| needhelpp | 13.07.2012 15:33 |
1. keine Bedrohung gefunden
2. Code:
OTL Extras logfile created on: 13.07.2012 16:22:37 - Run 1
OTL by OldTimer - Version 3.2.54.0 Folder = C:\Users\admin\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,99 Gb Total Physical Memory | 1,01 Gb Available Physical Memory | 33,79% Memory free
6,18 Gb Paging File | 3,98 Gb Available in Paging File | 64,38% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232,88 Gb Total Space | 80,06 Gb Free Space | 34,38% Space Free | Partition Type: NTFS
Drive E: | 761,16 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: UDF
Computer Name: *** | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\fotobuch.de\Designer 2.0\Designer.exe" = C:\Program Files\fotobuch.de\Designer 2.0\Designer.exe:*:Designer.exe -- ()
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{22979276-E0AF-4C80-A883-95571FA189C0}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe |
"{3CCE7AEA-FC23-4CAE-8FCC-2A6988EEFD29}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{085BEEFA-E5C2-4D53-917F-0B66FD67A33B}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{142369D1-DAC8-4347-8880-5C50BB78A812}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{170D003C-7831-4622-8456-5B8209A9B4A7}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{1E4D475E-6F44-45D3-835C-5511FD90C0D2}" = protocol=17 | dir=in | app=c:\program files\xi\netxfer\nettransport.exe |
"{2AD247CE-4531-4199-B47A-649411B825F8}" = protocol=6 | dir=in | app=c:\program files\xi\netxfer\ftptransport.exe |
"{30C5205C-33A0-4A5F-A7B9-93E11C683DE5}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version7\teamviewer_service.exe |
"{48DE12AA-13C9-4F44-B834-9E788F5B7F6F}" = protocol=6 | dir=in | app=c:\program files\pinnacle\shared files\programs\strmserver\strmserver.exe |
"{4FE51107-E841-4F51-BD7F-3199B25D91EF}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{5566632B-B23A-4196-AAC3-54C436231627}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{58C4DAD2-AEDD-4F20-95FC-856EED6754CD}" = protocol=6 | dir=in | app=c:\program files\xi\netxfer\nettransport.exe |
"{60E10858-282C-4ECF-AD8F-E337C7B26EDB}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version7\teamviewer_service.exe |
"{8BA6F3B3-70F1-42F8-8C62-CE13084332DD}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{A3FB5747-EC23-4757-AF8E-112CA85234E7}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version7\teamviewer.exe |
"{A4D4523E-F0D4-4CC0-81DF-D2894B9413B3}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version7\teamviewer.exe |
"{A7FC5A3D-5F7A-421A-A1C1-0C4CA8F8EE8E}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe |
"{A99D03A1-1BAB-435E-AFA3-9699FBBAFCC0}" = protocol=17 | dir=in | app=c:\program files\pinnacle\shared files\programs\strmserver\strmserver.exe |
"{C8C948A1-9909-4561-A233-852DB90C1ACF}" = protocol=17 | dir=in | app=c:\program files\xi\netxfer\ftptransport.exe |
"{D3A453C4-23F6-4024-8928-CF06EB3E7549}" = dir=in | app=c:\program files\itunes\itunes.exe |
"TCP Query User{2A9570D5-531B-48A1-90AE-A505BC6AAEDF}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{69D513D5-A22D-42CA-AC47-7631F4814633}C:\program files\ultramixer4\jre\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\ultramixer4\jre\bin\javaw.exe |
"TCP Query User{8F410CA1-4A27-4D97-84CC-6FF315E6B753}C:\windows\system32\kms.exe" = protocol=6 | dir=in | app=c:\windows\system32\kms.exe |
"UDP Query User{637B7364-037A-466B-9EFF-06FC8E126C9B}C:\windows\system32\kms.exe" = protocol=17 | dir=in | app=c:\windows\system32\kms.exe |
"UDP Query User{AE7A5F7A-8084-4332-8A4F-89325AE6B164}C:\program files\ultramixer4\jre\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\ultramixer4\jre\bin\javaw.exe |
"UDP Query User{EDB77EB9-EF56-464B-A510-86AB2552F367}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{01E9B2FF-DAF4-4529-9CC9-2101625517C7}" = nero.prerequisites.msi
"{0320AB41-0926-4218-A8A6-68AC84E6BB93}" = Nero Recode 11
"{034DCAF9-96E7-4936-9A07-712F80B5181E}" = Nero RescueAgent 11
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{0713D1F9-DD77-42C1-8C7D-54D479E2E743}" = Nero SoundTrax 11
"{0D7A4289-99CF-4B8D-B812-86BE50A54552}" = Nero Video 11
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{11D3EF85-63E1-4AE4-A7C1-9241BDB16B51}" = Nero ControlCenter 11
"{122ADF8C-DDA1-480C-9936-C88F2825B265}" = Apple Application Support
"{1D5E29AD-39A9-4D0A-A8B6-46A6FCD8C995}" = Live! Cam Avatar
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2432E589-6256-4513-B0BF-EFA8E325D5F0}" = Nero SharedVideoCodecs
"{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java(TM) 6 Update 22
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java(TM) 7 Update 5
"{2CA7225D-CB12-462A-9DD1-50319E158BA5}" = Nero 11 PiP Effects Basic
"{2F603A45-D956-496B-81B5-50D782424976}" = SweetPacks Toolbar for Internet Explorer 4.4
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{332CC6BF-E6C7-48EE-BA3D-435E576AD67F}" = PaperPort Image Printer
"{390757AA-8830-43DC-AEE0-4E5B6F8439EB}" = Nero SoundTrax 11 Help (CHM)
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B6AD248-D3BF-426A-8D64-847288154F13}" = QuickSet
"{51865D9D-8F63-46F2-87AB-9E72F93B618C}" = welcome
"{53F7746A-96AA-49A5-86B8-59989680DAC5}" = Nero Burning ROM 11 Help (CHM)
"{55C2143E-FBA5-442F-9AFA-726FF068F39D}" = Nero CoverDesigner 11 Help (CHM)
"{57F80ECF-E27C-4EEE-AB58-E971BACE2639}" = Nero Recode 11 Help (CHM)
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01
"{5A212B2D-140D-46F4-B625-2D1CA5A00594}" = Nero 11 Kwik Themes Basic
"{5CB79EE7-301F-4AE7-A76D-D27BF8942E0A}" = Nero 11
"{63DB9CCD-2B56-4217-9A3D-507AC78320CA}" = mWMI
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}" = Live! Cam Avatar Creator
"{6AB2427E-A18F-4809-9A12-29F5EBABBB3A}" = Nero BackItUp 11 Help (CHM)
"{6AD9F5F3-5BD0-4000-BD9C-B536CF86D988}" = iTunes
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7C7AC2D4-1077-45C8-826A-16445B5E0DB7}" = Pinnacle DistanTV Server
"{8014FACB-1D1D-48C2-94AA-E29EE2E6B9CE}" = Nero WaveEditor 11
"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr
"{8C6BB412-D3A8-4AAE-A01B-35B681789D68}" = mHelp
"{8F1ADE4D-EFAC-4F5A-B346-23C2687FAF50}" = Apple Mobile Device Support
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUS_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.PROPLUS_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.PROPLUS_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-0044-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.PROPLUS_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{90140000-00BA-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{9193490D-5229-4FC4-9BB9-A6D63C09574A}" = High-Definition Video Playback
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{A0F925BF-5C55-44C2-A4E7-5A4C59791C29}" = mDriver
"{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}" = Brother MFL-Pro Suite
"{A7A0BF2E-31CC-49E3-9913-52C503EB969D}" = Nero Audio Pack 1
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB2BBC64-8AC8-4E66-BBF3-E22D5EACEECA}" = Nero BackItUp 11
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Deutsch
"{B1846721-A8E6-46C7-83B6-0DCF7ADB4267}" = Nero Burning ROM 11
"{B6C89654-A6A2-477C-873B-724EC1C56407}" = ScanSoft PaperPort 11
"{B85C4CB2-B352-4BD8-818C-BCE353599107}" = SweetIM for Messenger 3.6
"{B9B1BA7F-7E07-49DD-A713-5B397A5BB66B}" = Nero Kwik Media Help (CHM)
"{BE814218-3919-4EA3-868A-2F60BC135CB4}" = Nero Kwik Media
"{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}" = Nero Core Components 11
"{C268B5E1-A5DA-11DF-A289-005056C00008}" = Paragon Backup & Recovery™ 2012 Free
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D01CE99A-8802-483C-A79F-298B691EB432}" = Nero RescueAgent 11 Help (CHM)
"{D2CBEFA4-F2D3-4E97-A171-8BFD6A31A5EC}" = Nero Express 11 Help (CHM)
"{D4D66270-9147-4BDF-9946-FCA2B303AA8F}" = Nero ControlCenter 11 Help (CHM)
"{E10AAE4A-98B8-420A-BD93-E0520C23D624}" = Nero Express 11
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center (Support Software)
"{E51BC4B0-EA5E-49CC-AF3B-93B5C627EC22}" = Nero 11 Effects Basic
"{EB8DED20-A887-4A9C-BB5A-F3E7523DFB44}" = Nero WaveEditor 11 Help (CHM)
"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F3743A2C-5D5F-4456-8F98-5DF36A954C50}" = Nero 11 Image Samples
"{F38ADCA4-AF7C-4C73-9021-6F1EA15D15EA}" = Pinnacle TVCenter Pro
"{F49EF443-B2BD-4F10-8A46-87AFCDB90EDD}" = Nero 11 Disc Menus Basic
"{F5D7FAB5-A1FD-4DD3-983E-4155B09D7102}" = mCore
"{F63A3748-B93D-4360-9AD4-B064481A5C7B}" = Modem-Diagnose-Tool
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F8EF9B71-53E7-41F5-8E54-47B4C979CB38}" = Nero Backup Drivers
"{FAC3C37E-EDAB-4F3A-A173-A7C70CC88F09}" = Nero Video 11 Help (CHM)
"{FF44BCE5-5A18-4051-85F0-BC172D7B4695}" = Nero CoverDesigner 11
"5513-1208-7298-9440" = JDownloader 0.9
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"Advanced Video FX Engine" = Advanced Video FX Engine
"avast" = avast! Free Antivirus
"AVG Secure Search" = AVG Security Toolbar
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.4
"AVS4YOU Video Converter 7_is1" = AVS Video Converter 8
"Biet-O-Matic v2.14.8" = Biet-O-Matic v2.14.8
"Creative OEM002" = Laptop Integrated Webcam Driver (1.04.01.1011)
"DAEMON Tools Lite" = DAEMON Tools Lite
"Dell Webcam Center" = Dell Webcam Center
"Dell Webcam Manager" = Dell Webcam Manager
"Designer 2.0_is1" = Designer 2.0
"DivX Setup" = DivX-Setup
"FileHippo.com" = FileHippo.com Update Checker
"Google Chrome" = Google Chrome
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"Kinovea" = Kinovea
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.62.0.1300
"Marvell Miniport Driver" = Marvell Miniport Driver
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mixxx (1.10.0)" = Mixxx 1.10.0
"Mozilla Firefox 13.0.1 (x86 en-US)" = Mozilla Firefox 13.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"ProInst" = Intel(R) PROSet/Wireless Software
"Sandboxie" = Sandboxie 3.68 (32-bit)
"Secunia PSI" = Secunia PSI (2.0.0.4003)
"TeamViewer 7" = TeamViewer 7
"VLC media player" = VLC media player 2.0.1
"WinRAR archiver" = WinRAR 4.20 (32-bit)
"winscp3_is1" = WinSCP 4.3.8
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 13.07.2012 06:38:34 | Computer Name = Lappi | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 6178
Error - 13.07.2012 07:13:53 | Computer Name = Lappi | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 13.07.2012 07:13:53 | Computer Name = Lappi | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 2125014
Error - 13.07.2012 07:13:53 | Computer Name = Lappi | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 2125014
Error - 13.07.2012 07:13:54 | Computer Name = Lappi | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 13.07.2012 07:13:54 | Computer Name = Lappi | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 2126138
Error - 13.07.2012 07:13:54 | Computer Name = Lappi | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 2126138
Error - 13.07.2012 07:13:57 | Computer Name = Lappi | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 13.07.2012 07:13:57 | Computer Name = Lappi | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 2128618
Error - 13.07.2012 07:13:57 | Computer Name = Lappi | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 2128618
[ System Events ]
Error - 10.04.2012 04:52:06 | Computer Name = Lappi | Source = Service Control Manager | ID = 7000
Description =
Error - 10.04.2012 04:53:49 | Computer Name = Lappi | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =
Error - 10.04.2012 07:15:23 | Computer Name = Lappi | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =
Error - 10.04.2012 07:16:24 | Computer Name = Lappi | Source = Service Control Manager | ID = 7000
Description =
Error - 11.04.2012 01:27:54 | Computer Name = Lappi | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =
Error - 11.04.2012 01:28:45 | Computer Name = Lappi | Source = Service Control Manager | ID = 7000
Description =
Error - 11.04.2012 05:57:44 | Computer Name = Lappi | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =
Error - 11.04.2012 05:58:37 | Computer Name = Lappi | Source = Service Control Manager | ID = 7000
Description =
Error - 11.04.2012 10:07:25 | Computer Name = Lappi | Source = DCOM | ID = 10010
Description =
Error - 11.04.2012 14:20:47 | Computer Name = Lappi | Source = Service Control Manager | ID = 7000
Description =
< End of report >
Code:
OTL logfile created on: 13.07.2012 16:22:37 - Run 1
OTL by OldTimer - Version 3.2.54.0 Folder = C:\Users\admin\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,99 Gb Total Physical Memory | 1,01 Gb Available Physical Memory | 33,79% Memory free
6,18 Gb Paging File | 3,98 Gb Available in Paging File | 64,38% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 232,88 Gb Total Space | 80,06 Gb Free Space | 34,38% Space Free | Partition Type: NTFS
Drive E: | 761,16 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: UDF
Computer Name: *** | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\admin\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_3_300_265.exe (Adobe Systems, Inc.)
PRC - C:\Programme\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe ()
PRC - C:\Programme\AVG Secure Search\vprot.exe ()
PRC - C:\Programme\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Programme\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\Sandboxie\SbieCtrl.exe (SANDBOXIE L.T.D)
PRC - C:\Programme\Sandboxie\SbieSvc.exe (SANDBOXIE L.T.D)
PRC - C:\Programme\FileHippo.com\UpdateChecker.exe (FileHippo.com)
PRC - C:\Programme\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Programme\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
PRC - C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Programme\Nero\Update\NASvc.exe (Nero AG)
PRC - C:\Programme\Secunia\PSI\psia.exe (Secunia)
PRC - C:\Programme\Secunia\PSI\sua.exe (Secunia)
PRC - C:\Programme\Secunia\PSI\psi_tray.exe (Secunia)
PRC - C:\Programme\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Dell Support Center\bin\sprtsvc.exe (SupportSoft, Inc.)
PRC - C:\Programme\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
PRC - C:\Programme\Dell\QuickSet\quickset.exe (Dell Inc.)
PRC - C:\Programme\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Programme\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
PRC - C:\Programme\Pinnacle\Shared Files\Programs\StrmServer\StrmServer.exe (Pinnacle Systems)
PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\Programme\DellTPad\ApntEx.exe (Alps Electric Co., Ltd.)
PRC - C:\Programme\DellTPad\ApMsgFwd.exe (Alps Electric Co., Ltd.)
PRC - C:\Windows\OEM02Mon.exe (Creative Technology Ltd.)
PRC - C:\Programme\Brother\Brmfcmon\BrMfcMon.exe (Brother Industries, Ltd.)
PRC - C:\Programme\DellTPad\hidfind.exe (Alps Electric Co., Ltd.)
========== Modules (No Company Name) ==========
MOD - C:\Windows\System32\Macromed\Flash\NPSWF32_11_3_300_265.dll ()
MOD - C:\Programme\Common Files\AVG Secure Search\SiteSafetyInstaller\11.2.0\SiteSafety.dll ()
MOD - C:\Programme\AVG Secure Search\vprot.exe ()
MOD - C:\Programme\Mozilla Firefox\mozjs.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\2467a133aee73396c830b9b0a9c7ec0d\Microsoft.VisualBasic.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\508b444db523c5cf20ff12c7f440837b\System.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\f2691cfa7671cdc58179e56ba9227591\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\18f9789aa214c657113e676b3a9015aa\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\846b9cf2756fdd15f704c9bab9c70b6f\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\bd76aaaa03ddc15d1840207b5a480644\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d2630342a066a7cb9056d9eb6157687a\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\28d633338fc8d29f8af31935ef7d001b\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\af9c9e9d7e0523cd444f8b551baa9cbf\mscorlib.ni.dll ()
MOD - C:\Programme\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Programme\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Programme\DivX\DivX Update\DivXUpdateCheck.dll ()
MOD - C:\Programme\DivX\DivX Update\DivXUpdate.exe ()
MOD - C:\Programme\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Programme\Pinnacle\Shared Files\Programs\StrmServer\UPnPStreamingDevice.dll ()
========== Win32 Services (SafeList) ==========
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (vToolbarUpdater11.2.0) -- C:\Programme\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe ()
SRV - (avast! Antivirus) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (MBAMService) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (SbieSvc) -- C:\Programme\Sandboxie\SbieSvc.exe (SANDBOXIE L.T.D)
SRV - (TeamViewer7) -- C:\Programme\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (AdobeARMservice) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (NAUpdate) -- C:\Programme\Nero\Update\NASvc.exe (Nero AG)
SRV - (Secunia PSI Agent) -- C:\Programme\Secunia\PSI\psia.exe (Secunia)
SRV - (Secunia Update Agent) -- C:\Programme\Secunia\PSI\sua.exe (Secunia)
SRV - (Microsoft SharePoint Workspace Audit Service) -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE (Microsoft Corporation)
SRV - (osppsvc) -- C:\Programme\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
SRV - (ose) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (yksvc) -- C:\Windows\System32\ykx32mpcoinst.dll (Marvell)
SRV - (sprtsvc_DellSupportCenter) SupportSoft Sprocket Service (DellSupportCenter) -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe (SupportSoft, Inc.)
SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (IAANTMON) Intel(R) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
========== Driver Services (SafeList) ==========
DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
DRV - (MBAMSwissArmy) -- C:\Windows\System32\drivers\mbamswissarmy.sys (Malwarebytes Corporation)
DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswSnx) -- C:\Windows\System32\drivers\aswSnx.sys (AVAST Software)
DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswMonFlt) -- C:\Windows\System32\drivers\aswMonFlt.sys (AVAST Software)
DRV - (AswRdr) -- C:\Windows\System32\drivers\aswRdr.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (dtsoftbus01) -- C:\Windows\System32\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV - (SbieDrv) -- C:\Programme\Sandboxie\SbieDrv.sys (SANDBOXIE L.T.D)
DRV - (NBVol) -- C:\Windows\System32\drivers\NBVol.sys (Nero AG)
DRV - (NBVolUp) -- C:\Windows\System32\drivers\NBVolUp.sys (Nero AG)
DRV - (Uim_IM) -- C:\Windows\System32\drivers\Uim_IM.sys (Paragon)
DRV - (Uim_Vim) -- C:\Windows\System32\drivers\Uim_Vim.sys (Paragon)
DRV - (UimBus) -- C:\Windows\System32\drivers\UimBus.sys (Windows (R) 2000 DDK provider)
DRV - (PSI) -- C:\Windows\System32\drivers\psi_mf.sys (Secunia)
DRV - (ApfiltrService) -- C:\Windows\System32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV - (OEM02Dev) -- C:\Windows\System32\drivers\OEM02Dev.sys (Creative Technology Ltd.)
DRV - (NETw4v32) Intel(R) -- C:\Windows\System32\drivers\NETw4v32.sys (Intel Corporation)
DRV - (Ltn_stk7070P) -- C:\Windows\System32\drivers\Ltn_stk7070P.sys (LITEON)
DRV - (Ltn_stkrc) -- C:\Windows\System32\drivers\Ltn_stkrc.sys (LITEON)
DRV - (IntcHdmiAddService) Intel(R) -- C:\Windows\System32\drivers\IntcHdmi.sys (Intel(R) Corporation)
DRV - (rismxdp) -- C:\Windows\System32\drivers\rixdptsk.sys (REDC)
DRV - (OEM02Vfx) -- C:\Windows\System32\drivers\OEM02Vfx.sys (EyePower Games Pte. Ltd.)
DRV - (rimmptsk) -- C:\Windows\System32\drivers\rimmptsk.sys (REDC)
DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://home.sweetim.com/?crg=3.1010000.10005’
IE - HKLM\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010000.10005’
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://isearch.avg.com/?cid={645EC409-8B58-4B38-90C7-1C980FE2B617}&mid=341005eeee6a47d0b533d156a71633c1-9d1c6937c3c0b51fdad163c70aa3c50056532445&lang=de&ds=od011&pr=sa&d=2012-06-17 10:39:27&v=11.1.0.7&sap=hp
IE - HKCU\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/?q={searchTerms}&affID=109989&babsrc=SP_ss&mntrId=8c1492c9000000000000001d09591750
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = hxxp://isearch.avg.com/search?cid={645EC409-8B58-4B38-90C7-1C980FE2B617}&mid=341005eeee6a47d0b533d156a71633c1-9d1c6937c3c0b51fdad163c70aa3c50056532445&lang=de&ds=od011&pr=sa&d=2012-06-17 10:39:27&v=11.1.0.7&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010000.10005’
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "hxxp://www.bild.de/"
FF - prefs.js..keyword.URL: "hxxp://isearch.avg.com/search?cid=%7B02f9d947-4aa1-483a-abc7-fc7ad84931a6%7D&mid=341005eeee6a47d0b533d156a71633c1-9d1c6937c3c0b51fdad163c70aa3c50056532445&ds=od011&v=11.1.0.7&lang=de&pr=sa&d=2012-06-17%2010%3A39%3A27&sap=ku&q="
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: ""
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaulturl: ""
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: ""
FF - prefs.js..browser.startup.homepage: "hxxp://www.bild.de/"
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_265.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\11.2.0\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.0: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.0: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Nero.com/KM: C:\PROGRA~1\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012.07.10 09:39:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.06.17 08:27:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\11.1.0.12\ [2012.07.09 21:42:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.06.17 19:08:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.05.22 10:35:48 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.06.17 19:08:01 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.05.22 10:35:48 | 000,000,000 | ---D | M]
[2012.03.28 16:52:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\admin\AppData\Roaming\mozilla\Extensions
[2012.07.10 09:39:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\admin\AppData\Roaming\mozilla\Firefox\Profiles\fmmahgfc.default\extensions
[2012.07.10 09:39:22 | 000,000,000 | ---D | M] (FireShot) -- C:\Users\admin\AppData\Roaming\mozilla\Firefox\Profiles\fmmahgfc.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}
[2012.07.10 09:39:24 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\admin\AppData\Roaming\mozilla\Firefox\Profiles\fmmahgfc.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
[2012.05.11 10:12:41 | 000,000,000 | ---D | M] ("Fox Splitter") -- C:\Users\admin\AppData\Roaming\mozilla\Firefox\Profiles\fmmahgfc.default\extensions\foxsplitter@piro.sakura.ne.jp
[2012.05.05 14:05:03 | 000,000,000 | ---D | M] (IE Tab Plus) -- C:\Users\admin\AppData\Roaming\mozilla\Firefox\Profiles\fmmahgfc.default\extensions\ietab@ip.cn
[2012.04.01 12:11:11 | 000,003,941 | ---- | M] () -- C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\fmmahgfc.default\searchplugins\sweetim.xml
[2012.06.17 08:29:23 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.07.10 09:39:26 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2012.06.17 08:27:59 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 <video>) -- C:\PROGRAM FILES\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5
[2012.07.09 21:42:58 | 000,000,000 | ---D | M] (AVG Security Toolbar) -- C:\PROGRAMDATA\AVG SECURE SEARCH\11.1.0.12
[2012.06.26 13:03:00 | 000,339,843 | ---- | M] () (No name found) -- C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FMMAHGFC.DEFAULT\EXTENSIONS\{19503E42-CA3C-4C27-B1E2-9CDB2170EE34}.XPI
[2012.03.31 18:54:11 | 000,164,858 | ---- | M] () (No name found) -- C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FMMAHGFC.DEFAULT\EXTENSIONS\{37E4D8EA-8BDA-4831-8EA1-89053939A250}.XPI
[2012.06.26 16:12:17 | 000,289,256 | ---- | M] () (No name found) -- C:\USERS\ADMIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FMMAHGFC.DEFAULT\EXTENSIONS\LANGPACK-DE@FIREFOX.MOZILLA.ORG.XPI
[2012.06.17 19:08:01 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.07.09 21:42:52 | 000,003,769 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
[2012.04.02 17:58:30 | 000,002,313 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2012.06.01 17:39:16 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.06.01 17:39:16 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
========== Chrome ==========
CHR - homepage: hxxp://www.google.com
CHR - homepage: hxxp://www.google.com
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\20.0.1132.47\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\20.0.1132.47\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\20.0.1132.47\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_262.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Nero Kwik Media Helper (Enabled) = C:\PROGRA~1\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL
CHR - plugin: AVG SiteSafety plugin (Enabled) = C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\11.1.0\\npsitesafety.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U5 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Java Deployment Toolkit 7.0.50.5 (Enabled) = C:\Windows\system32\npDeployJava1.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: YouTube = C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google-Suche = C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: avast! WebRep = C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1451_0\
CHR - Extension: avast! WebRep = C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1456_0\
CHR - Extension: Mehr Leistung und Videoformate f\u00FCr dein HTML5 \u003Cvideo\u003E = C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: Google Mail = C:\Users\admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Programme\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Programme\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll ()
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SweetPacks Browser Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Programme\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [Apoint] C:\Programme\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [dellsupportcenter] C:\Program Files\Dell Support Center\bin\sprtcmd.exe (SupportSoft, Inc.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [IAAnotif] C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NBAgent] C:\Program Files\Nero\Nero 11\Nero BackItUp\NBAgent.exe (Nero AG)
O4 - HKLM..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [SweetIM] C:\Programme\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe ()
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [FileHippo.com] C:\Program Files\FileHippo.com\UpdateChecker.exe (FileHippo.com)
O4 - HKCU..\Run: [PMCLoader] C:\Program Files\Pinnacle\TVCenter Pro\PMCLoader.exe (Pinnacle Systems GmbH)
O4 - HKCU..\Run: [PMCRemote] File not found
O4 - HKCU..\Run: [SandboxieControl] C:\Program Files\Sandboxie\SbieCtrl.exe (SANDBOXIE L.T.D)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Web-Suche - C:\Programme\SweetIM\Toolbars\Internet Explorer\resources\MenuExt.html ()
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 10.5.0)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 10.5.0)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{11559FD1-DD76-4DA6-BF63-C12BED417E55}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DE27A848-7AA8-4027-A121-608441E240EA}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Programme\Common Files\AVG Secure Search\ViProtocolInstaller\11.2.0\ViProtocol.dll ()
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img35.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img35.jpg
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2010.03.12 14:48:15 | 000,000,175 | R--- | M] () - E:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{017b65a0-8a0f-11e1-8d7f-001fe1f2da32}\Shell - "" = AutoRun
O33 - MountPoints2\{017b65a0-8a0f-11e1-8d7f-001fe1f2da32}\Shell\AutoRun\command - "" = E:\setup.exe -- [2010.03.12 04:28:59 | 001,100,664 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\{017b65a0-8a0f-11e1-8d7f-001fe1f2da32}\Shell\configure\command - "" = E:\setup.exe -- [2010.03.12 04:28:59 | 001,100,664 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\{017b65a0-8a0f-11e1-8d7f-001fe1f2da32}\Shell\install\command - "" = E:\setup.exe -- [2010.03.12 04:28:59 | 001,100,664 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\{865a851f-89f7-11e1-93f0-001fe1f2da32}\Shell - "" = AutoRun
O33 - MountPoints2\{865a851f-89f7-11e1-93f0-001fe1f2da32}\Shell\AutoRun\command - "" = E:\setup.exe -- [2010.03.12 04:28:59 | 001,100,664 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\{865a851f-89f7-11e1-93f0-001fe1f2da32}\Shell\configure\command - "" = E:\setup.exe -- [2010.03.12 04:28:59 | 001,100,664 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\{865a851f-89f7-11e1-93f0-001fe1f2da32}\Shell\install\command - "" = E:\setup.exe -- [2010.03.12 04:28:59 | 001,100,664 | R--- | M] (Microsoft Corporation)
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2012.07.13 13:48:27 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2012.07.12 13:54:18 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Roaming\Malwarebytes
[2012.07.12 13:54:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.07.12 13:54:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.07.12 13:54:00 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.07.12 13:54:00 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.07.11 13:55:11 | 002,047,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012.07.11 13:52:28 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012.07.11 13:52:27 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012.07.11 13:52:26 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012.07.11 13:52:26 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012.07.11 13:52:25 | 001,800,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012.07.11 13:52:25 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012.07.11 13:52:24 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012.07.11 11:50:30 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll
[2012.07.06 13:25:39 | 000,000,000 | ---D | C] -- C:\Users\admin\Documents\Judiths 30
[2012.07.06 11:33:13 | 000,000,000 | ---D | C] -- C:\ProgramData\fotobuch.de AG
[2012.07.06 11:33:13 | 000,000,000 | ---D | C] -- C:\Users\admin\Documents\Designer Files
[2012.07.06 11:33:11 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Roaming\fotobuch.de AG
[2012.07.06 11:32:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\fotobuch.de
[2012.07.06 11:30:44 | 000,000,000 | ---D | C] -- C:\Program Files\fotobuch.de
[2012.07.06 11:30:44 | 000,000,000 | ---D | C] -- C:\Windows\System32\artworks
[2012.07.01 11:38:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012.06.21 10:51:28 | 000,045,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2012.06.21 10:51:27 | 002,422,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2012.06.21 07:28:09 | 000,577,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2012.06.21 07:28:09 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2012.06.21 07:28:09 | 000,035,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2012.06.21 07:27:37 | 000,171,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2012.06.21 07:27:37 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2012.06.18 21:07:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinSCP
[2012.06.18 21:07:05 | 000,000,000 | ---D | C] -- C:\Program Files\WinSCP
[2012.06.17 10:39:57 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Local\AVG Secure Search
[2012.06.17 10:39:26 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG Secure Search
[2012.06.17 10:39:19 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AVG Secure Search
[2012.06.17 10:39:18 | 000,000,000 | ---D | C] -- C:\Program Files\AVG Secure Search
[2012.06.17 10:38:55 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2012.06.17 09:31:11 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012.06.17 09:31:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012.06.17 09:30:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
[2012.06.17 09:30:07 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Roaming\pdfforge
[2012.06.17 09:30:03 | 000,662,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSCOMCT2.OCX
[2012.06.17 09:30:03 | 000,137,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSMAPI32.OCX
[2012.06.17 09:30:02 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSCC2DE.DLL
[2012.06.17 09:30:02 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Roaming\OpenCandy
[2012.06.17 09:30:01 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSMPIDE.DLL
[2012.06.17 09:30:01 | 000,000,000 | ---D | C] -- C:\Program Files\PDFCreator
[2012.06.17 08:47:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012.06.17 08:46:21 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012.06.17 08:46:19 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012.06.17 08:37:04 | 000,227,824 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2012.06.17 08:35:54 | 000,174,064 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2012.06.17 08:35:54 | 000,174,064 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2012.06.17 08:33:17 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Local\Macromedia
========== Files - Modified Within 30 Days ==========
[2012.07.13 16:14:45 | 000,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.07.13 16:14:45 | 000,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.07.13 15:57:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.07.13 15:45:00 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.07.13 13:48:46 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2012.07.13 13:13:55 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.07.13 12:17:09 | 000,000,349 | ---- | M] () -- C:\Users\Public\Documents\PCLECHAL.INI
[2012.07.13 12:16:26 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.07.13 12:14:29 | 3210,784,768 | -HS- | M] () -- C:\hiberfil.sys
[2012.07.13 09:15:41 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2012.07.12 22:39:32 | 000,013,000 | ---- | M] () -- C:\Users\admin\Documents\meineSchufa.de _ Registrierung online.pdf
[2012.07.12 14:57:30 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012.07.12 14:57:30 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012.07.12 09:09:11 | 000,631,358 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.07.12 09:09:11 | 000,598,612 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.07.12 09:09:11 | 000,127,668 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.07.12 09:09:11 | 000,105,284 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.07.11 20:43:52 | 000,417,984 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.07.10 14:00:43 | 000,041,113 | ---- | M] () -- C:\Users\admin\Documents\meineimmobilie.de - Immobilien Bewertung.pdf
[2012.07.10 09:39:27 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2012.07.07 23:40:07 | 000,101,542 | ---- | M] () -- C:\Users\admin\Documents\GF Stäwog.pdf
[2012.07.06 11:55:03 | 000,035,840 | ---- | M] () -- C:\Users\admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.07.06 11:32:30 | 000,001,856 | ---- | M] () -- C:\Users\admin\Desktop\Designer 2.0.lnk
[2012.07.06 10:55:57 | 000,003,044 | ---- | M] () -- C:\Windows\Sandboxie.ini
[2012.07.03 18:21:54 | 000,054,232 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2012.07.03 18:21:53 | 000,721,000 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2012.07.03 18:21:53 | 000,353,688 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2012.07.03 18:21:53 | 000,057,656 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2012.07.03 18:21:53 | 000,035,928 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr.sys
[2012.07.03 18:21:53 | 000,021,256 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2012.07.03 18:21:32 | 000,041,224 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2012.07.03 18:21:28 | 000,227,648 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2012.07.03 13:46:44 | 000,022,344 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.07.02 20:28:53 | 032,985,769 | ---- | M] () -- C:\Users\admin\Eisen 8 02.07.12.mkv
[2012.07.02 20:27:42 | 026,920,386 | ---- | M] () -- C:\Users\admin\Eisen 8 front 02.07.12.mkv
[2012.07.02 20:26:39 | 019,834,853 | ---- | M] () -- C:\Users\admin\Eisen 6 front 02.07.12.mkv
[2012.07.02 20:25:46 | 021,210,506 | ---- | M] () -- C:\Users\admin\Eisen 6 02.07.12.mkv
[2012.07.02 20:24:31 | 015,046,577 | ---- | M] () -- C:\Users\admin\Eisen 3 02.07.12.mkv
[2012.07.02 20:23:48 | 021,809,336 | ---- | M] () -- C:\Users\admin\Eisen 3 front 02.07.12.mkv
[2012.07.02 20:22:11 | 019,939,294 | ---- | M] () -- C:\Users\admin\Driver front 02.07.12.mkv
[2012.07.02 20:20:07 | 016,418,871 | ---- | M] () -- C:\Users\admin\Driver 02.07.12.mkv
[2012.07.01 11:50:06 | 000,083,331 | ---- | M] () -- C:\Users\admin\Documents\Projektassi Stelle.pdf
[2012.06.21 15:13:41 | 000,398,999 | ---- | M] () -- C:\Users\admin\Eheurkunde.jpg
[2012.06.21 15:12:49 | 000,405,649 | ---- | M] () -- C:\Users\admin\heiratsurkunde.jpg
[2012.06.21 15:11:45 | 000,328,114 | ---- | M] () -- C:\Users\admin\Documents\Eheurkunde.pdf
[2012.06.20 21:23:58 | 000,000,600 | ---- | M] () -- C:\Users\admin\AppData\Roaming\winscp.rnd
[2012.06.18 21:07:07 | 000,001,634 | ---- | M] () -- C:\Users\admin\Desktop\WinSCP.lnk
[2012.06.17 11:42:34 | 000,089,725 | ---- | M] () -- C:\Users\admin\Documents\Anzeigenmarkt Nordsee-Zeitung _ Stellenmarkt (Stellenangebote) _ Suchergebnis.pdf
[2012.06.17 09:30:09 | 000,000,993 | ---- | M] () -- C:\Users\Public\Desktop\PDFArchitect.lnk
[2012.06.17 09:30:09 | 000,000,828 | ---- | M] () -- C:\Users\Public\Desktop\PDFCreator.lnk
[2012.06.17 08:47:19 | 000,001,664 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012.06.17 08:35:40 | 000,772,592 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\npdeployJava1.dll
[2012.06.17 08:35:40 | 000,687,600 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\deployJava1.dll
[2012.06.17 08:35:40 | 000,227,824 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2012.06.17 08:35:40 | 000,174,064 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2012.06.17 08:35:40 | 000,174,064 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2012.06.17 08:29:26 | 000,000,846 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.06.17 08:28:14 | 000,001,394 | ---- | M] () -- C:\Users\admin\Desktop\DivX Movies.lnk
[2012.06.17 08:26:42 | 000,000,917 | ---- | M] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
========== Files Created - No Company Name ==========
[2012.07.12 22:39:31 | 000,013,000 | ---- | C] () -- C:\Users\admin\Documents\meineSchufa.de _ Registrierung online.pdf
[2012.07.10 14:00:42 | 000,041,113 | ---- | C] () -- C:\Users\admin\Documents\meineimmobilie.de - Immobilien Bewertung.pdf
[2012.07.07 23:40:06 | 000,101,542 | ---- | C] () -- C:\Users\admin\Documents\GF Stäwog.pdf
[2012.07.06 11:32:30 | 000,001,856 | ---- | C] () -- C:\Users\admin\Desktop\Designer 2.0.lnk
[2012.07.02 20:28:35 | 032,985,769 | ---- | C] () -- C:\Users\admin\Eisen 8 02.07.12.mkv
[2012.07.02 20:27:26 | 026,920,386 | ---- | C] () -- C:\Users\admin\Eisen 8 front 02.07.12.mkv
[2012.07.02 20:26:31 | 019,834,853 | ---- | C] () -- C:\Users\admin\Eisen 6 front 02.07.12.mkv
[2012.07.02 20:25:34 | 021,210,506 | ---- | C] () -- C:\Users\admin\Eisen 6 02.07.12.mkv
[2012.07.02 20:24:24 | 015,046,577 | ---- | C] () -- C:\Users\admin\Eisen 3 02.07.12.mkv
[2012.07.02 20:23:40 | 021,809,336 | ---- | C] () -- C:\Users\admin\Eisen 3 front 02.07.12.mkv
[2012.07.02 20:22:01 | 019,939,294 | ---- | C] () -- C:\Users\admin\Driver front 02.07.12.mkv
[2012.07.02 20:20:00 | 016,418,871 | ---- | C] () -- C:\Users\admin\Driver 02.07.12.mkv
[2012.07.01 11:50:05 | 000,083,331 | ---- | C] () -- C:\Users\admin\Documents\Projektassi Stelle.pdf
[2012.07.01 11:35:36 | 000,001,096 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.07.01 11:35:35 | 000,001,092 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.06.21 15:13:40 | 000,398,999 | ---- | C] () -- C:\Users\admin\Eheurkunde.jpg
[2012.06.21 15:12:48 | 000,405,649 | ---- | C] () -- C:\Users\admin\heiratsurkunde.jpg
[2012.06.21 15:11:39 | 000,328,114 | ---- | C] () -- C:\Users\admin\Documents\Eheurkunde.pdf
[2012.06.18 21:07:09 | 000,000,600 | ---- | C] () -- C:\Users\admin\AppData\Roaming\winscp.rnd
[2012.06.18 21:07:07 | 000,001,634 | ---- | C] () -- C:\Users\admin\Desktop\WinSCP.lnk
[2012.06.17 11:42:33 | 000,089,725 | ---- | C] () -- C:\Users\admin\Documents\Anzeigenmarkt Nordsee-Zeitung _ Stellenmarkt (Stellenangebote) _ Suchergebnis.pdf
[2012.06.17 09:30:09 | 000,000,993 | ---- | C] () -- C:\Users\Public\Desktop\PDFArchitect.lnk
[2012.06.17 09:30:09 | 000,000,828 | ---- | C] () -- C:\Users\Public\Desktop\PDFCreator.lnk
[2012.06.17 08:47:19 | 000,001,664 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012.06.17 08:28:14 | 000,001,394 | ---- | C] () -- C:\Users\admin\Desktop\DivX Movies.lnk
[2012.06.17 08:26:42 | 000,000,917 | ---- | C] () -- C:\Users\Public\Desktop\DivX Plus Player.lnk
[2012.05.22 19:33:48 | 000,196,096 | ---- | C] () -- C:\Windows\System32\MACD32.DLL
[2012.05.22 19:33:48 | 000,138,752 | ---- | C] () -- C:\Windows\System32\MASE32.DLL
[2012.05.22 19:33:48 | 000,136,192 | ---- | C] () -- C:\Windows\System32\MAMC32.DLL
[2012.05.22 19:33:48 | 000,057,856 | ---- | C] () -- C:\Windows\System32\MASD32.DLL
[2012.05.22 19:33:48 | 000,027,648 | ---- | C] () -- C:\Windows\System32\MA32.DLL
[2012.04.13 15:56:43 | 031,245,933 | ---- | C] () -- C:\Users\admin\kurzes Eisen 13.4.12.mkv
[2012.04.13 15:54:56 | 012,321,174 | ---- | C] () -- C:\Users\admin\mittleres Eisen 13.4.12.mkv
[2012.04.13 15:50:04 | 023,774,173 | ---- | C] () -- C:\Users\admin\Eisen 3 13.4.12.mkv
[2012.04.13 15:46:55 | 029,628,308 | ---- | C] () -- C:\Users\admin\mittleres Eisen Front 13.4.12.mkv
[2012.04.10 17:40:28 | 000,015,873 | ---- | C] () -- C:\Windows\System32\Inetde.dll
[2012.04.01 18:40:14 | 000,000,425 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2012.04.01 18:40:14 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI
[2012.04.01 18:19:07 | 000,000,050 | ---- | C] () -- C:\Windows\System32\bridf07a.dat
[2012.04.01 18:12:20 | 000,031,664 | ---- | C] () -- C:\Windows\maxlink.ini
[2012.03.31 16:08:29 | 000,035,840 | ---- | C] () -- C:\Users\admin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.03.30 09:43:24 | 000,003,044 | ---- | C] () -- C:\Windows\Sandboxie.ini
[2012.03.29 01:50:18 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2012.03.29 01:50:17 | 000,631,358 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2012.03.29 01:50:17 | 000,127,668 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2012.03.29 01:50:17 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2012.03.28 22:02:12 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2012.03.28 22:00:25 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2012.03.28 21:04:03 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2012.03.28 17:23:35 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll
[2012.03.28 16:25:49 | 000,000,074 | RHS- | C] () -- C:\Windows\CT4CET.bin
[2012.03.28 16:15:00 | 000,000,680 | ---- | C] () -- C:\Users\admin\AppData\Local\d3d9caps.dat
[2012.03.28 16:04:03 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
========== LOP Check ==========
[2012.04.02 17:58:26 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Babylon
[2012.04.19 12:47:04 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\DAEMON Tools Lite
[2012.04.15 21:35:59 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\FireShot
[2012.07.06 11:33:13 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\fotobuch.de AG
[2012.03.31 20:59:36 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Kinovea
[2012.06.17 09:30:02 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\OpenCandy
[2012.04.01 12:17:43 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\OpenOffice.org
[2012.06.17 09:30:07 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\pdfforge
[2012.05.10 15:58:42 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\UltraMixer4
[2012.04.02 17:55:58 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Xi
[2012.07.13 09:15:41 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
< End of report >
|
