LissmannMUC | 11.04.2013 19:58 | Hallo cosinus,
erstmal DANKE für deine schnelle Antwort!!!! Ich habe nach der unten angefügten Anleitung gehandelt. http://www.trojaner-board.de/133520-...y-de-gmbh.html
hier noch, wie in obiger Anleitung beschrieben, die logs.
sollte ich noch irgendwelche scans durchführen und hier posten????? Bin auf diesem Gebiet ziemlich unerfahren. Ich hoffe man sieht es mir nach????
1. das ist die gmer nach dem neustart Code:
GMER 2.1.19163 - hxxp://www.gmer.net
Rootkit scan 2013-04-11 20:35:02
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 WDC_WD32 rev.01.0 298,09GB
Running: mxysc2of.exe; Driver: C:\Users\Dani\AppData\Local\Temp\fgtdypog.sys
---- User code sections - GMER 2.1 ----
.text C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe[1820] C:\windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000765d1465 2 bytes [5D, 76]
.text C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe[1820] C:\windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000765d14bb 2 bytes [5D, 76]
.text ... * 2
.text C:\windows\SysWOW64\PnkBstrA.exe[1276] C:\windows\SysWOW64\WSOCK32.dll!setsockopt + 322 0000000073551a22 2 bytes [55, 73]
.text C:\windows\SysWOW64\PnkBstrA.exe[1276] C:\windows\SysWOW64\WSOCK32.dll!setsockopt + 496 0000000073551ad0 2 bytes [55, 73]
.text C:\windows\SysWOW64\PnkBstrA.exe[1276] C:\windows\SysWOW64\WSOCK32.dll!setsockopt + 552 0000000073551b08 2 bytes [55, 73]
.text C:\windows\SysWOW64\PnkBstrA.exe[1276] C:\windows\SysWOW64\WSOCK32.dll!setsockopt + 730 0000000073551bba 2 bytes [55, 73]
.text C:\windows\SysWOW64\PnkBstrA.exe[1276] C:\windows\SysWOW64\WSOCK32.dll!setsockopt + 762 0000000073551bda 2 bytes [55, 73]
.text C:\windows\SysWOW64\PnkBstrA.exe[1276] C:\windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000765d1465 2 bytes [5D, 76]
.text C:\windows\SysWOW64\PnkBstrA.exe[1276] C:\windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000765d14bb 2 bytes [5D, 76]
.text ... * 2
.text C:\Users\Dani\AppData\Local\Smartbar\Application\QuickShare.exe[828] C:\windows\syswow64\psapi.dll!GetModuleInformation + 69 00000000765d1465 2 bytes [5D, 76]
.text C:\Users\Dani\AppData\Local\Smartbar\Application\QuickShare.exe[828] C:\windows\syswow64\psapi.dll!GetModuleInformation + 155 00000000765d14bb 2 bytes [5D, 76]
.text ... * 2
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[3744] C:\windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000765d1465 2 bytes [5D, 76]
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[3744] C:\windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000765d14bb 2 bytes [5D, 76]
.text ... * 2
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[636] C:\windows\SysWOW64\ntdll.dll!NtSetInformationThread + 5 0000000077a8f991 7 bytes {MOV EDX, 0x696a28; JMP RDX}
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[636] C:\windows\SysWOW64\ntdll.dll!NtOpenThreadToken + 5 0000000077a8fbd5 7 bytes {MOV EDX, 0x696a68; JMP RDX}
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[636] C:\windows\SysWOW64\ntdll.dll!NtOpenProcess + 5 0000000077a8fc05 7 bytes {MOV EDX, 0x6969a8; JMP RDX}
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[636] C:\windows\SysWOW64\ntdll.dll!NtSetInformationFile + 5 0000000077a8fc1d 7 bytes {MOV EDX, 0x696928; JMP RDX}
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[636] C:\windows\SysWOW64\ntdll.dll!NtMapViewOfSection + 5 0000000077a8fc35 7 bytes {MOV EDX, 0x696b28; JMP RDX}
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[636] C:\windows\SysWOW64\ntdll.dll!NtUnmapViewOfSection + 5 0000000077a8fc65 7 bytes {MOV EDX, 0x696b68; JMP RDX}
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[636] C:\windows\SysWOW64\ntdll.dll!NtOpenThreadTokenEx + 5 0000000077a8fce5 7 bytes {MOV EDX, 0x696ae8; JMP RDX}
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[636] C:\windows\SysWOW64\ntdll.dll!NtOpenProcessTokenEx + 5 0000000077a8fcfd 7 bytes {MOV EDX, 0x696aa8; JMP RDX}
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[636] C:\windows\SysWOW64\ntdll.dll!NtOpenFile + 5 0000000077a8fd49 7 bytes {MOV EDX, 0x696868; JMP RDX}
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[636] C:\windows\SysWOW64\ntdll.dll!NtQueryAttributesFile + 5 0000000077a8fe41 7 bytes {MOV EDX, 0x6968a8; JMP RDX}
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[636] C:\windows\SysWOW64\ntdll.dll!NtCreateFile + 5 0000000077a90099 7 bytes {MOV EDX, 0x696828; JMP RDX}
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[636] C:\windows\SysWOW64\ntdll.dll!NtOpenProcessToken + 5 0000000077a910a5 7 bytes {MOV EDX, 0x6969e8; JMP RDX}
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[636] C:\windows\SysWOW64\ntdll.dll!NtOpenThread + 5 0000000077a9111d 7 bytes {MOV EDX, 0x696968; JMP RDX}
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[636] C:\windows\SysWOW64\ntdll.dll!NtQueryFullAttributesFile + 5 0000000077a91321 7 bytes {MOV EDX, 0x6968e8; JMP RDX}
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[636] C:\windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000765d1465 2 bytes [5D, 76]
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[636] C:\windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000765d14bb 2 bytes [5D, 76]
.text ... * 2
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[3396] C:\windows\SysWOW64\ntdll.dll!NtSetInformationThread + 5 0000000077a8f991 7 bytes {MOV EDX, 0x32a628; JMP RDX}
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[3396] C:\windows\SysWOW64\ntdll.dll!NtOpenThreadToken + 5 0000000077a8fbd5 7 bytes {MOV EDX, 0x32a668; JMP RDX}
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[3396] C:\windows\SysWOW64\ntdll.dll!NtOpenProcess + 5 0000000077a8fc05 7 bytes {MOV EDX, 0x32a5a8; JMP RDX}
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[3396] C:\windows\SysWOW64\ntdll.dll!NtSetInformationFile + 5 0000000077a8fc1d 7 bytes {MOV EDX, 0x32a528; JMP RDX}
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[3396] C:\windows\SysWOW64\ntdll.dll!NtMapViewOfSection + 5 0000000077a8fc35 7 bytes {MOV EDX, 0x32a728; JMP RDX}
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[3396] C:\windows\SysWOW64\ntdll.dll!NtUnmapViewOfSection + 5 0000000077a8fc65 7 bytes {MOV EDX, 0x32a768; JMP RDX}
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[3396] C:\windows\SysWOW64\ntdll.dll!NtOpenThreadTokenEx + 5 0000000077a8fce5 7 bytes {MOV EDX, 0x32a6e8; JMP RDX}
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[3396] C:\windows\SysWOW64\ntdll.dll!NtOpenProcessTokenEx + 5 0000000077a8fcfd 7 bytes {MOV EDX, 0x32a6a8; JMP RDX}
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[3396] C:\windows\SysWOW64\ntdll.dll!NtOpenFile + 5 0000000077a8fd49 7 bytes {MOV EDX, 0x32a468; JMP RDX}
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[3396] C:\windows\SysWOW64\ntdll.dll!NtQueryAttributesFile + 5 0000000077a8fe41 7 bytes {MOV EDX, 0x32a4a8; JMP RDX}
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[3396] C:\windows\SysWOW64\ntdll.dll!NtCreateFile + 5 0000000077a90099 7 bytes {MOV EDX, 0x32a428; JMP RDX}
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[3396] C:\windows\SysWOW64\ntdll.dll!NtOpenProcessToken + 5 0000000077a910a5 7 bytes {MOV EDX, 0x32a5e8; JMP RDX}
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[3396] C:\windows\SysWOW64\ntdll.dll!NtOpenThread + 5 0000000077a9111d 7 bytes {MOV EDX, 0x32a568; JMP RDX}
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[3396] C:\windows\SysWOW64\ntdll.dll!NtQueryFullAttributesFile + 5 0000000077a91321 7 bytes {MOV EDX, 0x32a4e8; JMP RDX}
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[3396] C:\windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000765d1465 2 bytes [5D, 76]
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[3396] C:\windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000765d14bb 2 bytes [5D, 76]
.text ... * 2
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[3588] C:\windows\SysWOW64\ntdll.dll!NtSetInformationThread + 5 0000000077a8f991 7 bytes {MOV EDX, 0xae5a28; JMP RDX}
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[3588] C:\windows\SysWOW64\ntdll.dll!NtOpenThreadToken + 5 0000000077a8fbd5 7 bytes {MOV EDX, 0xae5a68; JMP RDX}
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[3588] C:\windows\SysWOW64\ntdll.dll!NtOpenProcess + 5 0000000077a8fc05 7 bytes {MOV EDX, 0xae59a8; JMP RDX}
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[3588] C:\windows\SysWOW64\ntdll.dll!NtSetInformationFile + 5 0000000077a8fc1d 7 bytes {MOV EDX, 0xae5928; JMP RDX}
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[3588] C:\windows\SysWOW64\ntdll.dll!NtMapViewOfSection + 5 0000000077a8fc35 7 bytes {MOV EDX, 0xae5b28; JMP RDX}
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[3588] C:\windows\SysWOW64\ntdll.dll!NtUnmapViewOfSection + 5 0000000077a8fc65 7 bytes {MOV EDX, 0xae5b68; JMP RDX}
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[3588] C:\windows\SysWOW64\ntdll.dll!NtOpenThreadTokenEx + 5 0000000077a8fce5 7 bytes {MOV EDX, 0xae5ae8; JMP RDX}
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[3588] C:\windows\SysWOW64\ntdll.dll!NtOpenProcessTokenEx + 5 0000000077a8fcfd 7 bytes {MOV EDX, 0xae5aa8; JMP RDX}
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[3588] C:\windows\SysWOW64\ntdll.dll!NtOpenFile + 5 0000000077a8fd49 7 bytes {MOV EDX, 0xae5868; JMP RDX}
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[3588] C:\windows\SysWOW64\ntdll.dll!NtQueryAttributesFile + 5 0000000077a8fe41 7 bytes {MOV EDX, 0xae58a8; JMP RDX}
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[3588] C:\windows\SysWOW64\ntdll.dll!NtCreateFile + 5 0000000077a90099 7 bytes {MOV EDX, 0xae5828; JMP RDX}
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[3588] C:\windows\SysWOW64\ntdll.dll!NtOpenProcessToken + 5 0000000077a910a5 7 bytes {MOV EDX, 0xae59e8; JMP RDX}
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[3588] C:\windows\SysWOW64\ntdll.dll!NtOpenThread + 5 0000000077a9111d 7 bytes {MOV EDX, 0xae5968; JMP RDX}
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[3588] C:\windows\SysWOW64\ntdll.dll!NtQueryFullAttributesFile + 5 0000000077a91321 7 bytes {MOV EDX, 0xae58e8; JMP RDX}
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[3588] C:\windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000765d1465 2 bytes [5D, 76]
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[3588] C:\windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000765d14bb 2 bytes [5D, 76]
.text ... * 2
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[4136] C:\windows\SysWOW64\ntdll.dll!NtSetInformationThread + 5 0000000077a8f991 7 bytes {MOV EDX, 0xc10228; JMP RDX}
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[4136] C:\windows\SysWOW64\ntdll.dll!NtOpenThreadToken + 5 0000000077a8fbd5 7 bytes {MOV EDX, 0xc10268; JMP RDX}
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[4136] C:\windows\SysWOW64\ntdll.dll!NtOpenProcess + 5 0000000077a8fc05 7 bytes {MOV EDX, 0xc101a8; JMP RDX}
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[4136] C:\windows\SysWOW64\ntdll.dll!NtSetInformationFile + 5 0000000077a8fc1d 7 bytes {MOV EDX, 0xc10128; JMP RDX}
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[4136] C:\windows\SysWOW64\ntdll.dll!NtMapViewOfSection + 5 0000000077a8fc35 7 bytes {MOV EDX, 0xc10328; JMP RDX}
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[4136] C:\windows\SysWOW64\ntdll.dll!NtUnmapViewOfSection + 5 0000000077a8fc65 7 bytes {MOV EDX, 0xc10368; JMP RDX}
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[4136] C:\windows\SysWOW64\ntdll.dll!NtOpenThreadTokenEx + 5 0000000077a8fce5 7 bytes {MOV EDX, 0xc102e8; JMP RDX}
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[4136] C:\windows\SysWOW64\ntdll.dll!NtOpenProcessTokenEx + 5 0000000077a8fcfd 7 bytes {MOV EDX, 0xc102a8; JMP RDX}
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[4136] C:\windows\SysWOW64\ntdll.dll!NtOpenFile + 5 0000000077a8fd49 7 bytes {MOV EDX, 0xc10068; JMP RDX}
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[4136] C:\windows\SysWOW64\ntdll.dll!NtQueryAttributesFile + 5 0000000077a8fe41 7 bytes {MOV EDX, 0xc100a8; JMP RDX}
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[4136] C:\windows\SysWOW64\ntdll.dll!NtCreateFile + 5 0000000077a90099 7 bytes {MOV EDX, 0xc10028; JMP RDX}
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[4136] C:\windows\SysWOW64\ntdll.dll!NtOpenProcessToken + 5 0000000077a910a5 7 bytes {MOV EDX, 0xc101e8; JMP RDX}
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[4136] C:\windows\SysWOW64\ntdll.dll!NtOpenThread + 5 0000000077a9111d 7 bytes {MOV EDX, 0xc10168; JMP RDX}
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[4136] C:\windows\SysWOW64\ntdll.dll!NtQueryFullAttributesFile + 5 0000000077a91321 7 bytes {MOV EDX, 0xc100e8; JMP RDX}
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[4136] C:\windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000765d1465 2 bytes [5D, 76]
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[4136] C:\windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000765d14bb 2 bytes [5D, 76]
.text ... * 2
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[4296] C:\windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000765d1465 2 bytes [5D, 76]
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[4296] C:\windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000765d14bb 2 bytes [5D, 76]
.text ... * 2
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[4604] C:\windows\SysWOW64\ntdll.dll!NtSetInformationThread + 5 0000000077a8f991 7 bytes {MOV EDX, 0xa18628; JMP RDX}
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[4604] C:\windows\SysWOW64\ntdll.dll!NtOpenThreadToken + 5 0000000077a8fbd5 7 bytes {MOV EDX, 0xa18668; JMP RDX}
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[4604] C:\windows\SysWOW64\ntdll.dll!NtOpenProcess + 5 0000000077a8fc05 7 bytes {MOV EDX, 0xa185a8; JMP RDX}
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[4604] C:\windows\SysWOW64\ntdll.dll!NtSetInformationFile + 5 0000000077a8fc1d 7 bytes {MOV EDX, 0xa18528; JMP RDX}
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[4604] C:\windows\SysWOW64\ntdll.dll!NtMapViewOfSection + 5 0000000077a8fc35 7 bytes {MOV EDX, 0xa18728; JMP RDX}
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[4604] C:\windows\SysWOW64\ntdll.dll!NtUnmapViewOfSection + 5 0000000077a8fc65 7 bytes {MOV EDX, 0xa18768; JMP RDX}
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[4604] C:\windows\SysWOW64\ntdll.dll!NtOpenThreadTokenEx + 5 0000000077a8fce5 7 bytes {MOV EDX, 0xa186e8; JMP RDX}
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[4604] C:\windows\SysWOW64\ntdll.dll!NtOpenProcessTokenEx + 5 0000000077a8fcfd 7 bytes {MOV EDX, 0xa186a8; JMP RDX}
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[4604] C:\windows\SysWOW64\ntdll.dll!NtOpenFile + 5 0000000077a8fd49 7 bytes {MOV EDX, 0xa18468; JMP RDX}
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[4604] C:\windows\SysWOW64\ntdll.dll!NtQueryAttributesFile + 5 0000000077a8fe41 7 bytes {MOV EDX, 0xa184a8; JMP RDX}
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[4604] C:\windows\SysWOW64\ntdll.dll!NtCreateFile + 5 0000000077a90099 7 bytes {MOV EDX, 0xa18428; JMP RDX}
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[4604] C:\windows\SysWOW64\ntdll.dll!NtOpenProcessToken + 5 0000000077a910a5 7 bytes {MOV EDX, 0xa185e8; JMP RDX}
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[4604] C:\windows\SysWOW64\ntdll.dll!NtOpenThread + 5 0000000077a9111d 7 bytes {MOV EDX, 0xa18568; JMP RDX}
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[4604] C:\windows\SysWOW64\ntdll.dll!NtQueryFullAttributesFile + 5 0000000077a91321 7 bytes {MOV EDX, 0xa184e8; JMP RDX}
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[4604] C:\windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000765d1465 2 bytes [5D, 76]
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[4604] C:\windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000765d14bb 2 bytes [5D, 76]
.text ... * 2
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[2040] C:\windows\SysWOW64\ntdll.dll!NtSetInformationThread + 5 0000000077a8f991 7 bytes {MOV EDX, 0x3ae628; JMP RDX}
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[2040] C:\windows\SysWOW64\ntdll.dll!NtOpenThreadToken + 5 0000000077a8fbd5 7 bytes {MOV EDX, 0x3ae668; JMP RDX}
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[2040] C:\windows\SysWOW64\ntdll.dll!NtOpenProcess + 5 0000000077a8fc05 7 bytes {MOV EDX, 0x3ae5a8; JMP RDX}
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[2040] C:\windows\SysWOW64\ntdll.dll!NtSetInformationFile + 5 0000000077a8fc1d 7 bytes {MOV EDX, 0x3ae528; JMP RDX}
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[2040] C:\windows\SysWOW64\ntdll.dll!NtMapViewOfSection + 5 0000000077a8fc35 7 bytes {MOV EDX, 0x3ae728; JMP RDX}
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[2040] C:\windows\SysWOW64\ntdll.dll!NtUnmapViewOfSection + 5 0000000077a8fc65 7 bytes {MOV EDX, 0x3ae768; JMP RDX}
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[2040] C:\windows\SysWOW64\ntdll.dll!NtOpenThreadTokenEx + 5 0000000077a8fce5 7 bytes {MOV EDX, 0x3ae6e8; JMP RDX}
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[2040] C:\windows\SysWOW64\ntdll.dll!NtOpenProcessTokenEx + 5 0000000077a8fcfd 7 bytes {MOV EDX, 0x3ae6a8; JMP RDX}
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[2040] C:\windows\SysWOW64\ntdll.dll!NtOpenFile + 5 0000000077a8fd49 7 bytes {MOV EDX, 0x3ae468; JMP RDX}
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[2040] C:\windows\SysWOW64\ntdll.dll!NtQueryAttributesFile + 5 0000000077a8fe41 7 bytes {MOV EDX, 0x3ae4a8; JMP RDX}
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[2040] C:\windows\SysWOW64\ntdll.dll!NtCreateFile + 5 0000000077a90099 7 bytes {MOV EDX, 0x3ae428; JMP RDX}
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[2040] C:\windows\SysWOW64\ntdll.dll!NtOpenProcessToken + 5 0000000077a910a5 7 bytes {MOV EDX, 0x3ae5e8; JMP RDX}
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[2040] C:\windows\SysWOW64\ntdll.dll!NtOpenThread + 5 0000000077a9111d 7 bytes {MOV EDX, 0x3ae568; JMP RDX}
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[2040] C:\windows\SysWOW64\ntdll.dll!NtQueryFullAttributesFile + 5 0000000077a91321 7 bytes {MOV EDX, 0x3ae4e8; JMP RDX}
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[2040] C:\windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000765d1465 2 bytes [5D, 76]
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[2040] C:\windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000765d14bb 2 bytes [5D, 76]
.text ... * 2
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[5152] C:\windows\SysWOW64\ntdll.dll!NtSetInformationThread + 5 0000000077a8f991 7 bytes {MOV EDX, 0x3a9a28; JMP RDX}
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[5152] C:\windows\SysWOW64\ntdll.dll!NtOpenThreadToken + 5 0000000077a8fbd5 7 bytes {MOV EDX, 0x3a9a68; JMP RDX}
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[5152] C:\windows\SysWOW64\ntdll.dll!NtOpenProcess + 5 0000000077a8fc05 7 bytes {MOV EDX, 0x3a99a8; JMP RDX}
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[5152] C:\windows\SysWOW64\ntdll.dll!NtSetInformationFile + 5 0000000077a8fc1d 7 bytes {MOV EDX, 0x3a9928; JMP RDX}
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[5152] C:\windows\SysWOW64\ntdll.dll!NtMapViewOfSection + 5 0000000077a8fc35 7 bytes {MOV EDX, 0x3a9b28; JMP RDX}
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[5152] C:\windows\SysWOW64\ntdll.dll!NtUnmapViewOfSection + 5 0000000077a8fc65 7 bytes {MOV EDX, 0x3a9b68; JMP RDX}
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[5152] C:\windows\SysWOW64\ntdll.dll!NtOpenThreadTokenEx + 5 0000000077a8fce5 7 bytes {MOV EDX, 0x3a9ae8; JMP RDX}
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[5152] C:\windows\SysWOW64\ntdll.dll!NtOpenProcessTokenEx + 5 0000000077a8fcfd 7 bytes {MOV EDX, 0x3a9aa8; JMP RDX}
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[5152] C:\windows\SysWOW64\ntdll.dll!NtOpenFile + 5 0000000077a8fd49 7 bytes {MOV EDX, 0x3a9868; JMP RDX}
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[5152] C:\windows\SysWOW64\ntdll.dll!NtQueryAttributesFile + 5 0000000077a8fe41 7 bytes {MOV EDX, 0x3a98a8; JMP RDX}
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[5152] C:\windows\SysWOW64\ntdll.dll!NtCreateFile + 5 0000000077a90099 7 bytes {MOV EDX, 0x3a9828; JMP RDX}
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[5152] C:\windows\SysWOW64\ntdll.dll!NtOpenProcessToken + 5 0000000077a910a5 7 bytes {MOV EDX, 0x3a99e8; JMP RDX}
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[5152] C:\windows\SysWOW64\ntdll.dll!NtOpenThread + 5 0000000077a9111d 7 bytes {MOV EDX, 0x3a9968; JMP RDX}
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[5152] C:\windows\SysWOW64\ntdll.dll!NtQueryFullAttributesFile + 5 0000000077a91321 7 bytes {MOV EDX, 0x3a98e8; JMP RDX}
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[5152] C:\windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 00000000765d1465 2 bytes [5D, 76]
.text C:\Users\Dani\AppData\Local\Google\Chrome\Application\chrome.exe[5152] C:\windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 00000000765d14bb 2 bytes [5D, 76]
.text ... * 2
---- EOF - GMER 2.1 ---- 2. hier die otl Code:
OTL logfile created on: 4/11/2013 4:42:48 PM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Dani\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16521)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3.79 Gb Total Physical Memory | 1.91 Gb Available Physical Memory | 50.23% Memory free
7.59 Gb Paging File | 5.59 Gb Available in Paging File | 73.71% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 173.39 Gb Total Space | 111.41 Gb Free Space | 64.26% Space Free | Partition Type: NTFS
Drive D: | 115.60 Gb Total Space | 37.51 Gb Free Space | 32.45% Space Free | Partition Type: NTFS
Computer Name: MSI | User Name: Dani | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013/04/11 16:32:52 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Dani\Desktop\OTL.exe
PRC - [2013/03/13 18:15:00 | 004,394,032 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgui.exe
PRC - [2013/02/28 00:42:12 | 004,937,264 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
PRC - [2013/02/19 05:02:02 | 000,282,624 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
PRC - [2013/02/12 11:43:56 | 000,248,208 | ---- | M] (TomTom) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
PRC - [2013/02/12 11:43:56 | 000,093,072 | ---- | M] (TomTom) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2013/02/06 20:26:56 | 000,213,384 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler.exe
PRC - [2013/02/05 17:48:44 | 000,272,248 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
PRC - [2013/01/09 17:00:58 | 000,013,824 | ---- | M] (Smartbar) -- C:\Users\Dani\AppData\Local\Smartbar\Application\QuickShare.exe
PRC - [2012/12/11 23:48:08 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2011/08/25 11:50:50 | 000,270,672 | ---- | M] () -- C:\Program Files (x86)\1&1 Surf-Stick\AssistantServices.exe
PRC - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2010/03/04 05:16:06 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2009/09/30 14:01:32 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2009/09/30 14:01:30 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2009/08/27 17:09:10 | 001,253,376 | ---- | M] (MAGIX AG) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
PRC - [2009/08/05 22:28:20 | 002,072,576 | ---- | M] (Micro-Star International Co., Ltd.) -- C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe
PRC - [2009/07/10 00:54:42 | 000,160,768 | ---- | M] (Micro-Star International Co., Ltd.) -- C:\Program Files (x86)\System Control Manager\MSIService.exe
PRC - [2006/09/28 12:20:00 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
========== Modules (No Company Name) ==========
MOD - [2013/03/22 00:50:33 | 000,390,096 | ---- | M] () -- C:\Users\Dani\AppData\Local\Google\Chrome\Application\26.0.1410.43\ppGoogleNaClPluginChrome.dll
MOD - [2013/03/22 00:50:31 | 004,050,896 | ---- | M] () -- C:\Users\Dani\AppData\Local\Google\Chrome\Application\26.0.1410.43\pdf.dll
MOD - [2013/03/22 00:49:41 | 000,598,480 | ---- | M] () -- C:\Users\Dani\AppData\Local\Google\Chrome\Application\26.0.1410.43\libglesv2.dll
MOD - [2013/03/22 00:49:40 | 000,124,368 | ---- | M] () -- C:\Users\Dani\AppData\Local\Google\Chrome\Application\26.0.1410.43\libegl.dll
MOD - [2013/03/22 00:49:38 | 001,606,096 | ---- | M] () -- C:\Users\Dani\AppData\Local\Google\Chrome\Application\26.0.1410.43\ffmpegsumo.dll
MOD - [2013/02/14 10:56:30 | 001,840,640 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\64cf6c356be66bb17c4667d6d8aa467b\System.Web.Services.ni.dll
MOD - [2013/02/14 10:56:03 | 012,436,480 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\cb562e2e4f74ae607f1186f6ec50cec7\System.Windows.Forms.ni.dll
MOD - [2013/02/02 10:51:54 | 000,911,432 | ---- | M] () -- C:\windows\assembly\GAC_32\System.Data.SQLite\1.0.66.0__db937bc2d44ff139\System.Data.SQLite.dll
MOD - [2013/02/02 10:51:51 | 008,013,664 | ---- | M] () -- C:\windows\assembly\GAC\Microsoft.mshtml\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.mshtml.dll
MOD - [2013/02/02 10:51:50 | 000,139,264 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\Interop.SHDocVw\1.1.0.0__84542ff99aed6a4d\Interop.SHDocVw.dll
MOD - [2013/01/09 21:01:58 | 000,220,672 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\5baea82888a13fa558004b24e3b107cf\CustomMarshalers.ni.dll
MOD - [2013/01/09 20:43:21 | 000,628,224 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\01c6cb58745f397c9b7ccf3ab7bfc9cd\System.EnterpriseServices.ni.dll
MOD - [2013/01/09 20:43:19 | 000,627,200 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\536d704e93ffec9b54e4a0312fb5b996\System.Transactions.ni.dll
MOD - [2013/01/09 20:43:18 | 006,611,456 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\dd20416f723ee13ffb4173ec1afc4ec4\System.Data.ni.dll
MOD - [2013/01/09 20:42:14 | 001,592,832 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll
MOD - [2013/01/09 20:42:07 | 005,453,312 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\958c2f1db4810a818845f216cbd08d24\System.Xml.ni.dll
MOD - [2013/01/09 20:42:01 | 000,971,264 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll
MOD - [2013/01/09 20:41:36 | 007,989,760 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll
MOD - [2013/01/09 17:00:58 | 000,023,040 | ---- | M] () -- C:\Users\Dani\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Core.dll
MOD - [2013/01/09 17:00:56 | 001,575,424 | ---- | M] () -- C:\Users\Dani\AppData\Local\Smartbar\Application\Smartbar.GUI.MainClient.dll
MOD - [2013/01/09 17:00:56 | 000,037,376 | ---- | M] () -- C:\Users\Dani\AppData\Local\Smartbar\Application\Smartbar.Resources.AutomaticUpdates.dll
MOD - [2013/01/09 17:00:54 | 000,007,680 | ---- | M] () -- C:\Users\Dani\AppData\Local\Smartbar\Application\Smartbar.GUI.Multimedia.Loader.dll
MOD - [2013/01/09 16:56:30 | 000,650,240 | ---- | M] () -- C:\Users\Dani\AppData\Local\Smartbar\Application\Smartbar.GUI.Controls.dll
MOD - [2013/01/09 16:56:26 | 000,040,960 | ---- | M] () -- C:\Users\Dani\AppData\Local\Smartbar\Application\MACTrackBarLib.dll
MOD - [2013/01/09 16:56:24 | 000,044,032 | ---- | M] () -- C:\Users\Dani\AppData\Local\Smartbar\Application\Smartbar.Resources.LanguageSettings.dll
MOD - [2013/01/09 16:56:24 | 000,028,672 | ---- | M] () -- C:\Users\Dani\AppData\Local\Smartbar\Application\de\Smartbar.Resources.LanguageSettings.resources.dll
MOD - [2013/01/09 16:56:22 | 000,050,688 | ---- | M] () -- C:\Users\Dani\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.InternetExplorerLocalPlugin.dll
MOD - [2013/01/09 16:56:20 | 000,073,216 | ---- | M] () -- C:\Users\Dani\AppData\Local\Smartbar\Application\Smartbar.Personalization.BusinessLogic.dll
MOD - [2013/01/09 16:56:16 | 000,062,976 | ---- | M] () -- C:\Users\Dani\AppData\Local\Smartbar\Application\Smartbar.Resources.HistoryAndStatsWrapper.dll
MOD - [2013/01/09 16:56:16 | 000,018,944 | ---- | M] () -- C:\Users\Dani\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.dll
MOD - [2013/01/09 16:56:16 | 000,013,312 | ---- | M] () -- C:\Users\Dani\AppData\Local\Smartbar\Application\Smartbar.Resources.SideBySide.dll
MOD - [2013/01/09 16:56:16 | 000,006,144 | ---- | M] () -- C:\Users\Dani\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.EventManager.dll
MOD - [2013/01/09 16:56:14 | 000,012,800 | ---- | M] () -- C:\Users\Dani\AppData\Local\Smartbar\Application\Smartbar.Resources.Utilities.dll
MOD - [2013/01/09 16:56:14 | 000,007,168 | ---- | M] () -- C:\Users\Dani\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.BusinessEntities.dll
MOD - [2013/01/09 16:56:12 | 000,074,752 | ---- | M] () -- C:\Users\Dani\AppData\Local\Smartbar\Application\Smartbar.GUI.Docking.dll
MOD - [2013/01/09 16:56:12 | 000,012,288 | ---- | M] () -- C:\Users\Dani\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll
MOD - [2013/01/09 16:56:12 | 000,009,728 | ---- | M] () -- C:\Users\Dani\AppData\Local\Smartbar\Application\Smartbar.Personalization.Common.dll
MOD - [2013/01/09 16:56:12 | 000,007,168 | ---- | M] () -- C:\Users\Dani\AppData\Local\Smartbar\Application\Smartbar.Resources.ProcessDownMonitor.dll
MOD - [2013/01/09 14:25:01 | 011,493,376 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll
MOD - [2010/11/13 02:08:41 | 000,315,392 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010/11/05 03:58:50 | 000,212,992 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll
MOD - [2010/11/05 03:58:05 | 002,927,616 | ---- | M] () -- C:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2010/11/05 03:57:39 | 000,069,120 | ---- | M] () -- C:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
MOD - [2009/08/23 19:58:06 | 000,094,208 | ---- | M] () -- C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
MOD - [2009/06/10 23:23:19 | 000,261,632 | ---- | M] () -- C:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
========== Services (SafeList) ==========
SRV - [2013/04/04 10:05:53 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/03/13 07:10:33 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/02/28 00:42:12 | 004,937,264 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2013/02/19 05:02:02 | 000,282,624 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe -- (avgwd)
SRV - [2013/02/12 11:43:56 | 000,093,072 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2013/02/05 17:48:00 | 000,235,216 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe -- (McComponentHostService)
SRV - [2013/01/08 13:55:20 | 000,161,536 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/12/11 23:48:08 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2011/10/29 18:28:53 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011/08/25 11:50:50 | 000,270,672 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\1&1 Surf-Stick\AssistantServices.exe -- (UI Assistant Service)
SRV - [2011/06/29 12:53:32 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Stopped] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011/03/28 16:15:04 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Stopped] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010/03/04 05:16:06 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2009/09/30 14:01:32 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2009/09/30 14:01:30 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2009/08/27 17:09:10 | 001,253,376 | ---- | M] (MAGIX AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs)
SRV - [2009/07/10 00:54:42 | 000,160,768 | ---- | M] (Micro-Star International Co., Ltd.) [Auto | Running] -- C:\Program Files (x86)\System Control Manager\MSIService.exe -- (Micro Star SCM)
SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/08/07 11:10:02 | 003,276,800 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
SRV - [2006/09/28 12:20:00 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
========== Driver Services (SafeList) ==========
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\msi\msi Software Install\MGHwCtrl.sys -- (MGHwCtrl)
DRV:64bit: - [2013/02/27 00:40:46 | 000,246,072 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver)
DRV:64bit: - [2013/02/14 04:52:46 | 000,239,416 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2013/02/08 05:37:56 | 000,116,536 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2013/02/08 05:37:54 | 000,311,096 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\avgloga.sys -- (Avgloga)
DRV:64bit: - [2013/02/08 05:37:50 | 000,071,480 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA)
DRV:64bit: - [2013/02/08 05:37:42 | 000,206,136 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2013/02/08 05:37:40 | 000,045,880 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2012/08/23 16:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 16:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/03/01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/01/10 23:28:18 | 012,311,904 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011/12/08 06:22:36 | 000,172,104 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdmdm.sys -- (sscdmdm)
DRV:64bit: - [2011/12/08 06:22:36 | 000,136,264 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdbus.sys -- (sscdbus)
DRV:64bit: - [2011/12/08 06:22:36 | 000,019,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV:64bit: - [2011/12/08 06:22:28 | 000,177,640 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm)
DRV:64bit: - [2011/12/08 06:22:28 | 000,157,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus)
DRV:64bit: - [2011/12/08 06:22:28 | 000,036,328 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadadb.sys -- (androidusb)
DRV:64bit: - [2011/12/08 06:22:28 | 000,016,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV:64bit: - [2011/12/02 08:46:18 | 000,279,616 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2011/06/29 12:53:32 | 000,123,784 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2011/06/29 12:53:32 | 000,088,288 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2011/06/10 06:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/05/10 08:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/03/26 11:37:12 | 000,123,520 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
DRV:64bit: - [2011/03/26 11:37:12 | 000,123,520 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
DRV:64bit: - [2011/03/26 11:37:12 | 000,123,520 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
DRV:64bit: - [2011/03/26 11:37:12 | 000,011,776 | ---- | M] (MBB Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\massfilter.sys -- (massfilter)
DRV:64bit: - [2011/03/11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/06/21 09:15:54 | 000,287,232 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2010/03/04 04:51:40 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/02/26 23:02:12 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2010/02/24 12:20:40 | 000,191,616 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\acedrv11.sys -- (acedrv11)
DRV:64bit: - [2010/02/08 22:10:02 | 000,855,328 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr28x.sys -- (netr28x)
DRV:64bit: - [2009/12/17 14:07:16 | 000,053,248 | ---- | M] (Sentelic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fspad_xp64.sys -- (fspad_xp64)
DRV:64bit: - [2009/12/17 14:07:16 | 000,053,248 | ---- | M] (Sentelic Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\fspad_wlh64.sys -- (fspad_wlh64)
DRV:64bit: - [2009/12/04 11:50:22 | 000,087,888 | ---- | M] (ENE Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\EUCR6SK.sys -- (EUCR)
DRV:64bit: - [2009/09/17 06:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009/07/16 13:33:44 | 001,488,384 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/14 02:10:47 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rootmdm.sys -- (ROOTMODEM)
DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/26 23:32:04 | 000,019,968 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter)
DRV:64bit: - [2007/11/15 21:33:58 | 000,528,256 | ---- | M] (Syntek) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\StkTMini.sys -- (StkTMini)
DRV:64bit: - [2007/03/07 13:13:20 | 000,017,920 | ---- | M] (June Fabrics Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\pnetmdm64.sys -- (pnetmdm)
DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE:64bit: - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = hxxp://dts.search-results.com/sr?src=ieb&appid=119&systemid=406&sr=0&q={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2413}: "URL" = hxxp://www.searchqu.com/web?src=ieb&appid=0&systemid=413&sr=0&q={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{DCDE71E6-356A-4699-B0D8-1EDEC197733A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=MSITDF&pc=MAMI&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
IE - HKLM\..\URLSearchHook: {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = hxxp://dts.search-results.com/sr?src=ieb&appid=119&systemid=406&sr=0&q={searchTerms}
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2413}: "URL" = hxxp://www.searchqu.com/web?src=ieb&appid=0&systemid=413&sr=0&q={searchTerms}
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2645238
IE - HKLM\..\SearchScopes\{E32EFCEA-84FA-4ED0-A65F-30D836E57DEE}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=MSITDF&pc=MAMI&src=IE-SearchBox
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www.delta-search.com/?affID=119776&babsrc=HP_ss&mntrId=3435b49e0000000000006c626d1bb07f
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://msi.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.delta-search.com/?affID=119776&babsrc=HP_ss&mntrId=3435b49e0000000000006c626d1bb07f
IE - HKCU\..\URLSearchHook: {91da5e8a-3318-4f8c-b67e-5964de3ab546} - No CLSID value found
IE - HKCU\..\URLSearchHook: {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - No CLSID value found
IE - HKCU\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes,DefaultScope = {D128C4FC-31CE-44E1-B2C3-F45EC45893C3}
IE - HKCU\..\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}: "URL" = hxxp://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://www.delta-search.com/?q={searchTerms}&affID=119776&babsrc=SP_ss&mntrId=3435b49e0000000000006c626d1bb07f
IE - HKCU\..\SearchScopes\{1215ADBA-EFE8-415E-804E-45D506250A1A}: "URL" = hxxp://go.web.de/suchbox/ebay?query={searchTerms}
IE - HKCU\..\SearchScopes\{20363AED-3BDE-4D22-9A28-F9854863DEF4}: "URL" = hxxp://go.1und1.de/suchbox/amazon?tag=1und1icon-21&field-keywords={searchTerms}
IE - HKCU\..\SearchScopes\{879F1D54-4777-444D-8421-39D9523CB991}: "URL" = hxxp://go.web.de/suchbox/google?q={searchTerms}
IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = hxxp://dts.search-results.com/sr?src=ieb&appid=119&systemid=406&sr=0&q={searchTerms}
IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2413}: "URL" = hxxp://www.searchqu.com/web?src=ieb&appid=0&systemid=413&sr=0&q={searchTerms}
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2645238
IE - HKCU\..\SearchScopes\{BF6C6338-1E6A-48D4-AD5C-01AF007AB138}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=VSAT&o=16625&src=kw&q={searchTerms}&locale=&apn_ptnrs=2K&apn_dtid=YYYYYYYYDE&apn_uid=ad0100a7-e2e3-41e5-84a0-a466beb971ce&apn_sauid=EE11956E-193A-4A15-BCB0-C9FFF968A3F7&
IE - HKCU\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = hxxp://mystart.incredibar.com/mb128/?search={searchTerms}&loc=IB_DS&a=6R8swsYxEq&i=26
IE - HKCU\..\SearchScopes\{D128C4FC-31CE-44E1-B2C3-F45EC45893C3}: "URL" = hxxp://go.1und1.de/suchbox/1und1suche?su={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultthis.engineName: "uTorrentBar_DE Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2851647&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.2: "Search Results"
FF - prefs.js..browser.search.param.yahoo-fr: "w3i&type=W3i_DS,157,0_0,Search,20120101,16981,0,24,0"
FF - prefs.js..browser.search.selectedEngine: "Delta Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.google.de"
FF - prefs.js..extensions.enabledAddons: helperbar@helperbar.com:1.0
FF - prefs.js..extensions.enabledAddons: SQLiteManager%40mrinalkant.blogspot.com:0.7.7
FF - prefs.js..extensions.enabledAddons: %7BD4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389%7D:0.9.10
FF - prefs.js..extensions.enabledAddons: %7B23fcfd51-4958-4f00-80a3-ae97e717ed8b%7D:2.1.2.145
FF - prefs.js..extensions.enabledAddons: treestyletab%40piro.sakura.ne.jp:0.14.2012122901
FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.14
FF - prefs.js..extensions.enabledAddons: %7Ba7c6cf7f-112c-4500-a7ea-39801a327e5f%7D:2.0.13
FF - prefs.js..extensions.enabledAddons: %7BCAFEEFAC-0016-0000-0034-ABCDEFFEDCBA%7D:6.0.34
FF - prefs.js..extensions.enabledAddons: %7BDDC359D1-844A-42a7-9AA1-88A850A938A8%7D:2.0.16
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.3.1: C:\windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.3.1: C:\Program Files\Oracle\JavaFX 2.0 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Dani\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Dani\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Dani\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\PROGRAM FILES\WEB ASSISTANT\FIREFOX
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6E19037A-12E3-4295-8915-ED48BC341614}: C:\Program Files (x86)\RelevantKnowledge
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\Web Assistant\Firefox
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/05/11 21:24:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}: C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\ [2013/02/02 10:51:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/04/04 10:05:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/02/23 00:30:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.4\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013/01/10 23:00:23 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.4\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\avgthb@avg.com: C:\Program Files (x86)\AVG\AVG2012\Thunderbird\ [2012/02/04 08:45:32 | 000,000,000 | ---D | M]
[2012/01/03 00:24:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dani\AppData\Roaming\mozilla\Extensions
[2011/06/22 22:26:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dani\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011/08/16 12:25:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dani\AppData\Roaming\mozilla\Extensions\home2@tomtom.com
[2013/04/11 09:36:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dani\AppData\Roaming\mozilla\Firefox\Profiles\bcbpfnea.default\extensions
[2013/02/25 12:43:00 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Dani\AppData\Roaming\mozilla\Firefox\Profiles\bcbpfnea.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012/12/10 21:26:48 | 000,000,000 | ---D | M] (incredibar.com) -- C:\Users\Dani\AppData\Roaming\mozilla\Firefox\Profiles\bcbpfnea.default\extensions\ffxtlbr@incredibar.com
[2013/02/15 10:24:18 | 000,000,000 | ---D | M] ("QuickShare Widget") -- C:\Users\Dani\AppData\Roaming\mozilla\Firefox\Profiles\bcbpfnea.default\extensions\helperbar@helperbar.com
[2012/11/29 16:47:10 | 000,197,580 | ---- | M] () (No name found) -- C:\Users\Dani\AppData\Roaming\mozilla\firefox\profiles\bcbpfnea.default\extensions\ftdownloader@ftdownloader.com.xpi
[2012/12/13 22:29:00 | 000,199,445 | ---- | M] () (No name found) -- C:\Users\Dani\AppData\Roaming\mozilla\firefox\profiles\bcbpfnea.default\extensions\movie2kdownloader@movie2kdownloader.com.xpi
[2011/11/25 09:14:01 | 000,255,318 | ---- | M] () (No name found) -- C:\Users\Dani\AppData\Roaming\mozilla\firefox\profiles\bcbpfnea.default\extensions\SQLiteManager@mrinalkant.blogspot.com.xpi
[2013/01/02 23:17:52 | 000,282,113 | ---- | M] () (No name found) -- C:\Users\Dani\AppData\Roaming\mozilla\firefox\profiles\bcbpfnea.default\extensions\treestyletab@piro.sakura.ne.jp.xpi
[2013/03/05 00:04:30 | 000,872,587 | ---- | M] () (No name found) -- C:\Users\Dani\AppData\Roaming\mozilla\firefox\profiles\bcbpfnea.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}.xpi
[2013/02/15 10:32:27 | 000,817,280 | ---- | M] () (No name found) -- C:\Users\Dani\AppData\Roaming\mozilla\firefox\profiles\bcbpfnea.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2011/10/30 22:34:13 | 000,434,392 | ---- | M] () (No name found) -- C:\Users\Dani\AppData\Roaming\mozilla\firefox\profiles\bcbpfnea.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi
[2013/04/11 09:36:27 | 000,714,654 | ---- | M] () (No name found) -- C:\Users\Dani\AppData\Roaming\mozilla\firefox\profiles\bcbpfnea.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi
[2012/12/10 21:51:28 | 000,002,444 | ---- | M] () -- C:\Users\Dani\AppData\Roaming\mozilla\firefox\profiles\bcbpfnea.default\searchplugins\babylon1.xml
[2013/02/18 13:16:52 | 000,001,294 | ---- | M] () -- C:\Users\Dani\AppData\Roaming\mozilla\firefox\profiles\bcbpfnea.default\searchplugins\delta.xml
[2012/12/17 09:56:11 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/12/17 09:56:11 | 000,000,000 | ---D | M] (z) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{351f2d71-b514-3354-5d48-c344c9e2c0cc}
[2012/12/17 09:56:11 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012/12/17 09:56:11 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBA}
[2012/05/11 21:24:05 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 <video>) -- C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5
[2013/04/04 10:05:54 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2013/04/04 10:05:51 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2013/02/18 13:16:29 | 000,006,484 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2013/04/04 10:05:51 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2013/04/04 10:05:50 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2011/11/21 10:20:53 | 000,002,048 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrch.xml
[2013/04/04 10:05:50 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2011/11/07 11:53:36 | 000,002,520 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\SearchResults.xml
[2012/01/02 15:29:28 | 000,002,519 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\Search_Results.xml
[2013/04/04 10:05:50 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2013/04/04 10:05:50 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: hxxp://google.de/
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Dani\AppData\Local\Google\Chrome\Application\26.0.1410.43\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Dani\AppData\Local\Google\Chrome\Application\26.0.1410.43\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Dani\AppData\Local\Google\Chrome\Application\26.0.1410.43\pdf.dll
CHR - plugin: Injovo Extension Plugin (Enabled) = C:\Users\Dani\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.430_0\npbrowserext.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U7 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
CHR - plugin: Windows Live\\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll
CHR - plugin: Java Deployment Toolkit 7.0.70.10 (Enabled) = C:\windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - Extension: Google Drive = C:\Users\Dani\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: TV = C:\Users\Dani\AppData\Local\Google\Chrome\User Data\Default\Extensions\beobeededemalmllhkmnkinmfembdimh\1.0.12_0\
CHR - Extension: YouTube = C:\Users\Dani\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: YouTube = C:\Users\Dani\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Facebook = C:\Users\Dani\AppData\Local\Google\Chrome\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm\1.0.3_0\
CHR - Extension: Google-Suche = C:\Users\Dani\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Pixlr-o-matic = C:\Users\Dani\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehcibdjmpjlekgjhepbfmenfppliikcj\1.2_0\
CHR - Extension: Assassin's Creed Revelations = C:\Users\Dani\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjkfepmkmmmkfefiijaoledbhobjcfea\1.2_0\
CHR - Extension: Windows Media Player Extension for HTML5 = C:\Users\Dani\AppData\Local\Google\Chrome\User Data\Default\Extensions\hokdglbhghcebcopdbanieangmcamaak\1.0_0\
CHR - Extension: Google Play = C:\Users\Dani\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi\3.0_0\
CHR - Extension: FVD Video Downloader = C:\Users\Dani\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmhcpmkbdkbgbmkjoiopeeegenkdikp\5.0.3_0\
CHR - Extension: Top Eleven = C:\Users\Dani\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljphpjlafmmdmegmfbkacafhbegjfkkn\2.0.0.4_0\
CHR - Extension: amazon = C:\Users\Dani\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpmhgogeadkcmcncckhhdjhcgocdjgcg\1.10_0\
CHR - Extension: DVDVideoSoft Browser Extension = C:\Users\Dani\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.1.2_0\
CHR - Extension: Better Pop Up Blocker = C:\Users\Dani\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmpeeekfhbmikbdhlpjbfmnpgcbeggic\2.1.6_0\
CHR - Extension: Mehr Leistung und Videoformate f\\u00FCr dein HTML5 \\u003Cvideo\\u003E = C:\Users\Dani\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: Google Mail = C:\Users\Dani\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2011/09/27 08:48:38 | 000,000,872 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 activate.adobe.com
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Oracle\JavaFX 2.0 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (DVDVideoSoft WebPageAdjuster Class) - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (DVDVideoSoft WebPageAdjuster Class) - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {99079a25-328f-4bd4-be04-00955acaa0a7} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {FC2B76FC-2132-4D80-A9A3-1F5C6E49066B} - No CLSID value found.
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files (x86)\Home Cinema\PowerDVD\Language\Language.exe ()
O4 - HKLM..\Run: [MGSysCtrl] C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe (Micro-Star International Co., Ltd.)
O4 - HKCU..\Run: [Browser Infrastructure Helper] C:\Users\Dani\AppData\Local\Smartbar\Application\QuickShare.exe (Smartbar)
O4 - HKCU..\Run: [TomTomHOME.exe] C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm ()
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Free YouTube Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm ()
O9:64bit: - Extra Button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
O9:64bit: - Extra 'Tools' menuitem : Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
O9 - Extra 'Tools' menuitem : Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 10.3.1)
O16:64bit: - DPF: {CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 1.7.0_03)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 1.7.0_03)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_34-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0034-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_34-windows-i586.cab (Java Plug-in 1.6.0_34)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_34-windows-i586.cab (Java Plug-in 10.7.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2F85EB96-8EF2-44DC-9B97-3E6251A86787}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\ipp - No CLSID value found
O18:64bit: - Protocol\Handler\ipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{380aa8ab-a0b8-11e0-8aa3-406186bc2fd0}\Shell - "" = AutoRun
O33 - MountPoints2\{380aa8ab-a0b8-11e0-8aa3-406186bc2fd0}\Shell\AutoRun\command - "" = G:\HPLauncher.exe
O33 - MountPoints2\{4be5a217-0f85-11e1-8ebb-406186bc2fd0}\Shell - "" = AutoRun
O33 - MountPoints2\{4be5a217-0f85-11e1-8ebb-406186bc2fd0}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{4be5a22f-0f85-11e1-8ebb-406186bc2fd0}\Shell - "" = AutoRun
O33 - MountPoints2\{4be5a22f-0f85-11e1-8ebb-406186bc2fd0}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{c00b1983-60ab-11e1-bf3c-406186bc2fd0}\Shell - "" = AutoRun
O33 - MountPoints2\{c00b1983-60ab-11e1-bf3c-406186bc2fd0}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O33 - MountPoints2\{cc451fdc-d99a-11e0-a35e-406186bc2fd0}\Shell - "" = AutoRun
O33 - MountPoints2\{cc451fdc-d99a-11e0-a35e-406186bc2fd0}\Shell\AutoRun\command - "" = F:\Setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013/04/11 16:32:51 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Dani\Desktop\OTL.exe
[2013/04/05 18:01:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2013/04/01 23:46:59 | 000,000,000 | -HSD | C] -- C:\found.000
[2013/03/31 16:44:24 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoAudio
[2013/03/31 16:39:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
[2013/03/31 16:33:45 | 000,000,000 | ---D | C] -- C:\Users\Dani\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2013/03/31 16:31:33 | 000,000,000 | ---D | C] -- C:\Users\Dani\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ArcSoft Magic-i Visual Effects 2
[2013/03/29 18:03:47 | 001,054,720 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\MsSpellCheckingFacility.exe
[2013/03/29 18:03:47 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\elshyph.dll
[2013/03/29 18:03:47 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\elshyph.dll
[2013/03/29 18:03:47 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\RegisterIEPKEYs.exe
[2013/03/29 18:03:46 | 000,719,360 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmlmedia.dll
[2013/03/29 18:03:46 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msrating.dll
[2013/03/29 18:03:46 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iexpress.exe
[2013/03/29 18:03:46 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\wextract.exe
[2013/03/29 18:03:46 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inseng.dll
[2013/03/29 18:03:46 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll
[2013/03/29 18:03:45 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\pngfilt.dll
[2013/03/29 18:03:44 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll
[2013/03/29 18:03:44 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe
[2013/03/29 18:03:44 | 000,125,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\occache.dll
[2013/03/29 18:03:44 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iepeers.dll
[2013/03/29 18:03:44 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\IEAdvpack.dll
[2013/03/29 18:03:44 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesysprep.dll
[2013/03/29 18:03:44 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\SetIEInstalledDate.exe
[2013/03/29 18:03:44 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmler.dll
[2013/03/29 18:03:44 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\msfeedssync.exe
[2013/03/29 18:03:43 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dat
[2013/03/29 18:03:43 | 000,629,248 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dll
[2013/03/29 18:03:43 | 000,391,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll
[2013/03/29 18:03:43 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\html.iec
[2013/03/29 18:03:43 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\url.dll
[2013/03/29 18:03:43 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\tdc.ocx
[2013/03/29 18:03:42 | 001,441,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl
[2013/03/29 18:03:42 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msrating.dll
[2013/03/29 18:03:42 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\RegisterIEPKEYs.exe
[2013/03/29 18:03:42 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\icardie.dll
[2013/03/29 18:03:42 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iesetup.dll
[2013/03/29 18:03:42 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\iernonce.dll
[2013/03/29 18:03:42 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\licmgr10.dll
[2013/03/29 18:03:41 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dat
[2013/03/29 18:03:41 | 000,905,728 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmlmedia.dll
[2013/03/29 18:03:41 | 000,762,368 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dll
[2013/03/29 18:03:41 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxtmsft.dll
[2013/03/29 18:03:41 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\html.iec
[2013/03/29 18:03:41 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\dxtrans.dll
[2013/03/29 18:03:41 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\url.dll
[2013/03/29 18:03:41 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msls31.dll
[2013/03/29 18:03:41 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\icardie.dll
[2013/03/29 18:03:41 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesetup.dll
[2013/03/29 18:03:41 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe
[2013/03/29 18:03:41 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iernonce.dll
[2013/03/29 18:03:40 | 001,509,376 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl
[2013/03/29 18:03:40 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
[2013/03/29 18:03:40 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\vbscript.dll
[2013/03/29 18:03:40 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iexpress.exe
[2013/03/29 18:03:40 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\wextract.exe
[2013/03/29 18:03:40 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inseng.dll
[2013/03/29 18:03:40 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll
[2013/03/29 18:03:40 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\licmgr10.dll
[2013/03/29 18:03:39 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieUnatt.exe
[2013/03/29 18:03:39 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\occache.dll
[2013/03/29 18:03:39 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\pngfilt.dll
[2013/03/29 18:03:39 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshta.exe
[2013/03/29 18:03:38 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll
[2013/03/29 18:03:38 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iepeers.dll
[2013/03/29 18:03:38 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\IEAdvpack.dll
[2013/03/29 18:03:38 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\imgutil.dll
[2013/03/29 18:03:38 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\msfeedssync.exe
[2013/03/29 18:03:37 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
[2013/03/29 18:03:37 | 000,526,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll
[2013/03/29 18:03:37 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\iesysprep.dll
[2013/03/29 18:03:37 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\SetIEInstalledDate.exe
[2013/03/29 18:03:37 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\tdc.ocx
[2013/03/29 18:03:37 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmler.dll
[2013/03/25 22:39:46 | 004,546,560 | ---- | C] (Google Inc.) -- C:\windows\SysWow64\GPhotos.scr
[2013/03/24 10:34:22 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\usb8023.sys
[2013/03/22 23:59:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2013/03/21 14:22:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2013/03/21 14:22:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2013/03/17 20:54:16 | 000,000,000 | ---D | C] -- C:\Users\Dani\Documents\TomTom
[2013/03/17 20:53:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom
[2013/03/17 20:53:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TomTom HOME 2
[2013/03/17 20:53:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TomTom International B.V
[2013/03/15 21:39:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2013/03/14 12:22:24 | 000,000,000 | ---D | C] -- C:\Users\Dani\AppData\Roaming\7road
[2013/03/14 09:23:44 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2012/08/02 14:18:45 | 001,235,968 | ---- | C] (Sun Microsystems) -- C:\Users\Dani\AppData\Roaming\rundll32.exe
[2 C:\windows\SysNative\drivers\*.tmp files -> C:\windows\SysNative\drivers\*.tmp -> ]
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013/04/11 16:33:34 | 000,001,116 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-4272837320-2993236260-2669685721-1001UA.job
[2013/04/11 16:32:52 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Dani\Desktop\OTL.exe
[2013/04/11 16:32:00 | 000,001,106 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/04/11 16:31:44 | 000,000,884 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2013/04/11 16:31:40 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2013/04/11 10:08:17 | 000,017,600 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/04/11 10:08:17 | 000,017,600 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/04/11 10:01:49 | 000,001,102 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/04/11 09:44:20 | 000,377,856 | ---- | M] () -- C:\Users\Dani\Desktop\mxysc2of.exe
[2013/04/11 09:39:41 | 000,000,000 | ---- | M] () -- C:\Users\Dani\defogger_reenable
[2013/04/11 09:34:33 | 000,473,871 | ---- | M] () -- C:\Users\Dani\Desktop\Kart 001.pdf
[2013/04/06 22:06:10 | 001,613,340 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2013/04/06 22:06:10 | 000,697,082 | ---- | M] () -- C:\windows\SysNative\perfh007.dat
[2013/04/06 22:06:10 | 000,652,360 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2013/04/06 22:06:10 | 000,148,346 | ---- | M] () -- C:\windows\SysNative\perfc007.dat
[2013/04/06 22:06:10 | 000,121,292 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2013/04/05 18:01:20 | 000,000,951 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2013.lnk
[2013/04/05 17:59:45 | 000,001,064 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-4272837320-2993236260-2669685721-1001Core.job
[2013/04/03 16:38:19 | 000,001,063 | ---- | M] () -- C:\Users\Dani\Desktop\Tag&Rename.lnk
[2013/04/01 07:44:40 | 000,010,564 | ---- | M] () -- C:\Users\Dani\Documents\cc_20130401_074435.reg
[2013/03/29 18:03:47 | 001,054,720 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\MsSpellCheckingFacility.exe
[2013/03/29 18:03:47 | 000,226,304 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\elshyph.dll
[2013/03/29 18:03:47 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\elshyph.dll
[2013/03/29 18:03:47 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\RegisterIEPKEYs.exe
[2013/03/29 18:03:46 | 000,719,360 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmlmedia.dll
[2013/03/29 18:03:46 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\msrating.dll
[2013/03/29 18:03:46 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iexpress.exe
[2013/03/29 18:03:46 | 000,138,752 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\wextract.exe
[2013/03/29 18:03:46 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\inseng.dll
[2013/03/29 18:03:46 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll
[2013/03/29 18:03:45 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\pngfilt.dll
[2013/03/29 18:03:44 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll
[2013/03/29 18:03:44 | 000,137,216 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe
[2013/03/29 18:03:44 | 000,125,440 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\occache.dll
[2013/03/29 18:03:44 | 000,117,248 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iepeers.dll
[2013/03/29 18:03:44 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\IEAdvpack.dll
[2013/03/29 18:03:44 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iesysprep.dll
[2013/03/29 18:03:44 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\SetIEInstalledDate.exe
[2013/03/29 18:03:44 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmler.dll
[2013/03/29 18:03:44 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\msfeedssync.exe
[2013/03/29 18:03:43 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dat
[2013/03/29 18:03:43 | 000,629,248 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieapfltr.dll
[2013/03/29 18:03:43 | 000,391,680 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll
[2013/03/29 18:03:43 | 000,361,984 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\html.iec
[2013/03/29 18:03:43 | 000,232,960 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\url.dll
[2013/03/29 18:03:43 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\tdc.ocx
[2013/03/29 18:03:42 | 001,441,280 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl
[2013/03/29 18:03:42 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msrating.dll
[2013/03/29 18:03:42 | 000,089,600 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\RegisterIEPKEYs.exe
[2013/03/29 18:03:42 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\icardie.dll
[2013/03/29 18:03:42 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iesetup.dll
[2013/03/29 18:03:42 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\iernonce.dll
[2013/03/29 18:03:42 | 000,025,185 | ---- | M] () -- C:\windows\SysWow64\ieuinit.inf
[2013/03/29 18:03:42 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\windows\SysWow64\licmgr10.dll
[2013/03/29 18:03:41 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dat
[2013/03/29 18:03:41 | 000,905,728 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\mshtmlmedia.dll
[2013/03/29 18:03:41 | 000,762,368 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieapfltr.dll
[2013/03/29 18:03:41 | 000,452,096 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\dxtmsft.dll
[2013/03/29 18:03:41 | 000,441,856 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\html.iec
[2013/03/29 18:03:41 | 000,281,600 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\dxtrans.dll
[2013/03/29 18:03:41 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\url.dll
[2013/03/29 18:03:41 | 000,216,064 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msls31.dll
[2013/03/29 18:03:41 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\icardie.dll
[2013/03/29 18:03:41 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iesetup.dll
[2013/03/29 18:03:41 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ie4uinit.exe
[2013/03/29 18:03:41 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iernonce.dll
[2013/03/29 18:03:41 | 000,025,185 | ---- | M] () -- C:\windows\SysNative\ieuinit.inf
[2013/03/29 18:03:40 | 001,509,376 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl
[2013/03/29 18:03:40 | 000,603,136 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msfeeds.dll
[2013/03/29 18:03:40 | 000,599,552 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\vbscript.dll
[2013/03/29 18:03:40 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iexpress.exe
[2013/03/29 18:03:40 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\wextract.exe
[2013/03/29 18:03:40 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\inseng.dll
[2013/03/29 18:03:40 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll
[2013/03/29 18:03:40 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\licmgr10.dll
[2013/03/29 18:03:39 | 000,173,568 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieUnatt.exe
[2013/03/29 18:03:39 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\occache.dll
[2013/03/29 18:03:39 | 000,062,976 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\pngfilt.dll
[2013/03/29 18:03:39 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\mshta.exe
[2013/03/29 18:03:38 | 000,855,552 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll
[2013/03/29 18:03:38 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iepeers.dll
[2013/03/29 18:03:38 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\IEAdvpack.dll
[2013/03/29 18:03:38 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\imgutil.dll
[2013/03/29 18:03:38 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\msfeedssync.exe
[2013/03/29 18:03:37 | 003,958,784 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
[2013/03/29 18:03:37 | 000,526,848 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll
[2013/03/29 18:03:37 | 000,136,704 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\iesysprep.dll
[2013/03/29 18:03:37 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\SetIEInstalledDate.exe
[2013/03/29 18:03:37 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\tdc.ocx
[2013/03/29 18:03:37 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\windows\SysNative\mshtmler.dll
[2013/03/25 22:39:46 | 004,546,560 | ---- | M] (Google Inc.) -- C:\windows\SysWow64\GPhotos.scr
[2013/03/22 23:59:19 | 000,002,182 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2013/03/17 21:07:50 | 000,000,644 | ---- | M] () -- C:\Users\Dani\AppData\Roaming\wklnhst.dat
[2013/03/13 13:27:47 | 000,000,832 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013/03/13 07:10:32 | 000,693,976 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe
[2013/03/13 07:10:32 | 000,073,432 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
[2 C:\windows\SysNative\drivers\*.tmp files -> C:\windows\SysNative\drivers\*.tmp -> ]
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013/04/11 09:44:19 | 000,377,856 | ---- | C] () -- C:\Users\Dani\Desktop\mxysc2of.exe
[2013/04/11 09:39:41 | 000,000,000 | ---- | C] () -- C:\Users\Dani\defogger_reenable
[2013/04/11 09:34:31 | 000,473,871 | ---- | C] () -- C:\Users\Dani\Desktop\Kart 001.pdf
[2013/04/03 16:38:19 | 000,001,063 | ---- | C] () -- C:\Users\Dani\Desktop\Tag&Rename.lnk
[2013/04/01 07:44:38 | 000,010,564 | ---- | C] () -- C:\Users\Dani\Documents\cc_20130401_074435.reg
[2013/03/29 18:14:57 | 000,001,435 | ---- | C] () -- C:\Users\Dani\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2013/03/29 18:03:42 | 000,025,185 | ---- | C] () -- C:\windows\SysWow64\ieuinit.inf
[2013/03/29 18:03:41 | 000,025,185 | ---- | C] () -- C:\windows\SysNative\ieuinit.inf
[2013/03/22 23:59:19 | 000,002,182 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2013/03/06 10:22:34 | 000,000,843 | ---- | C] () -- C:\Users\Dani\.recently-used.xbel
[2012/12/11 09:20:07 | 000,281,120 | ---- | C] () -- C:\windows\SysWow64\PnkBstrB.exe
[2012/12/11 09:19:38 | 000,076,888 | ---- | C] () -- C:\windows\SysWow64\PnkBstrA.exe
[2012/07/05 13:34:51 | 000,000,051 | ---- | C] () -- C:\ProgramData\gblvavogluykqnl
[2012/05/10 23:51:53 | 000,243,200 | ---- | C] () -- C:\windows\SysWow64\xvidvfw.dll
[2012/03/14 02:30:52 | 000,000,600 | ---- | C] () -- C:\Users\Dani\AppData\Local\PUTTY.RND
[2012/01/31 19:15:42 | 000,974,848 | ---- | C] () -- C:\windows\SysWow64\cis-2.4.dll
[2012/01/31 19:15:42 | 000,081,920 | ---- | C] () -- C:\windows\SysWow64\issacapi_bs-2.3.dll
[2012/01/31 19:15:42 | 000,065,536 | ---- | C] () -- C:\windows\SysWow64\issacapi_pe-2.3.dll
[2012/01/31 19:15:42 | 000,057,344 | ---- | C] () -- C:\windows\SysWow64\issacapi_se-2.3.dll
[2012/01/10 22:29:54 | 013,904,384 | ---- | C] () -- C:\windows\SysWow64\ig4icd32.dll
[2012/01/04 18:00:07 | 000,000,042 | ---- | C] () -- C:\windows\ABC_mru.ini
[2012/01/04 01:07:15 | 000,003,584 | ---- | C] () -- C:\Users\Dani\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/12/07 11:42:18 | 000,000,275 | ---- | C] () -- C:\Users\Dani\AppData\Local\HamsterVideoConverterSettings.cfg
[2011/12/05 20:53:36 | 000,338,432 | ---- | C] () -- C:\windows\SysWow64\sqlite36_engine.dll
[2011/09/28 08:56:28 | 000,039,553 | ---- | C] () -- C:\windows\SysWow64\.exe
[2011/09/28 08:19:58 | 000,000,193 | ---- | C] () -- C:\windows\mysqlaif.INI
[2011/09/28 08:19:19 | 000,073,216 | ---- | C] () -- C:\windows\cadkasdeinst01.exe
[2011/09/13 14:46:41 | 000,175,616 | ---- | C] () -- C:\windows\SysWow64\unrar.dll
[2011/09/13 14:46:40 | 000,000,038 | ---- | C] () -- C:\windows\avisplitter.ini
[2011/09/13 14:46:39 | 000,074,752 | ---- | C] () -- C:\windows\SysWow64\ff_vfw.dll
[2011/09/08 12:43:04 | 000,000,047 | ---- | C] () -- C:\windows\NeroDigital.ini
[2011/08/31 19:51:16 | 000,867,020 | ---- | C] () -- C:\windows\SysWow64\igkrng575.bin
[2011/08/31 19:51:16 | 000,128,204 | ---- | C] () -- C:\windows\SysWow64\igcompkrng575.bin
[2011/08/31 19:51:16 | 000,105,608 | ---- | C] () -- C:\windows\SysWow64\igfcg575m.bin
[2011/07/31 14:01:51 | 000,017,408 | ---- | C] () -- C:\Users\Dani\AppData\Local\WebpageIcons.db
[2011/07/28 00:08:51 | 000,000,644 | ---- | C] () -- C:\Users\Dani\AppData\Roaming\wklnhst.dat
[2011/07/26 13:09:30 | 001,591,234 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2011/07/17 08:49:23 | 000,000,000 | ---- | C] () -- C:\Users\Dani\AppData\Local\{12892823-F3E1-48B8-AF15-3211D178F1D9}
[2011/06/27 21:42:40 | 000,000,260 | ---- | C] () -- C:\Users\Dani\AppData\Roaming\Default.PLS
[2011/06/22 22:26:26 | 000,000,000 | ---- | C] () -- C:\windows\nsreg.dat
[2011/06/21 13:16:39 | 000,112,128 | -H-- | C] () -- C:\windows\SysWow64\mlfcache.dat
[2011/06/16 23:20:41 | 000,000,910 | ---- | C] () -- C:\windows\wiso.ini
[2011/06/13 23:05:44 | 000,015,873 | ---- | C] () -- C:\windows\SysWow64\Inetde.dll
[2011/06/11 20:18:52 | 000,000,403 | ---- | C] () -- C:\windows\ODBC.INI
========== ZeroAccess Check ==========
[2009/07/14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
< End of report > |