| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Google redirect Virus entfernenWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
07.06.2013, 19:14
| #1 |
| |  Google redirect Virus entfernen Hey Leute, ich habe mir vor einiger Zeit diesen Google redirect Virus eingefangen. Diesen möchte ich jetzt entfernen, bekomme es allerdings alleine nicht hin. Ich schreine gerade an meiner Abschlussarbeit und muss viel Internet recherche durchführen, wo dieser Virus sehr störend ist. So ich arbeite jetzt mal die to-do Liste ab um einen Anfang zu machen: Schritt 1: defogger ausgeführt, keine Fehler, kein Neustart des Computers Schritt 2: OTL: hier der Inhalt aus OTL.txt: eine zweite txt wurde leider nicht ausgeworfen Code:
ATTFilter OTL logfile created on: 07.06.2013 19:45:02 - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\ADenkel\Downloads
64bit- Professional (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
12,00 Gb Total Physical Memory | 8,04 Gb Available Physical Memory | 66,99% Memory free
23,99 Gb Paging File | 19,64 Gb Available in Paging File | 81,84% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 736,10 Gb Total Space | 282,31 Gb Free Space | 38,35% Space Free | Partition Type: NTFS
Drive D: | 1,91 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive F: | 298,09 Gb Total Space | 22,19 Gb Free Space | 7,44% Space Free | Partition Type: NTFS
Drive K: | 14,92 Gb Total Space | 9,36 Gb Free Space | 62,71% Space Free | Partition Type: NTFS
Drive M: | 1863,01 Gb Total Space | 334,60 Gb Free Space | 17,96% Space Free | Partition Type: NTFS
Computer Name: ADENKEL-PC | User Name: ADenkel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\ADenkel\Downloads\OTL(2).exe (OldTimer Tools)
PRC - C:\Users\ADenkel\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ()
PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_202.exe (Adobe Systems, Inc.)
PRC - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe (IObit)
PRC - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe (IObit)
PRC - C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe (IObit)
PRC - C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe (IObit)
PRC - C:\Program Files (x86)\IObit\Advanced SystemCare 6\Monitor.exe (IObit)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.)
PRC - C:\Users\ADenkel\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
PRC - C:\Program Files (x86)\PDF24\pdf24.exe (Geek Software GmbH)
PRC - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe (Autodesk, Inc.)
PRC - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)
PRC - C:\Programme\Autodesk\3ds Max 2013\NVIDIA\raysat_3dsmax2013_64server.exe ()
PRC - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Program Files (x86)\FreePDF_XP\fpassist.exe (shbox.de)
PRC - C:\Programme\Autodesk\3ds Max Design 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe ()
PRC - C:\Program Files (x86)\DivX\DivX Plus Web Player\DDMService.exe (DivX, LLC)
PRC - C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe (AMD)
PRC - C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (NEC Electronics Corporation)
PRC - C:\Programme\ASUS\Six Engine\SixEngine.exe (ASUSTeK Computer Inc.)
PRC - C:\Programme\ASUS\TurboV EVO\TurboVHelp.exe (ASUSTeK Computer Inc.)
PRC - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe (ASUSTeK Computer Inc.)
PRC - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
PRC - C:\Program Files (x86)\CyberLink\Shared files\brs.exe (cyberlink)
PRC - C:\Program Files (x86)\Adobe\Acrobat 7.0\Distillr\acrotray.exe (Adobe Systems Inc.)
========== Modules (No Company Name) ==========
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ()
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
MOD - C:\Users\ADenkel\AppData\Roaming\Dropbox\bin\libcef.dll ()
MOD - C:\Program Files (x86)\IObit\Advanced SystemCare 6\madExcept_.bpl ()
MOD - C:\Program Files (x86)\IObit\Advanced SystemCare 6\madDisAsm_.bpl ()
MOD - C:\Program Files (x86)\IObit\Advanced SystemCare 6\madBasic_.bpl ()
MOD - C:\Program Files (x86)\IObit\Advanced SystemCare 6\webres.dll ()
MOD - C:\Users\ADenkel\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll ()
MOD - C:\Program Files (x86)\SplitMediaLabs\XSplit\avformat-53.dll ()
MOD - C:\Program Files (x86)\SplitMediaLabs\XSplit\avutil-51.dll ()
MOD - C:\Program Files (x86)\SplitMediaLabs\XSplit\avcodec-53.dll ()
MOD - C:\Program Files (x86)\SplitMediaLabs\XSplit\swscale-0.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll ()
MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
MOD - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf ()
MOD - C:\Windows\SysWOW64\AsIO.dll ()
MOD - C:\Programme\ASUS\Six Engine\pngio.dll ()
MOD - C:\Programme\ASUS\TurboV EVO\HookKey32.dll ()
MOD - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll ()
MOD - C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll ()
MOD - C:\Programme\ASUS\Six Engine\AsusService.dll ()
MOD - C:\Programme\ASUS\TurboV EVO\pngio.dll ()
MOD - C:\Windows\SysWOW64\sqlite3.dll ()
MOD - C:\Program Files (x86)\Adobe\Acrobat 7.0\Distillr\acrotray.deu ()
MOD - C:\Program Files (x86)\Adobe\Acrobat 7.0\Distillr\acrotray.FRA ()
========== Services (SafeList) ==========
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (Creative Audio Engine Licensing Service) -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe (Creative Labs)
SRV - (Creative ALchemy AL6 Licensing Service) -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe (Creative Labs)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (IMFservice) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe (IObit)
SRV - (AdvancedSystemCareService6) -- C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe (IObit)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (McComponentHostService) -- C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe (McAfee, Inc.)
SRV - (FLEXnet Licensing Service 64) -- C:\Programme\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe (Flexera Software, Inc.)
SRV - (Skype C2C Service) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (CTAudSvcService) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)
SRV - (cmdAgent) -- C:\Programme\COMODO\COMODO Internet Security\cmdagent.exe (COMODO)
SRV - (mi-raysat_3dsmax2013_64) -- C:\Programme\Autodesk\3ds Max 2013\NVIDIA\raysat_3dsmax2013_64server.exe ()
SRV - (CLPSLS) -- C:\Programme\COMODO\COMODO GeekBuddy\CLPSLS.exe (COMODO)
SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (mi-raysat_3dsmax2012_64) -- C:\Programme\Autodesk\3ds Max Design 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe ()
SRV - (SQLWriter) -- c:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (mi-raysat_3dsmax2011_64) -- C:\Programme\Autodesk\3ds Max 2011\mentalimages\satellite\raysat_3dsmax2011_64server.exe ()
SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (osppsvc) -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
SRV - (ose64) -- C:\Programme\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (AsSysCtrlService) -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe (ASUSTeK Computer Inc.)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (UHSfiltv) -- C:\Windows\SysNative\drivers\UHSfiltv.sys (Creative Technology Ltd.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (cmderd) -- C:\Windows\SysNative\drivers\cmderd.sys (COMODO)
DRV:64bit: - (Netaapl) -- C:\Windows\SysNative\drivers\netaapl64.sys (Apple Inc.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions)
DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.)
DRV:64bit: - (LGVirHid) -- C:\Windows\SysNative\drivers\LGVirHid.sys (Logitech Inc.)
DRV:64bit: - (LGBusEnum) -- C:\Windows\SysNative\drivers\LGBusEnum.sys (Logitech Inc.)
DRV:64bit: - (nusb3xhc) -- C:\Windows\SysNative\drivers\nusb3xhc.sys (NEC Electronics Corporation)
DRV:64bit: - (nusb3hub) -- C:\Windows\SysNative\drivers\nusb3hub.sys (NEC Electronics Corporation)
DRV:64bit: - (JRAID) -- C:\Windows\SysNative\drivers\jraid.sys (JMicron Technology Corp.)
DRV:64bit: - (VIAHdAudAddService) -- C:\Windows\SysNative\drivers\viahduaa.sys (VIA Technologies, Inc.)
DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\drivers\ASACPI.sys ()
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (CLBUDF) -- C:\Windows\SysNative\drivers\CLBUDF.sys (CyberLink Corporation.)
DRV:64bit: - (CLBStor) -- C:\Windows\SysNative\drivers\CLBStor.sys (Cyberlink Co.,Ltd.)
DRV:64bit: - (DRHARD64) -- C:\Windows\SysNative\drivers\DRHARD64.sys (Licensed for Gebhard Software)
DRV - (UrlFilter) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys (IObit.com)
DRV - (RegFilter) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys (IObit.com)
DRV - (FileMonitor) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys (IObit)
DRV - (WinRing0_1_2_0) -- C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys (OpenLibSys.org)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - ({FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}) -- C:\Program Files (x86)\CyberLink\PowerDVD8\000.fcl (CyberLink Corp.)
DRV - (DRHARD64) -- C:\Windows\SysWOW64\drivers\DRHARD64.sys (Licensed for Gebhard Software)
DRV - (CLBUDF) -- C:\Windows\CLBUDF.tbl ()
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = B7 A9 D3 40 51 66 CB 01 [binary data]
IE - HKCU\..\URLSearchHook: - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{02846768-E30E-42f0-95E3-2AF704DA8C8D}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=SPLBR2&pc=SPLH
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{4C3FDEAB-C42A-49F9-9931-92B65DDE177E}: "URL" = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=302398&p={searchTerms}
IE - HKCU\..\SearchScopes\{7774EDFF-4D41-4613-AB97-D428D276D9CA}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=STDVM
IE - HKCU\..\SearchScopes\{DA533647-73C6-4d8c-B091-53D1555A5CA6}: "URL" = hxxp://www.google.com/cse?cx=partner-pub-3794288947762788%3A4067623346&ie=UTF-8&q={searchTerms}&sa=Search&siteurl=www.google.com%2Fcse%2Fhome%3Fcx%3Dpartner-pub-3794288947762788%3A4067623346
IE - HKCU\..\SearchScopes\{FFEBBF0A-C22C-4172-89FF-45215A135AC7}: "URL" = hxxp://go.mail.ru/search?q={searchTerms}&utf8in=1&fr=ietb
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;127.0.0.1:9421;<local>
========== FireFox ==========
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=302398"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "google.de"
FF - prefs.js..extensions.enabledAddons: 5%40thumbpro.net:1.7
FF - prefs.js..extensions.enabledAddons: beamgeraet%40web.de:4.11.0.30
FF - prefs.js..extensions.enabledAddons: iweb2x%40sciweavers.org:1.0
FF - prefs.js..extensions.enabledAddons: netvideohunter%40netvideohunter.com:1.9.5
FF - prefs.js..extensions.enabledAddons: youtube2mp3%40mondayx.de:1.2.3
FF - prefs.js..extensions.enabledAddons: %7Bdf4e4df5-5cb7-46b0-9aef-6c784c3249f8%7D:1.2.0
FF - prefs.js..extensions.enabledAddons: artur.dubovoy%40gmail.com:3.8.7
FF - prefs.js..extensions.enabledAddons: ich%40maltegoetz.de:1.4.8
FF - prefs.js..extensions.enabledAddons: toolbar%40gmx.net:2.6
FF - prefs.js..extensions.enabledAddons: ascsurfingprotection%40iobit.com:1.0
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: vshare@toolbar:1.0.0
FF - prefs.js..extensions.enabledItems: pdfforge@mybrowserbar.com:4.4
FF - prefs.js..extensions.enabledItems: {df4e4df5-5cb7-46b0-9aef-6c784c3249f8}:1.2.0
FF - prefs.js..extensions.enabledItems: wtxpcom@mybrowserbar.com:4.4
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.0.900
FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.0.900
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.9
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.0: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=0.80.0: C:\Program Files (x86)\Battlelog Web Plugins\0.80.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@idsoftware.com/QuakeLive: C:\ProgramData\id Software\QuakeLive\npquakezero.dll (id Software Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@veetle.com/vbp;version=0.9.17: C:\Program Files (x86)\Veetle\VLCBroadcast\npvbp.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.19: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.4: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\ADenkel\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\ADenkel\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}: C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2011.12.22 23:50:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011.12.23 00:07:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011.12.23 00:07:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.05.21 11:30:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.06.07 16:45:19 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.05.21 11:30:48 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.06.07 16:45:19 | 000,000,000 | ---D | M]
[2012.05.30 15:20:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ADenkel\AppData\Roaming\mozilla\Extensions
[2013.06.07 17:28:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ADenkel\AppData\Roaming\mozilla\Firefox\Profiles\vfk58t0p.default\extensions
[2011.12.23 00:46:06 | 000,000,000 | ---D | M] (Fox!Box) -- C:\Users\ADenkel\AppData\Roaming\mozilla\Firefox\Profiles\vfk58t0p.default\extensions\{df4e4df5-5cb7-46b0-9aef-6c784c3249f8}
[2013.06.07 17:28:48 | 000,000,000 | ---D | M] (Advanced SystemCare Surfing Protection) -- C:\Users\ADenkel\AppData\Roaming\mozilla\Firefox\Profiles\vfk58t0p.default\extensions\ascsurfingprotection@iobit.com
[2012.09.22 20:57:56 | 000,000,000 | ---D | M] (Youtube Music Player) -- C:\Users\ADenkel\AppData\Roaming\mozilla\Firefox\Profiles\vfk58t0p.default\extensions\beamgeraet@web.de
[2013.06.07 16:10:56 | 000,000,000 | ---D | M] (Instair) -- C:\Users\ADenkel\AppData\Roaming\mozilla\Firefox\Profiles\vfk58t0p.default\extensions\contact@instair.net
[2013.04.11 00:29:59 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\ADenkel\AppData\Roaming\mozilla\Firefox\Profiles\vfk58t0p.default\extensions\ich@maltegoetz.de
[2012.10.25 10:09:50 | 000,000,000 | ---D | M] ("NetVideoHunter") -- C:\Users\ADenkel\AppData\Roaming\mozilla\Firefox\Profiles\vfk58t0p.default\extensions\netvideohunter@netvideohunter.com
[2012.04.20 09:50:12 | 000,007,926 | ---- | M] () (No name found) -- C:\Users\ADenkel\AppData\Roaming\mozilla\firefox\profiles\vfk58t0p.default\extensions\5@thumbpro.net.xpi
[2013.03.27 20:57:21 | 000,275,665 | ---- | M] () (No name found) -- C:\Users\ADenkel\AppData\Roaming\mozilla\firefox\profiles\vfk58t0p.default\extensions\artur.dubovoy@gmail.com.xpi
[2012.09.22 14:34:58 | 000,101,863 | ---- | M] () (No name found) -- C:\Users\ADenkel\AppData\Roaming\mozilla\firefox\profiles\vfk58t0p.default\extensions\ciuvo-extension@icq.de.xpi
[2012.01.10 14:55:22 | 000,082,854 | ---- | M] () (No name found) -- C:\Users\ADenkel\AppData\Roaming\mozilla\firefox\profiles\vfk58t0p.default\extensions\iweb2x@sciweavers.org.xpi
[2013.05.14 09:18:34 | 000,571,660 | ---- | M] () (No name found) -- C:\Users\ADenkel\AppData\Roaming\mozilla\firefox\profiles\vfk58t0p.default\extensions\toolbar@gmx.net.xpi
[2012.04.20 09:53:42 | 000,011,510 | ---- | M] () (No name found) -- C:\Users\ADenkel\AppData\Roaming\mozilla\firefox\profiles\vfk58t0p.default\extensions\youtube2mp3@mondayx.de.xpi
[2013.03.27 20:24:01 | 000,221,336 | ---- | M] () (No name found) -- C:\Users\ADenkel\AppData\Roaming\mozilla\firefox\profiles\vfk58t0p.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi
[2013.05.12 17:18:20 | 000,870,680 | ---- | M] () (No name found) -- C:\Users\ADenkel\AppData\Roaming\mozilla\firefox\profiles\vfk58t0p.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.05.14 09:18:37 | 000,002,418 | ---- | M] () -- C:\Users\ADenkel\AppData\Roaming\mozilla\firefox\profiles\vfk58t0p.default\searchplugins\englische-ergebnisse.xml
[2013.05.14 09:18:37 | 000,010,701 | ---- | M] () -- C:\Users\ADenkel\AppData\Roaming\mozilla\firefox\profiles\vfk58t0p.default\searchplugins\gmx-suche.xml
[2011.09.30 17:18:16 | 000,000,950 | ---- | M] () -- C:\Users\ADenkel\AppData\Roaming\mozilla\firefox\profiles\vfk58t0p.default\searchplugins\icqplugin-10.xml
[2011.10.03 16:59:54 | 000,000,950 | ---- | M] () -- C:\Users\ADenkel\AppData\Roaming\mozilla\firefox\profiles\vfk58t0p.default\searchplugins\icqplugin-11.xml
[2011.11.07 01:13:20 | 000,000,950 | ---- | M] () -- C:\Users\ADenkel\AppData\Roaming\mozilla\firefox\profiles\vfk58t0p.default\searchplugins\icqplugin-12.xml
[2011.11.10 23:40:42 | 000,000,950 | ---- | M] () -- C:\Users\ADenkel\AppData\Roaming\mozilla\firefox\profiles\vfk58t0p.default\searchplugins\icqplugin-13.xml
[2011.11.29 11:46:45 | 000,000,950 | ---- | M] () -- C:\Users\ADenkel\AppData\Roaming\mozilla\firefox\profiles\vfk58t0p.default\searchplugins\icqplugin-14.xml
[2011.12.21 12:02:41 | 000,000,950 | ---- | M] () -- C:\Users\ADenkel\AppData\Roaming\mozilla\firefox\profiles\vfk58t0p.default\searchplugins\icqplugin-15.xml
[2011.12.31 13:37:24 | 000,000,950 | ---- | M] () -- C:\Users\ADenkel\AppData\Roaming\mozilla\firefox\profiles\vfk58t0p.default\searchplugins\icqplugin-16.xml
[2012.01.07 12:22:30 | 000,000,950 | ---- | M] () -- C:\Users\ADenkel\AppData\Roaming\mozilla\firefox\profiles\vfk58t0p.default\searchplugins\icqplugin-17.xml
[2012.02.02 16:22:23 | 000,000,950 | ---- | M] () -- C:\Users\ADenkel\AppData\Roaming\mozilla\firefox\profiles\vfk58t0p.default\searchplugins\icqplugin-18.xml
[2012.02.14 20:51:59 | 000,000,950 | ---- | M] () -- C:\Users\ADenkel\AppData\Roaming\mozilla\firefox\profiles\vfk58t0p.default\searchplugins\icqplugin-19.xml
[2012.02.23 22:13:32 | 000,000,950 | ---- | M] () -- C:\Users\ADenkel\AppData\Roaming\mozilla\firefox\profiles\vfk58t0p.default\searchplugins\icqplugin-20.xml
[2012.03.25 21:08:48 | 000,000,950 | ---- | M] () -- C:\Users\ADenkel\AppData\Roaming\mozilla\firefox\profiles\vfk58t0p.default\searchplugins\icqplugin-21.xml
[2012.04.01 22:45:07 | 000,000,950 | ---- | M] () -- C:\Users\ADenkel\AppData\Roaming\mozilla\firefox\profiles\vfk58t0p.default\searchplugins\icqplugin-22.xml
[2012.04.25 15:28:38 | 000,000,950 | ---- | M] () -- C:\Users\ADenkel\AppData\Roaming\mozilla\firefox\profiles\vfk58t0p.default\searchplugins\icqplugin-23.xml
[2012.06.09 20:07:27 | 000,000,950 | ---- | M] () -- C:\Users\ADenkel\AppData\Roaming\mozilla\firefox\profiles\vfk58t0p.default\searchplugins\icqplugin-24.xml
[2012.06.19 23:26:27 | 000,000,950 | ---- | M] () -- C:\Users\ADenkel\AppData\Roaming\mozilla\firefox\profiles\vfk58t0p.default\searchplugins\icqplugin-25.xml
[2012.07.03 15:05:06 | 000,000,950 | ---- | M] () -- C:\Users\ADenkel\AppData\Roaming\mozilla\firefox\profiles\vfk58t0p.default\searchplugins\icqplugin-26.xml
[2012.07.18 20:14:49 | 000,000,950 | ---- | M] () -- C:\Users\ADenkel\AppData\Roaming\mozilla\firefox\profiles\vfk58t0p.default\searchplugins\icqplugin-27.xml
[2012.07.26 11:53:09 | 000,000,950 | ---- | M] () -- C:\Users\ADenkel\AppData\Roaming\mozilla\firefox\profiles\vfk58t0p.default\searchplugins\icqplugin-28.xml
[2012.09.23 10:26:34 | 000,000,950 | ---- | M] () -- C:\Users\ADenkel\AppData\Roaming\mozilla\firefox\profiles\vfk58t0p.default\searchplugins\icqplugin-29.xml
[2012.10.21 16:19:45 | 000,000,950 | ---- | M] () -- C:\Users\ADenkel\AppData\Roaming\mozilla\firefox\profiles\vfk58t0p.default\searchplugins\icqplugin-30.xml
[2012.10.30 18:20:43 | 000,000,950 | ---- | M] () -- C:\Users\ADenkel\AppData\Roaming\mozilla\firefox\profiles\vfk58t0p.default\searchplugins\icqplugin-31.xml
[2012.12.06 12:28:25 | 000,000,950 | ---- | M] () -- C:\Users\ADenkel\AppData\Roaming\mozilla\firefox\profiles\vfk58t0p.default\searchplugins\icqplugin-32.xml
[2013.01.12 01:02:23 | 000,000,950 | ---- | M] () -- C:\Users\ADenkel\AppData\Roaming\mozilla\firefox\profiles\vfk58t0p.default\searchplugins\icqplugin-33.xml
[2013.01.19 06:20:05 | 000,000,950 | ---- | M] () -- C:\Users\ADenkel\AppData\Roaming\mozilla\firefox\profiles\vfk58t0p.default\searchplugins\icqplugin-34.xml
[2013.02.06 13:05:01 | 000,000,950 | ---- | M] () -- C:\Users\ADenkel\AppData\Roaming\mozilla\firefox\profiles\vfk58t0p.default\searchplugins\icqplugin-35.xml
[2013.03.27 21:01:33 | 000,000,950 | ---- | M] () -- C:\Users\ADenkel\AppData\Roaming\mozilla\firefox\profiles\vfk58t0p.default\searchplugins\icqplugin-36.xml
[2013.04.22 21:28:09 | 000,000,950 | ---- | M] () -- C:\Users\ADenkel\AppData\Roaming\mozilla\firefox\profiles\vfk58t0p.default\searchplugins\icqplugin-37.xml
[2013.05.21 15:36:31 | 000,000,950 | ---- | M] () -- C:\Users\ADenkel\AppData\Roaming\mozilla\firefox\profiles\vfk58t0p.default\searchplugins\icqplugin-38.xml
[2011.06.24 11:58:36 | 000,000,950 | ---- | M] () -- C:\Users\ADenkel\AppData\Roaming\mozilla\firefox\profiles\vfk58t0p.default\searchplugins\icqplugin-4.xml
[2011.06.29 18:01:32 | 000,000,950 | ---- | M] () -- C:\Users\ADenkel\AppData\Roaming\mozilla\firefox\profiles\vfk58t0p.default\searchplugins\icqplugin-5.xml
[2011.08.18 10:03:04 | 000,000,950 | ---- | M] () -- C:\Users\ADenkel\AppData\Roaming\mozilla\firefox\profiles\vfk58t0p.default\searchplugins\icqplugin-6.xml
[2011.09.01 18:42:35 | 000,000,950 | ---- | M] () -- C:\Users\ADenkel\AppData\Roaming\mozilla\firefox\profiles\vfk58t0p.default\searchplugins\icqplugin-7.xml
[2011.09.12 21:17:19 | 000,000,950 | ---- | M] () -- C:\Users\ADenkel\AppData\Roaming\mozilla\firefox\profiles\vfk58t0p.default\searchplugins\icqplugin-8.xml
[2011.09.27 20:26:28 | 000,000,950 | ---- | M] () -- C:\Users\ADenkel\AppData\Roaming\mozilla\firefox\profiles\vfk58t0p.default\searchplugins\icqplugin-9.xml
[2013.05.14 09:18:37 | 000,002,432 | ---- | M] () -- C:\Users\ADenkel\AppData\Roaming\mozilla\firefox\profiles\vfk58t0p.default\searchplugins\lastminute.xml
[2013.05.14 09:18:37 | 000,005,682 | ---- | M] () -- C:\Users\ADenkel\AppData\Roaming\mozilla\firefox\profiles\vfk58t0p.default\searchplugins\webde-suche.xml
[2013.05.21 11:30:48 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2013.05.21 11:30:45 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013.05.21 11:30:48 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
[2013.05.21 11:30:48 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
File not found (No name found) -- C:\PROGRAM FILES (X86)\IOBIT APPS TOOLBAR\FF
[2010.03.27 18:06:04 | 000,067,032 | ---- | M] (Adobe Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npContribute.dll
========== Chrome ==========
CHR - Extension: No name found = C:\Users\ADenkel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: No name found = C:\Users\ADenkel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: No name found = C:\Users\ADenkel\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnjbmmemklcjgepojigaapkoodmkgbae\2.1.0.900_0\
CHR - Extension: No name found = C:\Users\ADenkel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.56_0\
CHR - Extension: No name found = C:\Users\ADenkel\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj\1.3_0\
CHR - Extension: No name found = C:\Users\ADenkel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.3.0.11079_0\
CHR - Extension: No name found = C:\Users\ADenkel\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfidmkgnfgnkihnjeklbekckimkipmoe\3.0.16_0\
CHR - Extension: No name found = C:\Users\ADenkel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\
CHR - Extension: No name found = C:\Users\ADenkel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.0.900_0\
CHR - Extension: No name found = C:\Users\ADenkel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
CHR - Extension: No name found = C:\Users\ADenkel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: No name found = C:\Users\ADenkel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: No name found = C:\Users\ADenkel\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnjbmmemklcjgepojigaapkoodmkgbae\2.1.0.900_0\
CHR - Extension: No name found = C:\Users\ADenkel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.56_0\
CHR - Extension: No name found = C:\Users\ADenkel\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj\1.3_0\
CHR - Extension: No name found = C:\Users\ADenkel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.3.0.11079_0\
CHR - Extension: No name found = C:\Users\ADenkel\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfidmkgnfgnkihnjeklbekckimkipmoe\3.0.16_0\
CHR - Extension: No name found = C:\Users\ADenkel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\
CHR - Extension: No name found = C:\Users\ADenkel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.0.900_0\
CHR - Extension: No name found = C:\Users\ADenkel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
O1 HOSTS File: ([2012.06.06 22:06:58 | 000,001,366 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 adobe.activate.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 ereg.adobe.com
O1 - Hosts: 127.0.0.1 adobeereg.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 wip3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1 ereg.wip3.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 c.icq.com
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Advanced SystemCare Browser Protection) - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\ADVANC~1\BROWER~1\ASCPLU~1.DLL (IObit)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (ICQ Sparberater) - {FE163F11-1919-4257-A280-FF5AF8DAEECB} - C:\Program Files (x86)\icq\Internet Explorer\icq.dll (solute gmbh)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4:64bit: - HKLM..\Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 7.0] C:\Program Files (x86)\Adobe\Acrobat 7.0\Distillr\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ADSK DLMSession] C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe (Autodesk, Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared Files\brs.exe (cyberlink)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [COMODO] C:\Programme\COMODO\COMODO GeekBuddy\CLPSLA.exe (COMODO)
O4 - HKLM..\Run: [CPA] C:\Programme\COMODO\COMODO GeekBuddy\VALA.exe (COMODO)
O4 - HKLM..\Run: [DivX Download Manager] C:\Program Files (x86)\DivX\DivX Plus Web Player\DDmService.exe (DivX, LLC)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [FreePDF Assistant] C:\Program Files (x86)\FreePDF_XP\fpassist.exe (shbox.de)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [IObit Malware Fighter] C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe (IObit)
O4 - HKLM..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe ()
O4 - HKLM..\Run: [MDS_Menu] C:\Program Files (x86)\CyberLink\MediaShow4\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (NEC Electronics Corporation)
O4 - HKLM..\Run: [PDFPrint] C:\Program Files (x86)\PDF24\pdf24.exe (Geek Software GmbH)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [TurboV EVO] C:\Program Files\ASUS\TurboV EVO\TurboV_EVO.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePPShortCut] C:\Program Files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKCU..\Run: [Advanced SystemCare 6] C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe (IObit)
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\ADenkel\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKCU..\Run: [HydraVisionDesktopManager] C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe (AMD)
O4 - HKCU..\Run: [ICQ] C:\Users\ADenkel\AppData\Roaming\ICQM\icq.exe (ICQ)
O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ()
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - Startup: C:\Users\ADenkel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\ADenkel\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\ADenkel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk = C:\Programme\Logitech Gaming Software\EReg\eReg.exe (Leader Technologies/Logitech)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8:64bit: - Extra context menu item: Ausgewählte Verknüpfungen in Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Ausgewählte Verknüpfungen in vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Auswahl in Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Auswahl in vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Client auf Monitor & öffnen1 - C:\Windows\web\AOpenClient.htm File not found
O8:64bit: - Extra context menu item: Client auf Monitor & öffnen2 - C:\Windows\web\AOpenClient.htm File not found
O8:64bit: - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: In vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: Verknüpfungsziel in Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Ausgewählte Verknüpfungen in Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Ausgewählte Verknüpfungen in vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Auswahl in Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Auswahl in vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Client auf Monitor & öffnen1 - C:\Windows\web\AOpenClient.htm File not found
O8 - Extra context menu item: Client auf Monitor & öffnen2 - C:\Windows\web\AOpenClient.htm File not found
O8 - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: In vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Verknüpfungsziel in Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files (x86)\ICQ7.6\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files (x86)\ICQ7.6\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{06836FBF-AD2C-46A7-8448-2BD13982C57A}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{30ACA866-82B1-414E-8DE2-89218E617A77}: DhcpNameServer = 212.23.115.148 212.23.115.132
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D5B2F709-6893-4297-90FD-C11E5366ACE3}: DhcpNameServer = 212.23.115.148 212.23.97.2
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\guard64.dll) - C:\Windows\SysNative\guard64.dll (COMODO)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012.12.13 03:17:13 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O32 - AutoRun File - [2013.06.07 16:25:23 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2003.01.09 20:02:18 | 000,901,175 | R--- | M] () - D:\autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2003.01.30 14:17:12 | 000,000,265 | R--- | M] () - D:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{67c97d3b-c31a-11df-b8b1-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{67c97d3b-c31a-11df-b8b1-806e6f6e6963}\Shell\AutoRun\command - "" = D:\autorun.exe -- [2003.01.09 20:02:18 | 000,901,175 | R--- | M] ()
O33 - MountPoints2\{67c97d3b-c31a-11df-b8b1-806e6f6e6963}\Shell\install\command - "" = D:\autorun.exe -- [2003.01.09 20:02:18 | 000,901,175 | R--- | M] ()
O33 - MountPoints2\{67c97d3c-c31a-11df-b8b1-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{67c97d3c-c31a-11df-b8b1-806e6f6e6963}\Shell\AutoRun\command - "" = E:\viewer\viewer.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
File not found -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Neue Funktion 1
[2013.06.07 17:28:49 | 000,000,000 | ---D | C] -- C:\ProgramData\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}
[2013.06.07 17:28:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 6
[2013.06.07 17:03:26 | 000,000,000 | ---D | C] -- C:\Users\ADenkel\AppData\Roaming\Malwarebytes
[2013.06.07 17:03:18 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013.06.07 17:03:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.06.07 17:03:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013.06.07 17:03:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.06.07 16:51:29 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013.06.07 16:50:54 | 000,000,000 | ---D | C] -- C:\JRT
[2013.06.07 16:24:52 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2013.06.07 16:24:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2013.06.07 16:12:56 | 000,000,000 | ---D | C] -- C:\Users\ADenkel\Documents\Razer
[2013.06.07 16:11:49 | 000,000,000 | ---D | C] -- C:\Users\ADenkel\AppData\Local\Razer
[2013.06.07 16:11:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
[2013.06.07 16:11:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Razer
[2013.06.07 16:11:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Razer
[2013.06.07 16:11:03 | 000,000,000 | ---D | C] -- C:\ProgramData\IObit
[2013.06.07 16:11:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter
[2013.06.07 16:10:58 | 000,000,000 | ---D | C] -- C:\Users\ADenkel\AppData\Roaming\IObit
[2013.06.07 16:10:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IObit
[2013.06.07 16:10:55 | 000,000,000 | ---D | C] -- C:\Program Files\Instair
[2013.06.07 12:32:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Vectorworks 2013 Hilfe
[2013.06.07 12:30:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vectorworks2013
[2013.06.07 12:26:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Vectorworks2013
[2013.06.06 12:08:10 | 000,000,000 | ---D | C] -- C:\Users\ADenkel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Creative
[2013.06.06 12:08:10 | 000,000,000 | ---D | C] -- C:\Users\ADenkel\AppData\Roaming\Creative
[2013.06.06 11:32:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Creative
[2013.06.06 11:32:42 | 000,000,000 | ---D | C] -- C:\Users\ADenkel\AppData\Local\Creative
[2013.06.06 11:32:11 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Creative Installation Information
[2013.06.06 11:32:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Creative
[2013.06.06 11:31:54 | 000,466,520 | ---- | C] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll
[2013.06.06 11:31:54 | 000,445,016 | ---- | C] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
[2013.06.06 11:31:51 | 002,906,586 | ---- | C] (Creative) -- C:\Windows\SysWow64\Sens_oal.dll
[2013.06.06 11:31:51 | 001,944,064 | ---- | C] (Creative) -- C:\Windows\SysNative\Sens_oal.dll
[2013.06.06 11:31:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Creative Labs Shared
[2013.06.06 11:31:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative
[2013.06.06 11:31:28 | 000,000,000 | ---D | C] -- C:\Program Files\Creative
[2013.06.06 11:31:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Creative
[2013.06.03 15:41:19 | 000,000,000 | ---D | C] -- C:\Users\ADenkel\Desktop\Thesis Bilder
[2013.05.23 19:58:30 | 000,000,000 | ---D | C] -- C:\Users\ADenkel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JoWooD
[2013.05.23 19:58:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JoWooD
[2013.05.23 19:56:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JoWooD
[2013.05.23 09:59:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Asterics3.3.1
[2013.05.23 09:59:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\asterics3.3.1
[2013.05.23 09:59:18 | 000,000,000 | ---D | C] -- C:\Windows\Downloaded Installations
[2013.05.23 09:58:31 | 012,046,698 | ---- | C] (University Duisburg-Essen, Germany ) -- C:\Users\ADenkel\Desktop\setup.exe
[2013.05.21 11:30:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013.05.17 16:11:47 | 000,000,000 | ---D | C] -- C:\Riot Games2
[2013.05.17 15:45:27 | 000,000,000 | ---D | C] -- C:\Hurengame
[2013.05.17 15:44:34 | 000,000,000 | ---D | C] -- C:\Users\ADenkel\.swt
[2013.05.17 14:05:21 | 000,000,000 | ---D | C] -- C:\Windows\CheckSur
[2013.05.17 13:49:57 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2013.05.17 13:49:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD AVT
[2013.05.17 13:48:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
[2013.05.15 13:14:21 | 000,000,000 | ---D | C] -- C:\Users\ADenkel\Desktop\Thesis
[2013.05.14 17:23:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Caphyon
[2013.05.14 17:23:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Jungle Timer
[2013.05.14 17:23:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Jungle Timer
[2013.05.14 17:23:42 | 000,000,000 | ---D | C] -- C:\Users\ADenkel\AppData\Roaming\SitenApp
[2013.05.14 13:56:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2013.05.12 16:19:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2010.11.15 18:15:36 | 269,767,576 | ---- | C] (Microsoft Corporation) -- C:\Program Files\X16-32786.exe
[7 C:\Users\ADenkel\Desktop\*.tmp files -> C:\Users\ADenkel\Desktop\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013.06.07 19:44:47 | 000,014,960 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.06.07 19:44:47 | 000,014,960 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.06.07 19:42:24 | 000,001,112 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.06.07 19:37:46 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.06.07 19:37:17 | 000,000,306 | -HS- | M] () -- C:\Windows\tasks\purmhje.job
[2013.06.07 19:37:07 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.06.07 19:37:04 | 1095,205,946 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013.06.07 19:37:04 | 1072,205,822 | -HS- | M] () -- C:\hiberfil.sys
[2013.06.07 19:21:00 | 000,001,128 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1197398453-1074897144-2161959424-1001UA.job
[2013.06.07 19:18:35 | 000,000,000 | ---- | M] () -- C:\Users\ADenkel\defogger_reenable
[2013.06.07 18:37:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.06.07 17:28:46 | 000,001,200 | ---- | M] () -- C:\Users\Public\Desktop\Uninstaller.lnk
[2013.06.07 17:28:46 | 000,001,149 | ---- | M] () -- C:\Users\Public\Desktop\Advanced SystemCare 6.lnk
[2013.06.07 17:03:18 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.06.07 16:45:30 | 000,000,296 | ---- | M] () -- C:\Windows\DeleteOnReboot.bat
[2013.06.07 16:25:23 | 000,000,000 | ---- | M] () -- C:\autoexec.bat
[2013.06.07 16:11:20 | 000,001,202 | ---- | M] () -- C:\Users\Public\Desktop\Razer Game Booster.lnk
[2013.06.07 16:11:01 | 000,001,177 | ---- | M] () -- C:\Users\Public\Desktop\IObit Malware Fighter.lnk
[2013.06.07 16:09:36 | 007,149,164 | ---- | M] () -- C:\Users\ADenkel\Desktop\Ohne Titel1.vwx
[2013.06.07 12:34:32 | 000,000,287 | ---- | M] () -- C:\Users\ADenkel\AppData\Local\VersionChecker_18.xml
[2013.06.07 12:33:51 | 000,001,100 | ---- | M] () -- C:\Users\ADenkel\Desktop\Vectorworks2013E.lnk
[2013.06.07 11:59:03 | 001,612,484 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.06.07 11:59:03 | 000,696,620 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.06.07 11:59:03 | 000,651,938 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.06.07 11:59:03 | 000,147,916 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.06.07 11:59:03 | 000,120,870 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.06.07 11:20:51 | 006,930,304 | ---- | M] () -- C:\Users\ADenkel\Desktop\sdi_mapclient_8003420449195998216.pdf
[2013.06.07 11:11:39 | 001,925,686 | ---- | M] () -- C:\Users\ADenkel\Desktop\Druckvorschau1.pdf
[2013.06.07 08:57:44 | 000,000,177 | -H-- | M] () -- C:\dvmexp.idx
[2013.06.06 22:21:02 | 000,001,076 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1197398453-1074897144-2161959424-1001Core.job
[2013.06.06 11:32:09 | 000,000,380 | RH-- | M] () -- C:\Windows\ctfile.rfc
[2013.06.06 11:31:54 | 000,466,520 | ---- | M] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll
[2013.06.06 11:31:54 | 000,445,016 | ---- | M] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
[2013.06.05 09:23:23 | 000,378,486 | ---- | M] () -- C:\Users\ADenkel\Desktop\IMG_1960.jpg
[2013.06.05 09:18:30 | 000,428,152 | ---- | M] () -- C:\Users\ADenkel\Desktop\IMG_1977.jpg
[2013.06.05 09:14:03 | 000,433,249 | ---- | M] () -- C:\Users\ADenkel\Desktop\IMG_1955.jpg
[2013.06.02 22:21:38 | 000,001,053 | ---- | M] () -- C:\Users\ADenkel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2013.05.28 15:50:00 | 000,044,484 | ---- | M] () -- C:\Users\ADenkel\Desktop\944163_10151634351173633_1508828835_n.jpg
[2013.05.26 20:47:38 | 000,001,005 | ---- | M] () -- C:\Users\ADenkel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk
[2013.05.26 13:06:24 | 001,620,990 | ---- | M] () -- C:\Users\ADenkel\Desktop\Bewirtschaftungsplõne_gemõ¯_der_Europõischen_Wasserrahmenrichtlinie.bmp
[2013.05.26 12:36:14 | 000,000,287 | ---- | M] () -- C:\Users\ADenkel\AppData\Local\VersionChecker_17.xml
[2013.05.25 23:11:25 | 000,098,275 | ---- | M] () -- C:\Users\ADenkel\Desktop\2,c=0,h=554.bild.jpeg
[2013.05.23 19:58:30 | 000,002,172 | ---- | M] () -- C:\Users\ADenkel\Desktop\Die Gilde Gold-Edition TL.lnk
[2013.05.23 19:58:30 | 000,002,151 | ---- | M] () -- C:\Users\ADenkel\Desktop\Die Gilde Gold-Edition.lnk
[2013.05.23 10:00:00 | 000,001,048 | ---- | M] () -- C:\Users\Public\Desktop\Asterics3.3.1 Handbuch.lnk
[2013.05.23 10:00:00 | 000,000,973 | ---- | M] () -- C:\Users\Public\Desktop\Asterics3.3.1 Update Neuerungen.lnk
[2013.05.23 10:00:00 | 000,000,250 | ---- | M] () -- C:\Windows\ODBC.INI
[2013.05.23 10:00:00 | 000,000,209 | ---- | M] () -- C:\Windows\ODBCINST.INI
[2013.05.22 10:52:39 | 000,184,278 | ---- | M] () -- C:\Users\ADenkel\Desktop\Thesis_05.pdf
[2013.05.22 10:32:17 | 000,849,775 | ---- | M] () -- C:\Users\ADenkel\Desktop\Druckvorschau.pdf
[2013.05.21 21:23:13 | 061,385,895 | ---- | M] () -- C:\Users\ADenkel\Desktop\Weg des Kriegers Silver Samurai vs Wolverine im neuen Trailer News moviepilotde.mp4
[2013.05.17 16:13:19 | 000,001,731 | ---- | M] () -- C:\Users\Public\Desktop\League of Legends spielen .lnk
[7 C:\Users\ADenkel\Desktop\*.tmp files -> C:\Users\ADenkel\Desktop\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013.06.07 19:18:35 | 000,000,000 | ---- | C] () -- C:\Users\ADenkel\defogger_reenable
[2013.06.07 17:28:46 | 000,001,200 | ---- | C] () -- C:\Users\Public\Desktop\Uninstaller.lnk
[2013.06.07 17:28:46 | 000,001,149 | ---- | C] () -- C:\Users\Public\Desktop\Advanced SystemCare 6.lnk
[2013.06.07 17:03:18 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.06.07 16:45:14 | 000,000,296 | ---- | C] () -- C:\Windows\DeleteOnReboot.bat
[2013.06.07 16:25:23 | 000,000,000 | ---- | C] () -- C:\autoexec.bat
[2013.06.07 16:11:20 | 000,001,202 | ---- | C] () -- C:\Users\Public\Desktop\Razer Game Booster.lnk
[2013.06.07 16:11:01 | 000,001,177 | ---- | C] () -- C:\Users\Public\Desktop\IObit Malware Fighter.lnk
[2013.06.07 13:06:23 | 007,149,164 | ---- | C] () -- C:\Users\ADenkel\Desktop\Ohne Titel1.vwx
[2013.06.07 12:34:32 | 000,000,287 | ---- | C] () -- C:\Users\ADenkel\AppData\Local\VersionChecker_18.xml
[2013.06.07 12:33:51 | 000,001,100 | ---- | C] () -- C:\Users\ADenkel\Desktop\Vectorworks2013E.lnk
[2013.06.07 12:05:41 | 2128,204,125 | ---- | C] () -- C:\Users\ADenkel\Desktop\Vectorworks 2013 kompl.part2.rar
[2013.06.07 12:04:14 | 3750,000,000 | ---- | C] () -- C:\Users\ADenkel\Desktop\Vectorworks 2013 kompl.part1.exe
[2013.06.07 11:56:21 | 1583,624,856 | ---- | C] () -- C:\Users\ADenkel\Desktop\Vectorworks 2013 kompl SP2 R1.zip
[2013.06.07 11:20:51 | 006,930,304 | ---- | C] () -- C:\Users\ADenkel\Desktop\sdi_mapclient_8003420449195998216.pdf
[2013.06.07 11:11:47 | 001,925,686 | ---- | C] () -- C:\Users\ADenkel\Desktop\Druckvorschau1.pdf
[2013.06.06 11:31:58 | 000,032,173 | ---- | C] () -- C:\Windows\SysNative\UHSFatW.ini
[2013.06.06 11:31:58 | 000,012,044 | ---- | C] () -- C:\Windows\UHSAFX64.ssc
[2013.06.06 11:31:58 | 000,002,169 | ---- | C] () -- C:\Windows\FatWcfg.ini
[2013.06.06 11:31:58 | 000,000,388 | ---- | C] () -- C:\Windows\FatWMCcfg.ini
[2013.06.06 11:31:58 | 000,000,200 | ---- | C] () -- C:\Windows\UHSConfig.ini
[2013.06.06 11:31:57 | 000,325,120 | ---- | C] () -- C:\Windows\SysNative\APOMgr64.DLL
[2013.06.06 11:31:57 | 000,246,272 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2013.06.06 11:31:57 | 000,089,600 | ---- | C] () -- C:\Windows\SysNative\CmdRtr64.DLL
[2013.06.06 11:31:57 | 000,074,240 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2013.06.06 11:31:57 | 000,000,380 | RH-- | C] () -- C:\Windows\ctfile.rfc
[2013.06.06 11:31:47 | 000,007,062 | ---- | C] () -- C:\Windows\SysWow64\audiopid.vxd
[2013.06.05 09:23:21 | 000,378,486 | ---- | C] () -- C:\Users\ADenkel\Desktop\IMG_1960.jpg
[2013.06.05 09:18:28 | 000,428,152 | ---- | C] () -- C:\Users\ADenkel\Desktop\IMG_1977.jpg
[2013.06.05 09:13:59 | 000,433,249 | ---- | C] () -- C:\Users\ADenkel\Desktop\IMG_1955.jpg
[2013.05.28 15:50:00 | 000,044,484 | ---- | C] () -- C:\Users\ADenkel\Desktop\944163_10151634351173633_1508828835_n.jpg
[2013.05.26 20:47:38 | 000,001,005 | ---- | C] () -- C:\Users\ADenkel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk
[2013.05.26 13:06:07 | 001,620,990 | ---- | C] () -- C:\Users\ADenkel\Desktop\Bewirtschaftungsplõne_gemõ¯_der_Europõischen_Wasserrahmenrichtlinie.bmp
[2013.05.25 23:11:25 | 000,098,275 | ---- | C] () -- C:\Users\ADenkel\Desktop\2,c=0,h=554.bild.jpeg
[2013.05.23 19:58:30 | 000,002,172 | ---- | C] () -- C:\Users\ADenkel\Desktop\Die Gilde Gold-Edition TL.lnk
[2013.05.23 19:58:30 | 000,002,151 | ---- | C] () -- C:\Users\ADenkel\Desktop\Die Gilde Gold-Edition.lnk
[2013.05.23 10:00:00 | 000,001,048 | ---- | C] () -- C:\Users\Public\Desktop\Asterics3.3.1 Handbuch.lnk
[2013.05.23 10:00:00 | 000,000,973 | ---- | C] () -- C:\Users\Public\Desktop\Asterics3.3.1 Update Neuerungen.lnk
[2013.05.23 10:00:00 | 000,000,250 | ---- | C] () -- C:\Windows\ODBC.INI
[2013.05.23 10:00:00 | 000,000,209 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2013.05.23 09:58:31 | 000,007,977 | ---- | C] () -- C:\Users\ADenkel\Desktop\Readme.rtf
[2013.05.22 10:52:38 | 000,184,278 | ---- | C] () -- C:\Users\ADenkel\Desktop\Thesis_05.pdf
[2013.05.22 10:32:17 | 000,849,775 | ---- | C] () -- C:\Users\ADenkel\Desktop\Druckvorschau.pdf
[2013.05.21 21:22:36 | 061,385,895 | ---- | C] () -- C:\Users\ADenkel\Desktop\Weg des Kriegers Silver Samurai vs Wolverine im neuen Trailer News moviepilotde.mp4
[2013.05.17 16:13:19 | 000,001,731 | ---- | C] () -- C:\Users\Public\Desktop\League of Legends spielen .lnk
[2013.05.17 14:21:09 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.03.29 04:13:14 | 000,798,734 | ---- | C] () -- C:\Windows\SysWow64\amdocl_ld32.exe
[2013.03.29 04:13:12 | 000,995,342 | ---- | C] () -- C:\Windows\SysWow64\amdocl_as32.exe
[2012.11.27 01:18:46 | 000,038,912 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2012.09.28 04:12:10 | 000,002,302 | ---- | C] () -- C:\Windows\UHScfg.ini
[2012.09.28 04:12:10 | 000,000,388 | ---- | C] () -- C:\Windows\UHSMCcfg.ini
[2012.06.11 18:50:16 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012.06.11 18:50:16 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012.05.30 15:22:55 | 000,003,584 | ---- | C] () -- C:\Users\ADenkel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.04.02 23:39:03 | 000,000,287 | ---- | C] () -- C:\Users\ADenkel\AppData\Local\VersionChecker_17.xml
[2012.02.13 20:18:00 | 000,007,660 | ---- | C] () -- C:\Users\ADenkel\AppData\Local\Resmon.ResmonCfg
[2012.01.08 15:39:02 | 002,020,367 | ---- | C] () -- C:\Users\ADenkel\P1010812.JPG
[2012.01.08 15:39:02 | 001,977,572 | ---- | C] () -- C:\Users\ADenkel\P1010825.JPG
[2012.01.08 15:39:02 | 001,936,751 | ---- | C] () -- C:\Users\ADenkel\P1010818.JPG
[2012.01.08 15:39:02 | 001,909,361 | ---- | C] () -- C:\Users\ADenkel\P1010821.JPG
[2012.01.08 15:39:02 | 001,901,126 | ---- | C] () -- C:\Users\ADenkel\P1010824.JPG
[2012.01.08 15:39:02 | 001,900,824 | ---- | C] () -- C:\Users\ADenkel\P1010822.JPG
[2012.01.08 15:39:02 | 001,881,533 | ---- | C] () -- C:\Users\ADenkel\P1010811.JPG
[2012.01.08 15:39:02 | 001,866,815 | ---- | C] () -- C:\Users\ADenkel\P1010823.JPG
[2012.01.08 15:39:02 | 001,857,687 | ---- | C] () -- C:\Users\ADenkel\P1010819.JPG
[2012.01.08 15:39:02 | 001,840,688 | ---- | C] () -- C:\Users\ADenkel\P1010820.JPG
[2012.01.08 15:39:02 | 001,784,087 | ---- | C] () -- C:\Users\ADenkel\P1010817.JPG
[2012.01.08 15:39:02 | 001,780,794 | ---- | C] () -- C:\Users\ADenkel\P1010813.JPG
[2012.01.08 15:39:02 | 001,769,988 | ---- | C] () -- C:\Users\ADenkel\P1010810.JPG
[2012.01.08 15:39:02 | 001,659,218 | ---- | C] () -- C:\Users\ADenkel\P1010816.JPG
[2012.01.08 15:39:02 | 001,627,105 | ---- | C] () -- C:\Users\ADenkel\P1010815.JPG
[2012.01.08 15:39:02 | 001,311,765 | ---- | C] () -- C:\Users\ADenkel\P1010809.JPG
[2012.01.08 15:39:02 | 001,171,161 | ---- | C] () -- C:\Users\ADenkel\P1010805.JPG
[2012.01.08 15:39:02 | 001,134,570 | ---- | C] () -- C:\Users\ADenkel\P1010806.JPG
[2012.01.08 15:39:02 | 000,977,249 | ---- | C] () -- C:\Users\ADenkel\P1010814.JPG
[2012.01.08 15:39:02 | 000,862,410 | ---- | C] () -- C:\Users\ADenkel\P1010807.JPG
[2012.01.08 15:39:02 | 000,801,502 | ---- | C] () -- C:\Users\ADenkel\P1010808.JPG
[2012.01.01 23:16:35 | 000,000,287 | ---- | C] () -- C:\Users\ADenkel\AppData\Local\VersionChecker_16.xml
[2011.12.31 15:20:18 | 000,001,456 | ---- | C] () -- C:\Users\ADenkel\AppData\Local\Adobe Für Web speichern 12.0 Prefs
[2011.12.23 02:19:35 | 001,589,442 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.12.22 23:38:16 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011.09.13 01:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011.06.27 14:08:27 | 000,184,320 | RHS- | C] () -- C:\Windows\SysWow64\winvers.dll
[2011.06.22 11:57:28 | 000,155,627 | ---- | C] () -- C:\Users\ADenkel\Existenzgründung 8.pdf
[2011.06.22 11:57:28 | 000,099,739 | ---- | C] () -- C:\Users\ADenkel\Existenzgründung 10.pdf
[2011.06.22 11:57:28 | 000,095,350 | ---- | C] () -- C:\Users\ADenkel\Existenzgründung 9.pdf
[2011.06.22 11:57:28 | 000,076,879 | ---- | C] () -- C:\Users\ADenkel\Existenzgründung 7.pdf
[2010.11.23 14:50:14 | 002,957,563 | ---- | C] () -- C:\Users\ADenkel\preview_.mxi
[2010.11.23 14:50:14 | 000,162,202 | ---- | C] () -- C:\Users\ADenkel\preview_.png
[2010.10.27 19:48:03 | 000,000,132 | ---- | C] () -- C:\Users\ADenkel\AppData\Roaming\Adobe PNG Format CS5 Prefs
========== ZeroAccess Check ==========
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:30:56 | 014,165,504 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:46:56 | 012,868,608 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.07.14 03:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2012.12.13 11:18:31 | 000,000,000 | ---D | M] -- C:\Users\ADenkel\AppData\Roaming\Autodesk
[2011.12.23 00:44:49 | 000,000,000 | ---D | M] -- C:\Users\ADenkel\AppData\Roaming\Canon
[2011.12.23 00:44:49 | 000,000,000 | ---D | M] -- C:\Users\ADenkel\AppData\Roaming\CD Label Designer
[2011.12.23 00:44:49 | 000,000,000 | ---D | M] -- C:\Users\ADenkel\AppData\Roaming\CD-LabelPrint
[2011.12.23 00:44:49 | 000,000,000 | ---D | M] -- C:\Users\ADenkel\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2013.06.07 19:38:31 | 000,000,000 | ---D | M] -- C:\Users\ADenkel\AppData\Roaming\Dropbox
[2011.12.23 00:44:50 | 000,000,000 | ---D | M] -- C:\Users\ADenkel\AppData\Roaming\Duden
[2012.06.05 12:25:36 | 000,000,000 | ---D | M] -- C:\Users\ADenkel\AppData\Roaming\DVDVideoSoft
[2012.06.14 11:55:12 | 000,000,000 | ---D | M] -- C:\Users\ADenkel\AppData\Roaming\ESRI
[2011.12.23 00:44:51 | 000,000,000 | ---D | M] -- C:\Users\ADenkel\AppData\Roaming\eu.computerworks.vectorworks.2010.help.deu.C597E665C9D833B0F52B09434821DFAEF4904789.1
[2011.12.23 00:44:51 | 000,000,000 | ---D | M] -- C:\Users\ADenkel\AppData\Roaming\eu.computerworks.vectorworks.2011.help.deu.07222458214E034A0B494E83FAD6744C17D2B914.1
[2012.05.30 15:20:15 | 000,000,000 | ---D | M] -- C:\Users\ADenkel\AppData\Roaming\FreeFLVConverter
[2012.01.10 14:49:19 | 000,000,000 | ---D | M] -- C:\Users\ADenkel\AppData\Roaming\FreePDF
[2012.04.14 13:54:03 | 000,000,000 | ---D | M] -- C:\Users\ADenkel\AppData\Roaming\GetRightToGo
[2013.03.28 18:44:20 | 000,000,000 | ---D | M] -- C:\Users\ADenkel\AppData\Roaming\ICQ
[2013.01.04 17:48:30 | 000,000,000 | ---D | M] -- C:\Users\ADenkel\AppData\Roaming\ICQ-Profile
[2013.01.04 17:45:48 | 000,000,000 | ---D | M] -- C:\Users\ADenkel\AppData\Roaming\ICQM
[2011.12.23 00:45:30 | 000,000,000 | ---D | M] -- C:\Users\ADenkel\AppData\Roaming\Indigo Renderer
[2013.06.07 17:28:46 | 000,000,000 | ---D | M] -- C:\Users\ADenkel\AppData\Roaming\IObit
[2013.04.24 11:14:53 | 000,000,000 | ---D | M] -- C:\Users\ADenkel\AppData\Roaming\Leadertech
[2011.12.23 00:45:30 | 000,000,000 | ---D | M] -- C:\Users\ADenkel\AppData\Roaming\Local
[2011.12.23 00:45:30 | 000,000,000 | ---D | M] -- C:\Users\ADenkel\AppData\Roaming\LolClient
[2012.05.24 19:13:33 | 000,000,000 | ---D | M] -- C:\Users\ADenkel\AppData\Roaming\LolClient2
[2013.06.07 12:35:06 | 000,000,000 | ---D | M] -- C:\Users\ADenkel\AppData\Roaming\MAXON
[2013.01.05 16:56:08 | 000,000,000 | ---D | M] -- C:\Users\ADenkel\AppData\Roaming\Mumble
[2011.12.23 00:46:07 | 000,000,000 | ---D | M] -- C:\Users\ADenkel\AppData\Roaming\Nemetschek
[2012.01.17 21:59:56 | 000,000,000 | ---D | M] -- C:\Users\ADenkel\AppData\Roaming\PDF Writer
[2013.05.14 17:23:42 | 000,000,000 | ---D | M] -- C:\Users\ADenkel\AppData\Roaming\SitenApp
[2011.12.23 00:46:11 | 000,000,000 | ---D | M] -- C:\Users\ADenkel\AppData\Roaming\SpeedSim
[2011.12.23 00:46:11 | 000,000,000 | ---D | M] -- C:\Users\ADenkel\AppData\Roaming\SplitMediaLabs
[2011.12.23 00:46:11 | 000,000,000 | ---D | M] -- C:\Users\ADenkel\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2011.12.23 00:46:11 | 000,000,000 | ---D | M] -- C:\Users\ADenkel\AppData\Roaming\TeamViewer
[2011.12.23 00:46:12 | 000,000,000 | ---D | M] -- C:\Users\ADenkel\AppData\Roaming\TS3Client
[2013.01.25 12:19:54 | 000,000,000 | ---D | M] -- C:\Users\ADenkel\AppData\Roaming\ViperSettingsFolder
[2013.01.25 12:19:55 | 000,000,000 | -HSD | M] -- C:\Users\ADenkel\AppData\Roaming\ViperUpdate AU
[2013.01.25 12:26:13 | 000,000,000 | -HSD | M] -- C:\Users\ADenkel\AppData\Roaming\wyUpdate AU
========== Purity Check ==========
< End of report >
 Ich bedanke mich jetzt schon einmal für eure Unterstützung Mit freundlichen Grüßen Achim |
| Themen zu Google redirect Virus entfernen |
| akamai, bho, bluescreen, bonjour, entfernen, flash player, gmx.net, installation, jungle, launch, league of legends, monitor.exe, mozilla, plug-in, realtek, redirect virus entfernen, security, spielen, virus, virus entfernen, win32/adware.winpump.p, win32/delf.qmf, win32/injector.kcp, win32/injector.msq, win32/kryptik.wlk, win32/kryptik.xjg, win32/kryptik.xuj, windows |
Baum-Darstellung