Falsche Weiterleitungen in Firefox nach Google-Suche | Windows 7

OTL logfile created on: 11.09.2011 17:41:06 - Run 1
OTL by OldTimer - Version 3.2.27.0     Folder = I:\
 Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,25 Gb Total Physical Memory | 2,47 Gb Available Physical Memory | 75,99% Memory free
6,49 Gb Paging File | 5,74 Gb Available in Paging File | 88,35% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 911,51 Gb Total Space | 375,96 Gb Free Space | 41,25% Space Free | Partition Type: NTFS
Drive D: | 19,99 Gb Total Space | 8,92 Gb Free Space | 44,63% Space Free | Partition Type: FAT32
Drive E: | 22,85 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive I: | 3,64 Gb Total Space | 2,29 Gb Free Space | 62,90% Space Free | Partition Type: FAT32
 
Computer Name: FLO | User Name: Flo | Logged in as Administrator.
Boot Mode: SafeMode | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2011.09.11 17:37:04 | 000,581,120 | ---- | M] (OldTimer Tools) -- I:\OTL.exe
PRC - [2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
 
 
========== Modules (No Company Name) ==========
 
 
========== Win32 Services (SafeList) ==========
 
SRV - File not found [On_Demand | Stopped] --  -- (WPFFontCache_v0400)
SRV - [2011.08.17 17:52:05 | 002,352,632 | ---- | M] (TeamViewer GmbH) [Auto | Stopped] -- C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2011.08.01 17:30:27 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2011.05.20 22:35:16 | 000,371,344 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011.04.27 15:39:26 | 000,208,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV - [2011.04.27 15:39:26 | 000,011,736 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV - [2011.03.10 00:17:16 | 000,884,856 | ---- | M] (Connectify) [Auto | Stopped] -- C:\Program Files\Connectify\Connectifyd.exe -- (Connectify)
SRV - [2010.08.20 23:41:31 | 000,407,336 | ---- | M] (Valve Corporation) [Disabled | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010.04.06 00:41:46 | 000,116,224 | ---- | M] (Brio) [Disabled | Stopped] -- C:\Program Files\FolderSize\FolderSizeSvc.exe -- (FolderSize)
SRV - [2010.02.19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009.01.26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Stopped] -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
SRV - [2008.12.09 20:01:50 | 000,405,504 | R--- | M] () [Disabled | Stopped] -- C:\Program Files\Common Files\AVerMedia\Service\AVerScheduleService.exe -- (AVerScheduleService)
SRV - [2008.10.21 22:51:03 | 000,352,256 | R--- | M] (AVerMedia) [Disabled | Stopped] -- C:\Program Files\Common Files\AVerMedia\Service\AVerRemote.exe -- (AVerRemote)
SRV - [2007.10.09 00:19:22 | 000,350,824 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2007.06.05 13:20:32 | 000,169,288 | ---- | M] () [Auto | Stopped] -- C:\Windows\System32\PSIService.exe -- (ProtexisLicensing)
SRV - [2007.04.13 08:49:00 | 000,101,528 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2011.08.27 17:06:44 | 000,027,248 | ---- | M] (Connectify) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\cnnctfy2.sys -- (cnnctfy2)
DRV - [2011.07.29 03:00:38 | 000,229,224 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\VMM.sys -- (vmm)
DRV - [2011.07.19 13:18:42 | 000,104,752 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV - [2011.07.19 13:18:40 | 000,158,000 | ---- | M] (Oracle Corporation) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\VBoxDrv.sys -- (VBoxDrv)
DRV - [2011.07.19 13:18:40 | 000,116,016 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VBoxNetFlt.sys -- (VBoxNetFlt)
DRV - [2011.07.19 13:18:40 | 000,093,488 | ---- | M] (Oracle Corporation) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\VBoxUSBMon.sys -- (VBoxUSBMon)
DRV - [2011.07.19 13:18:40 | 000,082,736 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VBoxUSB.sys -- (VBoxUSB)
DRV - [2011.05.25 09:24:42 | 010,589,800 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2011.04.27 15:25:24 | 000,065,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
DRV - [2011.04.18 13:18:50 | 000,043,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MpNWMon.sys -- (MpNWMon)
DRV - [2011.03.07 20:20:12 | 000,029,248 | ---- | M] (Connectify) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\connctfy.sys -- (connctfyMP)
DRV - [2011.03.07 20:20:12 | 000,029,248 | ---- | M] (Connectify) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\connctfy.sys -- (connctfy)
DRV - [2010.11.09 15:35:30 | 000,021,992 | ---- | M] (CPUID) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\cpuz135_x32.sys -- (cpuz135)
DRV - [2010.06.03 17:07:18 | 000,013,112 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\jumi.sys -- (jumi)
DRV - [2010.03.26 22:09:24 | 000,017,480 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2009.09.01 16:59:44 | 000,087,536 | ---- | M] (CyberLink Corp.) [2009/04/22 16:10:50] [Kernel | Auto | Stopped] -- C:\Program Files\HomeCinema\PowerDVD9\000.fcl -- ({B154377D-700F-42cc-9474-23858FBDF4BD})
DRV - [2009.07.14 01:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009.07.14 01:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009.07.14 01:45:33 | 000,083,456 | ---- | M] () [Kernel | System | Stopped] -- C:\Windows\System32\drivers\serial.sys -- (Serial)
DRV - [2009.07.14 00:02:53 | 000,657,408 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netr28u.sys -- (netr28u)
DRV - [2009.07.14 00:02:50 | 000,211,456 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel(R)
DRV - [2009.02.24 18:42:14 | 000,116,736 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mcdbus.sys -- (mcdbus)
DRV - [2008.08.18 05:16:04 | 001,163,520 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AVerA706.sys -- (AVerA706)
DRV - [2008.07.30 07:51:30 | 000,277,736 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\acedrv11.sys -- (acedrv11)
DRV - [2007.12.10 15:22:22 | 000,110,120 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s3017unic.sys -- (s3017unic) Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (WDM)
DRV - [2007.12.10 15:22:22 | 000,100,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s3017obex.sys -- (s3017obex)
DRV - [2007.12.10 15:22:20 | 000,104,616 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s3017mgmt.sys -- (s3017mgmt) Sony Ericsson Device 3017 USB WMC Device Management Drivers (WDM)
DRV - [2007.12.10 15:22:20 | 000,025,512 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s3017nd5.sys -- (s3017nd5) Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (NDIS)
DRV - [2007.12.10 15:22:18 | 000,110,632 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s3017mdm.sys -- (s3017mdm)
DRV - [2007.12.10 15:22:18 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s3017mdfl.sys -- (s3017mdfl)
DRV - [2007.12.10 15:22:14 | 000,083,880 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s3017bus.sys -- (s3017bus) Sony Ericsson Device 3017 driver (WDM)
DRV - [2007.07.26 09:25:12 | 000,039,808 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\srs_sscfilter_i386.sys -- (SRS_SSCFilter) SRS Labs Audio Sandbox (WDM)
DRV - [2007.04.02 07:44:42 | 000,019,584 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AVerEth.sys -- (AVerEth)
DRV - [2007.01.12 20:09:53 | 000,082,296 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sfvfs02.sys -- (sfvfs02) StarForce Protection VFS Driver (version 2.x)
DRV - [2006.07.10 18:19:58 | 000,027,032 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\sfsync02.sys -- (sfsync02) StarForce Protection Synchronization Driver (version 2.x)
DRV - [2006.07.05 14:39:29 | 000,059,256 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV - [2006.06.14 16:56:56 | 000,013,680 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2004.04.01 16:30:46 | 000,010,368 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\pfc.sys -- (pfc)
DRV - [2002.06.12 23:50:00 | 000,040,672 | ---- | M] (Hitachi Semiconductor and Devices Sales Co.,Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\cesg502.sys -- (PVUSB)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:6522
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://flvdirect.iamwired.net/websearch.php?src=tops&search="
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "about:blank"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.7.2
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.2
FF - prefs.js..extensions.enabledItems: {0b457cAA-602d-484a-8fe7-c1d894a011ba}:0.80
FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:1.1.9
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: firebug@software.joehewitt.com:1.6.0
FF - prefs.js..extensions.enabledItems: {e213bb8f-8ebd-11db-96b7-005056c00008}:3.0.0.90
FF - prefs.js..extensions.enabledItems: {D46E8522-6E86-44b1-A622-58C0668AD78E}:3.6.0
FF - prefs.js..keyword.URL: "hxxp://www.google.de/search?q="
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Program Files\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Windows\system32\C2MP\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pack.google.com/Google Updater;version=14: C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=12.0.1.652: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.652: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.65\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.8: C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKCU\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Users\Flo\Program Files\DNA\plugins\npbtdna.dll File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=8: C:\Users\Flo\AppData\Local\Google\Update\1.2.183.23\npGoogleOneClick8.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{000a9d1c-beef-4f90-9363-039d445309b8}: C:\Program Files\Google\Google Gears\Firefox\ [2011.07.31 11:30:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{184AA5E6-741D-464a-820E-94B3ABC2F3B4}: C:\Users\Flo\AppData\Roaming\5020 [2011.07.31 12:17:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.09.11 14:45:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.09.04 12:16:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.7\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011.08.29 18:46:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.7\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{184AA5E6-741D-464a-820E-94B3ABC2F3B4}: C:\Users\Flo\AppData\Roaming\5020 [2011.07.31 12:17:50 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{d5bc46d8-67c7-11dc-8c1d-0097498c2b7a}: C:\Users\Flo\Program Files\DNA
 
[2011.07.31 12:19:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Flo\AppData\Roaming\mozilla\Extensions
[2010.12.30 17:48:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Flo\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011.08.17 11:31:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Flo\AppData\Roaming\mozilla\Firefox\Profiles\3hn68ptw.default\extensions
[2011.08.05 18:37:57 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Flo\AppData\Roaming\mozilla\Firefox\Profiles\3hn68ptw.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010.10.17 18:57:31 | 000,001,540 | ---- | M] () -- C:\Users\Flo\AppData\Roaming\Mozilla\Firefox\Profiles\3hn68ptw.default\searchplugins\beichthauscom.xml
[2011.05.10 12:47:28 | 000,001,018 | ---- | M] () -- C:\Users\Flo\AppData\Roaming\Mozilla\Firefox\Profiles\3hn68ptw.default\searchplugins\facebook.xml
[2011.05.11 14:52:49 | 000,001,194 | ---- | M] () -- C:\Users\Flo\AppData\Roaming\Mozilla\Firefox\Profiles\3hn68ptw.default\searchplugins\stupidedia-de.xml
[2011.06.18 08:43:08 | 000,002,057 | ---- | M] () -- C:\Users\Flo\AppData\Roaming\Mozilla\Firefox\Profiles\3hn68ptw.default\searchplugins\youtube-videosuche.xml
[2011.07.31 11:35:28 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011.07.31 11:35:28 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2011.07.31 12:17:50 | 000,000,000 | ---D | M] (Java String Helper) -- C:\USERS\FLO\APPDATA\ROAMING\5020
() (No name found) -- C:\USERS\FLO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3HN68PTW.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\USERS\FLO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3HN68PTW.DEFAULT\EXTENSIONS\{D4DD63FA-01E4-46A7-B6B1-EDAB7D6AD389}.XPI
() (No name found) -- C:\USERS\FLO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3HN68PTW.DEFAULT\EXTENSIONS\{D9A7CBEC-DE1A-444F-A092-844461596C4D}.XPI
() (No name found) -- C:\USERS\FLO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3HN68PTW.DEFAULT\EXTENSIONS\{DDC359D1-844A-42A7-9AA1-88A850A938A8}.XPI
[2011.09.11 14:45:18 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010.04.12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011.07.31 20:14:33 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.07.31 20:14:33 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011.07.31 20:14:33 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2011.07.31 20:14:33 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.07.31 20:14:33 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.07.31 20:14:33 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2011.02.05 14:01:36 | 000,000,080 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: 74.208.10.249 gs.apple.com
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Google Gears Helper) - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [BDRegion] C:\Program Files\Cyberlink\Shared files\brs.exe (cyberlink)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [IJNetworkScanUtility] C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE (CANON INC.)
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [UnlockerAssistant] C:\Program Files\Unlocker\UnlockerAssistant.exe ()
O4 - HKCU..\Run: [DisplayFusion] C:\Program Files\DisplayFusion\DisplayFusion.exe (Binary Fortress Software)
O4 - HKCU..\Run: [Screenshot Captor] C:\Program Files\ScreenshotCaptor\ScreenshotCaptor.exe (DonationCoder)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - HKLM..\RunOnce: [SpybotDeletingA1366] C:\Windows\System32\COMMAND.COM ()
O4 - HKLM..\RunOnce: [SpybotDeletingC2437] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Flo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Spamihilator.lnk = C:\Program Files\Spamihilator\spamihilator.exe (Michel Krämer)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O9 - Extra 'Tools' menuitem : &Gears-Einstellungen - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.36.0\gears.dll (Google Inc.)
O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} -  File not found
O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} -  File not found
O9 - Extra Button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} -  File not found
O9 - Extra 'Tools' menuitem : ICQ - {6224f700-cba3-4071-b251-47cb894244cd} -  File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000030 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000031 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000032 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000033 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000034 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000035 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000036 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000037 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000038 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000039 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000040 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000041 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000042 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000043 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000044 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000045 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000046 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000047 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000048 -  File not found
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: line6.net ([]* in Trusted sites)
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} hxxp://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab (Symantec AntiVirus scanner)
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} hxxp://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab (Symantec RuFSI Utility Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7EB0C715-A1FA-4E7D-97EE-21FB9F66BFCD}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DD9632FF-2600-4EC1-967E-ABC8342F0842}: NameServer = 192.168.2.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O22 - SharedTaskScheduler: {EC654325-1273-C2A9-2B7C-45D29BCE68FB} - Deskscapes - C:\Program Files\Stardock\Object Desktop\DeskScapes\deskscapes.dll (Stardock Corporation)
O22 - SharedTaskScheduler: {EC654325-1273-C2A9-2B7C-45D29BCE68FD} - Stardock Vista ControlPanel Extension - C:\Program Files\Stardock\Object Desktop\DeskScapes\DesktopControlPanel.dll (Stardock)
O22 - SharedTaskScheduler: {EC654325-1273-C2A9-2B7C-45D29BCE68FF} - StardockDreamController - C:\Program Files\Stardock\Object Desktop\DeskScapes\DreamControl.dll (Stardock)
O24 - Desktop WallPaper: 
O24 - Desktop BackupWallPaper: 
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2011.09.02 23:21:22 | 000,000,025 | -H-- | M] () - I:\Autorun.ini -- [ FAT32 ]
O33 - MountPoints2\{2a6971af-bb53-11e0-b103-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{2a6971af-bb53-11e0-b103-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Intro.exe
O33 - MountPoints2\{ce94651b-73d1-11de-9ccf-00242178ad6e}\Shell - "" = AutoRun
O33 - MountPoints2\{ce94651b-73d1-11de-9ccf-00242178ad6e}\Shell\AutoRun\command - "" = K:\wubi.exe --cdmenu
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...com [@ = comfile] -- Reg Error: Key error. File not found
O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found
 
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Webordner
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Air Mouse.lnk -  - File not found
MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AVer HID Receiver.lnk - C:\Program Files\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe - ()
MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AVerQuick.lnk - C:\Program Files\Common Files\AVerMedia\AVerQuick\AVerQuick.exe - (AVerMedia TECHNOLOGIES, Inc.)
MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE - (Microsoft Corporation)
MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Symantec Fax Starter Edition-Anschluss.lnk -  - File not found
MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinTV Recording Status..lnk -  - File not found
MsConfig - StartUpFolder: C:^Users^Flo^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^explorer.exe -  - File not found
MsConfig - StartUpFolder: C:^Users^Flo^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech Touch Mouse Server.lnk - C:\Program Files\Logitech Touch Mouse Server\iTouch-Server-Win.exe - (Logitech, Inc.)
MsConfig - StartUpFolder: C:^Users^Flo^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MagicDisc.lnk - C:\Program Files\MagicDisc\MagicDisc.exe - (MagicISO, Inc.)
MsConfig - StartUpFolder: C:^Users^Flo^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.1.lnk -  - File not found
MsConfig - StartUpFolder: C:^Users^Flo^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Xfire.lnk -  - File not found
MsConfig - StartUpReg: Adobe ARM - hkey= - key= -  File not found
MsConfig - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= -  File not found
MsConfig - StartUpReg: AdobeAAMUpdater-1.0 - hkey= - key= - C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: AdobeCS5ServiceManager - hkey= - key= - C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: Adobe_ID0EYTHM - hkey= - key= -  File not found
MsConfig - StartUpReg: AeroSnap - hkey= - key= -  File not found
MsConfig - StartUpReg: BDRegion - hkey= - key= - C:\Program Files\Cyberlink\Shared files\brs.exe (cyberlink)
MsConfig - StartUpReg: BitTorrent DNA - hkey= - key= -  File not found
MsConfig - StartUpReg: CanonMyPrinter - hkey= - key= - C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
MsConfig - StartUpReg: CanonSolutionMenu - hkey= - key= - C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
MsConfig - StartUpReg: CarryLaunch - hkey= - key= - C:\Users\Flo\AppData\Roaming\CoSoSys\CarryItEasy\CarryLaunch.exe ()
MsConfig - StartUpReg: CLMLServer - hkey= - key= - C:\Program Files\HomeCinema\Power2Go\CLMLSvc.exe (CyberLink)
MsConfig - StartUpReg: Connectify - hkey= - key= - C:\Program Files\Connectify\Connectify.exe (Connectify)
MsConfig - StartUpReg: Creative SB Monitoring Utility - hkey= - key= -  File not found
MsConfig - StartUpReg: ehTray.exe - hkey= - key= - C:\Windows\ehome\ehtray.exe (Microsoft Corporation)
MsConfig - StartUpReg: Google Update - hkey= - key= - C:\Users\Flo\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
MsConfig - StartUpReg: ICQ - hkey= - key= -  File not found
MsConfig - StartUpReg: iTunesHelper - hkey= - key= - C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.)
MsConfig - StartUpReg: msnmsgr - hkey= - key= - C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
MsConfig - StartUpReg: NBKeyScan - hkey= - key= - C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG)
MsConfig - StartUpReg: NvCplDaemon - hkey= - key= -  File not found
MsConfig - StartUpReg: NvMediaCenter - hkey= - key= -  File not found
MsConfig - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
MsConfig - StartUpReg: SearchSettings - hkey= - key= -  File not found
MsConfig - StartUpReg: Skype - hkey= - key= - C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
MsConfig - StartUpReg: Sony Ericsson PC Suite - hkey= - key= - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe (Sony Ericsson Mobile Communications AB)
MsConfig - StartUpReg: Speech Recognition - hkey= - key= - C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation)
MsConfig - StartUpReg: Steam - hkey= - key= - C:\Program Files\Steam\Steam.exe (Valve Corporation)
MsConfig - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
MsConfig - StartUpReg: swg - hkey= - key= - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
MsConfig - StartUpReg: SwitchBoard - hkey= - key= - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: TrayServer - hkey= - key= -  File not found
MsConfig - StartUpReg: WebcammaxMoniter - hkey= - key= -  File not found
MsConfig - StartUpReg: WMPNSCFG - hkey= - key= - C:\Program Files\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
MsConfig - State: "bootini" - 2
MsConfig - State: "services" - 2
MsConfig - State: "startup" - 2
 
CREATERESTOREPOINT
Error creating restore point.
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.09.11 16:18:16 | 000,000,000 | ---D | C] -- C:\Users\Flo\Desktop\1304068745-MafiaTheCityofLostHeavenTrainer11
[2011.09.11 16:18:16 | 000,000,000 | ---D | C] -- C:\Users\Flo\Desktop\1168176511-Mafia304967Mafia Savegames
[2011.09.11 14:48:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
[2011.09.11 14:48:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2011.09.11 14:48:23 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2011.09.11 14:25:08 | 000,000,000 | --SD | C] -- C:\32788R22FWJFW
[2011.09.11 14:22:39 | 000,000,000 | ---D | C] -- C:\Users\Flo\Desktop\daddelbambum
[2011.09.11 13:29:23 | 000,000,000 | --SD | C] -- C:\ComboFix
[2011.09.11 13:27:35 | 000,000,000 | -H-D | C] -- C:\Windows\PIF
[2011.09.11 09:24:45 | 000,000,000 | ---D | C] -- C:\Users\Flo\Desktop\The_Gun_Realism_Mod
[2011.09.11 09:24:44 | 000,000,000 | ---D | C] -- C:\Users\Flo\Desktop\Teleport_Mod_v1.0
[2011.09.11 09:24:05 | 125,627,344 | ---- | C] (                                                            ) -- C:\Users\Flo\Desktop\MedionAG.2101(Medion)(R4_DVD090828-03.exe
[2011.09.10 19:18:56 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2011.09.09 15:43:14 | 000,000,000 | ---D | C] -- C:\Users\Flo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CityBars Mod v1.0
[2011.09.09 15:43:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CityBars Mod v1.0
[2011.09.09 15:42:47 | 000,000,000 | ---D | C] -- C:\Users\Flo\Desktop\CityBars_&_Locomotive
[2011.09.09 15:04:07 | 000,000,000 | ---D | C] -- C:\Users\Flo\Desktop\Archiv
[2011.09.09 14:58:24 | 000,000,000 | ---D | C] -- C:\Users\Flo\Documents\Eigene Webs
[2011.09.09 14:53:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Verwaltung
[2011.09.09 14:53:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
[2011.09.09 14:53:00 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio
[2011.09.09 14:51:45 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft FrontPage
[2011.09.09 14:49:55 | 000,000,000 | ---D | C] -- C:\Windows\Twain32
[2011.09.05 19:08:02 | 000,000,000 | ---D | C] -- C:\Users\Flo\Desktop\mafia_trainer2
[2011.09.04 20:44:04 | 000,021,992 | ---- | C] (CPUID) -- C:\Windows\System32\drivers\cpuz135_x32.sys
[2011.09.04 20:44:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
[2011.09.04 20:44:03 | 000,000,000 | ---D | C] -- C:\Program Files\CPUID
[2011.09.04 12:17:39 | 000,000,000 | ---D | C] -- C:\Users\Flo\AppData\Roaming\SumatraPDF
[2011.09.04 12:17:36 | 000,000,000 | ---D | C] -- C:\Program Files\SumatraPDF
[2011.09.02 19:12:15 | 000,000,000 | ---D | C] -- C:\Users\Flo\Documents\ArmA
[2011.09.02 19:12:15 | 000,000,000 | ---D | C] -- C:\Users\Flo\AppData\Local\ArmA
[2011.09.01 19:06:27 | 000,000,000 | ---D | C] -- C:\Users\Flo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mafia
[2011.09.01 19:06:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mafia
[2011.09.01 19:02:35 | 000,000,000 | ---D | C] -- C:\Program Files\Mafia
[2011.08.30 17:08:51 | 000,000,000 | ---D | C] -- C:\Windows\uninstall
[2011.08.29 18:48:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011.08.29 18:47:52 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011.08.29 18:46:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2011.08.29 18:45:52 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime
[2011.08.29 16:34:35 | 000,000,000 | ---D | C] -- C:\Users\Flo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
[2011.08.29 16:34:35 | 000,000,000 | ---D | C] -- C:\Program Files\Unlocker
[2011.08.28 19:34:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\nLite
[2011.08.28 19:34:24 | 000,000,000 | ---D | C] -- C:\Program Files\nLite
[2011.08.27 17:06:44 | 000,027,248 | ---- | C] (Connectify) -- C:\Windows\System32\drivers\cnnctfy2.sys
[2011.08.23 17:00:10 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2011.08.22 18:10:38 | 003,211,112 | ---- | C] (TeamViewer GmbH) -- C:\Users\Flo\TeamViewer_Setup_de.exe
[2011.08.20 18:29:26 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Sync Framework
[2011.08.18 21:18:19 | 000,000,000 | ---D | C] -- C:\Users\Flo\AppData\Local\Connectify
[2011.08.18 21:18:04 | 000,000,000 | ---D | C] -- C:\Users\Flo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Connectify
[2011.08.18 21:17:22 | 000,000,000 | ---D | C] -- C:\Program Files\Connectify
[2011.08.18 18:40:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2011.08.18 18:40:00 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2011.08.18 16:43:53 | 000,000,000 | ---D | C] -- C:\Users\Flo\AppData\Roaming\Skype
[2011.08.18 13:25:26 | 001,081,480 | ---- | C] (Skype Technologies S.A.) -- C:\Users\Flo\SkypeSetup.exe
[2011.08.15 21:26:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\vLite
[2011.08.15 21:26:01 | 000,000,000 | ---D | C] -- C:\Program Files\vLite
[2011.07.01 22:44:20 | 000,207,824 | ---- | C] (Adobe Systems, Incorporated) -- C:\Users\Flo\AppData\Roaming\AcroIEHelpe036.dll
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[10 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Users\Flo\AppData\Roaming\*.tmp files -> C:\Users\Flo\AppData\Roaming\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2011.09.11 17:38:41 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.09.11 17:38:32 | 2615,808,000 | -HS- | M] () -- C:\hiberfil.sys
[2011.09.11 17:37:47 | 000,010,512 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.09.11 17:37:47 | 000,010,512 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.09.11 17:32:00 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2011.09.11 17:21:54 | 000,026,438 | ---- | M] () -- C:\Users\Flo\Desktop\Screenshot - 11.09.2011 , 17_21_53.jpg
[2011.09.11 17:21:16 | 000,581,120 | ---- | M] () -- C:\Users\Flo\Desktop\OTL.exe
[2011.09.11 17:19:01 | 000,000,000 | ---- | M] () -- C:\Users\Flo\defogger_reenable
[2011.09.11 17:16:57 | 000,302,592 | ---- | M] () -- C:\Users\Flo\Desktop\510xwikv.exe
[2011.09.11 17:16:19 | 000,050,477 | ---- | M] () -- C:\Users\Flo\Desktop\Defogger.exe
[2011.09.11 16:59:00 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.09.11 16:18:03 | 001,176,089 | ---- | M] () -- C:\Users\Flo\Desktop\1304068745-MafiaTheCityofLostHeavenTrainer11.rar
[2011.09.11 16:17:28 | 000,187,895 | ---- | M] () -- C:\Users\Flo\Desktop\1168176511-Mafia304967Mafia Savegames.rar
[2011.09.11 15:44:30 | 022,748,153 | ---- | M] () -- C:\Users\Flo\Desktop\rescue_system-common-en.iso.part
[2011.09.11 15:19:38 | 000,000,121 | ---- | M] () -- C:\Windows\wininit.ini
[2011.09.11 14:25:15 | 000,699,908 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.09.11 14:25:15 | 000,654,224 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.09.11 14:25:15 | 000,149,144 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.09.11 14:25:15 | 000,122,056 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.09.11 14:20:47 | 000,000,000 | ---- | M] () -- C:\Windows\3035044018
[2011.09.11 11:58:51 | 000,029,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msxml3a.dll
[2011.09.11 10:10:55 | 125,627,344 | ---- | M] (                                                            ) -- C:\Users\Flo\Desktop\MedionAG.2101(Medion)(R4_DVD090828-03.exe
[2011.09.11 09:40:02 | 000,000,926 | ---- | M] () -- C:\Users\Flo\Desktop\ Mafia Mod Starter .lnk
[2011.09.10 19:18:52 | 339,401,972 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011.09.10 16:54:01 | 004,037,824 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011.09.09 16:40:09 | 000,000,000 | -HS- | M] () -- C:\Windows\{2521BB91-29B1-4d7e-9137-AC9875D77735}
[2011.09.09 14:53:54 | 000,000,510 | ---- | M] () -- C:\Windows\ODBC.INI
[2011.09.09 14:53:54 | 000,000,063 | ---- | M] () -- C:\Windows\mdm.ini
[2011.09.09 14:53:35 | 000,001,932 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk
[2011.09.08 19:31:12 | 017,274,182 | ---- | M] () -- C:\Users\Flo\Desktop\CityBars_&_Locomotive.rar
[2011.09.08 19:24:29 | 002,180,428 | ---- | M] () -- C:\Users\Flo\Desktop\Teleport_Mod_v1.0.rar
[2011.09.08 19:23:32 | 000,005,191 | ---- | M] () -- C:\Users\Flo\Desktop\The_Gun_Realism_Mod.rar
[2011.09.06 16:22:38 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2011.09.04 11:40:03 | 000,017,920 | ---- | M] () -- C:\Users\Flo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.08.28 11:12:39 | 038,950,350 | ---- | M] () -- C:\Users\Flo\vt_zetros_panda_16zu9_432p-b98a22a0e7fe1233.mp4
[2011.08.27 17:06:44 | 000,027,248 | ---- | M] (Connectify) -- C:\Windows\System32\drivers\cnnctfy2.sys
[2011.08.27 16:56:06 | 007,569,642 | ---- | M] () -- C:\Users\Flo\Bag Raider - Way Back Home.mp3
[2011.08.22 18:11:46 | 003,211,112 | ---- | M] (TeamViewer GmbH) -- C:\Users\Flo\TeamViewer_Setup_de.exe
[2011.08.20 23:56:26 | 000,000,000 | -H-- | M] () -- C:\Users\Flo\Documents\Default.rdp
[2011.08.18 21:16:10 | 002,450,576 | ---- | M] () -- C:\Users\Flo\ConnectifyInstaller2.2.exe
[2011.08.18 13:25:53 | 001,081,480 | ---- | M] (Skype Technologies S.A.) -- C:\Users\Flo\SkypeSetup.exe
[2011.08.15 11:49:39 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[10 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Users\Flo\AppData\Roaming\*.tmp files -> C:\Users\Flo\AppData\Roaming\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2011.09.11 17:21:54 | 000,026,438 | ---- | C] () -- C:\Users\Flo\Desktop\Screenshot - 11.09.2011 , 17_21_53.jpg
[2011.09.11 17:20:58 | 000,581,120 | ---- | C] () -- C:\Users\Flo\Desktop\OTL.exe
[2011.09.11 17:19:01 | 000,000,000 | ---- | C] () -- C:\Users\Flo\defogger_reenable
[2011.09.11 17:16:52 | 000,302,592 | ---- | C] () -- C:\Users\Flo\Desktop\510xwikv.exe
[2011.09.11 17:16:19 | 000,050,477 | ---- | C] () -- C:\Users\Flo\Desktop\Defogger.exe
[2011.09.11 16:17:36 | 001,176,089 | ---- | C] () -- C:\Users\Flo\Desktop\1304068745-MafiaTheCityofLostHeavenTrainer11.rar
[2011.09.11 16:17:24 | 000,187,895 | ---- | C] () -- C:\Users\Flo\Desktop\1168176511-Mafia304967Mafia Savegames.rar
[2011.09.11 15:35:46 | 022,748,153 | ---- | C] () -- C:\Users\Flo\Desktop\rescue_system-common-en.iso.part
[2011.09.11 09:40:02 | 000,000,926 | ---- | C] () -- C:\Users\Flo\Desktop\ Mafia Mod Starter .lnk
[2011.09.10 19:18:52 | 339,401,972 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2011.09.09 16:40:09 | 000,000,000 | -HS- | C] () -- C:\Windows\{2521BB91-29B1-4d7e-9137-AC9875D77735}
[2011.09.09 16:36:46 | 000,000,000 | ---- | C] () -- C:\Windows\3035044018
[2011.09.09 14:53:35 | 000,002,687 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft FrontPage.lnk
[2011.09.09 14:53:35 | 000,001,932 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk
[2011.09.08 19:25:04 | 017,274,182 | ---- | C] () -- C:\Users\Flo\Desktop\CityBars_&_Locomotive.rar
[2011.09.08 19:23:43 | 002,180,428 | ---- | C] () -- C:\Users\Flo\Desktop\Teleport_Mod_v1.0.rar
[2011.09.08 19:23:34 | 000,005,191 | ---- | C] () -- C:\Users\Flo\Desktop\The_Gun_Realism_Mod.rar
[2011.09.04 12:17:37 | 000,001,839 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SumatraPDF.lnk
[2011.09.02 23:05:43 | 034,407,594 | ---- | C] () -- C:\Users\Flo\HMS CAMPBELTOWN - BOHEMIAN WARDROOM.svi.AVI
[2011.08.27 22:17:34 | 038,950,350 | ---- | C] () -- C:\Users\Flo\vt_zetros_panda_16zu9_432p-b98a22a0e7fe1233.mp4
[2011.08.27 16:53:11 | 007,569,642 | ---- | C] () -- C:\Users\Flo\Bag Raider - Way Back Home.mp3
[2011.08.22 18:19:12 | 000,001,096 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 6.lnk
[2011.08.20 23:56:26 | 000,000,000 | -H-- | C] () -- C:\Users\Flo\Documents\Default.rdp
[2011.08.18 21:15:10 | 002,450,576 | ---- | C] () -- C:\Users\Flo\ConnectifyInstaller2.2.exe
[2011.08.01 19:31:24 | 000,107,520 | RHS- | C] () -- C:\Windows\System32\TAKDSDecoder.dll
[2011.07.31 16:47:24 | 000,017,920 | ---- | C] () -- C:\Users\Flo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.07.31 13:05:45 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2011.07.31 12:40:33 | 000,021,532 | ---- | C] () -- C:\Windows\System32\emptyregdb.dat
[2011.07.11 18:21:41 | 000,210,944 | ---- | C] () -- C:\Windows\System32\MSVCRT10.DLL
[2011.05.20 22:35:28 | 000,304,744 | ---- | C] () -- C:\Windows\System32\nvStreaming.exe
[2011.04.09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2011.02.11 23:14:15 | 000,000,896 | ---- | C] () -- C:\Windows\STBC.ini
[2011.01.29 23:04:26 | 000,000,911 | ---- | C] () -- C:\Windows\STA2.ini
[2010.09.28 17:11:54 | 000,003,072 | ---- | C] () -- C:\Windows\System32\34CoInstaller.dll
[2010.09.28 17:10:15 | 000,049,152 | R--- | C] () -- C:\Windows\System32\AVerIO.dll
[2010.09.28 17:10:15 | 000,003,456 | R--- | C] () -- C:\Windows\System32\AVerIO.sys
[2010.09.28 17:09:42 | 000,253,952 | R--- | C] () -- C:\Windows\System32\sptlib02.dll
[2010.09.28 17:09:42 | 000,249,856 | R--- | C] () -- C:\Windows\System32\sptlib01.dll
[2010.09.28 17:09:42 | 000,245,760 | R--- | C] () -- C:\Windows\System32\sptlib03.dll
[2010.09.12 16:54:04 | 000,000,016 | ---- | C] () -- C:\Windows\System32\msvcsv60.dll
[2010.09.05 05:04:55 | 000,000,082 | ---- | C] () -- C:\Windows\mafosav.INI
[2010.08.22 09:04:43 | 000,171,512 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
[2010.08.22 00:25:19 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2010.08.22 00:25:19 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2010.08.22 00:25:19 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2010.08.22 00:25:19 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2010.08.22 00:25:19 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2010.08.13 23:24:32 | 000,000,032 | ---- | C] () -- C:\Windows\CD_START.INI
[2010.05.02 09:21:12 | 000,000,016 | ---- | C] () -- C:\Windows\msocreg32.dat
[2010.04.07 21:47:06 | 000,000,064 | ---- | C] () -- C:\Windows\AVerText.ini
[2010.04.07 01:37:24 | 000,000,058 | ---- | C] () -- C:\Windows\System32\DonationCoder_ScreenshotCaptor_InstallInfo.dat
[2010.03.16 13:35:38 | 004,167,680 | ---- | C] () -- C:\Windows\System32\PhotoLooksRenderer.dll
[2010.02.28 10:02:48 | 000,000,025 | ---- | C] () -- C:\Windows\SIERRA.INI
[2010.02.28 00:46:36 | 000,008,192 | ---- | C] () -- C:\Windows\d3dx.dat
[2010.02.27 22:32:51 | 000,000,948 | ---- | C] () -- C:\Windows\QIII.INI
[2009.12.02 17:07:05 | 000,000,026 | ---- | C] () -- C:\Windows\neosetup.INI
[2009.11.27 18:14:22 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2009.11.18 11:11:40 | 000,000,056 | RHS- | C] () -- C:\Windows\System32\EDBA5D96B2.sys
[2009.11.18 11:11:36 | 000,000,900 | -HS- | C] () -- C:\Windows\System32\KGyGaAvL.sys
[2009.11.13 04:04:32 | 000,000,127 | ---- | C] () -- C:\Windows\System32\MRT.INI
[2009.11.12 14:56:22 | 000,022,825 | ---- | C] () -- C:\Windows\System32\ksaud.ini
[2009.11.12 14:54:06 | 000,106,496 | ---- | C] () -- C:\Windows\System32\APOMngr.dll
[2009.11.12 14:54:06 | 000,069,120 | ---- | C] () -- C:\Windows\System32\CmdRtr.dll
[2009.10.21 20:03:49 | 000,003,654 | ---- | C] () -- C:\Windows\System32\drivers\Sonyhcp.dll
[2009.10.20 21:26:15 | 000,053,248 | ---- | C] () -- C:\Windows\System32\mgxasio2.dll
[2009.10.17 01:21:49 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2009.10.03 22:44:12 | 000,168,448 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2009.10.03 15:09:05 | 000,000,023 | ---- | C] () -- C:\Windows\BlendSettings.ini
[2009.10.03 11:30:42 | 000,000,056 | -H-- | C] () -- C:\Windows\System32\ezsidmv.dat
[2009.09.06 16:20:46 | 002,463,976 | ---- | C] () -- C:\Windows\System32\NPSWF32.dll
[2009.08.27 21:04:44 | 000,557,003 | ---- | C] () -- C:\Windows\System32\libmplayer.dll
[2009.08.27 21:04:32 | 000,811,835 | ---- | C] () -- C:\Windows\System32\ff_x264.dll
[2009.08.27 21:03:52 | 004,456,201 | ---- | C] () -- C:\Windows\System32\libavcodec.dll
[2009.08.25 20:07:36 | 000,328,334 | ---- | C] () -- C:\Windows\System32\ff_kernelDeint.dll
[2009.08.25 19:38:04 | 000,425,040 | ---- | C] () -- C:\Windows\System32\TomsMoComp_ff.dll
[2009.08.25 18:56:56 | 000,829,781 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2009.08.25 18:37:02 | 000,146,098 | ---- | C] () -- C:\Windows\System32\libmpeg2_ff.dll
[2009.08.19 17:01:34 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.08.11 22:21:26 | 000,087,552 | ---- | C] () -- C:\Windows\System32\ac3config.exe
[2009.08.08 18:10:45 | 000,003,584 | ---- | C] () -- C:\Windows\System32\CNCFLeNL.DLL
[2009.08.06 13:15:28 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll
[2009.08.01 14:21:34 | 000,000,287 | ---- | C] () -- C:\Windows\game.ini
[2009.07.31 23:56:58 | 000,000,119 | ---- | C] () -- C:\Windows\disney.ini
[2009.07.31 21:26:22 | 000,139,152 | ---- | C] () -- C:\Users\Flo\AppData\Roaming\PnkBstrK.sys
[2009.07.31 21:26:07 | 000,066,872 | ---- | C] () -- C:\Windows\System32\PnkBstrA.exe
[2009.07.30 23:01:12 | 000,000,063 | ---- | C] () -- C:\Windows\mdm.ini
[2009.07.30 23:01:06 | 000,000,000 | ---- | C] () -- C:\Windows\NSREX.INI
[2009.07.27 16:08:12 | 000,027,503 | ---- | C] () -- C:\Users\Flo\AppData\Roaming\UserTile.png
[2009.07.25 14:42:40 | 000,000,991 | ---- | C] () -- C:\Windows\EFXP.ini
[2009.07.25 14:32:36 | 000,000,877 | ---- | C] () -- C:\Windows\EF.ini
[2009.07.25 14:26:10 | 000,142,337 | ---- | C] () -- C:\Windows\System32\Wait.exe
[2009.07.22 11:14:22 | 001,828,853 | ---- | C] () -- C:\Windows\Counter-Strike Source LAN Edition Uninstaller.exe
[2009.07.21 19:46:45 | 000,000,510 | ---- | C] () -- C:\Windows\ODBC.INI
[2009.07.21 19:46:44 | 000,065,536 | ---- | C] () -- C:\Windows\System32\dmcrypto.dll
[2009.07.21 19:46:44 | 000,000,209 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2009.07.20 20:14:32 | 000,032,256 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll
[2009.07.19 23:03:29 | 000,000,745 | ---- | C] () -- C:\Windows\EF2.INI
[2009.07.19 19:14:42 | 000,006,360 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2009.07.19 14:40:53 | 000,000,121 | ---- | C] () -- C:\Windows\wininit.ini
[2009.07.19 14:09:53 | 000,047,360 | ---- | C] () -- C:\Windows\System32\drivers\Surroundhp_kern_i386.sys
[2009.07.19 14:09:53 | 000,047,104 | ---- | C] () -- C:\Windows\System32\drivers\tshd4_kern_i386.sys
[2009.07.19 14:09:53 | 000,042,112 | ---- | C] () -- C:\Windows\System32\drivers\csiidecoder_kern_i386.sys
[2009.07.19 14:09:53 | 000,039,808 | ---- | C] () -- C:\Windows\System32\drivers\srs_sscfilter_i386.sys
[2009.07.18 21:52:08 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll
[2009.07.14 10:47:43 | 000,699,908 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2009.07.14 10:47:43 | 000,295,922 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2009.07.14 10:47:43 | 000,149,144 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2009.07.14 10:47:43 | 000,038,104 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2009.07.14 06:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 06:33:53 | 004,037,824 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009.07.14 04:05:48 | 000,654,224 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009.07.14 04:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009.07.14 04:05:48 | 000,122,056 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009.07.14 04:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009.07.14 04:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009.07.14 04:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009.07.14 01:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 01:45:33 | 000,083,456 | ---- | C] () -- C:\Windows\System32\drivers\serial.sys
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2009.06.02 19:15:44 | 000,113,152 | ---- | C] () -- C:\Windows\System32\ff_unrar.dll
[2009.06.02 19:15:18 | 000,146,944 | ---- | C] () -- C:\Windows\System32\ff_tremor.dll
[2009.06.02 19:15:04 | 000,183,296 | ---- | C] () -- C:\Windows\System32\ff_samplerate.dll
[2009.06.02 19:14:56 | 000,178,688 | ---- | C] () -- C:\Windows\System32\ff_libmad.dll
[2009.06.02 19:14:30 | 000,486,400 | ---- | C] () -- C:\Windows\System32\ff_libfaad2.dll
[2009.06.02 19:13:58 | 000,257,024 | ---- | C] () -- C:\Windows\System32\ff_libdts.dll
[2009.06.02 19:13:50 | 000,142,848 | ---- | C] () -- C:\Windows\System32\ff_liba52.dll
[2009.06.02 19:11:26 | 000,098,304 | ---- | C] () -- C:\Windows\System32\ff_wmv9.dll
[2009.06.02 19:11:16 | 000,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2009.04.17 15:15:10 | 000,056,880 | ---- | C] () -- C:\Windows\System32\scvideo.dll
[2009.04.02 15:28:23 | 000,000,030 | ---- | C] () -- C:\Windows\System32\drivers\version.dat
[2009.01.11 00:17:32 | 000,163,840 | ---- | C] () -- C:\Windows\System32\ts.dll
[2009.01.11 00:16:56 | 000,148,480 | ---- | C] () -- C:\Windows\System32\mkx.dll
[2009.01.11 00:16:50 | 000,108,032 | ---- | C] () -- C:\Windows\System32\avi.dll
[2009.01.11 00:16:14 | 000,141,312 | ---- | C] () -- C:\Windows\System32\mp4.dll
[2009.01.11 00:16:04 | 000,335,872 | ---- | C] () -- C:\Windows\System32\gdsmux.exe
[2009.01.11 00:15:54 | 000,120,832 | ---- | C] () -- C:\Windows\System32\ogm.dll
[2009.01.11 00:15:44 | 000,159,744 | ---- | C] () -- C:\Windows\System32\mmfinfo.dll
[2009.01.11 00:15:36 | 000,103,424 | ---- | C] () -- C:\Windows\System32\dsmux.exe
[2009.01.11 00:15:32 | 000,102,400 | ---- | C] () -- C:\Windows\System32\avss.dll
[2009.01.11 00:15:28 | 000,246,784 | ---- | C] () -- C:\Windows\System32\dxr.dll
[2009.01.11 00:15:12 | 000,097,280 | ---- | C] () -- C:\Windows\System32\avs.dll
[2009.01.11 00:15:06 | 000,135,168 | ---- | C] () -- C:\Windows\System32\mkv2vfr.exe
[2009.01.11 00:14:08 | 000,079,360 | ---- | C] () -- C:\Windows\System32\mkzlib.dll
[2009.01.11 00:14:06 | 000,023,552 | ---- | C] () -- C:\Windows\System32\mkunicode.dll
[2008.12.04 00:11:50 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2008.11.06 18:37:32 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2007.10.13 11:30:20 | 000,000,137 | ---- | C] () -- C:\Windows\System32\Registration.ini
[2007.06.05 13:20:32 | 000,169,288 | ---- | C] () -- C:\Windows\System32\PSIService.exe
[2004.01.26 18:15:29 | 000,233,472 | R--- | C] () -- C:\Windows\System32\MafiaSetup.exe
[2004.01.26 18:15:29 | 000,233,472 | R--- | C] () -- C:\Users\Flo\AppData\Roaming\MafiaSetup.exe
[2002.09.18 00:45:00 | 000,119,808 | ---- | C] () -- C:\Windows\lsb_un20.exe
[1999.01.22 20:46:58 | 000,065,536 | ---- | C] () -- C:\Windows\System32\MSRTEDIT.DLL
 
========== Custom Scans ==========
 
 
< %SYSTEMDRIVE%\*. >
[2011.09.11 14:21:13 | 000,000,000 | -HSD | M] -- C:\$RECYCLE.BIN
[2011.09.11 15:35:11 | 000,000,000 | --SD | M] -- C:\32788R22FWJFW
[2011.07.31 11:56:21 | 000,000,000 | -HSD | M] -- C:\Boot
[2011.09.11 13:29:47 | 000,000,000 | --SD | M] -- C:\ComboFix
[2010.07.04 15:32:10 | 000,000,000 | ---D | M] -- C:\Counter-Strike Source LAN Edition
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2009.07.18 19:59:17 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2009.08.26 14:38:02 | 000,000,000 | ---D | M] -- C:\download
[2009.10.21 20:03:49 | 000,000,000 | ---D | M] -- C:\Drivers
[2010.06.21 15:30:01 | 000,000,000 | ---D | M] -- C:\found.000
[2011.08.01 23:00:20 | 000,000,000 | ---D | M] -- C:\NVIDIA
[2011.09.11 14:48:23 | 000,000,000 | ---D | M] -- C:\Program Files
[2011.09.11 14:48:23 | 000,000,000 | ---D | M] -- C:\ProgramData
[2009.07.18 19:59:17 | 000,000,000 | -HSD | M] -- C:\Programme
[2011.09.11 12:41:00 | 000,000,000 | ---D | M] -- C:\Qoobox
[2011.07.31 13:05:42 | 000,000,000 | -HSD | M] -- C:\Recovery
[2011.09.11 11:41:19 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2011.07.31 12:31:50 | 000,000,000 | R--D | M] -- C:\Users
[2011.09.11 13:29:44 | 000,000,000 | ---D | M] -- C:\Windows
 
< %PROGRAMFILES%\*.exe >
 
< %LOCALAPPDATA%\*.exe >
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.manifest /3 >
[10 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
 
 
< MD5 for: EXPLORER.EXE  >
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe
 
< MD5 for: REGEDIT.EXE  >
[2009.07.14 03:14:30 | 000,398,336 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\regedit.exe
[2009.07.14 03:14:30 | 000,398,336 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\winsxs\x86_microsoft-windows-registry-editor_31bf3856ad364e35_6.1.7600.16385_none_f4050b883d2c3c08\regedit.exe
 
< MD5 for: USERINIT.EXE  >
[2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\ERDNT\cache\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\System32\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
 
< MD5 for: WININIT.EXE  >
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\System32\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe
 
< MD5 for: WINLOGON.EXE  >
[2009.10.28 08:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009.10.28 07:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2009.07.14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\System32\winlogon.exe
[2009.07.14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
[2008.01.21 04:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\ERDNT\cache\winlogon.exe
 
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
 
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-07-31 16:58:55
 
========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========
[C:\Windows\$NtUninstallKB43603$] ->  -> Unknown point type
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 816 bytes -> C:\Windows\3035044018:1306990667.exe
@Alternate Data Stream - 179 bytes -> C:\ProgramData\Temp:07BF512B
@Alternate Data Stream - 175 bytes -> C:\ProgramData\Temp:B946D9EE

< End of report >