Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Bundespolizei Trojaner sperrt Rechner

Bundespolizei Trojaner sperrt Rechner


Log-Analyse und Auswertung: Bundespolizei Trojaner sperrt Rechner

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Seite 2 von 4 1 2 34
Alt 03.10.2012, 12:54   #16
tschobeuter
 
Bundespolizei Trojaner sperrt Rechner - Standard

Bundespolizei Trojaner sperrt Rechner


Zu deinen Fragen:

1.) Ich habe den Eindruck, es geht wieder alles normal und uneingeschränkt.
2.) Es fehlt ein Eintrag unter Alle Programme von Firefly Studios -> Stronghold Crusaders, obwohl die .exe unter c:\Programme da ist.
Es sind noch ein paar andere Einträge (FreeFLV Converter, Quicktime) unter Alle Programme leer oder nicht erreichbar, aber da finde ich auch keine .exe unter c:\Programme.
Ansonsten habe ich das Gefühl es ist alles vorhanden.

Alt 03.10.2012, 19:18   #17
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Bundespolizei Trojaner sperrt Rechner - Standard

Bundespolizei Trojaner sperrt Rechner


Mach bitte ein neues OTL-Log. Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
ATTFilter
 hier steht das Log
CustomScan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop. Falls schon vorhanden, bitte die ältere vorhandene Datei durch die neu heruntergeladene Datei ersetzen, damit du auch wirklich mit einer aktuellen Version von OTL arbeitest.
  • Starte bitte die OTL.exe.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Setze oben mittig den Haken bei Scanne alle Benutzer
  • Kopiere nun den kompletten Inhalt aus der untenstehenden Codebox in die Textbox von OTL - wenn OTL auf deutsch ist wird sie mit beschriftet
Code:
ATTFilter
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT
  • Schliesse bitte nun alle Programme. (Wichtig)
  • Klicke nun bitte auf den Quick Scan Button.
  • Klick auf .
  • Kopiere nun den Inhalt aus OTL.txt hier in Deinen Thread
__________________

__________________
Alt 04.10.2012, 21:22   #18
tschobeuter
 
Bundespolizei Trojaner sperrt Rechner - Standard

Bundespolizei Trojaner sperrt Rechner


Wie gewünscht die OTL.TXT mit obigen Optionen gescannt:

Code:
ATTFilter
OTL logfile created on: 04.10.2012 22:06:28 - Run 2
OTL by OldTimer - Version 3.2.70.2     Folder = C:\Dokumente und Einstellungen\Reiner\Desktop\Bundestrojaner
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,12 Gb Available Physical Memory | 70,81% Memory free
5,84 Gb Paging File | 5,02 Gb Available in Paging File | 86,00% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 96,78 Gb Total Space | 49,14 Gb Free Space | 50,78% Space Free | Partition Type: FAT32
Drive D: | 201,28 Gb Total Space | 115,55 Gb Free Space | 57,41% Space Free | Partition Type: NTFS
 
Computer Name: COMPUTER | User Name: Reiner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.10.04 22:02:26 | 000,601,088 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Reiner\Desktop\Bundestrojaner\OTL.exe
PRC - [2012.09.11 07:18:30 | 006,035,064 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programme\AVG\AVG2012\avgmfapx.exe
PRC - [2012.09.07 17:04:46 | 000,676,936 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.09.07 17:04:46 | 000,399,432 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012.08.13 03:24:48 | 005,167,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programme\AVG\AVG2012\avgidsagent.exe
PRC - [2012.07.26 03:23:08 | 000,758,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programme\AVG\AVG2012\avgrsx.exe
PRC - [2012.06.13 03:48:24 | 001,255,544 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programme\AVG\AVG2012\avgnsx.exe
PRC - [2012.05.29 13:09:52 | 001,528,672 | ---- | M] (TuneUp Software) -- C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe
PRC - [2012.03.19 21:21:48 | 000,265,928 | ---- | M] (SpeedBit Ltd.) -- C:\Programme\SpeedBit Video Accelerator\VideoAcceleratorService.exe
PRC - [2012.03.19 05:18:12 | 000,979,840 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programme\AVG\AVG2012\avgemcx.exe
PRC - [2012.02.27 00:15:42 | 000,055,144 | ---- | M] (Apple Inc.) -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2012.02.14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programme\AVG\AVG2012\avgwdsvc.exe
PRC - [2012.02.14 04:52:38 | 000,338,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programme\AVG\AVG2012\avgcsrvx.exe
PRC - [2010.10.16 22:37:24 | 000,202,256 | ---- | M] (RealNetworks, Inc.) -- C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe
PRC - [2010.07.04 19:07:40 | 000,238,952 | ---- | M] (Teruten) -- C:\WINDOWS\system32\FsUsbExService.Exe
PRC - [2009.10.24 03:18:54 | 000,360,224 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\PMB\PMBDeviceInfoProvider.exe
PRC - [2009.07.13 23:18:12 | 000,071,096 | ---- | M] () -- C:\Programme\CDBurnerXP\NMSAccessU.exe
PRC - [2008.04.14 07:52:46 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008.04.07 09:17:30 | 000,430,592 | ---- | M] (Nokia.) -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe
PRC - [2008.03.10 09:58:18 | 000,130,560 | ---- | M] () -- C:\Programme\PC Connectivity Solution\Transports\NclUSBSrv.exe
PRC - [2008.02.22 09:11:02 | 000,120,320 | ---- | M] () -- C:\Programme\PC Connectivity Solution\Transports\NclRSSrv.exe
PRC - [2007.09.11 00:45:04 | 000,124,832 | ---- | M] () -- C:\Programme\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
PRC - [2007.09.07 22:22:24 | 000,204,800 | ---- | M] (UASSOFT.COM) -- C:\Programme\Multimedia Mouse Driver\KMWDSrv.exe
PRC - [2006.09.28 10:20:00 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Programme\Gemeinsame Dateien\Ulead Systems\DVD\ULCDRSvr.exe
PRC - [2006.05.23 23:49:14 | 000,024,576 | ---- | M] (Syntek America Inc.) -- C:\WINDOWS\system32\StkASv2K.exe
PRC - [2003.06.19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE
PRC - [2001.08.18 04:55:00 | 000,086,016 | ---- | M] (PCtel, Inc.) -- C:\WINDOWS\system32\pctspk.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.07.27 22:51:38 | 000,301,056 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.DEU
MOD - [2012.02.20 21:29:04 | 000,087,912 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\zlib1.dll
MOD - [2012.02.20 21:28:42 | 001,242,472 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\libxml2.dll
MOD - [2010.03.15 11:28:24 | 000,141,824 | ---- | M] () -- C:\Programme\WinRAR\RarExt.dll
MOD - [2009.07.13 23:18:12 | 000,071,096 | ---- | M] () -- C:\Programme\CDBurnerXP\NMSAccessU.exe
MOD - [2008.03.10 09:58:18 | 000,130,560 | ---- | M] () -- C:\Programme\PC Connectivity Solution\Transports\NclUSBSrv.exe
MOD - [2008.02.22 09:11:02 | 000,120,320 | ---- | M] () -- C:\Programme\PC Connectivity Solution\Transports\NclRSSrv.exe
MOD - [2007.09.11 00:45:04 | 000,124,832 | ---- | M] () -- C:\Programme\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
MOD - [2002.07.03 17:38:00 | 000,053,248 | ---- | M] () -- C:\Programme\ArcSoft\Software Suite\PhotoImpression\Share\PIHook.dll
 
 
========== Services (SafeList) ==========
 
SRV - File not found [Auto | Stopped] -- K:\VNC4\VNC4\WinVNC4.exe -- (WinVNC4)
SRV - File not found [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService)
SRV - File not found [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\AVM\de_serv.exe -- (de_serv)
SRV - File not found [Auto | Stopped] -- C:\Programme\Symantec\LiveUpdate\ALUSchedulerSvc.exe -- (Automatisches LiveUpdate - Scheduler)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2012.09.23 19:50:08 | 000,250,288 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.09.07 17:04:46 | 000,676,936 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.09.07 17:04:46 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012.08.13 03:24:48 | 005,167,736 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Programme\AVG\AVG2012\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2012.07.18 17:36:52 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.05.29 13:09:52 | 001,528,672 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2012.03.19 21:21:48 | 000,265,928 | ---- | M] (SpeedBit Ltd.) [Auto | Running] -- C:\Programme\SpeedBit Video Accelerator\VideoAcceleratorService.exe -- (VideoAcceleratorService)
SRV - [2012.02.27 00:15:42 | 000,055,144 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2012.02.14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Programme\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2010.07.04 19:07:40 | 000,238,952 | ---- | M] (Teruten) [Auto | Running] -- C:\WINDOWS\system32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2009.10.24 03:18:54 | 000,360,224 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\Sony\PMB\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)
SRV - [2009.07.13 23:18:12 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Programme\CDBurnerXP\NMSAccessU.exe -- (NMSAccessU)
SRV - [2008.10.10 21:52:52 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008.04.07 09:17:30 | 000,430,592 | ---- | M] (Nokia.) [On_Demand | Running] -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2007.09.11 00:45:04 | 000,124,832 | ---- | M] () [Auto | Running] -- C:\Programme\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor6.0)
SRV - [2007.09.07 22:22:24 | 000,204,800 | ---- | M] (UASSOFT.COM) [Auto | Running] -- C:\Programme\Multimedia Mouse Driver\KMWDSrv.exe -- (KMWDSERVICE)
SRV - [2007.01.19 11:49:26 | 000,049,152 | ---- | M] (Wireless Service) [Auto | Stopped] -- C:\Programme\ANI\ANIWZCS2 Service\ANIWZCSdS.exe -- (ANIWZCSdService)
SRV - [2006.09.28 10:20:00 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
SRV - [2006.05.23 23:49:14 | 000,024,576 | ---- | M] (Syntek America Inc.) [Auto | Running] -- C:\WINDOWS\system32\StkASv2K.exe -- (StkASSrv)
SRV - [2005.04.04 00:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2003.07.28 12:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2003.06.19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM)
SRV - [2001.08.18 04:55:00 | 000,086,016 | ---- | M] (PCtel, Inc.) [Auto | Running] -- C:\WINDOWS\system32\pctspk.exe -- (Pctspk)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\DRIVERS\wanatw4.sys -- (wanatw)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRAMME\NORMAN\nvc\BIN\nvcoarc51.sys -- (nvcoarc51)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRAMME\NORMAN\nvc\BIN\nvcoafl51.sys -- (nvcoafl51)
DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] --  -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
DRV - [2012.09.07 17:04:46 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012.08.24 15:43:18 | 000,301,920 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2012.07.26 03:21:30 | 000,237,408 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2012.05.08 15:21:42 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2012.04.19 04:50:26 | 000,024,896 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2012.01.31 04:46:50 | 000,031,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2011.12.23 13:32:14 | 000,041,040 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011.12.23 13:32:08 | 000,017,232 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2011.12.23 13:32:06 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\avgidsfilterx.sys -- (AVGIDSFilter)
DRV - [2011.12.23 13:32:00 | 000,139,856 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2010.06.14 09:32:54 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2010.05.12 12:23:04 | 000,016,896 | ---- | M] (Danish Wireless Design A/S) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\FlashUSB.sys -- (FlashUSB)
DRV - [2010.04.27 04:25:16 | 000,123,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV - [2010.04.27 04:25:16 | 000,098,432 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bbus.sys -- (ss_bbus)
DRV - [2010.04.27 04:25:16 | 000,014,848 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bmdfl.sys -- (ss_bmdfl)
DRV - [2009.11.17 19:51:38 | 005,956,608 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2009.11.12 14:48:56 | 000,007,168 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2009.05.25 14:35:00 | 000,116,904 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1029unic.sys -- (s1029unic)
DRV - [2009.05.25 14:34:56 | 000,122,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1029mdm.sys -- (s1029mdm)
DRV - [2009.05.25 14:34:56 | 000,090,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1029bus.sys -- (s1029bus)
DRV - [2009.05.25 14:34:56 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1029mdfl.sys -- (s1029mdfl)
DRV - [2009.05.25 14:34:54 | 000,115,880 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1029mgmt.sys -- (s1029mgmt)
DRV - [2009.05.25 14:34:54 | 000,111,912 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1029obex.sys -- (s1029obex)
DRV - [2009.05.25 14:34:54 | 000,026,024 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1029nd5.sys -- (s1029nd5)
DRV - [2008.10.10 21:26:12 | 000,016,608 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\gdrv.sys -- (gdrv)
DRV - [2008.08.05 20:10:12 | 001,684,736 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2008.06.18 11:23:38 | 003,692,288 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtHDMI.sys -- (RTHDMIAzAudService)
DRV - [2008.04.14 00:15:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2008.03.13 00:09:36 | 002,870,784 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2008.01.15 21:50:52 | 000,459,520 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Dr71WU.sys -- (RT73)
DRV - [2008.01.04 08:10:16 | 000,105,856 | R--- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2007.09.17 15:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007.04.16 16:46:34 | 000,033,792 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdPPM.sys -- (AmdPPM)
DRV - [2006.12.28 18:44:44 | 000,084,992 | R--- | M] (ATI Research Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AtiHdAud.sys -- (HdAudAddService)
DRV - [2006.11.15 17:32:44 | 000,242,139 | ---- | M] (Syntek America Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\StkAMini.sys -- (StkAMini)
DRV - [2006.06.27 18:27:18 | 000,004,772 | ---- | M] (Syntek America Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\StkScan.sys -- (StkScan)
DRV - [2006.01.04 15:41:48 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2005.12.11 11:55:38 | 000,028,195 | ---- | M] (Alpha Networks Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\ANIO.sys -- (ANIO)
DRV - [2005.11.03 15:40:08 | 000,063,488 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfvfs02.sys -- (sfvfs02)
DRV - [2005.08.10 13:44:06 | 000,050,688 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfdrv01.sys -- (sfdrv01)
DRV - [2005.05.16 14:20:40 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfhlp02.sys -- (sfhlp02)
DRV - [2004.08.03 22:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rtl8139.sys -- (rtl8139)
DRV - [2004.07.16 16:47:14 | 000,014,165 | ---- | M] (Pinnacle Systems GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\Pclepci.sys -- (PCLEPCI)
DRV - [2003.09.19 16:45:48 | 000,021,248 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2001.11.28 10:18:00 | 000,162,304 | ---- | M] (NVIDIA® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nvapu.sys -- (nvnforce)
DRV - [2001.11.28 10:18:00 | 000,013,056 | ---- | M] (NVIDIA® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nvax.sys -- (nvax)
DRV - [2001.11.20 19:20:00 | 000,013,502 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nv_agp.SYS -- (nv_agp)
DRV - [2001.08.17 13:28:16 | 000,397,502 | ---- | M] (PCtel, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\vpctcom.sys -- (Vpctcom)
DRV - [2001.08.17 13:28:16 | 000,064,605 | ---- | M] (PCtel, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\vvoice.sys -- (Vvoice)
DRV - [2001.08.17 13:28:14 | 000,604,253 | ---- | M] (PCTEL, INC.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\vmodem.sys -- (Vmodem)
DRV - [2001.08.17 13:28:14 | 000,112,574 | ---- | M] (PCTEL, INC.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ptserlp.sys -- (Ptserlp)
DRV - [2001.08.17 12:12:02 | 000,063,208 | ---- | M] (Intel Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\dc21x4.sys -- (DC21x4)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-21-874574627-2650805779-3784137826-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-21-874574627-2650805779-3784137826-1007\..\URLSearchHook:  - No CLSID value found
IE - HKU\S-1-5-21-874574627-2650805779-3784137826-1007\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-874574627-2650805779-3784137826-1007\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKU\S-1-5-21-874574627-2650805779-3784137826-1007\..\SearchScopes\{2EB5D0A4-90B5-434A-A3F3-DE492D815145}: "URL" = hxxp://go.1und1.de/suchbox/1und1suche?su={searchTerms}
IE - HKU\S-1-5-21-874574627-2650805779-3784137826-1007\..\SearchScopes\{510D9FB1-B50F-4B4D-81A5-23655474DC2A}: "URL" = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=867034&p={searchTerms}
IE - HKU\S-1-5-21-874574627-2650805779-3784137826-1007\..\SearchScopes\{A42E06CC-6C32-456A-943A-F9F6DFFC39EC}: "URL" = hxxp://go.1und1.de/suchbox/amazon?tag=1und1icon-21&field-keywords={searchTerms}
IE - HKU\S-1-5-21-874574627-2650805779-3784137826-1007\..\SearchScopes\{E08A9998-D98F-476f-8F5C-37C80FE0A4DA}: "URL" = hxxp://de.search.yahoo.com/search?fr=chr-ober&type=gamenextde&p={searchTerms}
IE - HKU\S-1-5-21-874574627-2650805779-3784137826-1007\..\SearchScopes\{E59FA6AF-986F-4597-9196-310659A15010}: "URL" = hxxp://go.web.de/suchbox/google?q={searchTerms}
IE - HKU\S-1-5-21-874574627-2650805779-3784137826-1007\..\SearchScopes\{FB0684CD-9707-4FBA-9FE4-C020B8F68521}: "URL" = hxxp://go.web.de/suchbox/ebay?query={searchTerms}
IE - HKU\S-1-5-21-874574627-2650805779-3784137826-1007\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-874574627-2650805779-3784137826-1007\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q="
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=867034"
FF - prefs.js..browser.search.selectedEngine: "AVG Secure Search"
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledAddons: {F53C93F1-07D5-430c-86D4-C9531B27DFAF}:12.0.0.2189
FF - prefs.js..extensions.enabledAddons: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}:6.0.35
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: litmus-ff@f-secure.com:1.10
FF - prefs.js..extensions.enabledItems: searchsettings@spigot.com:1.2.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.5
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..keyword.URL: "hxxp://isearch.avg.com/search?cid=%7B889d85ae-6d4f-47cc-ab42-b1712c88ad85%7D&mid=af1e04e899f947d0b701d15edc5cfa45-5e152cbfd45cbc58c155cd03afb1fd0f74c7444c&ds=AVG&v=11.1.0.12&lang=de&pr=fr&d=2012-05-27%2012%3A55%3A52&sap=ku&q="
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_278.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_35: C:\WINDOWS\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Programme\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.775: C:\Programme\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.775: C:\Programme\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=1.0.0.0: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.775: C:\Programme\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@zylom.com/ZylomGamesPlayer: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010.09.29 16:28:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Programme\AVG\AVG2012\Firefox4\ [2012.05.27 12:55:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Programme\AVG\AVG2012\Firefox\DoNotTrack\ [2012.05.27 12:55:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Programme\Mozilla Firefox\components [2006.11.15 18:49:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2006.11.15 18:49:42 | 000,000,000 | ---D | M]
 
[2008.06.21 17:22:38 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mozilla\Extensions
[2006.11.19 11:47:02 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mozilla\Firefox\Profiles\q091o1qh.default\extensions
[2010.05.15 12:39:26 | 000,000,000 | ---D | M] ("Microsoft .NET Framework Assistant") -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mozilla\Firefox\Profiles\q091o1qh.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012.06.11 18:34:36 | 000,000,000 | ---D | M] (Wincore Mediabar) -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mozilla\Firefox\Profiles\q091o1qh.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}
[2011.01.25 22:46:42 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mozilla\Firefox\Profiles\q091o1qh.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2010.07.27 10:41:06 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2006.11.15 18:50:10 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Programme\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2012.10.01 21:41:50 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2012.05.27 12:55:08 | 000,000,000 | ---D | M] (AVG Do Not Track) -- C:\PROGRAMME\AVG\AVG2012\FIREFOX\DONOTTRACK
[2012.07.18 17:36:52 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll
[2009.10.26 16:45:36 | 000,102,400 | ---- | M] (Zylom) -- C:\Programme\mozilla firefox\plugins\npzylomgamesplayer.dll
[2012.06.15 00:46:58 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.06.15 00:46:56 | 000,002,252 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml
[2012.06.15 00:46:58 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2012.06.15 00:46:58 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.06.15 00:46:58 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.06.15 00:46:56 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Yahoo! Deutschland ()
CHR - default_search_provider: search_url = hxxp://de.search.yahoo.com/search?ei={inputEncoding}&fr=crmas&p={searchTerms}
CHR - default_search_provider: suggest_url = hxxp://de-sayt.ff.search.yahoo.com/gossip-de-sayt?output=fxjson&command={searchTerms}
CHR - homepage: hxxp://www.google.com/
 
O1 HOSTS File: ([2010.12.20 17:18:28 | 000,000,355 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1	localhost
O1 - Hosts: ::1			localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Programme\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Programme\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\S-1-5-21-874574627-2650805779-3784137826-1007\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.
O3 - HKU\S-1-5-21-874574627-2650805779-3784137826-1007\..\Toolbar\WebBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found.
O3 - HKU\S-1-5-21-874574627-2650805779-3784137826-1007\..\Toolbar\WebBrowser: (no name) - {E9911EC6-1BCC-40B0-9993-E0EEA7F6953F} - No CLSID value found.
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Photo Downloader] C:\Programme\Adobe\Photoshop Elements 6.0\apdproxy.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ANIWZCS2Service] C:\Programme\ANI\ANIWZCS2 Service\WZCSLDR2.exe (Wireless Service)
O4 - HKLM..\Run: [APSDaemon] C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Programme\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [KMCONFIG] C:\Programme\Multimedia Mouse Driver\StartAutorun.exe KMConfig.exe File not found
O4 - HKLM..\Run: [Microsoft Works Update Detection] C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkUFind.exe (Microsoft® Corporation)
O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Programme\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u File not found
O4 - HKU\S-1-5-21-874574627-2650805779-3784137826-1007..\Run: [AutoStartNPSAgent] C:\Programme\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKU\S-1-5-21-874574627-2650805779-3784137826-1007..\Run: [SpeedBitVideoAccelerator] C:\Programme\SpeedBit Video Accelerator\VideoAccelerator.exe (SpeedBit LTD)
O4 - HKU\S-1-5-21-874574627-2650805779-3784137826-1003..\RunOnce: [NeroHomeFirstStart] "C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMFirstStart.exe" File not found
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\WISO Mein Steuer-Sparbuch heute.lnk = C:\Programme\WISO\Steuersoftware 2012\mshaktuell.exe ()
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\MindManager PDF Writer.lnk = C:\Programme\Mindjet\MindManager 5\sys\PDF\ENU\W2K\PDFSaver.exe (Tracker Software Products)
O4 - Startup: C:\Dokumente und Einstellungen\Christine\Startmenü\Programme\Autostart\Dropbox.lnk =  File not found
O4 - Startup: C:\Dokumente und Einstellungen\Dominik\Startmenü\Programme\Autostart\OpenOffice.org 3.3.lnk =  File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-874574627-2650805779-3784137826-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-874574627-2650805779-3784137826-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKU\S-1-5-21-874574627-2650805779-3784137826-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: _NoDriveTypeAutoRun = 145
O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Programme\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Programme\SpeedBit Video Accelerator\SBLSP.dll (SpeedBit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Programme\SpeedBit Video Accelerator\SBLSP.dll (SpeedBit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Programme\SpeedBit Video Accelerator\SBLSP.dll (SpeedBit)
O15 - HKU\S-1-5-21-874574627-2650805779-3784137826-1007\..Trusted Domains:   ([]msn in My Computer)
O15 - HKU\S-1-5-21-874574627-2650805779-3784137826-1007\..Trusted Domains: chip.de ([www] http in Vertrauenswürdige Sites)
O15 - HKU\S-1-5-21-874574627-2650805779-3784137826-1007\..Trusted Domains: fritz.box ([]* in Lokales Intranet)
O15 - HKU\S-1-5-21-874574627-2650805779-3784137826-1007\..Trusted Ranges: Range1 ([*] in Lokales Intranet)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {2F0D96B4-7D9D-4767-A657-F7ECC9114887} hxxp://haustein.dyndns.org/IPCamPluginDMPT.cab (EDIMAX IPCamPluginDMPT Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} hxxp://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37361.2830671296 (Reg Error: Unable to open value key)
O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Unable to open value key)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A0E1E16A-59D3-4429-82A7-353D7EEE174D}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FEB76918-6009-47F2-A852-A5CF4C5A11DB}: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Programme\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\Reiner\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\Reiner\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2002.04.13 13:54:06 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ FAT32 ]
O33 - MountPoints2\{3d888470-fff7-11e1-94d6-e5a0a0689281}\Shell - "" = AutoRun
O33 - MountPoints2\{3d888470-fff7-11e1-94d6-e5a0a0689281}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{3d888470-fff7-11e1-94d6-e5a0a0689281}\Shell\AutoRun\command - "" = K:\LaunchU3.exe -a
O33 - MountPoints2\{ad4a14b6-82e9-11d6-9c49-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{ad4a14b6-82e9-11d6-9c49-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{ad4a14b6-82e9-11d6-9c49-806d6172696f}\Shell\AutoRun\command - "" = E:\Programs\nu2menu\nu2menu.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
NetSvcs: 6to4 -  File not found
NetSvcs: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
NetSvcs: Ias -  File not found
NetSvcs: Iprip -  File not found
NetSvcs: Irmon -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: WmdmPmSp -  File not found
 
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 0
 
SafeBootMin: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
 
SafeBootNet: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: UploadMgr - Service
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
 
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM
ActiveX: {0fde1f56-0d59-4fd7-9624-e3df6b419d0e} - Internet Explorer ReadMe
ActiveX: {0fde1f56-0d59-4fd7-9624-e3df6b419d0f} - IEEX
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vektorgrafik-Rendering (VML)
ActiveX: {166B1BCA-3F9C-11CF-8075-444553540000} - Macromedia Shockwave Director 10.1
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 10.2
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Adobe Shockwave Director 10.2
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {2D5974C5-5185-4f5b-80B6-28015ACDD74C} - q319182
ActiveX: {2eac6a2d-57a8-44d4-96f7-e32bab40ca5f} - Windows Update
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML-Datenbindung für Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Erweitertes Authoring
ActiveX: {429D8DD3-05E0-4F56-B6D6-AC0730567C02} - Euro Update Tool
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015C} - Microsoft DirectX
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5056b317-8d4c-43ee-8543-b9d1e234b8f4} - Sicherheitsupdate für Windows XP (KB923789)
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Webordner
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {8937FCB2-2FC6-4FC3-9FB5-DE2C92DB9C38} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C3C986D6-06B1-43BF-90DD-BE30756C00DE} - RevokedRootsUpdate
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Taskplaner
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Macromedia Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{00E34CBB-C0F7-466F-9A34-D6B120AE2850} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
 
Drivers32: msacm.ac3acm - C:\WINDOWS\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.dvacm - C:\Programme\Gemeinsame Dateien\Ulead Systems\VIO\DVACM.acm (Ulead Systems, Inc.)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\WINDOWS\System32\lameACM.acm (hxxp://www.mp3dev.org/)
Drivers32: msacm.MPEGacm - C:\Programme\Gemeinsame Dateien\Ulead Systems\MPEG\MPEGACM.acm (Ulead Systems, Inc.)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: msacm.ulmp3acm - C:\Programme\Gemeinsame Dateien\Ulead Systems\MPEG\ulmp3acm.acm (Ulead systems)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: VIDC.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.10.03 14:24:39 | 000,031,584 | ---- | C] (TuneUp Software) -- C:\WINDOWS\System32\TURegOpt.exe
[2012.10.03 14:24:36 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\TuneUp Utilities 2012
[2012.10.03 14:24:30 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\TuneUp Software
[2012.10.03 14:24:25 | 000,000,000 | ---D | C] -- C:\Programme\TuneUp Utilities 2012
[2012.10.03 14:24:15 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TuneUp Software
[2012.10.03 14:24:09 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{32364CEA-7855-4A3C-B674-53D8E9B97936}
[2012.10.03 13:22:21 | 000,000,000 | ---D | C] -- D:\Reiner\My Albums
[2012.10.03 13:22:21 | 000,000,000 | ---D | C] -- D:\Reiner\ArcSoft
[2012.10.01 21:42:02 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Java
[2012.10.01 21:41:41 | 000,000,000 | ---D | C] -- C:\Programme\Java
[2012.09.23 18:43:49 | 000,000,000 | ---D | C] -- C:\Programme\ESET
[2012.09.16 16:27:38 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Malwarebytes
[2012.09.16 16:27:33 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware
[2012.09.16 16:27:32 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2012.09.16 16:27:31 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012.09.16 16:27:31 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2012.09.16 16:26:42 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Reiner\Desktop\Bundestrojaner
[2012.09.11 07:20:44 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\AVG
[2007.06.04 10:54:26 | 005,810,216 | ---- | C] (Mozilla) -- C:\Programme\Firefox Setup 2.0.0.4.exe
[2007.05.11 19:18:04 | 005,804,232 | ---- | C] (Mozilla) -- C:\Programme\Firefox Setup 2.0.0.3.exe
[2007.01.19 21:55:40 | 014,843,696 | ---- | C] (Microsoft Corporation) -- C:\Programme\IE7-WindowsXP-x86-deu.exe
[2007.01.19 21:43:09 | 027,066,664 | ---- | C] (Microsoft Corporation) -- C:\Programme\PowerPointViewer.exe
[2005.12.05 18:00:46 | 002,247,888 | ---- | C] (Microsoft Corporation) -- C:\Programme\dsetup32.dll
[2005.12.05 18:00:46 | 000,484,560 | ---- | C] (Microsoft Corporation) -- C:\Programme\DXSETUP.exe
[2005.12.05 18:00:46 | 000,074,448 | ---- | C] (Microsoft Corporation) -- C:\Programme\DSETUP.dll
[2004.11.20 16:31:32 | 003,207,168 | ---- | C] (Mindjet) -- C:\Programme\MindMan.exe
[2004.11.20 16:31:32 | 001,171,456 | ---- | C] (Mindjet) -- C:\Programme\mmlang-ger.dll
[2004.11.20 16:31:31 | 000,761,856 | ---- | C] (Sub Systems, Inc. ) -- C:\Programme\Ter32mm.dll
[2004.11.20 16:31:31 | 000,262,144 | ---- | C] (Inner Media, Inc.) -- C:\Programme\adfactry.dll
[2004.11.20 16:31:31 | 000,221,184 | ---- | C] (Catenary Systems) -- C:\Programme\Vic32.dll
[2004.11.20 16:31:31 | 000,172,032 | ---- | C] (Wintertree Software Inc.) -- C:\Programme\Ssce5332.dll
[2004.11.20 16:31:31 | 000,124,416 | ---- | C] (Inner Media, Inc.) -- C:\Programme\dzip32.dll
[2004.11.20 16:31:31 | 000,096,768 | ---- | C] (Inner Media, Inc.) -- C:\Programme\dunzip32.dll
[2004.11.20 16:31:31 | 000,077,312 | ---- | C] (Inner Media, Inc.) -- C:\Programme\sfxbe322.dll
[2004.11.20 16:31:31 | 000,053,760 | ---- | C] (Inner Media, Inc.) -- C:\Programme\sfxfe32.exe
[2004.11.20 16:31:30 | 000,290,816 | ---- | C] (Sub Systems, Inc. ) -- C:\Programme\Hts32mm.dll
[2002.11.05 05:00:00 | 001,822,520 | ---- | C] (Microsoft Corporation) -- C:\Programme\INSTMSIW.EXE
[2002.11.05 05:00:00 | 001,708,856 | ---- | C] (Microsoft Corporation) -- C:\Programme\INSTMSIA.EXE
[2002.11.05 05:00:00 | 000,102,400 | ---- | C] (Installshield Software Corporation                          ) -- C:\Programme\SETUP.EXE
[17 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[10 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.10.04 21:49:02 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012.10.04 21:17:12 | 000,001,096 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012.10.04 20:40:02 | 000,000,460 | ---- | M] () -- C:\WINDOWS\tasks\At2.job
[2012.10.04 19:21:02 | 000,000,460 | ---- | M] () -- C:\WINDOWS\tasks\At3.job
[2012.10.04 14:00:02 | 000,000,460 | ---- | M] () -- C:\WINDOWS\tasks\At4.job
[2012.10.04 10:10:02 | 000,000,460 | ---- | M] () -- C:\WINDOWS\tasks\At1.job
[2012.10.03 23:17:02 | 000,001,092 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012.10.03 14:34:44 | 000,000,272 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-874574627-2650805779-3784137826-1007.job
[2012.10.03 14:34:38 | 000,000,280 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-874574627-2650805779-3784137826-1007.job
[2012.10.03 14:34:32 | 000,001,374 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.10.03 14:34:30 | 000,000,007 | ---- | M] () -- C:\WINDOWS\System32\ANIWZCSUSERNAME
[2012.10.03 14:34:16 | 000,000,280 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-874574627-2650805779-3784137826-1018.job
[2012.10.03 14:34:16 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-874574627-2650805779-3784137826-1006.job
[2012.10.03 14:34:16 | 000,000,274 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-874574627-2650805779-3784137826-1019.job
[2012.10.03 14:34:16 | 000,000,274 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-874574627-2650805779-3784137826-1017.job
[2012.10.03 14:33:52 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.10.03 14:24:38 | 000,001,615 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\TuneUp 1-Klick-Wartung.lnk
[2012.10.03 14:24:38 | 000,001,611 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\TuneUp Utilities 2012.lnk
[2012.10.03 13:48:00 | 000,000,288 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-874574627-2650805779-3784137826-1018.job
[2012.09.16 16:45:46 | 000,000,660 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.09.16 10:07:22 | 004,503,728 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\dsgsdgdsgdsgw.pad
[2012.09.16 10:02:18 | 000,000,010 | ---- | M] () -- C:\WINDOWS\System32\ANIWZCSUSERNAME{79CBCEC7-42D8-49E9-AC5D-0957EF2826BF}
[2012.09.16 10:02:14 | 000,000,286 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-874574627-2650805779-3784137826-1006.job
[2012.09.13 07:19:22 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012.09.11 07:20:46 | 000,000,602 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\AVG 2012.lnk
[2012.09.09 13:08:12 | 000,368,096 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012.09.07 17:04:46 | 000,022,856 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[17 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[10 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.10.03 14:24:37 | 000,001,615 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\TuneUp 1-Klick-Wartung.lnk
[2012.10.03 14:24:37 | 000,001,611 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\TuneUp Utilities 2012.lnk
[2012.10.03 14:24:36 | 000,001,617 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\TuneUp Utilities 2012.lnk
[2012.09.16 16:45:44 | 000,000,660 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.09.14 10:30:37 | 004,503,728 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\dsgsdgdsgdsgw.pad
[2012.02.15 13:51:54 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011.09.15 20:20:31 | 000,000,025 | ---- | C] () -- C:\WINDOWS\popcinfot.dat
[2011.04.05 12:11:17 | 000,002,528 | ---- | C] () -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\$_hpcst$.hpc
[2011.03.29 08:09:16 | 000,011,264 | ---- | C] () -- C:\WINDOWS\System32\rockusbCoInstaller.dll
[2011.01.30 14:18:22 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\CommonDL.dll
[2011.01.30 14:18:22 | 000,002,413 | ---- | C] () -- C:\WINDOWS\System32\lgAxconfig.ini
[2010.11.07 17:50:22 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009.10.09 15:13:13 | 000,000,045 | ---- | C] () -- C:\Dokumente und Einstellungen\Reiner\jagex_runescape_preferences2.dat
[2009.10.09 15:12:37 | 000,000,038 | ---- | C] () -- C:\Dokumente und Einstellungen\Reiner\jagex_runescape_preferences.dat
[2008.10.16 20:24:27 | 000,000,152 | ---- | C] () -- C:\Dokumente und Einstellungen\Reiner\default.pls
[2008.10.11 10:06:30 | 000,001,604 | ---- | C] () -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\wklnhst.dat
[2006.11.15 18:48:08 | 006,042,312 | ---- | C] () -- C:\Programme\FirefoxGoogleToolbarSetup.exe
[2006.11.14 19:49:09 | 000,155,648 | ---- | C] () -- C:\Programme\Symantec Security.exe
[2006.11.14 19:48:02 | 000,000,637 | ---- | C] () -- C:\Programme\Symantec Security.htm
[2006.05.23 16:20:47 | 000,000,021 | ---- | C] () -- C:\Programme\AVPersonalAVWIN.INI
[2006.05.23 16:18:55 | 000,144,198 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\firstlsp.reg.dat
[2005.12.05 18:28:30 | 003,673,932 | ---- | C] () -- C:\Programme\Dec2005_MDX1_x86_Archive.cab
[2005.12.05 18:28:04 | 001,358,864 | ---- | C] () -- C:\Programme\Dec2005_d3dx9_28_x64.cab
[2005.12.05 18:28:02 | 000,086,925 | ---- | C] () -- C:\Programme\Oct2005_xinput_x64.cab
[2005.12.05 18:28:02 | 000,046,247 | ---- | C] () -- C:\Programme\Oct2005_xinput_x86.cab
[2005.12.05 18:28:02 | 000,041,888 | ---- | C] () -- C:\Programme\dxdllreg_x86.cab
[2005.12.05 18:28:00 | 000,916,806 | ---- | C] () -- C:\Programme\Dec2005_MDX1_x86.cab
[2005.12.05 18:27:58 | 001,080,344 | ---- | C] () -- C:\Programme\Dec2005_d3dx9_28_x86.cab
[2005.12.05 18:00:46 | 000,081,092 | ---- | C] () -- C:\Programme\dxupdate.cab
[2005.12.05 18:00:44 | 001,351,430 | ---- | C] () -- C:\Programme\Aug2005_d3dx9_27_x64.cab
[2005.12.05 18:00:44 | 001,336,890 | ---- | C] () -- C:\Programme\Jun2005_d3dx9_26_x64.cab
[2005.12.05 18:00:44 | 001,248,387 | ---- | C] () -- C:\Programme\Feb2005_d3dx9_24_x64.cab
[2005.12.05 18:00:44 | 001,078,532 | ---- | C] () -- C:\Programme\Aug2005_d3dx9_27_x86.cab
[2005.12.05 18:00:44 | 001,065,813 | ---- | C] () -- C:\Programme\Jun2005_d3dx9_26_x86.cab
[2005.12.05 18:00:44 | 001,014,113 | ---- | C] () -- C:\Programme\Feb2005_d3dx9_24_x86.cab
[2005.12.05 18:00:42 | 013,265,040 | ---- | C] () -- C:\Programme\dxnt.cab
[2005.12.05 18:00:40 | 015,493,481 | ---- | C] () -- C:\Programme\DirectX.cab
[2005.12.05 18:00:40 | 001,156,363 | ---- | C] () -- C:\Programme\BDANT.cab
[2005.12.05 18:00:40 | 000,976,020 | ---- | C] () -- C:\Programme\BDAXP.cab
[2005.12.05 18:00:40 | 000,703,080 | ---- | C] () -- C:\Programme\BDA.cab
[2005.10.27 18:50:12 | 000,002,487 | ---- | C] () -- C:\Programme\Microsoft PowerPoint.lnk
[2004.11.20 16:40:18 | 000,073,664 | -H-- | C] () -- C:\Programme\MindMan.GID
[2004.11.20 16:31:32 | 001,379,900 | ---- | C] () -- C:\Programme\MMConferenceProvider.dll
[2004.11.20 16:31:31 | 000,081,468 | ---- | C] () -- C:\Programme\MindMan.tlb
[2004.11.20 16:31:30 | 000,157,149 | ---- | C] () -- C:\Programme\WiseUpdt.exe
[2004.11.20 16:31:30 | 000,133,988 | R--- | C] () -- C:\Programme\GER_ReleaseNotes.rtf
[2004.11.20 16:31:30 | 000,078,708 | R--- | C] () -- C:\Programme\Versionshinweise.mmp
[2004.11.20 16:31:30 | 000,043,693 | ---- | C] () -- C:\Programme\DeveloperResources.mmp
[2004.11.20 16:31:30 | 000,028,714 | R--- | C] () -- C:\Programme\Open Interface Release Notes.mmp
[2004.11.20 16:31:30 | 000,017,271 | ---- | C] () -- C:\Programme\MindManager 2002 License Agreement.rtf
[2004.11.20 16:31:30 | 000,006,855 | ---- | C] () -- C:\Programme\UNWISE.INI
[2004.11.20 16:31:29 | 000,162,304 | ---- | C] () -- C:\Programme\UNWISE.EXE
[2003.07.01 19:32:34 | 004,073,984 | ---- | C] () -- C:\Programme\Antivir.exe
[2002.11.05 05:00:00 | 018,135,040 | ---- | C] () -- C:\Programme\QCL.MSI
[2002.11.05 05:00:00 | 001,452,803 | ---- | C] () -- C:\Programme\QCL.PDF
[2002.11.05 05:00:00 | 000,320,618 | ---- | C] () -- C:\Programme\LICENSE.PDF
[2002.11.05 05:00:00 | 000,062,686 | ---- | C] () -- C:\Programme\SETUP.INI
[2002.11.05 05:00:00 | 000,021,094 | ---- | C] () -- C:\Programme\EXTRA.CAB
[2002.08.29 20:19:35 | 000,008,704 | ---- | C] () -- C:\Dokumente und Einstellungen\Reiner\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
========== ZeroAccess Check ==========
 
[2008.10.09 22:02:30 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\System32\shdocvw.dll -- [2008.04.14 07:52:26 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\System32\wbem\fastprox.dll -- [2009.02.09 12:51:44 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\System32\wbem\wbemess.dll -- [2008.04.14 07:52:34 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2002.04.15 08:52:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Default User\Anwendungsdaten\InterTrust
[2004.12.25 09:26:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Terzio
[2007.10.31 19:19:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\WinZip
[2008.10.10 22:00:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\espionServerData
[2009.02.20 17:46:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\IEConfiguration1und1
[2009.04.23 08:12:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\fssg
[2009.04.23 08:12:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\F-Secure
[2009.05.19 20:22:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Pinnacle
[2009.11.10 10:25:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Oberon Media
[2009.11.10 10:25:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP
[2009.11.18 15:40:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ICQ
[2009.12.04 21:31:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Canneverbe Limited
[2010.01.14 16:11:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Firefly Studios
[2010.04.19 16:13:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010.04.30 15:27:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PC Suite
[2010.05.16 15:13:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\tmp
[2010.06.12 11:01:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Buhl Data Service GmbH
[2010.07.18 14:29:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\BVRP Software
[2010.07.27 10:20:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PopCap Games
[2010.07.31 13:23:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Zylom
[2010.11.25 09:16:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Ulead Systems
[2011.01.30 14:18:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\LGMOBILEAX
[2011.03.29 08:09:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{F0489EF2-D393-4114-85BA-A94D71D89543}
[2011.04.05 12:31:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Samsung
[2011.09.14 19:24:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MSScanAppDataDir
[2012.05.27 12:51:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MFAData
[2012.05.27 12:54:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AVG2012
[2012.05.27 12:55:30 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Common Files
[2012.06.11 18:32:30 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{FCC59D3F-C1B9-40B4-9776-50CDD1A7307C}
[2012.06.11 18:33:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\iMesh
[2012.10.03 14:24:10 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{32364CEA-7855-4A3C-B674-53D8E9B97936}
[2012.10.03 14:24:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TuneUp Software
[2002.04.15 08:52:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\InterTrust
[2005.09.11 12:50:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\Mindjet
[2007.05.25 12:58:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\Panasonic
[2007.06.02 13:44:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\KIDDINX
[2008.10.13 09:30:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\Template
[2009.05.04 09:02:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\F-Secure
[2009.08.01 13:32:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\Cornelsen
[2010.04.23 07:30:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\Samsung
[2010.04.23 07:49:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\PC Suite
[2010.04.26 14:41:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\Canneverbe Limited
[2010.04.28 15:16:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\DVDVideoSoftIEHelpers
[2010.04.28 15:19:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1
[2010.07.08 18:54:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\Blender Foundation
[2010.07.18 14:18:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\Sony
[2010.07.18 14:18:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\Sony Setup
[2010.07.27 10:40:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\FreeFLVConverter
[2010.07.31 13:23:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\Zylom
[2010.11.25 09:27:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\Ulead Systems
[2010.12.19 12:25:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\Dropbox
[2010.12.20 16:29:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\DiskAid
[2010.12.20 16:31:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\TuneAid
[2010.12.27 10:22:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\Philips-Songbird
[2010.12.27 10:44:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\Philips
[2011.02.16 19:27:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\OpenOffice.org
[2011.03.29 07:52:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\Songbird2
[2011.05.12 12:09:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\Buhl Data Service
[2012.01.12 16:30:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\LibreOffice
[2012.05.27 12:56:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\AVG2012
[2012.05.27 13:18:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\AVG
[2012.09.14 10:30:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\wincoreimband
[2002.04.15 08:52:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\InterTrust
[2004.12.04 20:30:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mindjet
[2007.05.01 19:09:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Panasonic
[2007.06.03 19:14:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\KIDDINX
[2008.10.11 10:06:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Template
[2009.05.21 12:03:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\F-Secure
[2009.11.18 15:40:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\ICQ
[2009.12.12 18:40:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Canneverbe_Limited
[2010.04.23 18:41:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\PC Suite
[2010.05.02 14:58:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Canneverbe Limited
[2010.06.12 11:07:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Buhl Data Service
[2010.12.06 17:35:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Ulead Systems
[2011.04.05 12:30:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Samsung
[2012.03.19 22:17:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\ElevatedDiagnostics
[2012.05.27 19:23:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\AVG2012
[2012.10.03 14:24:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\TuneUp Software
[2002.04.15 08:52:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Dominik\Anwendungsdaten\InterTrust
[2010.09.30 22:19:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Dominik\Anwendungsdaten\PC Suite
[2010.11.25 14:21:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Dominik\Anwendungsdaten\Ulead Systems
[2011.02.13 12:57:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Dominik\Anwendungsdaten\OpenOffice.org
[2002.04.15 08:52:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jacqueline\Anwendungsdaten\InterTrust
[2010.10.20 15:41:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jacqueline\Anwendungsdaten\PC Suite
[2010.11.25 17:25:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jacqueline\Anwendungsdaten\Ulead Systems
[2010.12.30 13:14:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jacqueline\Anwendungsdaten\Philips-Songbird
[2010.12.30 13:24:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jacqueline\Anwendungsdaten\Philips
[2011.05.28 13:28:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jacqueline\Anwendungsdaten\Cornelsen
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %ALLUSERSPROFILE%\Application Data\*. >
[2012.03.19 21:21:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Application Data\Speedbit
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2002.04.13 13:59:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Identities
[2002.04.15 08:52:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\InterTrust
[2002.04.15 08:52:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Adobe
[2002.04.13 13:19:18 | 000,000,000 | --SD | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Microsoft
[2002.10.22 17:32:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\MSN6
[2002.12.04 20:33:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Help
[2004.12.04 20:30:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mindjet
[2005.10.22 18:37:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\AdobeUM
[2006.04.13 21:04:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Macromedia
[2006.11.19 11:47:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mozilla
[2006.12.14 22:51:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Sun
[2007.05.01 18:45:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\InstallShield
[2007.05.01 19:03:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Arcsoft
[2007.05.01 19:09:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Panasonic
[2007.06.03 19:14:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\KIDDINX
[2008.10.10 22:15:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\ATI
[2008.10.11 10:06:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Template
[2008.10.14 19:04:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Media Player Classic
[2008.10.14 20:05:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Ahead
[2008.10.16 21:11:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Real
[2009.05.21 12:03:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\F-Secure
[2009.10.27 19:33:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\dvdcss
[2009.11.18 15:40:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\ICQ
[2009.12.04 20:52:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\vlc
[2009.12.12 18:40:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Canneverbe_Limited
[2010.04.20 20:37:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Apple Computer
[2010.04.23 18:41:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\PC Suite
[2010.05.02 14:58:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Canneverbe Limited
[2010.06.12 11:07:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Buhl Data Service
[2010.06.26 15:58:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Google
[2010.09.15 21:23:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\DivX
[2010.11.16 19:21:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\HpUpdate
[2010.12.06 17:35:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Ulead Systems
[2010.12.22 20:59:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\WinRAR
[2011.04.05 12:30:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Samsung
[2011.07.01 18:27:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Sony Corporation
[2012.03.19 22:17:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\ElevatedDiagnostics
[2012.05.27 19:23:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\AVG2012
[2012.09.16 16:27:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Malwarebytes
[2012.10.03 14:24:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\TuneUp Software
 
< %APPDATA%\*.exe /s >
[2011.01.30 19:06:40 | 000,510,120 | ---- | M] (RealNetworks, Inc.) -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Real\Update\setup3.13\setup.exe
[2012.07.06 05:59:32 | 000,317,048 | ---- | M] (RealNetworks, Inc.) -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Real\Update\UpgradeHelper\RealPlayer\9.10\rnupgagent.exe
 
< %SYSTEMDRIVE%\*.exe >
[2011.04.25 09:06:36 | 020,533,281 | ---- | M] () -- C:\vlc-1.1.9-win32.exe
 
< MD5 for: AGP440.SYS  >
[2004.08.04 01:10:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008.04.14 08:03:54 | 020,108,202 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2004.08.04 01:10:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:AGP440.sys
[2008.04.14 08:03:54 | 020,108,202 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\7d084ddd2c07c476a226e31c4ef032ff\agp440.sys
[2008.04.14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
[2004.08.03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys
 
< MD5 for: ATAPI.SYS  >
[2004.08.04 01:10:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.04.14 08:03:54 | 020,108,202 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2004.08.04 01:10:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys
[2008.04.14 08:03:54 | 020,108,202 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\7d084ddd2c07c476a226e31c4ef032ff\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
 
< MD5 for: EVENTLOG.DLL  >
[2008.04.14 07:52:12 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 04:22:10 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\SoftwareDistribution\Download\7d084ddd2c07c476a226e31c4ef032ff\eventlog.dll
[2008.04.14 07:52:12 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\system32\eventlog.dll
[2004.08.04 00:57:20 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=B932C077D5A65B71B4512544AC404CB4 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
 
< MD5 for: NETLOGON.DLL  >
[2008.04.14 07:52:20 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 04:22:20 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\SoftwareDistribution\Download\7d084ddd2c07c476a226e31c4ef032ff\netlogon.dll
[2008.04.14 07:52:20 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\system32\netlogon.dll
[2004.08.04 00:57:32 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=D27395EDCD3416AFD125A9370DCB585C -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
 
< MD5 for: SCECLI.DLL  >
[2008.04.14 07:52:24 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 04:22:24 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\SoftwareDistribution\Download\7d084ddd2c07c476a226e31c4ef032ff\scecli.dll
[2008.04.14 07:52:24 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\system32\scecli.dll
[2004.08.04 00:57:34 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=64DC26B3CF7BCCAD431CE360A4C625D5 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
 
< MD5 for: USER32.DLL  >
[2007.03.08 17:36:30 | 000,579,072 | ---- | M] (Microsoft Corporation) MD5=492E166CFD26A50FB9160DB536FF7D2B -- C:\WINDOWS\$NtServicePackUninstall$\user32.dll
[2005.03.02 20:19:56 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=4C90159A69A5FD3EB39C71411F28FCFF -- C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\user32.dll
[2007.03.08 17:48:40 | 000,579,584 | ---- | M] (Microsoft Corporation) MD5=78785EFF8CB90CEC1862A4CCFD9A3C3A -- C:\WINDOWS\$hf_mig$\KB925902\SP2QFE\user32.dll
[2008.04.14 07:52:32 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\ServicePackFiles\i386\user32.dll
[2008.04.14 04:22:32 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\SoftwareDistribution\Download\7d084ddd2c07c476a226e31c4ef032ff\user32.dll
[2008.04.14 07:52:32 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\system32\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2008.04.14 07:53:04 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 04:23:04 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\SoftwareDistribution\Download\7d084ddd2c07c476a226e31c4ef032ff\userinit.exe
[2008.04.14 07:53:04 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\system32\userinit.exe
[2004.08.04 00:58:18 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=D1E53DC57143F2584B1DD53B036C0633 -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2004.08.04 00:58:20 | 000,507,392 | ---- | M] (Microsoft Corporation) MD5=2B6A0BAF33A9918F09442D873848FF72 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2012.09.07 17:04:42 | 000,218,696 | ---- | M] () MD5=4E0D8C9F83B7FD82393F7D8CCC27E7AE -- C:\Programme\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2008.04.14 07:53:06 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 04:23:06 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\SoftwareDistribution\Download\7d084ddd2c07c476a226e31c4ef032ff\winlogon.exe
[2008.04.14 07:53:06 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\system32\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2001.08.18 13:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\dllcache\ws2ifsl.sys
[2001.08.18 13:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\drivers\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
[2002.04.13 13:18:10 | 000,401,408 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav
[2002.04.13 13:18:10 | 000,610,304 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2002.04.13 13:18:10 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
[17 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< End of report >
__________________
Alt 05.10.2012, 12:48   #19
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Bundespolizei Trojaner sperrt Rechner - Standard

Bundespolizei Trojaner sperrt Rechner


Code:
ATTFilter
Drive C: | 96,78 Gb Total Space | 49,14 Gb Free Space | 50,78% Space Free | Partition Type: FAT32
Wer hat dir den Rechner installiert?
FAT32 als Systempartition (Laufwerk C: ) ist ziemlich schlecht, müssen wir jetzt erstmal ändern

Systempartition nach NTFS konvertieren
  1. Start, Ausführen, cmd eintippen und ok

  2. Diesen Befehl eintippen und mit der Eingabetaste ausführen => convert %systemdrive% /fs:ntfs

  3. Die aktuelle Bezeichnung der Systempartition (idR ist das C: ) eintippen (siehst Du im Arbeitsplatz - wenn "Lokaler Datenträger" da nur steht hat die Systempartition keine Bezeichnung also nichts eintippen bei aktueller Laufwerksbezeichnung) - notfalls einen einfachen Namen für diese Partition vergeben im Arbeitsplatz über Rechtsklick => Eigenschaften und diesen dann eintippen bei der Abfrage

  4. Bestätigen, dass das Laufwerk für den exklusiven Zugriff gesperrt werden muss mit J

  5. Hinweis, dass das Laufwerk beim nächsten Windows-Start konvertiert werden soll mit J bestätigen und Windows neu starten, geduldig sein, denn das Konvertieren dauertn einen Moment!


Mach wieder ein neues OTL-Log wie o.g. wenn Windows mit der Konvertierung durch ist.
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 05.10.2012, 23:58   #20
tschobeuter
 
Bundespolizei Trojaner sperrt Rechner - Standard

Bundespolizei Trojaner sperrt Rechner


auf NTFS umgestellt und neuen OTL-Log erstellt:

Code:
ATTFilter
OTL logfile created on: 06.10.2012 00:50:03 - Run 3
OTL by OldTimer - Version 3.2.70.2     Folder = C:\Dokumente und Einstellungen\Reiner\Desktop\Bundestrojaner
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,31 Gb Available Physical Memory | 76,88% Memory free
5,84 Gb Paging File | 5,19 Gb Available in Paging File | 88,91% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 96,80 Gb Total Space | 55,94 Gb Free Space | 57,79% Space Free | Partition Type: NTFS
Drive D: | 201,28 Gb Total Space | 115,55 Gb Free Space | 57,41% Space Free | Partition Type: NTFS
 
Computer Name: COMPUTER | User Name: Reiner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.10.04 22:02:26 | 000,601,088 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Reiner\Desktop\Bundestrojaner\OTL.exe
PRC - [2012.09.07 17:04:46 | 000,399,432 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012.07.31 03:37:02 | 002,596,984 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programme\AVG\AVG2012\avgtray.exe
PRC - [2012.07.18 17:36:52 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe
PRC - [2012.05.29 13:09:52 | 001,528,672 | ---- | M] (TuneUp Software) -- C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe
PRC - [2012.05.29 13:09:52 | 001,220,960 | ---- | M] (TuneUp Software) -- C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe
PRC - [2012.03.19 21:21:48 | 000,265,928 | ---- | M] (SpeedBit Ltd.) -- C:\Programme\SpeedBit Video Accelerator\VideoAcceleratorService.exe
PRC - [2012.02.27 00:15:42 | 000,055,144 | ---- | M] (Apple Inc.) -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2012.02.14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programme\AVG\AVG2012\avgwdsvc.exe
PRC - [2012.01.18 14:02:04 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
PRC - [2010.10.16 22:37:24 | 000,202,256 | ---- | M] (RealNetworks, Inc.) -- C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe
PRC - [2010.07.04 19:07:40 | 000,238,952 | ---- | M] (Teruten) -- C:\WINDOWS\system32\FsUsbExService.Exe
PRC - [2010.03.24 15:42:10 | 000,599,328 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\PMB\PMBVolumeWatcher.exe
PRC - [2009.10.24 03:18:54 | 000,360,224 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\PMB\PMBDeviceInfoProvider.exe
PRC - [2009.07.13 23:18:12 | 000,071,096 | ---- | M] () -- C:\Programme\CDBurnerXP\NMSAccessU.exe
PRC - [2008.05.08 12:04:58 | 000,327,680 | ---- | M] (UASSOFT.COM) -- C:\Programme\Multimedia Mouse Driver\KMProcess.exe
PRC - [2008.04.14 07:52:46 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008.04.07 09:17:30 | 000,430,592 | ---- | M] (Nokia.) -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe
PRC - [2008.03.10 09:58:18 | 000,130,560 | ---- | M] () -- C:\Programme\PC Connectivity Solution\Transports\NclUSBSrv.exe
PRC - [2008.02.22 09:11:02 | 000,120,320 | ---- | M] () -- C:\Programme\PC Connectivity Solution\Transports\NclRSSrv.exe
PRC - [2007.09.11 00:45:04 | 000,124,832 | ---- | M] () -- C:\Programme\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
PRC - [2007.09.07 22:22:24 | 000,204,800 | ---- | M] (UASSOFT.COM) -- C:\Programme\Multimedia Mouse Driver\KMWDSrv.exe
PRC - [2007.01.19 11:49:04 | 000,049,152 | ---- | M] (Wireless Service) -- C:\Programme\ANI\ANIWZCS2 Service\WZCSLDR2.exe
PRC - [2006.09.28 10:20:00 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Programme\Gemeinsame Dateien\Ulead Systems\DVD\ULCDRSvr.exe
PRC - [2006.05.23 23:49:14 | 000,024,576 | ---- | M] (Syntek America Inc.) -- C:\WINDOWS\system32\StkASv2K.exe
PRC - [2003.06.19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE
PRC - [2003.02.21 13:16:16 | 000,061,440 | R--- | M] (Tracker Software Products) -- C:\Programme\Mindjet\MindManager 5\sys\PDF\ENU\W2K\PDFSaver.exe
PRC - [2001.08.18 04:55:00 | 000,086,016 | ---- | M] (PCtel, Inc.) -- C:\WINDOWS\system32\pctspk.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.07.27 22:51:38 | 000,301,056 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.DEU
MOD - [2012.07.18 17:36:52 | 002,003,424 | ---- | M] () -- C:\Programme\Mozilla Firefox\mozjs.dll
MOD - [2012.06.16 08:54:46 | 011,817,472 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\dbc413807cb7360b3e26ef3ca1d54f9a\System.Web.ni.dll
MOD - [2012.06.15 10:48:28 | 012,433,920 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\01abbadafaf265d9f4ac9bbb247acb98\System.Windows.Forms.ni.dll
MOD - [2012.06.15 10:48:16 | 001,592,320 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\d86f2038209a4cf0d0f5b30f6375c9b2\System.Drawing.ni.dll
MOD - [2012.06.15 10:46:56 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2012.05.11 18:21:04 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\3bba1b8b0b5ef0be238b011cc7a0575e\System.Xml.ni.dll
MOD - [2012.05.11 18:12:40 | 007,953,408 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e4b5afc4da43b1c576f9322f9f2e1bfe\System.ni.dll
MOD - [2012.05.11 18:12:26 | 011,492,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\e337c89bc9f81b69d7237aa70e935900\mscorlib.ni.dll
MOD - [2012.02.20 21:29:04 | 000,087,912 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\zlib1.dll
MOD - [2012.02.20 21:28:42 | 001,242,472 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\libxml2.dll
MOD - [2010.04.03 18:28:48 | 000,311,296 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010.04.03 18:28:46 | 000,430,080 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll
MOD - [2010.03.15 11:28:24 | 000,141,824 | ---- | M] () -- C:\Programme\WinRAR\RarExt.dll
MOD - [2009.07.13 23:18:12 | 000,071,096 | ---- | M] () -- C:\Programme\CDBurnerXP\NMSAccessU.exe
MOD - [2008.10.09 22:06:42 | 001,679,360 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.2993.28442__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll
MOD - [2008.10.09 22:06:42 | 000,688,128 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Wizard\2.0.2993.28653__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Wizard.dll
MOD - [2008.10.09 22:06:42 | 000,364,544 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Wizard\2.0.2993.28681__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Wizard.dll
MOD - [2008.10.09 22:06:42 | 000,253,952 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.2993.28395__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
MOD - [2008.10.09 22:06:42 | 000,196,608 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.2993.28458__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
MOD - [2008.10.09 22:06:42 | 000,077,824 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.2993.28671__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
MOD - [2008.10.09 22:06:42 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.2993.28626__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
MOD - [2008.10.09 22:06:42 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.2993.28433__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
MOD - [2008.10.09 22:06:42 | 000,036,864 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.2993.28569__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
MOD - [2008.10.09 22:06:42 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.2993.28416__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
MOD - [2008.10.09 22:06:40 | 000,483,328 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.2993.28713__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
MOD - [2008.10.09 22:06:24 | 000,442,368 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Dashboard\2.0.2993.28746__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Dashboard.dll
MOD - [2008.10.09 22:06:24 | 000,352,256 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.2993.28637__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
MOD - [2008.10.09 22:06:24 | 000,135,168 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.2993.28721__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
MOD - [2008.10.09 22:06:24 | 000,102,400 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Dashboard\2.0.2993.28450__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Dashboard.dll
MOD - [2008.10.09 22:06:24 | 000,090,112 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.2993.28644__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
MOD - [2008.10.09 22:06:24 | 000,073,728 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.2993.28410__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
MOD - [2008.10.09 22:06:24 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Runtime\2.0.2993.28745__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Runtime.dll
MOD - [2008.10.09 22:06:24 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.2993.28635__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
MOD - [2008.10.09 22:06:24 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Runtime\2.0.2993.28449__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Runtime.dll
MOD - [2008.10.09 22:06:22 | 000,901,120 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Dashboard\2.0.2993.28674__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Dashboard.dll
MOD - [2008.10.09 22:06:22 | 000,802,816 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.2993.28581__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
MOD - [2008.10.09 22:06:22 | 000,663,552 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Dashboard\2.0.2993.28629__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Dashboard.dll
MOD - [2008.10.09 22:06:22 | 000,585,728 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.2993.28473__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll
MOD - [2008.10.09 22:06:22 | 000,479,232 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.2993.28572__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
MOD - [2008.10.09 22:06:22 | 000,442,368 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.2993.28563__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll
MOD - [2008.10.09 22:06:22 | 000,438,272 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.2993.28419__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll
MOD - [2008.10.09 22:06:22 | 000,401,408 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.2993.28660__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
MOD - [2008.10.09 22:06:22 | 000,217,088 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.2993.28465__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
MOD - [2008.10.09 22:06:22 | 000,118,784 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.2993.28602__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
MOD - [2008.10.09 22:06:22 | 000,073,728 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.2993.28580__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
MOD - [2008.10.09 22:06:22 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.2993.28570__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
MOD - [2008.10.09 22:06:22 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.2993.28480__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
MOD - [2008.10.09 22:06:22 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.2993.28579__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
MOD - [2008.10.09 22:06:22 | 000,036,864 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.2993.28600__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
MOD - [2008.10.09 22:06:22 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.2993.28617__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
MOD - [2008.10.09 22:06:22 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.2939.23687__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
MOD - [2008.10.09 22:06:22 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.2939.23679__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
MOD - [2008.10.09 22:06:22 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.2939.23767__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
MOD - [2008.10.09 22:06:22 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.2939.23710__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
MOD - [2008.10.09 22:06:22 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.2939.23768__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
MOD - [2008.10.09 22:06:22 | 000,006,656 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
MOD - [2008.10.09 22:06:20 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.2965.22300__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
MOD - [2008.10.09 22:06:20 | 000,057,344 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Shared\2.0.2939.23747__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Shared.dll
MOD - [2008.10.09 22:06:20 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation\2.0.2939.23668__90ba9c70f846762e\CLI.Foundation.dll
MOD - [2008.10.09 22:06:20 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.2939.23689__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
MOD - [2008.10.09 22:06:20 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.2939.23743__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
MOD - [2008.10.09 22:06:20 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.2939.23739__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
MOD - [2008.10.09 22:06:20 | 000,049,152 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.2939.23740__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
MOD - [2008.10.09 22:06:20 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
MOD - [2008.10.09 22:06:20 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.2939.23738__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
MOD - [2008.10.09 22:06:20 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.2939.23764__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
MOD - [2008.10.09 22:06:20 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.2939.23742__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
MOD - [2008.10.09 22:06:20 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation\2.0.2939.23662__90ba9c70f846762e\LOG.Foundation.dll
MOD - [2008.10.09 22:06:20 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.2939.23708__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
MOD - [2008.10.09 22:06:20 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.2939.23802__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MOD - [2008.10.09 22:06:20 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MultiVPU4.Graphics.Shared\2.0.2939.23715__90ba9c70f846762e\CLI.Aspect.MultiVPU4.Graphics.Shared.dll
MOD - [2008.10.09 22:06:20 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.2939.23735__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
MOD - [2008.10.09 22:06:20 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.2939.23719__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
MOD - [2008.10.09 22:06:20 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.2939.23667__90ba9c70f846762e\NEWAEM.Foundation.dll
MOD - [2008.10.09 22:06:20 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.PowerXpress.Graphics.Shared\2.0.2939.23762__90ba9c70f846762e\CLI.Aspect.PowerXpress.Graphics.Shared.dll
MOD - [2008.10.09 22:06:20 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.2939.23741__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
MOD - [2008.10.09 22:06:20 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.2939.23711__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
MOD - [2008.10.09 22:06:20 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Foundation\2.0.2939.23665__90ba9c70f846762e\AEM.Foundation.dll
MOD - [2008.10.09 22:06:20 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll
MOD - [2008.10.09 22:06:20 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.OS.I0602\2.0.2939.23717__90ba9c70f846762e\DEM.OS.I0602.dll
MOD - [2008.10.09 22:06:20 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0703\2.0.2651.18802__90ba9c70f846762e\DEM.Graphics.I0703.dll
MOD - [2008.10.09 22:06:20 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.2939.23693__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
MOD - [2008.10.09 22:06:20 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.2939.23687__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
MOD - [2008.10.09 22:06:20 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.2939.23679__90ba9c70f846762e\CLI.Component.Client.Shared.dll
MOD - [2008.10.09 22:06:20 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Shared\2.0.2939.23735__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Shared.dll
MOD - [2008.10.09 22:06:20 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.2939.23719__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
MOD - [2008.10.09 22:06:20 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\APM.Foundation\2.0.2939.23709__90ba9c70f846762e\APM.Foundation.dll
MOD - [2008.10.09 22:06:20 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\MOM.Foundation\2.0.2939.23707__90ba9c70f846762e\MOM.Foundation.dll
MOD - [2008.10.09 22:06:20 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.OS\2.0.2939.23717__90ba9c70f846762e\DEM.OS.dll
MOD - [2008.10.09 22:06:20 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll
MOD - [2008.10.09 22:06:20 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics\2.0.2939.23718__90ba9c70f846762e\DEM.Graphics.dll
MOD - [2008.10.09 22:06:20 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
MOD - [2008.10.09 22:06:20 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.2939.23688__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
MOD - [2008.10.09 22:06:20 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.2939.23734__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
MOD - [2008.10.09 22:06:20 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.2939.23718__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
MOD - [2008.10.09 22:06:20 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Server.Shared\2.0.2939.23687__90ba9c70f846762e\AEM.Server.Shared.dll
MOD - [2008.10.09 22:06:14 | 000,491,520 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.2993.28426__90ba9c70f846762e\CLI.Component.Wizard.dll
MOD - [2008.10.09 22:06:14 | 000,413,696 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.2993.28689__90ba9c70f846762e\CLI.Component.Systemtray.dll
MOD - [2008.10.09 22:06:14 | 000,102,400 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\MOM.Implementation\2.0.2993.28700__90ba9c70f846762e\MOM.Implementation.dll
MOD - [2008.10.09 22:06:14 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.2993.28697__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MOD - [2008.10.09 22:06:14 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.2939.23678__90ba9c70f846762e\CLI.Foundation.Private.dll
MOD - [2008.10.09 22:06:14 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.2993.28736__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
MOD - [2008.10.09 22:06:14 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.2939.23679__90ba9c70f846762e\LOG.Foundation.Private.dll
MOD - [2008.10.09 22:06:14 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.2939.23694__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
MOD - [2008.10.09 22:06:14 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.2939.23712__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MOD - [2008.10.09 22:06:14 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOCALIZATION.Foundation.Private\2.0.2939.23677__90ba9c70f846762e\LOCALIZATION.Foundation.Private.dll
MOD - [2008.10.09 22:06:14 | 000,011,264 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOCALIZATION.Foundation.Implementation\2.0.2993.28750__90ba9c70f846762e\LOCALIZATION.Foundation.Implementation.dll
MOD - [2008.10.09 22:06:14 | 000,006,656 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.2993.28385__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
MOD - [2008.10.09 22:06:14 | 000,005,120 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Systemtray.resources\2.0.2993.28689_de_90ba9c70f846762e\CLI.Component.Systemtray.resources.dll
MOD - [2008.10.09 22:06:12 | 001,507,328 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.2993.28403__90ba9c70f846762e\CLI.Component.Dashboard.dll
MOD - [2008.10.09 22:06:12 | 000,073,728 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.2993.28386__90ba9c70f846762e\CLI.Component.Runtime.dll
MOD - [2008.10.09 22:06:12 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ATIDEMOS\2.0.2993.28387__90ba9c70f846762e\ATIDEMOS.dll
MOD - [2008.10.09 22:06:12 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\APM.Server\2.0.2993.28383__90ba9c70f846762e\APM.Server.dll
MOD - [2008.10.09 22:06:12 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.2939.23713__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
MOD - [2008.10.09 22:06:12 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Server\2.0.2993.28384__90ba9c70f846762e\AEM.Server.dll
MOD - [2008.10.09 22:06:12 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.2939.23689__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
MOD - [2008.10.09 22:06:12 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CCC.Implementation\2.0.2993.28699__90ba9c70f846762e\CCC.Implementation.dll
MOD - [2008.10.09 22:06:12 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
MOD - [2008.10.09 22:06:12 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.2939.23711__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
MOD - [2008.10.09 22:06:12 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.2939.23746__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
MOD - [2008.04.27 12:49:08 | 000,053,248 | ---- | M] () -- C:\Programme\Multimedia Mouse Driver\MouseHook.dll
MOD - [2008.04.14 07:52:18 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008.03.10 09:58:18 | 000,130,560 | ---- | M] () -- C:\Programme\PC Connectivity Solution\Transports\NclUSBSrv.exe
MOD - [2008.02.27 14:52:18 | 000,016,384 | R--- | M] () -- C:\Programme\ATI Technologies\ATI.ACE\Branding\Branding.dll
MOD - [2008.02.22 09:11:02 | 000,120,320 | ---- | M] () -- C:\Programme\PC Connectivity Solution\Transports\NclRSSrv.exe
MOD - [2008.02.04 13:29:02 | 000,688,128 | ---- | M] () -- C:\Programme\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll
MOD - [2007.09.11 00:45:04 | 000,124,832 | ---- | M] () -- C:\Programme\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
MOD - [2007.08.20 17:41:12 | 000,233,472 | ---- | M] () -- C:\WINDOWS\system32\WlanApp.dll
MOD - [2007.03.29 12:17:42 | 000,106,496 | ---- | M] () -- C:\Programme\Multimedia Mouse Driver\keydll.dll
MOD - [2003.04.27 15:02:28 | 000,011,264 | R--- | M] () -- C:\Programme\Mindjet\MindManager 5\sys\PDF\ENU\W2K\fmt_xmf.dll
MOD - [2003.02.05 15:22:04 | 000,017,920 | R--- | M] () -- C:\Programme\Mindjet\MindManager 5\sys\PDF\ENU\W2K\xc_local.dll
MOD - [2003.01.23 13:55:00 | 000,018,944 | R--- | M] () -- C:\Programme\Mindjet\MindManager 5\sys\PDF\ENU\W2K\fmt_xcx.dll
MOD - [2003.01.22 17:29:32 | 000,024,576 | R--- | M] () -- C:\Programme\Mindjet\MindManager 5\sys\PDF\ENU\W2K\fmt_jb2.dll
MOD - [2002.07.03 17:38:00 | 000,053,248 | ---- | M] () -- C:\Programme\ArcSoft\Software Suite\PhotoImpression\Share\PIHook.dll
 
 
========== Services (SafeList) ==========
 
SRV - File not found [Auto | Stopped] -- K:\VNC4\VNC4\WinVNC4.exe -- (WinVNC4)
SRV - File not found [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService)
SRV - File not found [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\AVM\de_serv.exe -- (de_serv)
SRV - File not found [Auto | Stopped] -- C:\Programme\Symantec\LiveUpdate\ALUSchedulerSvc.exe -- (Automatisches LiveUpdate - Scheduler)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2012.09.23 19:50:08 | 000,250,288 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.09.07 17:04:46 | 000,676,936 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.09.07 17:04:46 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012.08.13 03:24:48 | 005,167,736 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Programme\AVG\AVG2012\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2012.07.18 17:36:52 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.05.29 13:09:52 | 001,528,672 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2012.03.19 21:21:48 | 000,265,928 | ---- | M] (SpeedBit Ltd.) [Auto | Running] -- C:\Programme\SpeedBit Video Accelerator\VideoAcceleratorService.exe -- (VideoAcceleratorService)
SRV - [2012.02.27 00:15:42 | 000,055,144 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2012.02.14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Programme\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2010.07.04 19:07:40 | 000,238,952 | ---- | M] (Teruten) [Auto | Running] -- C:\WINDOWS\system32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2009.10.24 03:18:54 | 000,360,224 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\Sony\PMB\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)
SRV - [2009.07.13 23:18:12 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Programme\CDBurnerXP\NMSAccessU.exe -- (NMSAccessU)
SRV - [2008.10.10 21:52:52 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008.04.07 09:17:30 | 000,430,592 | ---- | M] (Nokia.) [On_Demand | Running] -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2007.09.11 00:45:04 | 000,124,832 | ---- | M] () [Auto | Running] -- C:\Programme\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor6.0)
SRV - [2007.09.07 22:22:24 | 000,204,800 | ---- | M] (UASSOFT.COM) [Auto | Running] -- C:\Programme\Multimedia Mouse Driver\KMWDSrv.exe -- (KMWDSERVICE)
SRV - [2007.01.19 11:49:26 | 000,049,152 | ---- | M] (Wireless Service) [Auto | Stopped] -- C:\Programme\ANI\ANIWZCS2 Service\ANIWZCSdS.exe -- (ANIWZCSdService)
SRV - [2006.09.28 10:20:00 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
SRV - [2006.05.23 23:49:14 | 000,024,576 | ---- | M] (Syntek America Inc.) [Auto | Running] -- C:\WINDOWS\system32\StkASv2K.exe -- (StkASSrv)
SRV - [2005.04.04 00:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2003.07.28 12:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2003.06.19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM)
SRV - [2001.08.18 04:55:00 | 000,086,016 | ---- | M] (PCtel, Inc.) [Auto | Running] -- C:\WINDOWS\system32\pctspk.exe -- (Pctspk)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\DRIVERS\wanatw4.sys -- (wanatw)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRAMME\NORMAN\nvc\BIN\nvcoarc51.sys -- (nvcoarc51)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRAMME\NORMAN\nvc\BIN\nvcoafl51.sys -- (nvcoafl51)
DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] --  -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
DRV - [2012.09.07 17:04:46 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012.08.24 15:43:18 | 000,301,920 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2012.07.26 03:21:30 | 000,237,408 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2012.05.08 15:21:42 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2012.04.19 04:50:26 | 000,024,896 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2012.01.31 04:46:50 | 000,031,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2011.12.23 13:32:14 | 000,041,040 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011.12.23 13:32:08 | 000,017,232 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2011.12.23 13:32:06 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\avgidsfilterx.sys -- (AVGIDSFilter)
DRV - [2011.12.23 13:32:00 | 000,139,856 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2010.06.14 09:32:54 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2010.05.12 12:23:04 | 000,016,896 | ---- | M] (Danish Wireless Design A/S) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\FlashUSB.sys -- (FlashUSB)
DRV - [2010.04.27 04:25:16 | 000,123,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV - [2010.04.27 04:25:16 | 000,098,432 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bbus.sys -- (ss_bbus)
DRV - [2010.04.27 04:25:16 | 000,014,848 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bmdfl.sys -- (ss_bmdfl)
DRV - [2009.11.17 19:51:38 | 005,956,608 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2009.11.12 14:48:56 | 000,007,168 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2009.05.25 14:35:00 | 000,116,904 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1029unic.sys -- (s1029unic)
DRV - [2009.05.25 14:34:56 | 000,122,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1029mdm.sys -- (s1029mdm)
DRV - [2009.05.25 14:34:56 | 000,090,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1029bus.sys -- (s1029bus)
DRV - [2009.05.25 14:34:56 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1029mdfl.sys -- (s1029mdfl)
DRV - [2009.05.25 14:34:54 | 000,115,880 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1029mgmt.sys -- (s1029mgmt)
DRV - [2009.05.25 14:34:54 | 000,111,912 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1029obex.sys -- (s1029obex)
DRV - [2009.05.25 14:34:54 | 000,026,024 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1029nd5.sys -- (s1029nd5)
DRV - [2008.10.10 21:26:12 | 000,016,608 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\gdrv.sys -- (gdrv)
DRV - [2008.08.05 20:10:12 | 001,684,736 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2008.06.18 11:23:38 | 003,692,288 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtHDMI.sys -- (RTHDMIAzAudService)
DRV - [2008.04.14 00:15:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2008.03.13 00:09:36 | 002,870,784 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2008.01.15 21:50:52 | 000,459,520 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Dr71WU.sys -- (RT73)
DRV - [2008.01.04 08:10:16 | 000,105,856 | R--- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2007.09.17 15:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007.04.16 16:46:34 | 000,033,792 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdPPM.sys -- (AmdPPM)
DRV - [2006.12.28 18:44:44 | 000,084,992 | R--- | M] (ATI Research Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AtiHdAud.sys -- (HdAudAddService)
DRV - [2006.11.15 17:32:44 | 000,242,139 | ---- | M] (Syntek America Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\StkAMini.sys -- (StkAMini)
DRV - [2006.06.27 18:27:18 | 000,004,772 | ---- | M] (Syntek America Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\StkScan.sys -- (StkScan)
DRV - [2006.01.04 15:41:48 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2005.12.11 11:55:38 | 000,028,195 | ---- | M] (Alpha Networks Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\ANIO.sys -- (ANIO)
DRV - [2005.11.03 15:40:08 | 000,063,488 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfvfs02.sys -- (sfvfs02)
DRV - [2005.08.10 13:44:06 | 000,050,688 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfdrv01.sys -- (sfdrv01)
DRV - [2005.05.16 14:20:40 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfhlp02.sys -- (sfhlp02)
DRV - [2004.08.03 22:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rtl8139.sys -- (rtl8139)
DRV - [2004.07.16 16:47:14 | 000,014,165 | ---- | M] (Pinnacle Systems GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\Pclepci.sys -- (PCLEPCI)
DRV - [2003.09.19 16:45:48 | 000,021,248 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2001.11.28 10:18:00 | 000,162,304 | ---- | M] (NVIDIA® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nvapu.sys -- (nvnforce)
DRV - [2001.11.28 10:18:00 | 000,013,056 | ---- | M] (NVIDIA® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nvax.sys -- (nvax)
DRV - [2001.11.20 19:20:00 | 000,013,502 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nv_agp.SYS -- (nv_agp)
DRV - [2001.08.17 13:28:16 | 000,397,502 | ---- | M] (PCtel, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\vpctcom.sys -- (Vpctcom)
DRV - [2001.08.17 13:28:16 | 000,064,605 | ---- | M] (PCtel, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\vvoice.sys -- (Vvoice)
DRV - [2001.08.17 13:28:14 | 000,604,253 | ---- | M] (PCTEL, INC.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\vmodem.sys -- (Vmodem)
DRV - [2001.08.17 13:28:14 | 000,112,574 | ---- | M] (PCTEL, INC.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ptserlp.sys -- (Ptserlp)
DRV - [2001.08.17 12:12:02 | 000,063,208 | ---- | M] (Intel Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\dc21x4.sys -- (DC21x4)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-21-874574627-2650805779-3784137826-1007\..\URLSearchHook:  - No CLSID value found
IE - HKU\S-1-5-21-874574627-2650805779-3784137826-1007\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-874574627-2650805779-3784137826-1007\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKU\S-1-5-21-874574627-2650805779-3784137826-1007\..\SearchScopes\{2EB5D0A4-90B5-434A-A3F3-DE492D815145}: "URL" = hxxp://go.1und1.de/suchbox/1und1suche?su={searchTerms}
IE - HKU\S-1-5-21-874574627-2650805779-3784137826-1007\..\SearchScopes\{510D9FB1-B50F-4B4D-81A5-23655474DC2A}: "URL" = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=867034&p={searchTerms}
IE - HKU\S-1-5-21-874574627-2650805779-3784137826-1007\..\SearchScopes\{A42E06CC-6C32-456A-943A-F9F6DFFC39EC}: "URL" = hxxp://go.1und1.de/suchbox/amazon?tag=1und1icon-21&field-keywords={searchTerms}
IE - HKU\S-1-5-21-874574627-2650805779-3784137826-1007\..\SearchScopes\{E08A9998-D98F-476f-8F5C-37C80FE0A4DA}: "URL" = hxxp://de.search.yahoo.com/search?fr=chr-ober&type=gamenextde&p={searchTerms}
IE - HKU\S-1-5-21-874574627-2650805779-3784137826-1007\..\SearchScopes\{E59FA6AF-986F-4597-9196-310659A15010}: "URL" = hxxp://go.web.de/suchbox/google?q={searchTerms}
IE - HKU\S-1-5-21-874574627-2650805779-3784137826-1007\..\SearchScopes\{FB0684CD-9707-4FBA-9FE4-C020B8F68521}: "URL" = hxxp://go.web.de/suchbox/ebay?query={searchTerms}
IE - HKU\S-1-5-21-874574627-2650805779-3784137826-1007\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-874574627-2650805779-3784137826-1007\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q="
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=867034"
FF - prefs.js..browser.search.selectedEngine: "AVG Secure Search"
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledAddons: {F53C93F1-07D5-430c-86D4-C9531B27DFAF}:12.0.0.2189
FF - prefs.js..extensions.enabledAddons: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}:6.0.35
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: litmus-ff@f-secure.com:1.10
FF - prefs.js..extensions.enabledItems: searchsettings@spigot.com:1.2.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.5
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..keyword.URL: "hxxp://isearch.avg.com/search?cid=%7B889d85ae-6d4f-47cc-ab42-b1712c88ad85%7D&mid=af1e04e899f947d0b701d15edc5cfa45-5e152cbfd45cbc58c155cd03afb1fd0f74c7444c&ds=AVG&v=11.1.0.12&lang=de&pr=fr&d=2012-05-27%2012%3A55%3A52&sap=ku&q="
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_278.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_35: C:\WINDOWS\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Programme\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.775: C:\Programme\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.775: C:\Programme\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=1.0.0.0: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.775: C:\Programme\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@zylom.com/ZylomGamesPlayer: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010.09.29 16:28:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Programme\AVG\AVG2012\Firefox4\ [2012.05.27 12:55:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Programme\AVG\AVG2012\Firefox\DoNotTrack\ [2012.05.27 12:55:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Programme\Mozilla Firefox\components [2006.11.15 18:49:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2006.11.15 18:49:42 | 000,000,000 | ---D | M]
 
[2008.06.21 17:22:38 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mozilla\Extensions
[2006.11.19 11:47:02 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mozilla\Firefox\Profiles\q091o1qh.default\extensions
[2010.05.15 12:39:26 | 000,000,000 | ---D | M] ("Microsoft .NET Framework Assistant") -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mozilla\Firefox\Profiles\q091o1qh.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012.06.11 18:34:36 | 000,000,000 | ---D | M] (Wincore Mediabar) -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mozilla\Firefox\Profiles\q091o1qh.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}
[2011.01.25 22:46:42 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mozilla\Firefox\Profiles\q091o1qh.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2010.07.27 10:41:06 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2006.11.15 18:50:10 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Programme\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2012.10.01 21:41:50 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2012.05.27 12:55:08 | 000,000,000 | ---D | M] (AVG Do Not Track) -- C:\PROGRAMME\AVG\AVG2012\FIREFOX\DONOTTRACK
[2012.07.18 17:36:52 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll
[2009.10.26 16:45:36 | 000,102,400 | ---- | M] (Zylom) -- C:\Programme\mozilla firefox\plugins\npzylomgamesplayer.dll
[2012.06.15 00:46:58 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.06.15 00:46:56 | 000,002,252 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml
[2012.06.15 00:46:58 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2012.06.15 00:46:58 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.06.15 00:46:58 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.06.15 00:46:56 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Yahoo! Deutschland ()
CHR - default_search_provider: search_url = hxxp://de.search.yahoo.com/search?ei={inputEncoding}&fr=crmas&p={searchTerms}
CHR - default_search_provider: suggest_url = hxxp://de-sayt.ff.search.yahoo.com/gossip-de-sayt?output=fxjson&command={searchTerms}
CHR - homepage: hxxp://www.google.com/
 
O1 HOSTS File: ([2010.12.20 17:18:28 | 000,000,355 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1	localhost
O1 - Hosts: ::1			localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Programme\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Programme\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\S-1-5-21-874574627-2650805779-3784137826-1007\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.
O3 - HKU\S-1-5-21-874574627-2650805779-3784137826-1007\..\Toolbar\WebBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found.
O3 - HKU\S-1-5-21-874574627-2650805779-3784137826-1007\..\Toolbar\WebBrowser: (no name) - {E9911EC6-1BCC-40B0-9993-E0EEA7F6953F} - No CLSID value found.
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Photo Downloader] C:\Programme\Adobe\Photoshop Elements 6.0\apdproxy.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ANIWZCS2Service] C:\Programme\ANI\ANIWZCS2 Service\WZCSLDR2.exe (Wireless Service)
O4 - HKLM..\Run: [APSDaemon] C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Programme\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [KMCONFIG] C:\Programme\Multimedia Mouse Driver\StartAutorun.exe KMConfig.exe File not found
O4 - HKLM..\Run: [Microsoft Works Update Detection] C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkUFind.exe (Microsoft® Corporation)
O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Programme\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u File not found
O4 - HKU\S-1-5-21-874574627-2650805779-3784137826-1007..\Run: [AutoStartNPSAgent] C:\Programme\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKU\S-1-5-21-874574627-2650805779-3784137826-1007..\Run: [SpeedBitVideoAccelerator] C:\Programme\SpeedBit Video Accelerator\VideoAccelerator.exe (SpeedBit LTD)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\MindManager PDF Writer.lnk = C:\Programme\Mindjet\MindManager 5\sys\PDF\ENU\W2K\PDFSaver.exe (Tracker Software Products)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\WISO Mein Steuer-Sparbuch heute.lnk = C:\Programme\WISO\Steuersoftware 2012\mshaktuell.exe ()
O4 - Startup: C:\Dokumente und Einstellungen\Christine\Startmenü\Programme\Autostart\Dropbox.lnk =  File not found
O4 - Startup: C:\Dokumente und Einstellungen\Dominik\Startmenü\Programme\Autostart\OpenOffice.org 3.3.lnk =  File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-874574627-2650805779-3784137826-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKU\S-1-5-21-874574627-2650805779-3784137826-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: _NoDriveTypeAutoRun = 145
O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Programme\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Programme\SpeedBit Video Accelerator\SBLSP.dll (SpeedBit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Programme\SpeedBit Video Accelerator\SBLSP.dll (SpeedBit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Programme\SpeedBit Video Accelerator\SBLSP.dll (SpeedBit)
O15 - HKU\S-1-5-21-874574627-2650805779-3784137826-1007\..Trusted Domains:   ([]msn in My Computer)
O15 - HKU\S-1-5-21-874574627-2650805779-3784137826-1007\..Trusted Domains: chip.de ([www] http in Vertrauenswürdige Sites)
O15 - HKU\S-1-5-21-874574627-2650805779-3784137826-1007\..Trusted Domains: fritz.box ([]* in Lokales Intranet)
O15 - HKU\S-1-5-21-874574627-2650805779-3784137826-1007\..Trusted Ranges: Range1 ([*] in Lokales Intranet)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {2F0D96B4-7D9D-4767-A657-F7ECC9114887} hxxp://haustein.dyndns.org/IPCamPluginDMPT.cab (EDIMAX IPCamPluginDMPT Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} hxxp://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37361.2830671296 (Reg Error: Unable to open value key)
O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Unable to open value key)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A0E1E16A-59D3-4429-82A7-353D7EEE174D}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FEB76918-6009-47F2-A852-A5CF4C5A11DB}: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Programme\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\Reiner\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\Reiner\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2002.04.13 13:54:06 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{3d888470-fff7-11e1-94d6-e5a0a0689281}\Shell - "" = AutoRun
O33 - MountPoints2\{3d888470-fff7-11e1-94d6-e5a0a0689281}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{3d888470-fff7-11e1-94d6-e5a0a0689281}\Shell\AutoRun\command - "" = K:\LaunchU3.exe -a
O33 - MountPoints2\{ad4a14b6-82e9-11d6-9c49-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{ad4a14b6-82e9-11d6-9c49-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{ad4a14b6-82e9-11d6-9c49-806d6172696f}\Shell\AutoRun\command - "" = E:\Programs\nu2menu\nu2menu.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
NetSvcs: 6to4 -  File not found
NetSvcs: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
NetSvcs: Ias -  File not found
NetSvcs: Iprip -  File not found
NetSvcs: Irmon -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: WmdmPmSp -  File not found
 
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 0
 
SafeBootMin: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
 
SafeBootNet: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: UploadMgr - Service
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
 
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM
ActiveX: {0fde1f56-0d59-4fd7-9624-e3df6b419d0e} - Internet Explorer ReadMe
ActiveX: {0fde1f56-0d59-4fd7-9624-e3df6b419d0f} - IEEX
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vektorgrafik-Rendering (VML)
ActiveX: {166B1BCA-3F9C-11CF-8075-444553540000} - Macromedia Shockwave Director 10.1
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 10.2
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Adobe Shockwave Director 10.2
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {2D5974C5-5185-4f5b-80B6-28015ACDD74C} - q319182
ActiveX: {2eac6a2d-57a8-44d4-96f7-e32bab40ca5f} - Windows Update
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML-Datenbindung für Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Erweitertes Authoring
ActiveX: {429D8DD3-05E0-4F56-B6D6-AC0730567C02} - Euro Update Tool
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015C} - Microsoft DirectX
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5056b317-8d4c-43ee-8543-b9d1e234b8f4} - Sicherheitsupdate für Windows XP (KB923789)
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Webordner
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {8937FCB2-2FC6-4FC3-9FB5-DE2C92DB9C38} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C3C986D6-06B1-43BF-90DD-BE30756C00DE} - RevokedRootsUpdate
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Taskplaner
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Macromedia Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{00E34CBB-C0F7-466F-9A34-D6B120AE2850} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
 
Drivers32: msacm.ac3acm - C:\WINDOWS\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.dvacm - C:\Programme\Gemeinsame Dateien\Ulead Systems\VIO\DVACM.acm (Ulead Systems, Inc.)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\WINDOWS\System32\lameACM.acm (hxxp://www.mp3dev.org/)
Drivers32: msacm.MPEGacm - C:\Programme\Gemeinsame Dateien\Ulead Systems\MPEG\MPEGACM.acm (Ulead Systems, Inc.)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: msacm.ulmp3acm - C:\Programme\Gemeinsame Dateien\Ulead Systems\MPEG\ulmp3acm.acm (Ulead systems)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: VIDC.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.10.03 14:24:39 | 000,031,584 | ---- | C] (TuneUp Software) -- C:\WINDOWS\System32\TURegOpt.exe
[2012.10.03 14:24:36 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\TuneUp Utilities 2012
[2012.10.03 14:24:30 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\TuneUp Software
[2012.10.03 14:24:25 | 000,000,000 | ---D | C] -- C:\Programme\TuneUp Utilities 2012
[2012.10.03 14:24:15 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TuneUp Software
[2012.10.03 14:24:09 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{32364CEA-7855-4A3C-B674-53D8E9B97936}
[2012.10.03 13:22:21 | 000,000,000 | ---D | C] -- D:\Reiner\My Albums
[2012.10.03 13:22:21 | 000,000,000 | ---D | C] -- D:\Reiner\ArcSoft
[2012.10.01 21:42:02 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Java
[2012.10.01 21:41:41 | 000,000,000 | ---D | C] -- C:\Programme\Java
[2012.09.23 18:43:49 | 000,000,000 | ---D | C] -- C:\Programme\ESET
[2012.09.16 16:27:38 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Malwarebytes
[2012.09.16 16:27:33 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware
[2012.09.16 16:27:32 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2012.09.16 16:27:31 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012.09.16 16:27:31 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2012.09.16 16:26:42 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Reiner\Desktop\Bundestrojaner
[2012.09.11 07:20:44 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\AVG
[2007.06.04 10:54:26 | 005,810,216 | ---- | C] (Mozilla) -- C:\Programme\Firefox Setup 2.0.0.4.exe
[2007.05.11 19:18:04 | 005,804,232 | ---- | C] (Mozilla) -- C:\Programme\Firefox Setup 2.0.0.3.exe
[2007.01.19 21:55:40 | 014,843,696 | ---- | C] (Microsoft Corporation) -- C:\Programme\IE7-WindowsXP-x86-deu.exe
[2007.01.19 21:43:09 | 027,066,664 | ---- | C] (Microsoft Corporation) -- C:\Programme\PowerPointViewer.exe
[2005.12.05 18:00:46 | 002,247,888 | ---- | C] (Microsoft Corporation) -- C:\Programme\dsetup32.dll
[2005.12.05 18:00:46 | 000,484,560 | ---- | C] (Microsoft Corporation) -- C:\Programme\DXSETUP.exe
[2005.12.05 18:00:46 | 000,074,448 | ---- | C] (Microsoft Corporation) -- C:\Programme\DSETUP.dll
[2004.11.20 16:31:32 | 003,207,168 | ---- | C] (Mindjet) -- C:\Programme\MindMan.exe
[2004.11.20 16:31:32 | 001,171,456 | ---- | C] (Mindjet) -- C:\Programme\mmlang-ger.dll
[2004.11.20 16:31:31 | 000,761,856 | ---- | C] (Sub Systems, Inc. ) -- C:\Programme\Ter32mm.dll
[2004.11.20 16:31:31 | 000,262,144 | ---- | C] (Inner Media, Inc.) -- C:\Programme\adfactry.dll
[2004.11.20 16:31:31 | 000,221,184 | ---- | C] (Catenary Systems) -- C:\Programme\Vic32.dll
[2004.11.20 16:31:31 | 000,172,032 | ---- | C] (Wintertree Software Inc.) -- C:\Programme\Ssce5332.dll
[2004.11.20 16:31:31 | 000,124,416 | ---- | C] (Inner Media, Inc.) -- C:\Programme\dzip32.dll
[2004.11.20 16:31:31 | 000,096,768 | ---- | C] (Inner Media, Inc.) -- C:\Programme\dunzip32.dll
[2004.11.20 16:31:31 | 000,077,312 | ---- | C] (Inner Media, Inc.) -- C:\Programme\sfxbe322.dll
[2004.11.20 16:31:31 | 000,053,760 | ---- | C] (Inner Media, Inc.) -- C:\Programme\sfxfe32.exe
[2004.11.20 16:31:30 | 000,290,816 | ---- | C] (Sub Systems, Inc. ) -- C:\Programme\Hts32mm.dll
[2002.11.05 05:00:00 | 001,822,520 | ---- | C] (Microsoft Corporation) -- C:\Programme\INSTMSIW.EXE
[2002.11.05 05:00:00 | 001,708,856 | ---- | C] (Microsoft Corporation) -- C:\Programme\INSTMSIA.EXE
[2002.11.05 05:00:00 | 000,102,400 | ---- | C] (Installshield Software Corporation                          ) -- C:\Programme\SETUP.EXE
[17 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[10 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.10.06 00:49:00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012.10.06 00:42:43 | 000,000,007 | ---- | M] () -- C:\WINDOWS\System32\ANIWZCSUSERNAME
[2012.10.06 00:42:18 | 000,001,374 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.10.06 00:41:56 | 000,001,092 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012.10.06 00:41:56 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-874574627-2650805779-3784137826-1006.job
[2012.10.06 00:41:56 | 000,000,272 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-874574627-2650805779-3784137826-1007.job
[2012.10.06 00:41:55 | 000,000,280 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-874574627-2650805779-3784137826-1018.job
[2012.10.06 00:41:55 | 000,000,274 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-874574627-2650805779-3784137826-1019.job
[2012.10.06 00:41:55 | 000,000,274 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-874574627-2650805779-3784137826-1017.job
[2012.10.06 00:17:00 | 000,001,096 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012.10.05 20:40:00 | 000,000,460 | ---- | M] () -- C:\WINDOWS\tasks\At2.job
[2012.10.05 19:22:34 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.10.05 18:52:26 | 000,000,280 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-874574627-2650805779-3784137826-1007.job
[2012.10.04 19:21:02 | 000,000,460 | ---- | M] () -- C:\WINDOWS\tasks\At3.job
[2012.10.04 14:00:02 | 000,000,460 | ---- | M] () -- C:\WINDOWS\tasks\At4.job
[2012.10.04 10:10:02 | 000,000,460 | ---- | M] () -- C:\WINDOWS\tasks\At1.job
[2012.10.03 14:24:38 | 000,001,615 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\TuneUp 1-Klick-Wartung.lnk
[2012.10.03 14:24:38 | 000,001,611 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\TuneUp Utilities 2012.lnk
[2012.10.03 13:48:00 | 000,000,288 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-874574627-2650805779-3784137826-1018.job
[2012.09.16 16:45:46 | 000,000,660 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.09.16 10:07:22 | 004,503,728 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\dsgsdgdsgdsgw.pad
[2012.09.16 10:02:18 | 000,000,010 | ---- | M] () -- C:\WINDOWS\System32\ANIWZCSUSERNAME{79CBCEC7-42D8-49E9-AC5D-0957EF2826BF}
[2012.09.16 10:02:14 | 000,000,286 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-874574627-2650805779-3784137826-1006.job
[2012.09.13 07:19:22 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012.09.11 07:20:46 | 000,000,602 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\AVG 2012.lnk
[2012.09.09 13:08:12 | 000,368,096 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012.09.07 17:04:46 | 000,022,856 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[17 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[10 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.10.03 14:24:37 | 000,001,615 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\TuneUp 1-Klick-Wartung.lnk
[2012.10.03 14:24:37 | 000,001,611 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\TuneUp Utilities 2012.lnk
[2012.10.03 14:24:36 | 000,001,617 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\TuneUp Utilities 2012.lnk
[2012.09.16 16:45:44 | 000,000,660 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.09.14 10:30:37 | 004,503,728 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\dsgsdgdsgdsgw.pad
[2012.02.15 13:51:54 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011.09.15 20:20:31 | 000,000,025 | ---- | C] () -- C:\WINDOWS\popcinfot.dat
[2011.04.05 12:11:17 | 000,002,528 | ---- | C] () -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\$_hpcst$.hpc
[2011.03.29 08:09:16 | 000,011,264 | ---- | C] () -- C:\WINDOWS\System32\rockusbCoInstaller.dll
[2011.01.30 14:18:22 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\CommonDL.dll
[2011.01.30 14:18:22 | 000,002,413 | ---- | C] () -- C:\WINDOWS\System32\lgAxconfig.ini
[2010.11.07 17:50:22 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009.10.09 15:13:13 | 000,000,045 | ---- | C] () -- C:\Dokumente und Einstellungen\Reiner\jagex_runescape_preferences2.dat
[2009.10.09 15:12:37 | 000,000,038 | ---- | C] () -- C:\Dokumente und Einstellungen\Reiner\jagex_runescape_preferences.dat
[2008.10.16 20:24:27 | 000,000,152 | ---- | C] () -- C:\Dokumente und Einstellungen\Reiner\default.pls
[2008.10.11 10:06:30 | 000,001,604 | ---- | C] () -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\wklnhst.dat
[2006.11.15 18:48:08 | 006,042,312 | ---- | C] () -- C:\Programme\FirefoxGoogleToolbarSetup.exe
[2006.11.14 19:49:09 | 000,155,648 | ---- | C] () -- C:\Programme\Symantec Security.exe
[2006.11.14 19:48:02 | 000,000,637 | ---- | C] () -- C:\Programme\Symantec Security.htm
[2006.05.23 16:20:47 | 000,000,021 | ---- | C] () -- C:\Programme\AVPersonalAVWIN.INI
[2006.05.23 16:18:55 | 000,144,198 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\firstlsp.reg.dat
[2005.12.05 18:28:30 | 003,673,932 | ---- | C] () -- C:\Programme\Dec2005_MDX1_x86_Archive.cab
[2005.12.05 18:28:04 | 001,358,864 | ---- | C] () -- C:\Programme\Dec2005_d3dx9_28_x64.cab
[2005.12.05 18:28:02 | 000,086,925 | ---- | C] () -- C:\Programme\Oct2005_xinput_x64.cab
[2005.12.05 18:28:02 | 000,046,247 | ---- | C] () -- C:\Programme\Oct2005_xinput_x86.cab
[2005.12.05 18:28:02 | 000,041,888 | ---- | C] () -- C:\Programme\dxdllreg_x86.cab
[2005.12.05 18:28:00 | 000,916,806 | ---- | C] () -- C:\Programme\Dec2005_MDX1_x86.cab
[2005.12.05 18:27:58 | 001,080,344 | ---- | C] () -- C:\Programme\Dec2005_d3dx9_28_x86.cab
[2005.12.05 18:00:46 | 000,081,092 | ---- | C] () -- C:\Programme\dxupdate.cab
[2005.12.05 18:00:44 | 001,351,430 | ---- | C] () -- C:\Programme\Aug2005_d3dx9_27_x64.cab
[2005.12.05 18:00:44 | 001,336,890 | ---- | C] () -- C:\Programme\Jun2005_d3dx9_26_x64.cab
[2005.12.05 18:00:44 | 001,248,387 | ---- | C] () -- C:\Programme\Feb2005_d3dx9_24_x64.cab
[2005.12.05 18:00:44 | 001,078,532 | ---- | C] () -- C:\Programme\Aug2005_d3dx9_27_x86.cab
[2005.12.05 18:00:44 | 001,065,813 | ---- | C] () -- C:\Programme\Jun2005_d3dx9_26_x86.cab
[2005.12.05 18:00:44 | 001,014,113 | ---- | C] () -- C:\Programme\Feb2005_d3dx9_24_x86.cab
[2005.12.05 18:00:42 | 013,265,040 | ---- | C] () -- C:\Programme\dxnt.cab
[2005.12.05 18:00:40 | 015,493,481 | ---- | C] () -- C:\Programme\DirectX.cab
[2005.12.05 18:00:40 | 001,156,363 | ---- | C] () -- C:\Programme\BDANT.cab
[2005.12.05 18:00:40 | 000,976,020 | ---- | C] () -- C:\Programme\BDAXP.cab
[2005.12.05 18:00:40 | 000,703,080 | ---- | C] () -- C:\Programme\BDA.cab
[2005.10.27 18:50:12 | 000,002,487 | ---- | C] () -- C:\Programme\Microsoft PowerPoint.lnk
[2004.11.20 16:40:18 | 000,073,664 | -H-- | C] () -- C:\Programme\MindMan.GID
[2004.11.20 16:31:32 | 001,379,900 | ---- | C] () -- C:\Programme\MMConferenceProvider.dll
[2004.11.20 16:31:31 | 000,081,468 | ---- | C] () -- C:\Programme\MindMan.tlb
[2004.11.20 16:31:30 | 000,157,149 | ---- | C] () -- C:\Programme\WiseUpdt.exe
[2004.11.20 16:31:30 | 000,133,988 | R--- | C] () -- C:\Programme\GER_ReleaseNotes.rtf
[2004.11.20 16:31:30 | 000,078,708 | R--- | C] () -- C:\Programme\Versionshinweise.mmp
[2004.11.20 16:31:30 | 000,043,693 | ---- | C] () -- C:\Programme\DeveloperResources.mmp
[2004.11.20 16:31:30 | 000,028,714 | R--- | C] () -- C:\Programme\Open Interface Release Notes.mmp
[2004.11.20 16:31:30 | 000,017,271 | ---- | C] () -- C:\Programme\MindManager 2002 License Agreement.rtf
[2004.11.20 16:31:30 | 000,006,855 | ---- | C] () -- C:\Programme\UNWISE.INI
[2004.11.20 16:31:29 | 000,162,304 | ---- | C] () -- C:\Programme\UNWISE.EXE
[2003.07.01 19:32:34 | 004,073,984 | ---- | C] () -- C:\Programme\Antivir.exe
[2002.11.05 05:00:00 | 018,135,040 | ---- | C] () -- C:\Programme\QCL.MSI
[2002.11.05 05:00:00 | 001,452,803 | ---- | C] () -- C:\Programme\QCL.PDF
[2002.11.05 05:00:00 | 000,320,618 | ---- | C] () -- C:\Programme\LICENSE.PDF
[2002.11.05 05:00:00 | 000,062,686 | ---- | C] () -- C:\Programme\SETUP.INI
[2002.11.05 05:00:00 | 000,021,094 | ---- | C] () -- C:\Programme\EXTRA.CAB
[2002.08.29 20:19:35 | 000,008,704 | ---- | C] () -- C:\Dokumente und Einstellungen\Reiner\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
========== ZeroAccess Check ==========
 
[2008.10.09 22:02:30 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\System32\shdocvw.dll -- [2008.04.14 07:52:26 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\System32\wbem\fastprox.dll -- [2009.02.09 12:51:44 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\System32\wbem\wbemess.dll -- [2008.04.14 07:52:34 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2012.05.27 12:54:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AVG2012
[2010.06.12 11:01:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Buhl Data Service GmbH
[2010.07.18 14:29:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\BVRP Software
[2009.12.04 21:31:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Canneverbe Limited
[2012.05.27 12:55:30 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Common Files
[2008.10.10 22:00:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\espionServerData
[2009.04.23 08:12:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\F-Secure
[2010.01.14 16:11:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Firefly Studios
[2009.04.23 08:12:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\fssg
[2009.11.18 15:40:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ICQ
[2009.02.20 17:46:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\IEConfiguration1und1
[2012.06.11 18:33:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\iMesh
[2011.01.30 14:18:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\LGMOBILEAX
[2012.05.27 12:51:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MFAData
[2011.09.14 19:24:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MSScanAppDataDir
[2009.11.10 10:25:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Oberon Media
[2010.04.30 15:27:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PC Suite
[2009.05.19 20:22:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Pinnacle
[2010.07.27 10:20:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PopCap Games
[2011.04.05 12:31:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Samsung
[2009.11.10 10:25:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP
[2004.12.25 09:26:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Terzio
[2010.05.16 15:13:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\tmp
[2012.10.03 14:24:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TuneUp Software
[2010.11.25 09:16:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Ulead Systems
[2007.10.31 19:19:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\WinZip
[2010.07.31 13:23:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Zylom
[2012.10.03 14:24:10 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{32364CEA-7855-4A3C-B674-53D8E9B97936}
[2010.04.19 16:13:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2011.03.29 08:09:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{F0489EF2-D393-4114-85BA-A94D71D89543}
[2012.06.11 18:32:30 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{FCC59D3F-C1B9-40B4-9776-50CDD1A7307C}
[2012.05.27 13:18:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\AVG
[2012.05.27 12:56:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\AVG2012
[2010.07.08 18:54:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\Blender Foundation
[2011.05.12 12:09:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\Buhl Data Service
[2010.04.26 14:41:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\Canneverbe Limited
[2009.08.01 13:32:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\Cornelsen
[2010.12.20 16:29:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\DiskAid
[2010.12.19 12:25:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\Dropbox
[2010.04.28 15:16:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\DVDVideoSoftIEHelpers
[2009.05.04 09:02:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\F-Secure
[2010.07.27 10:40:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\FreeFLVConverter
[2002.04.15 08:52:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\InterTrust
[2007.06.02 13:44:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\KIDDINX
[2012.01.12 16:30:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\LibreOffice
[2005.09.11 12:50:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\Mindjet
[2011.02.16 19:27:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\OpenOffice.org
[2007.05.25 12:58:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\Panasonic
[2010.04.23 07:49:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\PC Suite
[2010.12.27 10:44:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\Philips
[2010.12.27 10:22:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\Philips-Songbird
[2010.04.23 07:30:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\Samsung
[2011.03.29 07:52:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\Songbird2
[2010.07.18 14:18:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\Sony
[2010.07.18 14:18:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\Sony Setup
[2008.10.13 09:30:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\Template
[2010.12.20 16:31:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\TuneAid
[2010.04.28 15:19:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1
[2010.11.25 09:27:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\Ulead Systems
[2012.09.14 10:30:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\wincoreimband
[2010.07.31 13:23:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\Zylom
[2002.04.15 08:52:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Default User\Anwendungsdaten\InterTrust
[2002.04.15 08:52:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Dominik\Anwendungsdaten\InterTrust
[2011.02.13 12:57:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Dominik\Anwendungsdaten\OpenOffice.org
[2010.09.30 22:19:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Dominik\Anwendungsdaten\PC Suite
[2010.11.25 14:21:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Dominik\Anwendungsdaten\Ulead Systems
[2011.05.28 13:28:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jacqueline\Anwendungsdaten\Cornelsen
[2002.04.15 08:52:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jacqueline\Anwendungsdaten\InterTrust
[2010.10.20 15:41:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jacqueline\Anwendungsdaten\PC Suite
[2010.12.30 13:24:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jacqueline\Anwendungsdaten\Philips
[2010.12.30 13:14:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jacqueline\Anwendungsdaten\Philips-Songbird
[2010.11.25 17:25:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jacqueline\Anwendungsdaten\Ulead Systems
[2012.05.27 19:23:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\AVG2012
[2010.06.12 11:07:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Buhl Data Service
[2010.05.02 14:58:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Canneverbe Limited
[2009.12.12 18:40:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Canneverbe_Limited
[2012.03.19 22:17:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\ElevatedDiagnostics
[2009.05.21 12:03:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\F-Secure
[2009.11.18 15:40:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\ICQ
[2002.04.15 08:52:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\InterTrust
[2007.06.03 19:14:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\KIDDINX
[2004.12.04 20:30:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mindjet
[2007.05.01 19:09:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Panasonic
[2010.04.23 18:41:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\PC Suite
[2011.04.05 12:30:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Samsung
[2008.10.11 10:06:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Template
[2012.10.03 14:24:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\TuneUp Software
[2010.12.06 17:35:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Ulead Systems
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %ALLUSERSPROFILE%\Application Data\*. >
[2012.03.19 21:21:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Application Data\Speedbit
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2002.04.15 08:52:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Adobe
[2005.10.22 18:37:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\AdobeUM
[2008.10.14 20:05:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Ahead
[2010.04.20 20:37:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Apple Computer
[2007.05.01 19:03:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Arcsoft
[2008.10.10 22:15:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\ATI
[2012.05.27 19:23:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\AVG2012
[2010.06.12 11:07:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Buhl Data Service
[2010.05.02 14:58:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Canneverbe Limited
[2009.12.12 18:40:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Canneverbe_Limited
[2010.09.15 21:23:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\DivX
[2009.10.27 19:33:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\dvdcss
[2012.03.19 22:17:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\ElevatedDiagnostics
[2009.05.21 12:03:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\F-Secure
[2010.06.26 15:58:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Google
[2002.12.04 20:33:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Help
[2010.11.16 19:21:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\HpUpdate
[2009.11.18 15:40:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\ICQ
[2002.04.13 13:59:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Identities
[2007.05.01 18:45:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\InstallShield
[2002.04.15 08:52:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\InterTrust
[2007.06.03 19:14:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\KIDDINX
[2006.04.13 21:04:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Macromedia
[2012.09.16 16:27:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Malwarebytes
[2008.10.14 19:04:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Media Player Classic
[2002.04.13 13:19:18 | 000,000,000 | --SD | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Microsoft
[2004.12.04 20:30:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mindjet
[2006.11.19 11:47:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mozilla
[2002.10.22 17:32:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\MSN6
[2007.05.01 19:09:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Panasonic
[2010.04.23 18:41:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\PC Suite
[2008.10.16 21:11:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Real
[2011.04.05 12:30:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Samsung
[2011.07.01 18:27:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Sony Corporation
[2006.12.14 22:51:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Sun
[2008.10.11 10:06:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Template
[2012.10.03 14:24:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\TuneUp Software
[2010.12.06 17:35:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Ulead Systems
[2009.12.04 20:52:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\vlc
[2010.12.22 20:59:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\WinRAR
 
< %APPDATA%\*.exe /s >
[2011.01.30 19:06:40 | 000,510,120 | ---- | M] (RealNetworks, Inc.) -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Real\Update\setup3.13\setup.exe
[2012.07.06 05:59:32 | 000,317,048 | ---- | M] (RealNetworks, Inc.) -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Real\Update\UpgradeHelper\RealPlayer\9.10\rnupgagent.exe
 
< %SYSTEMDRIVE%\*.exe >
[2011.04.25 09:06:36 | 020,533,281 | ---- | M] () -- C:\vlc-1.1.9-win32.exe
 
< MD5 for: AGP440.SYS  >
[2004.08.04 01:10:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008.04.14 08:03:54 | 020,108,202 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2004.08.04 01:10:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:AGP440.sys
[2008.04.14 08:03:54 | 020,108,202 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\7d084ddd2c07c476a226e31c4ef032ff\agp440.sys
[2008.04.14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
[2004.08.03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys
 
< MD5 for: ATAPI.SYS  >
[2004.08.04 01:10:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.04.14 08:03:54 | 020,108,202 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2004.08.04 01:10:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys
[2008.04.14 08:03:54 | 020,108,202 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\7d084ddd2c07c476a226e31c4ef032ff\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
 
< MD5 for: EVENTLOG.DLL  >
[2008.04.14 07:52:12 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 04:22:10 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\SoftwareDistribution\Download\7d084ddd2c07c476a226e31c4ef032ff\eventlog.dll
[2008.04.14 07:52:12 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\system32\eventlog.dll
[2004.08.04 00:57:20 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=B932C077D5A65B71B4512544AC404CB4 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
 
< MD5 for: NETLOGON.DLL  >
[2008.04.14 07:52:20 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 04:22:20 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\SoftwareDistribution\Download\7d084ddd2c07c476a226e31c4ef032ff\netlogon.dll
[2008.04.14 07:52:20 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\system32\netlogon.dll
[2004.08.04 00:57:32 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=D27395EDCD3416AFD125A9370DCB585C -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
 
< MD5 for: SCECLI.DLL  >
[2008.04.14 07:52:24 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 04:22:24 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\SoftwareDistribution\Download\7d084ddd2c07c476a226e31c4ef032ff\scecli.dll
[2008.04.14 07:52:24 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\system32\scecli.dll
[2004.08.04 00:57:34 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=64DC26B3CF7BCCAD431CE360A4C625D5 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
 
< MD5 for: USER32.DLL  >
[2007.03.08 17:36:30 | 000,579,072 | ---- | M] (Microsoft Corporation) MD5=492E166CFD26A50FB9160DB536FF7D2B -- C:\WINDOWS\$NtServicePackUninstall$\user32.dll
[2005.03.02 20:19:56 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=4C90159A69A5FD3EB39C71411F28FCFF -- C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\user32.dll
[2007.03.08 17:48:40 | 000,579,584 | ---- | M] (Microsoft Corporation) MD5=78785EFF8CB90CEC1862A4CCFD9A3C3A -- C:\WINDOWS\$hf_mig$\KB925902\SP2QFE\user32.dll
[2008.04.14 07:52:32 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\ServicePackFiles\i386\user32.dll
[2008.04.14 04:22:32 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\SoftwareDistribution\Download\7d084ddd2c07c476a226e31c4ef032ff\user32.dll
[2008.04.14 07:52:32 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\system32\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2008.04.14 07:53:04 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 04:23:04 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\SoftwareDistribution\Download\7d084ddd2c07c476a226e31c4ef032ff\userinit.exe
[2008.04.14 07:53:04 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\system32\userinit.exe
[2004.08.04 00:58:18 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=D1E53DC57143F2584B1DD53B036C0633 -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2004.08.04 00:58:20 | 000,507,392 | ---- | M] (Microsoft Corporation) MD5=2B6A0BAF33A9918F09442D873848FF72 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2012.09.07 17:04:42 | 000,218,696 | ---- | M] () MD5=4E0D8C9F83B7FD82393F7D8CCC27E7AE -- C:\Programme\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2008.04.14 07:53:06 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 04:23:06 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\SoftwareDistribution\Download\7d084ddd2c07c476a226e31c4ef032ff\winlogon.exe
[2008.04.14 07:53:06 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\system32\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2001.08.18 13:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\dllcache\ws2ifsl.sys
[2001.08.18 13:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\drivers\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
[2002.04.13 13:18:10 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2002.04.13 13:18:10 | 000,610,304 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2002.04.13 13:18:10 | 000,401,408 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
[17 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< End of report >


Alt 07.10.2012, 05:35   #21
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Bundespolizei Trojaner sperrt Rechner - Standard

Bundespolizei Trojaner sperrt Rechner


Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Code:
ATTFilter
:OTL
SRV - File not found [Auto | Stopped] -- K:\VNC4\VNC4\WinVNC4.exe -- (WinVNC4)
FF - prefs.js..extensions.enabledItems: searchsettings@spigot.com:1.2.3
[2010.05.15 12:39:26 | 000,000,000 | ---D | M] ("Microsoft .NET Framework Assistant") -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mozilla\Firefox\Profiles\q091o1qh.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012.06.11 18:34:36 | 000,000,000 | ---D | M] (Wincore Mediabar) -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mozilla\Firefox\Profiles\q091o1qh.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\S-1-5-21-874574627-2650805779-3784137826-1007\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.
O3 - HKU\S-1-5-21-874574627-2650805779-3784137826-1007\..\Toolbar\WebBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found.
O3 - HKU\S-1-5-21-874574627-2650805779-3784137826-1007\..\Toolbar\WebBrowser: (no name) - {E9911EC6-1BCC-40B0-9993-E0EEA7F6953F} - No CLSID value found.
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [KMCONFIG] C:\Programme\Multimedia Mouse Driver\StartAutorun.exe KMConfig.exe File not found
O4 - HKLM..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u File not found
O4 - Startup: C:\Dokumente und Einstellungen\Christine\Startmenü\Programme\Autostart\Dropbox.lnk =  File not found
O4 - Startup: C:\Dokumente und Einstellungen\Dominik\Startmenü\Programme\Autostart\OpenOffice.org 3.3.lnk =  File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-874574627-2650805779-3784137826-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKU\S-1-5-21-874574627-2650805779-3784137826-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: _NoDriveTypeAutoRun = 145
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2002.04.13 13:54:06 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{3d888470-fff7-11e1-94d6-e5a0a0689281}\Shell - "" = AutoRun
O33 - MountPoints2\{3d888470-fff7-11e1-94d6-e5a0a0689281}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{3d888470-fff7-11e1-94d6-e5a0a0689281}\Shell\AutoRun\command - "" = K:\LaunchU3.exe -a
O33 - MountPoints2\{ad4a14b6-82e9-11d6-9c49-806d6172696f}\Shell - "" = AutoRun
O33 - MountPoints2\{ad4a14b6-82e9-11d6-9c49-806d6172696f}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{ad4a14b6-82e9-11d6-9c49-806d6172696f}\Shell\AutoRun\command - "" = E:\Programs\nu2menu\nu2menu.exe
:Files
C:\WINDOWS\tasks\At*.job
C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\*.pad
C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\*.dat
C:\WINDOWS\popcinfot.dat
C:\vlc-1.1.9-win32.exe
C:\Programme\Application Updater
C:\Programme\Search Settings
C:\Programme\iMesh Applications
ipconfig /flushdns /c
:Commands
[purity]
[emptytemp]
[resethosts]
Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!
__________________
--> Bundespolizei Trojaner sperrt Rechner

Alt 07.10.2012, 12:43   #22
tschobeuter
 
Bundespolizei Trojaner sperrt Rechner - Standard

Bundespolizei Trojaner sperrt Rechner


Ergebnis aus OTL-Fix:

Code:
ATTFilter
All processes killed
========== OTL ==========
Service WinVNC4 stopped successfully!
Service WinVNC4 deleted successfully!
File K:\VNC4\VNC4\WinVNC4.exe not found.
Prefs.js: searchsettings@spigot.com:1.2.3 removed from extensions.enabledItems
C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mozilla\Firefox\Profiles\q091o1qh.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}\defaults\preferences folder moved successfully.
C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mozilla\Firefox\Profiles\q091o1qh.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}\defaults folder moved successfully.
C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mozilla\Firefox\Profiles\q091o1qh.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}\chrome folder moved successfully.
Folder move failed. C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mozilla\Firefox\Profiles\q091o1qh.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} scheduled to be moved on reboot.
C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mozilla\Firefox\Profiles\q091o1qh.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\components folder moved successfully.
C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mozilla\Firefox\Profiles\q091o1qh.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\skin\searchbar folder moved successfully.
C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mozilla\Firefox\Profiles\q091o1qh.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\skin\options folder moved successfully.
C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mozilla\Firefox\Profiles\q091o1qh.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\skin\lib\weatherbutton\panels\images folder moved successfully.
Folder move failed. C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mozilla\Firefox\Profiles\q091o1qh.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\skin\lib\weatherbutton\panels scheduled to be moved on reboot.
C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mozilla\Firefox\Profiles\q091o1qh.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\skin\lib\weatherbutton\icons folder moved successfully.
Folder move failed. C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mozilla\Firefox\Profiles\q091o1qh.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\skin\lib\weatherbutton scheduled to be moved on reboot.
C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mozilla\Firefox\Profiles\q091o1qh.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\skin\lib\uwa folder moved successfully.
C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mozilla\Firefox\Profiles\q091o1qh.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\skin\lib\radio\images folder moved successfully.
C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mozilla\Firefox\Profiles\q091o1qh.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\skin\lib\radio\css folder moved successfully.
Folder move failed. C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mozilla\Firefox\Profiles\q091o1qh.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\skin\lib\radio scheduled to be moved on reboot.
C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mozilla\Firefox\Profiles\q091o1qh.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\skin\lib\panels\images folder moved successfully.
C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mozilla\Firefox\Profiles\q091o1qh.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\skin\lib\panels\default\scripts folder moved successfully.
C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mozilla\Firefox\Profiles\q091o1qh.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\skin\lib\panels\default\images folder moved successfully.
C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mozilla\Firefox\Profiles\q091o1qh.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\skin\lib\panels\default\css folder moved successfully.
Folder move failed. C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mozilla\Firefox\Profiles\q091o1qh.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\skin\lib\panels\default scheduled to be moved on reboot.
C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mozilla\Firefox\Profiles\q091o1qh.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\skin\lib\panels\css folder moved successfully.
Folder move failed. C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mozilla\Firefox\Profiles\q091o1qh.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\skin\lib\panels scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mozilla\Firefox\Profiles\q091o1qh.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\skin\lib scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mozilla\Firefox\Profiles\q091o1qh.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\skin scheduled to be moved on reboot.
C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mozilla\Firefox\Profiles\q091o1qh.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\content\widgets\com.djboxservice.dj.DJBox\thumbs folder moved successfully.
Folder move failed. C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mozilla\Firefox\Profiles\q091o1qh.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\content\widgets\com.djboxservice.dj.DJBox scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mozilla\Firefox\Profiles\q091o1qh.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\content\widgets scheduled to be moved on reboot.
C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mozilla\Firefox\Profiles\q091o1qh.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\content\modules folder moved successfully.
C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mozilla\Firefox\Profiles\q091o1qh.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\content\lib folder moved successfully.
C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mozilla\Firefox\Profiles\q091o1qh.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\content\data\search folder moved successfully.
C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mozilla\Firefox\Profiles\q091o1qh.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\content\data folder moved successfully.
Folder move failed. C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mozilla\Firefox\Profiles\q091o1qh.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\content scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mozilla\Firefox\Profiles\q091o1qh.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mozilla\Firefox\Profiles\q091o1qh.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0} scheduled to be moved on reboot.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 deleted successfully.
Registry value HKEY_USERS\S-1-5-21-874574627-2650805779-3784137826-1007\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7}\ not found.
Registry value HKEY_USERS\S-1-5-21-874574627-2650805779-3784137826-1007\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{C4069E3A-68F1-403E-B40E-20066696354B} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C4069E3A-68F1-403E-B40E-20066696354B}\ not found.
Registry value HKEY_USERS\S-1-5-21-874574627-2650805779-3784137826-1007\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{E9911EC6-1BCC-40B0-9993-E0EEA7F6953F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E9911EC6-1BCC-40B0-9993-E0EEA7F6953F}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\KMCONFIG deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\UserFaultCheck deleted successfully.
C:\Dokumente und Einstellungen\Christine\Startmenü\Programme\Autostart\Dropbox.lnk moved successfully.
C:\Dokumente und Einstellungen\Dominik\Startmenü\Programme\Autostart\OpenOffice.org 3.3.lnk moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\HonorAutoRunSetting deleted successfully.
Registry value HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully.
Registry value HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun not found.
Registry value HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully.
Registry value HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully.
Registry value HKEY_USERS\S-1-5-21-874574627-2650805779-3784137826-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun deleted successfully.
Registry value HKEY_USERS\S-1-5-21-874574627-2650805779-3784137826-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\_NoDriveTypeAutoRun deleted successfully.
Invalid CLSID key: _NoDriveTypeAutoRun
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
C:\AUTOEXEC.BAT moved successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3d888470-fff7-11e1-94d6-e5a0a0689281}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3d888470-fff7-11e1-94d6-e5a0a0689281}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3d888470-fff7-11e1-94d6-e5a0a0689281}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3d888470-fff7-11e1-94d6-e5a0a0689281}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3d888470-fff7-11e1-94d6-e5a0a0689281}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3d888470-fff7-11e1-94d6-e5a0a0689281}\ not found.
File K:\LaunchU3.exe -a not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ad4a14b6-82e9-11d6-9c49-806d6172696f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ad4a14b6-82e9-11d6-9c49-806d6172696f}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ad4a14b6-82e9-11d6-9c49-806d6172696f}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ad4a14b6-82e9-11d6-9c49-806d6172696f}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ad4a14b6-82e9-11d6-9c49-806d6172696f}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ad4a14b6-82e9-11d6-9c49-806d6172696f}\ not found.
File E:\Programs\nu2menu\nu2menu.exe not found.
========== FILES ==========
C:\WINDOWS\tasks\At1.job moved successfully.
C:\WINDOWS\tasks\At2.job moved successfully.
C:\WINDOWS\tasks\At3.job moved successfully.
C:\WINDOWS\tasks\At4.job moved successfully.
C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\dsgsdgdsgdsgw.pad moved successfully.
C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\firstlsp.reg.dat moved successfully.
C:\WINDOWS\popcinfot.dat moved successfully.
C:\vlc-1.1.9-win32.exe moved successfully.
File\Folder C:\Programme\Application Updater not found.
File\Folder C:\Programme\Search Settings not found.
C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\components folder moved successfully.
C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\searchbar folder moved successfully.
C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\options folder moved successfully.
C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images folder moved successfully.
Folder move failed. C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels scheduled to be moved on reboot.
C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\icons folder moved successfully.
Folder move failed. C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton scheduled to be moved on reboot.
C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\uwa folder moved successfully.
C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\radio\images folder moved successfully.
C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\radio\css folder moved successfully.
Folder move failed. C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\radio scheduled to be moved on reboot.
C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\images folder moved successfully.
C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\default\scripts folder moved successfully.
C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images folder moved successfully.
C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\default\css folder moved successfully.
Folder move failed. C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\default scheduled to be moved on reboot.
C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\css folder moved successfully.
Folder move failed. C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin scheduled to be moved on reboot.
C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\content\widgets\com.djboxservice.dj.DJBox\thumbs folder moved successfully.
Folder move failed. C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\content\widgets\com.djboxservice.dj.DJBox scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\content\widgets scheduled to be moved on reboot.
C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\content\modules folder moved successfully.
C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\content\lib folder moved successfully.
C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\content\data\search folder moved successfully.
C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\content\data folder moved successfully.
Folder move failed. C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\content scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar scheduled to be moved on reboot.
C:\Programme\iMesh Applications\MediaBar\Datamngr\FirefoxExtension\content folder moved successfully.
C:\Programme\iMesh Applications\MediaBar\Datamngr\FirefoxExtension\components folder moved successfully.
Folder move failed. C:\Programme\iMesh Applications\MediaBar\Datamngr\FirefoxExtension scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\MediaBar\Datamngr scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\MediaBar scheduled to be moved on reboot.
C:\Programme\iMesh Applications\iMesh\Skins\Images folder moved successfully.
C:\Programme\iMesh Applications\iMesh\Skins\html\videosview\images folder moved successfully.
Folder move failed. C:\Programme\iMesh Applications\iMesh\Skins\html\videosview scheduled to be moved on reboot.
C:\Programme\iMesh Applications\iMesh\Skins\html\images folder moved successfully.
C:\Programme\iMesh Applications\iMesh\Skins\html\colorsbubble\images folder moved successfully.
Folder move failed. C:\Programme\iMesh Applications\iMesh\Skins\html\colorsbubble scheduled to be moved on reboot.
C:\Programme\iMesh Applications\iMesh\Skins\html\cdripview folder moved successfully.
C:\Programme\iMesh Applications\iMesh\Skins\html\artistsview\images folder moved successfully.
Folder move failed. C:\Programme\iMesh Applications\iMesh\Skins\html\artistsview scheduled to be moved on reboot.
C:\Programme\iMesh Applications\iMesh\Skins\html\albumsview\images folder moved successfully.
Folder move failed. C:\Programme\iMesh Applications\iMesh\Skins\html\albumsview scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\iMesh\Skins\html scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\iMesh\Skins scheduled to be moved on reboot.
C:\Programme\iMesh Applications\iMesh\HTML\Images folder moved successfully.
Folder move failed. C:\Programme\iMesh Applications\iMesh\HTML scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\iMesh scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications scheduled to be moved on reboot.
< ipconfig /flushdns /c >
Windows-IP-Konfiguration
Der DNS-Auflösungscache wurde geleert.
C:\Dokumente und Einstellungen\Reiner\Desktop\Bundestrojaner\cmd.bat deleted successfully.
C:\Dokumente und Einstellungen\Reiner\Desktop\Bundestrojaner\cmd.txt deleted successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Besitzer
->Temp folder emptied: 1329342 bytes
->Temporary Internet Files folder emptied: 98706 bytes
 
User: Christine
->Temp folder emptied: 30704951 bytes
->Temporary Internet Files folder emptied: 1902715696 bytes
->Java cache emptied: 7971148 bytes
->FireFox cache emptied: 921463865 bytes
->Google Chrome cache emptied: 22565277 bytes
->Apple Safari cache emptied: 72030208 bytes
->Flash cache emptied: 8839 bytes
 
User: Default User
->Temp folder emptied: 1329342 bytes
->Temporary Internet Files folder emptied: 98706 bytes
->Flash cache emptied: 41620 bytes
 
User: Dominik
->Temp folder emptied: 4752797 bytes
->Temporary Internet Files folder emptied: 237192413 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 105361669 bytes
->Flash cache emptied: 44259 bytes
 
User: Fabrice
 
User: Jacqueline
->Temp folder emptied: 3891969 bytes
->Temporary Internet Files folder emptied: 714221809 bytes
->Java cache emptied: 402539 bytes
->FireFox cache emptied: 347819739 bytes
->Flash cache emptied: 66967 bytes
 
User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 49686 bytes
 
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 661797 bytes
 
User: Reiner
->Temp folder emptied: 13420150 bytes
->Temporary Internet Files folder emptied: 16956582 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 71219831 bytes
->Google Chrome cache emptied: 6598164 bytes
->Flash cache emptied: 8544 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2522225 bytes
%systemroot%\System32 .tmp files removed: 17024512 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 2100669 bytes
RecycleBin emptied: 1476 bytes
 
Total Files Cleaned = 4.296,00 mb
 
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
OTL by OldTimer - Version 3.2.70.2 log created on 10072012_132917

Files\Folders moved on Reboot...
Folder move failed. C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mozilla\Firefox\Profiles\q091o1qh.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mozilla\Firefox\Profiles\q091o1qh.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\skin\lib\weatherbutton\panels scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mozilla\Firefox\Profiles\q091o1qh.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\skin\lib\weatherbutton\panels scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mozilla\Firefox\Profiles\q091o1qh.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\skin\lib\weatherbutton scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mozilla\Firefox\Profiles\q091o1qh.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\skin\lib\radio scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mozilla\Firefox\Profiles\q091o1qh.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\skin\lib\panels\default scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mozilla\Firefox\Profiles\q091o1qh.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\skin\lib\panels\default scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mozilla\Firefox\Profiles\q091o1qh.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\skin\lib\panels scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mozilla\Firefox\Profiles\q091o1qh.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\skin\lib\weatherbutton\panels scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mozilla\Firefox\Profiles\q091o1qh.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\skin\lib\weatherbutton scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mozilla\Firefox\Profiles\q091o1qh.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\skin\lib\radio scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mozilla\Firefox\Profiles\q091o1qh.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\skin\lib\panels\default scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mozilla\Firefox\Profiles\q091o1qh.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\skin\lib\panels scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mozilla\Firefox\Profiles\q091o1qh.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\skin\lib scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mozilla\Firefox\Profiles\q091o1qh.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\skin\lib\weatherbutton\panels scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mozilla\Firefox\Profiles\q091o1qh.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\skin\lib\weatherbutton scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mozilla\Firefox\Profiles\q091o1qh.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\skin\lib\radio scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mozilla\Firefox\Profiles\q091o1qh.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\skin\lib\panels\default scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mozilla\Firefox\Profiles\q091o1qh.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\skin\lib\panels scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mozilla\Firefox\Profiles\q091o1qh.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\skin\lib scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mozilla\Firefox\Profiles\q091o1qh.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\skin scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mozilla\Firefox\Profiles\q091o1qh.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\content\widgets\com.djboxservice.dj.DJBox scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mozilla\Firefox\Profiles\q091o1qh.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\content\widgets\com.djboxservice.dj.DJBox scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mozilla\Firefox\Profiles\q091o1qh.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\content\widgets scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mozilla\Firefox\Profiles\q091o1qh.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\content\widgets\com.djboxservice.dj.DJBox scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mozilla\Firefox\Profiles\q091o1qh.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\content\widgets scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mozilla\Firefox\Profiles\q091o1qh.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\content scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mozilla\Firefox\Profiles\q091o1qh.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\skin\lib\weatherbutton\panels scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mozilla\Firefox\Profiles\q091o1qh.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\skin\lib\weatherbutton scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mozilla\Firefox\Profiles\q091o1qh.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\skin\lib\radio scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mozilla\Firefox\Profiles\q091o1qh.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\skin\lib\panels\default scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mozilla\Firefox\Profiles\q091o1qh.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\skin\lib\panels scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mozilla\Firefox\Profiles\q091o1qh.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\skin\lib scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mozilla\Firefox\Profiles\q091o1qh.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\skin scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mozilla\Firefox\Profiles\q091o1qh.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\content\widgets\com.djboxservice.dj.DJBox scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mozilla\Firefox\Profiles\q091o1qh.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\content\widgets scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mozilla\Firefox\Profiles\q091o1qh.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\content scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mozilla\Firefox\Profiles\q091o1qh.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mozilla\Firefox\Profiles\q091o1qh.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\skin\lib\weatherbutton\panels scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mozilla\Firefox\Profiles\q091o1qh.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\skin\lib\weatherbutton scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mozilla\Firefox\Profiles\q091o1qh.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\skin\lib\radio scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mozilla\Firefox\Profiles\q091o1qh.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\skin\lib\panels\default scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mozilla\Firefox\Profiles\q091o1qh.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\skin\lib\panels scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mozilla\Firefox\Profiles\q091o1qh.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\skin\lib scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mozilla\Firefox\Profiles\q091o1qh.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\skin scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mozilla\Firefox\Profiles\q091o1qh.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\content\widgets\com.djboxservice.dj.DJBox scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mozilla\Firefox\Profiles\q091o1qh.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\content\widgets scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mozilla\Firefox\Profiles\q091o1qh.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome\content scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mozilla\Firefox\Profiles\q091o1qh.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}\chrome scheduled to be moved on reboot.
Folder move failed. C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mozilla\Firefox\Profiles\q091o1qh.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0} scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\radio scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\default scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\default scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\radio scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\default scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\radio scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\default scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\content\widgets\com.djboxservice.dj.DJBox scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\content\widgets\com.djboxservice.dj.DJBox scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\content\widgets scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\content\widgets\com.djboxservice.dj.DJBox scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\content\widgets scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\content scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\radio scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\default scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\content\widgets\com.djboxservice.dj.DJBox scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\content\widgets scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\content scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\radio scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\default scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\content\widgets\com.djboxservice.dj.DJBox scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\content\widgets scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\content scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\MediaBar\Datamngr\FirefoxExtension scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\radio scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\default scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\content\widgets\com.djboxservice.dj.DJBox scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\content\widgets scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\content scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\MediaBar\Datamngr\FirefoxExtension scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\MediaBar\Datamngr scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\radio scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\default scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\content\widgets\com.djboxservice.dj.DJBox scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\content\widgets scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\content scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\MediaBar\Datamngr\FirefoxExtension scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\MediaBar\Datamngr scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\MediaBar scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\iMesh\Skins\html\videosview scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\iMesh\Skins\html\colorsbubble scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\iMesh\Skins\html\artistsview scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\iMesh\Skins\html\albumsview scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\iMesh\Skins\html\videosview scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\iMesh\Skins\html\colorsbubble scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\iMesh\Skins\html\artistsview scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\iMesh\Skins\html\albumsview scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\iMesh\Skins\html scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\iMesh\Skins\html\videosview scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\iMesh\Skins\html\colorsbubble scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\iMesh\Skins\html\artistsview scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\iMesh\Skins\html\albumsview scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\iMesh\Skins\html scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\iMesh\Skins scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\iMesh\HTML scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\iMesh\Skins\html\videosview scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\iMesh\Skins\html\colorsbubble scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\iMesh\Skins\html\artistsview scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\iMesh\Skins\html\albumsview scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\iMesh\Skins\html scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\iMesh\Skins scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\iMesh\HTML scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\iMesh scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\radio scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels\default scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib\panels scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin\lib scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\skin scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\content\widgets\com.djboxservice.dj.DJBox scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\content\widgets scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome\content scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar\chrome scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\MediaBar\Datamngr\ToolBar scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\MediaBar\Datamngr\FirefoxExtension scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\MediaBar\Datamngr scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\MediaBar scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\iMesh\Skins\html\videosview scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\iMesh\Skins\html\colorsbubble scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\iMesh\Skins\html\artistsview scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\iMesh\Skins\html\albumsview scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\iMesh\Skins\html scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\iMesh\Skins scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\iMesh\HTML scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications\iMesh scheduled to be moved on reboot.
Folder move failed. C:\Programme\iMesh Applications scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
Ach ja, hab noch was vergessen:
- Kann ein Sicherheitsupdate Windows XP (KB2686509) nicht installieren. Hat das auch mit dem Trojaner zu tun? Wenn nicht, kann ich das jetzt beheben oder soll ich lieber warten, bis du mit mir "fertig" bist?

- Bei Malwarebytes ist der Testzeitraum abgelaufen. Kann ich das Programm deinstallieren?
Geändert von tschobeuter (07.10.2012 um 13:18 Uhr)

Alt 07.10.2012, 19:27   #23
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Bundespolizei Trojaner sperrt Rechner - Standard

Bundespolizei Trojaner sperrt Rechner


Bitte keine voreiligen Sachen machen! Auch nichts deinstallieren

Ich möchte erstmal die Bereinigung durchziehen, falls dann noch was an Themen oder Fragen offen sind, werden die beantwortet weil sich dann einiges vorher schon erübrigt

Ich brauch ein neues OTL-Log zur Kontrolle, mach bitte wie schon o.g. ein neues OTL-Log
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 08.10.2012, 20:16   #24
tschobeuter
 
Bundespolizei Trojaner sperrt Rechner - Standard

Bundespolizei Trojaner sperrt Rechner


Ok, habe nix gemacht oder deinstalliert.
Anbei die OTL.TXT die ich wieder mit den benutzerdefinierten Scanoptionen gemacht hab (ich hoffe, das war richtig):
Code:
ATTFilter
OTL logfile created on: 08.10.2012 21:06:36 - Run 4
OTL by OldTimer - Version 3.2.70.2     Folder = C:\Dokumente und Einstellungen\Reiner\Desktop\Bundestrojaner
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,23 Gb Available Physical Memory | 74,33% Memory free
5,84 Gb Paging File | 5,09 Gb Available in Paging File | 87,19% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 96,80 Gb Total Space | 59,79 Gb Free Space | 61,76% Space Free | Partition Type: NTFS
Drive D: | 201,28 Gb Total Space | 115,55 Gb Free Space | 57,41% Space Free | Partition Type: NTFS
 
Computer Name: COMPUTER | User Name: Reiner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.10.07 13:59:23 | 000,856,160 | ---- | M] () -- C:\Programme\AVG Secure Search\ROC_ROC_NT.exe
PRC - [2012.10.07 13:59:14 | 000,722,528 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe
PRC - [2012.10.07 13:59:13 | 000,947,808 | ---- | M] () -- C:\Programme\AVG Secure Search\vprot.exe
PRC - [2012.10.04 22:02:26 | 000,601,088 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Reiner\Desktop\Bundestrojaner\OTL.exe
PRC - [2012.09.14 05:35:58 | 003,039,352 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programme\AVG\AVG2013\avgui.exe
PRC - [2012.09.12 05:41:24 | 000,713,848 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programme\AVG\AVG2013\avgrsx.exe
PRC - [2012.09.07 17:04:46 | 000,399,432 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012.08.27 02:27:10 | 001,108,088 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programme\AVG\AVG2013\avgnsx.exe
PRC - [2012.08.20 04:53:34 | 000,184,304 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programme\AVG\AVG2013\avgwdsvc.exe
PRC - [2012.08.20 04:52:42 | 005,751,928 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programme\AVG\AVG2013\avgidsagent.exe
PRC - [2012.08.20 04:52:34 | 000,783,992 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programme\AVG\AVG2013\avgemcx.exe
PRC - [2012.08.20 04:52:26 | 000,450,168 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programme\AVG\AVG2013\avgcsrvx.exe
PRC - [2012.07.18 17:36:52 | 000,913,888 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe
PRC - [2012.05.29 13:09:52 | 001,528,672 | ---- | M] (TuneUp Software) -- C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe
PRC - [2012.05.29 13:09:52 | 001,220,960 | ---- | M] (TuneUp Software) -- C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe
PRC - [2012.03.19 21:21:48 | 000,265,928 | ---- | M] (SpeedBit Ltd.) -- C:\Programme\SpeedBit Video Accelerator\VideoAcceleratorService.exe
PRC - [2012.02.27 00:15:42 | 000,055,144 | ---- | M] (Apple Inc.) -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2012.01.18 14:02:04 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
PRC - [2010.10.16 22:37:24 | 000,202,256 | ---- | M] (RealNetworks, Inc.) -- C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe
PRC - [2010.07.04 19:07:40 | 000,238,952 | ---- | M] (Teruten) -- C:\WINDOWS\system32\FsUsbExService.Exe
PRC - [2010.03.24 15:42:10 | 000,599,328 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\PMB\PMBVolumeWatcher.exe
PRC - [2009.10.24 03:18:54 | 000,360,224 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\PMB\PMBDeviceInfoProvider.exe
PRC - [2009.07.13 23:18:12 | 000,071,096 | ---- | M] () -- C:\Programme\CDBurnerXP\NMSAccessU.exe
PRC - [2008.04.14 07:52:46 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008.04.07 09:17:30 | 000,430,592 | ---- | M] (Nokia.) -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe
PRC - [2008.03.10 09:58:18 | 000,130,560 | ---- | M] () -- C:\Programme\PC Connectivity Solution\Transports\NclUSBSrv.exe
PRC - [2008.02.22 09:11:02 | 000,120,320 | ---- | M] () -- C:\Programme\PC Connectivity Solution\Transports\NclRSSrv.exe
PRC - [2007.09.11 00:45:04 | 000,124,832 | ---- | M] () -- C:\Programme\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
PRC - [2007.09.07 22:22:24 | 000,204,800 | ---- | M] (UASSOFT.COM) -- C:\Programme\Multimedia Mouse Driver\KMWDSrv.exe
PRC - [2007.01.19 11:49:04 | 000,049,152 | ---- | M] (Wireless Service) -- C:\Programme\ANI\ANIWZCS2 Service\WZCSLDR2.exe
PRC - [2006.09.28 10:20:00 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Programme\Gemeinsame Dateien\Ulead Systems\DVD\ULCDRSvr.exe
PRC - [2006.05.23 23:49:14 | 000,024,576 | ---- | M] (Syntek America Inc.) -- C:\WINDOWS\system32\StkASv2K.exe
PRC - [2003.06.19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE
PRC - [2003.02.21 13:16:16 | 000,061,440 | R--- | M] (Tracker Software Products) -- C:\Programme\Mindjet\MindManager 5\sys\PDF\ENU\W2K\PDFSaver.exe
PRC - [2001.08.18 04:55:00 | 000,086,016 | ---- | M] (PCtel, Inc.) -- C:\WINDOWS\system32\pctspk.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.10.07 13:59:23 | 000,856,160 | ---- | M] () -- C:\Programme\AVG Secure Search\ROC_ROC_NT.exe
MOD - [2012.10.07 13:59:17 | 000,564,832 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\AVG Secure Search\DNTInstaller\12.2.6\avgdttbx.dll
MOD - [2012.10.07 13:59:15 | 000,132,704 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\AVG Secure Search\SiteSafetyInstaller\12.2.6\SiteSafety.dll
MOD - [2012.10.07 13:59:14 | 000,722,528 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe
MOD - [2012.10.07 13:59:13 | 000,947,808 | ---- | M] () -- C:\Programme\AVG Secure Search\vprot.exe
MOD - [2012.07.27 22:51:38 | 000,301,056 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.DEU
MOD - [2012.07.18 17:36:52 | 002,003,424 | ---- | M] () -- C:\Programme\Mozilla Firefox\mozjs.dll
MOD - [2012.06.16 08:54:46 | 011,817,472 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\dbc413807cb7360b3e26ef3ca1d54f9a\System.Web.ni.dll
MOD - [2012.06.15 10:48:28 | 012,433,920 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\01abbadafaf265d9f4ac9bbb247acb98\System.Windows.Forms.ni.dll
MOD - [2012.06.15 10:48:16 | 001,592,320 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\d86f2038209a4cf0d0f5b30f6375c9b2\System.Drawing.ni.dll
MOD - [2012.06.15 10:46:56 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2012.05.11 18:21:04 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\3bba1b8b0b5ef0be238b011cc7a0575e\System.Xml.ni.dll
MOD - [2012.05.11 18:12:40 | 007,953,408 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e4b5afc4da43b1c576f9322f9f2e1bfe\System.ni.dll
MOD - [2012.05.11 18:12:26 | 011,492,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\e337c89bc9f81b69d7237aa70e935900\mscorlib.ni.dll
MOD - [2012.02.20 21:29:04 | 000,087,912 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\zlib1.dll
MOD - [2012.02.20 21:28:42 | 001,242,472 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\libxml2.dll
MOD - [2010.04.03 18:28:48 | 000,311,296 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010.04.03 18:28:46 | 000,430,080 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll
MOD - [2009.07.13 23:18:12 | 000,071,096 | ---- | M] () -- C:\Programme\CDBurnerXP\NMSAccessU.exe
MOD - [2008.10.09 22:06:42 | 001,679,360 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.2993.28442__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll
MOD - [2008.10.09 22:06:42 | 000,688,128 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Wizard\2.0.2993.28653__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Wizard.dll
MOD - [2008.10.09 22:06:42 | 000,364,544 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Wizard\2.0.2993.28681__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Wizard.dll
MOD - [2008.10.09 22:06:42 | 000,253,952 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.2993.28395__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
MOD - [2008.10.09 22:06:42 | 000,196,608 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.2993.28458__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
MOD - [2008.10.09 22:06:42 | 000,077,824 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.2993.28671__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
MOD - [2008.10.09 22:06:42 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.2993.28626__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
MOD - [2008.10.09 22:06:42 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.2993.28433__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
MOD - [2008.10.09 22:06:42 | 000,036,864 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.2993.28569__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
MOD - [2008.10.09 22:06:42 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.2993.28416__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
MOD - [2008.10.09 22:06:40 | 000,483,328 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.2993.28713__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
MOD - [2008.10.09 22:06:24 | 000,442,368 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Dashboard\2.0.2993.28746__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Dashboard.dll
MOD - [2008.10.09 22:06:24 | 000,352,256 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.2993.28637__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
MOD - [2008.10.09 22:06:24 | 000,135,168 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.2993.28721__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
MOD - [2008.10.09 22:06:24 | 000,102,400 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Dashboard\2.0.2993.28450__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Dashboard.dll
MOD - [2008.10.09 22:06:24 | 000,090,112 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.2993.28644__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
MOD - [2008.10.09 22:06:24 | 000,073,728 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.2993.28410__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
MOD - [2008.10.09 22:06:24 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Runtime\2.0.2993.28745__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Runtime.dll
MOD - [2008.10.09 22:06:24 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.2993.28635__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
MOD - [2008.10.09 22:06:24 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Runtime\2.0.2993.28449__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Runtime.dll
MOD - [2008.10.09 22:06:22 | 000,901,120 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Dashboard\2.0.2993.28674__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Dashboard.dll
MOD - [2008.10.09 22:06:22 | 000,802,816 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.2993.28581__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
MOD - [2008.10.09 22:06:22 | 000,663,552 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Dashboard\2.0.2993.28629__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Dashboard.dll
MOD - [2008.10.09 22:06:22 | 000,585,728 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.2993.28473__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll
MOD - [2008.10.09 22:06:22 | 000,479,232 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.2993.28572__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
MOD - [2008.10.09 22:06:22 | 000,442,368 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.2993.28563__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll
MOD - [2008.10.09 22:06:22 | 000,438,272 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.2993.28419__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll
MOD - [2008.10.09 22:06:22 | 000,401,408 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.2993.28660__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
MOD - [2008.10.09 22:06:22 | 000,217,088 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.2993.28465__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
MOD - [2008.10.09 22:06:22 | 000,118,784 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.2993.28602__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
MOD - [2008.10.09 22:06:22 | 000,073,728 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.2993.28580__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
MOD - [2008.10.09 22:06:22 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.2993.28570__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
MOD - [2008.10.09 22:06:22 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.2993.28480__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
MOD - [2008.10.09 22:06:22 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.2993.28579__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
MOD - [2008.10.09 22:06:22 | 000,036,864 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.2993.28600__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
MOD - [2008.10.09 22:06:22 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.2993.28617__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
MOD - [2008.10.09 22:06:22 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.2939.23687__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
MOD - [2008.10.09 22:06:22 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.2939.23679__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
MOD - [2008.10.09 22:06:22 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.2939.23767__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
MOD - [2008.10.09 22:06:22 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.2939.23710__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
MOD - [2008.10.09 22:06:22 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.2939.23768__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
MOD - [2008.10.09 22:06:22 | 000,006,656 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
MOD - [2008.10.09 22:06:20 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.2965.22300__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
MOD - [2008.10.09 22:06:20 | 000,057,344 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Shared\2.0.2939.23747__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Shared.dll
MOD - [2008.10.09 22:06:20 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation\2.0.2939.23668__90ba9c70f846762e\CLI.Foundation.dll
MOD - [2008.10.09 22:06:20 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.2939.23689__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
MOD - [2008.10.09 22:06:20 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.2939.23743__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
MOD - [2008.10.09 22:06:20 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.2939.23739__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
MOD - [2008.10.09 22:06:20 | 000,049,152 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.2939.23740__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
MOD - [2008.10.09 22:06:20 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
MOD - [2008.10.09 22:06:20 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.2939.23738__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
MOD - [2008.10.09 22:06:20 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.2939.23764__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
MOD - [2008.10.09 22:06:20 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.2939.23742__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
MOD - [2008.10.09 22:06:20 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation\2.0.2939.23662__90ba9c70f846762e\LOG.Foundation.dll
MOD - [2008.10.09 22:06:20 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.2939.23708__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
MOD - [2008.10.09 22:06:20 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.2939.23802__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MOD - [2008.10.09 22:06:20 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MultiVPU4.Graphics.Shared\2.0.2939.23715__90ba9c70f846762e\CLI.Aspect.MultiVPU4.Graphics.Shared.dll
MOD - [2008.10.09 22:06:20 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.2939.23735__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
MOD - [2008.10.09 22:06:20 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.2939.23719__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
MOD - [2008.10.09 22:06:20 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.2939.23667__90ba9c70f846762e\NEWAEM.Foundation.dll
MOD - [2008.10.09 22:06:20 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.PowerXpress.Graphics.Shared\2.0.2939.23762__90ba9c70f846762e\CLI.Aspect.PowerXpress.Graphics.Shared.dll
MOD - [2008.10.09 22:06:20 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.2939.23741__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
MOD - [2008.10.09 22:06:20 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.2939.23711__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
MOD - [2008.10.09 22:06:20 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Foundation\2.0.2939.23665__90ba9c70f846762e\AEM.Foundation.dll
MOD - [2008.10.09 22:06:20 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll
MOD - [2008.10.09 22:06:20 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.OS.I0602\2.0.2939.23717__90ba9c70f846762e\DEM.OS.I0602.dll
MOD - [2008.10.09 22:06:20 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0703\2.0.2651.18802__90ba9c70f846762e\DEM.Graphics.I0703.dll
MOD - [2008.10.09 22:06:20 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.2939.23693__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
MOD - [2008.10.09 22:06:20 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.2939.23687__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
MOD - [2008.10.09 22:06:20 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.2939.23679__90ba9c70f846762e\CLI.Component.Client.Shared.dll
MOD - [2008.10.09 22:06:20 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Shared\2.0.2939.23735__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Shared.dll
MOD - [2008.10.09 22:06:20 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.2939.23719__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
MOD - [2008.10.09 22:06:20 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\APM.Foundation\2.0.2939.23709__90ba9c70f846762e\APM.Foundation.dll
MOD - [2008.10.09 22:06:20 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\MOM.Foundation\2.0.2939.23707__90ba9c70f846762e\MOM.Foundation.dll
MOD - [2008.10.09 22:06:20 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.OS\2.0.2939.23717__90ba9c70f846762e\DEM.OS.dll
MOD - [2008.10.09 22:06:20 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll
MOD - [2008.10.09 22:06:20 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics\2.0.2939.23718__90ba9c70f846762e\DEM.Graphics.dll
MOD - [2008.10.09 22:06:20 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
MOD - [2008.10.09 22:06:20 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.2939.23688__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
MOD - [2008.10.09 22:06:20 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.2939.23734__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
MOD - [2008.10.09 22:06:20 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.2939.23718__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
MOD - [2008.10.09 22:06:20 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Server.Shared\2.0.2939.23687__90ba9c70f846762e\AEM.Server.Shared.dll
MOD - [2008.10.09 22:06:14 | 000,491,520 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.2993.28426__90ba9c70f846762e\CLI.Component.Wizard.dll
MOD - [2008.10.09 22:06:14 | 000,413,696 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.2993.28689__90ba9c70f846762e\CLI.Component.Systemtray.dll
MOD - [2008.10.09 22:06:14 | 000,102,400 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\MOM.Implementation\2.0.2993.28700__90ba9c70f846762e\MOM.Implementation.dll
MOD - [2008.10.09 22:06:14 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.2993.28697__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MOD - [2008.10.09 22:06:14 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.2939.23678__90ba9c70f846762e\CLI.Foundation.Private.dll
MOD - [2008.10.09 22:06:14 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.2993.28736__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
MOD - [2008.10.09 22:06:14 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.2939.23679__90ba9c70f846762e\LOG.Foundation.Private.dll
MOD - [2008.10.09 22:06:14 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.2939.23694__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
MOD - [2008.10.09 22:06:14 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.2939.23712__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MOD - [2008.10.09 22:06:14 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOCALIZATION.Foundation.Private\2.0.2939.23677__90ba9c70f846762e\LOCALIZATION.Foundation.Private.dll
MOD - [2008.10.09 22:06:14 | 000,011,264 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOCALIZATION.Foundation.Implementation\2.0.2993.28750__90ba9c70f846762e\LOCALIZATION.Foundation.Implementation.dll
MOD - [2008.10.09 22:06:14 | 000,006,656 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.2993.28385__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
MOD - [2008.10.09 22:06:14 | 000,005,120 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Systemtray.resources\2.0.2993.28689_de_90ba9c70f846762e\CLI.Component.Systemtray.resources.dll
MOD - [2008.10.09 22:06:12 | 001,507,328 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.2993.28403__90ba9c70f846762e\CLI.Component.Dashboard.dll
MOD - [2008.10.09 22:06:12 | 000,073,728 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.2993.28386__90ba9c70f846762e\CLI.Component.Runtime.dll
MOD - [2008.10.09 22:06:12 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ATIDEMOS\2.0.2993.28387__90ba9c70f846762e\ATIDEMOS.dll
MOD - [2008.10.09 22:06:12 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\APM.Server\2.0.2993.28383__90ba9c70f846762e\APM.Server.dll
MOD - [2008.10.09 22:06:12 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.2939.23713__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
MOD - [2008.10.09 22:06:12 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Server\2.0.2993.28384__90ba9c70f846762e\AEM.Server.dll
MOD - [2008.10.09 22:06:12 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.2939.23689__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
MOD - [2008.10.09 22:06:12 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CCC.Implementation\2.0.2993.28699__90ba9c70f846762e\CCC.Implementation.dll
MOD - [2008.10.09 22:06:12 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
MOD - [2008.10.09 22:06:12 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.2939.23711__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
MOD - [2008.10.09 22:06:12 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.2939.23746__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
MOD - [2008.04.14 07:52:18 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008.03.10 09:58:18 | 000,130,560 | ---- | M] () -- C:\Programme\PC Connectivity Solution\Transports\NclUSBSrv.exe
MOD - [2008.02.27 14:52:18 | 000,016,384 | R--- | M] () -- C:\Programme\ATI Technologies\ATI.ACE\Branding\Branding.dll
MOD - [2008.02.22 09:11:02 | 000,120,320 | ---- | M] () -- C:\Programme\PC Connectivity Solution\Transports\NclRSSrv.exe
MOD - [2007.09.11 00:45:04 | 000,124,832 | ---- | M] () -- C:\Programme\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
MOD - [2007.08.20 17:41:12 | 000,233,472 | ---- | M] () -- C:\WINDOWS\system32\WlanApp.dll
MOD - [2003.04.27 15:02:28 | 000,011,264 | R--- | M] () -- C:\Programme\Mindjet\MindManager 5\sys\PDF\ENU\W2K\fmt_xmf.dll
MOD - [2003.02.05 15:22:04 | 000,017,920 | R--- | M] () -- C:\Programme\Mindjet\MindManager 5\sys\PDF\ENU\W2K\xc_local.dll
MOD - [2003.01.23 13:55:00 | 000,018,944 | R--- | M] () -- C:\Programme\Mindjet\MindManager 5\sys\PDF\ENU\W2K\fmt_xcx.dll
MOD - [2003.01.22 17:29:32 | 000,024,576 | R--- | M] () -- C:\Programme\Mindjet\MindManager 5\sys\PDF\ENU\W2K\fmt_jb2.dll
MOD - [2002.07.03 17:38:00 | 000,053,248 | ---- | M] () -- C:\Programme\ArcSoft\Software Suite\PhotoImpression\Share\PIHook.dll
 
 
========== Services (SafeList) ==========
 
SRV - File not found [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService)
SRV - File not found [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\AVM\de_serv.exe -- (de_serv)
SRV - File not found [Auto | Stopped] -- C:\Programme\Symantec\LiveUpdate\ALUSchedulerSvc.exe -- (Automatisches LiveUpdate - Scheduler)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2012.10.07 13:59:14 | 000,722,528 | ---- | M] () [Auto | Running] -- C:\Programme\Gemeinsame Dateien\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe -- (vToolbarUpdater12.2.6)
SRV - [2012.09.23 19:50:08 | 000,250,288 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.09.07 17:04:46 | 000,676,936 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.09.07 17:04:46 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012.08.20 04:53:34 | 000,184,304 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Programme\AVG\AVG2013\avgwdsvc.exe -- (avgwd)
SRV - [2012.08.20 04:52:42 | 005,751,928 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Programme\AVG\AVG2013\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2012.07.18 17:36:52 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.05.29 13:09:52 | 001,528,672 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2012.03.19 21:21:48 | 000,265,928 | ---- | M] (SpeedBit Ltd.) [Auto | Running] -- C:\Programme\SpeedBit Video Accelerator\VideoAcceleratorService.exe -- (VideoAcceleratorService)
SRV - [2012.02.27 00:15:42 | 000,055,144 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010.07.04 19:07:40 | 000,238,952 | ---- | M] (Teruten) [Auto | Running] -- C:\WINDOWS\system32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2009.10.24 03:18:54 | 000,360,224 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\Sony\PMB\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)
SRV - [2009.07.13 23:18:12 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Programme\CDBurnerXP\NMSAccessU.exe -- (NMSAccessU)
SRV - [2008.10.10 21:52:52 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008.04.07 09:17:30 | 000,430,592 | ---- | M] (Nokia.) [On_Demand | Running] -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2007.09.11 00:45:04 | 000,124,832 | ---- | M] () [Auto | Running] -- C:\Programme\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor6.0)
SRV - [2007.09.07 22:22:24 | 000,204,800 | ---- | M] (UASSOFT.COM) [Auto | Running] -- C:\Programme\Multimedia Mouse Driver\KMWDSrv.exe -- (KMWDSERVICE)
SRV - [2007.01.19 11:49:26 | 000,049,152 | ---- | M] (Wireless Service) [Auto | Stopped] -- C:\Programme\ANI\ANIWZCS2 Service\ANIWZCSdS.exe -- (ANIWZCSdService)
SRV - [2006.09.28 10:20:00 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
SRV - [2006.05.23 23:49:14 | 000,024,576 | ---- | M] (Syntek America Inc.) [Auto | Running] -- C:\WINDOWS\system32\StkASv2K.exe -- (StkASSrv)
SRV - [2005.04.04 00:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2003.07.28 12:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2003.06.19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM)
SRV - [2001.08.18 04:55:00 | 000,086,016 | ---- | M] (PCtel, Inc.) [Auto | Running] -- C:\WINDOWS\system32\pctspk.exe -- (Pctspk)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\DRIVERS\wanatw4.sys -- (wanatw)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRAMME\NORMAN\nvc\BIN\nvcoarc51.sys -- (nvcoarc51)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRAMME\NORMAN\nvc\BIN\nvcoafl51.sys -- (nvcoafl51)
DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] --  -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
DRV - [2012.10.07 13:59:16 | 000,027,496 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtpx86.sys -- (avgtp)
DRV - [2012.09.17 18:58:56 | 000,051,936 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2012.09.14 05:34:34 | 000,089,440 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2012.09.12 11:47:22 | 000,164,704 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2012.09.12 11:47:04 | 000,151,648 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2012.09.07 17:04:46 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012.08.13 16:40:54 | 000,176,096 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2012.08.10 04:52:28 | 000,019,808 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2012.08.10 04:52:18 | 000,035,168 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2012.08.09 13:56:44 | 000,178,656 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\avglogx.sys -- (Avglogx)
DRV - [2012.05.08 15:21:42 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2010.06.14 09:32:54 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2010.05.12 12:23:04 | 000,016,896 | ---- | M] (Danish Wireless Design A/S) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\FlashUSB.sys -- (FlashUSB)
DRV - [2010.04.27 04:25:16 | 000,123,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV - [2010.04.27 04:25:16 | 000,098,432 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bbus.sys -- (ss_bbus)
DRV - [2010.04.27 04:25:16 | 000,014,848 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bmdfl.sys -- (ss_bmdfl)
DRV - [2009.11.17 19:51:38 | 005,956,608 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2009.11.12 14:48:56 | 000,007,168 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2009.05.25 14:35:00 | 000,116,904 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1029unic.sys -- (s1029unic)
DRV - [2009.05.25 14:34:56 | 000,122,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1029mdm.sys -- (s1029mdm)
DRV - [2009.05.25 14:34:56 | 000,090,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1029bus.sys -- (s1029bus)
DRV - [2009.05.25 14:34:56 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1029mdfl.sys -- (s1029mdfl)
DRV - [2009.05.25 14:34:54 | 000,115,880 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1029mgmt.sys -- (s1029mgmt)
DRV - [2009.05.25 14:34:54 | 000,111,912 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1029obex.sys -- (s1029obex)
DRV - [2009.05.25 14:34:54 | 000,026,024 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1029nd5.sys -- (s1029nd5)
DRV - [2008.10.10 21:26:12 | 000,016,608 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\gdrv.sys -- (gdrv)
DRV - [2008.08.05 20:10:12 | 001,684,736 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2008.06.18 11:23:38 | 003,692,288 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtHDMI.sys -- (RTHDMIAzAudService)
DRV - [2008.04.14 00:15:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2008.03.13 00:09:36 | 002,870,784 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2008.01.15 21:50:52 | 000,459,520 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Dr71WU.sys -- (RT73)
DRV - [2008.01.04 08:10:16 | 000,105,856 | R--- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2007.09.17 15:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007.04.16 16:46:34 | 000,033,792 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdPPM.sys -- (AmdPPM)
DRV - [2006.12.28 18:44:44 | 000,084,992 | R--- | M] (ATI Research Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AtiHdAud.sys -- (HdAudAddService)
DRV - [2006.11.15 17:32:44 | 000,242,139 | ---- | M] (Syntek America Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\StkAMini.sys -- (StkAMini)
DRV - [2006.06.27 18:27:18 | 000,004,772 | ---- | M] (Syntek America Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\StkScan.sys -- (StkScan)
DRV - [2006.01.04 15:41:48 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2005.12.11 11:55:38 | 000,028,195 | ---- | M] (Alpha Networks Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\ANIO.sys -- (ANIO)
DRV - [2005.11.03 15:40:08 | 000,063,488 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfvfs02.sys -- (sfvfs02)
DRV - [2005.08.10 13:44:06 | 000,050,688 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfdrv01.sys -- (sfdrv01)
DRV - [2005.05.16 14:20:40 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfhlp02.sys -- (sfhlp02)
DRV - [2004.08.03 22:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rtl8139.sys -- (rtl8139)
DRV - [2004.07.16 16:47:14 | 000,014,165 | ---- | M] (Pinnacle Systems GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\Pclepci.sys -- (PCLEPCI)
DRV - [2003.09.19 16:45:48 | 000,021,248 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2001.11.28 10:18:00 | 000,162,304 | ---- | M] (NVIDIA® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nvapu.sys -- (nvnforce)
DRV - [2001.11.28 10:18:00 | 000,013,056 | ---- | M] (NVIDIA® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nvax.sys -- (nvax)
DRV - [2001.11.20 19:20:00 | 000,013,502 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nv_agp.SYS -- (nv_agp)
DRV - [2001.08.17 13:28:16 | 000,397,502 | ---- | M] (PCtel, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\vpctcom.sys -- (Vpctcom)
DRV - [2001.08.17 13:28:16 | 000,064,605 | ---- | M] (PCtel, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\vvoice.sys -- (Vvoice)
DRV - [2001.08.17 13:28:14 | 000,604,253 | ---- | M] (PCTEL, INC.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\vmodem.sys -- (Vmodem)
DRV - [2001.08.17 13:28:14 | 000,112,574 | ---- | M] (PCTEL, INC.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ptserlp.sys -- (Ptserlp)
DRV - [2001.08.17 12:12:02 | 000,063,208 | ---- | M] (Intel Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\dc21x4.sys -- (DC21x4)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-21-874574627-2650805779-3784137826-1007\..\URLSearchHook:  - No CLSID value found
IE - HKU\S-1-5-21-874574627-2650805779-3784137826-1007\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-874574627-2650805779-3784137826-1007\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKU\S-1-5-21-874574627-2650805779-3784137826-1007\..\SearchScopes\{2EB5D0A4-90B5-434A-A3F3-DE492D815145}: "URL" = hxxp://go.1und1.de/suchbox/1und1suche?su={searchTerms}
IE - HKU\S-1-5-21-874574627-2650805779-3784137826-1007\..\SearchScopes\{510D9FB1-B50F-4B4D-81A5-23655474DC2A}: "URL" = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=867034&p={searchTerms}
IE - HKU\S-1-5-21-874574627-2650805779-3784137826-1007\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = https://isearch.avg.com/search?cid={AE015C37-BA16-4005-B6DE-ED61DDD58EFA}&mid=af1e04e899f947d0b701d15edc5cfa45-5e152cbfd45cbc58c155cd03afb1fd0f74c7444c&lang=de&ds=AVG&pr=fr&d=2012-10-07 13:59:18&v=12.2.5.34&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-874574627-2650805779-3784137826-1007\..\SearchScopes\{A42E06CC-6C32-456A-943A-F9F6DFFC39EC}: "URL" = hxxp://go.1und1.de/suchbox/amazon?tag=1und1icon-21&field-keywords={searchTerms}
IE - HKU\S-1-5-21-874574627-2650805779-3784137826-1007\..\SearchScopes\{E08A9998-D98F-476f-8F5C-37C80FE0A4DA}: "URL" = hxxp://de.search.yahoo.com/search?fr=chr-ober&type=gamenextde&p={searchTerms}
IE - HKU\S-1-5-21-874574627-2650805779-3784137826-1007\..\SearchScopes\{E59FA6AF-986F-4597-9196-310659A15010}: "URL" = hxxp://go.web.de/suchbox/google?q={searchTerms}
IE - HKU\S-1-5-21-874574627-2650805779-3784137826-1007\..\SearchScopes\{FB0684CD-9707-4FBA-9FE4-C020B8F68521}: "URL" = hxxp://go.web.de/suchbox/ebay?query={searchTerms}
IE - HKU\S-1-5-21-874574627-2650805779-3784137826-1007\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-874574627-2650805779-3784137826-1007\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q="
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=867034"
FF - prefs.js..browser.search.selectedEngine: "AVG Secure Search"
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledAddons: {F53C93F1-07D5-430c-86D4-C9531B27DFAF}:12.0.0.2189
FF - prefs.js..extensions.enabledAddons: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}:6.0.35
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_278.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Programme\Gemeinsame Dateien\AVG Secure Search\SiteSafetyInstaller\12.2.6\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_35: C:\WINDOWS\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Programme\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.775: C:\Programme\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.775: C:\Programme\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=1.0.0.0: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.775: C:\Programme\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@zylom.com/ZylomGamesPlayer: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010.09.29 16:28:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\avg@toolbar: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AVG Secure Search\12.2.5.34\ [2012.10.07 13:59:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Programme\Mozilla Firefox\components [2006.11.15 18:49:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2006.11.15 18:49:42 | 000,000,000 | ---D | M]
 
[2008.06.21 17:22:38 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mozilla\Extensions
[2012.10.08 21:01:21 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mozilla\Firefox\Profiles\q091o1qh.default\extensions
[2012.10.07 13:29:20 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mozilla\Firefox\Profiles\q091o1qh.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012.10.07 13:29:20 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mozilla\Firefox\Profiles\q091o1qh.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}
[2011.01.25 22:46:42 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mozilla\Firefox\Profiles\q091o1qh.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2010.07.27 10:41:06 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2006.11.15 18:50:10 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Programme\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2012.10.01 21:41:50 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
File not found (No name found) -- C:\PROGRAMME\AVG\AVG2012\FIREFOX\DONOTTRACK
[2012.07.18 17:36:52 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll
[2009.10.26 16:45:36 | 000,102,400 | ---- | M] (Zylom) -- C:\Programme\mozilla firefox\plugins\npzylomgamesplayer.dll
[2012.06.15 00:46:58 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.10.07 13:59:11 | 000,003,750 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\avg-secure-search.xml
[2012.06.15 00:46:56 | 000,002,252 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml
[2012.06.15 00:46:58 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2012.06.15 00:46:58 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.06.15 00:46:58 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.06.15 00:46:56 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Yahoo! Deutschland ()
CHR - default_search_provider: search_url = hxxp://de.search.yahoo.com/search?ei={inputEncoding}&fr=crmas&p={searchTerms}
CHR - default_search_provider: suggest_url = hxxp://de-sayt.ff.search.yahoo.com/gossip-de-sayt?output=fxjson&command={searchTerms}
CHR - homepage: hxxp://www.google.com/
 
O1 HOSTS File: ([2012.10.07 13:37:46 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1       localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Programme\AVG\AVG2012\avgssie.dll File not found
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Programme\AVG Secure Search\12.2.5.34\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Programme\AVG Secure Search\12.2.5.34\AVG Secure Search_toolbar.dll ()
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Photo Downloader] C:\Programme\Adobe\Photoshop Elements 6.0\apdproxy.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ANIWZCS2Service] C:\Programme\ANI\ANIWZCS2 Service\WZCSLDR2.exe (Wireless Service)
O4 - HKLM..\Run: [APSDaemon] C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_UI] C:\Programme\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Microsoft Works Update Detection] C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkUFind.exe (Microsoft® Corporation)
O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Programme\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation)
O4 - HKLM..\Run: [ROC_ROC_NT] C:\Programme\AVG Secure Search\ROC_ROC_NT.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [vProt] C:\Programme\AVG Secure Search\vprot.exe ()
O4 - HKU\S-1-5-21-874574627-2650805779-3784137826-1007..\Run: [AutoStartNPSAgent] C:\Programme\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKU\S-1-5-21-874574627-2650805779-3784137826-1007..\Run: [SpeedBitVideoAccelerator] C:\Programme\SpeedBit Video Accelerator\VideoAccelerator.exe (SpeedBit LTD)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\MindManager PDF Writer.lnk = C:\Programme\Mindjet\MindManager 5\sys\PDF\ENU\W2K\PDFSaver.exe (Tracker Software Products)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\WISO Mein Steuer-Sparbuch heute.lnk = C:\Programme\WISO\Steuersoftware 2012\mshaktuell.exe ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Programme\SpeedBit Video Accelerator\SBLSP.dll (SpeedBit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Programme\SpeedBit Video Accelerator\SBLSP.dll (SpeedBit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Programme\SpeedBit Video Accelerator\SBLSP.dll (SpeedBit)
O15 - HKU\S-1-5-21-874574627-2650805779-3784137826-1007\..Trusted Domains:   ([]msn in My Computer)
O15 - HKU\S-1-5-21-874574627-2650805779-3784137826-1007\..Trusted Domains: chip.de ([www] http in Vertrauenswürdige Sites)
O15 - HKU\S-1-5-21-874574627-2650805779-3784137826-1007\..Trusted Domains: fritz.box ([]* in Lokales Intranet)
O15 - HKU\S-1-5-21-874574627-2650805779-3784137826-1007\..Trusted Ranges: Range1 ([*] in Lokales Intranet)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {2F0D96B4-7D9D-4767-A657-F7ECC9114887} hxxp://haustein.dyndns.org/IPCamPluginDMPT.cab (EDIMAX IPCamPluginDMPT Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} hxxp://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37361.2830671296 (Reg Error: Unable to open value key)
O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Unable to open value key)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A0E1E16A-59D3-4429-82A7-353D7EEE174D}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FEB76918-6009-47F2-A852-A5CF4C5A11DB}: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Programme\AVG\AVG2012\avgpp.dll File not found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Programme\Gemeinsame Dateien\AVG Secure Search\ViProtocolInstaller\12.2.6\ViProtocol.dll ()
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\Reiner\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\Reiner\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
NetSvcs: 6to4 -  File not found
NetSvcs: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
NetSvcs: Ias -  File not found
NetSvcs: Iprip -  File not found
NetSvcs: Irmon -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: WmdmPmSp -  File not found
 
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 0
 
SafeBootMin: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
 
SafeBootNet: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: UploadMgr - Service
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
 
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM
ActiveX: {0fde1f56-0d59-4fd7-9624-e3df6b419d0e} - Internet Explorer ReadMe
ActiveX: {0fde1f56-0d59-4fd7-9624-e3df6b419d0f} - IEEX
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vektorgrafik-Rendering (VML)
ActiveX: {166B1BCA-3F9C-11CF-8075-444553540000} - Macromedia Shockwave Director 10.1
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 10.2
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Adobe Shockwave Director 10.2
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {2D5974C5-5185-4f5b-80B6-28015ACDD74C} - q319182
ActiveX: {2eac6a2d-57a8-44d4-96f7-e32bab40ca5f} - Windows Update
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML-Datenbindung für Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Erweitertes Authoring
ActiveX: {429D8DD3-05E0-4F56-B6D6-AC0730567C02} - Euro Update Tool
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015C} - Microsoft DirectX
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5056b317-8d4c-43ee-8543-b9d1e234b8f4} - Sicherheitsupdate für Windows XP (KB923789)
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Webordner
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {8937FCB2-2FC6-4FC3-9FB5-DE2C92DB9C38} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C3C986D6-06B1-43BF-90DD-BE30756C00DE} - RevokedRootsUpdate
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Taskplaner
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Macromedia Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{00E34CBB-C0F7-466F-9A34-D6B120AE2850} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
 
Drivers32: msacm.ac3acm - C:\WINDOWS\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.dvacm - C:\Programme\Gemeinsame Dateien\Ulead Systems\VIO\DVACM.acm (Ulead Systems, Inc.)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\WINDOWS\System32\lameACM.acm (hxxp://www.mp3dev.org/)
Drivers32: msacm.MPEGacm - C:\Programme\Gemeinsame Dateien\Ulead Systems\MPEG\MPEGACM.acm (Ulead Systems, Inc.)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: msacm.ulmp3acm - C:\Programme\Gemeinsame Dateien\Ulead Systems\MPEG\ulmp3acm.acm (Ulead systems)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: VIDC.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.10.07 14:07:18 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\AVG2013
[2012.10.07 14:00:53 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012.10.07 13:59:26 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AVG Secure Search
[2012.10.07 13:59:18 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\AVG Secure Search
[2012.10.07 13:59:16 | 000,027,496 | ---- | C] (AVG Technologies) -- C:\WINDOWS\System32\drivers\avgtpx86.sys
[2012.10.07 13:59:13 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\AVG Secure Search
[2012.10.07 13:59:12 | 000,000,000 | ---D | C] -- C:\Programme\AVG Secure Search
[2012.10.07 13:56:42 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AVG2013
[2012.10.07 13:51:10 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Reiner\Lokale Einstellungen\Anwendungsdaten\MFAData
[2012.10.07 13:51:10 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Reiner\Lokale Einstellungen\Anwendungsdaten\Avg2013
[2012.10.07 13:29:17 | 000,000,000 | ---D | C] -- C:\_OTL
[2012.10.07 13:26:22 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\TuneUp Software
[2012.10.03 14:24:39 | 000,031,584 | ---- | C] (TuneUp Software) -- C:\WINDOWS\System32\TURegOpt.exe
[2012.10.03 14:24:36 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\TuneUp Utilities 2012
[2012.10.03 14:24:30 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\TuneUp Software
[2012.10.03 14:24:25 | 000,000,000 | ---D | C] -- C:\Programme\TuneUp Utilities 2012
[2012.10.03 14:24:15 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TuneUp Software
[2012.10.03 14:24:09 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{32364CEA-7855-4A3C-B674-53D8E9B97936}
[2012.10.03 13:22:21 | 000,000,000 | ---D | C] -- D:\Reiner\My Albums
[2012.10.03 13:22:21 | 000,000,000 | ---D | C] -- D:\Reiner\ArcSoft
[2012.10.01 21:42:02 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Java
[2012.10.01 21:41:41 | 000,000,000 | ---D | C] -- C:\Programme\Java
[2012.09.23 18:43:49 | 000,000,000 | ---D | C] -- C:\Programme\ESET
[2012.09.16 16:27:38 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Malwarebytes
[2012.09.16 16:27:33 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware
[2012.09.16 16:27:32 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2012.09.16 16:27:31 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012.09.16 16:27:31 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2012.09.16 16:26:42 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Reiner\Desktop\Bundestrojaner
[2012.09.11 07:20:44 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\AVG
[2007.06.04 10:54:26 | 005,810,216 | ---- | C] (Mozilla) -- C:\Programme\Firefox Setup 2.0.0.4.exe
[2007.05.11 19:18:04 | 005,804,232 | ---- | C] (Mozilla) -- C:\Programme\Firefox Setup 2.0.0.3.exe
[2007.01.19 21:55:40 | 014,843,696 | ---- | C] (Microsoft Corporation) -- C:\Programme\IE7-WindowsXP-x86-deu.exe
[2007.01.19 21:43:09 | 027,066,664 | ---- | C] (Microsoft Corporation) -- C:\Programme\PowerPointViewer.exe
[2005.12.05 18:00:46 | 002,247,888 | ---- | C] (Microsoft Corporation) -- C:\Programme\dsetup32.dll
[2005.12.05 18:00:46 | 000,484,560 | ---- | C] (Microsoft Corporation) -- C:\Programme\DXSETUP.exe
[2005.12.05 18:00:46 | 000,074,448 | ---- | C] (Microsoft Corporation) -- C:\Programme\DSETUP.dll
[2004.11.20 16:31:32 | 003,207,168 | ---- | C] (Mindjet) -- C:\Programme\MindMan.exe
[2004.11.20 16:31:32 | 001,171,456 | ---- | C] (Mindjet) -- C:\Programme\mmlang-ger.dll
[2004.11.20 16:31:31 | 000,761,856 | ---- | C] (Sub Systems, Inc. ) -- C:\Programme\Ter32mm.dll
[2004.11.20 16:31:31 | 000,262,144 | ---- | C] (Inner Media, Inc.) -- C:\Programme\adfactry.dll
[2004.11.20 16:31:31 | 000,221,184 | ---- | C] (Catenary Systems) -- C:\Programme\Vic32.dll
[2004.11.20 16:31:31 | 000,172,032 | ---- | C] (Wintertree Software Inc.) -- C:\Programme\Ssce5332.dll
[2004.11.20 16:31:31 | 000,124,416 | ---- | C] (Inner Media, Inc.) -- C:\Programme\dzip32.dll
[2004.11.20 16:31:31 | 000,096,768 | ---- | C] (Inner Media, Inc.) -- C:\Programme\dunzip32.dll
[2004.11.20 16:31:31 | 000,077,312 | ---- | C] (Inner Media, Inc.) -- C:\Programme\sfxbe322.dll
[2004.11.20 16:31:31 | 000,053,760 | ---- | C] (Inner Media, Inc.) -- C:\Programme\sfxfe32.exe
[2004.11.20 16:31:30 | 000,290,816 | ---- | C] (Sub Systems, Inc. ) -- C:\Programme\Hts32mm.dll
[2002.11.05 05:00:00 | 001,822,520 | ---- | C] (Microsoft Corporation) -- C:\Programme\INSTMSIW.EXE
[2002.11.05 05:00:00 | 001,708,856 | ---- | C] (Microsoft Corporation) -- C:\Programme\INSTMSIA.EXE
[2002.11.05 05:00:00 | 000,102,400 | ---- | C] (Installshield Software Corporation                          ) -- C:\Programme\SETUP.EXE
 
========== Files - Modified Within 30 Days ==========
 
[2012.10.08 21:00:13 | 000,000,007 | ---- | M] () -- C:\WINDOWS\System32\ANIWZCSUSERNAME
[2012.10.08 21:00:06 | 000,001,092 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012.10.08 21:00:06 | 000,000,280 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-874574627-2650805779-3784137826-1018.job
[2012.10.08 21:00:06 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-874574627-2650805779-3784137826-1006.job
[2012.10.08 21:00:06 | 000,000,274 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-874574627-2650805779-3784137826-1017.job
[2012.10.08 21:00:06 | 000,000,272 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-874574627-2650805779-3784137826-1007.job
[2012.10.08 21:00:05 | 000,000,274 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-874574627-2650805779-3784137826-1019.job
[2012.10.08 21:00:04 | 000,001,374 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.10.08 20:49:00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012.10.08 20:24:15 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.10.07 15:17:00 | 000,001,096 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012.10.07 14:25:53 | 000,001,479 | ---- | M] () -- C:\Dokumente und Einstellungen\Reiner\Desktop\Solitär.lnk
[2012.10.07 14:25:53 | 000,001,475 | ---- | M] () -- C:\Dokumente und Einstellungen\Reiner\Desktop\Windows-Explorer.lnk
[2012.10.07 13:59:31 | 000,000,698 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\AVG 2013.lnk
[2012.10.07 13:59:16 | 000,027,496 | ---- | M] (AVG Technologies) -- C:\WINDOWS\System32\drivers\avgtpx86.sys
[2012.10.07 13:37:46 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2012.10.05 18:52:26 | 000,000,280 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-874574627-2650805779-3784137826-1007.job
[2012.10.03 14:24:38 | 000,001,615 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\TuneUp 1-Klick-Wartung.lnk
[2012.10.03 14:24:38 | 000,001,611 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\TuneUp Utilities 2012.lnk
[2012.10.03 13:48:00 | 000,000,288 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-874574627-2650805779-3784137826-1018.job
[2012.09.17 18:58:56 | 000,051,936 | ---- | M] (AVG Technologies CZ, s.r.o. ) -- C:\WINDOWS\System32\drivers\avgidshx.sys
[2012.09.16 16:45:46 | 000,000,660 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.09.16 10:02:18 | 000,000,010 | ---- | M] () -- C:\WINDOWS\System32\ANIWZCSUSERNAME{79CBCEC7-42D8-49E9-AC5D-0957EF2826BF}
[2012.09.16 10:02:14 | 000,000,286 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-874574627-2650805779-3784137826-1006.job
[2012.09.14 05:34:34 | 000,089,440 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
[2012.09.13 07:19:22 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012.09.12 11:47:22 | 000,164,704 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys
[2012.09.12 11:47:04 | 000,151,648 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys
[2012.09.09 13:08:12 | 000,368,096 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
 
========== Files Created - No Company Name ==========
 
[2012.10.07 13:59:30 | 000,000,698 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\AVG 2013.lnk
[2012.10.03 14:24:37 | 000,001,615 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\TuneUp 1-Klick-Wartung.lnk
[2012.10.03 14:24:37 | 000,001,611 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\TuneUp Utilities 2012.lnk
[2012.10.03 14:24:36 | 000,001,617 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\TuneUp Utilities 2012.lnk
[2012.09.16 16:45:44 | 000,000,660 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.02.15 13:51:54 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011.04.05 12:11:17 | 000,002,528 | ---- | C] () -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\$_hpcst$.hpc
[2011.03.29 08:09:16 | 000,011,264 | ---- | C] () -- C:\WINDOWS\System32\rockusbCoInstaller.dll
[2011.01.30 14:18:22 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\CommonDL.dll
[2011.01.30 14:18:22 | 000,002,413 | ---- | C] () -- C:\WINDOWS\System32\lgAxconfig.ini
[2010.11.07 17:50:22 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009.10.09 15:13:13 | 000,000,045 | ---- | C] () -- C:\Dokumente und Einstellungen\Reiner\jagex_runescape_preferences2.dat
[2009.10.09 15:12:37 | 000,000,038 | ---- | C] () -- C:\Dokumente und Einstellungen\Reiner\jagex_runescape_preferences.dat
[2008.10.16 20:24:27 | 000,000,152 | ---- | C] () -- C:\Dokumente und Einstellungen\Reiner\default.pls
[2008.10.11 10:06:30 | 000,001,604 | ---- | C] () -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\wklnhst.dat
[2006.11.15 18:48:08 | 006,042,312 | ---- | C] () -- C:\Programme\FirefoxGoogleToolbarSetup.exe
[2006.11.14 19:49:09 | 000,155,648 | ---- | C] () -- C:\Programme\Symantec Security.exe
[2006.11.14 19:48:02 | 000,000,637 | ---- | C] () -- C:\Programme\Symantec Security.htm
[2006.05.23 16:20:47 | 000,000,021 | ---- | C] () -- C:\Programme\AVPersonalAVWIN.INI
[2005.12.05 18:28:30 | 003,673,932 | ---- | C] () -- C:\Programme\Dec2005_MDX1_x86_Archive.cab
[2005.12.05 18:28:04 | 001,358,864 | ---- | C] () -- C:\Programme\Dec2005_d3dx9_28_x64.cab
[2005.12.05 18:28:02 | 000,086,925 | ---- | C] () -- C:\Programme\Oct2005_xinput_x64.cab
[2005.12.05 18:28:02 | 000,046,247 | ---- | C] () -- C:\Programme\Oct2005_xinput_x86.cab
[2005.12.05 18:28:02 | 000,041,888 | ---- | C] () -- C:\Programme\dxdllreg_x86.cab
[2005.12.05 18:28:00 | 000,916,806 | ---- | C] () -- C:\Programme\Dec2005_MDX1_x86.cab
[2005.12.05 18:27:58 | 001,080,344 | ---- | C] () -- C:\Programme\Dec2005_d3dx9_28_x86.cab
[2005.12.05 18:00:46 | 000,081,092 | ---- | C] () -- C:\Programme\dxupdate.cab
[2005.12.05 18:00:44 | 001,351,430 | ---- | C] () -- C:\Programme\Aug2005_d3dx9_27_x64.cab
[2005.12.05 18:00:44 | 001,336,890 | ---- | C] () -- C:\Programme\Jun2005_d3dx9_26_x64.cab
[2005.12.05 18:00:44 | 001,248,387 | ---- | C] () -- C:\Programme\Feb2005_d3dx9_24_x64.cab
[2005.12.05 18:00:44 | 001,078,532 | ---- | C] () -- C:\Programme\Aug2005_d3dx9_27_x86.cab
[2005.12.05 18:00:44 | 001,065,813 | ---- | C] () -- C:\Programme\Jun2005_d3dx9_26_x86.cab
[2005.12.05 18:00:44 | 001,014,113 | ---- | C] () -- C:\Programme\Feb2005_d3dx9_24_x86.cab
[2005.12.05 18:00:42 | 013,265,040 | ---- | C] () -- C:\Programme\dxnt.cab
[2005.12.05 18:00:40 | 015,493,481 | ---- | C] () -- C:\Programme\DirectX.cab
[2005.12.05 18:00:40 | 001,156,363 | ---- | C] () -- C:\Programme\BDANT.cab
[2005.12.05 18:00:40 | 000,976,020 | ---- | C] () -- C:\Programme\BDAXP.cab
[2005.12.05 18:00:40 | 000,703,080 | ---- | C] () -- C:\Programme\BDA.cab
[2005.10.27 18:50:12 | 000,002,487 | ---- | C] () -- C:\Programme\Microsoft PowerPoint.lnk
[2004.11.20 16:40:18 | 000,073,664 | -H-- | C] () -- C:\Programme\MindMan.GID
[2004.11.20 16:31:32 | 001,379,900 | ---- | C] () -- C:\Programme\MMConferenceProvider.dll
[2004.11.20 16:31:31 | 000,081,468 | ---- | C] () -- C:\Programme\MindMan.tlb
[2004.11.20 16:31:30 | 000,157,149 | ---- | C] () -- C:\Programme\WiseUpdt.exe
[2004.11.20 16:31:30 | 000,133,988 | R--- | C] () -- C:\Programme\GER_ReleaseNotes.rtf
[2004.11.20 16:31:30 | 000,078,708 | R--- | C] () -- C:\Programme\Versionshinweise.mmp
[2004.11.20 16:31:30 | 000,043,693 | ---- | C] () -- C:\Programme\DeveloperResources.mmp
[2004.11.20 16:31:30 | 000,028,714 | R--- | C] () -- C:\Programme\Open Interface Release Notes.mmp
[2004.11.20 16:31:30 | 000,017,271 | ---- | C] () -- C:\Programme\MindManager 2002 License Agreement.rtf
[2004.11.20 16:31:30 | 000,006,855 | ---- | C] () -- C:\Programme\UNWISE.INI
[2004.11.20 16:31:29 | 000,162,304 | ---- | C] () -- C:\Programme\UNWISE.EXE
[2003.07.01 19:32:34 | 004,073,984 | ---- | C] () -- C:\Programme\Antivir.exe
[2002.11.05 05:00:00 | 018,135,040 | ---- | C] () -- C:\Programme\QCL.MSI
[2002.11.05 05:00:00 | 001,452,803 | ---- | C] () -- C:\Programme\QCL.PDF
[2002.11.05 05:00:00 | 000,320,618 | ---- | C] () -- C:\Programme\LICENSE.PDF
[2002.11.05 05:00:00 | 000,062,686 | ---- | C] () -- C:\Programme\SETUP.INI
[2002.11.05 05:00:00 | 000,021,094 | ---- | C] () -- C:\Programme\EXTRA.CAB
[2002.08.29 20:19:35 | 000,008,704 | ---- | C] () -- C:\Dokumente und Einstellungen\Reiner\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
========== ZeroAccess Check ==========
 
[2008.10.09 22:02:30 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\System32\shdocvw.dll -- [2008.04.14 07:52:26 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\System32\wbem\fastprox.dll -- [2009.02.09 12:51:44 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\System32\wbem\wbemess.dll -- [2008.04.14 07:52:34 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2012.10.07 13:59:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AVG Secure Search
[2012.10.07 13:59:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AVG2013
[2010.06.12 11:01:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Buhl Data Service GmbH
[2010.07.18 14:29:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\BVRP Software
[2009.12.04 21:31:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Canneverbe Limited
[2012.05.27 12:55:30 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Common Files
[2008.10.10 22:00:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\espionServerData
[2009.04.23 08:12:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\F-Secure
[2010.01.14 16:11:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Firefly Studios
[2009.04.23 08:12:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\fssg
[2009.11.18 15:40:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ICQ
[2009.02.20 17:46:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\IEConfiguration1und1
[2012.06.11 18:33:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\iMesh
[2011.01.30 14:18:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\LGMOBILEAX
[2012.10.08 20:29:33 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MFAData
[2011.09.14 19:24:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MSScanAppDataDir
[2009.11.10 10:25:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Oberon Media
[2010.04.30 15:27:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PC Suite
[2009.05.19 20:22:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Pinnacle
[2010.07.27 10:20:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PopCap Games
[2011.04.05 12:31:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Samsung
[2009.11.10 10:25:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP
[2004.12.25 09:26:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Terzio
[2010.05.16 15:13:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\tmp
[2012.10.03 14:24:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TuneUp Software
[2010.11.25 09:16:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Ulead Systems
[2007.10.31 19:19:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\WinZip
[2010.07.31 13:23:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Zylom
[2012.10.03 14:24:10 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{32364CEA-7855-4A3C-B674-53D8E9B97936}
[2010.04.19 16:13:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2011.03.29 08:09:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{F0489EF2-D393-4114-85BA-A94D71D89543}
[2012.06.11 18:32:30 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{FCC59D3F-C1B9-40B4-9776-50CDD1A7307C}
[2012.05.27 13:18:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\AVG
[2012.05.27 12:56:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\AVG2012
[2010.07.08 18:54:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\Blender Foundation
[2011.05.12 12:09:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\Buhl Data Service
[2010.04.26 14:41:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\Canneverbe Limited
[2009.08.01 13:32:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\Cornelsen
[2010.12.20 16:29:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\DiskAid
[2010.12.19 12:25:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\Dropbox
[2010.04.28 15:16:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\DVDVideoSoftIEHelpers
[2009.05.04 09:02:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\F-Secure
[2010.07.27 10:40:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\FreeFLVConverter
[2002.04.15 08:52:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\InterTrust
[2007.06.02 13:44:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\KIDDINX
[2012.01.12 16:30:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\LibreOffice
[2005.09.11 12:50:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\Mindjet
[2011.02.16 19:27:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\OpenOffice.org
[2007.05.25 12:58:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\Panasonic
[2010.04.23 07:49:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\PC Suite
[2010.12.27 10:44:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\Philips
[2010.12.27 10:22:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\Philips-Songbird
[2010.04.23 07:30:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\Samsung
[2011.03.29 07:52:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\Songbird2
[2010.07.18 14:18:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\Sony
[2010.07.18 14:18:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\Sony Setup
[2008.10.13 09:30:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\Template
[2010.12.20 16:31:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\TuneAid
[2010.04.28 15:19:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1
[2010.11.25 09:27:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\Ulead Systems
[2012.09.14 10:30:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\wincoreimband
[2010.07.31 13:23:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\Zylom
[2002.04.15 08:52:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Default User\Anwendungsdaten\InterTrust
[2002.04.15 08:52:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Dominik\Anwendungsdaten\InterTrust
[2011.02.13 12:57:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Dominik\Anwendungsdaten\OpenOffice.org
[2010.09.30 22:19:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Dominik\Anwendungsdaten\PC Suite
[2010.11.25 14:21:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Dominik\Anwendungsdaten\Ulead Systems
[2011.05.28 13:28:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jacqueline\Anwendungsdaten\Cornelsen
[2002.04.15 08:52:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jacqueline\Anwendungsdaten\InterTrust
[2010.10.20 15:41:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jacqueline\Anwendungsdaten\PC Suite
[2010.12.30 13:24:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jacqueline\Anwendungsdaten\Philips
[2010.12.30 13:14:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jacqueline\Anwendungsdaten\Philips-Songbird
[2010.11.25 17:25:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jacqueline\Anwendungsdaten\Ulead Systems
[2012.10.07 13:26:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\TuneUp Software
[2012.10.07 13:59:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\AVG Secure Search
[2012.10.07 14:07:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\AVG2013
[2010.06.12 11:07:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Buhl Data Service
[2010.05.02 14:58:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Canneverbe Limited
[2009.12.12 18:40:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Canneverbe_Limited
[2012.03.19 22:17:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\ElevatedDiagnostics
[2009.05.21 12:03:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\F-Secure
[2009.11.18 15:40:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\ICQ
[2002.04.15 08:52:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\InterTrust
[2007.06.03 19:14:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\KIDDINX
[2004.12.04 20:30:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mindjet
[2007.05.01 19:09:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Panasonic
[2010.04.23 18:41:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\PC Suite
[2011.04.05 12:30:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Samsung
[2008.10.11 10:06:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Template
[2012.10.03 14:24:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\TuneUp Software
[2010.12.06 17:35:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Ulead Systems
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %ALLUSERSPROFILE%\Application Data\*. >
[2012.03.19 21:21:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Application Data\Speedbit
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2002.04.15 08:52:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Adobe
[2005.10.22 18:37:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\AdobeUM
[2008.10.14 20:05:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Ahead
[2010.04.20 20:37:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Apple Computer
[2007.05.01 19:03:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Arcsoft
[2008.10.10 22:15:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\ATI
[2012.10.07 13:59:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\AVG Secure Search
[2012.10.07 14:07:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\AVG2013
[2010.06.12 11:07:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Buhl Data Service
[2010.05.02 14:58:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Canneverbe Limited
[2009.12.12 18:40:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Canneverbe_Limited
[2010.09.15 21:23:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\DivX
[2009.10.27 19:33:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\dvdcss
[2012.03.19 22:17:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\ElevatedDiagnostics
[2009.05.21 12:03:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\F-Secure
[2010.06.26 15:58:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Google
[2002.12.04 20:33:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Help
[2010.11.16 19:21:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\HpUpdate
[2009.11.18 15:40:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\ICQ
[2002.04.13 13:59:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Identities
[2007.05.01 18:45:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\InstallShield
[2002.04.15 08:52:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\InterTrust
[2007.06.03 19:14:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\KIDDINX
[2006.04.13 21:04:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Macromedia
[2012.09.16 16:27:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Malwarebytes
[2008.10.14 19:04:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Media Player Classic
[2002.04.13 13:19:18 | 000,000,000 | --SD | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Microsoft
[2004.12.04 20:30:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mindjet
[2006.11.19 11:47:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mozilla
[2002.10.22 17:32:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\MSN6
[2007.05.01 19:09:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Panasonic
[2010.04.23 18:41:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\PC Suite
[2008.10.16 21:11:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Real
[2011.04.05 12:30:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Samsung
[2011.07.01 18:27:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Sony Corporation
[2006.12.14 22:51:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Sun
[2008.10.11 10:06:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Template
[2012.10.03 14:24:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\TuneUp Software
[2010.12.06 17:35:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Ulead Systems
[2009.12.04 20:52:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\vlc
[2010.12.22 20:59:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\WinRAR
 
< %APPDATA%\*.exe /s >
[2011.01.30 19:06:40 | 000,510,120 | ---- | M] (RealNetworks, Inc.) -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Real\Update\setup3.13\setup.exe
[2012.07.06 05:59:32 | 000,317,048 | ---- | M] (RealNetworks, Inc.) -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Real\Update\UpgradeHelper\RealPlayer\9.10\rnupgagent.exe
 
< %SYSTEMDRIVE%\*.exe >
 
< MD5 for: AGP440.SYS  >
[2004.08.04 01:10:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008.04.14 08:03:54 | 020,108,202 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2004.08.04 01:10:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:AGP440.sys
[2008.04.14 08:03:54 | 020,108,202 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\7d084ddd2c07c476a226e31c4ef032ff\agp440.sys
[2008.04.14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
[2004.08.03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys
 
< MD5 for: ATAPI.SYS  >
[2004.08.04 01:10:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.04.14 08:03:54 | 020,108,202 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2004.08.04 01:10:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys
[2008.04.14 08:03:54 | 020,108,202 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\7d084ddd2c07c476a226e31c4ef032ff\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
 
< MD5 for: EVENTLOG.DLL  >
[2008.04.14 07:52:12 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 04:22:10 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\SoftwareDistribution\Download\7d084ddd2c07c476a226e31c4ef032ff\eventlog.dll
[2008.04.14 07:52:12 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\system32\eventlog.dll
[2004.08.04 00:57:20 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=B932C077D5A65B71B4512544AC404CB4 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
 
< MD5 for: NETLOGON.DLL  >
[2008.04.14 07:52:20 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 04:22:20 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\SoftwareDistribution\Download\7d084ddd2c07c476a226e31c4ef032ff\netlogon.dll
[2008.04.14 07:52:20 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\system32\netlogon.dll
[2004.08.04 00:57:32 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=D27395EDCD3416AFD125A9370DCB585C -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
 
< MD5 for: SCECLI.DLL  >
[2008.04.14 07:52:24 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 04:22:24 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\SoftwareDistribution\Download\7d084ddd2c07c476a226e31c4ef032ff\scecli.dll
[2008.04.14 07:52:24 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\system32\scecli.dll
[2004.08.04 00:57:34 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=64DC26B3CF7BCCAD431CE360A4C625D5 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
 
< MD5 for: USER32.DLL  >
[2007.03.08 17:36:30 | 000,579,072 | ---- | M] (Microsoft Corporation) MD5=492E166CFD26A50FB9160DB536FF7D2B -- C:\WINDOWS\$NtServicePackUninstall$\user32.dll
[2005.03.02 20:19:56 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=4C90159A69A5FD3EB39C71411F28FCFF -- C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\user32.dll
[2007.03.08 17:48:40 | 000,579,584 | ---- | M] (Microsoft Corporation) MD5=78785EFF8CB90CEC1862A4CCFD9A3C3A -- C:\WINDOWS\$hf_mig$\KB925902\SP2QFE\user32.dll
[2008.04.14 07:52:32 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\ServicePackFiles\i386\user32.dll
[2008.04.14 04:22:32 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\SoftwareDistribution\Download\7d084ddd2c07c476a226e31c4ef032ff\user32.dll
[2008.04.14 07:52:32 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\system32\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2008.04.14 07:53:04 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 04:23:04 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\SoftwareDistribution\Download\7d084ddd2c07c476a226e31c4ef032ff\userinit.exe
[2008.04.14 07:53:04 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\system32\userinit.exe
[2004.08.04 00:58:18 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=D1E53DC57143F2584B1DD53B036C0633 -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2004.08.04 00:58:20 | 000,507,392 | ---- | M] (Microsoft Corporation) MD5=2B6A0BAF33A9918F09442D873848FF72 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2012.09.07 17:04:42 | 000,218,696 | ---- | M] () MD5=4E0D8C9F83B7FD82393F7D8CCC27E7AE -- C:\Programme\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2008.04.14 07:53:06 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 04:23:06 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\SoftwareDistribution\Download\7d084ddd2c07c476a226e31c4ef032ff\winlogon.exe
[2008.04.14 07:53:06 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\system32\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2001.08.18 13:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\dllcache\ws2ifsl.sys
[2001.08.18 13:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\drivers\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
[2002.04.13 13:18:10 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2002.04.13 13:18:10 | 000,610,304 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2002.04.13 13:18:10 | 000,401,408 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >

< End of report >

Alt 09.10.2012, 10:57   #25
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Bundespolizei Trojaner sperrt Rechner - Standard

Bundespolizei Trojaner sperrt Rechner


Du hast OTL vorher nicht neu runtergeladen, warum?
Grund ist, dass es Bugs in den Versionen 3.2.70.x gibt, wir sind wieder bei 3.2.69.0 - mach damit bitte ein neues Log wie o.g.
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 13.10.2012, 15:09   #26
tschobeuter
 
Bundespolizei Trojaner sperrt Rechner - Standard

Bundespolizei Trojaner sperrt Rechner


Ok, jetzt mit OTL mit Version 3.2.69.0:

OTL.TXT:

Code:
ATTFilter
OTL logfile created on: 13.10.2012 15:55:39 - Run 5
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Dokumente und Einstellungen\Reiner\Desktop\Bundestrojaner
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,27 Gb Available Physical Memory | 75,87% Memory free
5,84 Gb Paging File | 5,18 Gb Available in Paging File | 88,76% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 96,80 Gb Total Space | 59,74 Gb Free Space | 61,71% Space Free | Partition Type: NTFS
Drive D: | 201,28 Gb Total Space | 115,55 Gb Free Space | 57,41% Space Free | Partition Type: NTFS
 
Computer Name: COMPUTER | User Name: Reiner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.10.13 15:45:26 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Reiner\Desktop\Bundestrojaner\OTL.exe
PRC - [2012.10.07 13:59:23 | 000,856,160 | ---- | M] () -- C:\Programme\AVG Secure Search\ROC_ROC_NT.exe
PRC - [2012.10.07 13:59:14 | 000,722,528 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe
PRC - [2012.10.07 13:59:13 | 000,947,808 | ---- | M] () -- C:\Programme\AVG Secure Search\vprot.exe
PRC - [2012.09.14 05:35:58 | 003,039,352 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programme\AVG\AVG2013\avgui.exe
PRC - [2012.09.07 17:04:46 | 000,399,432 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012.08.20 04:53:34 | 000,184,304 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programme\AVG\AVG2013\avgwdsvc.exe
PRC - [2012.05.29 13:09:52 | 001,528,672 | ---- | M] (TuneUp Software) -- C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe
PRC - [2012.05.29 13:09:52 | 001,220,960 | ---- | M] (TuneUp Software) -- C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe
PRC - [2012.03.19 21:21:48 | 000,265,928 | ---- | M] (SpeedBit Ltd.) -- C:\Programme\SpeedBit Video Accelerator\VideoAcceleratorService.exe
PRC - [2012.02.27 00:15:42 | 000,055,144 | ---- | M] (Apple Inc.) -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2012.01.18 14:02:04 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
PRC - [2010.10.16 22:37:26 | 000,488,968 | ---- | M] (RealNetworks, Inc.) -- C:\Programme\Real\RealPlayer\realplay.exe
PRC - [2010.10.16 22:37:24 | 000,202,256 | ---- | M] (RealNetworks, Inc.) -- C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe
PRC - [2010.07.04 19:07:40 | 000,238,952 | ---- | M] (Teruten) -- C:\WINDOWS\system32\FsUsbExService.Exe
PRC - [2010.03.24 15:42:10 | 000,599,328 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\PMB\PMBVolumeWatcher.exe
PRC - [2009.10.24 03:18:54 | 000,360,224 | ---- | M] (Sony Corporation) -- C:\Programme\Sony\PMB\PMBDeviceInfoProvider.exe
PRC - [2009.07.13 23:18:12 | 000,071,096 | ---- | M] () -- C:\Programme\CDBurnerXP\NMSAccessU.exe
PRC - [2008.04.14 07:52:46 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008.04.07 09:17:30 | 000,430,592 | ---- | M] (Nokia.) -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe
PRC - [2008.03.10 09:58:18 | 000,130,560 | ---- | M] () -- C:\Programme\PC Connectivity Solution\Transports\NclUSBSrv.exe
PRC - [2008.02.22 09:11:02 | 000,120,320 | ---- | M] () -- C:\Programme\PC Connectivity Solution\Transports\NclRSSrv.exe
PRC - [2007.09.11 00:45:04 | 000,124,832 | ---- | M] () -- C:\Programme\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
PRC - [2007.09.07 22:22:24 | 000,204,800 | ---- | M] (UASSOFT.COM) -- C:\Programme\Multimedia Mouse Driver\KMWDSrv.exe
PRC - [2007.01.19 11:49:04 | 000,049,152 | ---- | M] (Wireless Service) -- C:\Programme\ANI\ANIWZCS2 Service\WZCSLDR2.exe
PRC - [2006.09.28 10:20:00 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Programme\Gemeinsame Dateien\Ulead Systems\DVD\ULCDRSvr.exe
PRC - [2006.05.23 23:49:14 | 000,024,576 | ---- | M] (Syntek America Inc.) -- C:\WINDOWS\system32\StkASv2K.exe
PRC - [2003.06.19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE
PRC - [2003.02.21 13:16:16 | 000,061,440 | R--- | M] (Tracker Software Products) -- C:\Programme\Mindjet\MindManager 5\sys\PDF\ENU\W2K\PDFSaver.exe
PRC - [2001.08.18 04:55:00 | 000,086,016 | ---- | M] (PCtel, Inc.) -- C:\WINDOWS\system32\pctspk.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.10.07 13:59:23 | 000,856,160 | ---- | M] () -- C:\Programme\AVG Secure Search\ROC_ROC_NT.exe
MOD - [2012.10.07 13:59:17 | 000,564,832 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\AVG Secure Search\DNTInstaller\12.2.6\avgdttbx.dll
MOD - [2012.10.07 13:59:15 | 000,132,704 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\AVG Secure Search\SiteSafetyInstaller\12.2.6\SiteSafety.dll
MOD - [2012.10.07 13:59:14 | 000,722,528 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe
MOD - [2012.10.07 13:59:13 | 000,947,808 | ---- | M] () -- C:\Programme\AVG Secure Search\vprot.exe
MOD - [2012.07.27 22:51:38 | 000,301,056 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.DEU
MOD - [2012.06.16 08:54:46 | 011,817,472 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\dbc413807cb7360b3e26ef3ca1d54f9a\System.Web.ni.dll
MOD - [2012.06.15 10:48:28 | 012,433,920 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\01abbadafaf265d9f4ac9bbb247acb98\System.Windows.Forms.ni.dll
MOD - [2012.06.15 10:48:16 | 001,592,320 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\d86f2038209a4cf0d0f5b30f6375c9b2\System.Drawing.ni.dll
MOD - [2012.06.15 10:46:56 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2012.05.11 18:21:04 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\3bba1b8b0b5ef0be238b011cc7a0575e\System.Xml.ni.dll
MOD - [2012.05.11 18:12:40 | 007,953,408 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e4b5afc4da43b1c576f9322f9f2e1bfe\System.ni.dll
MOD - [2012.05.11 18:12:26 | 011,492,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\e337c89bc9f81b69d7237aa70e935900\mscorlib.ni.dll
MOD - [2012.02.20 21:29:04 | 000,087,912 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\zlib1.dll
MOD - [2012.02.20 21:28:42 | 001,242,472 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\libxml2.dll
MOD - [2010.04.03 18:28:48 | 000,311,296 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010.04.03 18:28:46 | 000,430,080 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll
MOD - [2010.03.15 11:28:24 | 000,141,824 | ---- | M] () -- C:\Programme\WinRAR\RarExt.dll
MOD - [2009.07.13 23:18:12 | 000,071,096 | ---- | M] () -- C:\Programme\CDBurnerXP\NMSAccessU.exe
MOD - [2008.10.09 22:06:42 | 001,679,360 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.2993.28442__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll
MOD - [2008.10.09 22:06:42 | 000,688,128 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Wizard\2.0.2993.28653__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Wizard.dll
MOD - [2008.10.09 22:06:42 | 000,364,544 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Wizard\2.0.2993.28681__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Wizard.dll
MOD - [2008.10.09 22:06:42 | 000,253,952 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.2993.28395__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
MOD - [2008.10.09 22:06:42 | 000,196,608 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.2993.28458__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
MOD - [2008.10.09 22:06:42 | 000,077,824 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.2993.28671__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
MOD - [2008.10.09 22:06:42 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.2993.28626__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
MOD - [2008.10.09 22:06:42 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.2993.28433__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
MOD - [2008.10.09 22:06:42 | 000,036,864 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.2993.28569__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
MOD - [2008.10.09 22:06:42 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.2993.28416__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
MOD - [2008.10.09 22:06:40 | 000,483,328 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.2993.28713__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
MOD - [2008.10.09 22:06:24 | 000,442,368 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Dashboard\2.0.2993.28746__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Dashboard.dll
MOD - [2008.10.09 22:06:24 | 000,352,256 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.2993.28637__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
MOD - [2008.10.09 22:06:24 | 000,135,168 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.2993.28721__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
MOD - [2008.10.09 22:06:24 | 000,102,400 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Dashboard\2.0.2993.28450__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Dashboard.dll
MOD - [2008.10.09 22:06:24 | 000,090,112 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.2993.28644__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
MOD - [2008.10.09 22:06:24 | 000,073,728 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.2993.28410__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
MOD - [2008.10.09 22:06:24 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Runtime\2.0.2993.28745__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Runtime.dll
MOD - [2008.10.09 22:06:24 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.2993.28635__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
MOD - [2008.10.09 22:06:24 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Runtime\2.0.2993.28449__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Runtime.dll
MOD - [2008.10.09 22:06:22 | 000,901,120 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Dashboard\2.0.2993.28674__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Dashboard.dll
MOD - [2008.10.09 22:06:22 | 000,802,816 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.2993.28581__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
MOD - [2008.10.09 22:06:22 | 000,663,552 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Dashboard\2.0.2993.28629__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Dashboard.dll
MOD - [2008.10.09 22:06:22 | 000,585,728 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.2993.28473__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll
MOD - [2008.10.09 22:06:22 | 000,479,232 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.2993.28572__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
MOD - [2008.10.09 22:06:22 | 000,442,368 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.2993.28563__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll
MOD - [2008.10.09 22:06:22 | 000,438,272 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.2993.28419__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll
MOD - [2008.10.09 22:06:22 | 000,401,408 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.2993.28660__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
MOD - [2008.10.09 22:06:22 | 000,217,088 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.2993.28465__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
MOD - [2008.10.09 22:06:22 | 000,118,784 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.2993.28602__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
MOD - [2008.10.09 22:06:22 | 000,073,728 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.2993.28580__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
MOD - [2008.10.09 22:06:22 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.2993.28570__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
MOD - [2008.10.09 22:06:22 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.2993.28480__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
MOD - [2008.10.09 22:06:22 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.2993.28579__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
MOD - [2008.10.09 22:06:22 | 000,036,864 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.2993.28600__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
MOD - [2008.10.09 22:06:22 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.2993.28617__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
MOD - [2008.10.09 22:06:22 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.2939.23687__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
MOD - [2008.10.09 22:06:22 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.2939.23679__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
MOD - [2008.10.09 22:06:22 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.2939.23767__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
MOD - [2008.10.09 22:06:22 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.2939.23710__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
MOD - [2008.10.09 22:06:22 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.2939.23768__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
MOD - [2008.10.09 22:06:22 | 000,006,656 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
MOD - [2008.10.09 22:06:20 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.2965.22300__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
MOD - [2008.10.09 22:06:20 | 000,057,344 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Shared\2.0.2939.23747__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Shared.dll
MOD - [2008.10.09 22:06:20 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation\2.0.2939.23668__90ba9c70f846762e\CLI.Foundation.dll
MOD - [2008.10.09 22:06:20 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.2939.23689__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
MOD - [2008.10.09 22:06:20 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.2939.23743__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
MOD - [2008.10.09 22:06:20 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.2939.23739__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
MOD - [2008.10.09 22:06:20 | 000,049,152 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.2939.23740__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
MOD - [2008.10.09 22:06:20 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
MOD - [2008.10.09 22:06:20 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.2939.23738__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
MOD - [2008.10.09 22:06:20 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.2939.23764__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
MOD - [2008.10.09 22:06:20 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.2939.23742__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
MOD - [2008.10.09 22:06:20 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation\2.0.2939.23662__90ba9c70f846762e\LOG.Foundation.dll
MOD - [2008.10.09 22:06:20 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.2939.23708__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
MOD - [2008.10.09 22:06:20 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.2939.23802__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MOD - [2008.10.09 22:06:20 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MultiVPU4.Graphics.Shared\2.0.2939.23715__90ba9c70f846762e\CLI.Aspect.MultiVPU4.Graphics.Shared.dll
MOD - [2008.10.09 22:06:20 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.2939.23735__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
MOD - [2008.10.09 22:06:20 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.2939.23719__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
MOD - [2008.10.09 22:06:20 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.2939.23667__90ba9c70f846762e\NEWAEM.Foundation.dll
MOD - [2008.10.09 22:06:20 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.PowerXpress.Graphics.Shared\2.0.2939.23762__90ba9c70f846762e\CLI.Aspect.PowerXpress.Graphics.Shared.dll
MOD - [2008.10.09 22:06:20 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.2939.23741__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
MOD - [2008.10.09 22:06:20 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.2939.23711__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
MOD - [2008.10.09 22:06:20 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Foundation\2.0.2939.23665__90ba9c70f846762e\AEM.Foundation.dll
MOD - [2008.10.09 22:06:20 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll
MOD - [2008.10.09 22:06:20 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.OS.I0602\2.0.2939.23717__90ba9c70f846762e\DEM.OS.I0602.dll
MOD - [2008.10.09 22:06:20 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0703\2.0.2651.18802__90ba9c70f846762e\DEM.Graphics.I0703.dll
MOD - [2008.10.09 22:06:20 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.2939.23693__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
MOD - [2008.10.09 22:06:20 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.2939.23687__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
MOD - [2008.10.09 22:06:20 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.2939.23679__90ba9c70f846762e\CLI.Component.Client.Shared.dll
MOD - [2008.10.09 22:06:20 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Shared\2.0.2939.23735__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Shared.dll
MOD - [2008.10.09 22:06:20 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.2939.23719__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
MOD - [2008.10.09 22:06:20 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\APM.Foundation\2.0.2939.23709__90ba9c70f846762e\APM.Foundation.dll
MOD - [2008.10.09 22:06:20 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\MOM.Foundation\2.0.2939.23707__90ba9c70f846762e\MOM.Foundation.dll
MOD - [2008.10.09 22:06:20 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.OS\2.0.2939.23717__90ba9c70f846762e\DEM.OS.dll
MOD - [2008.10.09 22:06:20 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll
MOD - [2008.10.09 22:06:20 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics\2.0.2939.23718__90ba9c70f846762e\DEM.Graphics.dll
MOD - [2008.10.09 22:06:20 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
MOD - [2008.10.09 22:06:20 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.2939.23688__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
MOD - [2008.10.09 22:06:20 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.2939.23734__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
MOD - [2008.10.09 22:06:20 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.2939.23718__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
MOD - [2008.10.09 22:06:20 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Server.Shared\2.0.2939.23687__90ba9c70f846762e\AEM.Server.Shared.dll
MOD - [2008.10.09 22:06:14 | 000,491,520 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.2993.28426__90ba9c70f846762e\CLI.Component.Wizard.dll
MOD - [2008.10.09 22:06:14 | 000,413,696 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.2993.28689__90ba9c70f846762e\CLI.Component.Systemtray.dll
MOD - [2008.10.09 22:06:14 | 000,102,400 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\MOM.Implementation\2.0.2993.28700__90ba9c70f846762e\MOM.Implementation.dll
MOD - [2008.10.09 22:06:14 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.2993.28697__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MOD - [2008.10.09 22:06:14 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.2939.23678__90ba9c70f846762e\CLI.Foundation.Private.dll
MOD - [2008.10.09 22:06:14 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.2993.28736__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
MOD - [2008.10.09 22:06:14 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.2939.23679__90ba9c70f846762e\LOG.Foundation.Private.dll
MOD - [2008.10.09 22:06:14 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.2939.23694__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
MOD - [2008.10.09 22:06:14 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.2939.23712__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MOD - [2008.10.09 22:06:14 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOCALIZATION.Foundation.Private\2.0.2939.23677__90ba9c70f846762e\LOCALIZATION.Foundation.Private.dll
MOD - [2008.10.09 22:06:14 | 000,011,264 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOCALIZATION.Foundation.Implementation\2.0.2993.28750__90ba9c70f846762e\LOCALIZATION.Foundation.Implementation.dll
MOD - [2008.10.09 22:06:14 | 000,006,656 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.2993.28385__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
MOD - [2008.10.09 22:06:14 | 000,005,120 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Systemtray.resources\2.0.2993.28689_de_90ba9c70f846762e\CLI.Component.Systemtray.resources.dll
MOD - [2008.10.09 22:06:12 | 001,507,328 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.2993.28403__90ba9c70f846762e\CLI.Component.Dashboard.dll
MOD - [2008.10.09 22:06:12 | 000,073,728 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.2993.28386__90ba9c70f846762e\CLI.Component.Runtime.dll
MOD - [2008.10.09 22:06:12 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ATIDEMOS\2.0.2993.28387__90ba9c70f846762e\ATIDEMOS.dll
MOD - [2008.10.09 22:06:12 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\APM.Server\2.0.2993.28383__90ba9c70f846762e\APM.Server.dll
MOD - [2008.10.09 22:06:12 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.2939.23713__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
MOD - [2008.10.09 22:06:12 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Server\2.0.2993.28384__90ba9c70f846762e\AEM.Server.dll
MOD - [2008.10.09 22:06:12 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.2939.23689__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
MOD - [2008.10.09 22:06:12 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CCC.Implementation\2.0.2993.28699__90ba9c70f846762e\CCC.Implementation.dll
MOD - [2008.10.09 22:06:12 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
MOD - [2008.10.09 22:06:12 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.2939.23711__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
MOD - [2008.10.09 22:06:12 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.2939.23746__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
MOD - [2008.04.14 07:52:18 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008.03.10 09:58:18 | 000,130,560 | ---- | M] () -- C:\Programme\PC Connectivity Solution\Transports\NclUSBSrv.exe
MOD - [2008.02.27 14:52:18 | 000,016,384 | R--- | M] () -- C:\Programme\ATI Technologies\ATI.ACE\Branding\Branding.dll
MOD - [2008.02.22 09:11:02 | 000,120,320 | ---- | M] () -- C:\Programme\PC Connectivity Solution\Transports\NclRSSrv.exe
MOD - [2007.09.11 00:45:04 | 000,124,832 | ---- | M] () -- C:\Programme\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
MOD - [2007.08.20 17:41:12 | 000,233,472 | ---- | M] () -- C:\WINDOWS\system32\WlanApp.dll
MOD - [2003.04.27 15:02:28 | 000,011,264 | R--- | M] () -- C:\Programme\Mindjet\MindManager 5\sys\PDF\ENU\W2K\fmt_xmf.dll
MOD - [2003.02.05 15:22:04 | 000,017,920 | R--- | M] () -- C:\Programme\Mindjet\MindManager 5\sys\PDF\ENU\W2K\xc_local.dll
MOD - [2003.01.23 13:55:00 | 000,018,944 | R--- | M] () -- C:\Programme\Mindjet\MindManager 5\sys\PDF\ENU\W2K\fmt_xcx.dll
MOD - [2003.01.22 17:29:32 | 000,024,576 | R--- | M] () -- C:\Programme\Mindjet\MindManager 5\sys\PDF\ENU\W2K\fmt_jb2.dll
MOD - [2002.07.03 17:38:00 | 000,053,248 | ---- | M] () -- C:\Programme\ArcSoft\Software Suite\PhotoImpression\Share\PIHook.dll
 
 
========== Services (SafeList) ==========
 
SRV - File not found [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService)
SRV - File not found [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\AVM\de_serv.exe -- (de_serv)
SRV - File not found [Auto | Stopped] -- C:\Programme\Symantec\LiveUpdate\ALUSchedulerSvc.exe -- (Automatisches LiveUpdate - Scheduler)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2012.10.07 13:59:14 | 000,722,528 | ---- | M] () [Auto | Running] -- C:\Programme\Gemeinsame Dateien\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe -- (vToolbarUpdater12.2.6)
SRV - [2012.09.23 19:50:08 | 000,250,288 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.09.07 17:04:46 | 000,676,936 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.09.07 17:04:46 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012.08.20 04:53:34 | 000,184,304 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Programme\AVG\AVG2013\avgwdsvc.exe -- (avgwd)
SRV - [2012.08.20 04:52:42 | 005,751,928 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Programme\AVG\AVG2013\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2012.07.18 17:36:52 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.05.29 13:09:52 | 001,528,672 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2012.03.19 21:21:48 | 000,265,928 | ---- | M] (SpeedBit Ltd.) [Auto | Running] -- C:\Programme\SpeedBit Video Accelerator\VideoAcceleratorService.exe -- (VideoAcceleratorService)
SRV - [2012.02.27 00:15:42 | 000,055,144 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010.07.04 19:07:40 | 000,238,952 | ---- | M] (Teruten) [Auto | Running] -- C:\WINDOWS\system32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2009.10.24 03:18:54 | 000,360,224 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Programme\Sony\PMB\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)
SRV - [2009.07.13 23:18:12 | 000,071,096 | ---- | M] () [Auto | Running] -- C:\Programme\CDBurnerXP\NMSAccessU.exe -- (NMSAccessU)
SRV - [2008.10.10 21:52:52 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008.04.07 09:17:30 | 000,430,592 | ---- | M] (Nokia.) [On_Demand | Running] -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2007.09.11 00:45:04 | 000,124,832 | ---- | M] () [Auto | Running] -- C:\Programme\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor6.0)
SRV - [2007.09.07 22:22:24 | 000,204,800 | ---- | M] (UASSOFT.COM) [Auto | Running] -- C:\Programme\Multimedia Mouse Driver\KMWDSrv.exe -- (KMWDSERVICE)
SRV - [2007.01.19 11:49:26 | 000,049,152 | ---- | M] (Wireless Service) [Auto | Stopped] -- C:\Programme\ANI\ANIWZCS2 Service\ANIWZCSdS.exe -- (ANIWZCSdService)
SRV - [2006.09.28 10:20:00 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
SRV - [2006.05.23 23:49:14 | 000,024,576 | ---- | M] (Syntek America Inc.) [Auto | Running] -- C:\WINDOWS\system32\StkASv2K.exe -- (StkASSrv)
SRV - [2005.04.04 00:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2003.07.28 12:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2003.06.19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM)
SRV - [2001.08.18 04:55:00 | 000,086,016 | ---- | M] (PCtel, Inc.) [Auto | Running] -- C:\WINDOWS\system32\pctspk.exe -- (Pctspk)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\DRIVERS\wanatw4.sys -- (wanatw)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRAMME\NORMAN\nvc\BIN\nvcoarc51.sys -- (nvcoarc51)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRAMME\NORMAN\nvc\BIN\nvcoafl51.sys -- (nvcoafl51)
DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] --  -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
DRV - [2012.10.07 13:59:16 | 000,027,496 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtpx86.sys -- (avgtp)
DRV - [2012.09.17 18:58:56 | 000,051,936 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2012.09.14 05:34:34 | 000,089,440 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2012.09.12 11:47:22 | 000,164,704 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2012.09.12 11:47:04 | 000,151,648 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2012.09.07 17:04:46 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012.08.13 16:40:54 | 000,176,096 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2012.08.10 04:52:28 | 000,019,808 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2012.08.10 04:52:18 | 000,035,168 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2012.08.09 13:56:44 | 000,178,656 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\avglogx.sys -- (Avglogx)
DRV - [2012.05.08 15:21:42 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2010.06.14 09:32:54 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2010.05.12 12:23:04 | 000,016,896 | ---- | M] (Danish Wireless Design A/S) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\FlashUSB.sys -- (FlashUSB)
DRV - [2010.04.27 04:25:16 | 000,123,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV - [2010.04.27 04:25:16 | 000,098,432 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bbus.sys -- (ss_bbus)
DRV - [2010.04.27 04:25:16 | 000,014,848 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ss_bmdfl.sys -- (ss_bmdfl)
DRV - [2009.11.17 19:51:38 | 005,956,608 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2009.11.12 14:48:56 | 000,007,168 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2009.05.25 14:35:00 | 000,116,904 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1029unic.sys -- (s1029unic)
DRV - [2009.05.25 14:34:56 | 000,122,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1029mdm.sys -- (s1029mdm)
DRV - [2009.05.25 14:34:56 | 000,090,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1029bus.sys -- (s1029bus)
DRV - [2009.05.25 14:34:56 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1029mdfl.sys -- (s1029mdfl)
DRV - [2009.05.25 14:34:54 | 000,115,880 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1029mgmt.sys -- (s1029mgmt)
DRV - [2009.05.25 14:34:54 | 000,111,912 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1029obex.sys -- (s1029obex)
DRV - [2009.05.25 14:34:54 | 000,026,024 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s1029nd5.sys -- (s1029nd5)
DRV - [2008.10.10 21:26:12 | 000,016,608 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\gdrv.sys -- (gdrv)
DRV - [2008.08.05 20:10:12 | 001,684,736 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2008.06.18 11:23:38 | 003,692,288 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtHDMI.sys -- (RTHDMIAzAudService)
DRV - [2008.04.14 00:15:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2008.03.13 00:09:36 | 002,870,784 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2008.01.15 21:50:52 | 000,459,520 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Dr71WU.sys -- (RT73)
DRV - [2008.01.04 08:10:16 | 000,105,856 | R--- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2007.09.17 15:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007.04.16 16:46:34 | 000,033,792 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdPPM.sys -- (AmdPPM)
DRV - [2006.12.28 18:44:44 | 000,084,992 | R--- | M] (ATI Research Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AtiHdAud.sys -- (HdAudAddService)
DRV - [2006.11.15 17:32:44 | 000,242,139 | ---- | M] (Syntek America Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\StkAMini.sys -- (StkAMini)
DRV - [2006.06.27 18:27:18 | 000,004,772 | ---- | M] (Syntek America Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\StkScan.sys -- (StkScan)
DRV - [2006.01.04 15:41:48 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2005.12.11 11:55:38 | 000,028,195 | ---- | M] (Alpha Networks Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\ANIO.sys -- (ANIO)
DRV - [2005.11.03 15:40:08 | 000,063,488 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfvfs02.sys -- (sfvfs02)
DRV - [2005.08.10 13:44:06 | 000,050,688 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfdrv01.sys -- (sfdrv01)
DRV - [2005.05.16 14:20:40 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sfhlp02.sys -- (sfhlp02)
DRV - [2004.08.03 22:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rtl8139.sys -- (rtl8139)
DRV - [2004.07.16 16:47:14 | 000,014,165 | ---- | M] (Pinnacle Systems GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\Pclepci.sys -- (PCLEPCI)
DRV - [2003.09.19 16:45:48 | 000,021,248 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2001.11.28 10:18:00 | 000,162,304 | ---- | M] (NVIDIA® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nvapu.sys -- (nvnforce)
DRV - [2001.11.28 10:18:00 | 000,013,056 | ---- | M] (NVIDIA® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nvax.sys -- (nvax)
DRV - [2001.11.20 19:20:00 | 000,013,502 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nv_agp.SYS -- (nv_agp)
DRV - [2001.08.17 13:28:16 | 000,397,502 | ---- | M] (PCtel, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\vpctcom.sys -- (Vpctcom)
DRV - [2001.08.17 13:28:16 | 000,064,605 | ---- | M] (PCtel, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\vvoice.sys -- (Vvoice)
DRV - [2001.08.17 13:28:14 | 000,604,253 | ---- | M] (PCTEL, INC.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\vmodem.sys -- (Vmodem)
DRV - [2001.08.17 13:28:14 | 000,112,574 | ---- | M] (PCTEL, INC.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ptserlp.sys -- (Ptserlp)
DRV - [2001.08.17 12:12:02 | 000,063,208 | ---- | M] (Intel Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\dc21x4.sys -- (DC21x4)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-21-874574627-2650805779-3784137826-1007\..\URLSearchHook:  - No CLSID value found
IE - HKU\S-1-5-21-874574627-2650805779-3784137826-1007\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-874574627-2650805779-3784137826-1007\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKU\S-1-5-21-874574627-2650805779-3784137826-1007\..\SearchScopes\{2EB5D0A4-90B5-434A-A3F3-DE492D815145}: "URL" = hxxp://go.1und1.de/suchbox/1und1suche?su={searchTerms}
IE - HKU\S-1-5-21-874574627-2650805779-3784137826-1007\..\SearchScopes\{510D9FB1-B50F-4B4D-81A5-23655474DC2A}: "URL" = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=867034&p={searchTerms}
IE - HKU\S-1-5-21-874574627-2650805779-3784137826-1007\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = https://isearch.avg.com/search?cid={AE015C37-BA16-4005-B6DE-ED61DDD58EFA}&mid=af1e04e899f947d0b701d15edc5cfa45-5e152cbfd45cbc58c155cd03afb1fd0f74c7444c&lang=de&ds=AVG&pr=fr&d=2012-10-07 13:59:18&v=12.2.5.34&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-874574627-2650805779-3784137826-1007\..\SearchScopes\{A42E06CC-6C32-456A-943A-F9F6DFFC39EC}: "URL" = hxxp://go.1und1.de/suchbox/amazon?tag=1und1icon-21&field-keywords={searchTerms}
IE - HKU\S-1-5-21-874574627-2650805779-3784137826-1007\..\SearchScopes\{E08A9998-D98F-476f-8F5C-37C80FE0A4DA}: "URL" = hxxp://de.search.yahoo.com/search?fr=chr-ober&type=gamenextde&p={searchTerms}
IE - HKU\S-1-5-21-874574627-2650805779-3784137826-1007\..\SearchScopes\{E59FA6AF-986F-4597-9196-310659A15010}: "URL" = hxxp://go.web.de/suchbox/google?q={searchTerms}
IE - HKU\S-1-5-21-874574627-2650805779-3784137826-1007\..\SearchScopes\{FB0684CD-9707-4FBA-9FE4-C020B8F68521}: "URL" = hxxp://go.web.de/suchbox/ebay?query={searchTerms}
IE - HKU\S-1-5-21-874574627-2650805779-3784137826-1007\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-874574627-2650805779-3784137826-1007\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q="
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=867034"
FF - prefs.js..browser.search.selectedEngine: "AVG Secure Search"
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledAddons: {F53C93F1-07D5-430c-86D4-C9531B27DFAF}:12.0.0.2189
FF - prefs.js..extensions.enabledAddons: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}:6.0.35
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_4_402_278.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Programme\Gemeinsame Dateien\AVG Secure Search\SiteSafetyInstaller\12.2.6\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_35: C:\WINDOWS\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Programme\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.775: C:\Programme\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.775: C:\Programme\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=1.0.0.0: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.775: C:\Programme\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@zylom.com/ZylomGamesPlayer: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010.09.29 16:28:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\avg@toolbar: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AVG Secure Search\12.2.5.34\ [2012.10.07 13:59:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Programme\Mozilla Firefox\components [2006.11.15 18:49:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2006.11.15 18:49:42 | 000,000,000 | ---D | M]
 
[2008.06.21 17:22:38 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mozilla\Extensions
[2012.10.13 15:53:28 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mozilla\Firefox\Profiles\q091o1qh.default\extensions
[2012.10.07 13:29:20 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mozilla\Firefox\Profiles\q091o1qh.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012.10.07 13:29:20 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mozilla\Firefox\Profiles\q091o1qh.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}
[2011.01.25 22:46:42 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mozilla\Firefox\Profiles\q091o1qh.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2010.07.27 10:41:06 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2006.11.15 18:50:10 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Programme\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2012.10.01 21:41:50 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
File not found (No name found) -- C:\PROGRAMME\AVG\AVG2012\FIREFOX\DONOTTRACK
[2012.07.18 17:36:52 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll
[2009.10.26 16:45:36 | 000,102,400 | ---- | M] (Zylom) -- C:\Programme\mozilla firefox\plugins\npzylomgamesplayer.dll
[2012.06.15 00:46:58 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.10.07 13:59:11 | 000,003,750 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\avg-secure-search.xml
[2012.06.15 00:46:56 | 000,002,252 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml
[2012.06.15 00:46:58 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2012.06.15 00:46:58 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.06.15 00:46:58 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.06.15 00:46:56 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Yahoo! Deutschland ()
CHR - default_search_provider: search_url = hxxp://de.search.yahoo.com/search?ei={inputEncoding}&fr=crmas&p={searchTerms}
CHR - default_search_provider: suggest_url = hxxp://de-sayt.ff.search.yahoo.com/gossip-de-sayt?output=fxjson&command={searchTerms}
CHR - homepage: hxxp://www.google.com/
 
O1 HOSTS File: ([2012.10.07 13:37:46 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1       localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Programme\AVG\AVG2012\avgssie.dll File not found
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Programme\AVG Secure Search\12.2.5.34\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Programme\AVG Secure Search\12.2.5.34\AVG Secure Search_toolbar.dll ()
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Photo Downloader] C:\Programme\Adobe\Photoshop Elements 6.0\apdproxy.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ANIWZCS2Service] C:\Programme\ANI\ANIWZCS2 Service\WZCSLDR2.exe (Wireless Service)
O4 - HKLM..\Run: [APSDaemon] C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_UI] C:\Programme\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Microsoft Works Update Detection] C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkUFind.exe (Microsoft® Corporation)
O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Programme\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation)
O4 - HKLM..\Run: [ROC_ROC_NT] C:\Programme\AVG Secure Search\ROC_ROC_NT.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [vProt] C:\Programme\AVG Secure Search\vprot.exe ()
O4 - HKU\S-1-5-21-874574627-2650805779-3784137826-1007..\Run: [AutoStartNPSAgent] C:\Programme\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKU\S-1-5-21-874574627-2650805779-3784137826-1007..\Run: [SpeedBitVideoAccelerator] C:\Programme\SpeedBit Video Accelerator\VideoAccelerator.exe (SpeedBit LTD)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\MindManager PDF Writer.lnk = C:\Programme\Mindjet\MindManager 5\sys\PDF\ENU\W2K\PDFSaver.exe (Tracker Software Products)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\WISO Mein Steuer-Sparbuch heute.lnk = C:\Programme\WISO\Steuersoftware 2012\mshaktuell.exe ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Programme\SpeedBit Video Accelerator\SBLSP.dll (SpeedBit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Programme\SpeedBit Video Accelerator\SBLSP.dll (SpeedBit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Programme\SpeedBit Video Accelerator\SBLSP.dll (SpeedBit)
O15 - HKU\S-1-5-21-874574627-2650805779-3784137826-1007\..Trusted Domains:   ([]msn in My Computer)
O15 - HKU\S-1-5-21-874574627-2650805779-3784137826-1007\..Trusted Domains: chip.de ([www] http in Vertrauenswürdige Sites)
O15 - HKU\S-1-5-21-874574627-2650805779-3784137826-1007\..Trusted Domains: fritz.box ([]* in Lokales Intranet)
O15 - HKU\S-1-5-21-874574627-2650805779-3784137826-1007\..Trusted Ranges: Range1 ([*] in Lokales Intranet)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {2F0D96B4-7D9D-4767-A657-F7ECC9114887} hxxp://haustein.dyndns.org/IPCamPluginDMPT.cab (EDIMAX IPCamPluginDMPT Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} hxxp://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37361.2830671296 (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A0E1E16A-59D3-4429-82A7-353D7EEE174D}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FEB76918-6009-47F2-A852-A5CF4C5A11DB}: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Programme\AVG\AVG2012\avgpp.dll File not found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Programme\Gemeinsame Dateien\AVG Secure Search\ViProtocolInstaller\12.2.6\ViProtocol.dll ()
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\Reiner\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\Reiner\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
NetSvcs: 6to4 -  File not found
NetSvcs: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
NetSvcs: Ias -  File not found
NetSvcs: Iprip -  File not found
NetSvcs: Irmon -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: WmdmPmSp -  File not found
 
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 0
MsConfig - State: "startup" - 0
 
SafeBootMin: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
 
SafeBootNet: AppMgmt - %SystemRoot%\System32\appmgmts.dll File not found
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: UploadMgr - Service
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
 
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM
ActiveX: {0fde1f56-0d59-4fd7-9624-e3df6b419d0e} - Internet Explorer ReadMe
ActiveX: {0fde1f56-0d59-4fd7-9624-e3df6b419d0f} - IEEX
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vektorgrafik-Rendering (VML)
ActiveX: {166B1BCA-3F9C-11CF-8075-444553540000} - Macromedia Shockwave Director 10.1
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 10.2
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Adobe Shockwave Director 10.2
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {2D5974C5-5185-4f5b-80B6-28015ACDD74C} - q319182
ActiveX: {2eac6a2d-57a8-44d4-96f7-e32bab40ca5f} - Windows Update
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML-Datenbindung für Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Erweitertes Authoring
ActiveX: {429D8DD3-05E0-4F56-B6D6-AC0730567C02} - Euro Update Tool
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015C} - Microsoft DirectX
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5056b317-8d4c-43ee-8543-b9d1e234b8f4} - Sicherheitsupdate für Windows XP (KB923789)
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Webordner
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {8937FCB2-2FC6-4FC3-9FB5-DE2C92DB9C38} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C3C986D6-06B1-43BF-90DD-BE30756C00DE} - RevokedRootsUpdate
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Taskplaner
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Macromedia Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{00E34CBB-C0F7-466F-9A34-D6B120AE2850} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
 
Drivers32: msacm.ac3acm - C:\WINDOWS\System32\ac3acm.acm (fccHandler)
Drivers32: msacm.dvacm - C:\Programme\Gemeinsame Dateien\Ulead Systems\VIO\DVACM.acm (Ulead Systems, Inc.)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\WINDOWS\System32\lameACM.acm (hxxp://www.mp3dev.org/)
Drivers32: msacm.MPEGacm - C:\Programme\Gemeinsame Dateien\Ulead Systems\MPEG\MPEGACM.acm (Ulead Systems, Inc.)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: msacm.ulmp3acm - C:\Programme\Gemeinsame Dateien\Ulead Systems\MPEG\ulmp3acm.acm (Ulead systems)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll ()
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: VIDC.XVID - C:\WINDOWS\System32\xvidvfw.dll ()
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.10.13 15:54:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2012.10.07 14:07:18 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\AVG2013
[2012.10.07 14:00:53 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012.10.07 13:59:26 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AVG Secure Search
[2012.10.07 13:59:18 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\AVG Secure Search
[2012.10.07 13:59:16 | 000,027,496 | ---- | C] (AVG Technologies) -- C:\WINDOWS\System32\drivers\avgtpx86.sys
[2012.10.07 13:59:13 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\AVG Secure Search
[2012.10.07 13:59:12 | 000,000,000 | ---D | C] -- C:\Programme\AVG Secure Search
[2012.10.07 13:56:42 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AVG2013
[2012.10.07 13:51:10 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Reiner\Lokale Einstellungen\Anwendungsdaten\MFAData
[2012.10.07 13:51:10 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Reiner\Lokale Einstellungen\Anwendungsdaten\Avg2013
[2012.10.07 13:29:17 | 000,000,000 | ---D | C] -- C:\_OTL
[2012.10.07 13:26:22 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\TuneUp Software
[2012.10.03 14:24:39 | 000,031,584 | ---- | C] (TuneUp Software) -- C:\WINDOWS\System32\TURegOpt.exe
[2012.10.03 14:24:36 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\TuneUp Utilities 2012
[2012.10.03 14:24:30 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\TuneUp Software
[2012.10.03 14:24:25 | 000,000,000 | ---D | C] -- C:\Programme\TuneUp Utilities 2012
[2012.10.03 14:24:15 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TuneUp Software
[2012.10.03 14:24:09 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{32364CEA-7855-4A3C-B674-53D8E9B97936}
[2012.10.03 13:22:21 | 000,000,000 | ---D | C] -- D:\Reiner\My Albums
[2012.10.03 13:22:21 | 000,000,000 | ---D | C] -- D:\Reiner\ArcSoft
[2012.10.01 21:42:02 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Java
[2012.10.01 21:41:41 | 000,000,000 | ---D | C] -- C:\Programme\Java
[2012.09.23 18:43:49 | 000,000,000 | ---D | C] -- C:\Programme\ESET
[2012.09.16 16:27:38 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Malwarebytes
[2012.09.16 16:27:33 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware
[2012.09.16 16:27:32 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2012.09.16 16:27:31 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012.09.16 16:27:31 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2012.09.16 16:26:42 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Reiner\Desktop\Bundestrojaner
[2007.06.04 10:54:26 | 005,810,216 | ---- | C] (Mozilla) -- C:\Programme\Firefox Setup 2.0.0.4.exe
[2007.05.11 19:18:04 | 005,804,232 | ---- | C] (Mozilla) -- C:\Programme\Firefox Setup 2.0.0.3.exe
[2007.01.19 21:55:40 | 014,843,696 | ---- | C] (Microsoft Corporation) -- C:\Programme\IE7-WindowsXP-x86-deu.exe
[2007.01.19 21:43:09 | 027,066,664 | ---- | C] (Microsoft Corporation) -- C:\Programme\PowerPointViewer.exe
[2005.12.05 18:00:46 | 002,247,888 | ---- | C] (Microsoft Corporation) -- C:\Programme\dsetup32.dll
[2005.12.05 18:00:46 | 000,484,560 | ---- | C] (Microsoft Corporation) -- C:\Programme\DXSETUP.exe
[2005.12.05 18:00:46 | 000,074,448 | ---- | C] (Microsoft Corporation) -- C:\Programme\DSETUP.dll
[2004.11.20 16:31:32 | 003,207,168 | ---- | C] (Mindjet) -- C:\Programme\MindMan.exe
[2004.11.20 16:31:32 | 001,171,456 | ---- | C] (Mindjet) -- C:\Programme\mmlang-ger.dll
[2004.11.20 16:31:31 | 000,761,856 | ---- | C] (Sub Systems, Inc. ) -- C:\Programme\Ter32mm.dll
[2004.11.20 16:31:31 | 000,262,144 | ---- | C] (Inner Media, Inc.) -- C:\Programme\adfactry.dll
[2004.11.20 16:31:31 | 000,221,184 | ---- | C] (Catenary Systems) -- C:\Programme\Vic32.dll
[2004.11.20 16:31:31 | 000,172,032 | ---- | C] (Wintertree Software Inc.) -- C:\Programme\Ssce5332.dll
[2004.11.20 16:31:31 | 000,124,416 | ---- | C] (Inner Media, Inc.) -- C:\Programme\dzip32.dll
[2004.11.20 16:31:31 | 000,096,768 | ---- | C] (Inner Media, Inc.) -- C:\Programme\dunzip32.dll
[2004.11.20 16:31:31 | 000,077,312 | ---- | C] (Inner Media, Inc.) -- C:\Programme\sfxbe322.dll
[2004.11.20 16:31:31 | 000,053,760 | ---- | C] (Inner Media, Inc.) -- C:\Programme\sfxfe32.exe
[2004.11.20 16:31:30 | 000,290,816 | ---- | C] (Sub Systems, Inc. ) -- C:\Programme\Hts32mm.dll
[2002.11.05 05:00:00 | 001,822,520 | ---- | C] (Microsoft Corporation) -- C:\Programme\INSTMSIW.EXE
[2002.11.05 05:00:00 | 001,708,856 | ---- | C] (Microsoft Corporation) -- C:\Programme\INSTMSIA.EXE
[2002.11.05 05:00:00 | 000,102,400 | ---- | C] (Installshield Software Corporation                          ) -- C:\Programme\SETUP.EXE
 
========== Files - Modified Within 30 Days ==========
 
[2012.10.13 15:51:16 | 000,001,374 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.10.13 15:51:00 | 000,001,092 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012.10.13 15:51:00 | 000,000,280 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-874574627-2650805779-3784137826-1018.job
[2012.10.13 15:51:00 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-874574627-2650805779-3784137826-1006.job
[2012.10.13 15:51:00 | 000,000,274 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-874574627-2650805779-3784137826-1017.job
[2012.10.13 15:51:00 | 000,000,272 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-874574627-2650805779-3784137826-1007.job
[2012.10.13 15:50:59 | 000,000,274 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-874574627-2650805779-3784137826-1019.job
[2012.10.13 15:50:21 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.10.13 15:49:00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012.10.13 15:42:27 | 000,000,007 | ---- | M] () -- C:\WINDOWS\System32\ANIWZCSUSERNAME
[2012.10.08 21:17:00 | 000,001,096 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012.10.07 14:25:53 | 000,001,479 | ---- | M] () -- C:\Dokumente und Einstellungen\Reiner\Desktop\Solitär.lnk
[2012.10.07 14:25:53 | 000,001,475 | ---- | M] () -- C:\Dokumente und Einstellungen\Reiner\Desktop\Windows-Explorer.lnk
[2012.10.07 13:59:31 | 000,000,698 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\AVG 2013.lnk
[2012.10.07 13:59:16 | 000,027,496 | ---- | M] (AVG Technologies) -- C:\WINDOWS\System32\drivers\avgtpx86.sys
[2012.10.07 13:37:46 | 000,000,098 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\Hosts
[2012.10.05 18:52:26 | 000,000,280 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-874574627-2650805779-3784137826-1007.job
[2012.10.03 14:24:38 | 000,001,615 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\TuneUp 1-Klick-Wartung.lnk
[2012.10.03 14:24:38 | 000,001,611 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\TuneUp Utilities 2012.lnk
[2012.10.03 13:48:00 | 000,000,288 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-874574627-2650805779-3784137826-1018.job
[2012.09.17 18:58:56 | 000,051,936 | ---- | M] (AVG Technologies CZ, s.r.o. ) -- C:\WINDOWS\System32\drivers\avgidshx.sys
[2012.09.16 16:45:46 | 000,000,660 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.09.16 10:02:18 | 000,000,010 | ---- | M] () -- C:\WINDOWS\System32\ANIWZCSUSERNAME{79CBCEC7-42D8-49E9-AC5D-0957EF2826BF}
[2012.09.16 10:02:14 | 000,000,286 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-874574627-2650805779-3784137826-1006.job
[2012.09.14 05:34:34 | 000,089,440 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys
 
========== Files Created - No Company Name ==========
 
[2012.10.07 13:59:30 | 000,000,698 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\AVG 2013.lnk
[2012.10.03 14:24:37 | 000,001,615 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\TuneUp 1-Klick-Wartung.lnk
[2012.10.03 14:24:37 | 000,001,611 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\TuneUp Utilities 2012.lnk
[2012.10.03 14:24:36 | 000,001,617 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\TuneUp Utilities 2012.lnk
[2012.09.16 16:45:44 | 000,000,660 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.02.15 13:51:54 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011.04.05 12:11:17 | 000,002,528 | ---- | C] () -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\$_hpcst$.hpc
[2011.03.29 08:09:16 | 000,011,264 | ---- | C] () -- C:\WINDOWS\System32\rockusbCoInstaller.dll
[2011.01.30 14:18:22 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\CommonDL.dll
[2011.01.30 14:18:22 | 000,002,413 | ---- | C] () -- C:\WINDOWS\System32\lgAxconfig.ini
[2010.11.07 17:50:22 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009.10.09 15:13:13 | 000,000,045 | ---- | C] () -- C:\Dokumente und Einstellungen\Reiner\jagex_runescape_preferences2.dat
[2009.10.09 15:12:37 | 000,000,038 | ---- | C] () -- C:\Dokumente und Einstellungen\Reiner\jagex_runescape_preferences.dat
[2008.10.16 20:24:27 | 000,000,152 | ---- | C] () -- C:\Dokumente und Einstellungen\Reiner\default.pls
[2008.10.11 10:06:30 | 000,001,604 | ---- | C] () -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\wklnhst.dat
[2006.11.15 18:48:08 | 006,042,312 | ---- | C] () -- C:\Programme\FirefoxGoogleToolbarSetup.exe
[2006.11.14 19:49:09 | 000,155,648 | ---- | C] () -- C:\Programme\Symantec Security.exe
[2006.11.14 19:48:02 | 000,000,637 | ---- | C] () -- C:\Programme\Symantec Security.htm
[2006.05.23 16:20:47 | 000,000,021 | ---- | C] () -- C:\Programme\AVPersonalAVWIN.INI
[2005.12.05 18:28:30 | 003,673,932 | ---- | C] () -- C:\Programme\Dec2005_MDX1_x86_Archive.cab
[2005.12.05 18:28:04 | 001,358,864 | ---- | C] () -- C:\Programme\Dec2005_d3dx9_28_x64.cab
[2005.12.05 18:28:02 | 000,086,925 | ---- | C] () -- C:\Programme\Oct2005_xinput_x64.cab
[2005.12.05 18:28:02 | 000,046,247 | ---- | C] () -- C:\Programme\Oct2005_xinput_x86.cab
[2005.12.05 18:28:02 | 000,041,888 | ---- | C] () -- C:\Programme\dxdllreg_x86.cab
[2005.12.05 18:28:00 | 000,916,806 | ---- | C] () -- C:\Programme\Dec2005_MDX1_x86.cab
[2005.12.05 18:27:58 | 001,080,344 | ---- | C] () -- C:\Programme\Dec2005_d3dx9_28_x86.cab
[2005.12.05 18:00:46 | 000,081,092 | ---- | C] () -- C:\Programme\dxupdate.cab
[2005.12.05 18:00:44 | 001,351,430 | ---- | C] () -- C:\Programme\Aug2005_d3dx9_27_x64.cab
[2005.12.05 18:00:44 | 001,336,890 | ---- | C] () -- C:\Programme\Jun2005_d3dx9_26_x64.cab
[2005.12.05 18:00:44 | 001,248,387 | ---- | C] () -- C:\Programme\Feb2005_d3dx9_24_x64.cab
[2005.12.05 18:00:44 | 001,078,532 | ---- | C] () -- C:\Programme\Aug2005_d3dx9_27_x86.cab
[2005.12.05 18:00:44 | 001,065,813 | ---- | C] () -- C:\Programme\Jun2005_d3dx9_26_x86.cab
[2005.12.05 18:00:44 | 001,014,113 | ---- | C] () -- C:\Programme\Feb2005_d3dx9_24_x86.cab
[2005.12.05 18:00:42 | 013,265,040 | ---- | C] () -- C:\Programme\dxnt.cab
[2005.12.05 18:00:40 | 015,493,481 | ---- | C] () -- C:\Programme\DirectX.cab
[2005.12.05 18:00:40 | 001,156,363 | ---- | C] () -- C:\Programme\BDANT.cab
[2005.12.05 18:00:40 | 000,976,020 | ---- | C] () -- C:\Programme\BDAXP.cab
[2005.12.05 18:00:40 | 000,703,080 | ---- | C] () -- C:\Programme\BDA.cab
[2005.10.27 18:50:12 | 000,002,487 | ---- | C] () -- C:\Programme\Microsoft PowerPoint.lnk
[2004.11.20 16:40:18 | 000,073,664 | -H-- | C] () -- C:\Programme\MindMan.GID
[2004.11.20 16:31:32 | 001,379,900 | ---- | C] () -- C:\Programme\MMConferenceProvider.dll
[2004.11.20 16:31:31 | 000,081,468 | ---- | C] () -- C:\Programme\MindMan.tlb
[2004.11.20 16:31:30 | 000,157,149 | ---- | C] () -- C:\Programme\WiseUpdt.exe
[2004.11.20 16:31:30 | 000,133,988 | R--- | C] () -- C:\Programme\GER_ReleaseNotes.rtf
[2004.11.20 16:31:30 | 000,078,708 | R--- | C] () -- C:\Programme\Versionshinweise.mmp
[2004.11.20 16:31:30 | 000,043,693 | ---- | C] () -- C:\Programme\DeveloperResources.mmp
[2004.11.20 16:31:30 | 000,028,714 | R--- | C] () -- C:\Programme\Open Interface Release Notes.mmp
[2004.11.20 16:31:30 | 000,017,271 | ---- | C] () -- C:\Programme\MindManager 2002 License Agreement.rtf
[2004.11.20 16:31:30 | 000,006,855 | ---- | C] () -- C:\Programme\UNWISE.INI
[2004.11.20 16:31:29 | 000,162,304 | ---- | C] () -- C:\Programme\UNWISE.EXE
[2003.07.01 19:32:34 | 004,073,984 | ---- | C] () -- C:\Programme\Antivir.exe
[2002.11.05 05:00:00 | 018,135,040 | ---- | C] () -- C:\Programme\QCL.MSI
[2002.11.05 05:00:00 | 001,452,803 | ---- | C] () -- C:\Programme\QCL.PDF
[2002.11.05 05:00:00 | 000,320,618 | ---- | C] () -- C:\Programme\LICENSE.PDF
[2002.11.05 05:00:00 | 000,062,686 | ---- | C] () -- C:\Programme\SETUP.INI
[2002.11.05 05:00:00 | 000,021,094 | ---- | C] () -- C:\Programme\EXTRA.CAB
[2002.08.29 20:19:35 | 000,008,704 | ---- | C] () -- C:\Dokumente und Einstellungen\Reiner\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
========== ZeroAccess Check ==========
 
[2008.10.09 22:02:30 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\System32\shdocvw.dll -- [2008.04.14 07:52:26 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\System32\wbem\fastprox.dll -- [2009.02.09 12:51:44 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\System32\wbem\wbemess.dll -- [2008.04.14 07:52:34 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2012.10.07 13:59:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AVG Secure Search
[2012.10.07 13:59:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AVG2013
[2010.06.12 11:01:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Buhl Data Service GmbH
[2010.07.18 14:29:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\BVRP Software
[2009.12.04 21:31:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Canneverbe Limited
[2012.05.27 12:55:30 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Common Files
[2008.10.10 22:00:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\espionServerData
[2009.04.23 08:12:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\F-Secure
[2010.01.14 16:11:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Firefly Studios
[2009.04.23 08:12:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\fssg
[2009.11.18 15:40:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ICQ
[2009.02.20 17:46:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\IEConfiguration1und1
[2012.06.11 18:33:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\iMesh
[2011.01.30 14:18:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\LGMOBILEAX
[2012.10.13 15:45:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MFAData
[2011.09.14 19:24:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MSScanAppDataDir
[2009.11.10 10:25:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Oberon Media
[2010.04.30 15:27:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PC Suite
[2009.05.19 20:22:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Pinnacle
[2010.07.27 10:20:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PopCap Games
[2011.04.05 12:31:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Samsung
[2009.11.10 10:25:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP
[2004.12.25 09:26:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Terzio
[2010.05.16 15:13:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\tmp
[2012.10.03 14:24:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TuneUp Software
[2010.11.25 09:16:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Ulead Systems
[2007.10.31 19:19:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\WinZip
[2010.07.31 13:23:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Zylom
[2012.10.03 14:24:10 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{32364CEA-7855-4A3C-B674-53D8E9B97936}
[2010.04.19 16:13:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2011.03.29 08:09:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{F0489EF2-D393-4114-85BA-A94D71D89543}
[2012.06.11 18:32:30 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{FCC59D3F-C1B9-40B4-9776-50CDD1A7307C}
[2012.05.27 13:18:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\AVG
[2012.05.27 12:56:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\AVG2012
[2010.07.08 18:54:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\Blender Foundation
[2011.05.12 12:09:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\Buhl Data Service
[2010.04.26 14:41:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\Canneverbe Limited
[2009.08.01 13:32:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\Cornelsen
[2010.12.20 16:29:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\DiskAid
[2010.12.19 12:25:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\Dropbox
[2010.04.28 15:16:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\DVDVideoSoftIEHelpers
[2009.05.04 09:02:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\F-Secure
[2010.07.27 10:40:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\FreeFLVConverter
[2002.04.15 08:52:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\InterTrust
[2007.06.02 13:44:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\KIDDINX
[2012.01.12 16:30:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\LibreOffice
[2005.09.11 12:50:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\Mindjet
[2011.02.16 19:27:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\OpenOffice.org
[2007.05.25 12:58:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\Panasonic
[2010.04.23 07:49:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\PC Suite
[2010.12.27 10:44:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\Philips
[2010.12.27 10:22:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\Philips-Songbird
[2010.04.23 07:30:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\Samsung
[2011.03.29 07:52:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\Songbird2
[2010.07.18 14:18:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\Sony
[2010.07.18 14:18:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\Sony Setup
[2008.10.13 09:30:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\Template
[2010.12.20 16:31:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\TuneAid
[2010.04.28 15:19:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1
[2010.11.25 09:27:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\Ulead Systems
[2012.09.14 10:30:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\wincoreimband
[2010.07.31 13:23:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Christine\Anwendungsdaten\Zylom
[2002.04.15 08:52:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Default User\Anwendungsdaten\InterTrust
[2002.04.15 08:52:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Dominik\Anwendungsdaten\InterTrust
[2011.02.13 12:57:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Dominik\Anwendungsdaten\OpenOffice.org
[2010.09.30 22:19:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Dominik\Anwendungsdaten\PC Suite
[2010.11.25 14:21:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Dominik\Anwendungsdaten\Ulead Systems
[2011.05.28 13:28:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jacqueline\Anwendungsdaten\Cornelsen
[2002.04.15 08:52:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jacqueline\Anwendungsdaten\InterTrust
[2010.10.20 15:41:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jacqueline\Anwendungsdaten\PC Suite
[2010.12.30 13:24:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jacqueline\Anwendungsdaten\Philips
[2010.12.30 13:14:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jacqueline\Anwendungsdaten\Philips-Songbird
[2010.11.25 17:25:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jacqueline\Anwendungsdaten\Ulead Systems
[2012.10.07 13:26:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\TuneUp Software
[2012.10.07 13:59:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\AVG Secure Search
[2012.10.07 14:07:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\AVG2013
[2010.06.12 11:07:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Buhl Data Service
[2010.05.02 14:58:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Canneverbe Limited
[2009.12.12 18:40:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Canneverbe_Limited
[2012.03.19 22:17:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\ElevatedDiagnostics
[2009.05.21 12:03:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\F-Secure
[2009.11.18 15:40:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\ICQ
[2002.04.15 08:52:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\InterTrust
[2007.06.03 19:14:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\KIDDINX
[2004.12.04 20:30:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mindjet
[2007.05.01 19:09:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Panasonic
[2010.04.23 18:41:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\PC Suite
[2011.04.05 12:30:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Samsung
[2008.10.11 10:06:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Template
[2012.10.03 14:24:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\TuneUp Software
[2010.12.06 17:35:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Ulead Systems
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %ALLUSERSPROFILE%\Application Data\*. >
[2012.03.19 21:21:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Application Data\Speedbit
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2002.04.15 08:52:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Adobe
[2005.10.22 18:37:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\AdobeUM
[2008.10.14 20:05:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Ahead
[2010.04.20 20:37:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Apple Computer
[2007.05.01 19:03:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Arcsoft
[2008.10.10 22:15:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\ATI
[2012.10.07 13:59:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\AVG Secure Search
[2012.10.07 14:07:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\AVG2013
[2010.06.12 11:07:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Buhl Data Service
[2010.05.02 14:58:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Canneverbe Limited
[2009.12.12 18:40:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Canneverbe_Limited
[2010.09.15 21:23:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\DivX
[2009.10.27 19:33:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\dvdcss
[2012.03.19 22:17:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\ElevatedDiagnostics
[2009.05.21 12:03:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\F-Secure
[2010.06.26 15:58:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Google
[2002.12.04 20:33:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Help
[2010.11.16 19:21:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\HpUpdate
[2009.11.18 15:40:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\ICQ
[2002.04.13 13:59:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Identities
[2007.05.01 18:45:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\InstallShield
[2002.04.15 08:52:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\InterTrust
[2007.06.03 19:14:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\KIDDINX
[2006.04.13 21:04:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Macromedia
[2012.09.16 16:27:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Malwarebytes
[2008.10.14 19:04:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Media Player Classic
[2002.04.13 13:19:18 | 000,000,000 | --SD | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Microsoft
[2004.12.04 20:30:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mindjet
[2006.11.19 11:47:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Mozilla
[2002.10.22 17:32:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\MSN6
[2007.05.01 19:09:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Panasonic
[2010.04.23 18:41:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\PC Suite
[2008.10.16 21:11:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Real
[2011.04.05 12:30:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Samsung
[2011.07.01 18:27:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Sony Corporation
[2006.12.14 22:51:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Sun
[2008.10.11 10:06:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Template
[2012.10.03 14:24:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\TuneUp Software
[2010.12.06 17:35:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Ulead Systems
[2009.12.04 20:52:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\vlc
[2010.12.22 20:59:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\WinRAR
 
< %APPDATA%\*.exe /s >
[2011.01.30 19:06:40 | 000,510,120 | ---- | M] (RealNetworks, Inc.) -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Real\Update\setup3.13\setup.exe
[2012.07.06 05:59:32 | 000,317,048 | ---- | M] (RealNetworks, Inc.) -- C:\Dokumente und Einstellungen\Reiner\Anwendungsdaten\Real\Update\UpgradeHelper\RealPlayer\9.10\rnupgagent.exe
 
< %SYSTEMDRIVE%\*.exe >
 
< MD5 for: AGP440.SYS  >
[2004.08.04 01:10:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008.04.14 08:03:54 | 020,108,202 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2004.08.04 01:10:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:AGP440.sys
[2008.04.14 08:03:54 | 020,108,202 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\7d084ddd2c07c476a226e31c4ef032ff\agp440.sys
[2008.04.14 00:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
[2004.08.03 23:07:42 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=2C428FA0C3E3A01ED93C9B2A27D8D4BB -- C:\WINDOWS\$NtServicePackUninstall$\agp440.sys
 
< MD5 for: ATAPI.SYS  >
[2004.08.04 01:10:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008.04.14 08:03:54 | 020,108,202 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2004.08.04 01:10:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp2.cab:atapi.sys
[2008.04.14 08:03:54 | 020,108,202 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\7d084ddd2c07c476a226e31c4ef032ff\atapi.sys
[2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.03 22:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
 
< MD5 for: EVENTLOG.DLL  >
[2008.04.14 07:52:12 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 04:22:10 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\SoftwareDistribution\Download\7d084ddd2c07c476a226e31c4ef032ff\eventlog.dll
[2008.04.14 07:52:12 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\system32\eventlog.dll
[2004.08.04 00:57:20 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=B932C077D5A65B71B4512544AC404CB4 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
 
< MD5 for: NETLOGON.DLL  >
[2008.04.14 07:52:20 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 04:22:20 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\SoftwareDistribution\Download\7d084ddd2c07c476a226e31c4ef032ff\netlogon.dll
[2008.04.14 07:52:20 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\system32\netlogon.dll
[2004.08.04 00:57:32 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=D27395EDCD3416AFD125A9370DCB585C -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
 
< MD5 for: SCECLI.DLL  >
[2008.04.14 07:52:24 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 04:22:24 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\SoftwareDistribution\Download\7d084ddd2c07c476a226e31c4ef032ff\scecli.dll
[2008.04.14 07:52:24 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\system32\scecli.dll
[2004.08.04 00:57:34 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=64DC26B3CF7BCCAD431CE360A4C625D5 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
 
< MD5 for: USER32.DLL  >
[2007.03.08 17:36:30 | 000,579,072 | ---- | M] (Microsoft Corporation) MD5=492E166CFD26A50FB9160DB536FF7D2B -- C:\WINDOWS\$NtServicePackUninstall$\user32.dll
[2005.03.02 20:19:56 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=4C90159A69A5FD3EB39C71411F28FCFF -- C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\user32.dll
[2007.03.08 17:48:40 | 000,579,584 | ---- | M] (Microsoft Corporation) MD5=78785EFF8CB90CEC1862A4CCFD9A3C3A -- C:\WINDOWS\$hf_mig$\KB925902\SP2QFE\user32.dll
[2008.04.14 07:52:32 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\ServicePackFiles\i386\user32.dll
[2008.04.14 04:22:32 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\SoftwareDistribution\Download\7d084ddd2c07c476a226e31c4ef032ff\user32.dll
[2008.04.14 07:52:32 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\system32\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2008.04.14 07:53:04 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 04:23:04 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\SoftwareDistribution\Download\7d084ddd2c07c476a226e31c4ef032ff\userinit.exe
[2008.04.14 07:53:04 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\system32\userinit.exe
[2004.08.04 00:58:18 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=D1E53DC57143F2584B1DD53B036C0633 -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2004.08.04 00:58:20 | 000,507,392 | ---- | M] (Microsoft Corporation) MD5=2B6A0BAF33A9918F09442D873848FF72 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2012.09.07 17:04:42 | 000,218,696 | ---- | M] () MD5=4E0D8C9F83B7FD82393F7D8CCC27E7AE -- C:\Programme\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2008.04.14 07:53:06 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 04:23:06 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\SoftwareDistribution\Download\7d084ddd2c07c476a226e31c4ef032ff\winlogon.exe
[2008.04.14 07:53:06 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\system32\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2001.08.18 13:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\dllcache\ws2ifsl.sys
[2001.08.18 13:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\drivers\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
[2002.04.13 13:18:10 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2002.04.13 13:18:10 | 000,610,304 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2002.04.13 13:18:10 | 000,401,408 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >

< End of report >

Alt 13.10.2012, 17:20   #27
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Bundespolizei Trojaner sperrt Rechner - Standard

Bundespolizei Trojaner sperrt Rechner


Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Code:
ATTFilter
:OTL
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRAMME\NORMAN\nvc\BIN\nvcoarc51.sys -- (nvcoarc51)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRAMME\NORMAN\nvc\BIN\nvcoafl51.sys -- (nvcoafl51)
:Files
C:\PROGRAMME\NORMAN
ipconfig /flushdns /c
:Commands
[purity]
[emptytemp]
[resethosts]
Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 13.10.2012, 17:48   #28
tschobeuter
 
Bundespolizei Trojaner sperrt Rechner - Standard

Bundespolizei Trojaner sperrt Rechner


Log nach OTL-Fix:

Code:
ATTFilter
All processes killed
========== OTL ==========
Service nvcoarc51 stopped successfully!
Service nvcoarc51 deleted successfully!
File C:\PROGRAMME\NORMAN\nvc\BIN\nvcoarc51.sys not found.
Service nvcoafl51 stopped successfully!
Service nvcoafl51 deleted successfully!
File C:\PROGRAMME\NORMAN\nvc\BIN\nvcoafl51.sys not found.
========== FILES ==========
File\Folder C:\PROGRAMME\NORMAN not found.
< ipconfig /flushdns /c >
Windows-IP-Konfiguration
Der DNS-Auflösungscache wurde geleert.
C:\Dokumente und Einstellungen\Reiner\Desktop\Bundestrojaner\cmd.bat deleted successfully.
C:\Dokumente und Einstellungen\Reiner\Desktop\Bundestrojaner\cmd.txt deleted successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Besitzer
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Christine
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Google Chrome cache emptied: 0 bytes
->Apple Safari cache emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Dominik
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Fabrice
 
User: Jacqueline
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
User: Reiner
->Temp folder emptied: 27541322 bytes
->Temporary Internet Files folder emptied: 108245 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 61146267 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 368446 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 85,00 mb
 
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
OTL by OldTimer - Version 3.2.69.0 log created on 10132012_184459

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Alt 13.10.2012, 20:41   #29
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Bundespolizei Trojaner sperrt Rechner - Standard

Bundespolizei Trojaner sperrt Rechner


Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.

Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

__________________
Logfiles bitte immer in CODE-Tags posten

Alt 13.10.2012, 20:55   #30
tschobeuter
 
Bundespolizei Trojaner sperrt Rechner - Standard

Bundespolizei Trojaner sperrt Rechner


Hallo,
anbei der TDSS-Log:

Code:
ATTFilter
21:51:58.0609 5688  TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24
21:51:58.0937 5688  ============================================================
21:51:58.0937 5688  Current date / time: 2012/10/13 21:51:58.0937
21:51:58.0937 5688  SystemInfo:
21:51:58.0937 5688  
21:51:58.0937 5688  OS Version: 5.1.2600 ServicePack: 3.0
21:51:58.0937 5688  Product type: Workstation
21:51:58.0937 5688  ComputerName: COMPUTER
21:51:58.0937 5688  UserName: Reiner
21:51:58.0937 5688  Windows directory: C:\WINDOWS
21:51:58.0937 5688  System windows directory: C:\WINDOWS
21:51:58.0937 5688  Processor architecture: Intel x86
21:51:58.0937 5688  Number of processors: 3
21:51:58.0937 5688  Page size: 0x1000
21:51:58.0937 5688  Boot type: Normal boot
21:51:58.0937 5688  ============================================================
21:51:59.0968 5688  Drive \Device\Harddisk0\DR0 - Size: 0x4A85C4DE00 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
21:51:59.0984 5688  ============================================================
21:51:59.0984 5688  \Device\Harddisk0\DR0:
21:51:59.0984 5688  MBR partitions:
21:52:00.0000 5688  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0xC19BD5C, BlocksNum 0x19291965
21:52:00.0000 5688  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xC19BCDE
21:52:00.0000 5688  ============================================================
21:52:00.0046 5688  C: <-> \Device\Harddisk0\DR0\Partition2
21:52:00.0062 5688  D: <-> \Device\Harddisk0\DR0\Partition1
21:52:00.0062 5688  ============================================================
21:52:00.0062 5688  Initialize success
21:52:00.0062 5688  ============================================================
21:52:57.0515 2228  ============================================================
21:52:57.0515 2228  Scan started
21:52:57.0515 2228  Mode: Manual; SigCheck; TDLFS; 
21:52:57.0515 2228  ============================================================
21:52:57.0718 2228  ================ Scan system memory ========================
21:52:58.0734 2228  System memory - ok
21:52:58.0734 2228  ================ Scan services =============================
21:52:58.0859 2228  Abiosdsk - ok
21:52:58.0859 2228  abp480n5 - ok
21:52:58.0890 2228  [ AC407F1A62C3A300B4F2B5A9F1D55B2C ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
21:53:00.0046 2228  ACPI - ok
21:53:00.0078 2228  [ 9E1CA3160DAFB159CA14F83B1E317F75 ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys
21:53:00.0234 2228  ACPIEC - ok
21:53:00.0312 2228  [ E8FE4FCE23D2809BD88BCC1D0F8408CE ] AdobeActiveFileMonitor6.0 C:\Programme\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
21:53:00.0312 2228  AdobeActiveFileMonitor6.0 - ok
21:53:00.0359 2228  [ E12CFCF1DDBFC50948A75E6E38793225 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
21:53:00.0375 2228  AdobeFlashPlayerUpdateSvc - ok
21:53:00.0375 2228  adpu160m - ok
21:53:00.0390 2228  [ 8BED39E3C35D6A489438B8141717A557 ] aec             C:\WINDOWS\system32\drivers\aec.sys
21:53:00.0515 2228  aec - ok
21:53:00.0515 2228  [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD             C:\WINDOWS\System32\drivers\afd.sys
21:53:00.0546 2228  AFD - ok
21:53:00.0546 2228  Aha154x - ok
21:53:00.0562 2228  aic78u2 - ok
21:53:00.0578 2228  aic78xx - ok
21:53:00.0609 2228  [ 738D80CC01D7BC7584BE917B7F544394 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
21:53:00.0734 2228  Alerter - ok
21:53:00.0796 2228  [ 190CD73D4984F94D823F9444980513E5 ] ALG             C:\WINDOWS\System32\alg.exe
21:53:00.0890 2228  ALG - ok
21:53:00.0906 2228  AliIde - ok
21:53:00.0953 2228  [ F6AF59D6EEE5E1C304F7F73706AD11D8 ] Ambfilt         C:\WINDOWS\system32\drivers\Ambfilt.sys
21:53:01.0109 2228  Ambfilt - ok
21:53:01.0109 2228  [ 3A0DAFAC778236559C14C7203FB550EB ] AmdK7           C:\WINDOWS\system32\DRIVERS\amdk7.sys
21:53:01.0218 2228  AmdK7 - ok
21:53:01.0250 2228  [ 033448D435E65C4BD72E70521FD05C76 ] AmdPPM          C:\WINDOWS\system32\DRIVERS\AmdPPM.sys
21:53:01.0265 2228  AmdPPM - ok
21:53:01.0265 2228  amsint - ok
21:53:01.0312 2228  [ 920298C7AEF97D8168D219D35975D295 ] ANIO            C:\WINDOWS\system32\ANIO.SYS
21:53:01.0328 2228  ANIO ( UnsignedFile.Multi.Generic ) - warning
21:53:01.0328 2228  ANIO - detected UnsignedFile.Multi.Generic (1)
21:53:01.0359 2228  [ AA3D68F26B2A27F660AFC46039B061A4 ] ANIWZCSdService C:\Programme\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
21:53:01.0375 2228  ANIWZCSdService ( UnsignedFile.Multi.Generic ) - warning
21:53:01.0375 2228  ANIWZCSdService - detected UnsignedFile.Multi.Generic (1)
21:53:01.0406 2228  [ 7EF47644B74EBE721CC32211D3C35E76 ] Apple Mobile Device C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
21:53:01.0421 2228  Apple Mobile Device ( UnsignedFile.Multi.Generic ) - warning
21:53:01.0421 2228  Apple Mobile Device - detected UnsignedFile.Multi.Generic (1)
21:53:01.0421 2228  AppMgmt - ok
21:53:01.0484 2228  [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394         C:\WINDOWS\system32\DRIVERS\arp1394.sys
21:53:01.0593 2228  Arp1394 - ok
21:53:01.0593 2228  asc - ok
21:53:01.0593 2228  asc3350p - ok
21:53:01.0609 2228  asc3550 - ok
21:53:01.0687 2228  [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
21:53:01.0718 2228  aspnet_state - ok
21:53:01.0718 2228  [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
21:53:01.0828 2228  AsyncMac - ok
21:53:01.0828 2228  [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
21:53:01.0937 2228  atapi - ok
21:53:01.0937 2228  Atdisk - ok
21:53:02.0000 2228  [ AB6A44C8A3C64AC89567784145910F49 ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
21:53:02.0046 2228  Ati HotKey Poller - ok
21:53:02.0078 2228  [ E91F1E398FB8A03B5B253A899847294B ] ATI Smart       C:\WINDOWS\system32\ati2sgag.exe
21:53:02.0093 2228  ATI Smart ( UnsignedFile.Multi.Generic ) - warning
21:53:02.0093 2228  ATI Smart - detected UnsignedFile.Multi.Generic (1)
21:53:02.0171 2228  [ A4D1C3CD20C8C595AF1817BB5352ECD6 ] ati2mtag        C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
21:53:02.0250 2228  ati2mtag - ok
21:53:02.0296 2228  [ 9916C1225104BA14794209CFA8012159 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
21:53:02.0421 2228  Atmarpc - ok
21:53:02.0468 2228  [ 58ED0D5452DF7BE732193E7999C6B9A4 ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
21:53:02.0578 2228  AudioSrv - ok
21:53:02.0593 2228  [ D9F724AA26C010A217C97606B160ED68 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
21:53:02.0703 2228  audstub - ok
21:53:02.0703 2228  Automatisches LiveUpdate - Scheduler - ok
21:53:02.0937 2228  [ 1D7D0D5D33D8B1507EC5FBFE332E5657 ] AVGIDSAgent     C:\Programme\AVG\AVG2013\avgidsagent.exe
21:53:03.0140 2228  AVGIDSAgent - ok
21:53:03.0171 2228  [ 9E42E8B6BB7FD68F840003A9FC8F24C8 ] AVGIDSDriver    C:\WINDOWS\system32\DRIVERS\avgidsdriverx.sys
21:53:03.0187 2228  AVGIDSDriver - ok
21:53:03.0218 2228  [ CB77A9743A033E33F8409D235C683D99 ] AVGIDSHX        C:\WINDOWS\system32\DRIVERS\avgidshx.sys
21:53:03.0218 2228  AVGIDSHX - ok
21:53:03.0234 2228  [ 240F106B07CD9B522E2CD9E621618367 ] AVGIDSShim      C:\WINDOWS\system32\DRIVERS\avgidsshimx.sys
21:53:03.0250 2228  AVGIDSShim - ok
21:53:03.0265 2228  [ 7023142C545896D3538C9D36DDC57406 ] Avgldx86        C:\WINDOWS\system32\DRIVERS\avgldx86.sys
21:53:03.0265 2228  Avgldx86 - ok
21:53:03.0281 2228  [ 87E88A36279C8E5869270CC87F5BB7CD ] Avglogx         C:\WINDOWS\system32\DRIVERS\avglogx.sys
21:53:03.0296 2228  Avglogx - ok
21:53:03.0296 2228  [ DACC0743F5313045D5CCA23F8A7CDF68 ] Avgmfx86        C:\WINDOWS\system32\DRIVERS\avgmfx86.sys
21:53:03.0312 2228  Avgmfx86 - ok
21:53:03.0312 2228  [ B8392B63D795A3DE866793220D3559EF ] Avgrkx86        C:\WINDOWS\system32\DRIVERS\avgrkx86.sys
21:53:03.0328 2228  Avgrkx86 - ok
21:53:03.0343 2228  [ 69A4DF4CD2A15AACC0E8D2005D6A04BA ] Avgtdix         C:\WINDOWS\system32\DRIVERS\avgtdix.sys
21:53:03.0359 2228  Avgtdix - ok
21:53:03.0375 2228  [ 3001E24F340D400BFF85935E5777FC5B ] avgtp           C:\WINDOWS\system32\drivers\avgtpx86.sys
21:53:03.0375 2228  avgtp - ok
21:53:03.0390 2228  [ 42F11F37CC06D9AB6528AF2E215B8799 ] avgwd           C:\Programme\AVG\AVG2013\avgwdsvc.exe
21:53:03.0406 2228  avgwd - ok
21:53:03.0437 2228  [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
21:53:03.0562 2228  Beep - ok
21:53:03.0625 2228  [ D6F603772A789BB3228F310D650B8BD1 ] BITS            C:\WINDOWS\system32\qmgr.dll
21:53:03.0734 2228  BITS - ok
21:53:03.0812 2228  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Programme\Bonjour\mDNSResponder.exe
21:53:03.0828 2228  Bonjour Service ( UnsignedFile.Multi.Generic ) - warning
21:53:03.0828 2228  Bonjour Service - detected UnsignedFile.Multi.Generic (1)
21:53:03.0859 2228  [ B71549F23736ADF83A571061C47777FD ] Browser         C:\WINDOWS\System32\browser.dll
21:53:03.0890 2228  Browser - ok
21:53:03.0937 2228  [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
21:53:04.0062 2228  cbidf2k - ok
21:53:04.0078 2228  [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE        C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
21:53:04.0187 2228  CCDECODE - ok
21:53:04.0187 2228  cd20xrnt - ok
21:53:04.0218 2228  [ C1B486A7658353D33A10CC15211A873B ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
21:53:04.0328 2228  Cdaudio - ok
21:53:04.0328 2228  [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
21:53:04.0437 2228  Cdfs - ok
21:53:04.0453 2228  [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
21:53:04.0562 2228  Cdrom - ok
21:53:04.0562 2228  Changer - ok
21:53:04.0640 2228  [ 28E3040D1F1CA2008CD6B29DFEBC9A5E ] cisvc           C:\WINDOWS\system32\cisvc.exe
21:53:04.0734 2228  cisvc - ok
21:53:04.0812 2228  [ 778A30ED3C134EB7E406AFC407E9997D ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
21:53:04.0921 2228  ClipSrv - ok
21:53:04.0984 2228  [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:53:05.0000 2228  clr_optimization_v2.0.50727_32 - ok
21:53:05.0015 2228  CmdIde - ok
21:53:05.0031 2228  COMSysApp - ok
21:53:05.0046 2228  Cpqarray - ok
21:53:05.0078 2228  [ 611F824E5C703A5A899F84C5F1699E4D ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
21:53:05.0187 2228  CryptSvc - ok
21:53:05.0187 2228  dac2w2k - ok
21:53:05.0187 2228  dac960nt - ok
21:53:05.0250 2228  [ BB005CB49D0638039703AC4F67FE0A05 ] DC21x4          C:\WINDOWS\system32\DRIVERS\dc21x4.sys
21:53:05.0343 2228  DC21x4 - ok
21:53:05.0437 2228  [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
21:53:05.0468 2228  DcomLaunch - ok
21:53:05.0468 2228  de_serv - ok
21:53:05.0546 2228  [ C29A1C9B75BA38FA37F8C44405DEC360 ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
21:53:05.0640 2228  Dhcp - ok
21:53:05.0640 2228  [ 044452051F3E02E7963599FC8F4F3E25 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
21:53:05.0734 2228  Disk - ok
21:53:05.0734 2228  dmadmin - ok
21:53:05.0828 2228  [ 0DCFC8395A99FECBB1EF771CEC7FE4EA ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
21:53:05.0953 2228  dmboot - ok
21:53:05.0984 2228  [ 53720AB12B48719D00E327DA470A619A ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
21:53:06.0093 2228  dmio - ok
21:53:06.0109 2228  [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
21:53:06.0203 2228  dmload - ok
21:53:06.0250 2228  [ 25C83FFBBA13B554EB6D59A9B2E2EE78 ] dmserver        C:\WINDOWS\System32\dmserver.dll
21:53:06.0343 2228  dmserver - ok
21:53:06.0359 2228  [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
21:53:06.0468 2228  DMusic - ok
21:53:06.0468 2228  [ 407F3227AC618FD1CA54B335B083DE07 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
21:53:06.0562 2228  Dnscache - ok
21:53:06.0593 2228  [ 676E36C4FF5BCEA1900F44182B9723E6 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
21:53:06.0703 2228  Dot3svc - ok
21:53:06.0703 2228  dpti2o - ok
21:53:06.0718 2228  [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
21:53:06.0812 2228  drmkaud - ok
21:53:06.0890 2228  [ 4E4F2FDDAB0A0736D7671134DCCE91FB ] EapHost         C:\WINDOWS\System32\eapsvc.dll
21:53:06.0984 2228  EapHost - ok
21:53:07.0000 2228  [ 877C18558D70587AA7823A1A308AC96B ] ERSvc           C:\WINDOWS\System32\ersvc.dll
21:53:07.0109 2228  ERSvc - ok
21:53:07.0140 2228  [ A3EDBE9053889FB24AB22492472B39DC ] Eventlog        C:\WINDOWS\system32\services.exe
21:53:07.0156 2228  Eventlog - ok
21:53:07.0171 2228  [ AF4F6B5739D18CA7972AB53E091CBC74 ] EventSystem     C:\WINDOWS\System32\es.dll
21:53:07.0187 2228  EventSystem - ok
21:53:07.0218 2228  [ 38D332A6D56AF32635675F132548343E ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
21:53:07.0312 2228  Fastfat - ok
21:53:07.0343 2228  [ 2DB7D303C36DDD055215052F118E8E75 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
21:53:07.0390 2228  FastUserSwitchingCompatibility - ok
21:53:07.0406 2228  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc             C:\WINDOWS\system32\DRIVERS\fdc.sys
21:53:07.0500 2228  Fdc - ok
21:53:07.0562 2228  [ B0678A548587C5F1967B0D70BACAD6C1 ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
21:53:07.0656 2228  Fips - ok
21:53:07.0671 2228  [ 5575EE5823DE1558F8486EB4E33FFA99 ] FlashUSB        C:\WINDOWS\system32\DRIVERS\FlashUSB.sys
21:53:07.0703 2228  FlashUSB - ok
21:53:07.0750 2228  [ 227846995AFEEFA70D328BF5334A86A5 ] FLEXnet Licensing Service C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
21:53:07.0781 2228  FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning
21:53:07.0781 2228  FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1)
21:53:07.0796 2228  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk        C:\WINDOWS\system32\DRIVERS\flpydisk.sys
21:53:07.0890 2228  Flpydisk - ok
21:53:07.0906 2228  [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
21:53:08.0015 2228  FltMgr - ok
21:53:08.0062 2228  [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
21:53:08.0078 2228  FontCache3.0.0.0 - ok
21:53:08.0109 2228  [ CBE5F69A5E5B918225F420BA748F3742 ] FsUsbExDisk     C:\WINDOWS\system32\FsUsbExDisk.SYS
21:53:08.0109 2228  FsUsbExDisk ( UnsignedFile.Multi.Generic ) - warning
21:53:08.0109 2228  FsUsbExDisk - detected UnsignedFile.Multi.Generic (1)
21:53:08.0125 2228  [ 96633419F4A1E37ACB89B45EBCCFE001 ] FsUsbExService  C:\WINDOWS\system32\FsUsbExService.Exe
21:53:08.0140 2228  FsUsbExService - ok
21:53:08.0156 2228  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
21:53:08.0265 2228  Fs_Rec - ok
21:53:08.0265 2228  [ 8F1955CE42E1484714B542F341647778 ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
21:53:08.0375 2228  Ftdisk - ok
21:53:08.0390 2228  [ 065639773D8B03F33577F6CDAEA21063 ] gameenum        C:\WINDOWS\system32\DRIVERS\gameenum.sys
21:53:08.0484 2228  gameenum - ok
21:53:08.0515 2228  [ 5C230948DD6652228F88CA7AE6CB276C ] gdrv            C:\WINDOWS\gdrv.sys
21:53:08.0515 2228  gdrv - ok
21:53:08.0531 2228  [ 4AC51459805264AFFD5F6FDFB9D9235F ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
21:53:08.0546 2228  GEARAspiWDM - ok
21:53:08.0562 2228  [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
21:53:08.0671 2228  Gpc - ok
21:53:08.0781 2228  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Programme\Google\Update\GoogleUpdate.exe
21:53:08.0796 2228  gupdate - ok
21:53:08.0796 2228  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Programme\Google\Update\GoogleUpdate.exe
21:53:08.0812 2228  gupdatem - ok
21:53:08.0843 2228  [ 56BF27D7A539F9E6BBC1DE201ABA0EDF ] HdAudAddService C:\WINDOWS\system32\drivers\AtiHdAud.sys
21:53:08.0859 2228  HdAudAddService ( UnsignedFile.Multi.Generic ) - warning
21:53:08.0859 2228  HdAudAddService - detected UnsignedFile.Multi.Generic (1)
21:53:08.0875 2228  [ 3FCC124B6E08EE0E9351F717DD136939 ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
21:53:08.0875 2228  HDAudBus ( UnsignedFile.Multi.Generic ) - warning
21:53:08.0875 2228  HDAudBus - detected UnsignedFile.Multi.Generic (1)
21:53:08.0921 2228  [ CB66BF85BF599BEFD6C6A57C2E20357F ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
21:53:09.0015 2228  helpsvc - ok
21:53:09.0062 2228  [ B35DA85E60C0103F2E4104532DA2F12B ] HidServ         C:\WINDOWS\System32\hidserv.dll
21:53:09.0156 2228  HidServ - ok
21:53:09.0171 2228  [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
21:53:09.0281 2228  HidUsb - ok
21:53:09.0312 2228  [ ED29F14101523A6E0E808107405D452C ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
21:53:09.0406 2228  hkmsvc - ok
21:53:09.0406 2228  hpn - ok
21:53:09.0406 2228  hpt3xx - ok
21:53:09.0515 2228  [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
21:53:09.0562 2228  HTTP - ok
21:53:09.0593 2228  [ 9E4ADB854CEBCFB81A4B36718FEECD16 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
21:53:09.0687 2228  HTTPFilter - ok
21:53:09.0703 2228  i2omgmt - ok
21:53:09.0718 2228  i2omp - ok
21:53:09.0750 2228  [ E283B97CFBEB86C1D86BAED5F7846A92 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys
21:53:09.0843 2228  i8042prt - ok
21:53:09.0890 2228  [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT        C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
21:53:09.0906 2228  IDriverT ( UnsignedFile.Multi.Generic ) - warning
21:53:09.0906 2228  IDriverT - detected UnsignedFile.Multi.Generic (1)
21:53:09.0968 2228  [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc           C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
21:53:10.0015 2228  idsvc - ok
21:53:10.0031 2228  [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
21:53:10.0125 2228  Imapi - ok
21:53:10.0187 2228  [ D4B413AA210C21E46AEDD2BA5B68D38E ] ImapiService    C:\WINDOWS\System32\imapi.exe
21:53:10.0296 2228  ImapiService - ok
21:53:10.0312 2228  ini910u - ok
21:53:10.0484 2228  [ 20946E2DB7709120B961BCEFD4737C53 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
21:53:10.0671 2228  IntcAzAudAddService - ok
21:53:10.0671 2228  IntelIde - ok
21:53:10.0750 2228  [ 3BB22519A194418D5FEC05D800A19AD0 ] ip6fw           C:\WINDOWS\system32\drivers\ip6fw.sys
21:53:10.0843 2228  ip6fw - ok
21:53:10.0859 2228  [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
21:53:10.0984 2228  IpFilterDriver - ok
21:53:11.0062 2228  [ B87AB476DCF76E72010632B5550955F5 ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
21:53:11.0171 2228  IpInIp - ok
21:53:11.0171 2228  [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
21:53:11.0265 2228  IpNat - ok
21:53:11.0328 2228  [ CE004777B92DEA56FE14EC900D20BAA4 ] iPod Service    C:\Programme\iPod\bin\iPodService.exe
21:53:11.0375 2228  iPod Service ( UnsignedFile.Multi.Generic ) - warning
21:53:11.0375 2228  iPod Service - detected UnsignedFile.Multi.Generic (1)
21:53:11.0375 2228  [ 23C74D75E36E7158768DD63D92789A91 ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
21:53:11.0468 2228  IPSec - ok
21:53:11.0484 2228  [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
21:53:11.0593 2228  IRENUM - ok
21:53:11.0625 2228  [ 6DFB88F64135C525433E87648BDA30DE ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
21:53:11.0718 2228  isapnp - ok
21:53:11.0765 2228  [ 0E410EDC8D0527801B899CF29E60597C ] JavaQuickStarterService C:\Programme\Java\jre6\bin\jqs.exe
21:53:11.0781 2228  JavaQuickStarterService ( UnsignedFile.Multi.Generic ) - warning
21:53:11.0781 2228  JavaQuickStarterService - detected UnsignedFile.Multi.Generic (1)
21:53:11.0781 2228  [ 1704D8C4C8807B889E43C649B478A452 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
21:53:11.0875 2228  Kbdclass - ok
21:53:11.0890 2228  [ B6D6C117D771C98130497265F26D1882 ] kbdhid          C:\WINDOWS\system32\DRIVERS\kbdhid.sys
21:53:11.0984 2228  kbdhid - ok
21:53:12.0015 2228  [ 692BCF44383D056AED41B045A323D378 ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
21:53:12.0109 2228  kmixer - ok
21:53:12.0187 2228  [ DC877E76A3C5179EA6256269925FA917 ] KMWDSERVICE     C:\Programme\Multimedia Mouse Driver\KMWDSrv.exe
21:53:12.0203 2228  KMWDSERVICE ( UnsignedFile.Multi.Generic ) - warning
21:53:12.0203 2228  KMWDSERVICE - detected UnsignedFile.Multi.Generic (1)
21:53:12.0203 2228  [ B467646C54CC746128904E1654C750C1 ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
21:53:12.0250 2228  KSecDD - ok
21:53:12.0265 2228  [ 2BBDCB79900990F0716DFCB714E72DE7 ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll
21:53:12.0296 2228  lanmanserver - ok
21:53:12.0328 2228  [ 1869B14B06B44B44AF70548E1EA3303F ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
21:53:12.0359 2228  lanmanworkstation - ok
21:53:12.0359 2228  lbrtfdc - ok
21:53:12.0390 2228  [ 636714B7D43C8D0C80449123FD266920 ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
21:53:12.0484 2228  LmHosts - ok
21:53:12.0500 2228  [ 65E794E86468B61F2BC79ABC48BC4433 ] MBAMProtector   C:\WINDOWS\system32\drivers\mbam.sys
21:53:12.0500 2228  MBAMProtector - ok
21:53:12.0546 2228  [ 0DCF16B1449811EFA47AB52CAC84093C ] MBAMScheduler   C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe
21:53:12.0562 2228  MBAMScheduler - ok
21:53:12.0593 2228  [ 9EAABA4D601004BEA4DAA6E146E19A96 ] MBAMService     C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
21:53:12.0625 2228  MBAMService - ok
21:53:12.0703 2228  [ 11F714F85530A2BD134074DC30E99FCA ] MDM             C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE
21:53:12.0734 2228  MDM - ok
21:53:12.0750 2228  [ B7550A7107281D170CE85524B1488C98 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
21:53:12.0843 2228  Messenger - ok
21:53:12.0875 2228  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
21:53:12.0984 2228  mnmdd - ok
21:53:13.0000 2228  [ C2F1D365FD96791B037EE504868065D3 ] mnmsrvc         C:\WINDOWS\System32\mnmsrvc.exe
21:53:13.0093 2228  mnmsrvc - ok
21:53:13.0109 2228  [ 6FB74EBD4EC57A6F1781DE3852CC3362 ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
21:53:13.0203 2228  Modem - ok
21:53:13.0218 2228  [ 1992E0D143B09653AB0F9C5E04B0FD65 ] MODEMCSA        C:\WINDOWS\system32\drivers\MODEMCSA.sys
21:53:13.0343 2228  MODEMCSA - ok
21:53:13.0390 2228  [ 9FA7207D1B1ADEAD88AE8EED9CDBBAA5 ] Monfilt         C:\WINDOWS\system32\drivers\Monfilt.sys
21:53:13.0500 2228  Monfilt - ok
21:53:13.0515 2228  [ B24CE8005DEAB254C0251E15CB71D802 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
21:53:13.0625 2228  Mouclass - ok
21:53:13.0703 2228  [ 66A6F73C74E1791464160A7065CE711A ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
21:53:13.0812 2228  mouhid - ok
21:53:13.0828 2228  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
21:53:13.0921 2228  MountMgr - ok
21:53:13.0984 2228  [ 46297FA8E30A6007F14118FC2B942FBC ] MozillaMaintenance C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe
21:53:14.0000 2228  MozillaMaintenance - ok
21:53:14.0000 2228  mraid35x - ok
21:53:14.0031 2228  [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
21:53:14.0125 2228  MRxDAV - ok
21:53:14.0140 2228  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
21:53:14.0187 2228  MRxSmb - ok
21:53:14.0234 2228  [ 35A031AF38C55F92D28AA03EE9F12CC9 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
21:53:14.0328 2228  MSDTC - ok
21:53:14.0343 2228  [ C941EA2454BA8350021D774DAF0F1027 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
21:53:14.0437 2228  Msfs - ok
21:53:14.0437 2228  MSIServer - ok
21:53:14.0453 2228  [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
21:53:14.0546 2228  MSKSSRV - ok
21:53:14.0546 2228  [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
21:53:14.0640 2228  MSPCLOCK - ok
21:53:14.0656 2228  [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
21:53:14.0750 2228  MSPQM - ok
21:53:14.0812 2228  [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
21:53:14.0921 2228  mssmbios - ok
21:53:14.0937 2228  [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
21:53:15.0046 2228  MSTEE - ok
21:53:15.0046 2228  [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
21:53:15.0062 2228  Mup - ok
21:53:15.0093 2228  [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC        C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
21:53:15.0187 2228  NABTSFEC - ok
21:53:15.0234 2228  [ 46BB15AE2AC7D025D6D2567B876817BD ] napagent        C:\WINDOWS\System32\qagentrt.dll
21:53:15.0328 2228  napagent - ok
21:53:15.0328 2228  [ 1DF7F42665C94B825322FAE71721130D ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
21:53:15.0437 2228  NDIS - ok
21:53:15.0468 2228  [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP          C:\WINDOWS\system32\DRIVERS\NdisIP.sys
21:53:15.0578 2228  NdisIP - ok
21:53:15.0593 2228  [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
21:53:15.0593 2228  NdisTapi - ok
21:53:15.0625 2228  [ F927A4434C5028758A842943EF1A3849 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
21:53:15.0718 2228  Ndisuio - ok
21:53:15.0734 2228  [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
21:53:15.0828 2228  NdisWan - ok
21:53:15.0828 2228  [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
21:53:15.0875 2228  NDProxy - ok
21:53:15.0890 2228  [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
21:53:15.0984 2228  NetBIOS - ok
21:53:16.0000 2228  [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
21:53:16.0093 2228  NetBT - ok
21:53:16.0109 2228  [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDE          C:\WINDOWS\system32\netdde.exe
21:53:16.0203 2228  NetDDE - ok
21:53:16.0218 2228  [ 8ACE4251BFFD09CE75679FE940E996CC ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
21:53:16.0312 2228  NetDDEdsdm - ok
21:53:16.0328 2228  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] Netlogon        C:\WINDOWS\System32\lsass.exe
21:53:16.0421 2228  Netlogon - ok
21:53:16.0437 2228  [ E6D88F1F6745BF00B57E7855A2AB696C ] Netman          C:\WINDOWS\System32\netman.dll
21:53:16.0531 2228  Netman - ok
21:53:16.0562 2228  [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:53:16.0578 2228  NetTcpPortSharing - ok
21:53:16.0593 2228  [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394         C:\WINDOWS\system32\DRIVERS\nic1394.sys
21:53:16.0687 2228  NIC1394 - ok
21:53:16.0718 2228  [ F1B67B6B0751AE0E6E964B02821206A3 ] Nla             C:\WINDOWS\System32\mswsock.dll
21:53:16.0765 2228  Nla - ok
21:53:16.0765 2228  NMIndexingService - ok
21:53:16.0843 2228  [ FD306FBCCE7ADB1077B709742E7148E9 ] NMSAccessU      C:\Programme\CDBurnerXP\NMSAccessU.exe
21:53:16.0843 2228  NMSAccessU - ok
21:53:16.0859 2228  [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
21:53:16.0953 2228  Npfs - ok
21:53:16.0984 2228  [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
21:53:17.0093 2228  Ntfs - ok
21:53:17.0109 2228  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] NtLmSsp         C:\WINDOWS\System32\lsass.exe
21:53:17.0203 2228  NtLmSsp - ok
21:53:17.0250 2228  [ 56AF4064996FA5BAC9C449B1514B4770 ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
21:53:17.0359 2228  NtmsSvc - ok
21:53:17.0406 2228  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null            C:\WINDOWS\system32\drivers\Null.sys
21:53:17.0593 2228  Null - ok
21:53:17.0609 2228  [ 1BCA5933BA79223109EE506E3C338618 ] nvax            C:\WINDOWS\system32\drivers\nvax.sys
21:53:17.0640 2228  nvax - ok
21:53:17.0687 2228  [ 629E14A453238A4413012230ED0589C4 ] nvnforce        C:\WINDOWS\system32\drivers\nvapu.sys
21:53:17.0718 2228  nvnforce - ok
21:53:17.0718 2228  [ EF5BACFC62DF9EE2842DB2599E2A92D1 ] nv_agp          C:\WINDOWS\system32\DRIVERS\nv_agp.sys
21:53:17.0765 2228  nv_agp - ok
21:53:17.0796 2228  [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
21:53:17.0921 2228  NwlnkFlt - ok
21:53:17.0937 2228  [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
21:53:18.0078 2228  NwlnkFwd - ok
21:53:18.0078 2228  [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394        C:\WINDOWS\system32\DRIVERS\ohci1394.sys
21:53:18.0171 2228  ohci1394 - ok
21:53:18.0250 2228  [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose             C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
21:53:18.0265 2228  ose - ok
21:53:18.0296 2228  [ F84785660305B9B903FB3BCA8BA29837 ] Parport         C:\WINDOWS\system32\DRIVERS\parport.sys
21:53:18.0390 2228  Parport - ok
21:53:18.0390 2228  [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
21:53:18.0484 2228  PartMgr - ok
21:53:18.0500 2228  [ C2BF987829099A3EAA2CA6A0A90ECB4F ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
21:53:18.0625 2228  ParVdm - ok
21:53:18.0687 2228  [ 175CC28DCF819F78CAA3FBD44AD9E52A ] pccsmcfd        C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
21:53:18.0718 2228  pccsmcfd - ok
21:53:18.0734 2228  [ 387E8DEDC343AA2D1EFBC30580273ACD ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
21:53:18.0812 2228  PCI - ok
21:53:18.0828 2228  PCIDump - ok
21:53:18.0828 2228  [ 59BA86D9A61CBCF4DF8E598C331F5B82 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
21:53:18.0937 2228  PCIIde - ok
21:53:18.0953 2228  [ 1BEBE7DE8508A02650CDCE45C664C2A2 ] PCLEPCI         C:\WINDOWS\system32\drivers\pclepci.sys
21:53:18.0953 2228  PCLEPCI ( UnsignedFile.Multi.Generic ) - warning
21:53:18.0953 2228  PCLEPCI - detected UnsignedFile.Multi.Generic (1)
21:53:18.0984 2228  [ A2A966B77D61847D61A3051DF87C8C97 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
21:53:19.0078 2228  Pcmcia - ok
21:53:19.0109 2228  [ 6BA38AFE1C381E49D7ADD3010FF0ECC0 ] Pctspk          C:\WINDOWS\system32\pctspk.exe
21:53:19.0218 2228  Pctspk - ok
21:53:19.0234 2228  PDCOMP - ok
21:53:19.0250 2228  PDFRAME - ok
21:53:19.0281 2228  PDRELI - ok
21:53:19.0296 2228  PDRFRAME - ok
21:53:19.0312 2228  perc2 - ok
21:53:19.0328 2228  perc2hib - ok
21:53:19.0421 2228  [ 6C1618A07B49E3873582B6449E744088 ] pfc             C:\WINDOWS\system32\drivers\pfc.sys
21:53:19.0437 2228  pfc ( UnsignedFile.Multi.Generic ) - warning
21:53:19.0437 2228  pfc - detected UnsignedFile.Multi.Generic (1)
21:53:19.0453 2228  [ A3EDBE9053889FB24AB22492472B39DC ] PlugPlay        C:\WINDOWS\system32\services.exe
21:53:19.0468 2228  PlugPlay - ok
21:53:19.0531 2228  [ 627FA58ADC043704F9D14CA44340956F ] PMBDeviceInfoProvider C:\Programme\Sony\PMB\PMBDeviceInfoProvider.exe
21:53:19.0546 2228  PMBDeviceInfoProvider - ok
21:53:19.0578 2228  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] PolicyAgent     C:\WINDOWS\System32\lsass.exe
21:53:19.0656 2228  PolicyAgent - ok
21:53:19.0671 2228  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
21:53:19.0781 2228  PptpMiniport - ok
21:53:19.0796 2228  [ 2CB55427C58679F49AD600FCCBA76360 ] Processor       C:\WINDOWS\system32\DRIVERS\processr.sys
21:53:19.0875 2228  Processor - ok
21:53:19.0890 2228  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
21:53:19.0984 2228  ProtectedStorage - ok
21:53:19.0984 2228  [ 09298EC810B07E5D582CB3A3F9255424 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
21:53:20.0078 2228  PSched - ok
21:53:20.0078 2228  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
21:53:20.0187 2228  Ptilink - ok
21:53:20.0203 2228  [ ACE8FE0E920CB8FBA057C024EAD33F84 ] Ptserlp         C:\WINDOWS\system32\DRIVERS\ptserlp.sys
21:53:20.0312 2228  Ptserlp - ok
21:53:20.0312 2228  [ E42E3433DBB4CFFE8FDD91EAB29AEA8E ] PxHelp20        C:\WINDOWS\system32\Drivers\PxHelp20.sys
21:53:20.0328 2228  PxHelp20 - ok
21:53:20.0343 2228  ql1080 - ok
21:53:20.0375 2228  Ql10wnt - ok
21:53:20.0406 2228  ql12160 - ok
21:53:20.0421 2228  ql1240 - ok
21:53:20.0421 2228  ql1280 - ok
21:53:20.0453 2228  [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
21:53:20.0546 2228  RasAcd - ok
21:53:20.0640 2228  [ F5BA6CACCDB66C8F048E867563203246 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
21:53:20.0734 2228  RasAuto - ok
21:53:20.0828 2228  [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
21:53:20.0921 2228  Rasl2tp - ok
21:53:20.0968 2228  [ F9A7B66EA345726EDB5862A46B1ECCD5 ] RasMan          C:\WINDOWS\System32\rasmans.dll
21:53:21.0093 2228  RasMan - ok
21:53:21.0093 2228  [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
21:53:21.0187 2228  RasPppoe - ok
21:53:21.0187 2228  [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
21:53:21.0296 2228  Raspti - ok
21:53:21.0328 2228  [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
21:53:21.0421 2228  Rdbss - ok
21:53:21.0421 2228  [ 4912D5B403614CE99C28420F75353332 ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
21:53:21.0531 2228  RDPCDD - ok
21:53:21.0578 2228  [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
21:53:21.0593 2228  RDPWD - ok
21:53:21.0625 2228  [ 263AF18AF0F3DB99F574C95F284CCEC9 ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
21:53:21.0718 2228  RDSessMgr - ok
21:53:21.0750 2228  [ ED761D453856F795A7FE056E42C36365 ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
21:53:21.0828 2228  redbook - ok
21:53:21.0859 2228  [ 0E97EC96D6942CEEC2D188CC2EB69A01 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
21:53:21.0968 2228  RemoteAccess - ok
21:53:22.0015 2228  [ 2A02E21867497DF20B8FC95631395169 ] RpcLocator      C:\WINDOWS\System32\locator.exe
21:53:22.0109 2228  RpcLocator - ok
21:53:22.0140 2228  [ 3127AFBF2C1ED0AB14A1BBB7AAECB85B ] RpcSs           C:\WINDOWS\system32\rpcss.dll
21:53:22.0156 2228  RpcSs - ok
21:53:22.0171 2228  [ 4BDD71B4B521521499DFD14735C4F398 ] RSVP            C:\WINDOWS\System32\rsvp.exe
21:53:22.0281 2228  RSVP - ok
21:53:22.0312 2228  [ C7BCF9808E2A1B4CABE16FF7FBCE5FAB ] RT73            C:\WINDOWS\system32\DRIVERS\Dr71WU.sys
21:53:22.0343 2228  RT73 - ok
21:53:22.0421 2228  [ 442E7CB4A7936C93F41A0AD080BB48C5 ] RTHDMIAzAudService C:\WINDOWS\system32\drivers\RtHDMI.sys
21:53:22.0562 2228  RTHDMIAzAudService - ok
21:53:22.0593 2228  [ D507C1400284176573224903819FFDA3 ] rtl8139         C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
21:53:22.0671 2228  rtl8139 - ok
21:53:22.0687 2228  [ 89619EF503F949FAE09252A8B883EE11 ] RTLE8023xp      C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
21:53:22.0718 2228  RTLE8023xp - ok
21:53:22.0734 2228  [ 69013A123A00B3042C260B0056DF0152 ] s1029bus        C:\WINDOWS\system32\DRIVERS\s1029bus.sys
21:53:22.0765 2228  s1029bus - ok
21:53:22.0765 2228  [ 1565FC31F872963FE8AF471123D8424C ] s1029mdfl       C:\WINDOWS\system32\DRIVERS\s1029mdfl.sys
21:53:22.0781 2228  s1029mdfl - ok
21:53:22.0796 2228  [ D67A8042ECF6C983AC0E308B36603677 ] s1029mdm        C:\WINDOWS\system32\DRIVERS\s1029mdm.sys
21:53:22.0812 2228  s1029mdm - ok
21:53:22.0828 2228  [ 9AC56F06C1E13A963C82EBD067FDF274 ] s1029mgmt       C:\WINDOWS\system32\DRIVERS\s1029mgmt.sys
21:53:22.0843 2228  s1029mgmt - ok
21:53:22.0859 2228  [ 00C66C6BAAFB2747F15F94F15888C94A ] s1029nd5        C:\WINDOWS\system32\DRIVERS\s1029nd5.sys
21:53:22.0859 2228  s1029nd5 - ok
21:53:22.0875 2228  [ 6FC093ABA554E45755DC2F3896B6C8D7 ] s1029obex       C:\WINDOWS\system32\DRIVERS\s1029obex.sys
21:53:22.0890 2228  s1029obex - ok
21:53:22.0906 2228  [ 9979B0E68815394665B2109B03D15FA1 ] s1029unic       C:\WINDOWS\system32\DRIVERS\s1029unic.sys
21:53:22.0921 2228  s1029unic - ok
21:53:22.0937 2228  [ AFB8261B56CBA0D86AEB6DF682AF9785 ] SamSs           C:\WINDOWS\system32\lsass.exe
21:53:23.0031 2228  SamSs - ok
21:53:23.0078 2228  [ DCEC079FAD95D36C8DD5CB6D779DFE32 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
21:53:23.0187 2228  SCardSvr - ok
21:53:23.0203 2228  [ A050194A44D7FA8D7186ED2F4E8367AE ] Schedule        C:\WINDOWS\system32\schedsvc.dll
21:53:23.0312 2228  Schedule - ok
21:53:23.0328 2228  [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
21:53:23.0421 2228  Secdrv - ok
21:53:23.0437 2228  [ BEE4CFD1D48C23B44CF4B974B0B79B2B ] seclogon        C:\WINDOWS\System32\seclogon.dll
21:53:23.0546 2228  seclogon - ok
21:53:23.0578 2228  [ 2AAC9B6ED9EDDFFB721D6452E34D67E3 ] SENS            C:\WINDOWS\system32\sens.dll
21:53:23.0687 2228  SENS - ok
21:53:23.0703 2228  [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum         C:\WINDOWS\system32\DRIVERS\serenum.sys
21:53:23.0812 2228  serenum - ok
21:53:23.0828 2228  [ CF24EB4F0412C82BCD1F4F35A025E31D ] Serial          C:\WINDOWS\system32\DRIVERS\serial.sys
21:53:23.0921 2228  Serial - ok
21:53:23.0968 2228  [ 9D38320BB32230349379DF5DDBBF7FCE ] ServiceLayer    C:\Programme\PC Connectivity Solution\ServiceLayer.exe
21:53:23.0984 2228  ServiceLayer ( UnsignedFile.Multi.Generic ) - warning
21:53:23.0984 2228  ServiceLayer - detected UnsignedFile.Multi.Generic (1)
21:53:24.0046 2228  [ 4C0D673281178CB496011A2E28571FC8 ] sfdrv01         C:\WINDOWS\system32\drivers\sfdrv01.sys
21:53:24.0046 2228  sfdrv01 ( UnsignedFile.Multi.Generic ) - warning
21:53:24.0046 2228  sfdrv01 - detected UnsignedFile.Multi.Generic (1)
21:53:24.0062 2228  [ 15BE2B5E4DC5B8623CF167720682ABC9 ] sfhlp02         C:\WINDOWS\system32\drivers\sfhlp02.sys
21:53:24.0062 2228  sfhlp02 ( UnsignedFile.Multi.Generic ) - warning
21:53:24.0062 2228  sfhlp02 - detected UnsignedFile.Multi.Generic (1)
21:53:24.0093 2228  [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
21:53:24.0203 2228  Sfloppy - ok
21:53:24.0203 2228  [ D5A7E09D2C6A702809E49190D52ADC9F ] sfvfs02         C:\WINDOWS\system32\drivers\sfvfs02.sys
21:53:24.0203 2228  sfvfs02 ( UnsignedFile.Multi.Generic ) - warning
21:53:24.0203 2228  sfvfs02 - detected UnsignedFile.Multi.Generic (1)
21:53:24.0250 2228  [ CAD058D5F8B889A87CA3EB3CF624DCEF ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
21:53:24.0343 2228  SharedAccess - ok
21:53:24.0390 2228  [ 2DB7D303C36DDD055215052F118E8E75 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
21:53:24.0406 2228  ShellHWDetection - ok
21:53:24.0421 2228  Simbad - ok
21:53:24.0453 2228  [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP            C:\WINDOWS\system32\DRIVERS\SLIP.sys
21:53:24.0562 2228  SLIP - ok
21:53:24.0562 2228  Sparrow - ok
21:53:24.0578 2228  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
21:53:24.0671 2228  splitter - ok
21:53:24.0703 2228  [ 60784F891563FB1B767F70117FC2428F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
21:53:24.0734 2228  Spooler - ok
21:53:24.0734 2228  [ 50FA898F8C032796D3B1B9951BB5A90F ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
21:53:24.0843 2228  sr - ok
21:53:24.0921 2228  [ FE77A85495065F3AD59C5C65B6C54182 ] srservice       C:\WINDOWS\System32\srsvc.dll
21:53:25.0015 2228  srservice - ok
21:53:25.0031 2228  [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
21:53:25.0046 2228  Srv - ok
21:53:25.0062 2228  [ 4DF5B05DFAEC29E13E1ED6F6EE12C500 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
21:53:25.0156 2228  SSDPSRV - ok
21:53:25.0218 2228  [ 3F0164FBC0BD1ADBD02DF9759181451A ] ss_bbus         C:\WINDOWS\system32\DRIVERS\ss_bbus.sys
21:53:25.0234 2228  ss_bbus - ok
21:53:25.0281 2228  [ B89D62206034E5FE573C80A24DD55675 ] ss_bmdfl        C:\WINDOWS\system32\DRIVERS\ss_bmdfl.sys
21:53:25.0281 2228  ss_bmdfl - ok
21:53:25.0296 2228  [ 1ED0FCEA586FE2A416EE15196E5631DD ] ss_bmdm         C:\WINDOWS\system32\DRIVERS\ss_bmdm.sys
21:53:25.0312 2228  ss_bmdm - ok
21:53:25.0328 2228  [ F92254B0BCFCD10CAAC7BCCC7CB7F467 ] StarOpen        C:\WINDOWS\system32\drivers\StarOpen.sys
21:53:25.0328 2228  StarOpen ( UnsignedFile.Multi.Generic ) - warning
21:53:25.0328 2228  StarOpen - detected UnsignedFile.Multi.Generic (1)
21:53:25.0359 2228  [ BC2C5985611C5356B24AEB370953DED9 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
21:53:25.0468 2228  stisvc - ok
21:53:25.0500 2228  [ 36ED459E9130E6D07FA66FACA1E491D0 ] StkAMini        C:\WINDOWS\system32\Drivers\StkAMini.sys
21:53:25.0515 2228  StkAMini ( UnsignedFile.Multi.Generic ) - warning
21:53:25.0515 2228  StkAMini - detected UnsignedFile.Multi.Generic (1)
21:53:25.0546 2228  [ 5CCFE3B03F97005D221BA897C9A20B38 ] StkASSrv        C:\WINDOWS\System32\StkASv2K.exe
21:53:25.0546 2228  StkASSrv ( UnsignedFile.Multi.Generic ) - warning
21:53:25.0546 2228  StkASSrv - detected UnsignedFile.Multi.Generic (1)
21:53:25.0578 2228  [ DF29245097F6DE1CA9861C75DF7FBE42 ] StkScan         C:\WINDOWS\system32\Drivers\StkScan.sys
21:53:25.0578 2228  StkScan ( UnsignedFile.Multi.Generic ) - warning
21:53:25.0578 2228  StkScan - detected UnsignedFile.Multi.Generic (1)
21:53:25.0609 2228  [ 77813007BA6265C4B6098187E6ED79D2 ] streamip        C:\WINDOWS\system32\DRIVERS\StreamIP.sys
21:53:25.0703 2228  streamip - ok
21:53:25.0703 2228  [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
21:53:25.0812 2228  swenum - ok
21:53:25.0828 2228  [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
21:53:25.0921 2228  swmidi - ok
21:53:25.0921 2228  SwPrv - ok
21:53:25.0968 2228  symc810 - ok
21:53:25.0984 2228  symc8xx - ok
21:53:25.0984 2228  sym_hi - ok
21:53:26.0000 2228  sym_u3 - ok
21:53:26.0031 2228  [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
21:53:26.0125 2228  sysaudio - ok
21:53:26.0140 2228  [ 2903FFFA2523926D6219428040DCE6B9 ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
21:53:26.0234 2228  SysmonLog - ok
21:53:26.0312 2228  [ 05903CAC4B98908D55EA5774775B382E ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
21:53:26.0421 2228  TapiSrv - ok
21:53:26.0437 2228  [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
21:53:26.0468 2228  Tcpip - ok
21:53:26.0484 2228  [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
21:53:26.0593 2228  TDPIPE - ok
21:53:26.0656 2228  [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
21:53:26.0750 2228  TDTCP - ok
21:53:26.0765 2228  [ 88155247177638048422893737429D9E ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
21:53:26.0890 2228  TermDD - ok
21:53:26.0921 2228  [ B7DE02C863D8F5A005A7BF375375A6A4 ] TermService     C:\WINDOWS\System32\termsrv.dll
21:53:27.0015 2228  TermService - ok
21:53:27.0046 2228  [ 2DB7D303C36DDD055215052F118E8E75 ] Themes          C:\WINDOWS\System32\shsvcs.dll
21:53:27.0046 2228  Themes - ok
21:53:27.0062 2228  TosIde - ok
21:53:27.0093 2228  [ 626504572B175867F30F3215C04B3E2F ] TrkWks          C:\WINDOWS\system32\trkwks.dll
21:53:27.0187 2228  TrkWks - ok
21:53:27.0281 2228  [ AF5F31156EE89D35AD6EC3179A805D23 ] TuneUp.UtilitiesSvc C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe
21:53:27.0343 2228  TuneUp.UtilitiesSvc - ok
21:53:27.0359 2228  [ F2107C9D85EC0DF116939CCCE06AE697 ] TuneUpUtilitiesDrv C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys
21:53:27.0375 2228  TuneUpUtilitiesDrv - ok
21:53:27.0390 2228  [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
21:53:27.0500 2228  Udfs - ok
21:53:27.0515 2228  [ F13DA74969897359A88F2A739F54A250 ] UleadBurningHelper C:\Programme\Gemeinsame Dateien\Ulead Systems\DVD\ULCDRSvr.exe
21:53:27.0531 2228  UleadBurningHelper ( UnsignedFile.Multi.Generic ) - warning
21:53:27.0531 2228  UleadBurningHelper - detected UnsignedFile.Multi.Generic (1)
21:53:27.0531 2228  ultra - ok
21:53:27.0578 2228  [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
21:53:27.0671 2228  Update - ok
21:53:27.0687 2228  [ 1DFD8975D8C89214B98D9387C1125B49 ] upnphost        C:\WINDOWS\System32\upnphost.dll
21:53:27.0796 2228  upnphost - ok
21:53:27.0875 2228  [ 9B11E6118958E63E1FEF129466E2BDA7 ] UPS             C:\WINDOWS\System32\ups.exe
21:53:27.0984 2228  UPS - ok
21:53:28.0015 2228  [ EAFE1E00739AFE6C51487A050E772E17 ] USBAAPL         C:\WINDOWS\system32\Drivers\usbaapl.sys
21:53:28.0046 2228  USBAAPL - ok
21:53:28.0062 2228  [ E919708DB44ED8543A7C017953148330 ] usbaudio        C:\WINDOWS\system32\drivers\usbaudio.sys
21:53:28.0156 2228  usbaudio - ok
21:53:28.0250 2228  [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
21:53:28.0328 2228  usbccgp - ok
21:53:28.0343 2228  [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
21:53:28.0437 2228  usbehci - ok
21:53:28.0453 2228  [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
21:53:28.0546 2228  usbhub - ok
21:53:28.0546 2228  [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci         C:\WINDOWS\system32\DRIVERS\usbohci.sys
21:53:28.0656 2228  usbohci - ok
21:53:28.0656 2228  [ A717C8721046828520C9EDF31288FC00 ] usbprint        C:\WINDOWS\system32\DRIVERS\usbprint.sys
21:53:28.0765 2228  usbprint - ok
21:53:28.0781 2228  [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
21:53:28.0875 2228  usbscan - ok
21:53:28.0890 2228  [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
21:53:28.0984 2228  USBSTOR - ok
21:53:29.0015 2228  [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
21:53:29.0093 2228  VgaSave - ok
21:53:29.0109 2228  ViaIde - ok
21:53:29.0203 2228  VideoAcceleratorService - ok
21:53:29.0218 2228  [ B289D19DF6103352D3C4B13C0ED79331 ] Vmodem          C:\WINDOWS\system32\DRIVERS\vmodem.sys
21:53:29.0343 2228  Vmodem - ok
21:53:29.0343 2228  [ A5A712F4E880874A477AF790B5186E1D ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
21:53:29.0437 2228  VolSnap - ok
21:53:29.0453 2228  [ 4A4448332075C5A909DF123C21616B2A ] Vpctcom         C:\WINDOWS\system32\DRIVERS\vpctcom.sys
21:53:29.0562 2228  Vpctcom - ok
21:53:29.0593 2228  [ 68F106273BE29E7B7EF8266977268E78 ] VSS             C:\WINDOWS\System32\vssvc.exe
21:53:29.0703 2228  VSS - ok
21:53:29.0765 2228  [ 40DBA03782BCC10685A8C200C5EBDCD0 ] vToolbarUpdater12.2.6 C:\Programme\Gemeinsame Dateien\AVG Secure Search\vToolbarUpdater\12.2.6\ToolbarUpdater.exe
21:53:29.0796 2228  vToolbarUpdater12.2.6 - ok
21:53:29.0812 2228  [ 120E61AAC05F00C867A32DE493DAB9B4 ] Vvoice          C:\WINDOWS\system32\DRIVERS\vvoice.sys
21:53:29.0937 2228  Vvoice - ok
21:53:29.0968 2228  [ 7B353059E665F8B7AD2BBEAEF597CF45 ] W32Time         C:\WINDOWS\System32\w32time.dll
21:53:30.0062 2228  W32Time - ok
21:53:30.0093 2228  [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
21:53:30.0187 2228  Wanarp - ok
21:53:30.0187 2228  wanatw - ok
21:53:30.0203 2228  WDICA - ok
21:53:30.0234 2228  [ 6768ACF64B18196494413695F0C3A00F ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
21:53:30.0328 2228  wdmaud - ok
21:53:30.0359 2228  [ 81727C9873E3905A2FFC1EBD07265002 ] WebClient       C:\WINDOWS\System32\webclnt.dll
21:53:30.0453 2228  WebClient - ok
21:53:30.0500 2228  [ 6F3F3973D97714CC5F906A19FE883729 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
21:53:30.0593 2228  winmgmt - ok
21:53:30.0640 2228  [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll
21:53:30.0671 2228  WmdmPmSN - ok
21:53:30.0687 2228  [ C42584FD66CE9E17403AEBCA199F7BDB ] WmiAcpi         C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
21:53:30.0781 2228  WmiAcpi - ok
21:53:30.0796 2228  [ 93908111BA57A6E60EC2FA2DE202105C ] WmiApSrv        C:\WINDOWS\System32\wbem\wmiapsrv.exe
21:53:30.0906 2228  WmiApSrv - ok
21:53:30.0968 2228  [ BF05650BB7DF5E9EBDD25974E22403BB ] WMPNetworkSvc   C:\Programme\Windows Media Player\WMPNetwk.exe
21:53:31.0015 2228  WMPNetworkSvc - ok
21:53:31.0046 2228  [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb          C:\WINDOWS\system32\DRIVERS\wpdusb.sys
21:53:31.0046 2228  WpdUsb - ok
21:53:31.0062 2228  [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL         C:\WINDOWS\System32\drivers\ws2ifsl.sys
21:53:31.0187 2228  WS2IFSL - ok
21:53:31.0281 2228  [ 300B3E84FAF1A5C1F791C159BA28035D ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
21:53:31.0390 2228  wscsvc - ok
21:53:31.0453 2228  [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC        C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
21:53:31.0546 2228  WSTCODEC - ok
21:53:31.0562 2228  [ 7B4FE05202AA6BF9F4DFD0E6A0D8A085 ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
21:53:31.0656 2228  wuauserv - ok
21:53:31.0671 2228  [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf          C:\WINDOWS\system32\DRIVERS\WudfPf.sys
21:53:31.0687 2228  WudfPf - ok
21:53:31.0718 2228  [ 28B524262BCE6DE1F7EF9F510BA3985B ] WUDFRd          C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
21:53:31.0718 2228  WUDFRd - ok
21:53:31.0781 2228  [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc         C:\WINDOWS\System32\WUDFSvc.dll
21:53:31.0781 2228  WudfSvc - ok
21:53:31.0828 2228  [ C4F109C005F6725162D2D12CA751E4A7 ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
21:53:31.0953 2228  WZCSVC - ok
21:53:31.0968 2228  [ 0ADA34871A2E1CD2CAAFED1237A47750 ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
21:53:32.0062 2228  xmlprov - ok
21:53:32.0140 2228  ================ Scan global ===============================
21:53:32.0171 2228  [ 2C60091CA5F67C3032EAB3B30390C27F ] C:\WINDOWS\system32\basesrv.dll
21:53:32.0187 2228  [ A28CE25B59C90E12743001A1F2AE3613 ] C:\WINDOWS\system32\winsrv.dll
21:53:32.0187 2228  [ A28CE25B59C90E12743001A1F2AE3613 ] C:\WINDOWS\system32\winsrv.dll
21:53:32.0203 2228  [ A3EDBE9053889FB24AB22492472B39DC ] C:\WINDOWS\system32\services.exe
21:53:32.0203 2228  [Global] - ok
21:53:32.0203 2228  ================ Scan MBR ==================================
21:53:32.0218 2228  [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0
21:53:32.0468 2228  \Device\Harddisk0\DR0 - ok
21:53:32.0468 2228  ================ Scan VBR ==================================
21:53:32.0468 2228  [ 4BFDFE95002E5679A679E218E6EFB6C3 ] \Device\Harddisk0\DR0\Partition1
21:53:32.0468 2228  \Device\Harddisk0\DR0\Partition1 - ok
21:53:32.0484 2228  [ 54CE3B04204F138F9A18802F3B723008 ] \Device\Harddisk0\DR0\Partition2
21:53:32.0484 2228  \Device\Harddisk0\DR0\Partition2 - ok
21:53:32.0484 2228  ============================================================
21:53:32.0484 2228  Scan finished
21:53:32.0484 2228  ============================================================
21:53:32.0593 2256  Detected object count: 24
21:53:32.0593 2256  Actual detected object count: 24
21:54:06.0843 2256  ANIO ( UnsignedFile.Multi.Generic ) - skipped by user
21:54:06.0843 2256  ANIO ( UnsignedFile.Multi.Generic ) - User select action: Skip 
21:54:06.0859 2256  ANIWZCSdService ( UnsignedFile.Multi.Generic ) - skipped by user
21:54:06.0859 2256  ANIWZCSdService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
21:54:06.0875 2256  Apple Mobile Device ( UnsignedFile.Multi.Generic ) - skipped by user
21:54:06.0875 2256  Apple Mobile Device ( UnsignedFile.Multi.Generic ) - User select action: Skip 
21:54:06.0875 2256  ATI Smart ( UnsignedFile.Multi.Generic ) - skipped by user
21:54:06.0875 2256  ATI Smart ( UnsignedFile.Multi.Generic ) - User select action: Skip 
21:54:06.0875 2256  Bonjour Service ( UnsignedFile.Multi.Generic ) - skipped by user
21:54:06.0875 2256  Bonjour Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 
21:54:06.0890 2256  FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
21:54:06.0890 2256  FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 
21:54:06.0890 2256  FsUsbExDisk ( UnsignedFile.Multi.Generic ) - skipped by user
21:54:06.0890 2256  FsUsbExDisk ( UnsignedFile.Multi.Generic ) - User select action: Skip 
21:54:06.0890 2256  HdAudAddService ( UnsignedFile.Multi.Generic ) - skipped by user
21:54:06.0890 2256  HdAudAddService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
21:54:06.0890 2256  HDAudBus ( UnsignedFile.Multi.Generic ) - skipped by user
21:54:06.0890 2256  HDAudBus ( UnsignedFile.Multi.Generic ) - User select action: Skip 
21:54:06.0906 2256  IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
21:54:06.0906 2256  IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip 
21:54:06.0906 2256  iPod Service ( UnsignedFile.Multi.Generic ) - skipped by user
21:54:06.0906 2256  iPod Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 
21:54:06.0906 2256  JavaQuickStarterService ( UnsignedFile.Multi.Generic ) - skipped by user
21:54:06.0906 2256  JavaQuickStarterService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
21:54:06.0921 2256  KMWDSERVICE ( UnsignedFile.Multi.Generic ) - skipped by user
21:54:06.0921 2256  KMWDSERVICE ( UnsignedFile.Multi.Generic ) - User select action: Skip 
21:54:06.0921 2256  PCLEPCI ( UnsignedFile.Multi.Generic ) - skipped by user
21:54:06.0921 2256  PCLEPCI ( UnsignedFile.Multi.Generic ) - User select action: Skip 
21:54:06.0921 2256  pfc ( UnsignedFile.Multi.Generic ) - skipped by user
21:54:06.0921 2256  pfc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
21:54:06.0937 2256  ServiceLayer ( UnsignedFile.Multi.Generic ) - skipped by user
21:54:06.0937 2256  ServiceLayer ( UnsignedFile.Multi.Generic ) - User select action: Skip 
21:54:06.0937 2256  sfdrv01 ( UnsignedFile.Multi.Generic ) - skipped by user
21:54:06.0937 2256  sfdrv01 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
21:54:06.0937 2256  sfhlp02 ( UnsignedFile.Multi.Generic ) - skipped by user
21:54:06.0937 2256  sfhlp02 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
21:54:06.0953 2256  sfvfs02 ( UnsignedFile.Multi.Generic ) - skipped by user
21:54:06.0953 2256  sfvfs02 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
21:54:06.0953 2256  StarOpen ( UnsignedFile.Multi.Generic ) - skipped by user
21:54:06.0953 2256  StarOpen ( UnsignedFile.Multi.Generic ) - User select action: Skip 
21:54:06.0953 2256  StkAMini ( UnsignedFile.Multi.Generic ) - skipped by user
21:54:06.0953 2256  StkAMini ( UnsignedFile.Multi.Generic ) - User select action: Skip 
21:54:06.0968 2256  StkASSrv ( UnsignedFile.Multi.Generic ) - skipped by user
21:54:06.0968 2256  StkASSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 
21:54:06.0968 2256  StkScan ( UnsignedFile.Multi.Generic ) - skipped by user
21:54:06.0968 2256  StkScan ( UnsignedFile.Multi.Generic ) - User select action: Skip 
21:54:06.0984 2256  UleadBurningHelper ( UnsignedFile.Multi.Generic ) - skipped by user
21:54:06.0984 2256  UleadBurningHelper ( UnsignedFile.Multi.Generic ) - User select action: Skip

Antwort
Seite 2 von 4 1 2 34

Themen zu Bundespolizei Trojaner sperrt Rechner
bekannte, bundestrojaner, chaos, combofix, desktop, frage, geld, gen, glaube, großes, infizierte, infizierten, interne, internet, laufen, lieber, netzwerk, offline, rechner, sauber, schlau, sperrt, troja, trojaner, versucht


« Trojaner typ schickt mir ganze Zeit PW nachrichten ! | PUP.crossfire.SA in HKCU/Software/InstalledBrowserExtensions »


Ähnliche Themen: Bundespolizei Trojaner sperrt Rechner


  1. Bundespolizei sperrt ihren Browser. PC funktioniert noch und habe ich Trojaner aufm PC?
    Plagegeister aller Art und deren Bekämpfung - 12.12.2013 (11)
  2. Bundespolizei-Trojaner "Light" - sperrt nur Browser, aber wie?
    Alles rund um Windows - 22.09.2013 (9)
  3. GVU/Bundespolizei Trojaner mit Zugriff auf Webcam sperrt Windows 7 komplett
    Log-Analyse und Auswertung - 19.07.2013 (7)
  4. Trojaner sperrt Rechner / Win 7
    Plagegeister aller Art und deren Bekämpfung - 13.11.2012 (3)
  5. GVU (Bundespolizei) Trojaner mit Webcam sperrt Laptop
    Log-Analyse und Auswertung - 24.10.2012 (2)
  6. bundespolizei trojaner sperrt computer hilfe
    Plagegeister aller Art und deren Bekämpfung - 05.10.2012 (4)
  7. Trojaner Bundespolizei sperrt PC!
    Plagegeister aller Art und deren Bekämpfung - 03.10.2012 (12)
  8. Bundespolizei Trojaner sperrt den PC
    Log-Analyse und Auswertung - 26.08.2012 (13)
  9. Bundespolizei Trojaner sperrt Bildschirm
    Plagegeister aller Art und deren Bekämpfung - 24.08.2012 (16)
  10. Bundespolizei Trojaner sperrt den PC (desktop) sobald ich ihn anmache
    Plagegeister aller Art und deren Bekämpfung - 14.08.2012 (26)
  11. GVU/Bundespolizei sperrt Rechner, 100€ Zahlung
    Plagegeister aller Art und deren Bekämpfung - 10.08.2012 (1)
  12. Bundespolizei- Malware die mir den Rechner sperrt
    Plagegeister aller Art und deren Bekämpfung - 26.07.2012 (1)
  13. Bundespolizei Trojaner sperrt meinen Internetzugang!
    Log-Analyse und Auswertung - 11.07.2012 (17)
  14. GVU Trojaner sperrt das System sobald der Rechner am Internet hängt.
    Log-Analyse und Auswertung - 05.07.2012 (1)
  15. Ukash - Bundespolizei Trojaner sperrt Rechner
    Plagegeister aller Art und deren Bekämpfung - 05.03.2012 (3)
  16. Bundespolizei Trojaner sperrt Laptop
    Plagegeister aller Art und deren Bekämpfung - 21.12.2011 (12)
  17. BKA sperrt Rechner Trojaner - OTL Scan Log
    Log-Analyse und Auswertung - 12.07.2011 (3)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Bundespolizei Trojaner sperrt Rechner - Zu deinen Fragen: 1.) Ich habe den Eindruck, es geht wieder alles normal und uneingeschränkt. 2.) Es fehlt ein Eintrag unter Alle Programme von Firefly Studios -> Stronghold Crusaders, obwohl - Bundespolizei Trojaner sperrt Rechner...
Archiv
Du betrachtest: Bundespolizei Trojaner sperrt Rechner auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55