PC neu aufgsetzt, zufälliger GMER Scan->rootkit ? Es ist was schlimmes passiert! Ich habe wohl meinen PC irgendwie ebenfalls verseucht. Kann es der USB Stick gewesen sein, der eig. mit Panda Vacc immunisiert war?
Nun hab ich Angst, da auf dem PC meine Uni-Sachen drauf sind und ... Oh mein Gott.
Ich habe daher auch mal von meinem Desktop Sys ein Aswmbr und ein GMemer gemacht und Deine Schritte 1:1 übernommen. Hoffe das war OK so.
Tut mir leid dass das so chaotisch verläuft, aber DAS war wirklich nicht beabsichtigt.
Ohne meinen Desktop PC habe ich kein Netz, evtl. sollten wir kurz die Priorität dynamisch anpassen zu meinen Gunsten, Danke im Voraus.
Code:
Alles auswählen Aufklappen ATTFilter
ComboFix 13-04-24.01 - Jochen 24.04.2013 6:52.3.4 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.49.1033.18.8191.6765 [GMT 2:00]
ausgeführt von:: G:\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\PolicyDefinitions
c:\windows\PolicyDefinitions\ActiveXInstallService.admx
c:\windows\PolicyDefinitions\AddRemovePrograms.admx
c:\windows\PolicyDefinitions\AppCompat.admx
c:\windows\PolicyDefinitions\AttachmentManager.admx
c:\windows\PolicyDefinitions\AutoPlay.admx
c:\windows\PolicyDefinitions\Biometrics.admx
c:\windows\PolicyDefinitions\Bits.admx
c:\windows\PolicyDefinitions\CEIPEnable.admx
c:\windows\PolicyDefinitions\CipherSuiteOrder.admx
c:\windows\PolicyDefinitions\COM.admx
c:\windows\PolicyDefinitions\Conf.admx
c:\windows\PolicyDefinitions\ControlPanel.admx
c:\windows\PolicyDefinitions\ControlPanelDisplay.admx
c:\windows\PolicyDefinitions\Cpls.admx
c:\windows\PolicyDefinitions\CredentialProviders.admx
c:\windows\PolicyDefinitions\CredSsp.admx
c:\windows\PolicyDefinitions\CredUI.admx
c:\windows\PolicyDefinitions\CtrlAltDel.admx
c:\windows\PolicyDefinitions\DCOM.admx
c:\windows\PolicyDefinitions\de-DE\ActiveXInstallService.adml
c:\windows\PolicyDefinitions\de-DE\AddRemovePrograms.adml
c:\windows\PolicyDefinitions\de-DE\AppCompat.adml
c:\windows\PolicyDefinitions\de-DE\AttachmentManager.adml
c:\windows\PolicyDefinitions\de-DE\AutoPlay.adml
c:\windows\PolicyDefinitions\de-DE\Biometrics.adml
c:\windows\PolicyDefinitions\de-DE\Bits.adml
c:\windows\PolicyDefinitions\de-DE\CEIPEnable.adml
c:\windows\PolicyDefinitions\de-DE\CipherSuiteOrder.adml
c:\windows\PolicyDefinitions\de-DE\COM.adml
c:\windows\PolicyDefinitions\de-DE\Conf.adml
c:\windows\PolicyDefinitions\de-DE\ControlPanel.adml
c:\windows\PolicyDefinitions\de-DE\ControlPanelDisplay.adml
c:\windows\PolicyDefinitions\de-DE\Cpls.adml
c:\windows\PolicyDefinitions\de-DE\CredentialProviders.adml
c:\windows\PolicyDefinitions\de-DE\CredSsp.adml
c:\windows\PolicyDefinitions\de-DE\CredUI.adml
c:\windows\PolicyDefinitions\de-DE\CtrlAltDel.adml
c:\windows\PolicyDefinitions\de-DE\DCOM.adml
c:\windows\PolicyDefinitions\de-DE\Desktop.adml
c:\windows\PolicyDefinitions\de-DE\DeviceInstallation.adml
c:\windows\PolicyDefinitions\de-DE\DeviceRedirection.adml
c:\windows\PolicyDefinitions\de-DE\DFS.adml
c:\windows\PolicyDefinitions\de-DE\DigitalLocker.adml
c:\windows\PolicyDefinitions\de-DE\DiskDiagnostic.adml
c:\windows\PolicyDefinitions\de-DE\DiskNVCache.adml
c:\windows\PolicyDefinitions\de-DE\DiskQuota.adml
c:\windows\PolicyDefinitions\de-DE\DistributedLinkTracking.adml
c:\windows\PolicyDefinitions\de-DE\DnsClient.adml
c:\windows\PolicyDefinitions\de-DE\DWM.adml
c:\windows\PolicyDefinitions\de-DE\EncryptFilesonMove.adml
c:\windows\PolicyDefinitions\de-DE\EnhancedStorage.adml
c:\windows\PolicyDefinitions\de-DE\ErrorReporting.adml
c:\windows\PolicyDefinitions\de-DE\EventForwarding.adml
c:\windows\PolicyDefinitions\de-DE\EventLog.adml
c:\windows\PolicyDefinitions\de-DE\EventViewer.adml
c:\windows\PolicyDefinitions\de-DE\Explorer.adml
c:\windows\PolicyDefinitions\de-DE\FileRecovery.adml
c:\windows\PolicyDefinitions\de-DE\FileSys.adml
c:\windows\PolicyDefinitions\de-DE\FolderRedirection.adml
c:\windows\PolicyDefinitions\de-DE\FramePanes.adml
c:\windows\PolicyDefinitions\de-DE\fthsvc.adml
c:\windows\PolicyDefinitions\de-DE\GameExplorer.adml
c:\windows\PolicyDefinitions\de-DE\Globalization.adml
c:\windows\PolicyDefinitions\de-DE\GroupPolicy.adml
c:\windows\PolicyDefinitions\de-DE\Help.adml
c:\windows\PolicyDefinitions\de-DE\HelpAndSupport.adml
c:\windows\PolicyDefinitions\de-DE\HotStart.adml
c:\windows\PolicyDefinitions\de-DE\ICM.adml
c:\windows\PolicyDefinitions\de-DE\IIS.adml
c:\windows\PolicyDefinitions\de-DE\InetRes.adml
c:\windows\PolicyDefinitions\de-DE\InkWatson.adml
c:\windows\PolicyDefinitions\de-DE\InputPersonalization.adml
c:\windows\PolicyDefinitions\de-DE\iSCSI.adml
c:\windows\PolicyDefinitions\de-DE\Kerberos.adml
c:\windows\PolicyDefinitions\de-DE\LanmanServer.adml
c:\windows\PolicyDefinitions\de-DE\LeakDiagnostic.adml
c:\windows\PolicyDefinitions\de-DE\LinkLayerTopologyDiscovery.adml
c:\windows\PolicyDefinitions\de-DE\Logon.adml
c:\windows\PolicyDefinitions\de-DE\MediaCenter.adml
c:\windows\PolicyDefinitions\de-DE\MMC.adml
c:\windows\PolicyDefinitions\de-DE\MMCSnapins.adml
c:\windows\PolicyDefinitions\de-DE\MobilePCMobilityCenter.adml
c:\windows\PolicyDefinitions\de-DE\MobilePCPresentationSettings.adml
c:\windows\PolicyDefinitions\de-DE\MSDT.adml
c:\windows\PolicyDefinitions\de-DE\Msi-FileRecovery.adml
c:\windows\PolicyDefinitions\de-DE\MSI.adml
c:\windows\PolicyDefinitions\de-DE\NCSI.adml
c:\windows\PolicyDefinitions\de-DE\Netlogon.adml
c:\windows\PolicyDefinitions\de-DE\NetworkConnections.adml
c:\windows\PolicyDefinitions\de-DE\NetworkProjection.adml
c:\windows\PolicyDefinitions\de-DE\OfflineFiles.adml
c:\windows\PolicyDefinitions\de-DE\P2P-pnrp.adml
c:\windows\PolicyDefinitions\de-DE\ParentalControls.adml
c:\windows\PolicyDefinitions\de-DE\pca.adml
c:\windows\PolicyDefinitions\de-DE\PeerToPeerCaching.adml
c:\windows\PolicyDefinitions\de-DE\PenTraining.adml
c:\windows\PolicyDefinitions\de-DE\PerfCenterCPL.adml
c:\windows\PolicyDefinitions\de-DE\PerformanceDiagnostics.adml
c:\windows\PolicyDefinitions\de-DE\PerformancePerftrack.adml
c:\windows\PolicyDefinitions\de-DE\Power.adml
c:\windows\PolicyDefinitions\de-DE\PreviousVersions.adml
c:\windows\PolicyDefinitions\de-DE\Printing.adml
c:\windows\PolicyDefinitions\de-DE\Programs.adml
c:\windows\PolicyDefinitions\de-DE\QOS.adml
c:\windows\PolicyDefinitions\de-DE\RacWmiProv.adml
c:\windows\PolicyDefinitions\de-DE\Radar.adml
c:\windows\PolicyDefinitions\de-DE\ReAgent.adml
c:\windows\PolicyDefinitions\de-DE\Reliability.adml
c:\windows\PolicyDefinitions\de-DE\RemoteAssistance.adml
c:\windows\PolicyDefinitions\de-DE\RemovableStorage.adml
c:\windows\PolicyDefinitions\de-DE\RPC.adml
c:\windows\PolicyDefinitions\de-DE\Scripts.adml
c:\windows\PolicyDefinitions\de-DE\sdiageng.adml
c:\windows\PolicyDefinitions\de-DE\sdiagschd.adml
c:\windows\PolicyDefinitions\de-DE\Search.adml
c:\windows\PolicyDefinitions\de-DE\Securitycenter.adml
c:\windows\PolicyDefinitions\de-DE\Sensors.adml
c:\windows\PolicyDefinitions\de-DE\Setup.adml
c:\windows\PolicyDefinitions\de-DE\ShapeCollector.adml
c:\windows\PolicyDefinitions\de-DE\SharedFolders.adml
c:\windows\PolicyDefinitions\de-DE\Sharing.adml
c:\windows\PolicyDefinitions\de-DE\Shell-CommandPrompt-RegEditTools.adml
c:\windows\PolicyDefinitions\de-DE\ShellWelcomeCenter.adml
c:\windows\PolicyDefinitions\de-DE\Sidebar.adml
c:\windows\PolicyDefinitions\de-DE\Sideshow.adml
c:\windows\PolicyDefinitions\de-DE\Smartcard.adml
c:\windows\PolicyDefinitions\de-DE\Snmp.adml
c:\windows\PolicyDefinitions\de-DE\SoundRec.adml
c:\windows\PolicyDefinitions\de-DE\StartMenu.adml
c:\windows\PolicyDefinitions\de-DE\SystemResourceManager.adml
c:\windows\PolicyDefinitions\de-DE\SystemRestore.adml
c:\windows\PolicyDefinitions\de-DE\TabletPCInputPanel.adml
c:\windows\PolicyDefinitions\de-DE\TabletShell.adml
c:\windows\PolicyDefinitions\de-DE\Taskbar.adml
c:\windows\PolicyDefinitions\de-DE\TaskScheduler.adml
c:\windows\PolicyDefinitions\de-DE\tcpip.adml
c:\windows\PolicyDefinitions\de-DE\TerminalServer.adml
c:\windows\PolicyDefinitions\de-DE\Thumbnails.adml
c:\windows\PolicyDefinitions\de-DE\TouchInput.adml
c:\windows\PolicyDefinitions\de-DE\TPM.adml
c:\windows\PolicyDefinitions\de-DE\UserDataBackup.adml
c:\windows\PolicyDefinitions\de-DE\UserProfiles.adml
c:\windows\PolicyDefinitions\de-DE\VolumeEncryption.adml
c:\windows\PolicyDefinitions\de-DE\W32Time.adml
c:\windows\PolicyDefinitions\de-DE\WDI.adml
c:\windows\PolicyDefinitions\de-DE\WinCal.adml
c:\windows\PolicyDefinitions\de-DE\Windows.adml
c:\windows\PolicyDefinitions\de-DE\WindowsAnytimeUpgrade.adml
c:\windows\PolicyDefinitions\de-DE\WindowsBackup.adml
c:\windows\PolicyDefinitions\de-DE\WindowsColorSystem.adml
c:\windows\PolicyDefinitions\de-DE\WindowsConnectNow.adml
c:\windows\PolicyDefinitions\de-DE\WindowsDefender.adml
c:\windows\PolicyDefinitions\de-DE\WindowsExplorer.adml
c:\windows\PolicyDefinitions\de-DE\WindowsFileProtection.adml
c:\windows\PolicyDefinitions\de-DE\WindowsFirewall.adml
c:\windows\PolicyDefinitions\de-DE\WindowsMail.adml
c:\windows\PolicyDefinitions\de-DE\WindowsMediaDRM.adml
c:\windows\PolicyDefinitions\de-DE\WindowsMediaPlayer.adml
c:\windows\PolicyDefinitions\de-DE\WindowsMessenger.adml
c:\windows\PolicyDefinitions\de-DE\WindowsProducts.adml
c:\windows\PolicyDefinitions\de-DE\WindowsRemoteManagement.adml
c:\windows\PolicyDefinitions\de-DE\WindowsRemoteShell.adml
c:\windows\PolicyDefinitions\de-DE\WindowsUpdate.adml
c:\windows\PolicyDefinitions\de-DE\WinInit.adml
c:\windows\PolicyDefinitions\de-DE\WinLogon.adml
c:\windows\PolicyDefinitions\de-DE\Winsrv.adml
c:\windows\PolicyDefinitions\de-DE\WordWheel.adml
c:\windows\PolicyDefinitions\Desktop.admx
c:\windows\PolicyDefinitions\DeviceInstallation.admx
c:\windows\PolicyDefinitions\DeviceRedirection.admx
c:\windows\PolicyDefinitions\DFS.admx
c:\windows\PolicyDefinitions\DigitalLocker.admx
c:\windows\PolicyDefinitions\DiskDiagnostic.admx
c:\windows\PolicyDefinitions\DiskNVCache.admx
c:\windows\PolicyDefinitions\DiskQuota.admx
c:\windows\PolicyDefinitions\DistributedLinkTracking.admx
c:\windows\PolicyDefinitions\DnsClient.admx
c:\windows\PolicyDefinitions\DWM.admx
c:\windows\PolicyDefinitions\en-US\ActiveXInstallService.adml
c:\windows\PolicyDefinitions\en-US\AddRemovePrograms.adml
c:\windows\PolicyDefinitions\en-US\AppCompat.adml
c:\windows\PolicyDefinitions\en-US\AttachmentManager.adml
c:\windows\PolicyDefinitions\en-US\AutoPlay.adml
c:\windows\PolicyDefinitions\en-US\Biometrics.adml
c:\windows\PolicyDefinitions\en-US\Bits.adml
c:\windows\PolicyDefinitions\en-US\CEIPEnable.adml
c:\windows\PolicyDefinitions\en-US\CipherSuiteOrder.adml
c:\windows\PolicyDefinitions\en-US\COM.adml
c:\windows\PolicyDefinitions\en-US\Conf.adml
c:\windows\PolicyDefinitions\en-US\ControlPanel.adml
c:\windows\PolicyDefinitions\en-US\ControlPanelDisplay.adml
c:\windows\PolicyDefinitions\en-US\Cpls.adml
c:\windows\PolicyDefinitions\en-US\CredentialProviders.adml
c:\windows\PolicyDefinitions\en-US\CredSsp.adml
c:\windows\PolicyDefinitions\en-US\CredUI.adml
c:\windows\PolicyDefinitions\en-US\CtrlAltDel.adml
c:\windows\PolicyDefinitions\en-US\DCOM.adml
c:\windows\PolicyDefinitions\en-US\Desktop.adml
c:\windows\PolicyDefinitions\en-US\DeviceInstallation.adml
c:\windows\PolicyDefinitions\en-US\DeviceRedirection.adml
c:\windows\PolicyDefinitions\en-US\DFS.adml
c:\windows\PolicyDefinitions\en-US\DigitalLocker.adml
c:\windows\PolicyDefinitions\en-US\DiskDiagnostic.adml
c:\windows\PolicyDefinitions\en-US\DiskNVCache.adml
c:\windows\PolicyDefinitions\en-US\DiskQuota.adml
c:\windows\PolicyDefinitions\en-US\DistributedLinkTracking.adml
c:\windows\PolicyDefinitions\en-US\DnsClient.adml
c:\windows\PolicyDefinitions\en-US\DWM.adml
c:\windows\PolicyDefinitions\en-US\EncryptFilesonMove.adml
c:\windows\PolicyDefinitions\en-US\EnhancedStorage.adml
c:\windows\PolicyDefinitions\en-US\ErrorReporting.adml
c:\windows\PolicyDefinitions\en-US\EventForwarding.adml
c:\windows\PolicyDefinitions\en-US\EventLog.adml
c:\windows\PolicyDefinitions\en-US\EventViewer.adml
c:\windows\PolicyDefinitions\en-US\Explorer.adml
c:\windows\PolicyDefinitions\en-US\FileRecovery.adml
c:\windows\PolicyDefinitions\en-US\FileSys.adml
c:\windows\PolicyDefinitions\en-US\FolderRedirection.adml
c:\windows\PolicyDefinitions\en-US\FramePanes.adml
c:\windows\PolicyDefinitions\en-US\fthsvc.adml
c:\windows\PolicyDefinitions\en-US\GameExplorer.adml
c:\windows\PolicyDefinitions\en-US\Globalization.adml
c:\windows\PolicyDefinitions\en-US\GroupPolicy.adml
c:\windows\PolicyDefinitions\en-US\Help.adml
c:\windows\PolicyDefinitions\en-US\HelpAndSupport.adml
c:\windows\PolicyDefinitions\en-US\HotStart.adml
c:\windows\PolicyDefinitions\en-US\ICM.adml
c:\windows\PolicyDefinitions\en-US\IIS.adml
c:\windows\PolicyDefinitions\en-US\InetRes.adml
c:\windows\PolicyDefinitions\en-US\InkWatson.adml
c:\windows\PolicyDefinitions\en-US\InputPersonalization.adml
c:\windows\PolicyDefinitions\en-US\iSCSI.adml
c:\windows\PolicyDefinitions\en-US\Kerberos.adml
c:\windows\PolicyDefinitions\en-US\LanmanServer.adml
c:\windows\PolicyDefinitions\en-US\LeakDiagnostic.adml
c:\windows\PolicyDefinitions\en-US\LinkLayerTopologyDiscovery.adml
c:\windows\PolicyDefinitions\en-US\Logon.adml
c:\windows\PolicyDefinitions\en-US\MediaCenter.adml
c:\windows\PolicyDefinitions\en-US\MMC.adml
c:\windows\PolicyDefinitions\en-US\MMCSnapins.adml
c:\windows\PolicyDefinitions\en-US\MobilePCMobilityCenter.adml
c:\windows\PolicyDefinitions\en-US\MobilePCPresentationSettings.adml
c:\windows\PolicyDefinitions\en-US\MSDT.adml
c:\windows\PolicyDefinitions\en-US\Msi-FileRecovery.adml
c:\windows\PolicyDefinitions\en-US\MSI.adml
c:\windows\PolicyDefinitions\en-US\NCSI.adml
c:\windows\PolicyDefinitions\en-US\Netlogon.adml
c:\windows\PolicyDefinitions\en-US\NetworkConnections.adml
c:\windows\PolicyDefinitions\en-US\NetworkProjection.adml
c:\windows\PolicyDefinitions\en-US\OfflineFiles.adml
c:\windows\PolicyDefinitions\en-US\P2P-pnrp.adml
c:\windows\PolicyDefinitions\en-US\ParentalControls.adml
c:\windows\PolicyDefinitions\en-US\pca.adml
c:\windows\PolicyDefinitions\en-US\PeerToPeerCaching.adml
c:\windows\PolicyDefinitions\en-US\PenTraining.adml
c:\windows\PolicyDefinitions\en-US\PerfCenterCPL.adml
c:\windows\PolicyDefinitions\en-US\PerformanceDiagnostics.adml
c:\windows\PolicyDefinitions\en-US\PerformancePerftrack.adml
c:\windows\PolicyDefinitions\en-US\Power.adml
c:\windows\PolicyDefinitions\en-US\PreviousVersions.adml
c:\windows\PolicyDefinitions\en-US\Printing.adml
c:\windows\PolicyDefinitions\en-US\Programs.adml
c:\windows\PolicyDefinitions\en-US\QOS.adml
c:\windows\PolicyDefinitions\en-US\RacWmiProv.adml
c:\windows\PolicyDefinitions\en-US\Radar.adml
c:\windows\PolicyDefinitions\en-US\ReAgent.adml
c:\windows\PolicyDefinitions\en-US\Reliability.adml
c:\windows\PolicyDefinitions\en-US\RemoteAssistance.adml
c:\windows\PolicyDefinitions\en-US\RemovableStorage.adml
c:\windows\PolicyDefinitions\en-US\RPC.adml
c:\windows\PolicyDefinitions\en-US\Scripts.adml
c:\windows\PolicyDefinitions\en-US\sdiageng.adml
c:\windows\PolicyDefinitions\en-US\sdiagschd.adml
c:\windows\PolicyDefinitions\en-US\Search.adml
c:\windows\PolicyDefinitions\en-US\Securitycenter.adml
c:\windows\PolicyDefinitions\en-US\Sensors.adml
c:\windows\PolicyDefinitions\en-US\Setup.adml
c:\windows\PolicyDefinitions\en-US\ShapeCollector.adml
c:\windows\PolicyDefinitions\en-US\SharedFolders.adml
c:\windows\PolicyDefinitions\en-US\Sharing.adml
c:\windows\PolicyDefinitions\en-US\Shell-CommandPrompt-RegEditTools.adml
c:\windows\PolicyDefinitions\en-US\ShellWelcomeCenter.adml
c:\windows\PolicyDefinitions\en-US\Sidebar.adml
c:\windows\PolicyDefinitions\en-US\Sideshow.adml
c:\windows\PolicyDefinitions\en-US\Smartcard.adml
c:\windows\PolicyDefinitions\en-US\Snmp.adml
c:\windows\PolicyDefinitions\en-US\SoundRec.adml
c:\windows\PolicyDefinitions\en-US\StartMenu.adml
c:\windows\PolicyDefinitions\en-US\SystemResourceManager.adml
c:\windows\PolicyDefinitions\en-US\SystemRestore.adml
c:\windows\PolicyDefinitions\en-US\TabletPCInputPanel.adml
c:\windows\PolicyDefinitions\en-US\TabletShell.adml
c:\windows\PolicyDefinitions\en-US\Taskbar.adml
c:\windows\PolicyDefinitions\en-US\TaskScheduler.adml
c:\windows\PolicyDefinitions\en-US\tcpip.adml
c:\windows\PolicyDefinitions\en-US\TerminalServer.adml
c:\windows\PolicyDefinitions\en-US\Thumbnails.adml
c:\windows\PolicyDefinitions\en-US\TouchInput.adml
c:\windows\PolicyDefinitions\en-US\TPM.adml
c:\windows\PolicyDefinitions\en-US\UserDataBackup.adml
c:\windows\PolicyDefinitions\en-US\UserProfiles.adml
c:\windows\PolicyDefinitions\en-US\VolumeEncryption.adml
c:\windows\PolicyDefinitions\en-US\W32Time.adml
c:\windows\PolicyDefinitions\en-US\WDI.adml
c:\windows\PolicyDefinitions\en-US\WinCal.adml
c:\windows\PolicyDefinitions\en-US\Windows.adml
c:\windows\PolicyDefinitions\en-US\WindowsAnytimeUpgrade.adml
c:\windows\PolicyDefinitions\en-US\WindowsBackup.adml
c:\windows\PolicyDefinitions\en-US\WindowsColorSystem.adml
c:\windows\PolicyDefinitions\en-US\WindowsConnectNow.adml
c:\windows\PolicyDefinitions\en-US\WindowsDefender.adml
c:\windows\PolicyDefinitions\en-US\WindowsExplorer.adml
c:\windows\PolicyDefinitions\en-US\WindowsFileProtection.adml
c:\windows\PolicyDefinitions\en-US\WindowsFirewall.adml
c:\windows\PolicyDefinitions\en-US\WindowsMail.adml
c:\windows\PolicyDefinitions\en-US\WindowsMediaDRM.adml
c:\windows\PolicyDefinitions\en-US\WindowsMediaPlayer.adml
c:\windows\PolicyDefinitions\en-US\WindowsMessenger.adml
c:\windows\PolicyDefinitions\en-US\WindowsProducts.adml
c:\windows\PolicyDefinitions\en-US\WindowsRemoteManagement.adml
c:\windows\PolicyDefinitions\en-US\WindowsRemoteShell.adml
c:\windows\PolicyDefinitions\en-US\WindowsUpdate.adml
c:\windows\PolicyDefinitions\en-US\WinInit.adml
c:\windows\PolicyDefinitions\en-US\WinLogon.adml
c:\windows\PolicyDefinitions\en-US\Winsrv.adml
c:\windows\PolicyDefinitions\en-US\WordWheel.adml
c:\windows\PolicyDefinitions\EncryptFilesonMove.admx
c:\windows\PolicyDefinitions\EnhancedStorage.admx
c:\windows\PolicyDefinitions\ErrorReporting.admx
c:\windows\PolicyDefinitions\EventForwarding.admx
c:\windows\PolicyDefinitions\EventLog.admx
c:\windows\PolicyDefinitions\EventViewer.admx
c:\windows\PolicyDefinitions\Explorer.admx
c:\windows\PolicyDefinitions\FileRecovery.admx
c:\windows\PolicyDefinitions\FileSys.admx
c:\windows\PolicyDefinitions\FolderRedirection.admx
c:\windows\PolicyDefinitions\FramePanes.admx
c:\windows\PolicyDefinitions\fthsvc.admx
c:\windows\PolicyDefinitions\GameExplorer.admx
c:\windows\PolicyDefinitions\Globalization.admx
c:\windows\PolicyDefinitions\GroupPolicy.admx
c:\windows\PolicyDefinitions\Help.admx
c:\windows\PolicyDefinitions\HelpAndSupport.admx
c:\windows\PolicyDefinitions\HotStart.admx
c:\windows\PolicyDefinitions\ICM.admx
c:\windows\PolicyDefinitions\IIS.admx
c:\windows\PolicyDefinitions\inetres.admx
c:\windows\PolicyDefinitions\InkWatson.admx
c:\windows\PolicyDefinitions\InputPersonalization.admx
c:\windows\PolicyDefinitions\iSCSI.admx
c:\windows\PolicyDefinitions\Kerberos.admx
c:\windows\PolicyDefinitions\LanmanServer.admx
c:\windows\PolicyDefinitions\LeakDiagnostic.admx
c:\windows\PolicyDefinitions\LinkLayerTopologyDiscovery.admx
c:\windows\PolicyDefinitions\Logon.admx
c:\windows\PolicyDefinitions\MediaCenter.admx
c:\windows\PolicyDefinitions\MMC.admx
c:\windows\PolicyDefinitions\MMCSnapins.admx
c:\windows\PolicyDefinitions\MobilePCMobilityCenter.admx
c:\windows\PolicyDefinitions\MobilePCPresentationSettings.admx
c:\windows\PolicyDefinitions\MSDT.admx
c:\windows\PolicyDefinitions\Msi-FileRecovery.admx
c:\windows\PolicyDefinitions\MSI.admx
c:\windows\PolicyDefinitions\NCSI.admx
c:\windows\PolicyDefinitions\Netlogon.admx
c:\windows\PolicyDefinitions\NetworkConnections.admx
c:\windows\PolicyDefinitions\NetworkProjection.admx
c:\windows\PolicyDefinitions\OfflineFiles.admx
c:\windows\PolicyDefinitions\P2P-pnrp.admx
c:\windows\PolicyDefinitions\ParentalControls.admx
c:\windows\PolicyDefinitions\pca.admx
c:\windows\PolicyDefinitions\PeerToPeerCaching.admx
c:\windows\PolicyDefinitions\PenTraining.admx
c:\windows\PolicyDefinitions\PerfCenterCPL.admx
c:\windows\PolicyDefinitions\PerformanceDiagnostics.admx
c:\windows\PolicyDefinitions\PerformancePerftrack.admx
c:\windows\PolicyDefinitions\Power.admx
c:\windows\PolicyDefinitions\PreviousVersions.admx
c:\windows\PolicyDefinitions\Printing.admx
c:\windows\PolicyDefinitions\Programs.admx
c:\windows\PolicyDefinitions\QOS.admx
c:\windows\PolicyDefinitions\RacWmiProv.admx
c:\windows\PolicyDefinitions\Radar.admx
c:\windows\PolicyDefinitions\ReAgent.admx
c:\windows\PolicyDefinitions\Reliability.admx
c:\windows\PolicyDefinitions\RemoteAssistance.admx
c:\windows\PolicyDefinitions\RemovableStorage.admx
c:\windows\PolicyDefinitions\RPC.admx
c:\windows\PolicyDefinitions\Scripts.admx
c:\windows\PolicyDefinitions\sdiageng.admx
c:\windows\PolicyDefinitions\sdiagschd.admx
c:\windows\PolicyDefinitions\Search.admx
c:\windows\PolicyDefinitions\Securitycenter.admx
c:\windows\PolicyDefinitions\Sensors.admx
c:\windows\PolicyDefinitions\Setup.admx
c:\windows\PolicyDefinitions\ShapeCollector.admx
c:\windows\PolicyDefinitions\SharedFolders.admx
c:\windows\PolicyDefinitions\Sharing.admx
c:\windows\PolicyDefinitions\Shell-CommandPrompt-RegEditTools.admx
c:\windows\PolicyDefinitions\ShellWelcomeCenter.admx
c:\windows\PolicyDefinitions\Sidebar.admx
c:\windows\PolicyDefinitions\Sideshow.admx
c:\windows\PolicyDefinitions\Smartcard.admx
c:\windows\PolicyDefinitions\Snmp.admx
c:\windows\PolicyDefinitions\SoundRec.admx
c:\windows\PolicyDefinitions\StartMenu.admx
c:\windows\PolicyDefinitions\SystemResourceManager.admx
c:\windows\PolicyDefinitions\SystemRestore.admx
c:\windows\PolicyDefinitions\TabletPCInputPanel.admx
c:\windows\PolicyDefinitions\TabletShell.admx
c:\windows\PolicyDefinitions\Taskbar.admx
c:\windows\PolicyDefinitions\TaskScheduler.admx
c:\windows\PolicyDefinitions\tcpip.admx
c:\windows\PolicyDefinitions\TerminalServer.admx
c:\windows\PolicyDefinitions\Thumbnails.admx
c:\windows\PolicyDefinitions\TouchInput.admx
c:\windows\PolicyDefinitions\TPM.admx
c:\windows\PolicyDefinitions\UserDataBackup.admx
c:\windows\PolicyDefinitions\UserProfiles.admx
c:\windows\PolicyDefinitions\VolumeEncryption.admx
c:\windows\PolicyDefinitions\W32Time.admx
c:\windows\PolicyDefinitions\WDI.admx
c:\windows\PolicyDefinitions\WinCal.admx
c:\windows\PolicyDefinitions\Windows.admx
c:\windows\PolicyDefinitions\WindowsAnytimeUpgrade.admx
c:\windows\PolicyDefinitions\WindowsBackup.admx
c:\windows\PolicyDefinitions\WindowsColorSystem.admx
c:\windows\PolicyDefinitions\WindowsConnectNow.admx
c:\windows\PolicyDefinitions\WindowsDefender.admx
c:\windows\PolicyDefinitions\WindowsExplorer.admx
c:\windows\PolicyDefinitions\WindowsFileProtection.admx
c:\windows\PolicyDefinitions\WindowsFirewall.admx
c:\windows\PolicyDefinitions\WindowsMail.admx
c:\windows\PolicyDefinitions\WindowsMediaDRM.admx
c:\windows\PolicyDefinitions\WindowsMediaPlayer.admx
c:\windows\PolicyDefinitions\WindowsMessenger.admx
c:\windows\PolicyDefinitions\WindowsProducts.admx
c:\windows\PolicyDefinitions\WindowsRemoteManagement.admx
c:\windows\PolicyDefinitions\WindowsRemoteShell.admx
c:\windows\PolicyDefinitions\WindowsUpdate.admx
c:\windows\PolicyDefinitions\WinInit.admx
c:\windows\PolicyDefinitions\WinLogon.admx
c:\windows\PolicyDefinitions\Winsrv.admx
c:\windows\PolicyDefinitions\WordWheel.admx
.
.
((((((((((((((((((((((( Dateien erstellt von 2013-03-24 bis 2013-04-24 ))))))))))))))))))))))))))))))
.
.
2013-04-24 04:55 . 2013-04-24 04:55 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-04-24 03:22 . 2013-04-24 03:22 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3A812B06-B0BF-414B-B142-A057EB20A060}\offreg.dll
2013-04-23 21:43 . 2013-04-23 21:43 -------- d-----w- c:\program files\CCleaner
2013-04-23 20:44 . 2013-04-23 21:54 -------- d-----w- c:\users\Jochen\AppData\Roaming\mIRC
2013-04-23 20:44 . 2013-04-23 20:44 -------- d-----w- c:\program files (x86)\mIRC
2013-04-23 20:12 . 2013-04-23 20:12 -------- d-----w- c:\program files (x86)\OWASP
2013-04-23 17:58 . 2013-04-23 18:10 -------- d-----w- c:\program files (x86)\WhatsRunning
2013-04-23 16:11 . 2013-04-23 16:11 -------- d-----w- c:\program files (x86)\ESET
2013-04-23 15:30 . 2013-04-23 15:30 -------- d-----w- c:\windows\CheckSur
2013-04-23 12:22 . 2013-03-07 11:37 19032 ------w- c:\windows\system32\pwdrvio.sys
2013-04-23 12:22 . 2013-03-07 11:37 3074240 ----a-w- c:\windows\system32\pwNative.exe
2013-04-23 12:22 . 2013-03-07 11:37 9584 ------w- c:\windows\system32\pwdspio.sys
2013-04-23 12:22 . 2013-04-23 12:22 -------- d-----w- c:\program files (x86)\MiniTool Partition Wizard Home Edition 7.8
2013-04-23 12:21 . 2013-04-23 12:21 -------- d-----w- c:\users\Jochen\AppData\Local\GHISLER
2013-04-23 12:20 . 2013-04-23 12:20 -------- d-----w- C:\totalcmd
2013-04-23 12:20 . 2013-04-23 12:20 -------- d-----w- c:\users\Jochen\AppData\Roaming\GHISLER
2013-04-23 12:16 . 2013-04-23 12:16 -------- d-----w- c:\programdata\Panda Security
2013-04-23 12:16 . 2013-04-23 12:16 -------- d-----w- c:\program files (x86)\Panda USB Vaccine
2013-04-23 12:03 . 2013-04-23 12:03 -------- d-----w- c:\program files\Sandboxie
2013-04-23 09:37 . 2013-04-23 09:37 -------- d-----w- c:\users\Jochen\AppData\Local\Opera
2013-04-23 09:37 . 2013-04-23 09:37 -------- d-----w- c:\program files (x86)\Opera
2013-04-23 08:53 . 2013-04-23 08:53 -------- d-----w- c:\windows\de-DE
2013-04-23 08:53 . 2013-04-23 08:53 -------- d-----w- c:\windows\SysWow64\XPSViewer
2013-04-23 08:53 . 2013-04-23 08:53 -------- d-----w- c:\windows\SysWow64\drivers\UMDF\de-DE
2013-04-23 08:53 . 2013-04-23 08:53 -------- d-----w- c:\windows\SysWow64\drivers\de-DE
2013-04-23 08:53 . 2013-04-23 08:53 -------- d-----w- c:\windows\SysWow64\de
2013-04-23 08:53 . 2013-04-23 08:53 -------- d-----w- c:\windows\SysWow64\0407
2013-04-23 08:53 . 2013-04-23 08:53 -------- d-----w- c:\windows\SysWow64\wbem\de-DE
2013-04-23 08:53 . 2013-04-23 08:53 -------- d-----w- c:\windows\system32\drivers\UMDF\de-DE
2013-04-23 08:53 . 2013-04-23 08:53 -------- d-----w- c:\windows\system32\drivers\de-DE
2013-04-23 08:53 . 2013-04-23 08:53 -------- d-----w- c:\windows\system32\0407
2013-04-23 08:53 . 2013-04-23 08:53 -------- d-----w- c:\windows\system32\de
2013-04-23 08:53 . 2013-04-23 08:53 -------- d-----w- c:\windows\system32\wbem\de-DE
2013-04-23 08:49 . 2013-04-23 08:49 -------- d-----w- c:\program files (x86)\TeamViewer
2013-04-23 08:49 . 2009-07-13 17:05 3584 ----a-w- c:\windows\system32\Spool\prtprocs\x64\de-DE\LXKPTPRC.DLL.mui
2013-04-23 08:44 . 2013-04-23 08:44 -------- d-----w- c:\program files (x86)\Marvell
2013-04-23 08:42 . 2009-05-14 07:26 15416 ----a-w- c:\windows\system32\drivers\ASACPI.sys
2013-04-22 23:04 . 2013-04-22 23:04 -------- d-----w- c:\program files (x86)\Microsoft.NET
2013-04-22 22:47 . 2013-04-23 01:51 -------- d-----w- c:\users\Jochen\AppData\Roaming\Trillian
2013-04-22 22:46 . 2013-04-22 22:47 -------- d-----w- c:\program files (x86)\Trillian
2013-04-22 21:54 . 2013-04-22 21:54 -------- d-----w- C:\Meine Backups
2013-04-22 19:07 . 2013-04-22 19:07 367200 ----a-w- c:\windows\system32\drivers\afcdp.sys
2013-04-22 19:07 . 2013-04-22 19:07 1462560 ----a-w- c:\windows\system32\drivers\tdrpman.sys
2013-04-22 19:07 . 2013-04-22 19:07 183224 ----a-w- c:\windows\system32\drivers\tib_mounter.sys
2013-04-22 19:07 . 2013-04-22 19:07 1120032 ----a-w- c:\windows\system32\drivers\tib.sys
2013-04-22 19:07 . 2013-04-22 19:07 161568 ----a-w- c:\windows\system32\drivers\vididr.sys
2013-04-22 19:07 . 2013-04-22 19:07 117024 ----a-w- c:\windows\system32\drivers\vidsflt.sys
2013-04-22 19:07 . 2013-04-22 19:07 233760 ----a-w- c:\windows\system32\drivers\snapman.sys
2013-04-22 19:07 . 2013-04-22 19:07 108832 ----a-w- c:\windows\system32\drivers\fltsrv.sys
2013-04-22 19:06 . 2013-04-22 19:06 -------- d-----w- c:\program files (x86)\Acronis
2013-04-22 18:49 . 2013-04-23 18:46 -------- d-----w- c:\users\UpdatusUser
2013-04-22 18:49 . 2013-04-22 18:49 -------- d-----w- c:\program files (x86)\NVIDIA Corporation
2013-04-22 18:48 . 2013-01-18 15:00 6390048 ----a-w- c:\windows\system32\nvcpl.dll
2013-04-22 18:48 . 2013-01-18 15:00 3460896 ----a-w- c:\windows\system32\nvsvc64.dll
2013-04-22 18:48 . 2013-01-18 15:00 884512 ----a-w- c:\windows\system32\nvvsvc.exe
2013-04-22 18:48 . 2013-01-18 15:00 63776 ----a-w- c:\windows\system32\nvshext.dll
2013-04-22 18:48 . 2013-01-18 15:00 2558240 ----a-w- c:\windows\system32\nvsvcr.dll
2013-04-22 18:48 . 2013-01-18 15:00 118560 ----a-w- c:\windows\system32\nvmctray.dll
2013-04-22 18:48 . 2013-02-25 22:32 61216 ----a-w- c:\windows\system32\OpenCL.dll
2013-04-22 18:48 . 2013-02-25 22:32 53024 ----a-w- c:\windows\SysWow64\OpenCL.dll
2013-04-22 18:48 . 2013-04-22 18:49 -------- d-----w- c:\program files\NVIDIA Corporation
2013-04-22 18:05 . 2013-04-22 19:06 -------- d-----w- c:\program files (x86)\Common Files\Acronis
2013-04-22 18:04 . 2013-04-01 17:58 72702784 ----a-w- c:\windows\system32\MRT.exe
2013-04-22 18:02 . 2013-04-17 04:31 9317456 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3A812B06-B0BF-414B-B142-A057EB20A060}\mpengine.dll
2013-04-22 18:00 . 2013-04-22 18:00 -------- d-----w- c:\users\Jochen\AppData\Roaming\Canneverbe Limited
2013-04-22 18:00 . 2013-04-22 18:00 -------- d-----w- c:\programdata\Canneverbe Limited
2013-04-22 17:59 . 2013-04-22 17:59 -------- d-----w- c:\program files (x86)\CDBurnerXP
2013-04-22 17:59 . 2010-02-23 08:16 294912 ----a-w- c:\windows\system32\browserchoice.exe
2013-04-22 17:58 . 2013-04-24 00:19 -------- d-----r- c:\users\Jochen\Dropbox
2013-04-22 17:55 . 2012-12-16 17:11 46080 ----a-w- c:\windows\system32\atmlib.dll
2013-04-22 17:55 . 2012-12-16 14:45 367616 ----a-w- c:\windows\system32\atmfd.dll
2013-04-22 17:55 . 2012-12-16 14:13 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2013-04-22 17:55 . 2012-12-16 14:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2013-04-22 17:55 . 2010-09-30 10:41 100864 ----a-w- c:\windows\system32\fontsub.dll
2013-04-22 17:55 . 2010-09-30 06:47 70656 ----a-w- c:\windows\SysWow64\fontsub.dll
2013-04-22 17:53 . 2012-03-01 06:46 23408 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2013-04-22 17:53 . 2012-03-01 06:33 81408 ----a-w- c:\windows\system32\imagehlp.dll
2013-04-22 17:53 . 2012-03-01 06:28 5120 ----a-w- c:\windows\system32\wmi.dll
2013-04-22 17:53 . 2012-03-01 05:33 159232 ----a-w- c:\windows\SysWow64\imagehlp.dll
2013-04-22 17:53 . 2012-03-01 05:29 5120 ----a-w- c:\windows\SysWow64\wmi.dll
2013-04-22 17:50 . 2013-04-23 23:36 -------- d-----w- c:\users\Jochen\AppData\Roaming\Dropbox
2013-04-22 17:48 . 2013-03-02 05:55 1111040 ----a-w- c:\program files\Common Files\Microsoft Shared\VGX\VGX.dll
2013-04-22 17:47 . 2011-08-17 05:26 613888 ----a-w- c:\windows\system32\psisdecd.dll
2013-04-22 17:45 . 2011-04-09 06:58 142336 ----a-w- c:\windows\system32\poqexec.exe
2013-04-22 17:44 . 2013-04-22 17:44 -------- d-----w- c:\users\Jochen\AppData\Local\Macromedia
2013-04-22 17:43 . 2013-04-23 12:03 -------- d-sh--w- c:\windows\Installer
2013-04-22 17:43 . 2013-04-22 17:43 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-04-22 17:43 . 2013-04-22 17:43 691592 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-04-22 17:43 . 2013-04-22 17:43 -------- d-----w- c:\windows\SysWow64\Macromed
2013-04-22 17:43 . 2013-04-22 17:43 -------- d-----w- c:\windows\system32\Macromed
2013-04-22 17:40 . 2013-04-22 17:46 -------- d-----w- c:\users\Jochen\AppData\Local\Google
2013-04-22 17:40 . 2013-04-22 17:46 -------- d-----w- c:\program files (x86)\Google
2013-04-22 17:33 . 2013-04-22 17:33 -------- d-----w- c:\users\Jochen\AppData\Roaming\Malwarebytes
2013-04-22 17:33 . 2013-04-22 17:33 -------- d-----w- c:\users\Jochen\AppData\Local\Programs
2013-04-22 17:32 . 2013-04-22 17:32 -------- d-----w- c:\program files\WinRAR
2013-04-21 23:16 . 2013-04-21 23:16 -------- d-----w- c:\program files (x86)\devolo
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-03-11 23:10 . 2010-11-21 03:27 282744 ------w- c:\windows\system32\MpSigStub.exe
2013-03-04 06:43 . 2013-03-04 06:43 81920 ----a-w- c:\windows\SysWow64\devolopacket.dll
2013-03-04 06:43 . 2013-03-04 06:43 34048 ----a-w- c:\windows\SysWow64\drivers\npf_devolo.sys
2013-03-04 06:43 . 2013-03-04 06:43 221184 ----a-w- c:\windows\SysWow64\devolopcap.dll
2013-02-25 22:32 . 2013-02-25 22:32 25256224 ----a-w- c:\windows\system32\nvcompiler.dll
2013-02-25 22:32 . 2013-02-25 22:32 2505144 ----a-w- c:\windows\SysWow64\nvapi.dll
2013-02-25 22:32 . 2013-02-25 22:32 15129960 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2013-02-25 22:32 . 2013-02-25 22:32 6262608 ----a-w- c:\windows\SysWow64\nvopencl.dll
2013-02-25 22:32 . 2013-02-25 22:32 2826040 ----a-w- c:\windows\system32\nvapi64.dll
2013-02-25 22:32 . 2013-02-25 22:32 1814304 ----a-w- c:\windows\system32\nvdispco64.dll
2013-02-25 22:32 . 2013-02-25 22:32 18055184 ----a-w- c:\windows\system32\nvd3dumx.dll
2013-02-25 22:32 . 2013-02-25 22:32 2720544 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2013-02-25 22:32 . 2013-02-25 22:32 26929440 ----a-w- c:\windows\system32\nvoglv64.dll
2013-02-25 22:32 . 2013-02-25 22:32 7932256 ----a-w- c:\windows\SysWow64\nvcuda.dll
2013-02-25 22:32 . 2013-02-25 22:32 2346784 ----a-w- c:\windows\system32\nvcuvenc.dll
2013-02-25 22:32 . 2013-02-25 22:32 1510176 ----a-w- c:\windows\system32\nvdispgenco64.dll
2013-02-25 22:32 . 2013-02-25 22:32 11036448 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2013-02-25 22:32 . 2013-02-25 22:32 2904352 ----a-w- c:\windows\system32\nvcuvid.dll
2013-02-25 22:32 . 2013-02-25 22:32 20449056 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2013-02-25 22:32 . 2009-07-13 21:59 15053264 ----a-w- c:\windows\system32\nvwgf2umx.dll
2013-02-25 22:32 . 2013-02-25 22:32 17560352 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2013-02-25 22:32 . 2013-02-25 22:32 7564040 ----a-w- c:\windows\system32\nvopencl.dll
2013-02-25 22:32 . 2013-02-25 22:32 1985824 ----a-w- c:\windows\SysWow64\nvcuvenc.dll
2013-02-25 22:32 . 2013-02-25 22:32 12641992 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2013-02-25 22:32 . 2013-02-25 22:32 9390760 ----a-w- c:\windows\system32\nvcuda.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 afcdp;afcdp;c:\windows\system32\DRIVERS\afcdp.sys [2013-04-22 367200]
R3 afcdpsrv;Acronis Nonstop Backup Service;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [2013-04-22 3816440]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
R3 pwdrvio;pwdrvio;c:\windows\system32\pwdrvio.sys [2013-03-07 19032]
R3 pwdspio;pwdspio;c:\windows\system32\pwdspio.sys [2013-03-07 9584]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-21 20992]
R3 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-01-18 383264]
R3 syncagentsrv;Acronis Sync Agent Service;c:\program files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [2013-03-20 7094592]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [2010-11-21 88960]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2010-11-21 34816]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 tsusbhub;tsusbhub;tsusbhub [x]
S0 fltsrv;Acronis Storage Filter Management;c:\windows\system32\DRIVERS\fltsrv.sys [2013-04-22 108832]
S0 tib;Acronis TIB Manager;c:\windows\system32\DRIVERS\tib.sys [2013-04-22 1120032]
S0 tib_mounter;Acronis TIB Mounter;c:\windows\system32\DRIVERS\tib_mounter.sys [2013-04-22 183224]
S2 DevoloNetworkService;devolo Network Service;c:\program files (x86)\devolo\dlan\devolonetsvc.exe [2013-03-25 3507704]
S2 NPF_devolo;NetGroup Packet Filter Driver (devolo);c:\windows\sysWOW64\drivers\npf_devolo.sys [2013-03-04 34048]
S2 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [2013-03-06 3560288]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-04-22 17:46 1642448 ----a-w- c:\program files (x86)\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2013-04-24 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-04-22 17:43]
.
2013-04-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-04-22 17:44]
.
2013-04-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-04-22 17:44]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AcronisSyncError]
@="{934BC6C0-FEC2-4df5-A100-961DE2C8A0ED}"
[HKEY_CLASSES_ROOT\CLSID\{934BC6C0-FEC2-4df5-A100-961DE2C8A0ED}]
2013-03-27 22:53 2827832 ----a-w- c:\program files (x86)\Acronis\TrueImageHome\tishell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AcronisSyncInProgress]
@="{00F848DC-B1D4-4892-9C25-CAADC86A215D}"
[HKEY_CLASSES_ROOT\CLSID\{00F848DC-B1D4-4892-9C25-CAADC86A215D}]
2013-03-27 22:53 2827832 ----a-w- c:\program files (x86)\Acronis\TrueImageHome\tishell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AcronisSyncOk]
@="{71573297-552E-46fc-BE3D-3DFAF88D47B7}"
[HKEY_CLASSES_ROOT\CLSID\{71573297-552E-46fc-BE3D-3DFAF88D47B7}]
2013-03-27 22:53 2827832 ----a-w- c:\program files (x86)\Acronis\TrueImageHome\tishell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-10 05:37 164016 ----a-w- c:\users\Jochen\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-10 05:37 164016 ----a-w- c:\users\Jochen\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-10 05:37 164016 ----a-w- c:\users\Jochen\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-04-10 05:37 164016 ----a-w- c:\users\Jochen\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Acronis Scheduler2 Service"="c:\program files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe" [2013-02-15 517912]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: Interfaces\{613A590F-16D9-4EE7-9E69-63A741F7D4E1}: NameServer = 8.8.8.8
FF - ProfilePath - c:\users\Jochen\AppData\Roaming\Mozilla\Firefox\Profiles\jkov78vz.default\
FF - prefs.js: network.proxy.http - 127.0.0.1
FF - prefs.js: network.proxy.http_port - 8888
FF - prefs.js: network.proxy.ssl - 127.0.0.1
FF - prefs.js: network.proxy.ssl_port - 8888
FF - prefs.js: network.proxy.type - 1
FF - ExtSQL: 2013-04-22 19:41; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\users\Jochen\AppData\Roaming\Mozilla\Firefox\Profiles\jkov78vz.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF - ExtSQL: 2013-04-22 19:45; fiddlerhook@fiddler2.com; c:\program files (x86)\Fiddler2\FiddlerHook
FF - ExtSQL: 2013-04-23 12:33; {8b86149f-01fb-4842-9dd8-4d7eb02fd055}; c:\users\Jochen\AppData\Roaming\Mozilla\Firefox\Profiles\jkov78vz.default\extensions\{8b86149f-01fb-4842-9dd8-4d7eb02fd055}
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - c:\users\Jochen\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - c:\users\Jochen\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - c:\users\Jochen\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
ShellIconOverlayIdentifiers-{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - c:\users\Jochen\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
AddRemove-Dropbox - c:\users\Jochen\AppData\Roaming\Dropbox\bin\DropboxUninstaller.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-04-24 06:57:26
ComboFix-quarantined-files.txt 2013-04-24 04:57
ComboFix2.txt 2013-04-23 23:19
.
Vor Suchlauf: 10 Verzeichnis(se), 98.712.293.376 Bytes frei
Nach Suchlauf: 11 Verzeichnis(se), 98.653.245.440 Bytes frei
.
- - End Of File - - ED1D3BC6E11350A1CDCD2619A6FD73A7
--- --- ---
AdwCleaner Logfile:
Code:
Alles auswählen Aufklappen ATTFilter
# AdwCleaner v2.202 - Logfile created 04/24/2013 at 07:02:08
# Updated 23/04/2013 by Xplode
# Operating system : Windows 7 Ultimate Service Pack 1 (64 bits)
# User : Jochen - Jochen-PC
# Boot Mode : Normal
# Running from : C:\Users\Jochen\Downloads\adwcleaner.exe
# Option [Search]
***** [Services] *****
***** [Files / Folders] *****
***** [Registry] *****
***** [Internet Browsers] *****
-\\ Internet Explorer v8.0.7601.17514
[OK] Registry is clean.
-\\ Mozilla Firefox v20.0.1 (de)
File : C:\Users\Jochen\AppData\Roaming\Mozilla\Firefox\Profiles\jkov78vz.default\prefs.js
[OK] File is clean.
-\\ Google Chrome v26.0.1410.64
File : C:\Users\Jochen\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] File is clean.
-\\ Opera v12.15.1748.0
File : C:\Users\Jochen\AppData\Roaming\Opera\Opera\operaprefs.ini
[OK] File is clean.
*************************
AdwCleaner[R4].txt - [1062 octets] - [24/04/2013 04:46:58]
AdwCleaner[R5].txt - [1099 octets] - [24/04/2013 06:12:43]
AdwCleaner[R6].txt - [900 octets] - [24/04/2013 06:44:28]
AdwCleaner[R7].txt - [1114 octets] - [24/04/2013 07:02:08]
AdwCleaner[S1].txt - [1237 octets] - [24/04/2013 06:46:21]
########## EOF - C:\AdwCleaner[R7].txt - [1234 octets] ##########
--- --- ---
OTL Logfile:
Code:
Alles auswählen Aufklappen ATTFilter
OTL logfile created on: 24.04.2013 07:12:21 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Jochen\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
8,00 Gb Total Physical Memory | 6,47 Gb Available Physical Memory | 80,83% Memory free
16,00 Gb Paging File | 14,29 Gb Available in Paging File | 89,31% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 150,64 Gb Total Space | 91,95 Gb Free Space | 61,04% Space Free | Partition Type: NTFS
Drive D: | 3,09 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive E: | 380,86 Gb Total Space | 380,76 Gb Free Space | 99,97% Space Free | Partition Type: NTFS
Drive F: | 399,91 Gb Total Space | 399,81 Gb Free Space | 99,98% Space Free | Partition Type: NTFS
Drive G: | 7,42 Gb Total Space | 7,28 Gb Free Space | 98,02% Space Free | Partition Type: FAT32
Computer Name: Jochen-PC | User Name: Jochen | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013.04.11 16:00:58 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jochen\Downloads\OTL.exe
PRC - [2013.04.09 10:57:09 | 001,312,720 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2013.03.25 15:23:04 | 003,507,704 | ---- | M] (devolo AG) -- C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
PRC - [2013.03.06 17:30:43 | 010,220,896 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
PRC - [2013.03.06 17:30:43 | 003,560,288 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
PRC - [2013.03.06 17:22:26 | 000,185,696 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe
PRC - [2009.11.13 16:43:34 | 004,972,544 | ---- | M] (WhatsRunning.net) -- C:\Program Files (x86)\WhatsRunning\WhatsRunning.exe
PRC - [2009.09.23 16:45:50 | 001,287,176 | ---- | M] (Panda Security) -- C:\Program Files (x86)\Panda USB Vaccine\USBVaccine.exe
========== Modules (No Company Name) ==========
MOD - [2013.04.09 10:57:07 | 000,390,096 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll
MOD - [2013.04.09 10:57:05 | 004,050,896 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\pdf.dll
MOD - [2013.04.09 10:56:15 | 000,598,480 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\libglesv2.dll
MOD - [2013.04.09 10:56:14 | 000,124,368 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\libegl.dll
MOD - [2013.04.09 10:56:13 | 001,606,096 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\ffmpegsumo.dll
MOD - [2009.11.13 16:36:26 | 000,045,056 | ---- | M] () -- C:\Program Files (x86)\WhatsRunning\PSInfoPS.dll
========== Services (SafeList) ==========
SRV:64bit: - [2012.12.16 13:25:38 | 000,123,664 | ---- | M] (SANDBOXIE L.T.D) [On_Demand | Stopped] -- C:\Program Files\Sandboxie\SbieSvc.exe -- (SbieSvc)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013.04.22 21:07:13 | 003,816,440 | ---- | M] (Acronis) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe -- (afcdpsrv)
SRV - [2013.04.22 19:43:46 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.04.10 08:56:49 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.03.25 15:23:04 | 003,507,704 | ---- | M] (devolo AG) [Auto | Running] -- C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe -- (DevoloNetworkService)
SRV - [2013.03.20 19:31:44 | 007,094,592 | ---- | M] (Acronis) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe -- (syncagentsrv)
SRV - [2013.03.06 17:30:43 | 003,560,288 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2013.02.26 00:32:22 | 001,260,320 | ---- | M] (NVIDIA Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013.02.15 13:02:10 | 001,144,704 | ---- | M] (Acronis) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2013.01.18 08:14:20 | 000,383,264 | ---- | M] (NVIDIA Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2013.04.22 21:07:14 | 000,367,200 | ---- | M] (Acronis) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\afcdp.sys -- (afcdp)
DRV:64bit: - [2013.04.22 21:07:12 | 001,462,560 | ---- | M] (Acronis International GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tdrpman.sys -- (tdrpman)
DRV:64bit: - [2013.04.22 21:07:10 | 000,183,224 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tib_mounter.sys -- (tib_mounter)
DRV:64bit: - [2013.04.22 21:07:09 | 001,120,032 | ---- | M] (Acronis International GmbH) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tib.sys -- (tib)
DRV:64bit: - [2013.04.22 21:07:08 | 000,161,568 | ---- | M] (Acronis International GmbH) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vididr.sys -- (vididr)
DRV:64bit: - [2013.04.22 21:07:07 | 000,117,024 | ---- | M] (Acronis International GmbH) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vidsflt.sys -- (vidsflt)
DRV:64bit: - [2013.04.22 21:07:04 | 000,233,760 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\snapman.sys -- (snapman)
DRV:64bit: - [2013.04.22 21:07:04 | 000,108,832 | ---- | M] (Acronis International GmbH) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\fltsrv.sys -- (fltsrv)
DRV:64bit: - [2013.03.07 13:37:54 | 000,019,032 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\pwdrvio.sys -- (pwdrvio)
DRV:64bit: - [2013.03.07 13:37:32 | 000,009,584 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\pwdspio.sys -- (pwdspio)
DRV:64bit: - [2012.12.16 13:25:34 | 000,202,632 | ---- | M] (SANDBOXIE L.T.D) [Kernel | On_Demand | Stopped] -- C:\Program Files\Sandboxie\SbieDrv.sys -- (SbieDrv)
DRV:64bit: - [2012.03.27 16:48:00 | 000,398,112 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2010.11.21 05:24:43 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010.11.21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 05:23:48 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub)
DRV:64bit: - [2010.11.21 05:23:48 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:64bit: - [2010.11.21 05:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010.11.21 05:23:48 | 000,034,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2010.11.21 05:23:47 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010.11.21 05:23:47 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.14 09:26:24 | 000,015,416 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV - [2013.03.04 08:43:26 | 000,034,048 | ---- | M] (CACE Technologies) [Kernel | Auto | Running] -- C:\Windows\SysWOW64\drivers\npf_devolo.sys -- (NPF_devolo)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2927705667-812167833-4165969349-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\S-1-5-21-2927705667-812167833-4165969349-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 9A 1A 07 6F 7D 3F CE 01 [binary data]
IE - HKU\S-1-5-21-2927705667-812167833-4165969349-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2927705667-812167833-4165969349-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-2927705667-812167833-4165969349-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..extensions.enabledAddons: fiddlerhook%40fiddler2.com:2.4.3.7
FF - prefs.js..extensions.enabledAddons: %7B8b86149f-01fb-4842-9dd8-4d7eb02fd055%7D:0.25.1
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1
FF - prefs.js..network.proxy.http: "127.0.0.1"
FF - prefs.js..network.proxy.http_port: 8888
FF - prefs.js..network.proxy.no_proxies_on: ""
FF - prefs.js..network.proxy.ssl: "127.0.0.1"
FF - prefs.js..network.proxy.ssl_port: 8888
FF - prefs.js..network.proxy.type: 1
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_169.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll ()
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\fiddlerhook@fiddler2.com: C:\Program Files (x86)\Fiddler2\FiddlerHook [2013.04.22 19:45:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2002.01.01 07:59:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
[2002.01.01 07:59:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jochen\AppData\Roaming\mozilla\Extensions
[2013.04.23 12:33:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jochen\AppData\Roaming\mozilla\Firefox\Profiles\jkov78vz.default\extensions
[2013.04.23 12:33:43 | 000,000,000 | ---D | M] (All-in-One Gestures) -- C:\Users\Jochen\AppData\Roaming\mozilla\Firefox\Profiles\jkov78vz.default\extensions\{8b86149f-01fb-4842-9dd8-4d7eb02fd055}
[2013.04.22 19:41:13 | 000,817,280 | ---- | M] () (No name found) -- C:\Users\Jochen\AppData\Roaming\mozilla\firefox\profiles\jkov78vz.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2002.01.01 07:59:22 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2013.04.22 19:45:15 | 000,000,000 | ---D | M] (FiddlerHook) -- C:\PROGRAM FILES (X86)\FIDDLER2\FIDDLERHOOK
[2013.04.10 08:57:39 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2013.04.10 10:18:46 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2013.04.10 10:18:46 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2013.04.10 10:18:46 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2013.04.10 10:18:46 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2013.04.10 10:18:46 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2013.04.10 10:18:46 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\pdf.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll
CHR - Extension: Google Docs = C:\Users\Jochen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\Jochen\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Jochen\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google-Suche = C:\Users\Jochen\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Google Mail = C:\Users\Jochen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2013.04.24 06:55:57 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O4:64bit: - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2927705667-812167833-4165969349-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2927705667-812167833-4165969349-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9:64bit: - Extra Button: Fiddler - {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - C:\Program Files (x86)\Fiddler2\Fiddler.exe (Telerik)
O9:64bit: - Extra 'Tools' menuitem : Fiddler - {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - C:\Program Files (x86)\Fiddler2\Fiddler.exe (Telerik)
O9 - Extra Button: Fiddler - {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - C:\Program Files (x86)\Fiddler2\Fiddler.exe (Telerik)
O9 - Extra 'Tools' menuitem : Fiddler - {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - C:\Program Files (x86)\Fiddler2\Fiddler.exe (Telerik)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{613A590F-16D9-4EE7-9E69-63A741F7D4E1}: NameServer = 8.8.8.8
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.11.21 10:33:27 | 000,000,122 | R--- | M] () - D:\autorun.inf -- [ UDF ]
O32 - AutoRun File - [2013.04.15 20:27:12 | 000,000,016 | -H-- | M] () - G:\AUTORUN.INF -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013.04.24 06:57:28 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013.04.24 06:05:12 | 004,745,728 | ---- | C] (AVAST Software) -- C:\Users\Jochen\Desktop\aswMBR.exe
[2013.04.24 01:14:28 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013.04.24 01:14:28 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013.04.24 01:14:28 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013.04.24 01:14:24 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013.04.24 01:14:14 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013.04.24 01:07:32 | 000,000,000 | ---D | C] -- C:\Users\Jochen\Desktop\mbar
[2013.04.24 00:43:29 | 002,239,840 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Jochen\Desktop\tds.exe
[2013.04.24 00:43:06 | 005,059,674 | R--- | C] (Swearware) -- C:\Users\Jochen\Desktop\ComboFix.exe
[2013.04.23 23:43:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2013.04.23 23:43:51 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013.04.23 22:44:12 | 000,000,000 | ---D | C] -- C:\Users\Jochen\AppData\Roaming\mIRC
[2013.04.23 22:44:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\mIRC
[2013.04.23 22:44:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\mIRC
[2013.04.23 22:12:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OWASP
[2013.04.23 22:12:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OWASP
[2013.04.23 19:58:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\What's Running
[2013.04.23 19:58:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WhatsRunning
[2013.04.23 18:11:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2013.04.23 17:30:00 | 000,000,000 | ---D | C] -- C:\Windows\CheckSur
[2013.04.23 14:22:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool Partition Wizard Home Edition 7.8
[2013.04.23 14:22:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MiniTool Partition Wizard Home Edition 7.8
[2013.04.23 14:21:23 | 000,000,000 | ---D | C] -- C:\Users\Jochen\AppData\Local\GHISLER
[2013.04.23 14:20:43 | 000,000,000 | ---D | C] -- C:\totalcmd
[2013.04.23 14:20:43 | 000,000,000 | ---D | C] -- C:\Users\Jochen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander
[2013.04.23 14:20:43 | 000,000,000 | ---D | C] -- C:\Users\Jochen\AppData\Roaming\GHISLER
[2013.04.23 14:16:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Panda Security
[2013.04.23 14:16:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Panda USB Vaccine
[2013.04.23 14:16:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Security
[2013.04.23 14:03:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie
[2013.04.23 14:03:13 | 000,000,000 | ---D | C] -- C:\Program Files\Sandboxie
[2013.04.23 11:37:53 | 000,000,000 | ---D | C] -- C:\Users\Jochen\AppData\Roaming\Opera
[2013.04.23 11:37:53 | 000,000,000 | ---D | C] -- C:\Users\Jochen\AppData\Local\Opera
[2013.04.23 11:37:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Opera
[2013.04.23 10:53:54 | 000,000,000 | ---D | C] -- C:\Windows\de-DE
[2013.04.23 10:53:51 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\XPSViewer
[2013.04.23 10:53:51 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\drivers\de-DE
[2013.04.23 10:53:51 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\de
[2013.04.23 10:53:51 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\0407
[2013.04.23 10:53:41 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\de-DE
[2013.04.23 10:53:41 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\0407
[2013.04.23 10:53:39 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\de
[2013.04.23 10:49:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamViewer
[2013.04.23 10:49:33 | 000,004,096 | ---- | C] (SCM Microsystems, Inc.) -- C:\Windows\SysNative\drivers\de-DE\pscr.sys.mui
[2013.04.23 10:48:52 | 000,011,776 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\de-DE\BrSerId.sys.mui
[2013.04.23 10:48:52 | 000,011,776 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\de-DE\BrSerIb.sys.mui
[2013.04.23 10:48:52 | 000,002,560 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysNative\drivers\de-DE\BrParwdm.sys.mui
[2013.04.23 10:44:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Marvell
[2013.04.23 04:29:16 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2013.04.23 01:22:05 | 000,000,000 | ---D | C] -- C:\Users\Jochen\Documents\Fiddler2
[2013.04.23 01:04:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2013.04.23 00:47:01 | 000,000,000 | ---D | C] -- C:\Users\Jochen\AppData\Roaming\Trillian
[2013.04.23 00:46:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trillian
[2013.04.22 23:54:15 | 000,000,000 | ---D | C] -- C:\Meine Backups
[2013.04.22 23:52:38 | 000,000,000 | ---D | C] -- C:\Users\Jochen\AppData\Roaming\Acronis
[2013.04.22 21:06:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis
[2013.04.22 21:06:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Acronis
[2013.04.22 21:03:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2013.04.22 20:49:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2013.04.22 20:48:35 | 000,061,216 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2013.04.22 20:48:35 | 000,053,024 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2013.04.22 20:48:04 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2013.04.22 20:05:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Acronis
[2013.04.22 20:05:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Acronis
[2013.04.22 20:00:01 | 000,000,000 | ---D | C] -- C:\Users\Jochen\AppData\Roaming\Canneverbe Limited
[2013.04.22 20:00:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Canneverbe Limited
[2013.04.22 19:59:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CDBurnerXP
[2013.04.22 19:58:08 | 000,000,000 | R--D | C] -- C:\Users\Jochen\Dropbox
[2013.04.22 19:52:43 | 000,000,000 | ---D | C] -- C:\Users\Jochen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
[2013.04.22 19:50:32 | 000,000,000 | ---D | C] -- C:\Users\Jochen\AppData\Roaming\Dropbox
[2013.04.22 19:46:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2013.04.22 19:45:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Fiddler2
[2013.04.22 19:44:44 | 000,000,000 | ---D | C] -- C:\Users\Jochen\AppData\Local\Macromedia
[2013.04.22 19:43:59 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2013.04.22 19:43:44 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2013.04.22 19:43:36 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2013.04.22 19:43:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2013.04.22 19:40:50 | 000,000,000 | ---D | C] -- C:\Users\Jochen\AppData\Local\Google
[2013.04.22 19:40:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2013.04.22 19:33:25 | 000,000,000 | ---D | C] -- C:\Users\Jochen\AppData\Roaming\Malwarebytes
[2013.04.22 19:33:13 | 000,000,000 | ---D | C] -- C:\Users\Jochen\AppData\Local\Programs
[2013.04.22 19:32:58 | 000,000,000 | ---D | C] -- C:\Users\Jochen\AppData\Roaming\WinRAR
[2013.04.22 19:32:58 | 000,000,000 | ---D | C] -- C:\Users\Jochen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2013.04.22 19:32:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2013.04.22 19:32:56 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2013.04.22 01:17:03 | 000,000,000 | ---D | C] -- C:\Users\Jochen\AppData\Roaming\Macromedia
[2013.04.22 01:17:03 | 000,000,000 | ---D | C] -- C:\Users\Jochen\AppData\Roaming\Adobe
[2013.04.22 01:16:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\devolo
[2013.04.22 01:16:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\devolo
========== Files - Modified Within 30 Days ==========
[2013.04.24 06:55:57 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2013.04.24 06:54:43 | 000,026,544 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.04.24 06:54:43 | 000,026,544 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.04.24 06:54:31 | 001,611,160 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.04.24 06:54:31 | 000,693,972 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.04.24 06:54:31 | 000,651,450 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.04.24 06:54:31 | 000,147,096 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.04.24 06:54:31 | 000,120,382 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.04.24 06:49:00 | 000,001,112 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.04.24 06:47:45 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.04.24 06:47:28 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.04.24 06:31:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.04.24 06:28:31 | 001,094,714 | ---- | M] () -- C:\Users\Jochen\Documents\sys1.xml
[2013.04.24 06:07:15 | 000,000,512 | ---- | M] () -- C:\Users\Jochen\Documents\MBR.dat
[2013.04.24 05:50:43 | 000,000,000 | ---- | M] () -- C:\Users\Jochen\defogger_reenable
[2013.04.24 05:05:33 | 646,237,550 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013.04.24 01:24:54 | 000,001,450 | ---- | M] () -- C:\Windows\Sandboxie.ini
[2013.04.24 01:24:02 | 000,275,576 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.04.23 23:43:56 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013.04.23 23:15:32 | 000,000,600 | ---- | M] () -- C:\Users\Jochen\AppData\Local\PUTTY.RND
[2013.04.23 22:44:12 | 000,000,951 | ---- | M] () -- C:\Users\Public\Desktop\mIRC.lnk
[2013.04.23 19:58:19 | 000,000,983 | ---- | M] () -- C:\Users\Jochen\Desktop\What's Running.lnk
[2013.04.23 18:29:32 | 005,059,674 | R--- | M] (Swearware) -- C:\Users\Jochen\Desktop\ComboFix.exe
[2013.04.23 18:14:14 | 004,745,728 | ---- | M] (AVAST Software) -- C:\Users\Jochen\Desktop\aswMBR.exe
[2013.04.23 14:22:56 | 000,001,282 | ---- | M] () -- C:\Users\Public\Desktop\MiniTool Partition Wizard Home Edition.lnk
[2013.04.23 14:20:44 | 000,000,646 | ---- | M] () -- C:\Users\Jochen\Desktop\Total Commander 64 bit.lnk
[2013.04.23 14:03:14 | 000,000,914 | ---- | M] () -- C:\Users\Jochen\Desktop\Sandboxed Web Browser.lnk
[2013.04.23 14:03:14 | 000,000,914 | ---- | M] () -- C:\Users\Jochen\Application Data\Microsoft\Internet Explorer\Quick Launch\Sandboxed Web Browser.lnk
[2013.04.23 11:37:51 | 000,001,829 | ---- | M] () -- C:\Users\Public\Desktop\Opera.lnk
[2013.04.23 10:53:30 | 000,295,922 | ---- | M] () -- C:\Windows\SysNative\perfi007.dat
[2013.04.23 10:53:30 | 000,038,104 | ---- | M] () -- C:\Windows\SysNative\perfd007.dat
[2013.04.23 10:49:57 | 000,001,162 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 8.lnk
[2013.04.23 01:08:40 | 000,763,706 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013.04.23 00:47:01 | 000,001,079 | ---- | M] () -- C:\Users\Jochen\Desktop\Trillian.lnk
[2013.04.22 21:07:00 | 000,001,205 | ---- | M] () -- C:\Users\Public\Desktop\True Image 2013.lnk
[2013.04.22 19:59:58 | 000,001,941 | ---- | M] () -- C:\Users\Public\Desktop\CDBurnerXP.lnk
[2013.04.22 19:58:08 | 000,001,043 | ---- | M] () -- C:\Users\Jochen\Desktop\Dropbox.lnk
[2013.04.22 19:52:43 | 000,002,279 | ---- | M] () -- C:\Users\Jochen\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013.04.22 19:46:12 | 000,002,255 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013.04.22 01:17:03 | 000,002,123 | ---- | M] () -- C:\Users\Public\Desktop\devolo dLAN Cockpit.lnk
[2013.04.16 16:34:00 | 000,377,856 | ---- | M] () -- C:\Users\Jochen\Desktop\gmer_2.1.19163.exe
[2013.04.11 15:21:56 | 002,239,840 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Jochen\Desktop\tds.exe
[2013.04.04 09:55:28 | 000,377,856 | ---- | M] () -- C:\Users\Jochen\Desktop\gnom.com
[2013.04.04 09:55:28 | 000,377,856 | ---- | M] () -- C:\Users\Jochen\Desktop\gmer.exe
========== Files Created - No Company Name ==========
[2013.04.24 06:28:31 | 001,094,714 | ---- | C] () -- C:\Users\Jochen\Documents\sys1.xml
[2013.04.24 06:07:15 | 000,000,512 | ---- | C] () -- C:\Users\Jochen\Documents\MBR.dat
[2013.04.24 05:54:10 | 000,377,856 | ---- | C] () -- C:\Users\Jochen\Desktop\gmer.exe
[2013.04.24 05:53:32 | 000,377,856 | ---- | C] () -- C:\Users\Jochen\Desktop\gnom.com
[2013.04.24 05:50:43 | 000,000,000 | ---- | C] () -- C:\Users\Jochen\defogger_reenable
[2013.04.24 05:05:33 | 646,237,550 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2013.04.24 01:23:54 | 000,275,576 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.04.24 01:14:28 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013.04.24 01:14:28 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013.04.24 01:14:28 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013.04.24 01:14:28 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013.04.24 01:14:28 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013.04.24 00:43:16 | 000,377,856 | ---- | C] () -- C:\Users\Jochen\Desktop\gmer_2.1.19163.exe
[2013.04.23 23:43:56 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013.04.23 22:44:12 | 000,000,951 | ---- | C] () -- C:\Users\Public\Desktop\mIRC.lnk
[2013.04.23 19:58:19 | 000,000,983 | ---- | C] () -- C:\Users\Jochen\Desktop\What's Running.lnk
[2013.04.23 14:25:32 | 000,000,600 | ---- | C] () -- C:\Users\Jochen\AppData\Local\PUTTY.RND
[2013.04.23 14:22:59 | 003,074,240 | ---- | C] () -- C:\Windows\SysNative\pwNative.exe
[2013.04.23 14:22:59 | 000,019,032 | ---- | C] () -- C:\Windows\SysNative\pwdrvio.sys
[2013.04.23 14:22:58 | 000,009,584 | ---- | C] () -- C:\Windows\SysNative\pwdspio.sys
[2013.04.23 14:22:56 | 000,001,282 | ---- | C] () -- C:\Users\Public\Desktop\MiniTool Partition Wizard Home Edition.lnk
[2013.04.23 14:20:44 | 000,000,646 | ---- | C] () -- C:\Users\Jochen\Desktop\Total Commander 64 bit.lnk
[2013.04.23 14:04:27 | 000,000,914 | ---- | C] () -- C:\Users\Jochen\Desktop\Sandboxed Web Browser.lnk
[2013.04.23 14:04:27 | 000,000,914 | ---- | C] () -- C:\Users\Jochen\Application Data\Microsoft\Internet Explorer\Quick Launch\Sandboxed Web Browser.lnk
[2013.04.23 14:04:25 | 000,001,450 | ---- | C] () -- C:\Windows\Sandboxie.ini
[2013.04.23 11:37:51 | 000,001,841 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
[2013.04.23 11:37:51 | 000,001,829 | ---- | C] () -- C:\Users\Public\Desktop\Opera.lnk
[2013.04.23 10:54:40 | 000,295,922 | ---- | C] () -- C:\Windows\SysNative\perfi007.dat
[2013.04.23 10:54:39 | 000,693,972 | ---- | C] () -- C:\Windows\SysNative\perfh007.dat
[2013.04.23 10:54:39 | 000,147,096 | ---- | C] () -- C:\Windows\SysNative\perfc007.dat
[2013.04.23 10:54:39 | 000,038,104 | ---- | C] () -- C:\Windows\SysNative\perfd007.dat
[2013.04.23 10:49:57 | 000,001,174 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 8.lnk
[2013.04.23 10:49:57 | 000,001,162 | ---- | C] () -- C:\Users\Public\Desktop\TeamViewer 8.lnk
[2013.04.23 10:42:15 | 000,015,416 | ---- | C] () -- C:\Windows\SysNative\drivers\ASACPI.sys
[2013.04.23 01:08:38 | 000,763,706 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013.04.23 00:47:01 | 000,001,109 | ---- | C] () -- C:\Users\Jochen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trillian.lnk
[2013.04.23 00:47:01 | 000,001,079 | ---- | C] () -- C:\Users\Jochen\Desktop\Trillian.lnk
[2013.04.22 21:07:00 | 000,001,205 | ---- | C] () -- C:\Users\Public\Desktop\True Image 2013.lnk
[2013.04.22 19:59:58 | 000,001,941 | ---- | C] () -- C:\Users\Public\Desktop\CDBurnerXP.lnk
[2013.04.22 19:59:58 | 000,001,899 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
[2013.04.22 19:58:08 | 000,001,043 | ---- | C] () -- C:\Users\Jochen\Desktop\Dropbox.lnk
[2013.04.22 19:46:12 | 000,002,279 | ---- | C] () -- C:\Users\Jochen\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013.04.22 19:46:12 | 000,002,255 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013.04.22 19:45:15 | 000,001,888 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fiddler2.lnk
[2013.04.22 19:43:46 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.04.22 19:40:57 | 000,001,112 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.04.22 19:40:54 | 000,001,108 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.04.22 01:17:03 | 000,002,123 | ---- | C] () -- C:\Users\Public\Desktop\devolo dLAN Cockpit.lnk
========== ZeroAccess Check ==========
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2013.04.22 23:52:38 | 000,000,000 | ---D | M] -- C:\Users\Jochen\AppData\Roaming\Acronis
[2013.04.22 20:00:01 | 000,000,000 | ---D | M] -- C:\Users\Jochen\AppData\Roaming\Canneverbe Limited
[2013.04.24 01:36:31 | 000,000,000 | ---D | M] -- C:\Users\Jochen\AppData\Roaming\Dropbox
[2013.04.23 14:20:43 | 000,000,000 | ---D | M] -- C:\Users\Jochen\AppData\Roaming\GHISLER
[2013.04.23 11:37:53 | 000,000,000 | ---D | M] -- C:\Users\Jochen\AppData\Roaming\Opera
[2013.04.23 03:51:11 | 000,000,000 | ---D | M] -- C:\Users\Jochen\AppData\Roaming\Trillian
========== Purity Check ==========
========== Custom Scans ==========
< reg query "HKLM\HARDWARE\DEVICEMAP\Scsi\Scsi Port 0" /c >
< reg query "HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96A-E325-11CE-BFC1-08002BE10318}" /s /c >
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\CLASS\{4D36E96A-E325-11CE-BFC1-08002BE10318}
Class REG_SZ hdc
ClassDesc REG_SZ @%SystemRoot%\System32\SysClass.Dll,-3001
(Standard) REG_SZ IDE ATA/ATAPI controllers
IconPath REG_MULTI_SZ %SystemRoot%\System32\setupapi.dll,-9
Installer32 REG_SZ SysClass.Dll,HdcClassInstaller
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\CLASS\{4D36E96A-E325-11CE-BFC1-08002BE10318}\0000
InfPath REG_SZ mshdc.inf
InfSection REG_SZ pciide_Inst
ProviderName REG_SZ Microsoft
DriverDateData REG_BINARY 00808CA3C594C601
DriverDate REG_SZ 6-21-2006
DriverVersion REG_SZ 6.1.7601.17514
MatchingDeviceId REG_SZ pci\cc_0101
DriverDesc REG_SZ Standard Dual Channel PCI IDE Controller
Migrated REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\CLASS\{4D36E96A-E325-11CE-BFC1-08002BE10318}\0001
InfPath REG_SZ mshdc.inf
InfSection REG_SZ pciide_Inst
ProviderName REG_SZ Microsoft
DriverDateData REG_BINARY 00808CA3C594C601
DriverDate REG_SZ 6-21-2006
DriverVersion REG_SZ 6.1.7601.17514
MatchingDeviceId REG_SZ pci\cc_0101
DriverDesc REG_SZ Standard Dual Channel PCI IDE Controller
Migrated REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\CLASS\{4D36E96A-E325-11CE-BFC1-08002BE10318}\0002
CoInstallers32 REG_MULTI_SZ storprop.dll,HdcCoInstaller
EnumPropPages32 REG_SZ storprop.dll,AtaPropPageProvider
InfPath REG_SZ mshdc.inf
InfSection REG_SZ atapi_Inst
ProviderName REG_SZ Microsoft
DriverDateData REG_BINARY 00808CA3C594C601
DriverDate REG_SZ 6-21-2006
DriverVersion REG_SZ 6.1.7601.17514
MatchingDeviceId REG_SZ internal_ide_channel
DriverDesc REG_SZ IDE Channel
Migrated REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\CLASS\{4D36E96A-E325-11CE-BFC1-08002BE10318}\0003
CoInstallers32 REG_MULTI_SZ storprop.dll,HdcCoInstaller
EnumPropPages32 REG_SZ storprop.dll,AtaPropPageProvider
InfPath REG_SZ mshdc.inf
InfSection REG_SZ atapi_Inst
ProviderName REG_SZ Microsoft
DriverDateData REG_BINARY 00808CA3C594C601
DriverDate REG_SZ 6-21-2006
DriverVersion REG_SZ 6.1.7601.17514
MatchingDeviceId REG_SZ internal_ide_channel
DriverDesc REG_SZ IDE Channel
Migrated REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\CLASS\{4D36E96A-E325-11CE-BFC1-08002BE10318}\0004
CoInstallers32 REG_MULTI_SZ storprop.dll,HdcCoInstaller
EnumPropPages32 REG_SZ storprop.dll,AtaPropPageProvider
InfPath REG_SZ mshdc.inf
InfSection REG_SZ atapi_Inst
ProviderName REG_SZ Microsoft
DriverDateData REG_BINARY 00808CA3C594C601
DriverDate REG_SZ 6-21-2006
DriverVersion REG_SZ 6.1.7601.17514
MatchingDeviceId REG_SZ internal_ide_channel
DriverDesc REG_SZ IDE Channel
Migrated REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\CLASS\{4D36E96A-E325-11CE-BFC1-08002BE10318}\0005
CoInstallers32 REG_MULTI_SZ storprop.dll,HdcCoInstaller
EnumPropPages32 REG_SZ storprop.dll,AtaPropPageProvider
InfPath REG_SZ mshdc.inf
InfSection REG_SZ atapi_Inst
ProviderName REG_SZ Microsoft
DriverDateData REG_BINARY 00808CA3C594C601
DriverDate REG_SZ 6-21-2006
DriverVersion REG_SZ 6.1.7601.17514
MatchingDeviceId REG_SZ internal_ide_channel
DriverDesc REG_SZ IDE Channel
Migrated REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\CLASS\{4D36E96A-E325-11CE-BFC1-08002BE10318}\0006
InfPath REG_SZ mshdc.inf
InfSection REG_SZ pciide_Inst
ProviderName REG_SZ Microsoft
DriverDateData REG_BINARY 00808CA3C594C601
DriverDate REG_SZ 6-21-2006
DriverVersion REG_SZ 6.1.7601.17514
MatchingDeviceId REG_SZ pci\cc_0101
DriverDesc REG_SZ Standard Dual Channel PCI IDE Controller
Migrated REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\CLASS\{4D36E96A-E325-11CE-BFC1-08002BE10318}\0007
CoInstallers32 REG_MULTI_SZ storprop.dll,HdcCoInstaller
EnumPropPages32 REG_SZ storprop.dll,AtaPropPageProvider
InfPath REG_SZ mshdc.inf
InfSection REG_SZ atapi_Inst
ProviderName REG_SZ Microsoft
DriverDateData REG_BINARY 00808CA3C594C601
DriverDate REG_SZ 6-21-2006
DriverVersion REG_SZ 6.1.7601.17514
MatchingDeviceId REG_SZ internal_ide_channel
DriverDesc REG_SZ IDE Channel
Migrated REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\CLASS\{4D36E96A-E325-11CE-BFC1-08002BE10318}\0008
CoInstallers32 REG_MULTI_SZ storprop.dll,HdcCoInstaller
EnumPropPages32 REG_SZ storprop.dll,AtaPropPageProvider
InfPath REG_SZ mshdc.inf
InfSection REG_SZ atapi_Inst
ProviderName REG_SZ Microsoft
DriverDateData REG_BINARY 00808CA3C594C601
DriverDate REG_SZ 6-21-2006
DriverVersion REG_SZ 6.1.7601.17514
MatchingDeviceId REG_SZ internal_ide_channel
DriverDesc REG_SZ IDE Channel
Migrated REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\CLASS\{4D36E96A-E325-11CE-BFC1-08002BE10318}\0009
InfPath REG_SZ mshdc.inf
InfSection REG_SZ pciide_Inst
ProviderName REG_SZ Microsoft
DriverDateData REG_BINARY 00808CA3C594C601
DriverDate REG_SZ 6-21-2006
DriverVersion REG_SZ 6.1.7601.17514
MatchingDeviceId REG_SZ pci\cc_0101
DriverDesc REG_SZ Standard Dual Channel PCI IDE Controller
Migrated REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\CLASS\{4D36E96A-E325-11CE-BFC1-08002BE10318}\0010
CoInstallers32 REG_MULTI_SZ storprop.dll,HdcCoInstaller
EnumPropPages32 REG_SZ storprop.dll,AtaPropPageProvider
InfPath REG_SZ mshdc.inf
InfSection REG_SZ atapi_Inst
ProviderName REG_SZ Microsoft
DriverDateData REG_BINARY 00808CA3C594C601
DriverDate REG_SZ 6-21-2006
DriverVersion REG_SZ 6.1.7601.17514
MatchingDeviceId REG_SZ internal_ide_channel
DriverDesc REG_SZ IDE Channel
Migrated REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\CLASS\{4D36E96A-E325-11CE-BFC1-08002BE10318}\0011
CoInstallers32 REG_MULTI_SZ storprop.dll,HdcCoInstaller
EnumPropPages32 REG_SZ storprop.dll,AtaPropPageProvider
InfPath REG_SZ mshdc.inf
InfSection REG_SZ atapi_Inst
ProviderName REG_SZ Microsoft
DriverDateData REG_BINARY 00808CA3C594C601
DriverDate REG_SZ 6-21-2006
DriverVersion REG_SZ 6.1.7601.17514
MatchingDeviceId REG_SZ internal_ide_channel
DriverDesc REG_SZ IDE Channel
Migrated REG_DWORD 0x1
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\CONTROL\CLASS\{4D36E96A-E325-11CE-BFC1-08002BE10318}\Properties
< End of report >
--- --- ---
[/CODE]
Ah, wieder geöffnet. Puhh ... wie gesagt, ich habe mir heute Abend freigehalten - sag mir Bescheid wies weitergeht. Danke nochmal!
Geändert von JochenWitt (24.04.2013 um 06:30 Uhr)
22.04.2013, 10:02
Textbox.
Linear-Darstellung
