TR/Crypt.xpack.gen - alle Programme/Dateien unsichtbar

.
DDS (Ver_2011-08-26.01) - NTFSx86 
Internet Explorer: 9.0.8112.16421
Run by tim at 1:15:47 on 2012-03-24
Microsoft Windows 7 Professional   6.1.7601.1.1252.49.1031.18.2985.1002 [GMT 1:00]
.
AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files\Common Files\SPBA\upeksvr.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Intel\WiFi\bin\ZCfgSvc7.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe
C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe
C:\Program Files\IDT\WDM\aestsrv.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
c:\Program Files\Dell\Feature Enhancement Pack\DFEPService.exe
C:\Windows\system32\IProsetMonitor.exe
C:\Program Files\Intel\Services\IPT\jhi_service.exe
C:\Windows\system32\DRIVERS\o2flash.exe
c:\Windows\system32\srvany.exe
c:\Windows\system32\SDIOAssist.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
C:\Program Files\STMicroelectronics\AccelerometerP11\FF_Protection.exe
C:\Program Files\Dell\Feature Enhancement Pack\DFEPApplication.exe
C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmNotify.exe
C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe
C:\Program Files\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\dell\DBRM\Reminder\DbrmTrayicon.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Windows\system32\conhost.exe
C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Brother\ControlCenter3\brccMCtl.exe
C:\Program Files\Brother\Brmfcmon\BrMfimon.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\ACD Systems\ACDSee Pro\5.0\ACDSeeProInTouch2.exe
C:\Windows\system32\rundll32.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Windows Live\Mesh\WLSync.exe
C:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Windows Live\Mesh\MOE.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil11e_ActiveX.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn
uStart Page = hxxp://www.google.de/
mDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SMSN&bmod=SMSN
mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=SMSN&bmod=SMSN
BHO: ContributeBHO Class: {074c1dc5-9320-4a9a-947d-c042949c6216} - c:\program files\adobe\adobe contribute cs5\plugins\ieplugin\contributeieplugin.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: TmIEPlugInBHO Class: {1ca1377b-dc1d-4a52-9585-6e06050fac53} - c:\program files\trend micro\client server security agent\bho\1009\TmIEPlg.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~1\office14\GROOVEEX.DLL
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~1\office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
TB: Contribute Toolbar: {517bdde4-e3a7-4570-b21e-2b52b6139fc7} - c:\program files\adobe\adobe contribute cs5\plugins\ieplugin\contributeieplugin.dll
EB: Developer Tools: {1a6fe369-f28c-4ad9-a3e6-2bcb50807cf1} - c:\program files\internet explorer\iedvtool.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [WLSync] "c:\program files\windows live\mesh\WLSync.exe" /background
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized
uRun: [Google Update] "c:\users\tim\appdata\local\google\update\GoogleUpdate.exe" /c
mRun: [Apoint] c:\program files\delltpad\Apoint.exe
mRun: [SysTrayApp] c:\program files\idt\wdm\sttray.exe
mRun: [IntelPROSet] "c:\program files\common files\intel\wirelesscommon\iFrmewrk.exe" /tf Intel PROSet/Wireless
mRun: [FreeFallProtection] c:\program files\stmicroelectronics\accelerometerp11\FF_Protection.exe
mRun: [IMSS] "c:\program files\intel\intel(r) management engine components\imss\PIconStartup.exe"
mRun: [DFEPApplication] c:\program files\dell\feature enhancement pack\DFEPApplication.exe
mRun: [TdmNotify] c:\program files\dell\dell data protection\access\advanced\wave\trusted drive manager\TdmNotify.exe
mRun: [Dell Webcam Central] "c:\program files\dell webcam\dell webcam central\WebcamDell2.exe" /mode2
mRun: [RemoteControl9] "c:\program files\cyberlink\powerdvd9\PDVD9Serv.exe"
mRun: [PDVD9LanguageShortcut] "c:\program files\cyberlink\powerdvd9\language\Language.exe"
mRun: [<NO NAME>] 
mRun: [RoxWatchTray] "c:\program files\common files\roxio shared\oem\12.0\sharedcom\RoxWatchTray12OEM.exe"
mRun: [Desktop Disc Tool] "c:\program files\roxio\oem\roxio burn\RoxioBurnLauncher.exe"
mRun: [IAStorIcon] c:\program files\intel\intel(r) rapid storage technology\IAStorIcon.exe
mRun: [DBRMTray] c:\dell\dbrm\reminder\DbrmTrayIcon.exe
mRun: [BCSSync] "c:\program files\microsoft office\office14\BCSSync.exe" /DelayServices
mRun: [Adobe Acrobat Speed Launcher] "c:\program files\adobe\acrobat 9.0\acrobat\Acrobat_sl.exe"
mRun: [Acrobat Assistant 8.0] "c:\program files\adobe\acrobat 9.0\acrobat\Acrotray.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [AdobeAAMUpdater-1.0] "c:\program files\common files\adobe\oobe\pdapp\uwa\UpdaterStartupUtility.exe"
mRun: [AdobeCS5ServiceManager] "c:\program files\common files\adobe\cs5servicemanager\CS5ServiceManager.exe" -launchedbylogin
mRun: [SwitchBoard] c:\program files\common files\adobe\switchboard\SwitchBoard.exe
mRun: [LexwareInfoService] c:\program files\common files\lexware\update manager\LxUpdateManager.exe /autostart
mRun: [BrMfcWnd] c:\program files\brother\brmfcmon\BrMfcWnd.exe /AUTORUN
mRun: [ControlCenter3] c:\program files\brother\controlcenter3\brctrcen.exe /autorun
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [NVHotkey] rundll32.exe c:\windows\system32\nvHotkey.dll,Start
mRun: [nwiz] c:\program files\nvidia corporation\nview\nwiz.exe /installquiet
mRun: [itype] "c:\program files\microsoft intellitype pro\itype.exe"
mRun: [ACPW05EN] "c:\program files\acd systems\acdsee pro\5.0\ACDSeeProInTouch2.exe" /pid ACPW05EN
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
mRunOnce: [DBRMTray] c:\dell\dbrm\reminder\TrayApp.exe
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: DisableCAD = 1 (0x1)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: An OneNote s&enden - c:\progra~1\micros~1\office14\ONBttnIE.dll/105
IE: An vorhandene PDF-Datei anfügen - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppend.html
IE: Bild an &Bluetooth-Gerät senden... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm
IE: In Adobe PDF konvertieren - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECapture.html
IE: Linkziel an vorhandene PDF-Datei anhängen - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Linkziel in Adobe PDF konvertieren - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Nach Microsoft E&xcel exportieren - c:\progra~1\micros~1\office14\EXCEL.EXE/3000
IE: Seite an &Bluetooth-Gerät senden... - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
TCP: DhcpNameServer = 213.191.92.86 62.109.123.7
TCP: Interfaces\{4B8CF7C7-5844-48B7-93C0-009D803A38C3} : DhcpNameServer = 213.191.92.86 62.109.123.7
TCP: Interfaces\{4B8CF7C7-5844-48B7-93C0-009D803A38C3}\142736F627D2731433631383F554B425 : DhcpNameServer = 192.168.2.1
TCP: Interfaces\{4B8CF7C7-5844-48B7-93C0-009D803A38C3}\3516D636F6E6 : DhcpNameServer = 89.0.0.63
TCP: Interfaces\{4B8CF7C7-5844-48B7-93C0-009D803A38C3}\3736866FE686F6C6A7 : DhcpNameServer = 192.168.2.1
TCP: Interfaces\{4B8CF7C7-5844-48B7-93C0-009D803A38C3}\75F4F4D4542514F5E45445 : DhcpNameServer = 192.168.0.1
TCP: Interfaces\{F8DBC941-330C-4470-8F09-24C7E44A34EB} : NameServer = 193.189.244.225 193.189.244.206
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - 
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
Notify: igfxcui - igfxdev.dll
Notify: spba - c:\program files\common files\spba\homefus2.dll
AppInit_DLLs: c:\windows\system32\nvinit.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~1\office14\GROOVEEX.DLL
LSA: Authentication Packages = msv1_0 wvauth
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\tim\appdata\roaming\mozilla\firefox\profiles\7ninmsum.default\
FF - prefs.js: browser.search.selectedEngine - Google.de
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/webhp?hl=de&tab=fw
FF - prefs.js: network.proxy.ftp - 108.62.148.233
FF - prefs.js: network.proxy.ftp_port - 19755
FF - prefs.js: network.proxy.http - 108.62.148.233
FF - prefs.js: network.proxy.http_port - 19755
FF - prefs.js: network.proxy.socks - 108.62.148.233
FF - prefs.js: network.proxy.socks_port - 19755
FF - prefs.js: network.proxy.ssl - 108.62.148.233
FF - prefs.js: network.proxy.ssl_port - 19755
FF - prefs.js: network.proxy.type - 0
FF - plugin: c:\progra~1\micros~1\office14\NPAUTHZ.DLL
FF - plugin: c:\progra~1\micros~1\office14\NPSPWRAP.DLL
FF - plugin: c:\program files\adobe\acrobat 9.0\acrobat\air\nppdf32.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\microsoft silverlight\4.1.10111.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npstrlnk.dll
FF - plugin: c:\program files\nvidia corporation\3d vision\npnv3dv.dll
FF - plugin: c:\program files\nvidia corporation\3d vision\npnv3dvstreaming.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\users\tim\appdata\local\google\update\1.3.21.99\npGoogleUpdate3.dll
.
============= SERVICES / DRIVERS ===============
.
R0 nvpciflt;nvpciflt;c:\windows\system32\drivers\nvpciflt.sys [2012-1-5 20328]
R0 stdcfltn;Disk Class Filter Driver for Accelerometer;c:\windows\system32\drivers\stdcfltn.sys [2012-1-4 17904]
R1 avkmgr;avkmgr;c:\windows\system32\drivers\avkmgr.sys [2012-3-23 36000]
R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-14 48128]
R2 AESTFilters;Andrea ST Filters Service;c:\program files\idt\wdm\AEstSrv.exe [2012-1-4 81920]
R2 AntiVirSchedulerService;Avira Planer;c:\program files\avira\antivir desktop\sched.exe [2012-3-23 86224]
R2 AntiVirService;Avira Echtzeit Scanner;c:\program files\avira\antivir desktop\avguard.exe [2012-3-23 110032]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2012-3-23 74640]
R2 Credential Vault Host Control Service;Credential Vault Host Control Service;c:\program files\broadcom corporation\broadcom ush host components\cv\bin\HostControlService.exe [2011-5-11 826272]
R2 Credential Vault Host Storage;Credential Vault Host Storage;c:\program files\broadcom corporation\broadcom ush host components\cv\bin\HostStorageService.exe [2011-5-11 31648]
R2 DFEPService;Dell Feature Enhancement Pack Service;c:\program files\dell\feature enhancement pack\DFEPService.exe [2011-8-24 1568664]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files\intel\intel(r) rapid storage technology\IAStorDataMgrSvc.exe [2012-1-10 13336]
R2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;c:\windows\system32\IPROSetMonitor.exe [2012-1-5 112800]
R2 jhi_service;Intel(R) Identity Protection Technology Host Interface Service;c:\program files\intel\services\ipt\jhi_service.exe [2011-2-24 212944]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\nvidia corporation\nvidia updatus\daemonu.exe [2012-1-4 1997416]
R2 O2SDIOAssist;O2SDIOAssist;c:\windows\system32\srvany.exe [2012-1-5 8192]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\nvidia corporation\3d vision\nvSCPAPISvr.exe [2011-6-5 378472]
R2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files\intel\intel(r) management engine components\uns\UNS.exe [2012-1-5 2656536]
R2 Wave Authentication Manager Service;Wave Authentication Manager Service;c:\program files\dell\dell data protection\access\advanced\wave\authentication manager\WaveAMService.exe [2011-7-1 1131520]
R2 ZcfgSvc7;Intel(R) PROSet/Wireless ZeroConfig Service;c:\program files\intel\wifi\bin\ZCfgSvc7.exe [2010-12-23 577536]
R3 Acceler;Accelerometer Service;c:\windows\system32\drivers\accelern.sys [2012-1-5 44144]
R3 BTWAMPFL;BTWAMPFL;c:\windows\system32\drivers\btwampfl.sys [2012-1-5 302120]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\drivers\btwl2cap.sys [2012-1-5 33832]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\drivers\CtClsFlt.sys [2012-1-5 144576]
R3 cvusbdrv;Dell ControlVault;c:\windows\system32\drivers\cvusbdrv.sys [2011-5-10 33896]
R3 e1cexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver C;c:\windows\system32\drivers\e1c6232.sys [2012-1-5 268968]
R3 MEI;Intel(R) Management Engine Interface;c:\windows\system32\drivers\HECI.sys [2012-1-5 41088]
R3 NETwNs32;___ Intel(R) Wireless WiFi Link der Serie 5000 Adaptertreiber für Windows 7 32-Bit;c:\windows\system32\drivers\NETwNs32.sys [2012-1-5 7434240]
R3 O2MDRRDR;O2MDRRDR;c:\windows\system32\drivers\O2MDRw7.sys [2012-1-5 62440]
R3 O2SDJRDR;O2SDJRDR;c:\windows\system32\drivers\o2sdjw7.sys [2012-1-5 63976]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\drivers\vwifimp.sys [2009-7-14 14336]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files\common files\roxio shared\oem\12.0\sharedcom\RoxWatch12OEM.exe [2010-11-25 219632]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 CtAudDrv;Provides advanced audio effects for audio devices.;c:\windows\system32\drivers\CtAudDrv.sys [2012-1-5 134144]
S3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 62464]
S3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\drivers\ewusbnet.sys [2012-1-31 201168]
S3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\drivers\ewusbdev.sys [2012-1-31 101120]
S3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [2012-1-5 132480]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\microsoft office\office14\GROOVE.EXE [2011-6-12 31125880]
S3 netvsc;netvsc;c:\windows\system32\drivers\netvsc60.sys [2010-11-21 126464]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2012-1-5 139368]
S3 O2MDFRDR;O2MDFRDR;c:\windows\system32\drivers\o2mdfw7.sys [2012-1-5 60904]
S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000]
S3 RoxMediaDB12OEM;RoxMediaDB12OEM;c:\program files\common files\roxio shared\oem\12.0\sharedcom\RoxMediaDB12OEM.exe [2010-11-25 1116656]
S3 StorSvc;Speicherdienst;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 20992]
S3 SwitchBoard;SwitchBoard;c:\program files\common files\adobe\switchboard\SwitchBoard.exe [2010-2-19 517096]
S3 SynthVid;SynthVid;c:\windows\system32\drivers\VMBusVideoM.sys [2010-11-21 19456]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2010-11-20 52224]
S3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\wat\WatAdminSvc.exe [2012-3-10 1343400]
S4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\windows live\mesh\wlcrasvc.exe [2010-9-22 51040]
.
=============== Created Last 30 ================
.
2012-03-23 23:52:15	--------	d-----w-	c:\users\tim\appdata\local\{FEFAFC49-B184-41C0-A871-5C71A3F12A93}
2012-03-23 23:51:09	--------	d-----w-	c:\users\tim\appdata\local\{08821E59-7892-4EAA-A1F7-5119AC2F7BA8}
2012-03-23 21:20:51	--------	d-----w-	c:\users\tim\appdata\roaming\Avira
2012-03-23 21:15:36	74640	----a-w-	c:\windows\system32\drivers\avgntflt.sys
2012-03-23 21:15:36	36000	----a-w-	c:\windows\system32\drivers\avkmgr.sys
2012-03-23 21:15:36	--------	d-----w-	c:\programdata\Avira
2012-03-23 21:15:36	--------	d-----w-	c:\program files\Avira
2012-03-23 11:45:35	--------	d--h--w-	c:\users\tim\appdata\roaming\MySEOSolution_DB_Dir
2012-03-23 11:45:31	--------	d--h--w-	c:\users\tim\appdata\local\MySEOSolution
2012-03-23 11:45:01	--------	d-----w-	c:\program files\Article Wizard
2012-03-23 09:42:21	--------	d--h--w-	c:\users\tim\appdata\local\{271870CF-448E-45AE-ADAF-24E6C25DD9D3}
2012-03-23 09:41:13	--------	d--h--w-	c:\users\tim\appdata\local\{80C75872-6458-4FDD-85F2-872AC216C186}
2012-03-23 08:46:08	6582328	----a-w-	c:\programdata\microsoft\windows defender\definition updates\{ed53bb12-40c8-43c0-9af5-412feb0ce39d}\mpengine.dll
2012-03-22 21:16:46	--------	d--h--w-	c:\users\tim\appdata\local\{0F31B976-6470-4CDA-AB61-6EEAFD8B5DA2}
2012-03-22 21:16:35	--------	d--h--w-	c:\users\tim\appdata\local\{AE10FD9E-B7AA-4DD9-9429-F0D8AF7ECF01}
2012-03-22 09:16:12	--------	d--h--w-	c:\users\tim\appdata\local\{ACA94B5F-F5EE-4D38-BD0C-23E2B76B00BF}
2012-03-22 09:16:02	--------	d--h--w-	c:\users\tim\appdata\local\{0FF106DB-FDCF-4A36-85A5-E143421CA464}
2012-03-21 21:15:38	--------	d--h--w-	c:\users\tim\appdata\local\{87BF61A4-1BEF-434D-B77B-1AFDC1423516}
2012-03-21 09:15:17	--------	d--h--w-	c:\users\tim\appdata\local\{DB66502F-A12D-471F-89D0-2CDD4B5CDC8F}
2012-03-21 09:14:40	--------	d--h--w-	c:\users\tim\appdata\local\{086299ED-B6C4-4D03-8944-3FDAB5EE1CFE}
2012-03-20 20:45:40	--------	d--h--w-	c:\users\tim\appdata\local\{89784105-383F-479A-8D2D-FCFC253DD7BE}
2012-03-20 08:45:09	--------	d--h--w-	c:\users\tim\appdata\local\{2A120F72-14C2-4E6C-8AE3-6A9FBE90F23F}
2012-03-20 08:44:01	--------	d--h--w-	c:\users\tim\appdata\local\{63E822B4-FFDD-4204-A230-3C391B080AC1}
2012-03-19 20:22:54	--------	d--h--w-	c:\users\tim\appdata\local\{E1C86CA5-75F1-47E1-ABFD-7CD215FA519C}
2012-03-19 20:22:45	--------	d--h--w-	c:\users\tim\appdata\local\{3A38CCD4-BE0D-4E5E-BFAE-EE02FCF2266D}
2012-03-19 08:22:21	--------	d--h--w-	c:\users\tim\appdata\local\{DB96986A-90C8-4415-A142-F59E0EF194C8}
2012-03-19 08:20:45	--------	d--h--w-	c:\users\tim\appdata\local\{E6F2045E-0915-4F6B-9DE2-C67E840F9C06}
2012-03-18 13:08:29	--------	d--h--w-	c:\users\tim\appdata\local\{45580A3C-5A36-43D0-93C4-DB1097E6E8E7}
2012-03-18 13:08:19	--------	d--h--w-	c:\users\tim\appdata\local\{3753E0A4-F2F2-4A06-9CA1-17F2A8D8E88A}
2012-03-17 17:18:51	592824	----a-w-	c:\program files\mozilla firefox\gkmedias.dll
2012-03-17 17:18:51	44472	----a-w-	c:\program files\mozilla firefox\mozglue.dll
2012-03-17 09:56:34	--------	d--h--w-	c:\users\tim\appdata\local\{B9E53D4C-C04B-4D26-B76E-72CF91D01485}
2012-03-17 09:54:59	--------	d--h--w-	c:\users\tim\appdata\local\{5DBA6D5D-1FCF-4FE3-B0D3-B5F2611F8E18}
2012-03-16 18:07:13	--------	d-----w-	c:\users\tim\appdata\local\ElevatedDiagnostics
2012-03-16 12:15:44	--------	d--h--w-	c:\users\tim\appdata\local\{BF4CBE36-31C9-44D7-B875-37C8D3479205}
2012-03-16 12:15:34	--------	d--h--w-	c:\users\tim\appdata\local\{80CAC4A6-B04D-4BA3-9167-C18E9FF4B919}
2012-03-15 23:37:39	--------	d--h--w-	c:\users\tim\appdata\local\{9A36813A-FD9C-41C1-A104-89DDD11564ED}
2012-03-15 23:37:29	--------	d--h--w-	c:\users\tim\appdata\local\{46C0BD45-A012-4F59-AE7E-DFB423D78EB5}
2012-03-15 10:36:24	--------	d--h--w-	c:\users\tim\appdata\local\{1AFC7E61-B75C-46FB-8DC2-4E14509ECA6A}
2012-03-15 10:34:48	--------	d--h--w-	c:\users\tim\appdata\local\{C5D4F8A9-F1F1-4E79-ADF0-B6C843A50CEC}
2012-03-14 12:32:00	--------	d-----w-	c:\windows\system32\appmgmt
2012-03-14 12:13:21	--------	d-----w-	c:\windows\system32\32bit
2012-03-14 11:36:24	3968368	----a-w-	c:\windows\system32\ntkrnlpa.exe
2012-03-14 11:36:24	3913584	----a-w-	c:\windows\system32\ntoskrnl.exe
2012-03-14 11:32:21	2343424	----a-w-	c:\windows\system32\win32k.sys
2012-03-14 11:32:20	1077248	----a-w-	c:\windows\system32\DWrite.dll
2012-03-14 11:31:51	826880	----a-w-	c:\windows\system32\rdpcore.dll
2012-03-14 11:31:51	24576	----a-w-	c:\windows\system32\drivers\tdtcp.sys
2012-03-14 11:31:51	183808	----a-w-	c:\windows\system32\drivers\rdpwd.sys
2012-03-14 11:31:50	8192	----a-w-	c:\windows\system32\rdrmemptylst.exe
2012-03-14 11:31:49	58880	----a-w-	c:\windows\system32\rdpwsx.dll
2012-03-14 11:31:49	129536	----a-w-	c:\windows\system32\rdpcorekmts.dll
2012-03-14 11:29:02	--------	d--h--w-	c:\users\tim\appdata\local\{AA9E8203-F10E-451D-BFCF-3F9C0CB1F49F}
2012-03-14 11:28:51	--------	d--h--w-	c:\users\tim\appdata\local\{ED9E28F4-55E8-46FF-8187-2CD7435F3D70}
2012-03-13 09:17:42	--------	d--h--w-	c:\users\tim\appdata\local\{F517FB15-9A96-4D9B-BBA3-FD678B57EBC8}
2012-03-12 14:57:06	--------	d--h--w-	c:\users\tim\appdata\local\{5335B526-C3CC-43C1-9E0A-2A74C1FD64FF}
2012-03-12 14:56:55	--------	d--h--w-	c:\users\tim\appdata\local\{E4AA9C88-0C5D-4230-844C-4059EFCEFA59}
2012-03-10 11:26:45	--------	d--h--w-	c:\users\tim\appdata\local\{8E246D73-9CCC-4F26-A45D-B6ABDDC192E4}
2012-03-10 11:26:34	--------	d--h--w-	c:\users\tim\appdata\local\{E5CE3353-BC33-4878-9BA1-1283B5299E50}
2012-03-10 00:16:48	--------	d-----w-	c:\windows\system32\wbem\en-US
2012-03-09 22:03:13	--------	d--h--w-	c:\users\tim\appdata\local\{7598CAA2-2F46-4C3F-A828-BBC2B8E22200}
2012-03-09 22:03:01	--------	d--h--w-	c:\users\tim\appdata\local\{ED4828B2-024A-4FD5-A9FB-24A60B37A25C}
2012-03-09 12:51:22	--------	d--h--w-	C:\Black
2012-03-09 10:02:28	--------	d--h--w-	c:\users\tim\appdata\local\{E6B01C48-1723-46CA-9731-17D5B678E83F}
2012-03-08 22:01:50	--------	d--h--w-	c:\users\tim\appdata\local\{1D32F748-3217-4EE9-A668-CCA6F81F58F3}
2012-03-08 10:01:10	--------	d--h--w-	c:\users\tim\appdata\local\{6DC01205-E85F-47EE-B5B1-2A94690358D6}
2012-03-08 10:00:57	--------	d--h--w-	c:\users\tim\appdata\local\{6E042693-057C-40D0-AE0F-006D227B44B4}
2012-03-07 21:10:02	--------	d--h--w-	c:\users\tim\appdata\local\{E5D1EFA8-E8A1-4AF5-AB4F-791C7C996881}
2012-03-07 09:09:28	--------	d--h--w-	c:\users\tim\appdata\local\{EC6A002E-6DAF-4249-976B-11215EB7624B}
2012-03-07 09:09:16	--------	d--h--w-	c:\users\tim\appdata\local\{86F45F20-359B-48DA-9FD3-BED0A3C8F45F}
2012-03-06 20:58:21	--------	d--h--w-	c:\users\tim\appdata\local\{6CF797DF-06AC-48D2-B457-FDFEB0DD7D2F}
2012-03-06 20:58:10	--------	d--h--w-	c:\users\tim\appdata\local\{13B5A5C2-01C7-4623-B653-F8F7032CCB02}
2012-03-06 08:57:33	--------	d--h--w-	c:\users\tim\appdata\local\{C1246D82-F5C7-4705-8800-42B2299BE262}
2012-03-06 08:57:22	--------	d--h--w-	c:\users\tim\appdata\local\{A699392E-0403-4548-AACC-3713158919D1}
2012-03-05 22:34:54	--------	d--h--w-	c:\users\tim\appdata\local\{97DF9F08-92EB-4BFC-9BB9-816E38B90E0C}
2012-03-05 19:57:25	--------	d--h--w-	c:\users\tim\appdata\roaming\DataDesign
2012-03-05 10:34:18	--------	d--h--w-	c:\users\tim\appdata\local\{0F922214-881D-459E-AF9A-29BCFD4FBB04}
2012-03-05 10:34:07	--------	d--h--w-	c:\users\tim\appdata\local\{81522F1E-AF6B-4FB3-A48E-D9DA98BB7BFE}
2012-03-02 09:26:58	--------	d--h--w-	c:\users\tim\appdata\local\{10248E99-FCD5-4DBC-BD8D-A2C88B8BB222}
2012-03-02 09:26:46	--------	d--h--w-	c:\users\tim\appdata\local\{A6DAB23E-0950-4836-BDD4-FAB2BF3D65B2}
2012-03-01 21:26:13	--------	d--h--w-	c:\users\tim\appdata\local\{2F467FBD-3EBE-4282-8C5D-8B88C2267795}
2012-03-01 21:26:02	--------	d--h--w-	c:\users\tim\appdata\local\{6308FC79-414A-4532-920F-81F430981621}
2012-03-01 09:44:04	131072	----a-w-	c:\windows\system32\DellSPMsg.dll
2012-03-01 09:25:32	--------	d--h--w-	c:\users\tim\appdata\local\{F94A49AB-B7FC-47C4-A20C-A0D6EFBCB36C}
2012-02-29 11:08:29	--------	d--h--w-	c:\users\tim\appdata\local\{748CC442-51FD-4FA0-A241-0A0E6CBA10FE}
2012-02-29 11:08:19	--------	d--h--w-	c:\users\tim\appdata\local\{0EDA4505-C612-477C-A70E-EAF717A42136}
2012-02-28 23:07:48	--------	d--h--w-	c:\users\tim\appdata\local\{03501109-3989-49CC-9303-490010641B9E}
2012-02-28 23:07:32	--------	d--h--w-	c:\users\tim\appdata\local\{58A09299-50FF-41AF-A282-BFA6423AE1DB}
2012-02-28 11:04:52	--------	d--h--w-	c:\users\tim\appdata\local\{35A9597E-5562-41E2-888A-DCAB973F061C}
2012-02-28 11:04:41	--------	d--h--w-	c:\users\tim\appdata\local\{80BBCC43-1885-4392-8F2E-A15402859A2F}
2012-02-27 23:04:08	--------	d--h--w-	c:\users\tim\appdata\local\{9C52CD55-1CBE-462D-BDC2-8DCC9C1A81F0}
2012-02-27 23:03:54	--------	d--h--w-	c:\users\tim\appdata\local\{D44D7871-94C5-4B7F-961A-67C8E6055433}
2012-02-27 11:03:18	--------	d--h--w-	c:\users\tim\appdata\local\{7694AC0F-5DC5-4BA7-AAE3-7477FA04321B}
2012-02-26 13:14:57	--------	d--h--w-	c:\users\tim\appdata\local\{7E602F4A-F8C8-4E38-801E-87669497DBAC}
2012-02-26 13:14:45	--------	d--h--w-	c:\users\tim\appdata\local\{D21EA966-0F3F-4FAE-AFED-C5DCE9FF22D7}
2012-02-25 12:11:30	--------	d--h--w-	c:\users\tim\appdata\local\{8CFA108B-66CA-4C3A-B836-000D7F938271}
2012-02-25 12:11:19	--------	d--h--w-	c:\users\tim\appdata\local\{BE3D9C9D-92A6-440E-BC7A-A4CD7D2C564B}
2012-02-25 00:10:49	--------	d--h--w-	c:\users\tim\appdata\local\{DE350CA9-4EE7-4EDF-A009-9AC17CF6067F}
2012-02-24 12:10:20	--------	d--h--w-	c:\users\tim\appdata\local\{A7874EA8-F078-4BC8-B59D-A32F381BAC3C}
2012-02-24 12:10:09	--------	d--h--w-	c:\users\tim\appdata\local\{C25BF937-C6DE-4CE8-B42A-548A298C212B}
2012-02-24 00:09:45	--------	d--h--w-	c:\users\tim\appdata\local\{8F27F645-3CED-4F33-B44E-4BAAD0635222}
2012-02-23 12:09:24	--------	d--h--w-	c:\users\tim\appdata\local\{C3CFB9F6-7EB8-47C3-9B19-6DFDA530F9D8}
.
==================== Find3M  ====================
.
2012-02-23 08:18:36	237072	------w-	c:\windows\system32\MpSigStub.exe
2012-02-16 09:45:53	414368	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2012-01-10 12:28:16	0	----a-w-	c:\windows\invcol.tmp
2012-01-05 01:52:59	119808	----a-w-	c:\windows\system32\umpo.dll
2012-01-05 00:19:33	505128	----a-w-	c:\windows\system32\msvcp71.dll
2012-01-05 00:19:33	353576	----a-w-	c:\windows\system32\msvcr71.dll
2012-01-05 00:19:33	29480	----a-w-	c:\windows\system32\msxml3a.dll
2012-01-05 00:08:44	93224	----a-w-	c:\windows\system32\drivers\btwaudio.sys
2012-01-05 00:08:44	33832	----a-w-	c:\windows\system32\drivers\btwl2cap.sys
2012-01-05 00:08:44	302120	----a-w-	c:\windows\system32\drivers\btwampfl.sys
2012-01-05 00:08:44	18728	----a-w-	c:\windows\system32\drivers\btwrchid.sys
2012-01-05 00:08:44	114728	----a-w-	c:\windows\system32\drivers\btwavdt.sys
2012-01-04 08:58:41	442880	----a-w-	c:\windows\system32\ntshrui.dll
2011-12-30 05:27:56	478720	----a-w-	c:\windows\system32\timedate.cpl
.
============= FINISH:  1:16:08,03 ===============