Google Suchergebnisse leiten beim Klick auf völlig fremde Seiten weiter (meist Werbung)

OTL Extras logfile created on: 18.05.2011 20:46:46 - Run 1
OTL by OldTimer - Version 3.2.22.3     Folder = D:\Downloads
 Ultimate Edition  (Version = 6.1.7260) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7260.0)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1.024,00 Mb Total Physical Memory | 240,00 Mb Available Physical Memory | 23,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 45,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 40,04 Gb Total Space | 8,39 Gb Free Space | 20,95% Space Free | Partition Type: NTFS
Drive D: | 34,18 Gb Total Space | 24,40 Gb Free Space | 71,38% Space Free | Partition Type: NTFS
 
Computer Name: *****-PC | User Name: ***| Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}" = Messenger Companion
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2217B0B4-35CB-48C6-B640-864DF2F30F99}" = OpenOffice.org 3.2
"{2A697B53-0DE3-42DA-B41D-C3F804B1C538}" = iTunes
"{2A981294-F14C-4F0F-9627-D793270922F8}" = Bonjour
"{2B4E24A0-A06F-488D-87D8-16738E5E1104}" = Windows Live Family Safety
"{2DC94AFD-A6E2-4AB4-9132-4A3F8E07B386}" = Apple Application Support
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{5335DADB-34BA-4AE8-A519-648D78498846}" = Skype™ 5.3
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{639673E9-D53F-44F4-A046-485C8A6ADA15}" = Paint.NET v3.5.6
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A71D5E81-B967-43DB-93D7-FD31BFB95748}" = MobileMe Control Panel
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AC76BA86-7AD7-1031-7B44-A94000000001}" = Adobe Reader 9.4.4 - Deutsch
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Toolbars
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C73F2967-062E-48F2-A462-D335B8950183}" = Safari
"{CACAEB5F-174D-4C7C-AC56-A33289A807CA}" = Apple Mobile Device Support
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}" = Microsoft Search Enhancement Pack
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F53D678E-238F-4A71-9742-08BB6774E9DC}" = Windows Live Family Safety
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Akamai" = Akamai NetSession Interface
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"BitTorrent" = BitTorrent
"Lexmark 2400 Series" = Lexmark 2400 Series
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Mozilla Firefox 4.0.1 (x86 de)" = Mozilla Firefox 4.0.1 (x86 de)
"Uninstall_is1" = Uninstall 1.0.0.1
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Octoshape Streaming Services" = Octoshape Streaming Services
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 18.05.2011 09:17:59 | Computer Name = ****-PC | Source = SideBySide | ID = 16842811
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\microsoft\search
 enhancement pack\search helper\SearchHelper.dll". Fehler in Manifest- oder Richtliniendatei
 "c:\program files\microsoft\search enhancement pack\search helper\SearchHelper.dll"
 in Zeile 2.  Ungültige XML-Syntax.
 
Error - 18.05.2011 13:02:14 | Computer Name = ****-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung
 werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter
 ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste
 DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich
 und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
 
Error - 18.05.2011 13:02:14 | Computer Name = ****-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Die Zeichenfolgen der Leistungsindikatoren, die für die Sprach-ID 
"007" definiert wurden, können nicht gelesen werden. Das erste DWORD im Datenbereich
 enthält den Win32-Fehlercode.
 
Error - 18.05.2011 13:02:16 | Computer Name = ****-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Die Zeichenfolgen der Leistungsindikatoren, die für die Sprach-ID 
"007" definiert wurden, können nicht gelesen werden. Das erste DWORD im Datenbereich
 enthält den Win32-Fehlercode.
 
Error - 18.05.2011 13:12:22 | Computer Name = ****-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung
 werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter
 ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste
 DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich
 und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
 
Error - 18.05.2011 13:12:22 | Computer Name = ****-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Die Zeichenfolgen der Leistungsindikatoren, die für die Sprach-ID 
"007" definiert wurden, können nicht gelesen werden. Das erste DWORD im Datenbereich
 enthält den Win32-Fehlercode.
 
Error - 18.05.2011 13:12:24 | Computer Name = ****-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Die Zeichenfolgen der Leistungsindikatoren, die für die Sprach-ID 
"007" definiert wurden, können nicht gelesen werden. Das erste DWORD im Datenbereich
 enthält den Win32-Fehlercode.
 
Error - 18.05.2011 14:33:48 | Computer Name = ****-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012
Description = Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung
 werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter
 ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste
 DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich
 und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
 
Error - 18.05.2011 14:33:48 | Computer Name = ****-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Die Zeichenfolgen der Leistungsindikatoren, die für die Sprach-ID 
"007" definiert wurden, können nicht gelesen werden. Das erste DWORD im Datenbereich
 enthält den Win32-Fehlercode.
 
Error - 18.05.2011 14:33:50 | Computer Name = ****-PC | Source = Microsoft-Windows-LoadPerf | ID = 3006
Description = Die Zeichenfolgen der Leistungsindikatoren, die für die Sprach-ID 
"007" definiert wurden, können nicht gelesen werden. Das erste DWORD im Datenbereich
 enthält den Win32-Fehlercode.
 
[ System Events ]
Error - 18.05.2011 14:29:42 | Computer Name = ****-PC | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Fehler beim Lesen der Datei für lokale Hosts.
 
Error - 18.05.2011 14:30:17 | Computer Name = ****-PC | Source = PNRPSvc | ID = 102
Description = 
 
Error - 18.05.2011 14:30:18 | Computer Name = ****-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name
 Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet 
wurde:   %%-2140993535
 
Error - 18.05.2011 14:30:18 | Computer Name = ****-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler
 beendet:   %%-2140993535
 
Error - 18.05.2011 14:30:26 | Computer Name = ****-PC | Source = PNRPSvc | ID = 102
Description = 
 
Error - 18.05.2011 14:30:26 | Computer Name = ****-PC | Source = PNRPSvc | ID = 102
Description = 
 
Error - 18.05.2011 14:30:26 | Computer Name = ****-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name
 Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet 
wurde:   %%-2140993535
 
Error - 18.05.2011 14:30:26 | Computer Name = ****-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler
 beendet:   %%-2140993535
 
Error - 18.05.2011 14:30:26 | Computer Name = ****-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name
 Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet 
wurde:   %%-2140993535
 
Error - 18.05.2011 14:30:26 | Computer Name = ****-PC | Source = Service Control Manager | ID = Description = Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler
 beendet:   %%-2140993535
 
< End of report >
         

OTL logfile created on: 18.05.2011 20:46:46 - Run 1
OTL by OldTimer - Version 3.2.22.3     Folder = D:\Downloads
 Ultimate Edition  (Version = 6.1.7260) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7260.0)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1.024,00 Mb Total Physical Memory | 240,00 Mb Available Physical Memory | 23,00% Memory free
2,00 Gb Paging File | 1,00 Gb Available in Paging File | 45,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 40,04 Gb Total Space | 8,39 Gb Free Space | 20,95% Space Free | Partition Type: NTFS
Drive D: | 34,18 Gb Total Space | 24,40 Gb Free Space | 71,38% Space Free | Partition Type: NTFS
 
Computer Name: ****-PC | User Name: ****| Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - D:\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Programme\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corp.)
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)
PRC - C:\Windows\System32\lxcrcoms.exe ( )
 
 
========== Modules (SafeList) ==========
 
MOD - D:\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\Windows\System32\sechost.dll (Мϊćяǿšθƒţ Ċθŕφǿŗáŧιőй)
MOD - C:\Windows\System32\atl.dll (Μíćřöśõƒт Čσярǿřªţīοņ)
MOD - C:\Windows\System32\msscript.ocx (Мī¢ŗθşöƒт Ĉθгþǿґąţібň)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7260.0_none_c090d77d8d0d537b\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (AMService) --  File not found
SRV - (Akamai) -- c:\Programme\Common Files\Akamai\netsession_win_8832f4b.dll ()
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (lxcr_device) -- C:\Windows\System32\lxcrcoms.exe ( )
 
 
========== Driver Services (SafeList) ==========
 
DRV - (nkotuq) -- C:\Windows\System32\drivers\funp.sys ()
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (MBAMSwissArmy) -- C:\Windows\System32\drivers\mbamswissarmy.sys (Malwarebytes Corporation)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (vpcvmm) -- C:\Windows\System32\drivers\vpcvmm.sys (Microsoft Corporation)
DRV - (vpcbus) -- C:\Windows\System32\drivers\vpchbus.sys (Microsoft Corporation)
DRV - (vpcusb) -- C:\Windows\System32\drivers\vpcusb.sys (Microsoft Corporation)
DRV - (vpcnfltr) -- C:\Windows\System32\drivers\vpcnfltr.sys (Microsoft Corporation)
DRV - (mssmbios) -- C:\Windows\System32\drivers\mssmbios.sys (Μїćґθŝбƒт €σŕþόŕäťíőπ)
DRV - (vmbus) -- C:\Windows\system32\DRIVERS\vmbus.sys (Microsoft Corporation)
DRV - (storflt) -- C:\Windows\system32\DRIVERS\vmstorfl.sys (Microsoft Corporation)
DRV - (storvsc) -- C:\Windows\system32\DRIVERS\storvsc.sys (Microsoft Corporation)
DRV - (IPNAT) -- C:\Windows\System32\drivers\ipnat.sys (Μι¢ѓøѕǿƒт Сòѓρòґáτιóń)
DRV - (usbhub) -- C:\Windows\System32\drivers\usbhub.sys (Мï¢ŗõśбƒţ Ċбяφôґаτìõñ)
DRV - (1394ohci) -- C:\Windows\system32\DRIVERS\1394ohci.sys (Μíсřó§ǿƒť Ćõґрοŗāťįθл)
DRV - (umbus) -- C:\Windows\System32\drivers\umbus.sys (Μίćŕôŝöƒт €öґφόŗáťįòπ)
DRV - (ohci1394) 1394 OHCI Compliant Host Controller (Legacy) -- C:\Windows\system32\DRIVERS\ohci1394.sys (Мїçгõ§óƒť Čσґρσяāţíǿñ)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (WacomPen) -- C:\Windows\system32\DRIVERS\wacompen.sys (Μіćгŏşθƒţ Ćǿѓφøŕǻţΐōⁿ)
DRV - (s3cap) -- C:\Windows\system32\DRIVERS\vms3cap.sys (Microsoft Corporation)
DRV - (VMBusHID) -- C:\Windows\system32\DRIVERS\VMBusHID.sys (Microsoft Corporation)
DRV - (srv) -- C:\Windows\System32\drivers\srv.sys (Мìçŗôšбƒť Çǿřþōѓāτįби)
DRV - (AmdK8) -- C:\Windows\System32\drivers\amdk8.sys (Мīčřǿşőƒŧ Çōřþòґåτïõʼn)
DRV - (intelppm) -- C:\Windows\system32\DRIVERS\intelppm.sys (Μίčŕσšσƒτ Ĉŏгρσřăŧїóń)
DRV - (ViaC7) -- C:\Windows\system32\DRIVERS\viac7.sys (Μіćѓοşбƒτ Ĉοґρöŕªťĩõņ)
DRV - (AmdPPM) -- C:\Windows\system32\DRIVERS\amdppm.sys (Μĭčѓǿ§σƒť Čöŕрòřάŧīòń)
DRV - (Processor) -- C:\Windows\system32\DRIVERS\processr.sys (Мį¢ѓøѕøƒţ Ċǿřφōѓåтĭòņ)
DRV - (VSTHWBS2) -- C:\Windows\System32\drivers\VSTBS23.SYS (Conexant Systems, Inc.)
DRV - (RTL8187B) RTL8187B Drahtlos-802.11b/g-USB 2.0-Netzwerkadapter (54 MBit/s) -- C:\Windows\System32\drivers\RTL8187B.sys (Realtek Semiconductor Corporation                           )
DRV - (FETNDIS) -- C:\Windows\System32\drivers\fetnd6.sys (VIA Technologies, Inc.              )
DRV - (RTL8023xp) -- C:\Windows\System32\drivers\Rtnicxp.sys (Realtek Semiconductor Corporation                           )
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (VIAudio) -- C:\Windows\System32\drivers\ac97via.sys (VIA Technologies, Inc.)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (ZSMC301b) -- C:\Windows\System32\drivers\usbVM31b.sys (VM)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.icq.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 35 A3 D5 A4 C9 72 CB 01  [binary data]
IE - HKCU\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://www.bing.com/search?FORM=IEFM1&q="
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://google.de"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: yyginstantplay@yoyogames.com:1.1.0.24
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.7
FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:2.7.2.0
FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.9&q="
 
 
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.04.30 21:38:56 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.05.07 15:49:49 | 000,000,000 | ---D | M]
 
[2010.05.06 20:24:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\****\AppData\Roaming\mozilla\Extensions
[2011.05.06 17:59:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\****\AppData\Roaming\mozilla\Firefox\Profiles\pv1cgppu.default\extensions
[2011.05.01 21:43:17 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\****\AppData\Roaming\mozilla\Firefox\Profiles\pv1cgppu.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.05.06 17:59:58 | 000,000,000 | ---D | M] (DVDVideoSoftTB Community Toolbar) -- C:\Users\****\AppData\Roaming\mozilla\Firefox\Profiles\pv1cgppu.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2010.09.24 22:50:48 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\****\AppData\Roaming\mozilla\Firefox\Profiles\pv1cgppu.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.05.06 17:59:57 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\****\AppData\Roaming\mozilla\Firefox\Profiles\pv1cgppu.default\extensions\engine@conduit.com
[2010.11.19 17:06:06 | 000,000,000 | ---D | M] ("YoYo Games InstantPlay") -- C:\Users\****\AppData\Roaming\mozilla\Firefox\Profiles\pv1cgppu.default\extensions\yyginstantplay@yoyogames.com
[2010.05.06 22:54:08 | 000,001,819 | ---- | M] () -- C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\pv1cgppu.default\searchplugins\bing.xml
[2010.12.11 17:18:14 | 000,002,342 | ---- | M] () -- C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\pv1cgppu.default\searchplugins\icq-search.xml
[2011.03.06 18:53:39 | 000,000,950 | ---- | M] () -- C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\pv1cgppu.default\searchplugins\icqplugin-1.xml
[2011.03.24 21:35:59 | 000,000,950 | ---- | M] () -- C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\pv1cgppu.default\searchplugins\icqplugin-2.xml
[2011.04.30 21:36:54 | 000,000,950 | ---- | M] () -- C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\pv1cgppu.default\searchplugins\****-3.xml
[2011.04.30 21:39:38 | 000,000,950 | ---- | M] () -- C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\pv1cgppu.default\searchplugins\icqplugin-4.xml
[2011.02.20 12:21:20 | 000,000,168 | ---- | M] () -- C:\Users\****\AppData\Roaming\Mozilla\Firefox\Profiles\pv1cgppu.default\searchplugins\icqplugin.gif
[2011.02.20 12:21:20 | 000,000,618 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\pv1cgppu.default\searchplugins\icqplugin.src
[2011.03.03 17:36:18 | 000,000,950 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\pv1cgppu.default\searchplugins\icqplugin.xml
[2011.05.09 18:11:13 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2011.05.09 18:11:13 | 000,000,000 | ---D | M] (Skype extension) -- C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2010.05.28 16:16:26 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
File not found (No name found) -- 
[2011.05.09 18:11:13 | 000,000,000 | ---D | M] (Skype extension) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2010.05.28 16:16:26 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2011.04.14 18:40:03 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Programme\Mozilla Firefox\components\browsercomps.dll
[2010.07.17 05:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll
[2010.01.01 10:00:00 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.01.01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\bing.xml
[2010.01.01 10:00:00 | 000,001,153 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.01.01 10:00:00 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.01.01 10:00:00 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.01.01 10:00:00 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
 
Hosts file not found
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programme\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Windows Live Messenger Companion Helper) - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Programme\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} -  File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [lxcrmon.exe] C:\Program Files\Lexmark 2400 Series\lxcrmon.exe ()
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [wmupdater]  File not found
O4 - HKCU..\Run: [AdobeBridge]  File not found
O4 - HKCU..\Run: [Octoshape Streaming Services] C:\Users\***\AppData\Roaming\Octoshape\Octoshape Streaming Services\OctoshapeClient.exe (Octoshape ApS)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\***\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9 - Extra Button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Programme\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Programme\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O22 - SharedTaskScheduler: {E31004D1-A431-41B8-826F-E902F9D95C81} - Windows DreamScene - C:\Windows\System32\DreamScene.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.05.18 19:56:59 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Malwarebytes
[2011.05.18 19:56:48 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011.05.18 19:56:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.05.18 19:56:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.05.18 19:56:41 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011.05.18 19:56:41 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2011.05.17 21:02:45 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{DF3C5E92-77DA-44C6-9C47-9B90AC663DE6}
[2011.05.16 21:54:56 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{4BF9E25B-127D-4FED-A1BB-7F5829CFFC9B}
[2011.05.15 12:03:11 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{61A627A2-8D48-43FB-8D11-66F13CCB4C8D}
[2011.05.14 18:19:17 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{E6486DF2-92CE-4C5D-9122-F4BB19B0713C}
[2011.05.13 23:48:05 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{F4110413-999A-44C8-A05F-BDBF1EE14394}
[2011.05.11 22:36:59 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{AD093317-EC0B-4796-A8F2-A41F3B2F61FD}
[2011.05.10 21:25:21 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Octoshape
[2011.05.10 21:25:19 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Octoshape Streaming Services
[2011.05.09 20:10:55 | 000,000,000 | ---D | C] -- C:\Users\***\Documents
[2011.05.09 19:48:44 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{00E65034-6917-4537-A2F4-E733ED4875F2}
[2011.05.09 18:12:18 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\skypePM
[2011.05.09 18:12:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype Extras
[2011.05.09 18:11:29 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Roaming\Skype
[2011.05.09 18:10:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2011.05.09 18:10:46 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Skype
[2011.05.09 18:10:44 | 000,000,000 | R--D | C] -- C:\Programme\Skype
[2011.05.09 18:09:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2011.05.08 14:19:13 | 000,000,000 | ---D | C] -- D:\Desktop\iPhone
[2011.05.08 14:12:16 | 000,000,000 | ---D | C] -- D:\Desktop\iPhone Wallpaper
[2011.05.08 13:03:35 | 000,000,000 | ---D | C] -- D:\Desktop\iTunes Artwork
[2011.05.08 11:22:54 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Local\{0339CD9A-BFD7-4759-9B98-D7FB8BAB826E}
[2011.05.08 11:22:33 | 000,000,000 | ---D | C] -- C:\Users\****\Tracing
[2011.05.07 18:48:30 | 000,000,000 | R--D | C] -- C:\Users\****\Downloads
[2011.05.07 16:33:00 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2011.05.07 16:23:34 | 000,000,000 | ---D | C] -- D:\Desktop\Animal Collection
[2011.05.07 16:17:45 | 000,000,000 | ---D | C] -- D:\Desktop\vorteil, nicht in einem hotspot (großstadt) aufgewachsen zu sein
[2011.05.07 16:17:45 | 000,000,000 | ---D | C] -- D:\Desktop\die einfachste erklärung, erweißt sich meistens als die richtige
[2011.05.07 16:17:45 | 000,000,000 | ---D | C] -- D:\Desktop\1,2, 34 hau weg du tier
[2011.05.07 16:16:15 | 000,000,000 | ---D | C] -- D:\Dokumente\Verlauf
[2011.05.07 16:16:15 | 000,000,000 | ---D | C] -- D:\Dokumente\Meine empfangenen Dateien
[2011.05.07 16:16:15 | 000,000,000 | ---D | C] -- D:\Dokumente\DriverGenius
[2011.05.07 14:09:45 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Local\{023D64F4-F076-45A5-96BA-0D625A1F7AD4}
[2011.05.06 17:20:58 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Local\{717B112D-BC5D-4E14-BCEC-7F9E76492328}
[2011.05.05 16:40:13 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Local\{D3D9AA1B-3714-4479-A2D2-8D31A7DE5C26}
[2011.05.05 16:00:06 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Local\{189C5A6D-B8B1-4DEA-A539-DCF5AC30E151}
[2011.05.04 13:04:58 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Local\{218E6F72-6D76-412C-8C69-AE0847490A01}
[2011.05.03 22:10:40 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Local\{FE42C683-6F6C-4F8F-ABDB-BD3BB572DC6E}
[2011.05.03 21:10:48 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Local\{4C6FCC40-BA78-4FA5-AC42-63D6B5F7433F}
[2011.05.03 18:51:56 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Local\{FFCEA8E4-1200-474A-A27D-C52DE8E6D2FD}
[2011.05.03 06:34:26 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Local\{051C4733-453D-4F04-BC06-C5D8E195A8CC}
[2011.05.02 18:33:54 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Local\{2BA77C3F-69DD-4974-BED4-551C91D3225E}
[2011.05.01 11:33:11 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Local\{48BFEE1D-9B72-4C53-9576-67326722B4FC}
[2011.04.30 13:21:41 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Local\{B7E814CE-9DC4-4D8E-8A60-63F5B17E8A5F}
[2011.04.29 12:47:50 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Local\{A1092E65-C045-4ECD-A2FF-57DF6DF321CF}
[2011.04.29 00:05:44 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Local\{FD45066D-000A-4163-8C45-BF777AA52700}
[2011.04.28 12:04:27 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Local\{F10786E0-0E45-4980-8457-CCCD52577F79}
[2011.04.28 11:19:23 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Local\{3645BD88-38ED-4B92-B3DF-227BDBC51B6F}
[2011.04.27 21:17:53 | 000,000,000 | ---D | C] -- C:\Users\****\AppData\Local\{2771AF6C-453D-4F16-A279-F843B55B5D88}
[2011.04.27 17:16:24 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{A849EF8B-E009-42F7-95E1-3585A6E353D8}
[2011.04.27 00:44:03 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{DD601D78-105C-4E09-8FB6-9C01C1D330C1}
[2011.04.27 00:24:06 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Taalec
[2011.04.27 00:24:06 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Qebe
[2011.04.26 12:49:45 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
[2011.04.26 12:41:31 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{CCEDA5D8-8085-4D28-A633-8FDC2201D07C}
[2011.04.26 12:25:49 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{7B889E3A-5F0E-4350-92DA-CC9692FDDA9D}
[2011.04.26 12:14:42 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{735D1A6F-86DA-4386-B366-57FBBE14F64B}
[2011.04.25 11:57:01 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{72E79E3C-186F-432D-9410-FC8A5028CB71}
[2011.04.24 15:10:26 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{545E8DF5-045A-4340-B20D-63A98E68CDFD}
[2011.04.23 11:59:54 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2011.04.23 11:44:39 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2011.04.23 10:55:21 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{9358DDC4-3021-4DD1-9AD0-64DC06583904}
[2011.04.22 14:48:30 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\A57EF97ACF58BBEE62F6ADE8D8C40C57
[2011.04.22 13:04:23 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{EB9ABFE6-84EF-4287-9390-847D567C5074}
[2011.04.21 18:56:44 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{3F4480B2-B830-46E1-8627-8C18EFC9BDB9}
[2011.04.20 18:34:59 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{06B2886A-D170-4A8A-B035-DB89CD0FC4E6}
[2011.04.19 16:59:57 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\{E850B62F-408F-4A56-BDB6-192F515C1D73}
[2010.05.16 15:16:46 | 001,224,704 | ---- | C] ( ) -- C:\Windows\System32\lxcrserv.dll
[2010.05.16 15:16:46 | 000,991,232 | ---- | C] ( ) -- C:\Windows\System32\lxcrusb1.dll
[2010.05.16 15:16:46 | 000,413,696 | ---- | C] ( ) -- C:\Windows\System32\lxcrinpa.dll
[2010.05.16 15:16:46 | 000,397,312 | ---- | C] ( ) -- C:\Windows\System32\lxcriesc.dll
[2010.05.16 15:16:46 | 000,323,584 | ---- | C] ( ) -- C:\Windows\System32\LXCRhcp.dll
[2010.05.16 15:16:46 | 000,163,840 | ---- | C] ( ) -- C:\Windows\System32\lxcrprox.dll
[2010.05.16 15:16:46 | 000,094,208 | ---- | C] ( ) -- C:\Windows\System32\lxcrpplc.dll
[2010.05.16 15:16:45 | 000,684,032 | ---- | C] ( ) -- C:\Windows\System32\lxcrcomc.dll
[2010.05.16 15:16:45 | 000,643,072 | ---- | C] ( ) -- C:\Windows\System32\lxcrpmui.dll
[2010.05.16 15:16:45 | 000,585,728 | ---- | C] ( ) -- C:\Windows\System32\lxcrlmpm.dll
[2010.05.16 15:16:45 | 000,537,520 | ---- | C] ( ) -- C:\Windows\System32\lxcrcoms.exe
[2010.05.16 15:16:45 | 000,421,888 | ---- | C] ( ) -- C:\Windows\System32\lxcrcomm.dll
[2010.05.16 15:16:45 | 000,385,968 | ---- | C] ( ) -- C:\Windows\System32\lxcrih.exe
 
========== Files - Modified Within 30 Days ==========
 
[2011.05.18 20:34:35 | 000,014,192 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.05.18 20:34:35 | 000,014,192 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.05.18 20:33:50 | 007,146,118 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.05.18 20:33:50 | 006,387,328 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.05.18 20:29:39 | 000,000,374 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.ics
[2011.05.18 20:29:04 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.05.18 20:27:38 | 000,054,016 | ---- | M] () -- C:\Windows\System32\drivers\funp.sys
[2011.05.18 19:56:48 | 000,001,067 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.05.17 21:31:31 | 002,972,341 | ---- | M] () -- D:\Desktop\GEDC1795.JPG
[2011.05.07 16:23:15 | 000,000,484 | RHS- | M] () -- C:\Users\***\ntuser.pol
[2011.04.26 16:07:08 | 000,000,112 | ---- | M] () -- C:\ProgramData\5Ed0RlS.dat
 
========== Files Created - No Company Name ==========
 
[2011.05.18 20:27:38 | 000,054,016 | ---- | C] () -- C:\Windows\System32\drivers\funp.sys
[2011.05.18 19:56:48 | 000,001,067 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.05.17 21:31:09 | 002,972,341 | ---- | C] () -- D:\Desktop\GEDC1795.JPG
[2011.05.07 16:17:45 | 000,043,376 | ---- | C] () -- D:\Desktop\321159.jpg
[2011.05.07 16:17:45 | 000,000,094 | -H-- | C] () -- D:\Desktop\.~lock.Dear Hostfamily.odt#
[2011.05.07 16:17:45 | 000,000,094 | -H-- | C] () -- D:\Desktop\.~lock.couchsurfing.odt#
[2011.05.07 16:17:45 | 000,000,094 | -H-- | C] () -- D:\Desktop\.~lock.Bewerbungsanschreiben.odt#
[2011.05.07 16:16:15 | 000,017,974 | ---- | C] () -- D:\Dokumente\Bewerbungsanschreiben.odt_0.odt
[2011.04.30 21:39:01 | 000,001,108 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2011.04.26 13:30:23 | 000,000,112 | ---- | C] () -- C:\ProgramData\5Ed0RlS.dat
[2010.08.03 13:13:43 | 000,000,600 | ---- | C] () -- C:\Users\***\AppData\Roaming\winscp.rnd
[2010.07.05 22:41:58 | 000,165,376 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2010.05.28 15:18:02 | 000,000,040 | ---- | C] () -- C:\Users\***\AppData\Local\tmp.no23
[2010.05.18 18:17:25 | 000,000,023 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2010.05.16 15:16:46 | 000,274,432 | ---- | C] () -- C:\Windows\System32\LXCRinst.dll
[2009.06.21 11:19:23 | 000,007,680 | ---- | C] () -- C:\Windows\System32\vmsal.dll
[2009.06.13 20:41:01 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.06.13 19:47:22 | 003,644,464 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009.06.13 12:06:28 | 007,146,118 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009.06.13 12:06:28 | 006,387,328 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009.06.13 12:06:28 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009.06.13 12:06:28 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009.06.13 12:05:39 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009.06.13 12:04:46 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009.06.13 10:29:27 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2009.06.13 10:05:35 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.06.13 10:02:16 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009.06.13 09:52:52 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006.11.30 12:32:52 | 000,344,064 | ---- | C] () -- C:\Windows\System32\lxcrcoin.dll
[2006.08.14 17:01:48 | 000,065,536 | ---- | C] () -- C:\Windows\System32\lxcrcaps.dll
[2006.08.08 15:58:04 | 000,692,224 | ---- | C] () -- C:\Windows\System32\lxcrdrs.dll
[2006.03.23 04:33:20 | 000,040,960 | ---- | C] () -- C:\Windows\System32\lxcrvs.dll
[2005.12.20 12:54:04 | 000,061,440 | ---- | C] () -- C:\Windows\System32\lxcrcnv4.dll
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 102 bytes -> C:\ProgramData\TEMP:CB0AACC9
 
< End of report >