:01 | Computer Name = Kuschelmonster | Source = Microsoft-Windows-TaskScheduler | ID = 412
Description = 
 
Error - 11.10.2012 13:29:09 | Computer Name = Kuschelmonster | Source = Service Control Manager | ID = 7023
Description = 
 
Error - 11.10.2012 13:29:23 | Computer Name = Kuschelmonster | Source = Service Control Manager | ID = 7026
Description = 
 
Error - 11.10.2012 14:14:06 | Computer Name = Kuschelmonster | Source = Service Control Manager | ID = 7024
Description = 
 
Error - 11.10.2012 15:14:05 | Computer Name = Kuschelmonster | Source = Service Control Manager | ID = 7024
Description = 
 
Error - 11.10.2012 16:14:05 | Computer Name = Kuschelmonster | Source = Service Control Manager | ID = 7024
Description = 
 
Error - 11.10.2012 17:14:13 | Computer Name = Kuschelmonster | Source = Service Control Manager | ID = 7024
Description = 
 
 
< End of report >
         

--- --- ---


hoffe ist die richtige :-)

Java komplett deinstallieren, neue Version 7 Update 7 installieren.

Programme deinstallieren:
Babylon Alles von Conduit
Incredimail Toolbar
Alles von searchqu



Downloade Dir bitte AdwCleaner auf deinen Desktop.

• Starte die adwcleaner.exe mit einem Doppelklick.
• Klicke auf Suche.
• Nach Ende des Suchlaufs öffnet sich eine Textdatei.
• Poste mir den Inhalt mit deiner nächsten Antwort.
• Die Logdatei findest du auch unter C:\AdwCleaner[R1].txt.

• Schließe alle offenen Programme und Browser.
• Starte die adwcleaner.exe mit einem Doppelklick.
• Klicke auf Löschen.
• Bestätige jeweils mit Ok.
• Dein Rechner wird neu gestartet. Nach dem Neustart öffnet sich eine Textdatei.
• Poste mir den Inhalt mit deiner nächsten Antwort.
• Die Logdatei findest du auch unter C:\AdwCleaner[S1].txt.

Neues OTL logfile bitte.

AdwCleaner Logfile:

Code: Alles auswählenAufklappen

ATTFilter

# AdwCleaner v2.004 - Datei am 12/10/2012 um 12:06:59 erstellt
# Aktualisiert am 06/10/2012 von Xplode
# Betriebssystem : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Benutzer : Sweetheart - KUSCHELMONSTER
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Sweetheart\Desktop\adwcleaner2.004 (1).exe
# Option [Löschen]


**** [Dienste] ****

Gestoppt & Gelöscht : Browser Manager
Gestoppt & Gelöscht : Web Assistant Updater

***** [Dateien / Ordner] *****

Datei Gelöscht : C:\Program Files\Mozilla Firefox\searchplugins\avg-secure-search.xml
Datei Gelöscht : C:\Program Files\Mozilla Firefox\searchplugins\SearchquWebSearch.xml
Datei Gelöscht : C:\Users\Sweetheart\AppData\Roaming\Mozilla\Firefox\Profiles\28endelp.default\searchplugins\Conduit.xml
Datei Gelöscht : C:\Users\Sweetheart\AppData\Roaming\Mozilla\Firefox\Profiles\28endelp.default\searchplugins\MyStart Search.xml
Datei Gelöscht : C:\Users\Sweetheart\AppData\Roaming\Mozilla\Firefox\Profiles\28endelp.default\searchplugins\SearchquWebSearch.xml
Datei Gelöscht : C:\Windows\system32\conduitEngine.tmp
Gelöscht mit Neustart : C:\Program Files\Common Files\AVG Secure Search
Gelöscht mit Neustart : C:\Program Files\Web Assistant
Gelöscht mit Neustart : C:\ProgramData\Browser Manager
Ordner Gelöscht : C:\Program Files\AVG Secure Search
Ordner Gelöscht : C:\Program Files\Conduit
Ordner Gelöscht : C:\Program Files\Windows Searchqu Toolbar
Ordner Gelöscht : C:\ProgramData\AVG Secure Search
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\boost_interprocess
Ordner Gelöscht : C:\ProgramData\Trymedia
Ordner Gelöscht : C:\Users\Sweetheart\AppData\Local\AVG Secure Search
Ordner Gelöscht : C:\Users\Sweetheart\AppData\Local\Conduit
Ordner Gelöscht : C:\Users\Sweetheart\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Ordner Gelöscht : C:\Users\Sweetheart\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph
Ordner Gelöscht : C:\Users\Sweetheart\AppData\Local\OpenCandy
Ordner Gelöscht : C:\Users\Sweetheart\AppData\LocalLow\AVG Secure Search
Ordner Gelöscht : C:\Users\Sweetheart\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\Users\Sweetheart\AppData\LocalLow\PriceGong
Ordner Gelöscht : C:\Users\Sweetheart\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\Sweetheart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Browser Manager
Ordner Gelöscht : C:\Users\Sweetheart\AppData\Roaming\Mozilla\Firefox\Profiles\28endelp.default\Conduit
Ordner Gelöscht : C:\Users\Sweetheart\AppData\Roaming\Mozilla\Firefox\Profiles\28endelp.default\ConduitEngine
Ordner Gelöscht : C:\Users\Sweetheart\AppData\Roaming\Mozilla\Firefox\Profiles\28endelp.default\CT2405280
Ordner Gelöscht : C:\Users\Sweetheart\AppData\Roaming\Mozilla\Firefox\Profiles\28endelp.default\CT2724386
Ordner Gelöscht : C:\Users\Sweetheart\AppData\Roaming\Mozilla\Firefox\Profiles\28endelp.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}
Ordner Gelöscht : C:\Users\Sweetheart\AppData\Roaming\Mozilla\Firefox\Profiles\28endelp.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}
Ordner Gelöscht : C:\Users\Sweetheart\AppData\Roaming\Mozilla\Firefox\Profiles\28endelp.default\extensions\{d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0}
Ordner Gelöscht : C:\Users\Sweetheart\AppData\Roaming\Mozilla\Firefox\Profiles\28endelp.default\extensions\engine@conduit.com
Ordner Gelöscht : C:\Users\Sweetheart\AppData\Roaming\Mozilla\Firefox\Profiles\28endelp.default\WinampToolbarData
Ordner Gelöscht : C:\Users\Sweetheart\AppData\Roaming\OpenCandy
Ordner Gelöscht : C:\Users\Sweetheart\AppData\Roaming\SearchquTB

***** [Registrierungsdatenbank] *****

Daten Gelöscht : HKLM\..\Windows [AppInit_DLLs] = c:\progra~2\browse~1\23765~1.24\{16cdf~1\browse~1.dll
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\PriceGong
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\searchqutb
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Toolbar
Schlüssel Gelöscht : HKCU\Software\AVG Secure Search
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\DataMngr
Schlüssel Gelöscht : HKCU\Software\DataMngr_Toolbar
Schlüssel Gelöscht : HKCU\Software\IM
Schlüssel Gelöscht : HKCU\Software\ImInstaller
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43B7-BEA3-87217BDA74C8}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG Secure Search
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{336D0C35-8A85-403a-B9D2-65C292C39087}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7FF99715-3016-4381-84CE-E4E4C9673020}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gelöscht : HKCU\Software\SearchquMediabarTb
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKLM\Software\AVG Secure Search
Schlüssel Gelöscht : HKLM\Software\Babylon
Schlüssel Gelöscht : HKLM\Software\Bandoo
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{1301A8A5-3DFB-4731-A162-B357D00C9644}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\BandooCore.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\Extension.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BandooCore.BandooCore
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BandooCore.BandooCore.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BandooCore.ResourcesMngr
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BandooCore.ResourcesMngr.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BandooCore.SettingsMngr
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BandooCore.SettingsMngr.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BandooCore.StatisticMngr
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BandooCore.StatisticMngr.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{27F69C85-64E1-43CE-98B5-3C9F22FB408E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{336D0C35-8A85-403a-B9D2-65C292C39087}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{7FF99715-3016-4381-84CE-E4E4C9673020}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{B543EF05-9758-464E-9F37-4C28525B4A4C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{BB76A90B-2B4C-4378-8506-9A2B6E16943C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C3AB94A4-BFD0-4BBA-A331-DE504F07D2DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Conduit.Engine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{06DE5702-44CF-4B79-B4EF-3DDF653358F5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{477F210A-2A86-4666-9C4B-1189634D2C84}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FF871E51-2655-4D06-AED5-745962A96B32}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2724386
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{1D5A4199-956E-49BC-B89F-6A35C57C0D13}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Schlüssel Gelöscht : HKLM\Software\Conduit
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\Software\Freeze.com
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph
Schlüssel Gelöscht : HKLM\Software\ImInstaller
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4E1D-BDD0-1E9C9B7799CC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F000001-DB8E-F89C-2FEC-49BF726F8C12}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4FDE-B055-AE7B0F4CF080}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43B7-BEA3-87217BDA74C8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4DC8-84D1-F5D7BAF2DB0C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403a-B9D2-65C292C39087}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Schlüssel Gelöscht : HKLM\Software\Web Assistant
Wert Gelöscht : HKCU\Software\Mozilla\Firefox\Extensions [{b64982b1-d112-42b5-b1e4-d3867c4533f8}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}]
Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}]
Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16421

Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.babylon.com/?affID=110824&tt=101012_24_4112_2&babsrc=HP_ss&mntrId=5a9e0d6b000000000000000000000000 --> hxxp://www.google.com
Gelöscht : [HKCU\Software\Microsoft\Internet Explorer\Main - bProtector Start Page]

-\\ Mozilla Firefox v10.0.2 (de)

Profilname : default 
Datei : C:\Users\Sweetheart\AppData\Roaming\Mozilla\Firefox\Profiles\28endelp.default\prefs.js

C:\Users\Sweetheart\AppData\Roaming\Mozilla\Firefox\Profiles\28endelp.default\user.js ... Gelöscht !

Gelöscht : user_pref("CT2405280..clientLogIsEnabled", true);
Gelöscht : user_pref("CT2405280..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Gelöscht : user_pref("CT2405280..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Gelöscht : user_pref("CT2405280.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Gelöscht : user_pref("CT2405280.CTID", "CT2405280");
Gelöscht : user_pref("CT2405280.CurrentServerDate", "5-11-2010");
Gelöscht : user_pref("CT2405280.DialogsAlignMode", "LTR");
Gelöscht : user_pref("CT2405280.DownloadReferralCookieData", "");
Gelöscht : user_pref("CT2405280.EMailNotifierPollDate", "Fri Nov 05 2010 18:18:11 GMT+0100");
Gelöscht : user_pref("CT2405280.FeedLastCount1783261708582779529", 829);
Gelöscht : user_pref("CT2405280.FeedPollDate129255180392415092", "Fri Nov 05 2010 16:30:08 GMT+0100");
Gelöscht : user_pref("CT2405280.FeedPollDate129255180392415098", "Fri Nov 05 2010 16:30:08 GMT+0100");
Gelöscht : user_pref("CT2405280.FeedPollDate129255180392415104", "Fri Nov 05 2010 16:30:08 GMT+0100");
Gelöscht : user_pref("CT2405280.FeedPollDate129255180392415110", "Fri Nov 05 2010 16:30:08 GMT+0100");
Gelöscht : user_pref("CT2405280.FeedPollDate129255180392415116", "Fri Nov 05 2010 16:30:08 GMT+0100");
Gelöscht : user_pref("CT2405280.FeedPollDate129255180392415122", "Fri Nov 05 2010 16:30:08 GMT+0100");
Gelöscht : user_pref("CT2405280.FeedPollDate129255180392571378", "Fri Nov 05 2010 16:30:08 GMT+0100");
Gelöscht : user_pref("CT2405280.FeedPollDate129255180392571384", "Fri Nov 05 2010 16:30:08 GMT+0100");
Gelöscht : user_pref("CT2405280.FeedPollDate129255180392571390", "Fri Nov 05 2010 16:30:08 GMT+0100");
Gelöscht : user_pref("CT2405280.FeedPollDate129255180392571396", "Fri Nov 05 2010 16:30:08 GMT+0100");
Gelöscht : user_pref("CT2405280.FeedPollDate129255180392571402", "Fri Nov 05 2010 16:30:09 GMT+0100");
Gelöscht : user_pref("CT2405280.FeedPollDate129255180392571408", "Fri Nov 05 2010 16:30:09 GMT+0100");
Gelöscht : user_pref("CT2405280.FeedPollDate129255180392571414", "Fri Nov 05 2010 16:30:09 GMT+0100");
Gelöscht : user_pref("CT2405280.FeedPollDate129255180392571420", "Fri Nov 05 2010 16:30:09 GMT+0100");
Gelöscht : user_pref("CT2405280.FeedPollDate129255180392571426", "Fri Nov 05 2010 16:30:09 GMT+0100");
Gelöscht : user_pref("CT2405280.FeedPollDate129255180392571432", "Fri Nov 05 2010 16:30:09 GMT+0100");
Gelöscht : user_pref("CT2405280.FeedPollDate129255180392571438", "Fri Nov 05 2010 16:30:09 GMT+0100");
Gelöscht : user_pref("CT2405280.FeedPollDate129255180392571444", "Fri Nov 05 2010 16:30:09 GMT+0100");
Gelöscht : user_pref("CT2405280.FeedPollDate129255180392727700", "Fri Nov 05 2010 16:30:09 GMT+0100");
Gelöscht : user_pref("CT2405280.FeedPollDate129255180392727706", "Fri Nov 05 2010 16:30:09 GMT+0100");
Gelöscht : user_pref("CT2405280.FeedPollDate129255180392727712", "Fri Nov 05 2010 16:30:09 GMT+0100");
Gelöscht : user_pref("CT2405280.FeedPollDate129255180392727718", "Fri Nov 05 2010 16:30:09 GMT+0100");
Gelöscht : user_pref("CT2405280.FeedPollDate129255180392727724", "Fri Nov 05 2010 16:30:09 GMT+0100");
Gelöscht : user_pref("CT2405280.FeedPollDate129255180392727730", "Fri Nov 05 2010 16:30:09 GMT+0100");
Gelöscht : user_pref("CT2405280.FeedPollDate129255180392727736", "Fri Nov 05 2010 16:30:10 GMT+0100");
Gelöscht : user_pref("CT2405280.FeedPollDate129255180392727742", "Fri Nov 05 2010 16:30:10 GMT+0100");
Gelöscht : user_pref("CT2405280.FeedPollDate129255180392727748", "Fri Nov 05 2010 16:30:10 GMT+0100");
Gelöscht : user_pref("CT2405280.FeedPollDate129255180392727754", "Fri Nov 05 2010 16:30:10 GMT+0100");
Gelöscht : user_pref("CT2405280.FeedPollDate129255180392727760", "Fri Nov 05 2010 16:30:10 GMT+0100");
Gelöscht : user_pref("CT2405280.FeedPollDate129255180392727766", "Fri Nov 05 2010 16:30:10 GMT+0100");
Gelöscht : user_pref("CT2405280.FeedPollDate129255180392727772", "Fri Nov 05 2010 16:30:10 GMT+0100");
Gelöscht : user_pref("CT2405280.FeedPollDate129255180392727778", "Fri Nov 05 2010 16:30:10 GMT+0100");
Gelöscht : user_pref("CT2405280.FeedPollDate129255180392727784", "Fri Nov 05 2010 16:30:10 GMT+0100");
Gelöscht : user_pref("CT2405280.FeedPollDate129255180392727790", "Fri Nov 05 2010 16:30:10 GMT+0100");
Gelöscht : user_pref("CT2405280.FeedPollDate129255180392727796", "Fri Nov 05 2010 16:30:10 GMT+0100");
Gelöscht : user_pref("CT2405280.FeedPollDate129255180392727802", "Fri Nov 05 2010 16:30:10 GMT+0100");
Gelöscht : user_pref("CT2405280.FeedPollDate129255180392727808", "Fri Nov 05 2010 16:30:11 GMT+0100");
Gelöscht : user_pref("CT2405280.FeedPollDate129255180392727814", "Fri Nov 05 2010 16:30:11 GMT+0100");
Gelöscht : user_pref("CT2405280.FeedPollDate129255180392727820", "Fri Nov 05 2010 16:30:11 GMT+0100");
Gelöscht : user_pref("CT2405280.FeedPollDate129255180392727826", "Fri Nov 05 2010 16:30:11 GMT+0100");
Gelöscht : user_pref("CT2405280.FeedPollDate129255180392727832", "Fri Nov 05 2010 16:30:11 GMT+0100");
Gelöscht : user_pref("CT2405280.FeedPollDate129255180392727838", "Fri Nov 05 2010 16:30:11 GMT+0100");
Gelöscht : user_pref("CT2405280.FeedPollDate129255180392727844", "Fri Nov 05 2010 16:30:11 GMT+0100");
Gelöscht : user_pref("CT2405280.FeedPollDate129255180392727850", "Fri Nov 05 2010 16:30:11 GMT+0100");
Gelöscht : user_pref("CT2405280.FeedPollDate129255180392727856", "Fri Nov 05 2010 16:30:11 GMT+0100");
Gelöscht : user_pref("CT2405280.FeedPollDate129255180392727862", "Fri Nov 05 2010 16:30:11 GMT+0100");
Gelöscht : user_pref("CT2405280.FeedPollDate129255180392727868", "Fri Nov 05 2010 16:30:12 GMT+0100");
Gelöscht : user_pref("CT2405280.FeedPollDate129255180392727874", "Fri Nov 05 2010 16:30:12 GMT+0100");
Gelöscht : user_pref("CT2405280.FeedPollDate129255180392727880", "Fri Nov 05 2010 16:30:12 GMT+0100");
Gelöscht : user_pref("CT2405280.FeedPollDate129255180392727886", "Fri Nov 05 2010 16:30:12 GMT+0100");
Gelöscht : user_pref("CT2405280.FeedPollDate129255180392727892", "Fri Nov 05 2010 16:30:12 GMT+0100");
Gelöscht : user_pref("CT2405280.FeedPollDate129255180392727898", "Fri Nov 05 2010 16:30:12 GMT+0100");
Gelöscht : user_pref("CT2405280.FeedTTL129255180392415104", 15);
Gelöscht : user_pref("CT2405280.FeedTTL129255180392415116", 60);
Gelöscht : user_pref("CT2405280.FeedTTL129255180392571420", 60);
Gelöscht : user_pref("CT2405280.FeedTTL129255180392571426", 15);
Gelöscht : user_pref("CT2405280.FeedTTL129255180392571432", 2);
Gelöscht : user_pref("CT2405280.FeedTTL129255180392571438", 15);
Gelöscht : user_pref("CT2405280.FeedTTL129255180392727700", 2);
Gelöscht : user_pref("CT2405280.FeedTTL129255180392727706", 5);
Gelöscht : user_pref("CT2405280.FeedTTL129255180392727712", 5);
Gelöscht : user_pref("CT2405280.FeedTTL129255180392727724", 5);
Gelöscht : user_pref("CT2405280.FeedTTL129255180392727736", 30);
Gelöscht : user_pref("CT2405280.FeedTTL129255180392727742", 30);
Gelöscht : user_pref("CT2405280.FeedTTL129255180392727766", 15);
Gelöscht : user_pref("CT2405280.FeedTTL129255180392727778", 15);
Gelöscht : user_pref("CT2405280.FeedTTL129255180392727784", 15);
Gelöscht : user_pref("CT2405280.FeedTTL129255180392727790", 15);
Gelöscht : user_pref("CT2405280.FeedTTL129255180392727808", 1440);
Gelöscht : user_pref("CT2405280.FeedTTL129255180392727838", 10);
Gelöscht : user_pref("CT2405280.FeedTTL129255180392727856", 5);
Gelöscht : user_pref("CT2405280.FirstServerDate", "5-11-2010");
Gelöscht : user_pref("CT2405280.FirstTime", true);
Gelöscht : user_pref("CT2405280.FirstTimeFF3", true);
Gelöscht : user_pref("CT2405280.FixPageNotFoundErrors", true);
Gelöscht : user_pref("CT2405280.GroupingServerCheckInterval", 1440);
Gelöscht : user_pref("CT2405280.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Gelöscht : user_pref("CT2405280.HasUserGlobalKeys", true);
Gelöscht : user_pref("CT2405280.Initialize", true);
Gelöscht : user_pref("CT2405280.InitializeCommonPrefs", true);
Gelöscht : user_pref("CT2405280.InstallationAndCookieDataSentCount", 1);
Gelöscht : user_pref("CT2405280.InstallationId", "integrated_CT2405280 .exe");
Gelöscht : user_pref("CT2405280.InstallationType", "ConduitIntegration");
Gelöscht : user_pref("CT2405280.InstalledDate", "Fri Nov 05 2010 16:30:07 GMT+0100");
Gelöscht : user_pref("CT2405280.InvalidateCache", false);
Gelöscht : user_pref("CT2405280.IsGrouping", false);
Gelöscht : user_pref("CT2405280.IsMulticommunity", false);
Gelöscht : user_pref("CT2405280.IsOpenThankYouPage", false);
Gelöscht : user_pref("CT2405280.IsOpenUninstallPage", true);
Gelöscht : user_pref("CT2405280.LanguagePackLastCheckTime", "Fri Nov 05 2010 16:30:09 GMT+0100");
Gelöscht : user_pref("CT2405280.LanguagePackReloadIntervalMM", 1440);
Gelöscht : user_pref("CT2405280.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Gelöscht : user_pref("CT2405280.LastLogin_3.2.1.3", "Fri Nov 05 2010 16:30:07 GMT+0100");
Gelöscht : user_pref("CT2405280.LatestVersion", "2.7.2.0");
Gelöscht : user_pref("CT2405280.Locale", "en-us");
Gelöscht : user_pref("CT2405280.MCDetectTooltipHeight", "83");
Gelöscht : user_pref("CT2405280.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Gelöscht : user_pref("CT2405280.MCDetectTooltipWidth", "295");
Gelöscht : user_pref("CT2405280.RadioIsPodcast", false);
Gelöscht : user_pref("CT2405280.RadioLastCheckTime", "Fri Nov 05 2010 16:30:08 GMT+0100");
Gelöscht : user_pref("CT2405280.RadioLastUpdateIPServer", "3");
Gelöscht : user_pref("CT2405280.RadioLastUpdateServer", "129167775315800000");
Gelöscht : user_pref("CT2405280.RadioMediaID", "20503713");
Gelöscht : user_pref("CT2405280.RadioMediaType", "Media Player");
Gelöscht : user_pref("CT2405280.RadioMenuSelectedID", "EBRadioMenu_CT240528020503713");
Gelöscht : user_pref("CT2405280.RadioStationName", "Virgin%20Radio%20Classic%20Rock");
Gelöscht : user_pref("CT2405280.RadioStationURL", "hxxp://www.smgradio.com/core/audio/wmp/live.asx?service=vcbb[...]
Gelöscht : user_pref("CT2405280.RadioVolume", "45");
Gelöscht : user_pref("CT2405280.SHRINK_TOOLBAR", 1);
Gelöscht : user_pref("CT2405280.SavedHomepage", "hxxp://www.google.de/");
Gelöscht : user_pref("CT2405280.SearchFromAddressBarIsInit", true);
Gelöscht : user_pref("CT2405280.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT240[...]
Gelöscht : user_pref("CT2405280.SearchInNewTabEnabled", true);
Gelöscht : user_pref("CT2405280.SearchInNewTabIntervalMM", 1440);
Gelöscht : user_pref("CT2405280.SearchInNewTabLastCheckTime", "Fri Nov 05 2010 16:30:08 GMT+0100");
Gelöscht : user_pref("CT2405280.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Gelöscht : user_pref("CT2405280.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Gelöscht : user_pref("CT2405280.ServiceMapLastCheckTime", "Fri Nov 05 2010 16:30:06 GMT+0100");
Gelöscht : user_pref("CT2405280.SettingsLastCheckTime", "Fri Nov 05 2010 16:30:06 GMT+0100");
Gelöscht : user_pref("CT2405280.SettingsLastUpdate", "1288889651");
Gelöscht : user_pref("CT2405280.ThirdPartyComponentsInterval", 504);
Gelöscht : user_pref("CT2405280.ThirdPartyComponentsLastCheck", "Fri Nov 05 2010 16:30:06 GMT+0100");
Gelöscht : user_pref("CT2405280.ThirdPartyComponentsLastUpdate", "1246790578");
Gelöscht : user_pref("CT2405280.TrusteLinkUrl", "hxxp://www.truste.org/pvr.php?page=validate&softwareProgramId=[...]
Gelöscht : user_pref("CT2405280.UserID", "UN35034123776479815");
Gelöscht : user_pref("CT2405280.ValidationData_Toolbar", 2);
Gelöscht : user_pref("CT2405280.WeatherNetwork", "");
Gelöscht : user_pref("CT2405280.WeatherPollDate", "Fri Nov 05 2010 17:53:12 GMT+0100");
Gelöscht : user_pref("CT2405280.WeatherUnit", "C");
Gelöscht : user_pref("CT2405280.alertChannelId", "799768");
Gelöscht : user_pref("CT2405280.myStuffEnabled", true);
Gelöscht : user_pref("CT2405280.myStuffPublihserMinWidth", 400);
Gelöscht : user_pref("CT2405280.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Gelöscht : user_pref("CT2405280.myStuffServiceIntervalMM", 1440);
Gelöscht : user_pref("CT2405280.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Gelöscht : user_pref("CT2405280.testingCtid", "");
Gelöscht : user_pref("CT2405280.toolbarAppMetaDataLastCheckTime", "Fri Nov 05 2010 16:30:07 GMT+0100");
Gelöscht : user_pref("CT2405280.toolbarContextMenuLastCheckTime", "Fri Nov 05 2010 16:30:08 GMT+0100");
Gelöscht : user_pref("CT2405280.usagesFlag", 2);
Gelöscht : user_pref("CT2724386..clientLogIsEnabled", true);
Gelöscht : user_pref("CT2724386..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Gelöscht : user_pref("CT2724386..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Gelöscht : user_pref("CT2724386.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Gelöscht : user_pref("CT2724386.CTID", "ct2724407");
Gelöscht : user_pref("CT2724386.CommunitiesChangesLastCheckTime", "Fri Dec 10 2010 08:06:17 GMT+0100");
Gelöscht : user_pref("CT2724386.CommunityChanged", true);
Gelöscht : user_pref("CT2724386.CurrentServerDate", "10-12-2010");
Gelöscht : user_pref("CT2724386.DialogsAlignMode", "LTR");
Gelöscht : user_pref("CT2724386.DownloadReferralCookieData", "");
Gelöscht : user_pref("CT2724386.FirstServerDate", "10-12-2010");
Gelöscht : user_pref("CT2724386.FirstTime", true);
Gelöscht : user_pref("CT2724386.FirstTimeFF3", true);
Gelöscht : user_pref("CT2724386.FixPageNotFoundErrors", true);
Gelöscht : user_pref("CT2724386.GroupingLastCheckTime", "Fri Dec 10 2010 08:06:17 GMT+0100");
Gelöscht : user_pref("CT2724386.GroupingLastErrorCode", "");
Gelöscht : user_pref("CT2724386.GroupingLastResponse", true);
Gelöscht : user_pref("CT2724386.GroupingLastServerUpdateTime", "129362199885070000");
Gelöscht : user_pref("CT2724386.GroupingServerCheckInterval", 1440);
Gelöscht : user_pref("CT2724386.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Gelöscht : user_pref("CT2724386.Initialize", true);
Gelöscht : user_pref("CT2724386.InitializeCommonPrefs", true);
Gelöscht : user_pref("CT2724386.InstallationAndCookieDataSentCount", 1);
Gelöscht : user_pref("CT2724386.InstallationId", "IncrediMail_MediaBar_2.exe");
Gelöscht : user_pref("CT2724386.InstallationType", "ConduitIntegration");
Gelöscht : user_pref("CT2724386.InstalledDate", "Fri Dec 10 2010 08:06:17 GMT+0100");
Gelöscht : user_pref("CT2724386.InvalidateCache", false);
Gelöscht : user_pref("CT2724386.IsGrouping", true);
Gelöscht : user_pref("CT2724386.IsMulticommunity", false);
Gelöscht : user_pref("CT2724386.IsOpenThankYouPage", false);
Gelöscht : user_pref("CT2724386.IsOpenUninstallPage", true);
Gelöscht : user_pref("CT2724386.LanguagePackLastCheckTime", "Fri Dec 10 2010 08:06:18 GMT+0100");
Gelöscht : user_pref("CT2724386.LanguagePackReloadIntervalMM", 1440);
Gelöscht : user_pref("CT2724386.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Gelöscht : user_pref("CT2724386.LastLogin_3.2.1.3", "Fri Dec 10 2010 08:06:17 GMT+0100");
Gelöscht : user_pref("CT2724386.LatestVersion", "2.7.2.0");
Gelöscht : user_pref("CT2724386.Locale", "en");
Gelöscht : user_pref("CT2724386.MCDetectTooltipHeight", "83");
Gelöscht : user_pref("CT2724386.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Gelöscht : user_pref("CT2724386.MCDetectTooltipWidth", "295");
Gelöscht : user_pref("CT2724386.RadioIsPodcast", false);
Gelöscht : user_pref("CT2724386.RadioLastCheckTime", "Fri Dec 10 2010 08:06:17 GMT+0100");
Gelöscht : user_pref("CT2724386.RadioLastUpdateIPServer", "0");
Gelöscht : user_pref("CT2724386.RadioMediaID", "21080119");
Gelöscht : user_pref("CT2724386.RadioMediaType", "Media Player");
Gelöscht : user_pref("CT2724386.RadioMenuSelectedID", "EBRadioMenu_CT272438621080119");
Gelöscht : user_pref("CT2724386.RadioStationName", "Royal-Radio%20");
Gelöscht : user_pref("CT2724386.RadioStationURL", "");
Gelöscht : user_pref("CT2724386.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER[...]
Gelöscht : user_pref("CT2724386.SearchFromAddressBarIsInit", true);
Gelöscht : user_pref("CT2724386.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT272[...]
Gelöscht : user_pref("CT2724386.SearchInNewTabEnabled", true);
Gelöscht : user_pref("CT2724386.SearchInNewTabIntervalMM", 1440);
Gelöscht : user_pref("CT2724386.SearchInNewTabLastCheckTime", "Fri Dec 10 2010 08:06:17 GMT+0100");
Gelöscht : user_pref("CT2724386.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Gelöscht : user_pref("CT2724386.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Gelöscht : user_pref("CT2724386.ServiceMapLastCheckTime", "Fri Dec 10 2010 08:06:16 GMT+0100");
Gelöscht : user_pref("CT2724386.SettingsLastCheckTime", "Fri Dec 10 2010 08:06:16 GMT+0100");
Gelöscht : user_pref("CT2724386.SettingsLastUpdate", "1291812328");
Gelöscht : user_pref("CT2724386.ThirdPartyComponentsInterval", 504);
Gelöscht : user_pref("CT2724386.ThirdPartyComponentsLastCheck", "Fri Dec 10 2010 08:06:16 GMT+0100");
Gelöscht : user_pref("CT2724386.ThirdPartyComponentsLastUpdate", "1246790578");
Gelöscht : user_pref("CT2724386.TrusteLinkUrl", "hxxp://www.truste.org/pvr.php?page=validate&softwareProgramId=[...]
Gelöscht : user_pref("CT2724386.UserID", "UN66836787863071588");
Gelöscht : user_pref("CT2724386.ValidationData_Toolbar", 0);
Gelöscht : user_pref("CT2724386.WeatherNetwork", "");
Gelöscht : user_pref("CT2724386.WeatherPollDate", "Fri Dec 10 2010 08:06:17 GMT+0100");
Gelöscht : user_pref("CT2724386.WeatherUnit", "C");
Gelöscht : user_pref("CT2724386.ct2724407.DialogsAlignMode", "LTR");
Gelöscht : user_pref("CT2724386.ct2724407.GroupingInvalidateCache", false);
Gelöscht : user_pref("CT2724386.ct2724407.GroupingLastCheckTime", "Fri Dec 10 2010 08:06:17 GMT+0100");
Gelöscht : user_pref("CT2724386.ct2724407.GroupingLastErrorCode", "");
Gelöscht : user_pref("CT2724386.ct2724407.GroupingLastResponse", true);
Gelöscht : user_pref("CT2724386.ct2724407.GroupingLastServerUpdateTime", "129361239174000000");
Gelöscht : user_pref("CT2724386.ct2724407.InvalidateCache", false);
Gelöscht : user_pref("CT2724386.ct2724407.LanguagePackLastCheckTime", "Fri Dec 10 2010 08:06:18 GMT+0100");
Gelöscht : user_pref("CT2724386.ct2724407.Locale", "de");
Gelöscht : user_pref("CT2724386.ct2724407.RadioLastCheckTime", "Fri Dec 10 2010 08:06:18 GMT+0100");
Gelöscht : user_pref("CT2724386.ct2724407.RadioLastUpdateIPServer", "3");
Gelöscht : user_pref("CT2724386.ct2724407.RadioLastUpdateServer", "129249047784100000");
Gelöscht : user_pref("CT2724386.ct2724407.SearchEngine", "Suchen||hxxp://search.conduit.com/Results.aspx?q=UCM_[...]
Gelöscht : user_pref("CT2724386.ct2724407.SearchInNewTabLastCheckTime", "Fri Dec 10 2010 08:06:18 GMT+0100");
Gelöscht : user_pref("CT2724386.ct2724407.SettingsLastCheckTime", "Fri Dec 10 2010 08:06:17 GMT+0100");
Gelöscht : user_pref("CT2724386.ct2724407.SettingsLastUpdate", "1291812328");
Gelöscht : user_pref("CT2724386.ct2724407.ThirdPartyComponentsLastCheck", "Fri Dec 10 2010 08:06:17 GMT+0100");
Gelöscht : user_pref("CT2724386.ct2724407.ThirdPartyComponentsLastUpdate", "1255348257");
Gelöscht : user_pref("CT2724386.ct2724407.toolbarAppMetaDataLastCheckTime", "Fri Dec 10 2010 08:06:17 GMT+0100"[...]
Gelöscht : user_pref("CT2724386.ct2724407.toolbarContextMenuLastCheckTime", "Fri Dec 10 2010 08:06:18 GMT+0100"[...]
Gelöscht : user_pref("CT2724386.myStuffEnabled", true);
Gelöscht : user_pref("CT2724386.myStuffPublihserMinWidth", 400);
Gelöscht : user_pref("CT2724386.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Gelöscht : user_pref("CT2724386.myStuffServiceIntervalMM", 1440);
Gelöscht : user_pref("CT2724386.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Gelöscht : user_pref("CT2724386.toolbarAppMetaDataLastCheckTime", "Fri Dec 10 2010 08:06:17 GMT+0100");
Gelöscht : user_pref("CT2724386.toolbarContextMenuLastCheckTime", "Fri Dec 10 2010 08:06:18 GMT+0100");
Gelöscht : user_pref("CommunityToolbar.CantToolbarBeEngineOwner", "");
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/?aid=799768&fid=795587", "\"0\""[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/?aid=909619&fid=905414", "\"0\""[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1116652/1112356/DE", "\"0\"[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1235508/1231181/DE", "\"0\"[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/799768/795587/DE", "\"0\"")[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/DE", "\"0\"")[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2405280", [...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2724386", [...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2843456", [...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=ct2724407", [...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/toolbar/", "\"63428984078257[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "63[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT2405280&octid=[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2724386/CT2724386[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2843456/CT2843456[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/ct2724407/CT2724386[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/equalizer[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/minimize.[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/play.gif"[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/stop.gif"[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/vol.gif",[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=de", "\"634[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=de-de", "\"[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"634[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en-us", "\"[...]
Gelöscht : user_pref("CommunityToolbar.EngineOwner", "CT2405280");
Gelöscht : user_pref("CommunityToolbar.EngineOwnerGuid", "{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}");
Gelöscht : user_pref("CommunityToolbar.EngineOwnerToolbarId", "softonic-eng7");
Gelöscht : user_pref("CommunityToolbar.IsEngineShown", true);
Gelöscht : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
Gelöscht : user_pref("CommunityToolbar.OriginalEngineOwner", "CT2405280");
Gelöscht : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}");
Gelöscht : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "softonic-eng7");
Gelöscht : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://mystart.incredimail.com/?loc=ff_a[...]
Gelöscht : user_pref("CommunityToolbar.ToolbarsList", "ConduitEngine,CT2405280,CT2724386");
Gelöscht : user_pref("CommunityToolbar.ToolbarsList2", "CT2405280,CT2724386");
Gelöscht : user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Tue May 24 2011 07:51:35 GMT+02[...]
Gelöscht : user_pref("CommunityToolbar.alert.alertInfoInterval", 60);
Gelöscht : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Thu Sep 29 2011 07:49:37 GMT+0200");
Gelöscht : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Gelöscht : user_pref("CommunityToolbar.alert.firstTimeAlertShown", true);
Gelöscht : user_pref("CommunityToolbar.alert.locale", "en");
Gelöscht : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Gelöscht : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Mon Oct 03 2011 11:33:03 GMT+0200");
Gelöscht : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1313487611");
Gelöscht : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Gelöscht : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Gelöscht : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Gelöscht : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Gelöscht : user_pref("CommunityToolbar.alert.userId", "afb62d8f-a432-4693-bd02-f595758feec9");
Gelöscht : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Fri Dec 10 2010 08:06:17 GMT+0100");
Gelöscht : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Gelöscht : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Gelöscht : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2405280");
Gelöscht : user_pref("ConduitEngine.FirstServerDate", "11/05/2010 18");
Gelöscht : user_pref("ConduitEngine.FirstTime", true);
Gelöscht : user_pref("ConduitEngine.FirstTimeFF3", true);
Gelöscht : user_pref("ConduitEngine.HasUserGlobalKeys", true);
Gelöscht : user_pref("ConduitEngine.Initialize", true);
Gelöscht : user_pref("ConduitEngine.InitializeCommonPrefs", true);
Gelöscht : user_pref("ConduitEngine.InstalledDate", "Fri Nov 05 2010 16:30:07 GMT+0100");
Gelöscht : user_pref("ConduitEngine.IsMulticommunity", false);
Gelöscht : user_pref("ConduitEngine.IsOpenThankYouPage", false);
Gelöscht : user_pref("ConduitEngine.IsOpenUninstallPage", true);
Gelöscht : user_pref("ConduitEngine.LanguagePackLastCheckTime", "Fri Nov 05 2010 16:30:07 GMT+0100");
Gelöscht : user_pref("ConduitEngine.LastLogin_3.2.1.3", "Fri Nov 05 2010 16:30:07 GMT+0100");
Gelöscht : user_pref("ConduitEngine.PublisherContainerWidth", 0);
Gelöscht : user_pref("ConduitEngine.SearchFromAddressBarIsInit", true);
Gelöscht : user_pref("ConduitEngine.SettingsLastCheckTime", "Fri Nov 05 2010 16:30:06 GMT+0100");
Gelöscht : user_pref("ConduitEngine.UserID", "UN41198604592248944");
Gelöscht : user_pref("ConduitEngine.engineLocale", "de");
Gelöscht : user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Fri Nov 05 2010 16:30:07 GMT+0100");
Gelöscht : user_pref("ConduitEngine.initDone", true);
Gelöscht : user_pref("avg.install.installDirPath", "C:\\ProgramData\\AVG Secure Search\\FireFoxExt\\13.0.0.7");
Gelöscht : user_pref("browser.search.defaultenginename", "AVG Secure Search");
Gelöscht : user_pref("browser.search.defaultthis.engineName", "Softonic-Eng7 Customized Web Search");
Gelöscht : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2405280&Sea[...]
Gelöscht : user_pref("browser.search.order.1", "Web Search");
Gelöscht : user_pref("browser.startup.homepage", "hxxp://search.babylon.com/?affID=110824&tt=101012_24_4112_2&b[...]
Gelöscht : user_pref("keyword.URL", "hxxps://isearch.avg.com/search?cid=%7B9662d32d-8d32-4e79-82bd-59e5281d4751[...]
Gelöscht : user_pref("winamp_toolbar.buttons.layout", "skins_btn_wa;plugins_btn_wa;shout_btn_wa;video_btn_wa;ai[...]
Gelöscht : user_pref("winamp_toolbar.firsttime.showwindow", false);
Gelöscht : user_pref("winamp_toolbar.install.lastTbVersion", "5.6.12.1");
Gelöscht : user_pref("winamp_toolbar.metrics.activestampdate", "22");
Gelöscht : user_pref("winamp_toolbar.metrics.activestampmonth", "4");
Gelöscht : user_pref("winamp_toolbar.metrics.activestampyear", "2011");
Gelöscht : user_pref("winamp_toolbar.metrics.originalDate", "8");
Gelöscht : user_pref("winamp_toolbar.metrics.originalHours", "8");
Gelöscht : user_pref("winamp_toolbar.metrics.originalMinutes", "28");
Gelöscht : user_pref("winamp_toolbar.metrics.originalMonth", "2");
Gelöscht : user_pref("winamp_toolbar.metrics.originalSeconds", "37");
Gelöscht : user_pref("winamp_toolbar.metrics.originalYear", "2010");
Gelöscht : user_pref("winamp_toolbar.search.focusnewtab", false);
Gelöscht : user_pref("winamp_toolbar.search.newtab", false);
Gelöscht : user_pref("winamp_toolbar.search.populateoncomplete", false);
Gelöscht : user_pref("winamp_toolbar.search.savehistory", true);
Gelöscht : user_pref("winamp_toolbar.search.searchtype", "web");
Gelöscht : user_pref("winamp_toolbar.search.source", "tb50ffwinamp");
Gelöscht : user_pref("winamp_toolbar.strbundle.msg", "Winamp Toolbar");
Gelöscht : user_pref("winamp_toolbar.upgrade.showwindow", false);
Gelöscht : user_pref("winamp_toolbar.winamp.appversion", "1");
Gelöscht : user_pref("winamp_toolbar.winamp.artist", "");
Gelöscht : user_pref("winamp_toolbar.winamp.title", "-999999");
Gelöscht : user_pref("winamp_toolbar.winamp.tracklength", "-999999");
Gelöscht : user_pref("winamp_toolbar.winamp.tracktime", "-999999");
Gelöscht : user_pref("winamp_toolbar.winamp.volume", "255");
Gelöscht : user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_referrer", "hxxps://isearch.avg.com[...]
Gelöscht : user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_temp_referer", "hxxps://isearch.avg[...]
Gelöscht : user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_whiteList", "{\"search.babylon.com\[...]
Gelöscht : user_pref("extensions.BabylonToolbar_i.newTab", true);
Gelöscht : user_pref("extensions.BabylonToolbar_i.newTabUrl", "about:home");

-\\ Google Chrome v [Version kann nicht ermittelt werden]

Datei : C:\Users\Sweetheart\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

*************************

AdwCleaner[R1].txt - [53291 octets] - [12/10/2012 10:27:39]
AdwCleaner[R2].txt - [49028 octets] - [12/10/2012 12:05:07]
AdwCleaner[S1].txt - [46622 octets] - [12/10/2012 12:06:59]

########## EOF - C:\AdwCleaner[S1].txt - [46683 octets] ##########
         

--- --- ---

Und jetzt bitte ein frisches OTL-Logfile.

OTL Logfile:

Code: Alles auswählenAufklappen

ATTFilter

OTL logfile created on: 12.10.2012 12:16:13 - Run 4
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Sweetheart\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,53 Gb Available Physical Memory | 51,02% Memory free
6,20 Gb Paging File | 4,37 Gb Available in Paging File | 70,54% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 298,09 Gb Total Space | 66,12 Gb Free Space | 22,18% Space Free | Partition Type: NTFS
 
Computer Name: KUSCHELMONSTER | User Name: Sweetheart | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.10.11 23:10:03 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Sweetheart\Desktop\OTL.exe
PRC - [2012.10.03 23:57:42 | 000,711,112 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.0.0\ToolbarUpdater.exe
PRC - [2012.09.25 11:43:01 | 001,239,064 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2012.09.19 11:29:44 | 001,869,152 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe
PRC - [2012.09.19 11:29:42 | 001,699,168 | ---- | M] (TuneUp Software) -- C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe
PRC - [2012.09.13 23:18:56 | 000,471,040 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2012.09.13 23:18:20 | 000,217,600 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2012.09.07 17:04:46 | 000,676,936 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.09.07 17:04:46 | 000,399,432 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012.09.07 17:04:44 | 000,766,536 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012.09.03 10:11:56 | 011,325,376 | ---- | M] (Innovative Solutions) -- C:\Program Files\Innovative Solutions\DriverMax\drivermax.exe
PRC - [2012.08.20 09:33:01 | 000,348,664 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.06.11 16:22:16 | 000,193,616 | ---- | M] (Microsoft Corporation.) -- C:\Program Files\Microsoft\BingBar\7.1.391.0\BBSvc.EXE
PRC - [2012.06.08 09:02:24 | 000,521,344 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Online Games Manager\ogmservice.exe
PRC - [2012.06.01 08:02:20 | 000,366,536 | ---- | M] (IncrediMail, Ltd.) -- C:\Program Files\IncrediMail\Bin\IncMail.exe
PRC - [2012.06.01 08:02:20 | 000,264,136 | ---- | M] (IncrediMail, Ltd.) -- C:\Program Files\IncrediMail\Bin\ImApp.exe
PRC - [2012.05.08 16:12:35 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.05.08 16:12:35 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2012.05.08 16:12:35 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2011.10.17 15:12:52 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2011.10.07 11:40:42 | 001,387,288 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPointP\SetPoint.exe
PRC - [2011.09.27 21:05:24 | 000,149,784 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
PRC - [2009.11.28 21:39:39 | 000,403,968 | ---- | M] (Hansenet) -- C:\Program Files\Alice\Signup\AliceCnn.exe
PRC - [2009.08.22 12:31:06 | 005,148,672 | ---- | M] () -- C:\Program Files\Rainlendar2\Rainlendar2.exe
PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.01.26 16:31:16 | 002,144,088 | RHS- | M] (Safer Networking Limited) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009.01.26 16:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2008.01.19 09:38:38 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.10.12 11:22:47 | 011,820,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\508b444db523c5cf20ff12c7f440837b\System.Web.ni.dll
MOD - [2012.10.12 11:22:34 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\846b9cf2756fdd15f704c9bab9c70b6f\System.Runtime.Remoting.ni.dll
MOD - [2012.10.12 11:22:22 | 003,325,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\54426ee1881b42af5b090e223f43823c\WindowsBase.ni.dll
MOD - [2012.10.12 11:06:21 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\f2691cfa7671cdc58179e56ba9227591\System.Windows.Forms.ni.dll
MOD - [2012.10.12 11:06:09 | 001,592,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\18f9789aa214c657113e676b3a9015aa\System.Drawing.ni.dll
MOD - [2012.10.12 11:05:25 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d2630342a066a7cb9056d9eb6157687a\System.Xml.ni.dll
MOD - [2012.10.12 11:05:17 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\bd76aaaa03ddc15d1840207b5a480644\System.Configuration.ni.dll
MOD - [2012.10.12 11:04:49 | 007,953,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\28d633338fc8d29f8af31935ef7d001b\System.ni.dll
MOD - [2012.10.12 11:04:27 | 011,492,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\af9c9e9d7e0523cd444f8b551baa9cbf\mscorlib.ni.dll
MOD - [2012.10.05 11:14:15 | 002,106,392 | ---- | M] () -- c:\ProgramData\Browser Manager\2.3.765.24\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll
MOD - [2012.09.25 11:42:58 | 000,460,312 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\22.0.1229.79\ppgooglenaclpluginchrome.dll
MOD - [2012.09.25 11:42:55 | 004,005,912 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\22.0.1229.79\pdf.dll
MOD - [2012.09.25 11:41:39 | 000,578,072 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\22.0.1229.79\libglesv2.dll
MOD - [2012.09.25 11:41:38 | 000,123,416 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\22.0.1229.79\libegl.dll
MOD - [2012.09.25 11:41:27 | 000,156,712 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\22.0.1229.79\avutil-51.dll
MOD - [2012.09.25 11:41:26 | 000,275,496 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\22.0.1229.79\avformat-54.dll
MOD - [2012.09.25 11:41:24 | 002,168,360 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\22.0.1229.79\avcodec-54.dll
MOD - [2012.09.13 22:53:32 | 000,037,376 | ---- | M] () -- C:\Windows\System32\atitmpxx.dll
MOD - [2012.07.31 11:07:52 | 000,008,648 | ---- | M] () -- C:\Program Files\Innovative Solutions\DriverMax\sync.dll
MOD - [2012.06.01 08:02:23 | 000,071,624 | ---- | M] () -- C:\Program Files\IncrediMail\Bin\wlessfp1.dll
MOD - [2012.06.01 08:02:21 | 000,268,232 | ---- | M] () -- C:\Program Files\IncrediMail\Bin\ImLookExU.dll
MOD - [2012.06.01 08:02:20 | 000,133,064 | ---- | M] () -- C:\Program Files\IncrediMail\Bin\ImComUtlU.dll
MOD - [2012.06.01 08:02:20 | 000,079,816 | ---- | M] () -- C:\Program Files\IncrediMail\Bin\ImAppRU.dll
MOD - [2012.06.01 08:02:20 | 000,032,648 | ---- | M] () -- C:\Program Files\IncrediMail\Bin\IMHttpComm.dll
MOD - [2012.06.01 08:01:41 | 001,000,784 | ---- | M] () -- C:\Program Files\IncrediMail\Bin\AE\ActionEngine.dll
MOD - [2012.02.13 13:02:09 | 005,283,840 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll
MOD - [2012.02.13 13:02:04 | 004,214,784 | ---- | M] () -- C:\Windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
MOD - [2011.10.07 11:41:16 | 000,879,896 | ---- | M] () -- C:\Program Files\Logitech\SetPointP\Macros\MacroCore.dll
MOD - [2011.01.30 16:19:12 | 000,107,896 | ---- | M] () -- C:\Program Files\IncrediMail\Bin\PMC.dll
MOD - [2011.01.04 22:54:12 | 000,243,712 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
MOD - [2009.12.03 02:29:15 | 000,667,648 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Core\3.5.0.0__b77a5c561934e089\System.Core.dll
MOD - [2009.08.22 12:32:50 | 000,724,992 | ---- | M] () -- C:\Program Files\Rainlendar2\plugins\iCalendarPlugin.dll
MOD - [2009.08.22 12:31:06 | 005,148,672 | ---- | M] () -- C:\Program Files\Rainlendar2\Rainlendar2.exe
MOD - [2009.03.30 06:42:12 | 000,434,176 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll
MOD - [2009.03.30 06:42:12 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll
MOD - [2009.03.30 06:42:12 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll
MOD - [2009.03.30 06:42:11 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2009.02.18 20:39:19 | 000,098,304 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\UIAutomationTypes\3.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll
MOD - [2009.02.18 20:39:19 | 000,094,208 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\WindowsFormsIntegration\3.0.0.0__31bf3856ad364e35\WindowsFormsIntegration.dll
MOD - [2009.02.18 20:39:19 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\UIAutomationProvider\3.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll
MOD - [2009.02.18 20:39:17 | 000,196,608 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationFramework.Aero\3.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll
MOD - [2008.11.07 22:00:46 | 000,009,216 | ---- | M] () -- C:\Program Files\Rainlendar2\lfs.dll
MOD - [2008.11.07 21:59:08 | 000,131,072 | ---- | M] () -- C:\Program Files\Rainlendar2\lua51.dll
MOD - [2007.03.24 22:44:22 | 000,114,688 | ---- | M] () -- C:\Program Files\Alice\Signup\sys.plg
MOD - [2007.02.12 18:54:32 | 000,253,952 | ---- | M] () -- C:\Program Files\Alice\Signup\dslsetup.plg
MOD - [2005.10.04 18:28:40 | 000,081,920 | ---- | M] () -- C:\Program Files\Alice\Signup\htmlpars.plg
MOD - [2005.09.23 19:10:22 | 000,081,920 | ---- | M] () -- C:\Program Files\Alice\Signup\alice.plg
MOD - [2005.08.17 20:36:28 | 000,090,112 | ---- | M] () -- C:\Program Files\Alice\Signup\Support.plg
MOD - [2005.04.15 13:35:50 | 000,077,824 | ---- | M] () -- C:\Program Files\Alice\Signup\SueDsl.plg
 
 
========== Services (SafeList) ==========
 
SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SBSDWSCService)
SRV - [2012.10.08 23:10:40 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.10.03 23:57:42 | 000,711,112 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.0.0\ToolbarUpdater.exe -- (vToolbarUpdater13.0.0)
SRV - [2012.09.19 11:29:42 | 001,699,168 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2012.09.13 23:18:20 | 000,217,600 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2012.09.11 09:12:29 | 004,537,664 | ---- | M] () [Auto | Running] -- c:\program files\common files\akamai/netsession_win_5891ae0.dll -- (Akamai)
SRV - [2012.09.07 17:04:46 | 000,676,936 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.09.07 17:04:46 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012.09.05 14:05:50 | 000,124,472 | ---- | M] (MSI) [Disabled | Stopped] -- C:\MSI\MSI SUITE\Super-Charger\SuiteChargeService.exe -- (MSI_SuiteCharger)
SRV - [2012.08.30 14:08:28 | 000,102,968 | ---- | M] (MSI) [Disabled | Stopped] -- C:\MSI\MSI SUITE\FastBoot\SuiteFastBootService.exe -- (MSI_SuiteFastBoot)
SRV - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.07.12 13:20:54 | 003,947,320 | ---- | M] (Trend Micro Inc.) [Disabled | Stopped] -- C:\Program Files\Trend Micro SafeSync\hrfscore.exe -- (OnlineStorageService)
SRV - [2012.06.29 17:56:30 | 000,136,704 | ---- | M] (MSI) [Disabled | Stopped] -- C:\Program Files\MSI\Super-Charger\ChargeService.exe -- (MSI_SuperCharger)
SRV - [2012.06.11 16:22:16 | 000,240,208 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files\Microsoft\BingBar\7.1.391.0\SeaPort.EXE -- (BBUpdate)
SRV - [2012.06.11 16:22:16 | 000,193,616 | ---- | M] (Microsoft Corporation.) [Auto | Running] -- C:\Program Files\Microsoft\BingBar\7.1.391.0\BBSvc.EXE -- (BBSvc)
SRV - [2012.06.08 09:02:24 | 000,521,344 | ---- | M] (RealNetworks, Inc.) [Auto | Running] -- C:\Program Files\Online Games Manager\ogmservice.exe -- (ogmservice)
SRV - [2012.05.08 16:12:35 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.05.08 16:12:35 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.04.23 09:36:32 | 000,010,752 | ---- | M] () [Disabled | Stopped] -- C:\MSI\MSI SUITE\MSIMonitor\MSIFileSyncMonitor.exe -- (MSIFileSyncMonitor)
SRV - [2012.04.22 10:05:38 | 000,474,168 | ---- | M] (Sony Corporation) [Disabled | Stopped] -- C:\Program Files\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)
SRV - [2012.04.17 14:01:42 | 000,075,280 | ---- | M] (MSI) [Disabled | Stopped] -- C:\MSI\MSI SUITE\ControlCenter\ComCenService.exe -- (MSI_ComCenService)
SRV - [2011.10.17 15:12:52 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2011.09.27 21:03:28 | 000,295,192 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2011.07.18 20:10:37 | 000,040,960 | ---- | M] () [Disabled | Stopped] -- C:\Users\Sweetheart\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe -- (SearchAnonymizer)
SRV - [2010.10.08 11:06:48 | 000,030,016 | ---- | M] (TuneUp Software) [Auto | Stopped] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp)
SRV - [2010.06.14 15:07:14 | 000,615,936 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010.01.05 00:41:00 | 003,670,928 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\System32\GameMon.des -- (npggsvc)
SRV - [2008.01.19 09:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\XDva360.sys -- (XDva360)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\EagleNT.sys -- (EagleNT)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - File not found [Kernel | Boot | Stopped] -- System32\drivers\nagcnh.sys -- (anepufr)
DRV - [2012.10.03 23:57:43 | 000,026,984 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtpx86.sys -- (avgtp)
DRV - [2012.09.19 10:50:50 | 000,010,088 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2012.09.14 00:00:10 | 009,106,432 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2012.09.14 00:00:10 | 009,106,432 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2012.09.13 22:55:00 | 000,370,176 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2012.09.07 17:04:46 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012.08.01 23:02:36 | 000,015,248 | ---- | M] (PenMount) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\pmkbdfltr.sys -- (pmkbdfltr)
DRV - [2012.05.23 13:56:52 | 000,161,640 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\mv61xx.sys -- (mv61xx)
DRV - [2012.05.08 16:12:36 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2012.05.08 16:12:36 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2012.03.30 15:26:30 | 000,007,680 | ---- | M] (MSI) [Kernel | On_Demand | Stopped] -- C:\MSI\MSI SUITE\NTIOLib.sys -- (NTIOLib_1_0_C)
DRV - [2012.02.23 14:31:36 | 000,083,984 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtihdLH3.sys -- (AtiHDAudioService)
DRV - [2011.12.29 13:37:44 | 000,028,464 | ---- | M] (COMPAL ELECTRONIC INC.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\LPCFilter.sys -- (LPCFilter)
DRV - [2011.09.20 11:08:12 | 000,007,680 | ---- | M] (MSI) [Kernel | On_Demand | Stopped] -- C:\MSI\MSI SUITE\ControlCenter\NTIOLib.sys -- (NTIOLib_1_0_D)
DRV - [2011.09.16 17:08:07 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2011.09.02 08:31:28 | 000,039,192 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2011.09.02 08:31:28 | 000,030,360 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV - [2011.09.02 08:31:20 | 000,041,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2010.11.04 15:18:04 | 000,102,728 | ---- | M] (Matrox Graphics Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\MxEFUF32.sys -- (MxEFUF)
DRV - [2010.10.20 14:43:08 | 000,007,680 | ---- | M] (MSI) [Kernel | On_Demand | Stopped] -- C:\Program Files\MSI\Live Update 5\NTIOLib.sys -- (NTIOLib_1_0_4)
DRV - [2010.03.16 21:20:51 | 000,685,816 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2010.02.27 10:30:29 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV - [2010.02.26 14:32:58 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2010.02.26 14:32:46 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2010.02.26 14:32:44 | 000,022,528 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2010.02.26 14:32:44 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2010.02.16 08:57:42 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2009.12.30 13:55:14 | 000,007,680 | ---- | M] (MSI) [Kernel | On_Demand | Stopped] -- C:\Program Files\MSI\Super-Charger\NTIOLib.sys -- (NTIOLib_1_0_3)
DRV - [2009.10.08 17:55:33 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2008.08.26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.02.19 08:09:10 | 000,072,704 | ---- | M] (Point Grey Research) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HS3dSensor1394.sys -- (PGR1394b)
DRV - [2007.04.13 14:22:56 | 000,228,224 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express)
DRV - [2006.11.28 23:46:24 | 000,028,224 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PDNMp50.sys -- (PDNMp50)
DRV - [2006.11.28 23:46:22 | 000,027,072 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\PDNSp50.sys -- (PDNSp50)
DRV - [2002.06.10 15:20:50 | 000,039,936 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvcd.sys -- (QCDonner)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://alice.aol.de
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://alice.aol.de
IE - HKLM\..\URLSearchHook:  - No CLSID value found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope = 
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook:  - No CLSID value found
IE - HKCU\..\URLSearchHook: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - No CLSID value found
IE - HKCU\..\URLSearchHook: {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = 
IE - HKCU\..\SearchScopes\{299622BC-AC86-494D-9E5C-9B385816C0D6}: "URL" = hxxp://www.amazon.de.anonymize-me.de/?to=616D617A6F6E2E6465&st={searchTerms}&clid=e85d924a-6695-4cd1-a5e0-f1a1f9ae29e7&pid=freewarede&mode=bounce&k=0
IE - HKCU\..\SearchScopes\{2DA5735A-B19D-4322-8CC1-D93D0CFE630E}: "URL" = hxxp://de.wikipedia.org.anonymize-me.de/?to=64652E77696B6970656469612E6F7267&st={searchTerms}&clid=e85d924a-6695-4cd1-a5e0-f1a1f9ae29e7&pid=freewarede&mode=bounce&k=0
IE - HKCU\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
IE - HKCU\..\SearchScopes\{79262CC3-E08A-4E62-868B-482145ABA554}: "URL" = hxxp://www.otto.de.anonymize-me.de/?to=6F74746F2E6465&st={searchTerms}&clid=e85d924a-6695-4cd1-a5e0-f1a1f9ae29e7&pid=freewarede&mode=bounce&k=0
IE - HKCU\..\SearchScopes\{A92D9454-CA97-4F63-B91F-68786D2099D6}: "URL" = hxxp://www.pricerunner.de.anonymize-me.de/?to=707269636572756E6E65722E6465&st={searchTerms}&clid=e85d924a-6695-4cd1-a5e0-f1a1f9ae29e7&pid=freewarede&mode=bounce&k=0
IE - HKCU\..\SearchScopes\{CA0339FC-CDA1-46FB-96DD-E89D390B0413}: "URL" = hxxp://www.myvideo.de.anonymize-me.de/?to=6D79766964656F2E6465&st={searchTerms}&clid=e85d924a-6695-4cd1-a5e0-f1a1f9ae29e7&pid=freewarede&mode=bounce&k=0
IE - HKCU\..\SearchScopes\{F4BB98EE-A332-4FDF-8E77-93BE46555CAA}: "URL" = hxxp://search.ebay.de.anonymize-me.de/?to=656261792E6465&st={searchTerms}&clid=e85d924a-6695-4cd1-a5e0-f1a1f9ae29e7&pid=freewarede&mode=bounce&k=0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledAddons: {336D0C35-8A85-403a-B9D2-65C292C39087}:2.0.0.441
FF - prefs.js..extensions.enabledAddons: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}:6.0.33
FF - prefs.js..extensions.enabledAddons: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}:6.0.35
FF - prefs.js..extensions.enabledAddons: {800b5000-a755-47e1-992b-48a1c1357f07}:1.5.3
FF - prefs.js..extensions.enabledAddons: avg@toolbar:13.0.0.7
FF - prefs.js..extensions.enabledItems: {0b38152b-1b20-484d-a11f-5e04a9b0661f}:5.6.12.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.3.42
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.2.5.2
FF - prefs.js..extensions.enabledItems: {414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}:3.2.1.3
FF - prefs.js..extensions.enabledItems: {000F1EA4-5E08-4564-A29B-29076F63A37A}:1.0.3.139
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0}:2.7.2.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@soe.sony.com/installer,version=1.0.3: C:\Users\Sweetheart\AppData\Roaming\Mozilla\Firefox\Profiles\28endelp.default\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}\plugins\npsoe.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Program Files\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKLM\Software\MozillaPlugins\@Webzen.com/NPGameWebStarter: C:\Program Files\WEBZEN\WebzenGameStarter\NPGameWebStarter.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2010.08.19 20:52:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.06.06 22:02:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.08.16 15:48:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2010.08.19 20:52:52 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\finder@meingutscheincode.de: C:\Program Files\Mein Gutscheincode Finder\Firefox [2011.07.18 20:10:40 | 000,000,000 | ---D | M]
 
[2009.11.28 21:52:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sweetheart\AppData\Roaming\mozilla\Extensions
[2012.10.12 12:07:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sweetheart\AppData\Roaming\mozilla\Firefox\Profiles\28endelp.default\extensions
[2010.11.14 10:52:28 | 000,000,000 | ---D | M] () -- C:\Users\Sweetheart\AppData\Roaming\mozilla\Firefox\Profiles\28endelp.default\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}
[2010.11.03 09:03:51 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Sweetheart\AppData\Roaming\mozilla\Firefox\Profiles\28endelp.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012.09.07 10:47:12 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Sweetheart\AppData\Roaming\mozilla\Firefox\Profiles\28endelp.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2012.09.06 10:40:01 | 000,101,871 | ---- | M] () (No name found) -- C:\Users\Sweetheart\AppData\Roaming\mozilla\firefox\profiles\28endelp.default\extensions\ciuvo-extension@icq.de.xpi
[2012.09.23 22:53:40 | 000,000,950 | ---- | M] () -- C:\Users\Sweetheart\AppData\Roaming\mozilla\firefox\profiles\28endelp.default\searchplugins\icqplugin-1.xml
[2012.10.04 12:45:06 | 000,000,950 | ---- | M] () -- C:\Users\Sweetheart\AppData\Roaming\mozilla\firefox\profiles\28endelp.default\searchplugins\icqplugin-2.xml
[2012.06.06 11:43:27 | 000,001,056 | ---- | M] () -- C:\Users\Sweetheart\AppData\Roaming\mozilla\firefox\profiles\28endelp.default\searchplugins\icqplugin.xml
[2011.07.18 20:10:40 | 000,001,687 | ---- | M] () -- C:\Users\Sweetheart\AppData\Roaming\mozilla\firefox\profiles\28endelp.default\searchplugins\winamp-search.xml
[2011.07.18 20:10:40 | 000,001,870 | ---- | M] () -- C:\Users\Sweetheart\AppData\Roaming\mozilla\firefox\profiles\28endelp.default\searchplugins\{C9FFD529-F13F-47F5-9D04-488F9F9F6E79}.xml
[2011.07.18 20:10:40 | 000,002,077 | ---- | M] () -- C:\Users\Sweetheart\AppData\Roaming\mozilla\firefox\profiles\28endelp.default\searchplugins\{FA9D6423-B334-46A2-9214-7A64B933E387}.xml
[2011.07.18 20:10:40 | 000,002,188 | ---- | M] () -- C:\Users\Sweetheart\AppData\Roaming\mozilla\firefox\profiles\28endelp.default\searchplugins\{FEB502EE-54AB-4A4D-8404-1932DE660FCE}.xml
[2012.10.12 11:49:12 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012.07.30 19:33:39 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
File not found (No name found) -- C:\PROGRAM FILES\WEB ASSISTANT\FIREFOX
File not found (No name found) -- C:\PROGRAMDATA\AVG SECURE SEARCH\FIREFOXEXT\13.0.0.7
File not found (No name found) -- C:\PROGRAMDATA\BROWSER MANAGER\2.3.765.24\{16CDFF19-861D-48E3-A751-D99A27784753}\FIREFOXEXTENSION
[2012.06.06 22:02:50 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.06.28 17:42:00 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2012.06.06 22:02:48 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.06.06 22:02:48 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.06.06 22:02:48 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.06.06 22:02:48 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.06.06 22:02:48 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.06.06 22:02:48 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - homepage: hxxp://search.babylon.com/?affID=110824&tt=101012_24_4112_2&babsrc=HP_ss&mntrId=5a9e0d6b000000000000000000000000
CHR - default_search_provider: AVG Secure Search (Enabled)
CHR - default_search_provider: search_url = https://isearch.avg.com/search?cid={0EAE350D-72C5-45AB-9C68-BFFEBE009481}&mid=7ab495e403bf47d0905c19b4330d3284-f1b2ed4f9eb8b0b53f1fcc3916f29e6d0c224b70&lang=de&ds=tt014&pr=sa&d=&v=&sap=dsp&q={searchTerms}
CHR - default_search_provider: suggest_url = hxxp://clients5.google.com/complete/search?hl={language}&q={searchTerms}&client=ie8&inputencoding={inputEncoding}&outputencoding={outputEncoding}
CHR - homepage: hxxp://search.babylon.com/?affID=110824&tt=101012_24_4112_2&babsrc=HP_ss&mntrId=5a9e0d6b000000000000000000000000
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.79\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.79\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Sweetheart\AppData\Local\Google\Chrome\User Data\NPAPIFlash\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_278.dll
CHR - plugin: Injovo Extension Plugin (Enabled) = C:\Users\Sweetheart\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.441_0\npbrowserext.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Users\Sweetheart\AppData\Roaming\Mozilla\plugins\np-mswmp.dll
CHR - plugin: AVG SiteSafety plugin (Enabled) = C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\13.0.0\\npsitesafety.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 6 U35 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 6.0.350.10 (Enabled) = C:\Windows\system32\npdeployJava1.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Unity Player (Enabled) = C:\Program Files\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: SOE Web Installer (Enabled) = C:\Users\Sweetheart\AppData\Roaming\Mozilla\Firefox\Profiles\28endelp.default\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}\plugins\npsoe.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: YouTube = C:\Users\Sweetheart\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google-Suche = C:\Users\Sweetheart\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: preisspion.de = C:\Users\Sweetheart\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgfpelakfkbbkkdchaaaknckhoadkcbo\3.0.2_0\
CHR - Extension: Google Mail = C:\Users\Sweetheart\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (Mein Gutscheincode Finder zeigt automatisch Shopping-Gutscheine an mit denen Sie beim Online-Einkauf sparen können.) - {1ED16E0A-E8C4-40A0-8BC2-79485D21F796} - C:\Program Files\Mein Gutscheincode Finder\Internet Explorer\x86\ConversionOneIE.dll (Conversion One GmbH)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll (Google Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (no name) - {98889811-442D-49dd-99D7-DC866BE87DBC} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0} - No CLSID value found.
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4 - HKLM..\Run: [MSI Suite] C:\MSI\MSI SUITE\StartMSISuite.exe ()
O4 - HKLM..\Run: [Ocs_SM] C:\Users\Sweetheart\AppData\Roaming\OCS\SM\SearchAnonymizer.exe (OCS)
O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Program Files\Sony\PlayMemories Home\PMBVolumeWatcher.exe (Sony Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [Super-Charger] C:\Program Files\MSI\Super-Charger\Super-Charger.exe (MSI)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: []  File not found
O4 - HKCU..\Run: [DriverMax] C:\Program Files\Innovative Solutions\DriverMax\drivermax.exe (Innovative Solutions)
O4 - HKCU..\Run: [DriverMax_RESTART] C:\Program Files\Innovative Solutions\DriverMax\drivermax.exe (Innovative Solutions)
O4 - HKCU..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe (IncrediMail, Ltd.)
O4 - HKCU..\Run: [Rainlendar2] C:\Program Files\Rainlendar2\Rainlendar2.exe ()
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4521BBEC-17A0-4C4D-A607-CF9B32D64006}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{71A460A0-92AC-4C40-9141-0B1041C1D07D}: NameServer = 62.109.123.197 213.191.74.19
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Sweetheart\Pictures\Hintergrundbilder\drachen.jpg
O24 - Desktop BackupWallPaper: C:\Users\Sweetheart\Pictures\Hintergrundbilder\drachen.jpg
O27 - HKLM IFEO\diagnostictool.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\excel.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\groove.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\hpcustpartic.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\hpwucli.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\hrfsclient.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\imgstud.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\infopath.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\msaccess.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\msi suite.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\msoxmled.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\mspub.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\mstore.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\ois.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\onenote.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\onenotem.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\outlook.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\pmbbrowser.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\pmbinit.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\powerpnt.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\super-charger.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\unins000.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\winword.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
ActiveX: {0213C6AF-5562-4D09-884C-2ADCFC8C2F35} - Microsoft .NET Framework 1.1 Security Update (KB2656353)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - 
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - 
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.7
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {A38B334A-A0A2-436D-BAA0-34FE5E517E44} - Microsoft .NET Framework 1.1 Security Update (KB2656370)
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Reg Error: Value error.
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
NetSvcs: UxTuneUp - C:\Windows\System32\uxtuneup.dll (TuneUp Software)
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.10.12 11:55:20 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012.10.12 11:53:54 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Roaming\Google
[2012.10.12 10:26:54 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Local\{882B453D-AC34-4177-A6A0-64E49C1E232A}
[2012.10.11 23:09:53 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Sweetheart\Desktop\OTL.exe
[2012.10.11 23:07:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Browser Manager
[2012.10.11 22:26:37 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Local\{C4481F9C-20C7-4C0A-BE6A-9C52BA4F54EB}
[2012.10.11 10:26:15 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Local\{308F0B84-DB51-45F1-A72C-7487F5B2133C}
[2012.10.10 13:26:10 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Local\{815B5E2E-6E92-49F1-A413-1BB0A79C1CAB}
[2012.10.09 23:26:52 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Local\{933D5892-15B0-44CB-9753-42EFB49C89FF}
[2012.10.09 14:01:25 | 001,801,592 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesGUILib.dll
[2012.10.09 14:01:18 | 007,161,736 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEP32A.dll
[2012.10.09 14:01:17 | 007,377,272 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioRealtek.dll
[2012.10.09 14:01:17 | 001,246,584 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioRealtek2.dll
[2012.10.09 14:01:17 | 000,351,112 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EED32A.dll
[2012.10.09 14:01:17 | 000,349,048 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxVolumeSDAPO.dll
[2012.10.09 14:01:17 | 000,106,376 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEL32A.dll
[2012.10.09 14:01:17 | 000,091,528 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEA32A.dll
[2012.10.09 14:01:17 | 000,061,832 | ---- | C] (Dolby Laboratories) -- C:\Windows\System32\R4EEG32A.dll
[2012.10.09 14:01:16 | 001,929,592 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioEQ.dll
[2012.10.09 14:01:16 | 000,717,176 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPOShell.dll
[2012.10.09 14:01:15 | 002,195,040 | ---- | C] (Fortemedia Corporation) -- C:\Windows\System32\FMAPO.dll
[2012.10.09 14:01:15 | 000,350,072 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO30.dll
[2012.10.09 14:01:13 | 000,090,624 | ---- | C] (Real Sound Lab SIA) -- C:\Windows\System32\CONEQMSAPOGUILibrary.dll
[2012.10.09 13:58:07 | 000,015,248 | ---- | C] (PenMount) -- C:\Windows\System32\drivers\pmkbdfltr.sys
[2012.10.09 11:26:37 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Local\{917B5FA0-BE0A-4C08-9C44-919E43237B04}
[2012.10.08 23:26:21 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Local\{F3F3C40E-9E74-48C1-BC02-FF09AB3A0747}
[2012.10.08 23:21:29 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Roaming\Magic3
[2012.10.08 11:29:43 | 000,028,464 | ---- | C] (COMPAL ELECTRONIC INC.) -- C:\Windows\System32\drivers\LPCFilter.sys
[2012.10.08 11:26:06 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Local\{47328226-A6A8-414D-BF78-AC938ABEEE4B}
[2012.10.07 23:25:51 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Local\{37A7F0E7-36B7-44B2-85DF-1137D5E1B8EE}
[2012.10.07 11:25:36 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Local\{0E93320C-D9FC-4B0E-BBDA-6C5DFE8ED582}
[2012.10.06 23:07:44 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Local\{4F8B0643-6196-4479-A77D-B2FBF564CCB0}
[2012.10.06 11:07:28 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Local\{DE896563-E8FB-4F68-99F5-946CD649BB4C}
[2012.10.06 10:44:33 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\System32\CSVer.dll
[2012.10.06 10:26:18 | 000,072,704 | ---- | C] (Point Grey Research) -- C:\Windows\System32\drivers\HS3dSensor1394.sys
[2012.10.06 10:23:47 | 000,161,640 | ---- | C] (Marvell Semiconductor, Inc.) -- C:\Windows\System32\drivers\mv61xx.sys
[2012.10.06 10:23:47 | 000,040,448 | ---- | C] (<Marvell>) -- C:\Windows\System32\mvcoinst.dll
[2012.10.06 10:23:47 | 000,014,184 | ---- | C] (Marvell Semiconductor Inc.) -- C:\Windows\System32\drivers\mv61xxmm.sys
[2012.10.06 10:18:43 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\.thinupload
[2012.10.06 03:18:51 | 000,214,368 | ---- | C] (Synopsys, Inc.) -- C:\Windows\System32\SFNHK.dll
[2012.10.06 03:18:50 | 000,074,080 | ---- | C] (Synopsys, Inc.) -- C:\Windows\System32\SFCOM.dll
[2012.10.06 03:18:50 | 000,068,960 | ---- | C] (Synopsys, Inc.) -- C:\Windows\System32\SFAPO.dll
[2012.10.06 03:18:46 | 000,421,744 | ---- | C] (DTS) -- C:\Windows\System32\DTSU2PLFX32.dll
[2012.10.06 03:18:46 | 000,398,192 | ---- | C] (DTS) -- C:\Windows\System32\DTSU2PGFX32.dll
[2012.10.06 03:18:46 | 000,357,712 | ---- | C] (Knowles Acoustics ) -- C:\Windows\System32\KAAPORT.dll
[2012.10.06 03:18:46 | 000,335,216 | ---- | C] (DTS) -- C:\Windows\System32\DTSU2PREC32.dll
[2012.10.06 03:16:05 | 000,011,832 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\acpimof.dll
[2012.10.06 03:15:58 | 000,000,000 | ---D | C] -- C:\MSI
[2012.10.06 03:15:37 | 000,000,000 | -H-D | C] -- C:\SuperChargerProfile
[2012.10.06 03:14:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012.10.06 01:18:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Google
[2012.10.06 01:18:31 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2012.10.06 01:18:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Trend Micro
[2012.10.06 01:18:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trend Micro SafeSync
[2012.10.06 01:18:23 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro SafeSync
[2012.10.05 22:42:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI
[2012.10.05 22:42:40 | 000,000,000 | ---D | C] -- C:\Program Files\MSI
[2012.10.05 17:21:36 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Local\{80EC128F-6B89-4D55-82E1-47F4EA1A629D}
[2012.10.05 00:04:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in
[2012.10.04 23:51:59 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Local\{81ED33C1-BFAA-4BA1-957F-441D409073AE}
[2012.10.04 23:32:30 | 000,058,880 | ---- | C] (AMD) -- C:\Windows\System32\coinst_9.001.dll
[2012.10.04 23:32:29 | 000,163,840 | ---- | C] (AMD) -- C:\Windows\System32\atitmmxx.dll
[2012.10.04 23:32:25 | 000,020,992 | ---- | C] (AMD) -- C:\Windows\System32\atimuixx.dll
[2012.10.04 23:17:50 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Local\Innovative Solutions
[2012.10.04 23:17:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverMax
[2012.10.04 23:17:48 | 000,000,000 | ---D | C] -- C:\Program Files\Innovative Solutions
[2012.10.04 22:52:42 | 000,000,000 | ---D | C] -- C:\Windows\System32\RTCOM
[2012.10.04 22:51:51 | 001,783,056 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesLib.dll
[2012.10.04 22:51:50 | 000,345,328 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSXT.dll
[2012.10.04 22:51:50 | 000,185,584 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSHD.dll
[2012.10.04 22:51:50 | 000,173,296 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSHP360.dll
[2012.10.04 22:51:50 | 000,140,528 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSWOW.dll
[2012.10.04 22:51:45 | 000,359,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEP32A.dll
[2012.10.04 22:51:45 | 000,295,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DHT32.dll
[2012.10.04 22:51:45 | 000,295,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DAA32.dll
[2012.10.04 22:51:45 | 000,170,840 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEED32A.dll
[2012.10.04 22:51:45 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEL32A.dll
[2012.10.04 22:51:45 | 000,064,856 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEG32A.dll
[2012.10.04 22:51:44 | 000,232,792 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO20.dll
[2012.10.04 22:51:44 | 000,132,368 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO.dll
[2012.10.04 22:51:43 | 001,509,480 | ---- | C] (DTS) -- C:\Windows\System32\DTSS2SpeakerDLL.dll
[2012.10.04 22:51:43 | 001,292,904 | ---- | C] (DTS) -- C:\Windows\System32\DTSS2HeadphoneDLL.dll
[2012.10.04 22:51:43 | 001,220,200 | ---- | C] (DTS) -- C:\Windows\System32\DTSBoostDLL.dll
[2012.10.04 22:51:43 | 000,654,952 | ---- | C] (DTS) -- C:\Windows\System32\DTSBassEnhancementDLL.dll
[2012.10.04 22:51:43 | 000,631,400 | ---- | C] (DTS) -- C:\Windows\System32\DTSSymmetryDLL.dll
[2012.10.04 22:51:43 | 000,601,704 | ---- | C] (DTS) -- C:\Windows\System32\DTSVoiceClarityDLL.dll
[2012.10.04 22:51:43 | 000,458,344 | ---- | C] (DTS) -- C:\Windows\System32\DTSNeoPCDLL.dll
[2012.10.04 22:51:43 | 000,389,736 | ---- | C] (DTS) -- C:\Windows\System32\DTSGainCompensatorDLL.dll
[2012.10.04 22:51:43 | 000,375,400 | ---- | C] (DTS) -- C:\Windows\System32\DTSLimiterDLL.dll
[2012.10.04 22:51:43 | 000,218,728 | ---- | C] (DTS) -- C:\Windows\System32\DTSGFXAPONS.dll
[2012.10.04 22:51:43 | 000,218,728 | ---- | C] (DTS) -- C:\Windows\System32\DTSGFXAPO.dll
[2012.10.04 22:51:43 | 000,218,216 | ---- | C] (DTS) -- C:\Windows\System32\DTSLFXAPO.dll
[2012.10.04 21:52:45 | 000,000,000 | ---D | C] -- C:\Program Files\SystemRequirementsLab
[2012.10.04 19:40:00 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\SystemRequirementsLab
[2012.10.04 19:18:10 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Roaming\Intel Corporation
[2012.10.04 19:18:10 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Intel Corporation
[2012.10.04 15:07:14 | 000,000,000 | ---D | C] -- C:\ProgramData\HP Photo Creations
[2012.10.04 15:07:14 | 000,000,000 | ---D | C] -- C:\Program Files\HP Photo Creations
[2012.10.04 15:05:27 | 000,000,000 | ---D | C] -- C:\Program Files\HP
[2012.10.04 15:01:27 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
[2012.10.04 14:59:37 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Roaming\Leadertech
[2012.10.04 14:58:17 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\LogiShrd
[2012.10.04 14:57:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Logishrd
[2012.10.04 14:57:36 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\LogiShrd
[2012.10.04 14:56:57 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Roaming\Logitech
[2012.10.04 14:56:57 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Roaming\Logishrd
[2012.10.04 14:54:13 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2012.10.04 14:54:09 | 000,000,000 | -H-D | C] -- C:\Program Files\Temp
[2012.10.04 11:51:44 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Local\{ACC5CE56-0255-4CCB-950F-C13EC639AB4C}
[2012.10.04 07:26:43 | 000,000,000 | ---D | C] -- C:\Program Files\AMD APP
[2012.10.04 02:10:45 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Roaming\PCCUStubInstaller
[2012.10.04 02:10:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
[2012.10.04 02:10:21 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller
[2012.10.04 00:25:45 | 000,000,000 | ---D | C] -- C:\Program Files\SmartTweak Software
[2012.10.04 00:25:00 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Local\PackageAware
[2012.10.03 23:59:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013
[2012.10.03 23:58:50 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG Secure Search
[2012.10.03 23:58:18 | 000,026,984 | ---- | C] (AVG Technologies) -- C:\Windows\System32\drivers\avgtpx86.sys
[2012.10.03 23:58:16 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AVG Secure Search
[2012.10.03 23:57:23 | 000,000,000 | ---D | C] -- C:\Program Files\TuneUp Utilities 2013
[2012.10.03 23:56:27 | 000,000,000 | -HSD | C] -- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
[2012.10.03 23:56:27 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2012.10.03 23:51:29 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Local\{AA42FCFF-900E-42A8-9AA6-5512A3E6C83A}
[2012.10.03 23:45:24 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Roaming\Easeware
[2012.10.03 23:45:22 | 000,000,000 | ---D | C] -- C:\Program Files\Easeware
[2012.10.03 23:35:48 | 000,017,280 | ---- | C] (Systweak Inc., (www.systweak.com)) -- C:\Windows\System32\roboot.exe
[2012.10.03 11:51:12 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Local\{9CDD3A9D-536B-42F8-8098-CE810FD878DA}
[2012.10.02 23:50:57 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Local\{83F62225-842A-44B8-B70F-C5A2D56F5224}
[2012.10.02 11:50:42 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Local\{566E9734-210E-4AF1-AA20-232CA2D3C1DB}
[2012.10.01 22:08:37 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Local\{F7A1A3ED-CE71-4924-BB3C-457279DF5F5C}
[2012.10.01 09:50:42 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Local\{B5F9EF2F-DD06-42AF-ACA2-776DBCA72584}
[2012.09.30 17:16:09 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Local\{A2AF122E-F70C-432E-B258-8F58D6820BB3}
[2012.09.29 18:23:22 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Local\{CACD1CB0-0C48-4AFE-94A6-6AB60674887B}
[2012.09.29 00:14:36 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Local\{44DFB7BF-048A-4977-8398-0C9CE4D4F6E3}
[2012.09.28 12:13:46 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Local\{263565D5-5096-4053-BC93-829B6F9F443B}
[2012.09.27 22:57:34 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Local\{441E7A89-73F0-4E70-964E-576D062F1863}
[2012.09.27 22:43:48 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Roaming\V-Games
[2012.09.27 22:42:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Purplehills
[2012.09.27 22:42:43 | 000,000,000 | ---D | C] -- C:\Program Files\Purplehills
[2012.09.27 10:57:20 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Local\{CDB2A17F-4C82-48DA-84A6-27952D8CF6A3}
[2012.09.26 22:18:47 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Local\{9E55831C-364C-4AF0-8101-20B27E72F5A3}
[2012.09.26 10:18:32 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Local\{3AA15C08-A0A4-4C0C-9CA9-B2B4275EBE29}
[2012.09.25 22:18:01 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Local\{3AD46BDE-E5BD-4C57-8E27-4586572A1FBF}
[2012.09.24 23:35:07 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Local\{C9A78311-E3E1-40C6-B29E-A73159FCE281}
[2012.09.24 23:17:30 | 000,000,000 | ---D | C] -- C:\Program Files\Online Games Manager
[2012.09.24 23:17:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zylom
[2012.09.24 23:06:48 | 000,000,000 | ---D | C] -- C:\ProgramData\PopCap Games
[2012.09.24 11:34:52 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Local\{CA8AA90A-A087-4AA2-8A53-47DF51737103}
[2012.09.23 22:13:06 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Local\{BA6C85CB-0254-45C6-97DC-C95801261E5E}
[2012.09.23 10:07:45 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Local\{EF153F13-1396-4438-A7CF-AC9496081D6C}
[2012.09.22 11:13:56 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Local\{77735006-5D11-4E89-868A-77DEE39E4B32}
[2012.09.21 16:38:05 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Local\{2EEF052F-76F4-484E-9FF2-1D8505013A95}
[2012.09.20 22:07:52 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Local\{2D658D1A-EBE2-4E90-AAB5-9F71D46DC572}
[2012.09.20 09:49:23 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Local\{714FEBDC-AFB3-435F-9652-291129A72C13}
[2012.09.19 13:56:14 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Local\{4BF72F45-9414-4B73-B183-7D603531D3E1}
[2012.09.18 16:36:57 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Local\{818FDAE1-D3BF-400E-ACD1-63A30B552785}
[2012.09.17 14:53:25 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Local\{425E75EE-8B3D-48B3-BED6-58DDA84B8EC2}
[2012.09.16 22:18:41 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Local\{0E5B1A36-4068-4F87-931C-A3EB206527E7}
[2012.09.15 22:01:57 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Local\{FEC59C97-4A4E-4B5E-9F4B-5F072AC10050}
[2012.09.14 09:54:32 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Local\{51F21393-BBA4-4780-96BF-800A57D7EDDD}
[2012.09.13 09:23:08 | 000,000,000 | ---D | C] -- C:\Users\Sweetheart\AppData\Local\{75924855-E4C4-4161-9B9B-AF77404A6B5A}
[1 C:\Users\Sweetheart\AppData\Local\*.tmp files -> C:\Users\Sweetheart\AppData\Local\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.10.12 12:11:43 | 000,001,102 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.10.12 12:11:36 | 000,004,736 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.10.12 12:11:36 | 000,004,736 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.10.12 12:11:02 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.10.12 12:10:06 | 3219,304,448 | -HS- | M] () -- C:\hiberfil.sys
[2012.10.12 11:33:10 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.10.12 11:10:15 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.10.12 10:27:05 | 000,538,327 | ---- | M] () -- C:\Users\Sweetheart\Desktop\adwcleaner2.004 (1).exe
[2012.10.11 23:10:03 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Sweetheart\Desktop\OTL.exe
[2012.10.10 23:10:25 | 000,000,866 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.10.07 14:14:18 | 000,008,798 | ---- | M] () -- C:\Windows\System32\icrav03.rat
[2012.10.07 14:14:18 | 000,001,988 | ---- | M] () -- C:\Windows\System32\ticrf.rat
[2012.10.07 14:14:10 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2012.10.06 10:37:47 | 000,001,931 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012.10.06 10:27:09 | 000,636,998 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.10.06 10:27:09 | 000,604,074 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.10.06 10:27:09 | 000,130,596 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.10.06 10:27:09 | 000,108,468 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.10.05 22:42:42 | 000,001,748 | ---- | M] () -- C:\Users\Public\Desktop\Live Update 5.lnk
[2012.10.05 10:41:09 | 002,100,056 | ---- | M] () -- C:\Users\Sweetheart\Documents\anleitung waschmaschine.pdf
[2012.10.05 10:34:23 | 000,000,041 | -HS- | M] () -- C:\ProgramData\.zreglib
[2012.10.04 23:17:50 | 000,000,987 | ---- | M] () -- C:\Users\Sweetheart\Desktop\DriverMax.lnk
[2012.10.04 10:16:09 | 000,390,248 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.10.04 10:15:14 | 182,382,066 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012.10.03 23:59:04 | 000,001,829 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
[2012.10.03 23:59:04 | 000,001,825 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp Utilities 2013.lnk
[2012.10.03 23:57:43 | 000,026,984 | ---- | M] (AVG Technologies) -- C:\Windows\System32\drivers\avgtpx86.sys
[2012.09.30 00:12:05 | 000,001,236 | ---- | M] () -- C:\Users\Sweetheart\Desktop\Magic Encyclopedia 3 - Illusionen.lnk
[2012.09.30 00:10:44 | 000,001,008 | ---- | M] () -- C:\Users\Sweetheart\Desktop\Magic Encyclopedia 2.lnk
[2012.09.27 22:42:57 | 000,000,987 | ---- | M] () -- C:\Users\Sweetheart\Desktop\Magic Encyclopedia.lnk
[2012.09.24 22:10:20 | 000,047,686 | ---- | M] () -- C:\Users\Sweetheart\Documents\ihre_rechnung.pdf
[2012.09.19 11:29:46 | 000,031,584 | ---- | M] (TuneUp Software) -- C:\Windows\System32\TURegOpt.exe
[2012.09.19 11:29:40 | 000,021,344 | ---- | M] (TuneUp Software) -- C:\Windows\System32\authuitu.dll
[2012.09.14 11:29:56 | 000,750,452 | ---- | M] () -- C:\Users\Sweetheart\Documents\eMail_20120914_112547_59.PDF
[2012.09.14 11:14:24 | 000,000,736 | ---- | M] () -- C:\Users\Public\Desktop\Winamp.lnk
[2012.09.13 23:46:04 | 000,058,880 | ---- | M] (AMD) -- C:\Windows\System32\coinst_9.001.dll
[2012.09.13 23:43:16 | 000,276,752 | ---- | M] () -- C:\Windows\System32\atiapfxx.blb
[2012.09.13 23:18:56 | 000,471,040 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
[2012.09.13 23:18:20 | 000,217,600 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
[2012.09.13 23:17:06 | 000,163,840 | ---- | M] (AMD) -- C:\Windows\System32\atitmmxx.dll
[2012.09.13 23:16:58 | 000,020,992 | ---- | M] (AMD) -- C:\Windows\System32\atimuixx.dll
[2012.09.13 23:04:02 | 002,915,680 | ---- | M] () -- C:\Windows\System32\atiumdva.cap
[2012.09.13 22:53:32 | 000,037,376 | ---- | M] () -- C:\Windows\System32\atitmpxx.dll
[1 C:\Users\Sweetheart\AppData\Local\*.tmp files -> C:\Users\Sweetheart\AppData\Local\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.10.12 10:27:00 | 000,538,327 | ---- | C] () -- C:\Users\Sweetheart\Desktop\adwcleaner2.004 (1).exe
[2012.10.12 10:18:50 | 3219,304,448 | -HS- | C] () -- C:\hiberfil.sys
[2012.10.10 23:10:25 | 000,000,866 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.10.09 14:01:18 | 000,336,393 | ---- | C] () -- C:\Windows\System32\drivers\RTAIODAT.DAT
[2012.10.07 14:14:10 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2012.10.06 03:14:44 | 000,001,931 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012.10.06 01:18:50 | 000,001,106 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.10.06 01:18:50 | 000,001,102 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.10.05 22:42:42 | 000,001,748 | ---- | C] () -- C:\Users\Public\Desktop\Live Update 5.lnk
[2012.10.05 10:41:03 | 002,100,056 | ---- | C] () -- C:\Users\Sweetheart\Documents\anleitung waschmaschine.pdf
[2012.10.04 23:32:30 | 002,915,680 | ---- | C] () -- C:\Windows\System32\atiumdva.cap
[2012.10.04 23:32:26 | 000,038,204 | ---- | C] () -- C:\Windows\atiogl.xml
[2012.10.04 23:32:24 | 000,632,252 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2012.10.04 23:32:21 | 000,276,752 | ---- | C] () -- C:\Windows\System32\atiapfxx.blb
[2012.10.04 23:17:50 | 000,000,987 | ---- | C] () -- C:\Users\Sweetheart\Desktop\DriverMax.lnk
[2012.10.03 23:59:04 | 000,001,829 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
[2012.10.03 23:59:04 | 000,001,825 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp Utilities 2013.lnk
[2012.10.03 23:59:03 | 000,001,837 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013.lnk
[2012.09.30 00:12:18 | 000,001,236 | ---- | C] () -- C:\Users\Sweetheart\Desktop\Magic Encyclopedia 3 - Illusionen.lnk
[2012.09.30 00:11:23 | 000,001,008 | ---- | C] () -- C:\Users\Sweetheart\Desktop\Magic Encyclopedia 2.lnk
[2012.09.27 22:43:45 | 000,000,987 | ---- | C] () -- C:\Users\Sweetheart\Desktop\Magic Encyclopedia.lnk
[2012.09.24 23:01:47 | 000,047,686 | ---- | C] () -- C:\Users\Sweetheart\Documents\ihre_rechnung.pdf
[2012.09.14 11:35:04 | 000,750,452 | ---- | C] () -- C:\Users\Sweetheart\Documents\eMail_20120914_112547_59.PDF
[2012.07.27 22:47:36 | 000,159,232 | ---- | C] () -- C:\Windows\System32\clinfo.exe
[2012.07.10 15:00:27 | 000,003,917 | ---- | C] () -- C:\Windows\System32\atipblag.dat
[2012.02.01 04:11:30 | 000,037,376 | ---- | C] () -- C:\Windows\System32\atitmpxx.dll
[2011.04.27 09:00:47 | 000,000,041 | -HS- | C] () -- C:\ProgramData\.zreglib
[2011.02.06 13:16:13 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010.11.16 08:18:00 | 000,000,098 | ---- | C] () -- C:\Users\Sweetheart\AppData\Local\fusioncache.dat
[2010.02.24 22:13:51 | 000,083,456 | ---- | C] () -- C:\Users\Sweetheart\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.12.15 22:14:55 | 000,000,000 | ---- | C] () -- C:\Users\Sweetheart\AppData\Roaming\AVSDVDPlayer.m3u
[2009.11.26 19:03:51 | 000,001,356 | ---- | C] () -- C:\Users\Sweetheart\AppData\Local\d3d9caps.dat
 
========== ZeroAccess Check ==========
 
[2006.11.02 14:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 19:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 08:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.11 08:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2011.12.19 13:42:01 | 000,000,000 | -HSD | M] -- C:\Users\Sweetheart\AppData\Roaming\.#
[2009.12.04 22:13:52 | 000,000,000 | ---D | M] -- C:\Users\Sweetheart\AppData\Roaming\Ankh
[2010.04.12 20:33:30 | 000,000,000 | ---D | M] -- C:\Users\Sweetheart\AppData\Roaming\casanova
[2012.10.03 23:45:24 | 000,000,000 | ---D | M] -- C:\Users\Sweetheart\AppData\Roaming\Easeware
[2012.06.24 08:04:15 | 000,000,000 | ---D | M] -- C:\Users\Sweetheart\AppData\Roaming\FOG Downloader
[2012.05.25 09:45:51 | 000,000,000 | ---D | M] -- C:\Users\Sweetheart\AppData\Roaming\ICQ
[2012.05.25 09:40:32 | 000,000,000 | ---D | M] -- C:\Users\Sweetheart\AppData\Roaming\ICQ Search
[2011.08.01 16:11:50 | 000,000,000 | ---D | M] -- C:\Users\Sweetheart\AppData\Roaming\Image Zone Express
[2012.10.04 14:59:37 | 000,000,000 | ---D | M] -- C:\Users\Sweetheart\AppData\Roaming\Leadertech
[2010.11.06 11:28:35 | 000,000,000 | ---D | M] -- C:\Users\Sweetheart\AppData\Roaming\LEGO Company
[2010.08.14 13:53:21 | 000,000,000 | ---D | M] -- C:\Users\Sweetheart\AppData\Roaming\LucasArts
[2012.10.08 23:21:29 | 000,000,000 | ---D | M] -- C:\Users\Sweetheart\AppData\Roaming\Magic3
[2010.04.08 12:21:50 | 000,000,000 | ---D | M] -- C:\Users\Sweetheart\AppData\Roaming\Mount&Blade Warband
[2011.03.15 21:23:47 | 000,000,000 | ---D | M] -- C:\Users\Sweetheart\AppData\Roaming\MysteryStudio
[2010.12.20 12:34:43 | 000,000,000 | ---D | M] -- C:\Users\Sweetheart\AppData\Roaming\NCH Swift Sound
[2010.08.19 21:14:51 | 000,000,000 | ---D | M] -- C:\Users\Sweetheart\AppData\Roaming\Nokia
[2011.07.18 20:10:37 | 000,000,000 | ---D | M] -- C:\Users\Sweetheart\AppData\Roaming\OCS
[2010.03.30 16:20:14 | 000,000,000 | ---D | M] -- C:\Users\Sweetheart\AppData\Roaming\Online Solutions
[2011.07.18 20:10:40 | 000,000,000 | ---D | M] -- C:\Users\Sweetheart\AppData\Roaming\Opera
[2012.02.14 09:18:00 | 000,000,000 | ---D | M] -- C:\Users\Sweetheart\AppData\Roaming\PC Suite
[2012.10.04 02:10:45 | 000,000,000 | ---D | M] -- C:\Users\Sweetheart\AppData\Roaming\PCCUStubInstaller
[2012.05.05 10:08:34 | 000,000,000 | ---D | M] -- C:\Users\Sweetheart\AppData\Roaming\PhotoScape
[2011.08.01 16:11:50 | 000,000,000 | ---D | M] -- C:\Users\Sweetheart\AppData\Roaming\Printer Info Cache
[2010.03.16 21:44:12 | 000,000,000 | ---D | M] -- C:\Users\Sweetheart\AppData\Roaming\TeamViewer
[2010.08.10 21:38:39 | 000,000,000 | ---D | M] -- C:\Users\Sweetheart\AppData\Roaming\TS3Client
[2012.10.03 23:57:32 | 000,000,000 | ---D | M] -- C:\Users\Sweetheart\AppData\Roaming\TuneUp Software
[2011.03.15 21:23:53 | 000,000,000 | ---D | M] -- C:\Users\Sweetheart\AppData\Roaming\Ubisoft
[2012.09.30 20:57:35 | 000,000,000 | ---D | M] -- C:\Users\Sweetheart\AppData\Roaming\V-Games
[2010.02.25 22:00:55 | 000,000,000 | ---D | M] -- C:\Users\Sweetheart\AppData\Roaming\WinAVI
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %SYSTEMDRIVE%\*. >
[2012.06.06 11:53:07 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2010.02.06 22:10:06 | 000,000,000 | ---D | M] -- C:\.jagex_cache_32
[2009.12.15 10:26:43 | 000,000,000 | -HSD | M] -- C:\Boot
[2006.11.02 15:02:03 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2009.11.26 19:02:18 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2010.07.17 16:23:07 | 000,000,000 | ---D | M] -- C:\dvdshrink23de
[2012.03.05 08:50:17 | 000,000,000 | ---D | M] -- C:\gPotato.eu
[2012.10.06 03:16:57 | 000,000,000 | ---D | M] -- C:\MSI
[2010.01.16 15:28:52 | 000,000,000 | RH-D | M] -- C:\MSOCache
[2009.12.04 21:54:52 | 000,000,000 | ---D | M] -- C:\nDoors
[2012.09.11 10:31:30 | 000,000,000 | ---D | M] -- C:\output
[2009.12.10 17:22:35 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2012.10.12 12:11:45 | 000,000,000 | ---D | M] -- C:\Program Files
[2012.10.12 12:07:01 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2009.11.26 19:02:18 | 000,000,000 | -HSD | M] -- C:\Programme
[2012.06.06 21:03:06 | 000,000,000 | ---D | M] -- C:\schriften
[2012.10.06 03:15:38 | 000,000,000 | -H-D | M] -- C:\SuperChargerProfile
[2012.10.12 12:19:01 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2009.11.26 19:03:49 | 000,000,000 | R--D | M] -- C:\Users
[2010.01.18 22:15:56 | 000,000,000 | ---D | M] -- C:\VivoxLogs
[2012.10.12 12:11:45 | 000,000,000 | ---D | M] -- C:\Windows
 
< %PROGRAMFILES%\*.exe >
 
< %LOCALAPPDATA%\*.exe >
 
< %systemroot%\*. /mp /s >
 
< %windir%\installer\*. /5 >
[2012.10.12 11:52:33 | 000,000,000 | ---D | M] -- C:\Windows\installer\{26A24AE4-039D-4CA4-87B4-2F83217007FF}
[2012.10.10 23:28:58 | 000,000,000 | ---D | M] -- C:\Windows\installer\{90120000-0030-0000-0000-0000000FF1CE}
 
< %localappdata%\*. /5 >
[2012.10.12 11:54:01 | 000,000,000 | ---D | M] -- C:\Users\Sweetheart\AppData\Local\Google
[2012.10.07 12:42:34 | 000,000,000 | ---D | M] -- C:\Users\Sweetheart\AppData\Local\PMB Files
[2012.10.12 12:20:56 | 000,000,000 | ---D | M] -- C:\Users\Sweetheart\AppData\Local\Temp
[2012.10.11 10:26:20 | 000,000,000 | ---D | M] -- C:\Users\Sweetheart\AppData\Local\{308F0B84-DB51-45F1-A72C-7487F5B2133C}
[2012.10.07 23:25:53 | 000,000,000 | ---D | M] -- C:\Users\Sweetheart\AppData\Local\{37A7F0E7-36B7-44B2-85DF-1137D5E1B8EE}
[2012.10.08 11:26:07 | 000,000,000 | ---D | M] -- C:\Users\Sweetheart\AppData\Local\{47328226-A6A8-414D-BF78-AC938ABEEE4B}
[2012.10.10 13:26:11 | 000,000,000 | ---D | M] -- C:\Users\Sweetheart\AppData\Local\{815B5E2E-6E92-49F1-A413-1BB0A79C1CAB}
[2012.10.12 10:26:55 | 000,000,000 | ---D | M] -- C:\Users\Sweetheart\AppData\Local\{882B453D-AC34-4177-A6A0-64E49C1E232A}
[2012.10.09 11:26:38 | 000,000,000 | ---D | M] -- C:\Users\Sweetheart\AppData\Local\{917B5FA0-BE0A-4C08-9C44-919E43237B04}
[2012.10.09 23:26:53 | 000,000,000 | ---D | M] -- C:\Users\Sweetheart\AppData\Local\{933D5892-15B0-44CB-9753-42EFB49C89FF}
[2012.10.11 22:26:39 | 000,000,000 | ---D | M] -- C:\Users\Sweetheart\AppData\Local\{C4481F9C-20C7-4C0A-BE6A-9C52BA4F54EB}
[2012.10.08 23:26:23 | 000,000,000 | ---D | M] -- C:\Users\Sweetheart\AppData\Local\{F3F3C40E-9E74-48C1-BC02-FF09AB3A0747}
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 24 bytes -> C:\Windows:5738951E5A09CC69

< End of report >
         

--- --- ---

ESET Online Scanner

• Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
• Lade und starte Eset Online Scanner
• Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
• Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
• Klicke auf Starten.
• Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
• Klicke am Ende des Suchlaufs auf Fertig stellen.
• Schließe das Fenster von ESET.
• Explorer öffnen.
• C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
• Logfile hier posten.
• Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
• Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

otl läuft nochmal neu da kein extra log aufzufinden ist