| |  Fehlerhafte Weiterleitung bei Google-Suche
 Hallo.
Ich habe seit ein paar Tagen das Problem, dass ich bei meiner Google suche immer auf falsche Websites weitergeleitet werde. In anderen Foren hab ich mich schon umgeschaut aber noch nichts wirklich gutes gefunden.
Jedoch wird immer dieses OTL Programm genannt.
Ich habe dieses einmal durchlaufen lassen und so sieht der logfile aus.
Ich hoffe ihr könnt mir helfen
Daniel! Zitat:
OTL logfile created on: 02.07.2012 17:13:09 - Run 1
OTL by OldTimer - Version 3.2.53.1 Folder = C:\Users\DanielMMDS\Downloads
Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,87 Gb Total Physical Memory | 1,10 Gb Available Physical Memory | 38,48% Memory free
5,73 Gb Paging File | 3,64 Gb Available in Paging File | 63,48% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 368,01 Gb Total Space | 36,08 Gb Free Space | 9,80% Space Free | Partition Type: NTFS
Drive E: | 97,66 Gb Total Space | 97,55 Gb Free Space | 99,89% Space Free | Partition Type: NTFS
Computer Name: DANIELMMDS-PC | User Name: DanielMMDS | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012.07.02 17:09:25 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\DanielMMDS\Downloads\OTL.exe
PRC - [2012.06.12 13:59:33 | 000,935,480 | ---- | M] () -- C:\Programme\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe
PRC - [2012.06.12 13:59:27 | 001,104,440 | ---- | M] () -- C:\Programme\AVG Secure Search\vprot.exe
PRC - [2012.05.29 21:02:49 | 000,400,344 | ---- | M] (Mozilla Messaging) -- C:\Programme\Mozilla Thunderbird\thunderbird.exe
PRC - [2012.05.29 13:09:52 | 001,528,672 | ---- | M] (TuneUp Software) -- C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe
PRC - [2012.05.29 13:09:52 | 001,220,960 | ---- | M] (TuneUp Software) -- C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe
PRC - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.04.04 15:56:38 | 000,462,408 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012.04.04 07:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.03.19 13:38:46 | 007,357,824 | ---- | M] (TeamViewer GmbH) -- C:\Programme\TeamViewer\Version7\TeamViewer.exe
PRC - [2012.03.19 13:38:46 | 002,666,880 | ---- | M] (TeamViewer GmbH) -- C:\Programme\TeamViewer\Version7\TeamViewer_Service.exe
PRC - [2012.03.19 13:29:38 | 000,106,368 | ---- | M] (TeamViewer GmbH) -- C:\Programme\TeamViewer\Version7\tv_w32.exe
PRC - [2012.03.12 17:18:04 | 000,176,120 | ---- | M] (Nitro PDF Software) -- C:\Programme\Nitro PDF\Reader 2\NitroPDFReaderDriverService2.exe
PRC - [2012.01.31 16:02:52 | 007,391,072 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programme\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
PRC - [2012.01.17 21:03:24 | 002,339,168 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programme\AVG\AVG10\avgtray.exe
PRC - [2011.11.03 20:25:09 | 002,358,656 | ---- | M] (TeamViewer GmbH) -- C:\Programme\TeamViewer\Version6\TeamViewer_Service.exe
PRC - [2011.10.17 14:54:26 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe
PRC - [2011.09.28 02:47:38 | 000,025,824 | ---- | M] (Memeo) -- C:\Programme\Memeo\AutoBackup\MemeoBackgroundService.exe
PRC - [2011.09.12 15:30:42 | 000,349,184 | ---- | M] (Softwareentwicklung Remus - ArchiCrypt) -- C:\Windows\System32\STGRAMDiskHandler32.exe
PRC - [2011.09.09 03:10:56 | 001,082,208 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programme\AVG\AVG10\avgnsx.exe
PRC - [2011.08.18 01:33:26 | 000,659,296 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programme\AVG\AVG10\avgrsx.exe
PRC - [2011.07.16 06:31:12 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2011.05.23 14:13:04 | 000,657,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programme\AVG\AVG10\avgchsvx.exe
PRC - [2011.03.28 21:31:16 | 000,193,920 | ---- | M] (Microsoft Corp.) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
PRC - [2011.03.28 21:31:14 | 001,713,536 | ---- | M] (Microsoft Corp.) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
PRC - [2011.03.28 03:00:52 | 000,351,072 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programme\AVG\AVG10\avgcsrvx.exe
PRC - [2011.03.16 16:05:20 | 001,025,888 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programme\AVG\AVG10\avgemcx.exe
PRC - [2011.03.09 19:24:44 | 002,708,024 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programme\AVG\AVG10\avgfws.exe
PRC - [2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2011.02.10 07:55:18 | 001,148,256 | ---- | M] () -- C:\Programme\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
PRC - [2011.02.08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programme\AVG\AVG10\avgwdsvc.exe
PRC - [2011.02.08 05:32:42 | 000,750,432 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programme\AVG\AVG10\avgam.exe
PRC - [2010.06.21 13:53:44 | 000,436,264 | ---- | M] (Wistron Corp.) -- C:\Programme\Launch Manager\WButton.exe
PRC - [2009.12.14 11:25:00 | 000,200,704 | ---- | M] (Wistron) -- C:\Programme\Launch Manager\HotkeyApp.exe
PRC - [2009.10.22 17:05:40 | 000,118,560 | ---- | M] (Wistron Corp.) -- C:\Programme\Launch Manager\WisLMSvc.exe
PRC - [2009.07.14 03:14:47 | 001,121,280 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2009.07.14 03:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009.07.14 03:14:38 | 001,173,504 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Sidebar\sidebar.exe
PRC - [2009.03.30 03:25:26 | 043,010,392 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
PRC - [2008.07.10 02:49:44 | 000,098,840 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe
PRC - [2007.12.27 16:39:30 | 000,166,520 | ---- | M] () -- C:\Programme\IVT Corporation\BlueSoleil\BTNtService.exe
PRC - [2007.12.27 16:39:20 | 000,051,816 | ---- | M] () -- C:\Programme\IVT Corporation\BlueSoleil\StartSkysolSvc.exe
========== Modules (No Company Name) ==========
MOD - [2012.06.24 15:47:00 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\5858678a79aae31262b0214424245d06\mscorlib.ni.dll
MOD - [2012.06.12 13:59:35 | 000,132,664 | ---- | M] () -- C:\Programme\Common Files\AVG Secure Search\SiteSafetyInstaller\11.1.0\SiteSafety.dll
MOD - [2012.06.12 13:59:27 | 001,104,440 | ---- | M] () -- C:\Programme\AVG Secure Search\vprot.exe
MOD - [2012.05.29 21:03:03 | 001,952,728 | ---- | M] () -- C:\Programme\Mozilla Thunderbird\mozjs.dll
MOD - [2012.05.29 21:03:02 | 000,162,776 | ---- | M] () -- C:\Programme\Mozilla Thunderbird\nsldap32v60.dll
MOD - [2012.05.29 21:03:02 | 000,021,976 | ---- | M] () -- C:\Programme\Mozilla Thunderbird\nsldappr32v60.dll
MOD - [2012.05.04 20:19:29 | 008,797,856 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_2_202_235.dll
MOD - [2012.04.21 16:47:52 | 000,008,704 | ---- | M] () -- C:\Users\DanielMMDS\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V3.5.gadget\GetCoreTempInfoNET.dll
MOD - [2012.04.21 16:47:52 | 000,007,680 | ---- | M] () -- C:\Users\DanielMMDS\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V3.5.gadget\SystemInfo.dll
MOD - [2012.04.21 16:47:52 | 000,006,144 | ---- | M] () -- C:\Users\DanielMMDS\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V3.5.gadget\CoreTempReader.dll
MOD - [2011.10.17 14:54:26 | 001,833,944 | ---- | M] () -- C:\Programme\Mozilla Firefox\mozjs.dll
MOD - [2011.08.28 23:19:12 | 000,093,696 | ---- | M] () -- C:\Programme\FileZilla FTP Client\fzshellext.dll
MOD - [2011.03.17 01:11:16 | 004,297,568 | ---- | M] () -- C:\Programme\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2011.02.10 07:55:18 | 001,148,256 | ---- | M] () -- C:\Programme\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
MOD - [2009.07.14 10:47:12 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2009.07.14 03:15:51 | 000,232,448 | ---- | M] () -- \\?\globalroot\systemroot\system32\mswsock.DLL
MOD - [2009.07.14 03:15:51 | 000,232,448 | ---- | M] () -- \\.\globalroot\systemroot\system32\mswsock.dll
========== Win32 Services (SafeList) ==========
SRV - [2012.06.12 13:59:33 | 000,935,480 | ---- | M] () [Auto | Running] -- C:\Programme\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe -- (vToolbarUpdater11.1.0)
SRV - [2012.05.29 13:09:52 | 001,528,672 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2012.05.29 13:09:50 | 000,029,024 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp)
SRV - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.04.04 07:53:50 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.03.19 13:38:46 | 002,666,880 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Programme\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2012.03.12 17:18:04 | 000,176,120 | ---- | M] (Nitro PDF Software) [Auto | Running] -- C:\Programme\Nitro PDF\Reader 2\NitroPDFReaderDriverService2.exe -- (NitroReaderDriverReadSpool2)
SRV - [2012.02.29 08:50:48 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.01.31 16:02:52 | 007,391,072 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Programme\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011.11.10 15:17:31 | 000,167,264 | ---- | M] () [On_Demand | Stopped] -- C:\Programme\AVG\AVG10\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2011.11.03 20:25:09 | 002,358,656 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Programme\TeamViewer\Version6\TeamViewer_Service.exe -- (TeamViewer6)
SRV - [2011.09.28 02:47:38 | 000,025,824 | ---- | M] (Memeo) [Auto | Running] -- C:\Programme\Memeo\AutoBackup\MemeoBackgroundService.exe -- (MemeoBackgroundService)
SRV - [2011.09.12 15:30:42 | 000,349,184 | ---- | M] (Softwareentwicklung Remus - ArchiCrypt) [Auto | Running] -- C:\Windows\System32\STGRAMDiskHandler32.exe -- (Steganos Volatile Disk)
SRV - [2011.06.12 12:15:00 | 031,125,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2011.03.28 21:31:14 | 001,713,536 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2011.03.21 17:05:02 | 000,745,472 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\System32\GSService.exe -- (GSService)
SRV - [2011.03.21 15:00:34 | 000,243,712 | ---- | M] (SMServer) [On_Demand | Stopped] -- C:\Windows\System32\snmvtsvc.exe -- (SMServer)
SRV - [2011.03.09 19:24:44 | 002,708,024 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Programme\AVG\AVG10\avgfws.exe -- (avgfws)
SRV - [2011.02.08 05:33:42 | 000,269,520 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Programme\AVG\AVG10\avgwdsvc.exe -- (avgwd)
SRV - [2010.01.09 21:37:50 | 004,640,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2010.01.09 21:18:00 | 000,149,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose)
SRV - [2009.10.22 17:05:40 | 000,118,560 | ---- | M] (Wistron Corp.) [On_Demand | Running] -- C:\Programme\Launch Manager\WisLMSvc.exe -- (WisLMSvc)
SRV - [2009.07.21 04:04:00 | 000,047,128 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Microsoft SQL Server\100\Shared\sqladhlp.exe -- (MSSQLServerADHelper100)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:14:47 | 001,121,280 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2009.03.30 03:25:26 | 043,010,392 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe -- (MSSQL$SQLEXPRESS) SQL Server (SQLEXPRESS)
SRV - [2009.03.30 03:23:32 | 000,254,808 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Microsoft SQL Server\90\Shared\sqlbrowser.exe -- (SQLBrowser)
SRV - [2009.03.30 03:23:24 | 000,366,936 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE -- (SQLAgent$SQLEXPRESS) SQL Server-Agent (SQLEXPRESS)
SRV - [2008.07.10 02:49:44 | 000,098,840 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter)
SRV - [2007.12.27 16:39:30 | 000,166,520 | ---- | M] () [Auto | Running] -- C:\Programme\IVT Corporation\BlueSoleil\BTNtService.exe -- (BlueSoleil Hid Service)
SRV - [2007.12.27 16:39:20 | 000,051,816 | ---- | M] () [Auto | Running] -- C:\Programme\IVT Corporation\BlueSoleil\StartSkysolSvc.exe -- (Start BT in service)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\vmnetadapter.sys -- (VMnetAdapter)
DRV - File not found [Kernel | Boot | Stopped] -- system32\DRIVERS\vmci.sys -- (vmci)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\motusbdevice.sys -- (motusbdevice)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\Motousbnet.sys -- (Motousbnet)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\motswch.sys -- (MotoSwitchService)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\motmodem.sys -- (motmodem)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\motccgpfl.sys -- (motccgpfl)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\motccgp.sys -- (motccgp)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\motoandroid.sys -- (motandroidusb)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\motfilt.sys -- (BTCFilterService)
DRV - [2012.04.04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011.12.09 15:35:58 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WsAudio_DeviceS(5).sys -- (WsAudio_DeviceS(5)) WsAudio_DeviceS(5)
DRV - [2011.12.09 15:35:58 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WsAudio_DeviceS(4).sys -- (WsAudio_DeviceS(4)) WsAudio_DeviceS(4)
DRV - [2011.12.09 15:35:58 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WsAudio_DeviceS(3).sys -- (WsAudio_DeviceS(3)) WsAudio_DeviceS(3)
DRV - [2011.12.09 15:35:58 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WsAudio_DeviceS(2).sys -- (WsAudio_DeviceS(2)) WsAudio_DeviceS(2)
DRV - [2011.12.09 15:35:58 | 000,025,704 | ---- | M] (Wondershare) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WsAudio_DeviceS(1).sys -- (WsAudio_DeviceS(1)) WsAudio_DeviceS(1)
DRV - [2011.12.03 22:03:19 | 000,239,168 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2011.09.22 18:10:46 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2011.09.12 15:30:42 | 000,016,384 | ---- | M] (Softwareentwicklung Remus - ArchiCrypt.com) [Driver] [Kernel | System | Running] -- C:\Windows\System32\drivers\STGMFEngine32.sys -- (STGMFEngine32)
DRV - [2011.09.12 15:28:52 | 000,094,560 | ---- | M] (Softwareentwicklung Remus - ArchiCrypt - ) [Driver] [Kernel | System | Running] -- C:\Windows\System32\drivers\SleeN17.sys -- (SLEE_17_DRIVER)
DRV - [2011.09.09 12:10:19 | 000,037,920 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tbhsd.sys -- (tbhsd)
DRV - [2011.07.26 19:49:12 | 000,032,768 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\taphss.sys -- (taphss)
DRV - [2011.05.27 19:05:32 | 000,134,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2011.04.14 05:47:40 | 000,027,760 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\clwvd.sys -- (clwvd)
DRV - [2011.04.05 00:59:56 | 000,297,168 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2011.03.22 02:25:30 | 000,023,608 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\DrmRAudio.sys -- (DrmRAudio)
DRV - [2011.03.16 16:03:20 | 000,032,592 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2011.03.01 14:25:18 | 000,034,896 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011.02.22 08:12:50 | 000,022,992 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\AVGIDSEH.sys -- (AVGIDSEH)
DRV - [2011.02.10 07:53:42 | 000,021,968 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2011.02.10 07:53:40 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2011.01.07 06:41:46 | 000,248,656 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2010.12.23 18:25:50 | 000,082,304 | ---- | M] (Fengtao Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\dvdfab.sys -- (dvdfab)
DRV - [2010.07.12 04:34:02 | 000,054,112 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgfwd6x.sys -- (Avgfwfd)
DRV - [2010.06.29 23:16:39 | 000,067,624 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1C62x86.sys -- (L1C)
DRV - [2010.06.29 23:15:56 | 000,232,960 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcDAud.sys -- (IntcDAud) Intel(R)
DRV - [2010.06.29 23:15:56 | 000,132,480 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Impcd.sys -- (Impcd)
DRV - [2010.04.01 11:13:38 | 001,009,184 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rtl8192se.sys -- (rtl8192se)
DRV - [2009.09.17 20:54:14 | 000,041,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HECI.sys -- (HECI) Intel(R)
DRV - [2009.07.14 01:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009.07.14 01:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009.03.30 03:09:28 | 000,239,336 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\System32\drivers\RsFx0103.sys -- (RsFx0103)
DRV - [2008.06.24 07:17:12 | 000,018,688 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\elanusb.sys -- (ELANUSB)
DRV - [2008.01.19 00:43:20 | 000,131,000 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\WimFltr.sys -- (WimFltr)
DRV - [2007.06.24 22:56:54 | 000,038,920 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\btcusb.sys -- (Btcsrusb)
DRV - [2007.06.24 22:56:40 | 000,027,656 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\BlueletSCOAudio.sys -- (BlueletSCOAudio)
DRV - [2007.06.24 22:56:34 | 000,034,312 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\blueletaudio.sys -- (BlueletAudio)
DRV - [2007.03.05 21:59:04 | 000,018,320 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btnetdrv.sys -- (BT)
DRV - [2007.03.05 21:56:18 | 000,035,600 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\BtHidMgr.sys -- (BTHidMgr)
DRV - [2007.03.05 21:55:12 | 000,020,880 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\VBTEnum.sys -- (BTHidEnum)
DRV - [2007.03.05 21:53:18 | 000,044,304 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VCommMgr.sys -- (VcommMgr)
DRV - [2007.03.05 21:52:18 | 000,034,448 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VComm.sys -- (VComm)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://home.sweetim.com
IE - HKLM\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://eu.ask.com/web?l=dis&o=APN10147&gct=hp&apn_dtid=^YYYYYY^YY^DE&apn_ptnrs=^A6E&apn_uid=1298325290214134&p2=^A6E^YYYYYY^YY^DE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = FE 7A F3 4D 96 77 CC 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Restore = hxxp://search.babylon.com/?babsrc=HP_ss&affID=101434&mntrId=c0103e9d00000000000000ff70628eaa
IE - HKCU\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKCU\..\SearchScopes\{0388404D-6072-4CEB-B521-8F090FEAEE57}: "URL" = hxxp://klit.startnow.com/s/?q={searchTerms}&src=defsearch&provider=&provider_name=yahoo&provider_code=&partner_id=693&product_id=741&affiliate_id=&channel=&toolbar_id=200&toolba r_version=2.4.0&install_country=DE&install_date=20111118&user_guid=E24917FE180E4E9185C9933FA49FAF40&machine_id=b014063d136f8bf2f8b61bd151e01fd3&browse r=IE&os=win&os_version=6.1-x86-SP0&iesrc={referrer:source}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/web/{searchTerms}?babsrc=SP_ss&affID=101434&mntrId=c0103e9d00000000000000ff70628eaa
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = hxxp://isearch.avg.com/search?cid={25DB4C52-7BCB-444B-B84B-E9C1B57C2E45}&mid=5a0f9d26d73647d18fdbd16f6b24389a-c0f8dcb83d1e44d08bb0347bf116a70edaa951e7&lang=de&ds=AVG&pr=pa&d=2011-12-01 14:57:50&v=11.1.0.7&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{B9C7CE32-DA91-43C2-B7E9-0E9AAFC675CD}: "URL" = hxxp://eu.ask.com/web?l=dis&o=APN10147&gct=sb&qsrc=2869&apn_dtid=^YYYYYY^YY^DE&apn_ptnrs=^A6E&apn_uid=1298325290214134&p2=^A6E^YYYYYY^YY^DE&q={searchTerms}
IE - HKCU\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = localhost; 127.0.0.1; <local>
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 97.81.243.20:8080
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.selectedEngine: "AVG Secure Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://eu.ask.com/web?l=dis&o=APN10147&gct=hp&apn_dtid=^YYYYYY^YY^DE&apn_ptnrs=^A6E&apn_uid=1298325290214134&p2=^A6E^YYYYYY^YY^DE"
FF - prefs.js..keyword.URL: "hxxp://isearch.avg.com/search?cid=%7B5704bb56-9bec-43ec-8e18-6cf00f70e841%7D&mid=5a0f9d26d73647d18fdbd16f6b24389a-c0f8dcb83d1e44d08bb0347bf116a70edaa951e7&ds=AVG&v=11.1.0.7&lang=de&pr=pa&d=2011-12-01%2014%3A57%3A50&sap=ku&q="
FF - prefs.js..network.proxy.type: 0
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\11.1.0\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pages.tvunetworks.com/WebPlayer: C:\Windows\system32\TVUAx\npTVUAx.dll (TVU networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\DanielMMDS\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\DanielMMDS\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\DanielMMDS\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Users\DanielMMDS\AppData\Local\Facebook\Messenger\2.1.4554.0\npFbDesktopPlugin.dll (Facebook, Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG10\Firefox4\ [2012.02.02 19:54:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{09F060FA-566D-42D7-BF79-97AB30863433}: C:\Program Files\Steganos Privacy Suite 12\pfplugin [2011.11.13 17:36:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{00F0643E-B367-4779-B45D-7046EBA37A88}: C:\Program Files\Steganos Privacy Suite 12\spmplugin3 [2011.11.13 17:36:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\11.1.0.7\ [2012.06.12 14:00:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.10.17 17:00:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 12.0.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.05.29 21:03:06 | 000,000,000 | ---D | M]
[2011.09.17 15:02:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\DanielMMDS\AppData\Roaming\mozilla\Extensions
[2012.06.05 18:13:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\DanielMMDS\AppData\Roaming\mozilla\Firefox\Profiles\dnz35c5n.default\extensions
[2012.04.16 14:04:12 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\DanielMMDS\AppData\Roaming\mozilla\Firefox\Profiles\dnz35c5n.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012.05.10 19:19:42 | 000,000,000 | ---D | M] (aTube Toolbar) -- C:\Users\DanielMMDS\AppData\Roaming\mozilla\Firefox\Profiles\dnz35c5n.default\extensions\{bfc39e47-d643-4dc2-aa1d-61377501c844}
[2011.10.02 19:03:14 | 000,000,000 | ---D | M] (Babylon) -- C:\Users\DanielMMDS\AppData\Roaming\mozilla\Firefox\Profiles\dnz35c5n.default\extensions\ffxtlbr@babylon.com
[2012.06.05 18:13:14 | 000,000,000 | ---D | M] (TVU Web Player) -- C:\Users\DanielMMDS\AppData\Roaming\mozilla\Firefox\Profiles\dnz35c5n.default\extensions\firefox@tvunetworks.com
[2011.12.22 21:21:16 | 000,000,000 | ---D | M] ("GreenWebPlayer") -- C:\Users\DanielMMDS\AppData\Roaming\mozilla\Firefox\Profiles\dnz35c5n.default\extensions\greenwebplayer@greentube.com
[2012.06.02 08:02:10 | 000,000,000 | ---D | M] ("KMPlayer Toolbar") -- C:\Users\DanielMMDS\AppData\Roaming\mozilla\Firefox\Profiles\dnz35c5n.default\extensions\toolbar@ask.com
[2011.10.03 19:13:10 | 000,003,915 | ---- | M] () -- C:\Users\DanielMMDS\AppData\Roaming\Mozilla\Firefox\Profiles\dnz35c5n.default\searchplugins\sweetim.xml
[2011.10.31 09:46:13 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.05.04 13:27:34 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2011.10.16 17:47:45 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011.10.14 21:20:33 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}
[2012.02.02 19:54:51 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAM FILES\AVG\AVG10\FIREFOX4
[2012.05.04 13:27:34 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2011.11.13 17:36:52 | 000,000,000 | ---D | M] (Steganos Private Favorites) -- C:\PROGRAM FILES\STEGANOS PRIVACY SUITE 12\PFPLUGIN
[2011.11.13 17:36:59 | 000,000,000 | ---D | M] (Steganos Password Manager) -- C:\PROGRAM FILES\STEGANOS PRIVACY SUITE 12\SPMPLUGIN3
[2012.06.12 14:00:18 | 000,000,000 | ---D | M] (AVG Security Toolbar) -- C:\PROGRAMDATA\AVG SECURE SEARCH\11.1.0.7
[2012.01.06 17:36:27 | 000,634,964 | ---- | M] () (No name found) -- C:\USERS\DANIELMMDS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DNZ35C5N.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2011.10.17 14:54:27 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.10.17 14:54:24 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.05.10 19:19:49 | 000,002,274 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\ask.xml
[2012.06.27 19:46:22 | 000,003,766 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
[2011.10.24 14:50:03 | 000,002,288 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2011.10.17 14:54:24 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011.10.17 14:54:24 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2011.10.17 14:54:24 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.10.17 14:54:24 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.10.17 14:54:24 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google riginalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie= {inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\DanielMMDS\AppData\Local\Google\Chrome\Application\20.0.1132.47\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\DanielMMDS\AppData\Local\Google\Chrome\Application\20.0.1132.47\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\DanielMMDS\AppData\Local\Google\Chrome\Application\20.0.1132.47\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\DanielMMDS\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: AVG Internet Security (Enabled) = C:\Users\DanielMMDS\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\plugins/avgnpss.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.230.5 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U23 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: PDF-XChange Viewer (Enabled) = C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Facebook Desktop (Enabled) = C:\Users\DanielMMDS\AppData\Local\Facebook\Messenger\2.0.4478.0\npFbDesktopPlugin.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll
CHR - Extension: YouTube = C:\Users\DanielMMDS\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Proxy Switchy! = C:\Users\DanielMMDS\AppData\Local\Google\Chrome\User Data\Default\Extensions\caehdcpeofiiigpdhbabniblemipncjj\1.6.3_0\
CHR - Extension: Adblock Plus (Beta) = C:\Users\DanielMMDS\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\
CHR - Extension: Hide My Ass! Web Proxy = C:\Users\DanielMMDS\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmgnmcnlncejehjlnhaglpnoolgbflbd\1.2.5_0\
CHR - Extension: Google-Suche = C:\Users\DanielMMDS\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Virtual Pilot 3D\u2122 = C:\Users\DanielMMDS\AppData\Local\Google\Chrome\User Data\Default\Extensions\ebbilibbcijcojpiedfnaoncnonlakcn\2.0_0\
CHR - Extension: Pixlr-o-matic = C:\Users\DanielMMDS\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehcibdjmpjlekgjhepbfmenfppliikcj\1.2_0\
CHR - Extension: iSpy = C:\Users\DanielMMDS\AppData\Local\Google\Chrome\User Data\Default\Extensions\femmmlfhhicnjkjclkknefimmhieomcf\2.2_0\
CHR - Extension: Full Screen Weather = C:\Users\DanielMMDS\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkkaebihfmbofclegkcfkkemepfehibg\1.3_0\
CHR - Extension: What's the font? = C:\Users\DanielMMDS\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipooogmmnpmfmhbhlahhjkjiiamjllal\0.1.4_0\
CHR - Extension: AVG Safe Search = C:\Users\DanielMMDS\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\10.0.0.1409_0\
CHR - Extension: IP-Adresse = C:\Users\DanielMMDS\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpnjjlbngpejmmhgcaagljaomgnginml\7.0_0\
CHR - Extension: Autodesk Homestyler = C:\Users\DanielMMDS\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdmmkfaghgcicheaimnpffeeekheafkb\2.2_0\
CHR - Extension: TV for Google Chrome\u2122 = C:\Users\DanielMMDS\AppData\Local\Google\Chrome\User Data\Default\Extensions\licccgnfdlgmmmgaddmbcepikfadcmpe\1.7.0_0\
CHR - Extension: AudioSauna = C:\Users\DanielMMDS\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkgfemnodkdnenmfkblebnkjpckkjcae\0.402_0\
CHR - Extension: Google Maps = C:\Users\DanielMMDS\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh\5.2.4_0\
CHR - Extension: USA Live TV = C:\Users\DanielMMDS\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmmeaepdaebmaapbobonajamkacmecif\1.0.2_0\
CHR - Extension: CCTV View = C:\Users\DanielMMDS\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajmcmcpiboagipoflploplebgicaadj\1.0.9.3_0\
CHR - Extension: QR Code Maker and URL Shortner = C:\Users\DanielMMDS\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohhbomnbakaahalcclnhgkdncibanmgd\3_0\
CHR - Extension: Google Mail = C:\Users\DanielMMDS\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2012.04.06 10:55:17 | 000,000,864 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 validation.sls.microsoft.com
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Programme\BabylonToolbar\BabylonToolbar\1.4.35.10\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Programme\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Programme\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll ()
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (KMPlayer Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Programme\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Programme\BabylonToolbar\BabylonToolbar\1.4.35.10\BabylonToolbarTlbr.dll (Babylon Ltd.)
O3 - HKLM\..\Toolbar: (Steganos Password Manager Toolbar) - {9C65D12D-CF9D-454D-8049-61965D8C6FFF} - C:\Programme\Steganos Privacy Suite 12\SPMIEToolbar.dll (Steganos Software GmbH)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3 - HKLM\..\Toolbar: (KMPlayer Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Programme\AVG\AVG10\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [HotkeyApp] C:\Program Files\Launch Manager\HotkeyApp.exe (Wistron)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Wbutton] C:\Program Files\Launch Manager\Wbutton.exe (Wistron Corp.)
O4 - HKLM..\RunOnce: [AvgUninstallURL] C:\Windows\System32\cmd.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: Steganos Password Manager - {024538B9-3F39-49FF-9503-975F743210FA} - C:\Programme\Steganos Privacy Suite 12\SPMIEToolbar.dll (Steganos Software GmbH)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000027 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000028 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000029 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000030 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000031 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000032 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000033 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000034 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000035 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000036 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000037 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000038 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000039 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000040 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000041 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000042 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000043 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000044 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000045 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000046 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000047 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000048 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000049 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000050 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000051 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000052 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000053 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000054 - %SystemRoot%\system32\wshbth.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000055 - %SystemRoot%\system32\wshbth.dll File not found
O13 - gopher Prefix: missing
O16 - DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} hxxp://kitchenplanner.ikea.com/DE/Core/Player/2020PlayerAX_IKEA_Win32.cab (20-20 3D Viewer for IKEA)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 10.4.1)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 10.4.1)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{86F1524D-6576-4F55-8D14-BF1467C2FF5C}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DECC0790-3239-4EAE-8D4D-13257D74A9ED}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E14D6BB6-5FBC-4FE5-99B3-D6FD95F3793E}: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Programme\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Axonic\click.to\skype4com.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Programme\Common Files\AVG Secure Search\ViProtocolInstaller\11.1.0\ViProtocol.dll ()
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Programme\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (c:\windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{5ce68dcc-021e-11e1-a582-005056c00008}\Shell - "" = AutoRun
O33 - MountPoints2\{5ce68dcc-021e-11e1-a582-005056c00008}\Shell\AutoRun\command - "" = F:\setup.exe -a
O33 - MountPoints2\{8d7e73a0-2e3b-11e1-a4ed-005056c00008}\Shell - "" = AutoRun
O33 - MountPoints2\{8d7e73a0-2e3b-11e1-a4ed-005056c00008}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O33 - MountPoints2\{ea2507c3-1d7a-11e1-a035-005056c00008}\Shell - "" = AutoRun
O33 - MountPoints2\{ea2507c3-1d7a-11e1-a035-005056c00008}\Shell\AutoRun\command - "" = H:\Autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2012.06.30 13:04:47 | 000,000,000 | ---D | C] -- C:\Users\DanielMMDS\AppData\Local\{CD2EA42D-4F92-4899-A5FA-93B94C755590}
[2012.06.30 13:04:30 | 000,000,000 | ---D | C] -- C:\Users\DanielMMDS\AppData\Local\{BF44975F-A948-48A0-B094-A2422FC31FAA}
[2012.06.28 14:37:58 | 000,000,000 | ---D | C] -- C:\Users\DanielMMDS\AppData\Roaming\Malwarebytes
[2012.06.28 14:37:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.06.28 14:37:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.06.28 14:37:21 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.06.28 14:37:21 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.06.28 14:13:35 | 000,000,000 | -HSD | C] -- C:\Windows\System32\%APPDATA%
[2012.06.28 13:40:10 | 000,000,000 | ---D | C] -- C:\Users\DanielMMDS\AppData\Local\{61F6E0BE-6CEF-4378-AA86-2B511C44AE02}
[2012.06.28 13:39:53 | 000,000,000 | ---D | C] -- C:\Users\DanielMMDS\AppData\Local\{552CDA9E-244E-40B1-B18B-0F344FB8B7C6}
[2012.06.27 19:45:32 | 000,000,000 | ---D | C] -- C:\Users\DanielMMDS\Documents\Emicsoft Studio
[2012.06.27 19:32:22 | 000,000,000 | ---D | C] -- C:\Users\DanielMMDS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
[2012.06.27 19:32:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
[2012.06.27 19:32:19 | 000,000,000 | ---D | C] -- C:\Users\DanielMMDS\AppData\Roaming\Notepad++
[2012.06.27 19:32:19 | 000,000,000 | ---D | C] -- C:\Program Files\Notepad++
[2012.06.27 16:30:16 | 000,000,000 | ---D | C] -- C:\Users\DanielMMDS\Documents\Leawo
[2012.06.27 16:30:16 | 000,000,000 | ---D | C] -- C:\Users\DanielMMDS\AppData\Roaming\Leawo
[2012.06.27 16:29:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Leawo
[2012.06.27 16:28:53 | 000,000,000 | ---D | C] -- C:\Program Files\Leawo
[2012.06.27 16:20:58 | 000,000,000 | ---D | C] -- C:\Users\DanielMMDS\Documents\Aiseesoft Studio
[2012.06.27 16:12:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2012.06.27 16:12:44 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip
[2012.06.27 14:17:51 | 000,000,000 | ---D | C] -- C:\Users\DanielMMDS\AppData\Local\{A5643DD6-3321-4806-A6C5-F807AAA3FD31}
[2012.06.27 14:17:30 | 000,000,000 | ---D | C] -- C:\Users\DanielMMDS\AppData\Local\{4AC7D947-738C-40C4-9111-EAAA784DF194}
[2012.06.24 20:48:30 | 000,000,000 | ---D | C] -- C:\Users\DanielMMDS\Documents\gegl-0.0
[2012.06.24 19:44:53 | 000,000,000 | ---D | C] -- C:\Users\DanielMMDS\Apps
[2012.06.24 16:31:18 | 000,021,344 | ---- | C] (TuneUp Software) -- C:\Windows\System32\authuitu.dll
[2012.06.24 16:31:10 | 000,029,024 | ---- | C] (TuneUp Software) -- C:\Windows\System32\uxtuneup.dll
[2012.06.24 10:09:19 | 000,000,000 | ---D | C] -- C:\Users\DanielMMDS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Facebook
[2012.06.22 22:18:13 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012.06.22 22:18:10 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012.06.22 22:18:10 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012.06.22 22:18:09 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012.06.22 22:18:08 | 001,800,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012.06.22 22:18:08 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012.06.22 22:18:07 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012.06.22 21:48:49 | 003,902,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2012.06.22 21:48:48 | 003,958,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2012.06.22 21:45:50 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcorekmts.dll
[2012.06.22 21:45:50 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpwsx.dll
[2012.06.22 21:45:50 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdrmemptylst.exe
[2012.06.22 21:45:32 | 000,826,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcore.dll
[2012.06.22 21:42:39 | 001,074,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2012.06.22 21:42:39 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2012.06.22 21:42:38 | 001,170,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2012.06.22 21:42:38 | 000,739,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2012.06.22 21:42:38 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2012.06.22 21:42:36 | 002,342,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012.06.21 16:25:25 | 000,000,000 | ---D | C] -- C:\Users\DanielMMDS\AppData\Local\{2488B7A0-AD39-400A-BB77-0C6D9935E5A8}
[2012.06.20 15:28:10 | 000,000,000 | ---D | C] -- C:\Users\DanielMMDS\AppData\Local\{6A7F4A15-1617-4099-A902-CBDAF41DB9CC}
[2012.06.20 15:27:46 | 000,000,000 | ---D | C] -- C:\Users\DanielMMDS\AppData\Local\{44E03FDE-C5AF-44D0-BFD9-28162E59E1EF}
[2012.06.20 15:10:21 | 000,000,000 | ---D | C] -- C:\Users\DanielMMDS\Documents\Schule
[2012.06.19 14:04:31 | 002,422,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2012.06.19 14:04:31 | 000,045,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2012.06.19 14:04:09 | 000,577,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2012.06.19 14:04:09 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2012.06.19 14:04:09 | 000,035,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2012.06.19 14:03:34 | 000,171,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll
[2012.06.19 14:03:34 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe
[2012.06.18 14:35:13 | 000,000,000 | ---D | C] -- C:\Users\DanielMMDS\Documents\Avatar
[2012.06.17 19:32:00 | 000,000,000 | ---D | C] -- C:\Users\DanielMMDS\Documents\YouTube
[2012.06.17 19:24:44 | 000,000,000 | ---D | C] -- C:\Users\DanielMMDS\AppData\Local\{75300645-689B-4D27-92B6-F0AF4B9024C0}
[2012.06.16 14:35:48 | 000,000,000 | ---D | C] -- C:\Users\DanielMMDS\AppData\Local\{92479343-9C65-4921-A983-947E34353FF6}
[2012.06.15 16:32:10 | 000,000,000 | ---D | C] -- C:\Users\DanielMMDS\AppData\Local\{6D2CFFAE-C703-4EC1-8324-15D88A91D97B}
[2012.06.14 19:47:36 | 000,000,000 | ---D | C] -- C:\Users\DanielMMDS\AppData\Local\{D5482109-E2D1-41EF-A169-5F225A1967F3}
[2012.06.14 19:47:21 | 000,000,000 | ---D | C] -- C:\Users\DanielMMDS\AppData\Local\{09FBAEDF-5599-4E35-A210-477A3FD9AA7C}
[2012.06.14 19:47:02 | 000,000,000 | ---D | C] -- C:\Users\DanielMMDS\AppData\Local\AVG Secure Search
[2012.06.10 10:39:03 | 000,000,000 | ---D | C] -- C:\Users\DanielMMDS\AppData\Local\{7186F4D1-1A46-48C5-A8C9-465C5B234B2B}
[2012.06.10 10:38:45 | 000,000,000 | ---D | C] -- C:\Users\DanielMMDS\AppData\Local\{A263B126-9640-4747-A55F-26C3F0DA4F5E}
[2012.06.09 07:03:22 | 000,000,000 | ---D | C] -- C:\Users\DanielMMDS\AppData\Local\{0864F331-269B-4474-A867-057291BFA40E}
[2012.06.08 19:11:12 | 000,000,000 | ---D | C] -- C:\Users\DanielMMDS\AppData\Local\{D13F2D23-7602-4882-9090-0B74FA80CCD9}
[2012.06.08 19:10:21 | 000,000,000 | ---D | C] -- C:\Users\DanielMMDS\AppData\Local\{6CC2D591-52ED-4F1C-9B5B-3F800393BDC7}
[2012.06.07 13:16:33 | 000,000,000 | ---D | C] -- C:\Users\DanielMMDS\AppData\Local\{41220427-3148-4FEB-BAE3-55B93668B5BF}
[2012.06.07 13:16:20 | 000,000,000 | ---D | C] -- C:\Users\DanielMMDS\AppData\Local\{3218C542-E721-4153-80AC-A118C3ACBB61}
[2012.06.05 18:19:01 | 000,000,000 | ---D | C] -- C:\Users\DanielMMDS\AppData\Local\TVU Networks
[2012.06.05 18:19:01 | 000,000,000 | ---D | C] -- C:\ProgramData\TVU Networks
[2012.06.05 18:13:07 | 000,000,000 | ---D | C] -- C:\Windows\System32\TVUAx
[2012.06.04 21:57:13 | 000,000,000 | ---D | C] -- C:\Users\DanielMMDS\AppData\Local\{EC861F6B-FA88-40A4-9701-214DC79F7C38}
[2012.04.01 12:20:46 | 000,186,368 | ---- | C] (Martin Klinzmann) -- C:\Users\DanielMMDS\LicenseCrawler.exe
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012.07.02 17:12:00 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.07.02 16:54:01 | 000,001,140 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2495466061-3780898987-2372799656-1000UA.job
[2012.07.02 16:54:01 | 000,001,088 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2495466061-3780898987-2372799656-1000Core.job
[2012.07.02 16:35:59 | 000,000,948 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2495466061-3780898987-2372799656-1000UA.job
[2012.07.02 16:35:39 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.07.02 14:03:01 | 000,009,888 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.07.02 14:03:00 | 000,009,888 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.07.02 13:59:15 | 100,932,387 | ---- | M] () -- C:\Windows\System32\drivers\AVG\incavi.avm
[2012.07.02 13:55:30 | 000,001,102 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.07.02 13:55:06 | 2307,862,528 | -HS- | M] () -- C:\hiberfil.sys
[2012.07.01 20:38:12 | 000,471,794 | ---- | M] () -- C:\Windows\System32\drivers\AVG\iavichjg.avm
[2012.07.01 18:07:00 | 000,000,926 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2495466061-3780898987-2372799656-1000Core.job
[2012.06.29 14:34:25 | 000,028,160 | ---- | M] () -- C:\Users\DanielMMDS\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.06.28 20:39:59 | 000,763,042 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.06.28 20:39:59 | 000,718,320 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.06.28 20:39:59 | 000,173,396 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.06.28 20:39:59 | 000,146,342 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.06.28 14:37:26 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.06.28 13:37:09 | 280,917,650 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012.06.27 19:30:32 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012.06.27 19:30:32 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012.06.27 16:29:05 | 000,001,076 | ---- | M] () -- C:\Users\Public\Desktop\Leawo Video Converter.lnk
[2012.06.25 20:10:06 | 000,076,458 | ---- | M] () -- C:\Users\DanielMMDS\Desktop\182748_470793732946401_179660712_n.jpg
[2012.06.24 20:55:14 | 000,002,288 | ---- | M] () -- C:\Users\DanielMMDS\Desktop\161000-1273506928818.png
[2012.06.24 20:53:40 | 000,000,873 | ---- | M] () -- C:\Users\DanielMMDS\.recently-used.xbel
[2012.06.24 20:53:10 | 000,024,731 | ---- | M] () -- C:\Users\DanielMMDS\Desktop\QR-Code-227x227-4fd02da1d658dd16.jpg
[2012.06.24 15:45:30 | 000,421,480 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.06.23 11:47:59 | 143,127,473 | ---- | M] () -- C:\Users\DanielMMDS\Desktop\CHUCK NORRIS (Witze).mp4
[2012.06.20 17:41:45 | 000,284,277 | ---- | M] () -- C:\Users\DanielMMDS\Desktop\Einsteiger_Franzoesisch_Teil_2.pdf
[2012.06.20 17:27:32 | 000,294,993 | ---- | M] () -- C:\Users\DanielMMDS\Desktop\Einsteiger_Franzoesisch_Teil_1.pdf
[2012.06.20 17:24:53 | 000,505,299 | ---- | M] () -- C:\Users\DanielMMDS\Desktop\Einsteiger_Franzoesisch_Einleitung.pdf
[2012.06.14 19:54:22 | 000,197,822 | ---- | M] () -- C:\Users\DanielMMDS\Desktop\Mod Guide - Jan '11.pdf
[2012.06.09 08:21:39 | 009,337,127 | ---- | M] () -- C:\Users\DanielMMDS\Desktop\Maroon 5 Payphone Dailymotion Video.mp3
[2012.06.03 00:19:33 | 000,045,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll
[2012.06.03 00:19:32 | 000,035,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wups.dll
[2012.06.03 00:19:23 | 000,577,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll
[2012.06.03 00:12:32 | 002,422,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll
[2012.06.03 00:12:13 | 000,088,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.06.28 14:37:26 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.06.27 16:29:05 | 000,001,076 | ---- | C] () -- C:\Users\Public\Desktop\Leawo Video Converter.lnk
[2012.06.25 20:10:09 | 000,076,458 | ---- | C] () -- C:\Users\DanielMMDS\Desktop\182748_470793732946401_179660712_n.jpg
[2012.06.24 20:55:17 | 000,002,288 | ---- | C] () -- C:\Users\DanielMMDS\Desktop\161000-1273506928818.png
[2012.06.24 20:53:40 | 000,000,873 | ---- | C] () -- C:\Users\DanielMMDS\.recently-used.xbel
[2012.06.24 20:53:20 | 000,024,731 | ---- | C] () -- C:\Users\DanielMMDS\Desktop\QR-Code-227x227-4fd02da1d658dd16.jpg
[2012.06.23 11:47:59 | 143,127,473 | ---- | C] () -- C:\Users\DanielMMDS\Desktop\CHUCK NORRIS (Witze).mp4
[2012.06.20 17:41:46 | 000,284,277 | ---- | C] () -- C:\Users\DanielMMDS\Desktop\Einsteiger_Franzoesisch_Teil_2.pdf
[2012.06.20 17:41:24 | 000,505,299 | ---- | C] () -- C:\Users\DanielMMDS\Desktop\Einsteiger_Franzoesisch_Einleitung.pdf
[2012.06.20 17:41:24 | 000,294,993 | ---- | C] () -- C:\Users\DanielMMDS\Desktop\Einsteiger_Franzoesisch_Teil_1.pdf
[2012.06.14 19:54:17 | 000,197,822 | ---- | C] () -- C:\Users\DanielMMDS\Desktop\Mod Guide - Jan '11.pdf
[2012.06.09 08:21:39 | 009,337,127 | ---- | C] () -- C:\Users\DanielMMDS\Desktop\Maroon 5 Payphone Dailymotion Video.mp3
[2012.05.15 16:58:07 | 000,353,437 | ---- | C] () -- C:\Users\DanielMMDS\2012-05-15_16-34-58_113.jpg
[2012.05.15 16:58:07 | 000,307,928 | ---- | C] () -- C:\Users\DanielMMDS\2012-05-15_16-35-09_841.jpg
[2012.05.15 16:58:07 | 000,186,150 | ---- | C] () -- C:\Users\DanielMMDS\2012-05-15_16-34-28_400.jpg
[2012.05.14 19:11:03 | 000,275,055 | ---- | C] () -- C:\Users\DanielMMDS\xXx-Niallers-xXx-niall-horan-25320289-500-375.png
[2012.05.05 19:37:28 | 000,000,122 | ---- | C] () -- C:\Users\DanielMMDS\LicenseCrawler.ini
[2012.05.05 14:16:20 | 000,000,035 | ---- | C] () -- C:\Windows\System32\drvcom.dat.dll
[2012.05.05 06:36:54 | 002,237,440 | ---- | C] () -- C:\Windows\System32\eappx64.dll
[2012.05.05 06:34:30 | 001,530,880 | ---- | C] () -- C:\Windows\System32\mprx32.dll
[2012.05.05 06:32:12 | 001,557,504 | ---- | C] () -- C:\Windows\System32\micrx64a.dll
[2012.04.29 08:53:29 | 2188,836,415 | ---- | C] () -- C:\Users\DanielMMDS\_The Dark Knight_20120422_2155.ts
[2012.04.09 13:39:42 | 003,158,016 | ---- | C] () -- C:\Windows\System32\p2phosvr.exe
[2012.04.09 13:33:30 | 001,094,144 | ---- | C] () -- C:\Windows\System32\IDStox86.dll
[2012.04.07 20:14:02 | 000,182,218 | ---- | C] () -- C:\Users\DanielMMDS\basic_english.pdf
[2012.04.07 20:14:02 | 000,051,157 | ---- | C] () -- C:\Users\DanielMMDS\bwl-Vokabeln.pdf
[2012.03.23 15:21:29 | 000,046,864 | ---- | C] () -- C:\Users\DanielMMDS\zeitformen_tabelle_englisch.pdf
[2012.03.21 21:34:27 | 000,561,559 | ---- | C] () -- C:\Users\DanielMMDS\AppGuide_1.apk
[2012.03.06 15:28:48 | 000,028,160 | ---- | C] () -- C:\Users\DanielMMDS\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.02.28 16:12:12 | 000,016,896 | ---- | C] () -- C:\Windows\System32\hdaudbnt.sys
[2012.02.28 16:10:54 | 000,521,728 | ---- | C] () -- C:\Windows\System32\fltMgr2k.sys
[2012.01.20 21:36:01 | 1646,241,408 | ---- | C] () -- C:\Users\DanielMMDS\Grey's Anatomy - Die jungen Ärzte_20120120_1926.ts
[2011.12.19 15:01:53 | 000,110,080 | ---- | C] () -- C:\Windows\System32\advd.dll
[2011.12.19 15:01:53 | 000,023,040 | ---- | C] () -- C:\Windows\System32\auth.dll
[2011.12.19 15:01:52 | 000,237,568 | ---- | C] () -- C:\Windows\System32\lame_enc.dll
[2011.12.18 13:44:04 | 1698,695,272 | ---- | C] () -- C:\Users\DanielMMDS\_Rush Hour III_20111211_2010.ts
[2011.12.18 10:48:14 | 1062,550,248 | ---- | C] () -- C:\Users\DanielMMDS\_Nachts im Museum II_20111211_2010.ts
[2011.12.18 10:48:01 | 1108,129,096 | ---- | C] () -- C:\Users\DanielMMDS\_Mr_ Deeds_20111214_2010.ts
[2011.12.11 20:31:23 | 000,219,291 | ---- | C] () -- C:\Users\DanielMMDS\AefG-u2CQAArSNT.jpg
[2011.12.11 18:29:04 | 2185,592,127 | ---- | C] () -- C:\Users\DanielMMDS\_Wie werde ich ihn los - in 10 Tagen_20111208_2010.ts
[2011.12.11 17:42:00 | 877,598,719 | ---- | C] () -- C:\Users\DanielMMDS\Santa Clause II - Eine noch schönere Bescherung_20111210_2010.ts
[2011.12.11 17:41:53 | 379,272,511 | ---- | C] () -- C:\Users\DanielMMDS\Oh je, du Fröhliche!_20111210_2210.ts
[2011.12.11 11:12:06 | 2367,392,575 | ---- | C] () -- C:\Users\DanielMMDS\_Black Hawk Down_20111209_2235.ts
[2011.12.08 16:47:59 | 4082,373,352 | ---- | C] () -- C:\Users\DanielMMDS\_Die Hochzeit meines besten Freundes_20111207_2010.ts
[2011.12.08 16:47:58 | 1398,636,415 | ---- | C] () -- C:\Users\DanielMMDS\_Hot Fuzz_20111207_2010.ts
[2011.11.30 21:01:21 | 000,000,000 | ---- | C] () -- C:\Users\DanielMMDS\AppData\Local\{BFAF9360-DCCF-4874-990F-295B3242FB2F}
[2011.11.27 16:28:52 | 000,000,283 | ---- | C] () -- C:\Windows\wma2wav.INI
[2011.11.27 16:28:37 | 000,080,896 | ---- | C] () -- C:\Windows\cadkasdeinst01.exe
[2011.11.27 13:06:38 | 000,019,541 | ---- | C] () -- C:\Users\DanielMMDS\bryanadams_christmastime.mid
[2011.11.26 19:41:28 | 000,000,058 | ---- | C] () -- C:\Users\DanielMMDS\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat
[2011.11.23 15:15:45 | 000,001,764 | ---- | C] () -- C:\Users\DanielMMDS\AppData\Roaming\hidewin.cfg
[2011.11.18 21:26:58 | 000,175,616 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2011.11.18 21:26:57 | 000,810,496 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2011.11.18 21:26:57 | 000,183,808 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2011.11.18 21:26:57 | 000,080,896 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2011.11.12 20:06:13 | 000,000,000 | ---- | C] () -- C:\Windows\System32\cd.dat
[2011.11.12 16:12:10 | 772,498,111 | ---- | C] () -- C:\Users\DanielMMDS\_Trennung mit Hindernissen_20111111_2010.ts
[2011.11.07 21:09:54 | 000,745,472 | ---- | C] () -- C:\Windows\System32\GSService.exe
[2011.11.07 15:15:17 | 000,000,457 | ---- | C] () -- C:\Windows\hpomdl13.dat.temp
[2011.11.05 14:42:19 | 000,007,602 | ---- | C] () -- C:\Users\DanielMMDS\AppData\Local\resmon.resmoncfg
[2011.11.01 13:02:16 | 000,002,048 | -HS- | C] () -- C:\Users\DanielMMDS\AppData\Local\037087ce\@
[2011.10.30 23:28:51 | 000,014,336 | ---- | C] () -- C:\Users\DanielMMDS\AppData\Local\037087ce\U\80000000.@
[2011.10.29 13:04:14 | 000,000,040 | -HS- | C] () -- C:\ProgramData\.zreglib
[2011.10.26 12:32:58 | 000,016,384 | ---- | C] () -- C:\Users\DanielMMDS\AppData\Local\037087ce\U\800000cb.@
[2011.10.02 21:58:19 | 000,003,596 | ---- | C] () -- C:\Users\DanielMMDS\Eisen-MMDS.png
[2011.09.19 15:14:08 | 577,057,214 | ---- | C] () -- C:\Users\DanielMMDS\_Transformers - Die Rache_20110918_2010.ts
[2011.09.18 14:32:46 | 000,870,560 | ---- | C] () -- C:\Windows\System32\igkrng575.bin
[2011.09.18 14:32:46 | 000,208,896 | ---- | C] () -- C:\Windows\System32\iglhsip32.dll
[2011.09.18 14:32:46 | 000,143,360 | ---- | C] () -- C:\Windows\System32\iglhcp32.dll
[2011.09.18 14:32:46 | 000,127,868 | ---- | C] () -- C:\Windows\System32\igcompkrng575.bin
[2011.09.18 14:32:46 | 000,104,636 | ---- | C] () -- C:\Windows\System32\igfcg575m.bin
[2011.09.18 14:32:46 | 000,004,096 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll
[2011.09.18 14:32:46 | 000,000,151 | ---- | C] () -- C:\Windows\System32\GfxUI.exe.config
[2011.09.18 14:25:39 | 000,451,072 | ---- | C] () -- C:\Windows\System32\ISSRemoveSP.exe
[2011.07.21 17:04:55 | 366,343,228 | ---- | C] () -- C:\Users\DanielMMDS\sof-greys.anatomy.s07e18.avi
========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========
[C:\Windows\$NtUninstallKB33982$] -> Error: Cannot create file handle -> Unknown point type
========== Alternate Data Streams ==========
@Alternate Data Stream - 173 bytes -> C:\ProgramData\Temp:FB1B13D8
@Alternate Data Stream - 103 bytes -> C:\ProgramData\Temp:261DD7EA
< End of report >
|
|
02.07.2012, 16:58
Baum-Darstellung