markus32 | 08.03.2012 16:14 | Aufgrund der Länge hab ich das File als Anhang im nächsten Post ("Neuer ZIP-komprimierter Ordner.zip") hochgeladen.
Ansonsten, hier der erste Teil der OTL.txt: Code:
OTL logfile created on: 08.03.2012 15:31:44 - Run 1
OTL by OldTimer - Version 3.2.36.1 Folder = C:\Users\Christian\Videos\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,97 Gb Total Physical Memory | 2,43 Gb Available Physical Memory | 61,40% Memory free
7,93 Gb Paging File | 5,60 Gb Available in Paging File | 70,58% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 111,77 Gb Total Space | 25,86 Gb Free Space | 23,14% Space Free | Partition Type: NTFS
Drive F: | 106,42 Gb Total Space | 33,37 Gb Free Space | 31,35% Space Free | Partition Type: NTFS
Drive H: | 7,39 Gb Total Space | 7,39 Gb Free Space | 100,00% Space Free | Partition Type: FAT32
Computer Name: CHRISTIAN | User Name: Christian | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Christian\Videos\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe ()
PRC - C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe ()
PRC - C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe (Cisco Systems, Inc.)
PRC - C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe (Cisco Systems, Inc.)
PRC - C:\Users\Christian\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
PRC - C:\Program Files (x86)\Secunia\PSI\psia.exe (Secunia)
PRC - C:\Program Files (x86)\Secunia\PSI\sua.exe (Secunia)
PRC - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
PRC - C:\Program Files (x86)\Last.fm\LastFM.exe (Last.fm)
PRC - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
PRC - C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe (Cisco Systems, Inc.)
PRC - C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe ()
PRC - C:\Program Files (x86)\FreePDF_XP\fpassist.exe (shbox.de)
PRC - C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin (OpenOffice.org)
PRC - C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
PRC - C:\Windows\tsnpstd3.exe ()
PRC - C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
PRC - C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe ()
PRC - C:\Programme\Dell\DellDock\DockLogin.exe (Stardock Corporation)
PRC - C:\Windows\FixCamera.exe ()
PRC - C:\Windows\vsnpstd3.exe ()
PRC - C:\Program Files (x86)\Creative\Creative Live! Cam\VideoFX\StartFX.exe (Creative Technology Ltd.)
========== Modules (No Company Name) ==========
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\eedf95f16a7e81ca43dd8accf11498a3\System.Data.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\9866d1f6178e1cde25642f1ac293ff8d\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\e620323cacb5b6bfd93fd28d263440e4\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\faf4e8730ecbd07570111bb7c3b20565\System.ni.dll ()
MOD - C:\Program Files (x86)\HTC\HTC Sync 3.0\Maps\R66Api.dll ()
MOD - C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe ()
MOD - C:\Program Files (x86)\HTC\HTC Sync 3.0\sqlite3.7.dll ()
MOD - C:\Program Files (x86)\HTC\HTC Sync 3.0\sqlite3.dll ()
MOD - C:\Program Files (x86)\HTC\HTC Sync 3.0\htcDetect.dll ()
MOD - C:\Program Files (x86)\HTC\HTC Sync 3.0\htcDetectLegend.dll ()
MOD - C:\Program Files (x86)\HTC\HTC Sync 3.0\htcDisk.dll ()
MOD - C:\Program Files (x86)\HTC\HTC Sync 3.0\OutputLog.dll ()
MOD - C:\Program Files (x86)\HTC\HTC Sync 3.0\fdHttpd.dll ()
MOD - C:\Programme\TortoiseSVN\bin\libsasl32.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll ()
MOD - C:\Program Files (x86)\Last.fm\srv_rtaudioplayback.dll ()
MOD - C:\Program Files (x86)\Last.fm\ext_messengernotify.dll ()
MOD - C:\Program Files (x86)\Last.fm\ext_skypenotify.dll ()
MOD - C:\Program Files (x86)\Last.fm\srv_madtranscode.dll ()
MOD - C:\Program Files (x86)\Last.fm\srv_httpinput.dll ()
MOD - C:\Program Files (x86)\Last.fm\LastFmFingerprint1.dll ()
MOD - C:\Program Files (x86)\Last.fm\breakpad.dll ()
MOD - C:\Program Files (x86)\Last.fm\Moose1.dll ()
MOD - C:\Program Files (x86)\Last.fm\LastFmTools1.dll ()
MOD - C:\Program Files (x86)\Last.fm\libfftw3f-3.dll ()
MOD - C:\Program Files (x86)\Last.fm\zlibwapi.dll ()
MOD - C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll ()
MOD - C:\Windows\tsnpstd3.exe ()
MOD - C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe ()
MOD - C:\Program Files (x86)\Last.fm\QtNetwork4.dll ()
MOD - C:\Program Files (x86)\Last.fm\QtSql4.dll ()
MOD - C:\Program Files (x86)\Last.fm\QtGui4.dll ()
MOD - C:\Program Files (x86)\Last.fm\QtXml4.dll ()
MOD - C:\Program Files (x86)\Last.fm\QtCore4.dll ()
MOD - C:\Program Files (x86)\Last.fm\imageformats\qmng4.dll ()
MOD - C:\Program Files (x86)\Last.fm\imageformats\qgif4.dll ()
MOD - C:\Program Files (x86)\Last.fm\imageformats\qjpeg4.dll ()
MOD - C:\Windows\FixCamera.exe ()
MOD - C:\Windows\vsnpstd3.exe ()
MOD - C:\Program Files (x86)\Creative\Creative Live! Cam\VideoFX\EyeCatcherEx.dll ()
========== Win32 Services (SafeList) ==========
SRV:64bit: - (wltrysvc) -- C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE ()
SRV:64bit: - (STacSV) -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_afc3018f8cfedd20\stacsv64.exe (IDT, Inc.)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (BBSvc) -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.)
SRV - (BBUpdate) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (PassThru Service) -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe ()
SRV - (vpnagent) -- C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe (Cisco Systems, Inc.)
SRV - (Secunia PSI Agent) -- C:\Program Files (x86)\Secunia\PSI\PSIA.exe (Secunia)
SRV - (Secunia Update Agent) -- C:\Program Files (x86)\Secunia\PSI\sua.exe (Secunia)
SRV - (CVPND) -- C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe (Cisco Systems, Inc.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (NMSAccess) -- C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe ()
SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (DockLoginService) -- C:\Programme\Dell\DellDock\DockLogin.exe (Stardock Corporation)
SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation)
SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
DRV:64bit: - (taphss) -- C:\Windows\SysNative\drivers\taphss.sys (AnchorFree Inc)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira GmbH)
DRV:64bit: - (vpnva) -- C:\Windows\SysNative\drivers\vpnva64.sys (Cisco Systems, Inc.)
DRV:64bit: - (acsock) -- C:\Windows\SysNative\drivers\acsock64.sys (Cisco Systems, Inc.)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (PSI) -- C:\Windows\SysNative\drivers\psi_mf.sys (Secunia)
DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys ()
DRV:64bit: - (htcnprot) -- C:\Windows\SysNative\drivers\htcnprot.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (BDA_Loader_225) -- C:\Windows\SysNative\drivers\BDA_Loader_225_x64.sys (WideView Technology Inc.)
DRV:64bit: - (BDA_Capture_225) -- C:\Windows\SysNative\drivers\BDA_Capture_225_x64.sys (WideViewer Electronics CO., LTD)
DRV:64bit: - (CVPNDRVA) -- C:\Windows\SysNative\drivers\CVPNDRVA.sys ()
DRV:64bit: - (CVirtA) -- C:\Windows\SysNative\drivers\CVirtA64.sys (Cisco Systems, Inc.)
DRV:64bit: - (StarOpen) -- C:\Windows\SysNative\drivers\StarOpen.sys ()
DRV:64bit: - (HTCAND64) -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys (HTC, Corporation)
DRV:64bit: - (SNPSTD3) USB PC Camera (SNPSTD3) -- C:\Windows\SysNative\drivers\snpstd3.sys (Sonix Co. Ltd.)
DRV:64bit: - (BCM42RLY) -- C:\Windows\SysNative\drivers\bcm42rly.sys (Broadcom Corporation)
DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (usb_rndisx) -- C:\Windows\SysNative\drivers\usb8023x.sys (Microsoft Corporation)
DRV:64bit: - (STHDA) -- C:\Windows\SysNative\drivers\stwrt64.sys (IDT, Inc.)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (rimmptsk) -- C:\Windows\SysNative\drivers\rimmpx64.sys (REDC)
DRV:64bit: - (rismxdp) -- C:\Windows\SysNative\drivers\rixdpx64.sys (REDC)
DRV:64bit: - (rimsptsk) -- C:\Windows\SysNative\drivers\rimspx64.sys (REDC)
DRV:64bit: - (CtClsFlt) -- C:\Windows\SysNative\drivers\CtClsFlt.sys (Creative Technology Ltd.)
DRV:64bit: - (k57nd60a) Broadcom NetLink (TM) -- C:\Windows\SysNative\drivers\k57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Research Inc.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (DNE) -- C:\Windows\SysNative\drivers\dne64x.sys (Deterministic Networks, Inc.)
DRV:64bit: - (ManyCam) -- C:\Windows\SysNative\drivers\ManyCam_x64.sys (ManyCam LLC.)
DRV:64bit: - (SynasUSB) -- C:\Windows\SysNative\drivers\synUSB64.sys (SIA Syncrosoft)
DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation)
DRV - (PCDSRVC{1E208CE0-FB7451FF-06020101}_0) -- c:\Programme\Dell Support Center\pcdsrvc_x64.pkms (PC-Doctor, Inc.)
DRV - (StarOpen) -- C:\Windows\SysWow64\drivers\StarOpen.sys ()
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (SNPSTD3) USB PC Camera (SNPSTD3) -- C:\Windows\SysWOW64\drivers\snpstd3.sys (Sonix Co. Ltd.)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0540005F-107E-4C4D-B1CD-64DE04847137}
IE:64bit: - HKLM\..\SearchScopes\{0540005F-107E-4C4D-B1CD-64DE04847137}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {3E4A5BD3-2D23-461A-98CD-FC106A31775C}
IE - HKLM\..\SearchScopes\{3E4A5BD3-2D23-461A-98CD-FC106A31775C}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {3E4A5BD3-2D23-461A-98CD-FC106A31775C}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {3E4A5BD3-2D23-461A-98CD-FC106A31775C}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1302499063-601275286-625076348-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/USCON/8
IE - HKU\S-1-5-21-1302499063-601275286-625076348-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKU\S-1-5-21-1302499063-601275286-625076348-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKU\S-1-5-21-1302499063-601275286-625076348-1000\..\SearchScopes,DefaultScope = {3E4A5BD3-2D23-461A-98CD-FC106A31775C}
IE - HKU\S-1-5-21-1302499063-601275286-625076348-1000\..\SearchScopes\{AC129BF9-68BF-4bc4-A1DC-ECB62712FF99}: "URL" = hxxp://search.kikin.com/search/?q={searchTerms}
IE - HKU\S-1-5-21-1302499063-601275286-625076348-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1302499063-601275286-625076348-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: multilinks@plugin:3.0.0.16
FF - prefs.js..extensions.enabledItems: {888d99e7-e8b5-46a3-851e-1ec45da1e644}:4.0.2
FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20100908
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: facepad@lazyrussian.com:0.9.6
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {35379F86-8CCB-4724-AE33-4278DE266C70}:1.0.5
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: fbchathistory@firechm.com:1.1.5
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..network.proxy.autoconfig_url: "hxxp://pac.lrz.de/"
FF - prefs.js..network.proxy.type: 2
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.709: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.709: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.709: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.0: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@wolfram.com/Mathematica: C:\Program Files (x86)\Common Files\Wolfram Research\Browser\8.0.1.2063897\npmathplugin.dll (Wolfram Research, Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Christian\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Christian\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Christian\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Christian\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Christian\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\web2pdfextension@web2pdf.adobedotcom: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2012.03.08 00:41:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.03.08 00:46:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.03.08 00:35:47 | 000,000,000 | ---D | M]
[2009.12.09 17:15:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Christian\AppData\Roaming\mozilla\Extensions
[2012.03.06 21:03:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Christian\AppData\Roaming\mozilla\Firefox\Profiles\dkqm69cp.default\extensions
[2012.01.31 18:47:24 | 000,000,000 | ---D | M] (FireShot) -- C:\Users\Christian\AppData\Roaming\mozilla\Firefox\Profiles\dkqm69cp.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}
[2012.03.05 17:49:37 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Christian\AppData\Roaming\mozilla\Firefox\Profiles\dkqm69cp.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2010.08.06 16:20:25 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Christian\AppData\Roaming\mozilla\Firefox\Profiles\dkqm69cp.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.03.05 17:49:37 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Christian\AppData\Roaming\mozilla\Firefox\Profiles\dkqm69cp.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2011.01.25 20:37:18 | 000,000,000 | ---D | M] (PhotoJacker: Photo Album Downloader for Facebook (fka FacePAD)) -- C:\Users\Christian\AppData\Roaming\mozilla\Firefox\Profiles\dkqm69cp.default\extensions\facepad@lazyrussian.com
[2011.03.26 10:30:06 | 000,000,000 | ---D | M] (IE Tab Plus) -- C:\Users\Christian\AppData\Roaming\mozilla\Firefox\Profiles\dkqm69cp.default\extensions\ietab@ip.cn
[2009.12.30 20:55:03 | 000,000,000 | ---D | M] (Snap Links Plus with Checkboxes Extension) -- C:\Users\Christian\AppData\Roaming\mozilla\Firefox\Profiles\dkqm69cp.default\extensions\snaplinks_checkboxes@mozilla.org
[2012.03.08 00:46:28 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
() (No name found) -- C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DKQM69CP.DEFAULT\EXTENSIONS\CLIENT@ANONYMOX.NET.XPI
() (No name found) -- C:\USERS\CHRISTIAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\DKQM69CP.DEFAULT\EXTENSIONS\MULTILINKS@PLUGIN.XPI
[2012.02.16 15:55:34 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.03.08 00:32:39 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2011.07.11 22:48:12 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2012.02.16 12:08:43 | 000,001,538 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazon-en-GB.xml
[2012.02.16 11:48:01 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.02.16 12:08:43 | 000,000,947 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\chambers-en-GB.xml
[2012.02.16 12:08:43 | 000,001,180 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-en-GB.xml
[2012.02.16 12:08:43 | 000,001,135 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-en-GB.xml
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Christian\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Christian\AppData\Local\Google\Chrome\Application\17.0.963.66\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Christian\AppData\Local\Google\Chrome\Application\17.0.963.66\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Christian\AppData\Local\Google\Chrome\Application\17.0.963.66\pdf.dll
CHR - plugin: MetaProducts Download Express integration (Enabled) = C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkppcbheeedepkoakmkmnjjnfefhhakh\1.1.2_0\plugin/mpde.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\Christian\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\Christian\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: Wolfram Mathematica (Enabled) = C:\Program Files (x86)\Common Files\Wolfram Research\Browser\8.0.1.2063897\npmathplugin.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\Christian\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Angry Birds = C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.1.2.1_0\
CHR - Extension: Adblock Plus (Beta) = C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\
CHR - Extension: Unfriend Finder for Facebook = C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecolodplncpedbpiicabmflhfemjnool\14_0\
CHR - Extension: Google Kalender = C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn\4.5.3_0\
CHR - Extension: PanicButton = C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\faminaibgiklngmfpfbhmokfmnglamcm\0.14.1.5_0\
CHR - Extension: AdBlock = C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.20_0\
CHR - Extension: cats = C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmekamlpkbcegncocdmhnoogddkeekgn\1_0\
CHR - Extension: BrowserTexting = C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\idijdgooojpepbnadlbkiagcmilndffa\1.27_0\
CHR - Extension: Snap Links Lite = C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\idmmhhijggcmbeejedibpdcahpkneegg\1.2.4_0\
CHR - Extension: uSelect iDownload = C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ileabdhfjmgaognikmjgmhhkjffggejc\1.3_0\
CHR - Extension: Unfriend Finder = C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\kddnblacojpnmjdlpnndlcamnmmkfina\35_0\
CHR - Extension: StayFocusd = C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\laankejkbhbdhmipfmgcngdelahlfoji\1.2.0.15_0\
CHR - Extension: TeX The World for Chromium = C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbfninnbhfepghkkcgdnmfmhhbjmhggn\1.3.2_1\
CHR - Extension: Google Dictionary (by Google) = C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja\3.0.11_0\
CHR - Extension: Google Mail-Checker = C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\3.2_0\
CHR - Extension: Google Play Books = C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmimngoggfoobjdlefbcabngfnmieonb\1.1.3_0\
CHR - Extension: MetaProducts Download Express integration = C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkppcbheeedepkoakmkmnjjnfefhhakh\1.1.2_0\
O1 HOSTS File: ([2011.10.15 13:35:32 | 000,002,415 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 practivate.adobe.com
O1 - Hosts: 127.0.0.1 adobeereg.com
O1 - Hosts: 127.0.0.1 www.adobeereg.com
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 192.150.18.108
O1 - Hosts: 127.0.0.1 activate.adobe.com:443
O1 - Hosts: 127.0.0.1 3dns.adobe.com
O1 - Hosts: 127.0.0.1 3dns-1.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-4.adobe.com
O1 - Hosts: 127.0.0.1 adobeereg.com
O1 - Hosts: 127.0.0.1 www.adobeereg.com
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 wwis-dubc1-vip60.adobe.com
O1 - Hosts: 127.0.0.1 192.150.18.108
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-1.adobe.com
O1 - Hosts: 27 more lines...
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2:64bit: - BHO: (no name) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - No CLSID value found.
O2 - BHO: (Octh Class) - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files (x86)\Orbitdownloader\orbitcth.dll (Orbitdownloader.com)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (kikin Plugin) - {E601996F-E400-41CA-804B-CD6373A7EEE2} - C:\Program Files (x86)\kikin\ie_kikin.dll (kikin)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files (x86)\Orbitdownloader\GrabPro.dll ()
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-1302499063-601275286-625076348-1000\..\Toolbar\WebBrowser: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Program Files (x86)\Orbitdownloader\GrabPro.dll ()
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Programme\Dell\Dell Wireless WLAN Card\WLTRAY.EXE (Dell Inc.)
O4:64bit: - HKLM..\Run: [QuickSet] C:\Programme\Dell\QuickSet\quickset.exe (Dell Inc.)
O4:64bit: - HKLM..\Run: [snpstd3] C:\Windows\vsnpstd3.exe ()
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Programme\IDT\WDM\sttray64.exe (IDT, Inc.)
O4:64bit: - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVFX Engine] C:\Program Files (x86)\Creative\Creative Live! Cam\VideoFX\StartFX.exe (Creative Technology Ltd.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe (Cisco Systems, Inc.)
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [Desktop Disc Tool] C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe ()
O4 - HKLM..\Run: [FixCamera] C:\Windows\FixCamera.exe ()
O4 - HKLM..\Run: [FreePDF Assistant] C:\Program Files (x86)\FreePDF_XP\fpassist.exe (shbox.de)
O4 - HKLM..\Run: [HTC Sync Loader] C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe ()
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NuonSoft ShellEnhancer StartupHelper] C:\Program Files (x86)\NuonSoft\ShellEnhancer\StartupHelper.exe ()
O4 - HKLM..\Run: [snpstd3] C:\Windows\vsnpstd3.exe ()
O4 - HKLM..\Run: [StartCCC] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [tsnpstd3] C:\Windows\tsnpstd3.exe ()
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1302499063-601275286-625076348-1000..\Run: [AdobeBridge] File not found
O4 - HKU\S-1-5-21-1302499063-601275286-625076348-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-1302499063-601275286-625076348-1000..\Run: [Facebook Update] C:\Users\Christian\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKU\S-1-5-21-1302499063-601275286-625076348-1000..\Run: [PureSync] C:\Program Files (x86)\PureSync\PureSyncTray.exe (Jumping Bytes)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Allgemein\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = File not found
O4 - Startup: C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = File not found
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-1302499063-601275286-625076348-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1302499063-601275286-625076348-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\S-1-5-21-1302499063-601275286-625076348-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8:64bit: - Extra context menu item: &Download by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8:64bit: - Extra context menu item: &Grab video by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: Do&wnload selected by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8:64bit: - Extra context menu item: Down&load all by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Christian\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8:64bit: - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Christian\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: &Download by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: &Grab video by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Do&wnload selected by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Down&load all by Orbit - C:\Program Files (x86)\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Free YouTube Download - C:\Users\Christian\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Christian\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9 - Extra 'Tools' menuitem : My kikin - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - C:\Program Files (x86)\kikin\ie_kikin.dll (kikin)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files (x86)\ICQ7.0\ICQ.exe File not found
O9 - Extra 'Tools' menuitem : ICQ7 - {88EB38EF-4D2C-436D-ABD3-56B232674062} - C:\Program Files (x86)\ICQ7.0\ICQ.exe File not found
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} hxxp://support.euro.dell.com/systemprofiler/DellSystemLite.CAB (DellSystemLite.Scanner)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{35545307-1B5F-45FC-B0D5-FBFAE5B7A543}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D6FBEC54-3FF1-4B6E-9489-E3E145A96D8B}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30:64bit: - LSA: Authentication Packages - (setuid) - C:\Windows\SysWow64\setuid.dll (March-Hare Software Ltd)
O30 - LSA: Authentication Packages - (setuid) - C:\Windows\SysWow64\setuid.dll (March-Hare Software Ltd)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{06e9706d-2611-11e0-95e9-0026b9124de7}\Shell - "" = AutoRun
O33 - MountPoints2\{06e9706d-2611-11e0-95e9-0026b9124de7}\Shell\AutoRun\command - "" = G:\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
MsConfig:64bit - StartUpReg: msnmsgr - hkey= - key= - C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
MsConfig:64bit - StartUpReg: WheelMouse - hkey= - key= - C:\Program Files (x86)\Mouse Driver\4DMAIN.EXE ()
SafeBootMin:64bit: AppMgmt - Service
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: mcmscsvc - Service
SafeBootMin:64bit: MCODS - Service
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: mcmscsvc - Service
SafeBootMin: MCODS - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet:64bit: AppMgmt - Service
SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: mcmscsvc - Service
SafeBootNet:64bit: MCODS - Service
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: MpfService - Service
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: vmms - Service
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: mcmscsvc - Service
SafeBootNet: MCODS - Service
SafeBootNet: Messenger - Service
SafeBootNet: MpfService - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
ActiveX:64bit: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {74FA3C8A-1739-4AE0-B578-0E4E288B6688} - C:\ProgramData\VoicePro12\VoiceProInstallCurrentUser.exe install
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {AC053600-5E30-EDF4-B393-7DCC6AA46DEA} - Internet Explorer
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.i420 - C:\Windows\SysWow64\i420vfw.dll (www.helixcommunity.org)
Drivers32: vidc.iv50 - C:\Windows\SysWow64\ir50_32.dll (Intel Corporation)
Drivers32: vidc.yv12 - C:\Windows\SysWow64\yv12vfw.dll (www.helixcommunity.org)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2012.03.08 00:35:26 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012.03.08 00:33:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012.03.08 00:29:32 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2012.03.08 00:13:51 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\Secunia PSI
[2012.03.07 23:55:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2012.03.07 22:40:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Secunia
[2012.03.06 18:38:50 | 000,000,000 | ---D | C] -- C:\Users\Christian\Documents\MATLAB
[2012.03.06 18:38:50 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\MathWorks
[2012.03.06 17:40:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MATLAB
[2012.03.06 17:10:33 | 000,000,000 | ---D | C] -- C:\Program Files\MATLAB
[2012.03.06 15:48:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.03.06 15:48:06 | 000,023,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.03.06 15:48:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.03.04 18:45:01 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\Malwarebytes
[2012.03.04 15:17:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.02.27 14:11:57 | 000,000,000 | ---D | C] -- C:\Users\Christian\Desktop\Studium
[2012.02.19 18:21:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2012.02.17 13:09:17 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\Jumping Bytes
[2012.02.17 13:03:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PureSync
[2012.02.17 13:03:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PureSync
[2012.02.17 13:03:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Jumping Bytes
[2012.02.17 12:10:26 | 000,000,000 | R--D | C] -- C:\Users\Christian\Saved Games
[2012.02.17 12:10:26 | 000,000,000 | R--D | C] -- C:\Users\Christian\Links
[2012.02.17 12:10:26 | 000,000,000 | R--D | C] -- C:\Users\Christian\Contacts
[2012.02.16 22:44:33 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\TuneUp Software
[2012.02.16 22:43:23 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software
[2012.02.16 22:43:11 | 000,000,000 | -HSD | C] -- C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936}
[2012.02.16 16:32:14 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\mkvtoolnix
[2012.02.16 16:31:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MKVToolNix
[2012.02.16 16:31:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MKVToolNix
[2012.02.16 10:32:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
[2011.10.15 18:27:56 | 004,962,008 | ---- | C] (Flexera Software) -- C:\Program Files (x86)\MapleToolbox_WindowsX86_64.exe
========== Files - Modified Within 30 Days ==========
[2012.03.08 11:01:00 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.03.08 00:46:33 | 000,001,020 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.03.07 23:32:27 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.03.07 23:32:27 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.03.07 23:24:15 | 3193,585,664 | -HS- | M] () -- C:\hiberfil.sys
[2012.03.07 22:41:10 | 000,328,630 | ---- | M] () -- C:\Users\Christian\Desktop\Bleistift Llösungen.pdf
[2012.03.07 22:40:06 | 000,001,068 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
[2012.03.07 17:03:41 | 000,002,424 | ---- | M] () -- C:\Users\Christian\Desktop\Google Chrome.lnk
[2012.03.07 09:54:32 | 000,023,552 | ---- | M] () -- C:\Users\Christian\3160773_460s.jpg
[2012.03.07 09:51:52 | 000,186,091 | ---- | M] () -- C:\Users\Christian\3171050_460s.jpg
[2012.03.07 09:51:06 | 000,269,904 | ---- | M] () -- C:\Users\Christian\3170574_460s.jpg
[2012.03.07 09:50:02 | 000,045,113 | ---- | M] () -- C:\Users\Christian\3168541_460s.jpg
[2012.03.07 09:48:26 | 000,062,892 | ---- | M] () -- C:\Users\Christian\3159779_460s.jpg
[2012.03.06 22:23:44 | 000,033,491 | ---- | M] () -- C:\Users\Christian\407868_352929411404069_174773712552974_1048462_2032134122_n.jpg
[2012.03.06 18:30:43 | 000,000,554 | ---- | M] () -- C:\Windows\tasks\MATLAB R2011b Startup Accelerator.job
[2012.03.06 17:40:03 | 000,001,309 | ---- | M] () -- C:\Users\Christian\Desktop\MATLAB R2011b.lnk
[2012.03.06 15:48:07 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.03.06 12:51:55 | 001,623,448 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.03.06 12:51:55 | 000,701,140 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.03.06 12:51:55 | 000,655,522 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.03.06 12:51:55 | 000,149,680 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.03.06 12:51:55 | 000,122,394 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.02.28 10:43:06 | 001,599,970 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.02.28 00:22:47 | 000,056,273 | ---- | M] () -- C:\Users\Christian\2951314_460s.jpg
[2012.02.28 00:08:52 | 000,073,391 | ---- | M] () -- C:\Users\Christian\2978673_460s.jpg
[2012.02.24 18:22:52 | 001,570,931 | ---- | M] () -- C:\Users\Christian\Desktop\lernanleitung1.pdf
[2012.02.21 13:38:08 | 002,200,292 | ---- | M] () -- C:\Users\Christian\Desktop\Meine Facharbeit (1).pdf
[2012.02.21 13:06:23 | 000,001,017 | ---- | M] () -- C:\Users\Christian\Desktop\P1.lnk
[2012.02.19 14:30:00 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.02.19 14:10:04 | 000,001,112 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.02.17 13:04:02 | 000,000,899 | ---- | M] () -- C:\Users\Public\Desktop\PureSync.lnk
[2012.02.17 11:21:55 | 005,051,176 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.02.15 19:35:38 | 000,000,132 | ---- | M] () -- C:\Users\Christian\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2012.02.15 14:58:35 | 000,132,320 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys
[2012.02.10 22:59:55 | 000,035,499 | ---- | M] () -- C:\Users\Christian\Desktop\small.png
[2012.02.08 23:55:00 | 000,001,136 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1302499063-601275286-625076348-1000UA.job
[2012.02.08 22:55:00 | 000,001,084 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1302499063-601275286-625076348-1000Core.job
[2012.02.08 21:08:33 | 000,001,826 | ---- | M] () -- C:\Users\Christian\Desktop\physik-lmu.lnk
========== Files Created - No Company Name ==========
[2012.03.08 00:46:33 | 000,001,020 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.03.07 22:41:13 | 000,328,630 | ---- | C] () -- C:\Users\Christian\Desktop\Bleistift Llösungen.pdf
[2012.03.07 22:40:06 | 000,001,068 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
[2012.03.07 22:40:06 | 000,001,031 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk
[2012.03.07 09:54:32 | 000,023,552 | ---- | C] () -- C:\Users\Christian\3160773_460s.jpg
[2012.03.07 09:51:53 | 000,186,091 | ---- | C] () -- C:\Users\Christian\3171050_460s.jpg
[2012.03.07 09:51:06 | 000,269,904 | ---- | C] () -- C:\Users\Christian\3170574_460s.jpg
[2012.03.07 09:50:03 | 000,045,113 | ---- | C] () -- C:\Users\Christian\3168541_460s.jpg
[2012.03.07 09:48:27 | 000,062,892 | ---- | C] () -- C:\Users\Christian\3159779_460s.jpg
[2012.03.06 22:23:50 | 000,033,491 | ---- | C] () -- C:\Users\Christian\407868_352929411404069_174773712552974_1048462_2032134122_n.jpg
[2012.03.06 19:52:19 | 000,001,309 | ---- | C] () -- C:\Users\Christian\Desktop\MATLAB R2011b.lnk
[2012.03.06 17:40:03 | 000,001,297 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MATLAB R2011b.lnk
[2012.03.06 17:39:56 | 000,000,554 | ---- | C] () -- C:\Windows\tasks\MATLAB R2011b Startup Accelerator.job
[2012.03.06 15:48:07 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.02.28 00:22:48 | 000,056,273 | ---- | C] () -- C:\Users\Christian\2951314_460s.jpg
[2012.02.28 00:08:56 | 000,073,391 | ---- | C] () -- C:\Users\Christian\2978673_460s.jpg
[2012.02.24 18:23:01 | 001,570,931 | ---- | C] () -- C:\Users\Christian\Desktop\lernanleitung1.pdf
[2012.02.21 13:34:41 | 002,200,292 | ---- | C] () -- C:\Users\Christian\Desktop\Meine Facharbeit (1).pdf
[2012.02.21 13:06:23 | 000,001,017 | ---- | C] () -- C:\Users\Christian\Desktop\P1.lnk
[2012.02.17 13:04:02 | 000,000,899 | ---- | C] () -- C:\Users\Public\Desktop\PureSync.lnk
[2012.02.10 22:59:53 | 000,035,499 | ---- | C] () -- C:\Users\Christian\Desktop\small.png
[2012.02.08 21:08:03 | 000,001,826 | ---- | C] () -- C:\Users\Christian\Desktop\physik-lmu.lnk
[2012.01.26 23:58:20 | 000,001,456 | ---- | C] () -- C:\Users\Christian\AppData\Local\Adobe Für Web speichern 12.0 Prefs
[2011.10.15 18:27:56 | 000,000,106 | ---- | C] () -- C:\Program Files (x86)\MapleToolbox.bat
[2011.10.15 18:25:10 | 000,253,797 | ---- | C] () -- C:\Program Files (x86)\Install.html
[2011.10.15 18:25:10 | 000,067,783 | ---- | C] () -- C:\Program Files (x86)\EULA.html
[2011.10.15 18:25:10 | 000,006,296 | ---- | C] () -- C:\Program Files (x86)\Maple Cloud Terms of Service.html
[2011.09.30 11:57:14 | 000,000,132 | ---- | C] () -- C:\Users\Christian\AppData\Roaming\Adobe BMP Format CS5 Prefs
[2011.09.26 09:51:08 | 000,107,520 | RHS- | C] () -- C:\Windows\SysWow64\TAKDSDecoder.dll
[2011.02.01 17:06:45 | 344,120,320 | ---- | C] () -- C:\Users\Christian\AppData\Roaming\Messages.qdb
[2011.01.15 17:11:24 | 000,000,132 | ---- | C] () -- C:\Users\Christian\AppData\Roaming\Adobe GIF Format CS5 Prefs
[2011.01.06 18:27:09 | 000,007,605 | ---- | C] () -- C:\Users\Christian\AppData\Local\Resmon.ResmonCfg
[2010.11.30 15:52:47 | 000,020,480 | ---- | C] () -- C:\Windows\FixCamera.exe
[2010.11.30 15:52:45 | 000,835,584 | ---- | C] () -- C:\Windows\vsnpstd3.exe
[2010.11.30 15:52:45 | 000,356,352 | ---- | C] () -- C:\Windows\tsnpstd3.exe
[2010.11.30 15:52:45 | 000,015,498 | ---- | C] () -- C:\Windows\snpstd3.ini
[2010.11.30 15:52:44 | 000,163,840 | ---- | C] ( ) -- C:\Windows\SysWow64\rsnpstd3.dll
[2010.11.30 15:52:44 | 000,061,440 | ---- | C] ( ) -- C:\Windows\SysWow64\vsnpstd3.dll
[2010.11.30 15:52:43 | 000,053,248 | ---- | C] ( ) -- C:\Windows\csnpstd3.dll
[2010.11.02 19:45:32 | 000,000,132 | ---- | C] () -- C:\Users\Christian\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2010.09.10 22:17:16 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2010.09.05 18:55:07 | 000,003,777 | ---- | C] () -- C:\Windows\scad3.INI
[2010.08.24 12:04:13 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010.05.23 12:09:39 | 000,002,892 | ---- | C] () -- C:\Windows\SysWow64\audcon.sys
[2010.04.15 21:32:02 | 000,000,476 | ---- | C] () -- C:\Users\Christian\AppData\Roaming\Poladroid prefs.plist
[2010.04.11 15:12:57 | 001,599,970 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.03.23 23:19:47 | 000,007,168 | ---- | C] () -- C:\Windows\SysWow64\drivers\StarOpen.sys
[2010.03.23 18:43:36 | 000,000,043 | ---- | C] () -- C:\Windows\gswin32.ini
========== LOP Check ==========
[2010.06.07 12:39:27 | 000,000,000 | ---D | M] -- C:\Users\Allgemein\AppData\Roaming\GrabPro
[2012.02.28 17:16:01 | 000,000,000 | ---D | M] -- C:\Users\Allgemein\AppData\Roaming\HTC
[2011.03.03 18:14:31 | 000,000,000 | ---D | M] -- C:\Users\Allgemein\AppData\Roaming\ICQ
[2011.06.21 19:15:50 | 000,000,000 | ---D | M] -- C:\Users\Allgemein\AppData\Roaming\kikin
[2010.10.01 16:46:56 | 000,000,000 | ---D | M] -- C:\Users\Allgemein\AppData\Roaming\LockHunter
[2012.03.04 15:59:40 | 000,000,000 | ---D | M] -- C:\Users\Allgemein\AppData\Roaming\Orbit
[2011.09.27 16:04:20 | 000,000,000 | ---D | M] -- C:\Users\Allgemein\AppData\Roaming\ProgSense
[2011.11.25 14:33:47 | 000,000,000 | ---D | M] -- C:\Users\Allgemein\AppData\Roaming\Subversion
[2011.09.18 12:13:02 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\Binary Fortress Software
[2010.03.23 23:19:54 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\Canneverbe Limited
[2010.01.06 15:15:27 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\Crazysoft
[2012.03.07 18:36:21 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\DAEMON Tools Lite
[2011.02.23 17:08:40 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\diginet
[2012.02.02 01:40:11 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\DVDVideoSoft
[2011.09.08 11:58:35 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.06.30 15:47:12 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\FireShot
[2010.04.11 14:01:21 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\GetRightToGo
[2010.05.22 15:17:53 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\GrabPro
[2012.01.31 10:17:55 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\HTC
[2011.09.19 13:44:38 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1
[2012.02.02 06:16:43 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\ICQ
[2010.08.05 12:56:36 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\inkscape
[2012.02.17 13:09:17 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\Jumping Bytes
[2011.02.21 19:45:37 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\kikin
[2009.12.10 21:14:56 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\LockHunter
[2010.03.21 22:06:00 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\ManyCam
[2012.02.16 16:32:14 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\mkvtoolnix
[2010.09.19 09:22:51 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\National Instruments
[2011.08.04 22:19:29 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\OpenCandy
[2009.12.09 21:44:39 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\OpenOffice.org
[2012.03.08 14:28:04 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\Orbit
[2010.12.12 14:09:16 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\PCDr
[2010.10.02 14:06:08 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\PhotoScape
[2010.08.16 20:28:53 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\ProgSense
[2010.05.23 13:20:02 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\Steinberg
[2010.04.21 21:01:11 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\Stellarium
[2011.10.22 18:38:20 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\Subversion
[2010.01.21 19:43:10 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\syntevo
[2010.02.02 21:32:54 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\temp
[2009.12.09 21:34:11 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\Template
[2012.02.16 22:44:33 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\TuneUp Software
[2011.06.14 03:19:55 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\Unified Remote
[2010.01.30 14:31:40 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\xm1
[2011.02.16 22:35:41 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\XMedia Recode
[2011.09.07 22:18:28 | 000,000,922 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1302499063-601275286-625076348-1000Core.job
[2011.09.08 13:45:00 | 000,000,944 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1302499063-601275286-625076348-1000UA.job
[2012.03.06 18:30:43 | 000,000,554 | ---- | M] () -- C:\Windows\Tasks\MATLAB R2011b Startup Accelerator.job
[2011.09.01 17:00:00 | 000,000,564 | ---- | M] () -- C:\Windows\Tasks\PCDoctorBackgroundMonitorTask-Delay.job
[2011.09.08 16:25:48 | 000,000,564 | ---- | M] () -- C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
[2012.03.07 19:25:13 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011.09.08 16:25:48 | 000,000,506 | ---- | M] () -- C:\Windows\Tasks\SystemToolsDailyTest.job
========== Purity Check ==========
========== Custom Scans ==========
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2011.10.15 14:47:43 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\Adobe
[2011.12.03 13:32:31 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\Apple Computer
[2009.12.09 16:45:34 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\ATI
[2011.10.15 13:08:42 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\Avira
[2010.08.14 15:38:40 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\AVS4YOU
[2011.09.18 12:13:02 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\Binary Fortress Software
[2010.03.23 23:19:54 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\Canneverbe Limited
[2010.01.06 15:15:27 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\Crazysoft
[2009.12.09 17:13:41 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\Creative
[2009.12.09 20:21:43 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\CyberLink
[2012.03.07 18:36:21 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\DAEMON Tools Lite
[2011.06.01 13:23:33 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\Dell
[2011.02.23 17:08:40 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\diginet
[2011.11.26 13:31:35 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\dvdcss
[2012.02.02 01:40:11 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\DVDVideoSoft
[2011.09.08 11:58:35 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.06.30 15:47:12 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\FireShot
[2010.04.11 14:01:21 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\GetRightToGo
[2010.05.22 15:17:53 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\GrabPro
[2012.01.31 10:17:55 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\HTC
[2011.09.19 13:44:38 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1
[2012.02.02 06:16:43 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\ICQ
[2009.12.09 16:44:59 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\Identities
[2010.08.05 12:56:36 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\inkscape
[2010.11.30 15:51:16 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\InstallShield
[2012.02.17 13:09:17 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\Jumping Bytes
[2011.02.21 19:45:37 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\kikin
[2009.12.10 21:14:56 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\LockHunter
[2009.12.09 16:49:32 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\Macromedia
[2012.03.04 18:45:01 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\Malwarebytes
[2010.03.21 22:06:00 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\ManyCam
[2011.10.15 19:13:17 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\Mathematica
[2012.03.06 18:38:50 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\MathWorks
[2009.07.14 19:18:18 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\Media Center Programs
[2010.03.06 17:48:37 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\Media Player Classic
[2011.11.16 17:41:03 | 000,000,000 | --SD | M] -- C:\Users\Christian\AppData\Roaming\Microsoft
[2010.01.30 13:51:45 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\MiKTeX
[2012.02.16 16:32:14 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\mkvtoolnix
[2011.12.24 18:00:18 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\Mozilla
[2010.09.19 09:22:51 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\National Instruments
[2011.08.04 22:19:29 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\OpenCandy
[2009.12.09 21:44:39 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\OpenOffice.org
[2012.03.08 14:28:04 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\Orbit
[2010.12.12 14:09:16 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\PCDr
[2010.10.02 14:06:08 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\PhotoScape
[2010.08.16 20:28:53 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\ProgSense
[2010.03.06 18:33:59 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\Real
[2009.12.09 18:34:54 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\Reallusion
[2009.12.09 16:45:40 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\Roxio
[2009.12.09 19:12:54 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\Roxio Log Files
[2010.06.08 17:24:51 | 000,000,000 | RH-D | M] -- C:\Users\Christian\AppData\Roaming\SecuROM
[2012.03.07 22:59:34 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\Skype
[2011.12.06 20:32:31 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\skypePM
[2010.05.23 13:20:02 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\Steinberg
[2010.04.21 21:01:11 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\Stellarium
[2011.10.22 18:38:20 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\Subversion
[2010.01.21 19:43:10 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\syntevo
[2010.02.02 21:32:54 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\temp
[2009.12.09 21:34:11 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\Template
[2011.10.23 12:40:23 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\TortoiseSVN
[2012.02.16 22:44:33 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\TuneUp Software
[2011.06.14 03:19:55 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\Unified Remote
[2012.03.04 16:52:08 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\vlc
[2011.09.18 20:16:24 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\Winamp
[2010.08.06 14:31:33 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\WinRAR
[2010.01.30 14:31:40 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\xm1
[2011.02.16 22:35:41 | 000,000,000 | ---D | M] -- C:\Users\Christian\AppData\Roaming\XMedia Recode Fortsetzung in folgendem Post. |