externe Festplatte: Ordner nur noch als Verknüpfungen vorhanden
Hallo, bei meiner externen Festplatte sind die Ordner nur noch als Verknüpfungen vorhanden und lassen sich nicht mehr öffnen - ich habe mit malwarebytes einen Scan gemacht:
Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org
Datenbank Version: v2012.07.01.04
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
vunde :: VUNDE-PC [Administrator]
01.07.2012 14:10:25
mbam-log-2012-07-01 (15-57-19).txt
Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 471842
Laufzeit: 1 Stunde(n), 29 Minute(n), 23 Sekunde(n)
Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateien: 3
C:\Program Files (x86)\CPUCooL\instser.exe (Adware.Agent) -> Keine Aktion durchgeführt.
C:\Users\vunde\Documents\UseNeXT\wizard\Chew WGA v0.9 Windows 7 Activator - dArKwOLf\CHEW_WGA\CW.eXe (Hacktool.ChewWGA) -> Keine Aktion durchgeführt.
Hazar\RemoveWAT2252.exe (HackTool.Wpakill) -> Keine Aktion durchgeführt.
I:\restore\Users\Users\vunde\AppData\Local\Temp\REMOVE WAT.EXE (HackTool.Wpakill) -> Keine Aktion durchgeführt.
(Ende)OTL Logfile: Code:
OTL logfile created on: 01.07.2012 16:34:01 - Run 1
OTL by OldTimer - Version 3.2.53.0 Folder = C:\Users\vunde\Downloads
64bit- Enterprise Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 2,29 Gb Available Physical Memory | 57,29% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 75,06% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 153,38 Gb Total Space | 12,23 Gb Free Space | 7,97% Space Free | Partition Type: NTFS
Drive I: | 465,76 Gb Total Space | 61,29 Gb Free Space | 13,16% Space Free | Partition Type: NTFS
Computer Name: VUNDE-PC | User Name: vunde | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012.07.01 16:25:10 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\vunde\Downloads\OTL.exe
PRC - [2012.05.24 20:39:22 | 027,112,840 | ---- | M] (Dropbox, Inc.) -- C:\Users\vunde\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2012.05.08 20:40:34 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2012.05.08 20:40:33 | 000,348,624 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.05.08 20:40:33 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.02.19 00:23:48 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012.02.14 22:49:08 | 000,636,032 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
PRC - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.12.27 22:05:11 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2011.12.01 18:11:48 | 000,743,936 | ---- | M] () -- C:\Program Files (x86)\CPUCooL\CooLSrv.exe
PRC - [2011.09.01 17:47:26 | 000,090,448 | ---- | M] (Research In Motion Limited) -- C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
PRC - [2011.07.29 01:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
PRC - [2010.01.15 14:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2009.01.26 15:31:16 | 002,144,088 | RHS- | M] (Safer Networking Limited) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2009.01.26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2007.05.28 18:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
========== Modules (No Company Name) ==========
MOD - [2012.03.23 18:45:28 | 008,527,008 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
MOD - [2012.02.19 00:23:48 | 001,911,768 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2011.11.02 00:26:32 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011.11.02 00:26:12 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011.07.29 01:09:42 | 000,096,112 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011.07.29 01:08:12 | 001,259,376 | ---- | M] () -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2012.02.15 05:13:00 | 000,235,520 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2012.02.14 22:16:40 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012.06.19 22:15:13 | 000,529,232 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012.05.08 20:40:34 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.05.08 20:40:33 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.02.08 19:57:57 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.12.27 22:05:11 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2011.12.01 18:11:48 | 000,743,936 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\CPUCooL\CooLSrv.exe -- (CPUCooLServer)
SRV - [2011.08.12 01:38:04 | 000,140,672 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Programme\SUPERAntiSpyware\SASCore64.exe -- (!SASCORE)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.03.12 06:40:54 | 000,136,544 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe -- (AODService)
SRV - [2010.01.15 14:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2009.09.20 12:55:20 | 001,037,824 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007.05.28 18:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) [Auto | Running] -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2012.05.08 20:40:34 | 000,132,832 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2012.05.08 20:40:34 | 000,098,848 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2012.02.25 22:02:47 | 000,868,848 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2012.02.15 05:48:32 | 010,856,960 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012.02.15 04:13:12 | 000,327,680 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011.12.27 17:56:59 | 000,279,616 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2011.12.15 16:00:00 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2011.12.06 12:26:34 | 000,014,760 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\DRHMSR64.sys -- (DRHMSR64)
DRV:64bit: - [2011.12.05 21:47:30 | 000,095,248 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2011.11.03 19:05:38 | 000,021,984 | ---- | M] (Licensed for Gebhard Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\DRHARD64.sys -- (DRHARD64)
DRV:64bit: - [2011.07.25 17:44:46 | 000,074,752 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb)
DRV:64bit: - [2011.07.20 14:58:22 | 000,044,032 | ---- | M] (Research in Motion Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RimSerial_AMD64.sys -- (RimVSerPort)
DRV:64bit: - [2011.01.15 18:21:04 | 000,036,352 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VClone.sys -- (VClone)
DRV:64bit: - [2010.12.17 00:58:14 | 000,040,816 | ---- | M] (Elaborate Bytes AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV:64bit: - [2010.11.21 05:24:43 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010.11.21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 05:23:48 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub)
DRV:64bit: - [2010.11.21 05:23:48 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:64bit: - [2010.11.21 05:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010.11.21 05:23:48 | 000,034,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2010.11.21 05:23:47 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010.11.21 05:23:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.11 21:12:02 | 000,019,544 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ntiopnp.sys -- (ntiopnp)
DRV:64bit: - [2010.02.18 10:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2009.08.20 18:05:06 | 000,239,616 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 02:10:47 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rootmdm.sys -- (ROOTMODEM)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009.05.05 03:00:28 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO)
DRV - [2012.01.03 22:22:54 | 000,055,936 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Stopped] -- C:\Programme\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.1)
DRV - [2012.01.03 22:22:54 | 000,055,936 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Programme\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.01)
DRV - [2011.12.06 12:26:34 | 000,014,760 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysWOW64\drivers\DRHMSR64.sys -- (DRHMSR64)
DRV - [2011.11.03 19:05:38 | 000,021,984 | ---- | M] (Licensed for Gebhard Software) [Kernel | Auto | Running] -- C:\Windows\SysWOW64\drivers\DRHARD64.sys -- (DRHARD64)
DRV - [2011.07.22 18:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programme\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV - [2011.07.12 23:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programme\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV - [2010.03.12 06:40:48 | 000,052,280 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver.sys -- (AODDriver)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {37483b40-c254-4a72-bda4-22ee90182c1e} - C:\Program Files (x86)\NCH_EN\prxtbNCH_.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2801948
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2801948
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 08 AD 1D C8 E0 BC CC 01 [binary data]
IE - HKCU\..\URLSearchHook: {37483b40-c254-4a72-bda4-22ee90182c1e} - C:\Program Files (x86)\NCH_EN\prxtbNCH_.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2801948
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "data:text/plain,browser.startup.homepage=hxxp://de.search.yahoo.com/firefox/?fr=foxload-sfp"
FF - prefs.js..CommunityToolbar.SearchFromAddressBarSavedUrl: "data:text/plain,keyword.URL=hxxp://de.search.yahoo.com/search?ei=UTF-8&fr=foxload&type=moz35awe&p="
FF - prefs.js..browser.startup.homepage: "data:text/plain,browser.startup.homepage=hxxp://de.search.yahoo.com/firefox/?fr=foxload-sfp"
FF - prefs.js..CommunityToolbar.originalSearchEngine: "data:text/plain,browser.search.defaultenginename=Yahoo"
FF - prefs.js..browser.search.defaultthis.engineName: "NCH EN Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2801948&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "NCH EN Customized Web Search"
FF - prefs.js..browser.startup.homepage: "hxxp://search.conduit.com/?ctid=CT2801948&SearchSource=13"
FF - prefs.js..keyword.URL: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2801948&q="
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011.12.17 20:32:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012.02.08 20:35:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.02.19 00:23:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.01.13 19:17:31 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012.02.08 20:35:31 | 000,000,000 | ---D | M]
[2011.12.17 19:26:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\vunde\AppData\Roaming\mozilla\Extensions
[2012.06.30 20:45:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\vunde\AppData\Roaming\mozilla\Firefox\Profiles\4fh8ajtj.default\extensions
[2012.05.30 09:35:20 | 000,000,000 | ---D | M] (NCH EN Community Toolbar) -- C:\Users\vunde\AppData\Roaming\mozilla\Firefox\Profiles\4fh8ajtj.default\extensions\{37483b40-c254-4a72-bda4-22ee90182c1e}
[2012.05.19 14:59:04 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\vunde\AppData\Roaming\mozilla\Firefox\Profiles\4fh8ajtj.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2012.01.10 20:12:21 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\vunde\AppData\Roaming\mozilla\Firefox\Profiles\4fh8ajtj.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.06.30 20:45:34 | 000,000,000 | ---D | M] (Ask Toolbar) -- C:\Users\vunde\AppData\Roaming\mozilla\Firefox\Profiles\4fh8ajtj.default\extensions\toolbar@ask.com
[2011.12.13 16:06:06 | 000,000,915 | ---- | M] () -- C:\Users\vunde\AppData\Roaming\Mozilla\Firefox\Profiles\4fh8ajtj.default\searchplugins\conduit.xml
[2011.12.17 19:26:05 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2011.12.17 19:26:05 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\distribution\extensions
[2011.12.17 19:26:05 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Program Files (x86)\mozilla firefox\distribution\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2012.02.19 00:23:48 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.02.19 00:23:47 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.02.19 00:23:47 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.02.19 00:23:47 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.02.19 00:23:46 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.02.19 00:23:46 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.02.19 00:23:46 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\vunde\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\vunde\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google-Suche = C:\Users\vunde\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.17_0\
CHR - Extension: Mehr Leistung und Videoformate f\u00FCr dein HTML5 \u003Cvideo\u003E = C:\Users\vunde\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: Google Mail = C:\Users\vunde\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2011.12.17 19:51:42 | 000,000,921 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 genuine.microsoft.com
O1 - Hosts: 127.0.0.1 mpa.one.microsoft.com
O1 - Hosts: 127.0.0.1 sls.microsoft.com
O2:64bit: - BHO: (SteadyVideoBHO Class) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Programme\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (NCH EN Toolbar) - {37483b40-c254-4a72-bda4-22ee90182c1e} - C:\Program Files (x86)\NCH_EN\prxtbNCH_.dll (Conduit Ltd.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (SteadyVideoBHO Class) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL (Microsoft Corporation)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKLM\..\Toolbar: (NCH EN Toolbar) - {37483b40-c254-4a72-bda4-22ee90182c1e} - C:\Program Files (x86)\NCH_EN\prxtbNCH_.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask.com)
O3 - HKCU\..\Toolbar\WebBrowser: (NCH EN Toolbar) - {37483B40-C254-4A72-BDA4-22EE90182C1E} - C:\Program Files (x86)\NCH_EN\prxtbNCH_.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe (Research In Motion Limited)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [ASRockOCTuner] File not found
O4 - HKCU..\Run: [Caugui] C:\Users\vunde\AppData\Roaming\Caugui.scr File not found
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Programme\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - Startup: C:\Users\vunde\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\vunde\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\vunde\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\vunde\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7EF16320-E704-4529-9F43-CCF805438F0D}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18:64bit: - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Programme\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18:64bit: - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Programme\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18 - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{90e6324c-8b05-11e1-a0b1-002522a107cb}\Shell - "" = AutoRun
O33 - MountPoints2\{90e6324c-8b05-11e1-a0b1-002522a107cb}\Shell\AutoRun\command - "" = G:\Setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2012.07.01 14:07:45 | 000,000,000 | ---D | C] -- C:\Users\vunde\AppData\Roaming\Malwarebytes
[2012.07.01 14:05:45 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.07.01 14:05:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.07.01 14:05:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.07.01 14:05:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.07.01 12:44:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva
[2012.07.01 12:44:54 | 000,000,000 | ---D | C] -- C:\Program Files\Recuva
[2012.06.30 21:04:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LSoft Technologies
[2012.06.30 20:45:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ask.com
[2012.06.30 15:49:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\2K Games
[2012.06.30 15:36:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\2K Games
[2012.06.27 19:58:18 | 000,000,000 | ---D | C] -- C:\UseNeXT
[2012.06.27 00:11:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012.06.27 00:11:56 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012.06.27 00:08:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
[2012.06.27 00:08:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2012.06.27 00:08:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2012.06.27 00:04:49 | 000,000,000 | ---D | C] -- C:\Users\vunde\AppData\Roaming\SUPERAntiSpyware.com
[2012.06.27 00:04:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2012.06.27 00:04:43 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2012.06.27 00:04:43 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2012.06.25 22:49:21 | 000,000,000 | ---D | C] -- C:\Users\vunde\Desktop\STICK 25.6
[2012.06.25 22:48:45 | 000,000,000 | ---D | C] -- C:\Users\vunde\Desktop\Wechseldatenträger
[2012.06.19 19:45:18 | 000,000,000 | ---D | C] -- C:\Users\vunde\Desktop\Chemievorlesung
[2012.06.07 20:46:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt
[2012.06.03 14:10:13 | 000,000,000 | ---D | C] -- C:\Users\vunde\AppData\Local\Ironfront
[2012.06.03 14:10:13 | 000,000,000 | ---D | C] -- C:\Users\vunde\Documents\Iron Front
[2012.06.03 14:08:32 | 000,000,000 | ---D | C] -- C:\Users\vunde\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AWAR
[2012.06.03 14:08:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AWAR
[2012.06.03 13:57:06 | 000,000,000 | ---D | C] -- C:\Program Files\AWAR
[6 C:\*.tmp files -> C:\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012.07.01 16:30:28 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.07.01 16:30:22 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.07.01 16:30:14 | 3220,627,456 | -HS- | M] () -- C:\hiberfil.sys
[2012.07.01 16:29:29 | 000,021,552 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.07.01 16:29:29 | 000,021,552 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.07.01 16:28:56 | 000,000,202 | ---- | M] () -- C:\Users\vunde\defogger_reenable
[2012.07.01 15:40:01 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.07.01 14:05:46 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.07.01 14:04:34 | 000,015,218 | ---- | M] () -- C:\Users\vunde\Desktop\get-mirror-server.html
[2012.07.01 13:13:36 | 3145,728,000 | ---- | M] () -- C:\4{3808876b-c176-4e48-b7ae-04046e6cc752}
[2012.06.30 15:52:17 | 000,214,685 | ---- | M] () -- C:\Users\vunde\Desktop\Bestätigung.jpg
[2012.06.30 15:49:37 | 000,002,424 | ---- | M] () -- C:\Users\Public\Desktop\Spec Ops The Line.lnk
[2012.06.29 20:22:24 | 000,149,682 | ---- | M] () -- C:\Users\vunde\Desktop\schichtplan07.jpg
[2012.06.28 08:54:17 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.06.28 08:54:17 | 000,653,928 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.06.28 08:54:17 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.06.28 08:54:17 | 000,129,800 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.06.28 08:54:17 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.06.27 00:11:59 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.06.27 00:08:27 | 000,001,258 | ---- | M] () -- C:\Users\vunde\Desktop\Spybot - Search & Destroy.lnk
[2012.06.27 00:04:46 | 000,001,808 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012.06.26 10:36:19 | 000,004,573 | ---- | M] () -- C:\2D07Am01
[2012.06.26 10:35:51 | 000,004,466 | ---- | M] () -- C:\54FEBm01
[2012.06.26 10:35:45 | 000,004,536 | ---- | M] () -- C:\3E1C8m01
[2012.06.26 10:35:45 | 000,004,532 | ---- | M] () -- C:\06512m01
[2012.06.26 10:35:45 | 000,004,488 | ---- | M] () -- C:\47F2Bm01
[2012.06.26 10:35:45 | 000,004,478 | ---- | M] () -- C:\F60BCm01
[2012.06.26 09:17:19 | 000,019,872 | ---- | M] () -- C:\61B70d01
[2012.06.26 09:17:02 | 000,015,314 | ---- | M] () -- C:\608ACd01
[2012.06.26 09:17:02 | 000,006,182 | ---- | M] () -- C:\608ACm01
[2012.06.25 22:48:36 | 000,004,940 | ---- | M] () -- C:\9EB8Bm01
[2012.06.24 12:36:15 | 000,021,297 | ---- | M] () -- C:\9EB8Bd01
[2012.06.19 09:08:25 | 000,000,544 | ---- | M] () -- C:\$IR8VKNQ.sfv
[2012.06.19 09:08:25 | 000,000,544 | ---- | M] () -- C:\$ILLEY4N.mp3
[2012.06.19 09:08:25 | 000,000,544 | ---- | M] () -- C:\$IJ16N1B.mp3
[2012.06.19 09:08:25 | 000,000,544 | ---- | M] () -- C:\$IGJ7T7X.mp3
[2012.06.19 09:08:25 | 000,000,544 | ---- | M] () -- C:\$IA5H36C.mp3
[2012.06.19 09:08:25 | 000,000,544 | ---- | M] () -- C:\$I4K1T1E.mp3
[2012.06.19 09:08:25 | 000,000,544 | ---- | M] () -- C:\$I2LTISS.mp3
[2012.06.19 09:08:02 | 000,000,544 | ---- | M] () -- C:\$IYSMWPL.mp3
[2012.06.19 09:08:02 | 000,000,544 | ---- | M] () -- C:\$IYAXB6V.mp3
[2012.06.19 09:08:02 | 000,000,544 | ---- | M] () -- C:\$IRL5MO9.mp3
[2012.06.19 09:08:02 | 000,000,544 | ---- | M] () -- C:\$IRJ6IEP.mp3
[2012.06.19 09:08:02 | 000,000,544 | ---- | M] () -- C:\$INZTXOZ.mp3
[2012.06.19 09:08:02 | 000,000,544 | ---- | M] () -- C:\$IMQ2360.mp3
[2012.06.19 09:08:02 | 000,000,544 | ---- | M] () -- C:\$IL1WEWO.mp3
[2012.06.19 09:08:02 | 000,000,544 | ---- | M] () -- C:\$IDCN8SC.mp3
[2012.06.19 09:08:02 | 000,000,544 | ---- | M] () -- C:\$IA963B4.mp3
[2012.06.19 09:08:02 | 000,000,544 | ---- | M] () -- C:\$I7Y9CLS.mp3
[2012.06.19 09:08:01 | 000,000,544 | ---- | M] () -- C:\$I6EBE0V.sfv
[2012.06.19 08:39:28 | 005,537,756 | ---- | M] () -- C:\$RNZTXOZ.mp3
[2012.06.19 08:39:20 | 008,758,635 | ---- | M] () -- C:\$RDCN8SC.mp3
[2012.06.19 08:39:11 | 007,266,977 | ---- | M] () -- C:\$RYSMWPL.mp3
[2012.06.19 08:38:55 | 005,322,826 | ---- | M] () -- C:\$RMQ2360.mp3
[2012.06.19 08:38:53 | 008,617,975 | ---- | M] () -- C:\$R7Y9CLS.mp3
[2012.06.19 08:38:35 | 008,136,892 | ---- | M] () -- C:\$RL1WEWO.mp3
[2012.06.19 08:38:28 | 010,965,344 | ---- | M] () -- C:\$RA963B4.mp3
[2012.06.19 08:38:07 | 005,574,490 | ---- | M] () -- C:\$RRJ6IEP.mp3
[2012.06.19 08:37:54 | 010,097,025 | ---- | M] () -- C:\$RRL5MO9.mp3
[2012.06.19 08:37:30 | 000,000,513 | ---- | M] () -- C:\$R6EBE0V.sfv
[2012.06.19 08:24:37 | 010,223,959 | ---- | M] () -- C:\$R2LTISS.mp3
[2012.06.19 08:24:21 | 007,048,940 | ---- | M] () -- C:\$RA5H36C.mp3
[2012.06.19 08:24:18 | 008,338,251 | ---- | M] () -- C:\$RGJ7T7X.mp3
[2012.06.19 08:24:02 | 009,457,389 | ---- | M] () -- C:\$R4K1T1E.mp3
[2012.06.19 08:23:50 | 026,522,537 | ---- | M] () -- C:\$RJ16N1B.mp3
[2012.06.19 08:23:12 | 006,408,828 | ---- | M] () -- C:\$RLLEY4N.mp3
[2012.06.12 11:41:29 | 000,002,340 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012.06.11 11:05:48 | 000,275,804 | ---- | M] () -- C:\Users\vunde\Desktop\cleopatra_1963_735x580_185280.jpg
[2012.06.06 19:45:46 | 008,830,570 | ---- | M] () -- C:\Users\vunde\Desktop\quickies-2011(1)
[2012.06.06 18:45:54 | 000,001,049 | ---- | M] () -- C:\Users\vunde\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2012.06.06 18:45:43 | 000,001,017 | ---- | M] () -- C:\Users\vunde\Desktop\Dropbox.lnk
[6 C:\*.tmp files -> C:\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.07.01 16:28:56 | 000,000,202 | ---- | C] () -- C:\Users\vunde\defogger_reenable
[2012.07.01 14:05:46 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.07.01 14:04:31 | 000,015,218 | ---- | C] () -- C:\Users\vunde\Desktop\get-mirror-server.html
[2012.07.01 13:13:36 | 3145,728,000 | ---- | C] () -- C:\4{3808876b-c176-4e48-b7ae-04046e6cc752}
[2012.06.30 15:52:15 | 000,214,685 | ---- | C] () -- C:\Users\vunde\Desktop\Bestätigung.jpg
[2012.06.30 15:49:37 | 000,002,424 | ---- | C] () -- C:\Users\Public\Desktop\Spec Ops The Line.lnk
[2012.06.27 00:11:59 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.06.27 00:08:27 | 000,001,258 | ---- | C] () -- C:\Users\vunde\Desktop\Spybot - Search & Destroy.lnk
[2012.06.27 00:04:46 | 000,001,808 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012.06.26 10:36:19 | 000,004,573 | ---- | C] () -- C:\2D07Am01
[2012.06.26 10:35:51 | 000,004,466 | ---- | C] () -- C:\54FEBm01
[2012.06.26 10:35:45 | 000,004,536 | ---- | C] () -- C:\3E1C8m01
[2012.06.26 10:35:45 | 000,004,532 | ---- | C] () -- C:\06512m01
[2012.06.26 10:35:45 | 000,004,488 | ---- | C] () -- C:\47F2Bm01
[2012.06.26 10:35:45 | 000,004,478 | ---- | C] () -- C:\F60BCm01
[2012.06.26 09:17:19 | 000,019,872 | ---- | C] () -- C:\61B70d01
[2012.06.26 09:17:02 | 000,015,314 | ---- | C] () -- C:\608ACd01
[2012.06.26 09:17:02 | 000,006,182 | ---- | C] () -- C:\608ACm01
[2012.06.26 08:26:50 | 000,149,682 | ---- | C] () -- C:\Users\vunde\Desktop\schichtplan07.jpg
[2012.06.25 22:48:36 | 000,004,940 | ---- | C] () -- C:\9EB8Bm01
[2012.06.24 12:36:15 | 000,021,297 | ---- | C] () -- C:\9EB8Bd01
[2012.06.19 09:08:25 | 000,000,544 | ---- | C] () -- C:\$IR8VKNQ.sfv
[2012.06.19 09:08:25 | 000,000,544 | ---- | C] () -- C:\$ILLEY4N.mp3
[2012.06.19 09:08:25 | 000,000,544 | ---- | C] () -- C:\$IJ16N1B.mp3
[2012.06.19 09:08:25 | 000,000,544 | ---- | C] () -- C:\$IGJ7T7X.mp3
[2012.06.19 09:08:25 | 000,000,544 | ---- | C] () -- C:\$IA5H36C.mp3
[2012.06.19 09:08:25 | 000,000,544 | ---- | C] () -- C:\$I4K1T1E.mp3
[2012.06.19 09:08:25 | 000,000,544 | ---- | C] () -- C:\$I2LTISS.mp3
[2012.06.19 09:08:02 | 000,000,544 | ---- | C] () -- C:\$IYSMWPL.mp3
[2012.06.19 09:08:02 | 000,000,544 | ---- | C] () -- C:\$IYAXB6V.mp3
[2012.06.19 09:08:02 | 000,000,544 | ---- | C] () -- C:\$IRL5MO9.mp3
[2012.06.19 09:08:02 | 000,000,544 | ---- | C] () -- C:\$IRJ6IEP.mp3
[2012.06.19 09:08:02 | 000,000,544 | ---- | C] () -- C:\$INZTXOZ.mp3
[2012.06.19 09:08:02 | 000,000,544 | ---- | C] () -- C:\$IMQ2360.mp3
[2012.06.19 09:08:02 | 000,000,544 | ---- | C] () -- C:\$IL1WEWO.mp3
[2012.06.19 09:08:02 | 000,000,544 | ---- | C] () -- C:\$IDCN8SC.mp3
[2012.06.19 09:08:02 | 000,000,544 | ---- | C] () -- C:\$IA963B4.mp3
[2012.06.19 09:08:02 | 000,000,544 | ---- | C] () -- C:\$I7Y9CLS.mp3
[2012.06.19 09:08:01 | 000,000,544 | ---- | C] () -- C:\$I6EBE0V.sfv
[2012.06.19 08:39:18 | 005,537,756 | ---- | C] () -- C:\$RNZTXOZ.mp3
[2012.06.19 08:39:00 | 008,758,635 | ---- | C] () -- C:\$RDCN8SC.mp3
[2012.06.19 08:38:55 | 007,266,977 | ---- | C] () -- C:\$RYSMWPL.mp3
[2012.06.19 08:38:41 | 005,322,826 | ---- | C] () -- C:\$RMQ2360.mp3
[2012.06.19 08:38:31 | 008,617,975 | ---- | C] () -- C:\$R7Y9CLS.mp3
[2012.06.19 08:38:11 | 008,136,892 | ---- | C] () -- C:\$RL1WEWO.mp3
[2012.06.19 08:37:58 | 010,965,344 | ---- | C] () -- C:\$RA963B4.mp3
[2012.06.19 08:37:56 | 005,574,490 | ---- | C] () -- C:\$RRJ6IEP.mp3
[2012.06.19 08:37:30 | 010,097,025 | ---- | C] () -- C:\$RRL5MO9.mp3
[2012.06.19 08:37:30 | 000,000,513 | ---- | C] () -- C:\$R6EBE0V.sfv
[2012.06.19 08:24:22 | 010,223,959 | ---- | C] () -- C:\$R2LTISS.mp3
[2012.06.19 08:24:08 | 007,048,940 | ---- | C] () -- C:\$RA5H36C.mp3
[2012.06.19 08:23:57 | 008,338,251 | ---- | C] () -- C:\$RGJ7T7X.mp3
[2012.06.19 08:23:37 | 009,457,389 | ---- | C] () -- C:\$R4K1T1E.mp3
[2012.06.19 08:22:59 | 026,522,537 | ---- | C] () -- C:\$RJ16N1B.mp3
[2012.06.19 08:22:57 | 006,408,828 | ---- | C] () -- C:\$RLLEY4N.mp3
[2012.06.11 11:04:02 | 000,275,804 | ---- | C] () -- C:\Users\vunde\Desktop\cleopatra_1963_735x580_185280.jpg
[2012.06.06 19:55:41 | 008,830,570 | ---- | C] () -- C:\Users\vunde\Desktop\quickies-2011(1)
[2012.04.23 21:22:21 | 000,009,728 | ---- | C] () -- C:\Users\vunde\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.03.21 17:57:44 | 000,001,025 | ---- | C] () -- C:\Windows\SysWow64\sysprs7.dll
[2012.03.21 17:57:44 | 000,000,205 | ---- | C] () -- C:\Windows\SysWow64\lsprst7.dll
[2012.03.14 11:43:08 | 000,007,602 | ---- | C] () -- C:\Users\vunde\AppData\Local\Resmon.ResmonCfg
[2012.02.15 04:36:36 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012.02.15 04:36:36 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012.02.14 22:05:16 | 000,054,784 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2012.02.08 20:27:19 | 000,226,478 | ---- | C] () -- C:\Windows\hpoins18.dat
[2012.02.08 20:27:19 | 000,005,355 | ---- | C] () -- C:\Windows\hpomdl18.dat
[2012.01.31 06:00:24 | 000,016,896 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2012.01.12 11:15:21 | 000,014,760 | ---- | C] () -- C:\Windows\SysWow64\drivers\DRHMSR64.sys
[2011.12.27 22:05:12 | 000,189,248 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011.12.27 22:05:11 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011.12.18 12:45:42 | 000,146,432 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2011.12.18 12:45:42 | 000,072,704 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2011.12.17 19:51:42 | 000,002,048 | ---- | C] () -- C:\Windows\SysWow64\winver.exe
[2011.12.17 19:37:10 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011.10.15 01:54:52 | 000,321,856 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2011.09.13 01:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
========== LOP Check ==========
[2012.06.30 20:35:42 | 000,000,000 | ---D | M] -- C:\Users\vunde\AppData\Roaming\DAEMON Tools Lite
[2012.07.01 16:31:25 | 000,000,000 | ---D | M] -- C:\Users\vunde\AppData\Roaming\Dropbox
[2012.01.10 20:12:25 | 000,000,000 | ---D | M] -- C:\Users\vunde\AppData\Roaming\DVDVideoSoft
[2012.01.10 20:12:20 | 000,000,000 | ---D | M] -- C:\Users\vunde\AppData\Roaming\DVDVideoSoftIEHelpers
[2012.06.07 20:46:48 | 000,000,000 | ---D | M] -- C:\Users\vunde\AppData\Roaming\Kalypso Media
[2012.01.10 20:08:15 | 000,000,000 | ---D | M] -- C:\Users\vunde\AppData\Roaming\NCH Swift Sound
[2012.02.08 22:05:22 | 000,000,000 | ---D | M] -- C:\Users\vunde\AppData\Roaming\pdfforge
[2011.12.27 22:05:08 | 000,000,000 | ---D | M] -- C:\Users\vunde\AppData\Roaming\PunkBuster
[2012.04.23 21:21:53 | 000,000,000 | ---D | M] -- C:\Users\vunde\AppData\Roaming\Research In Motion
[2012.03.23 18:49:39 | 000,000,000 | ---D | M] -- C:\Users\vunde\AppData\Roaming\The Creative Assembly
[2011.12.27 18:01:45 | 000,000,000 | ---D | M] -- C:\Users\vunde\AppData\Roaming\Ubisoft
[2012.06.30 21:08:19 | 000,000,000 | ---D | M] -- C:\Users\vunde\AppData\Roaming\UseNeXT
[2012.06.13 09:50:57 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
< End of report >
--- --- ---
vielen Dank für Eure Hilfe! |
