Server mit DCOM nicht registiert werden / führt zu Pc-Absturz bei Windows XP

dcom13 · 05.01.2014, 21:34

nein, Rechner fährt bis zum windows-Fenster hoch und bricht dann ab.

schrauber · 06.01.2014, 16:43

Auch im abgesicherten Modus? in allen 3?

dcom13 · 06.01.2014, 19:14

nein, funktioniert nicht.
Es erscheint hier wieder das Windows- XP- Setup- Fenster mit dem Text: "Windows XP Setup kann nicht vom abgesicherten Modus aus aufgerufen werden. Setup wird jetzt neu gestartet." Beim Neustart kommt man wieder zum Windows-Fenster und der Rechner fährt herunter.

schrauber · 07.01.2014, 10:21

mach bitte nochmal den fixboot Befehl in der Recovery, ebenso bitte noch diesen Befehl:

fixmbr

dcom13 · 07.01.2014, 22:30

hab ich gemacht, ist aber keine Veränderung zu verzeichnen.
Es kommt dann auch wieder C:/Windows und hier geht es nicht weiter.
Bei Neustart kommt das Windows-Fenster und danach der Abbruch.
Habe auch noch einmal ein Setup versucht. Auch das gleich Ergebnis.

schrauber · 08.01.2014, 12:08

Jetzt anders. Neben dem OTLPE Scan kannste von dort aus auch auf jeden Fall schon mal deine Daten sichern.

Falls Du kein Brennprogramm installiert hast, lade
dir bitte ISOBurner herunter.
Das Programm wird Dir erlauben, OTLPE auf eine CD zu brennen und sie bootfähig zu machen.
Du brauchst das Tool nur zu installieren, der Rest läuft automatisch => Wie brenne ich eine ISO Datei auf CD/DVD.

Lade OTLPENet.exe von OldTimer herunter und speichere sie auf Deinem Desktop.
Anmerkung: Die Datei ist ca. 120 MB groß und es wird bei langsamer Internet-Verbindung ein wenig dauern, bis Du sie runtergeladen hast.
Wenn der Download fertig ist, mache einen Doppelklick auf die Datei und beantworte die Frage "Do you want to burn the CD?" mit Yes.
Lege eine leere CD in Deinen Brenner.
ImgBurn (oder Dein Brennprogramm) wird das Archiv extrahieren und OTLPE Network auf die CD brennen.
Wenn der Brenn-Vorgang abgeschlossen ist, wirst Du eine Dialogbox sehen => "Operation successfully completed".
Du kannst nun die Fenster des Brennprogramms schließen.

Nun boote von mit der OTLPE CD.
Hinweis: Wie boote ich von CD

Dein System sollte nach einigen Minuten den REATOGO-X-PE Desktop anzeigen.
Mache einen Doppelklick auf das OTLPE Icon.
Wenn Du gefragt wirst "Do you wish to load the remote registry", dann wähle Yes.
Wenn Du gefragt wirst "Do you wish to load remote user profile(s) for scanning", dann wähle Yes.
Vergewissere Dich, dass die Box "Automatically Load All Remaining Users" gewählt ist und drücke OK.
OTLpe sollte nun starten.
Drücke Run Scan, um den Scan zu starten.
Wenn der Scan fertig ist, werden die Dateien C:\OTL.Txt und C:\Extras.Txt erstellt
Kopiere diese Datei auf Deinen USB-Stick, wenn Du keine Internetverbindung auf diesem System hast.
Bitte poste den Inhalt von C:\OTL.Txt und Extras.Txt.

dcom13 · 12.01.2014, 17:40

OTLPE-Scan durchgeführt.

Code:

ATTFilter

OTL logfile created on: 1/12/2014 4:07:06 PM - Run 
OTLPE by OldTimer - Version 3.1.48.0     Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 2 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 6.0.2800.2180)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1,015.00 Mb Total Physical Memory | 775.00 Mb Available Physical Memory | 76.00% Memory free
903.00 Mb Paging File | 843.00 Mb Available in Paging File | 93.00% Paging File free
Paging file location(s): d:\pagefile.sys 1024 1024 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 48.83 Gb Total Space | 10.31 Gb Free Space | 21.12% Space Free | Partition Type: NTFS
Drive D: | 184.05 Gb Total Space | 50.38 Gb Free Space | 27.37% Space Free | Partition Type: NTFS
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet004
 
========== Win32 Services (SafeList) ==========
 
SRV - File not found [Auto] --  -- (LckFldService)
SRV - File not found [Disabled] --  -- (HidServ)
SRV - File not found [On_Demand] --  -- (AppMgmt)
SRV - [2013/12/19 11:27:48 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/12/19 09:44:33 | 000,440,376 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2013/12/19 09:40:16 | 001,011,768 | ---- | M] (Avira Operations GmbH & Co. KG) [Disabled] -- C:\Programme\Avira\AntiVir Desktop\AVWEBGRD.EXE -- (AntiVirWebService)
SRV - [2013/12/11 16:55:37 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/12/06 09:47:20 | 001,229,528 | ---- | M] (Secunia) [Auto] -- C:\Programme\Secunia\PSI\PSIA.exe -- (Secunia PSI Agent)
SRV - [2013/12/06 09:47:20 | 000,662,232 | ---- | M] (Secunia) [Auto] -- C:\Programme\Secunia\PSI\sua.exe -- (Secunia Update Agent)
SRV - [2013/12/04 12:46:55 | 000,440,376 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2013/04/04 08:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto] -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 08:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto] -- C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/05/24 06:28:56 | 000,055,184 | ---- | M] (Apple Inc.) [Auto] -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2008/10/20 15:18:26 | 000,071,096 | ---- | M] () [Auto] -- C:\Programme\CDBurnerXP\NMSAccessU.exe -- (NMSAccessU)
SRV - [2007/06/08 10:58:52 | 000,126,976 | ---- | M] (Olivetti) [Auto] -- C:\Programme\Olivetti\ANY_WAY\olMntrService.exe -- (olMntrService)
SRV - [2006/12/14 09:00:00 | 000,544,768 | ---- | M] (Magix AG) [On_Demand] -- C:\Programme\Gemeinsame Dateien\MAGIX Shared\UPnPService\UPnPService.exe -- (UPnPService)
SRV - [2005/11/17 07:18:52 | 001,527,900 | ---- | M] (MAGIX®) [On_Demand] -- C:\Common\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
SRV - [2004/10/21 20:24:18 | 000,073,728 | ---- | M] (Macrovision Corporation) [On_Demand] -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand] --  -- (UIUSys)
DRV - File not found [Kernel | On_Demand] --  -- (rtl8139) NT-Treiber für Realtek RTL8139(A/B/C)
DRV - File not found [Kernel | Boot] --  -- (PxHelp20)
DRV - File not found [Kernel | On_Demand] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] --  -- (PDCOMP)
DRV - File not found [Kernel | System] --  -- (PCIDump)
DRV - File not found [Kernel | On_Demand] --  -- (pccsmcfd)
DRV - File not found [Kernel | System] --  -- (lbrtfdc)
DRV - File not found [Kernel | On_Demand] --  -- (Lavasoft Kernexplorer)
DRV - File not found [Kernel | System] --  -- (i2omgmt)
DRV - File not found [Kernel | On_Demand] --  -- (cpuz132)
DRV - File not found [Kernel | System] --  -- (Changer)
DRV - File not found [Kernel | On_Demand] --  -- (catchme)
DRV - [2013/12/19 09:44:43 | 000,135,648 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2013/12/19 09:44:43 | 000,090,400 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2013/12/06 09:47:12 | 000,016,024 | ---- | M] (Secunia) [File_System | On_Demand] -- C:\WINDOWS\system32\drivers\psi_mf_x86.sys -- (PSI)
DRV - [2013/12/04 12:57:45 | 000,037,352 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System] -- C:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2013/04/04 08:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012/08/27 08:50:24 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010/08/12 07:15:20 | 000,064,288 | ---- | M] (Lavasoft AB) [File_System | Boot] -- C:\WINDOWS\system32\drivers\Lbd.sys -- (Lbd)
DRV - [2009/09/10 09:58:26 | 000,021,648 | ---- | M] (OLYMPUS IMAGING CORP.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\OlyCamComm.sys -- (OlyCamComm)
DRV - [2009/03/25 07:29:52 | 000,130,432 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2008/04/04 11:34:26 | 000,014,208 | ---- | M] (MAGIX) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\disksec.sys -- (DiskSec)
DRV - [2007/05/11 06:59:20 | 000,017,536 | ---- | M] (Olivetti-Engineering SA) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\olsrvusb.sys -- (OLSVUSB)
DRV - [2006/09/12 13:27:00 | 004,381,184 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2006/02/28 07:00:00 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2004/11/11 06:00:00 | 000,010,240 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nvmpu401.sys -- (nvmpu401) Service for NVIDIA(R) nForce(TM)
DRV - [2002/10/22 09:45:42 | 000,668,160 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\sbpci.sys -- (sbpci) SB PCI Family Audio Driver (WDM)
DRV - [2002/09/06 03:54:28 | 000,010,194 | ---- | M] (Creative Technology Ltd.) [Kernel | Auto] -- C:\WINDOWS\system32\PFMODNT.SYS -- (PfModNT)
DRV - [2002/07/16 03:58:12 | 000,379,726 | ---- | M] (C-Media Inc) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\cmaudio.sys -- (cmpci) C-Media PCI Audio Driver (WDM)
DRV - [2001/08/17 06:19:34 | 000,040,704 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\es1371mp.sys -- (es1371) Creative AudioPCI (ES1371,ES1373) (WDM)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\Administrator_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\Elias_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\Eltern_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKU\Eltern_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKU\Eltern_ON_C\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com
IE - HKU\Eltern_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com
IE - HKU\Eltern_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\Jakob_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKU\Jakob_ON_C\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com
IE - HKU\Jakob_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com
IE - HKU\Jakob_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\LocalService_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snap.do/?publisher=Tuguu&dpid=Tuguu&co=DE&userid=9860d7ef-875b-4f67-8bbf-8ad46998548d&searchtype=ds&q={searchTerms}&installDate=26/04/2013
IE - HKU\LocalService_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed.snap.do/?publisher=Tuguu&dpid=Tuguu&co=DE&userid=9860d7ef-875b-4f67-8bbf-8ad46998548d&searchtype=hp&installDate=26/04/2013
IE - HKU\LocalService_ON_C\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://feed.snap.do/?publisher=Tuguu&dpid=Tuguu&co=DE&userid=9860d7ef-875b-4f67-8bbf-8ad46998548d&searchtype=ds&q={searchTerms}&installDate=26/04/2013
IE - HKU\LocalService_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://feed.snap.do/?publisher=Tuguu&dpid=Tuguu&co=DE&userid=9860d7ef-875b-4f67-8bbf-8ad46998548d&searchtype=ds&q={searchTerms}&installDate=26/04/2013
IE - HKU\LocalService_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\Lukas_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\NetworkService_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snap.do/?publisher=Tuguu&dpid=Tuguu&co=DE&userid=9860d7ef-875b-4f67-8bbf-8ad46998548d&searchtype=ds&q={searchTerms}&installDate=26/04/2013
IE - HKU\NetworkService_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed.snap.do/?publisher=Tuguu&dpid=Tuguu&co=DE&userid=9860d7ef-875b-4f67-8bbf-8ad46998548d&searchtype=hp&installDate=26/04/2013
IE - HKU\NetworkService_ON_C\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://feed.snap.do/?publisher=Tuguu&dpid=Tuguu&co=DE&userid=9860d7ef-875b-4f67-8bbf-8ad46998548d&searchtype=ds&q={searchTerms}&installDate=26/04/2013
IE - HKU\NetworkService_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://feed.snap.do/?publisher=Tuguu&dpid=Tuguu&co=DE&userid=9860d7ef-875b-4f67-8bbf-8ad46998548d&searchtype=ds&q={searchTerms}&installDate=26/04/2013
IE - HKU\NetworkService_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\Simon_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\systemprofile_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: D:\SICHERUNG\Lukas Ordner\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0:  
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Programme\Java\jre7\bin\dtplugin\npdeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin:  File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: C:\Programme\K-Lite Codec Pack\Real\Browser\Plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Programme\K-Lite Codec Pack\Real\Browser\Plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=8:  
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Programme\Mozilla Firefox\components [2013/12/21 15:32:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2013/12/21 15:32:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 24.2.0\extensions\\Components: C:\Programme\Mozilla Thunderbird\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 24.2.0\extensions\\Plugins: C:\Programme\Mozilla Thunderbird\plugins
 
[2013/12/19 11:13:31 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2013/12/19 12:45:51 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\browser\extensions
[2013/12/19 12:45:51 | 000,000,000 | ---D | M] (Default) -- C:\Programme\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
O1 HOSTS File: ([2013/12/14 09:07:28 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKU\Elias_ON_C..\Run: [RDReminder]  File not found
O4 - HKU\Jakob_ON_C..\RunOnce: [TSClientAXDisabler] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
O4 - HKU\Jakob_ON_C..\RunOnce: [TSClientMSIUninstaller] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
O4 - Startup: C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Autostart\Secunia PSI Tray.lnk = C:\Programme\Secunia\PSI\psi_tray.exe (Secunia)
O4 - Startup: C:\Dokumente und Einstellungen\Eltern\Startmenü\Programme\Autostart\Dropbox.lnk =  File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSharedDocuments = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoInternetOpenWith = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSharedDocuments = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 1
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSharedDocuments = 1
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\Elias_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKU\Elias_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 1
O7 - HKU\Elias_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSharedDocuments = 1
O7 - HKU\Elias_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\Eltern_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKU\Eltern_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 1
O7 - HKU\Eltern_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSharedDocuments = 1
O7 - HKU\Eltern_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\Eltern_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0
O7 - HKU\Jakob_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\Jakob_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 1
O7 - HKU\Jakob_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSharedDocuments = 1
O7 - HKU\Jakob_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\Jakob_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 67108863
O7 - HKU\Jakob_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 1
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSharedDocuments = 1
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\Lukas_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKU\Lukas_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 1
O7 - HKU\Lukas_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSharedDocuments = 1
O7 - HKU\Lukas_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 1
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSharedDocuments = 1
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\Simon_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKU\Simon_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 1
O7 - HKU\Simon_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSharedDocuments = 1
O7 - HKU\Simon_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\systemprofile_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKU\systemprofile_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 1
O7 - HKU\systemprofile_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSharedDocuments = 1
O7 - HKU\systemprofile_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - Reg Error: Value error. File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O12 - Plugin for: .UVR - C:\Programme\Internet Explorer\Plugins\NPUPano.dll (Ulead Systems, Inc.)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1387471123250 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_45-windows-i586.cab (Java Plug-in 10.45.2)
O16 - DPF: {CAFEEFAC-0017-0000-0045-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_45-windows-i586.cab (Java Plug-in 1.7.0_45)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_45-windows-i586.cab (Java Plug-in 1.7.0_45)
O18 - Protocol\Handler\haufereader {39198710-62F7-42CD-9458-069843FA5D32} - C:\Programme\Haufe\HaufeReader\HRInstmon.dll (Haufe Mediengruppe)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/01/20 10:46:41 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O34 - HKLM BootExecute: (sprestrt) - C:\WINDOWS\System32\sprestrt.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (sprestrt) - C:\WINDOWS\System32\sprestrt.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (sprestrt) - C:\WINDOWS\System32\sprestrt.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (sprestrt) - C:\WINDOWS\System32\sprestrt.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (sprestrt) - C:\WINDOWS\System32\sprestrt.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (sprestrt) - C:\WINDOWS\System32\sprestrt.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (sprestrt) - C:\WINDOWS\System32\sprestrt.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (sprestrt) - C:\WINDOWS\System32\sprestrt.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (sprestrt) - C:\WINDOWS\System32\sprestrt.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (sprestrt) - C:\WINDOWS\System32\sprestrt.exe (Microsoft Corporation)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013/12/25 12:39:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\All Users
[2013/12/25 12:26:43 | 000,000,000 | ---D | C] -- C:\Programme\Messenger
[2013/12/25 12:26:42 | 000,377,984 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2dvaa.dll
[2013/12/25 12:26:42 | 000,229,376 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2cqag.dll
[2013/12/25 12:26:42 | 000,201,728 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2dvag.dll
[2013/12/25 12:26:41 | 001,888,992 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ati3duag.dll
[2013/12/25 12:26:41 | 001,737,856 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\mtxparhd.dll
[2013/12/25 12:26:41 | 000,870,784 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ati3d1ag.dll
[2013/12/25 12:26:41 | 000,516,768 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ativvaxx.dll
[2013/12/25 12:26:41 | 000,086,016 | ---- | C] (Conexant) -- C:\WINDOWS\System32\mdmxsdk.dll
[2013/12/25 12:26:41 | 000,032,768 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativtmxx.dll
[2013/12/25 12:26:41 | 000,032,285 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\hsfcisp2.dll
[2013/12/25 12:26:41 | 000,023,040 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativmvxx.ax
[2013/12/25 12:26:41 | 000,009,728 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativdaxx.ax
[2013/12/25 12:26:40 | 004,274,816 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nv4_disp.dll
[2013/12/25 12:26:40 | 000,397,056 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\s3gnb.dll
[2013/12/25 12:26:40 | 000,286,792 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slextspk.dll
[2013/12/25 12:26:40 | 000,188,508 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slgen.dll
[2013/12/25 12:26:40 | 000,073,832 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slcoinst.dll
[2013/12/25 12:26:40 | 000,073,796 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slserv.exe
[2013/12/25 12:26:40 | 000,032,866 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slrundll.exe
[2013/12/25 12:26:40 | 000,032,866 | ---- | C] (Smart Link) -- C:\WINDOWS\slrundll.exe
[2013/12/25 12:26:40 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vidcap.ax
[2013/12/25 12:26:38 | 000,000,000 | ---D | C] -- C:\Programme\msn
[2013/12/25 12:26:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2013/12/25 12:22:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2013/12/25 12:22:29 | 000,004,255 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv01nt5.dll
[2013/12/25 12:22:29 | 000,003,967 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv02nt5.dll
[2013/12/25 12:22:29 | 000,003,647 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv07nt5.dll
[2013/12/25 12:22:29 | 000,003,615 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv05nt5.dll
[2013/12/25 12:22:29 | 000,003,135 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv08nt5.dll
[2013/12/25 12:22:28 | 000,063,663 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1rvxx.sys
[2013/12/25 12:22:28 | 000,056,623 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1btxx.sys
[2013/12/25 12:22:28 | 000,030,671 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1raxx.sys
[2013/12/25 12:22:28 | 000,012,047 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1pdxx.sys
[2013/12/25 12:22:28 | 000,011,615 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1mdxx.sys
[2013/12/25 12:22:28 | 000,003,775 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv11nt5.dll
[2013/12/25 12:22:28 | 000,003,711 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv09nt5.dll
[2013/12/25 12:22:27 | 000,701,952 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtag.sys
[2013/12/25 12:22:27 | 000,327,168 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtaa.sys
[2013/12/25 12:22:27 | 000,104,960 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinrvxx.sys
[2013/12/25 12:22:27 | 000,057,856 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinbtxx.sys
[2013/12/25 12:22:27 | 000,052,224 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinraxx.sys
[2013/12/25 12:22:27 | 000,036,463 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1tuxx.sys
[2013/12/25 12:22:27 | 000,034,735 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xsxx.sys
[2013/12/25 12:22:27 | 000,029,455 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xbxx.sys
[2013/12/25 12:22:27 | 000,026,367 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1snxx.sys
[2013/12/25 12:22:27 | 000,021,343 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1ttxx.sys
[2013/12/25 12:22:27 | 000,014,336 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinpdxx.sys
[2013/12/25 12:22:27 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinmdxx.sys
[2013/12/25 12:22:26 | 000,073,216 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atintuxx.sys
[2013/12/25 12:22:26 | 000,063,488 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxsxx.sys
[2013/12/25 12:22:26 | 000,031,744 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxbxx.sys
[2013/12/25 12:22:26 | 000,028,672 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinsnxx.sys
[2013/12/25 12:22:26 | 000,025,471 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv04nt5.dll
[2013/12/25 12:22:26 | 000,021,183 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv01nt5.dll
[2013/12/25 12:22:26 | 000,017,279 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv10nt5.dll
[2013/12/25 12:22:26 | 000,014,143 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv06nt5.dll
[2013/12/25 12:22:26 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinttxx.sys
[2013/12/25 12:22:26 | 000,011,359 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv02nt5.dll
[2013/12/25 12:22:25 | 000,015,423 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\ch7xxnt5.dll
[2013/12/25 12:22:23 | 001,309,184 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlstrm.sys
[2013/12/25 12:22:23 | 000,452,736 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\drivers\mtxparhm.sys
[2013/12/25 12:22:23 | 000,126,686 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlmnt5.sys
[2013/12/25 12:22:23 | 000,012,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mutohpen.sys
[2013/12/25 12:22:22 | 000,180,360 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\ntmtlfax.sys
[2013/12/25 12:22:22 | 000,030,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rndismpx.sys
[2013/12/25 12:22:22 | 000,013,776 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\recagent.sys
[2013/12/25 12:22:21 | 000,404,990 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slntamr.sys
[2013/12/25 12:22:21 | 000,166,912 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\drivers\s3gnbm.sys
[2013/12/25 12:22:21 | 000,129,535 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnt7554.sys
[2013/12/25 12:22:21 | 000,095,424 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnthal.sys
[2013/12/25 12:22:21 | 000,013,240 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slwdmsup.sys
[2013/12/25 12:22:21 | 000,011,325 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\vchnt5.dll
[2013/12/25 12:22:21 | 000,003,901 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\siint5.dll
[2013/12/25 12:22:20 | 000,025,471 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\watv10nt.sys
[2013/12/25 12:22:20 | 000,022,271 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\watv06nt.sys
[2013/12/25 12:22:20 | 000,011,935 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv11nt.sys
[2013/12/25 12:22:20 | 000,011,871 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv09nt.sys
[2013/12/25 12:22:20 | 000,011,807 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv07nt.sys
[2013/12/25 12:22:20 | 000,011,295 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv08nt.sys
[2013/12/25 12:20:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\EHome
[2013/12/21 15:31:58 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\QuickTime
[2013/12/21 15:31:44 | 000,000,000 | ---D | C] -- C:\Programme\QuickTime
[2013/12/21 12:03:48 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Jakob\Lokale Einstellungen\Anwendungsdaten\Secunia PSI
[2013/12/21 12:03:24 | 000,000,000 | ---D | C] -- C:\Programme\Secunia
[2013/12/20 10:18:05 | 000,275,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll
[2013/12/20 10:18:05 | 000,018,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll.mui
[2013/12/20 06:59:41 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\Eltern\IETldCache
[2013/12/19 15:15:49 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft CAPICOM 2.1.0.2
[2013/12/19 13:42:59 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\Jakob\IECompatCache
[2013/12/19 13:40:36 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\Jakob\PrivacIE
[2013/12/19 13:38:23 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\Jakob\IETldCache
[2013/12/19 13:32:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2013/12/19 13:28:59 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2013/12/19 13:23:24 | 000,522,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsdbgui.dll
[2013/12/19 13:22:24 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[2013/12/19 11:27:35 | 000,000,000 | ---D | C] -- C:\Programme\Mozilla Thunderbird
[2013/12/19 11:26:10 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Jakob\Lokale Einstellungen\Anwendungsdaten\Thunderbird
[2013/12/19 11:20:15 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Adobe
[2013/12/19 11:01:35 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2013/12/19 11:01:28 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2013/12/19 11:01:28 | 000,174,504 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2013/12/19 11:01:28 | 000,094,632 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2013/12/19 11:01:28 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Java
[2013/12/19 10:59:30 | 029,040,552 | ---- | C] (Oracle Corporation) -- C:\jre-7u45-windows-i586.exe
[2013/12/19 10:49:16 | 000,010,194 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\PFMODNT.SYS
[2013/12/19 10:49:16 | 000,000,000 | ---D | C] -- C:\Programme\Creative
[2013/12/16 17:14:22 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2013/12/15 18:56:34 | 000,000,000 | ---D | C] -- C:\FRST-OlderVersion
[2013/12/14 09:14:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2013/12/14 08:47:38 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2013/12/14 08:43:29 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2013/12/14 08:43:29 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2013/12/14 08:43:29 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2013/12/14 08:43:29 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2013/12/14 08:43:05 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013/12/14 08:42:31 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Jakob\Eigene Dateien\Eigene Videos
[2013/12/14 08:42:31 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Jakob\Eigene Dateien\Eigene Musik
[2013/12/14 08:42:31 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Jakob\Eigene Dateien\Eigene Bilder
[2010/12/06 17:09:55 | 003,171,208 | ---- | C] (Piriform Ltd) -- C:\Programme\ccsetup216.exe
[2009/07/27 15:05:48 | 000,494,520 | ---- | C] (MAGIX AG) -- C:\Programme\addoninstall.exe
[2009/07/27 15:05:48 | 000,202,208 | ---- | C] (MAGIX AG) -- C:\Programme\reinstall3rdParty.exe
[2009/07/27 15:05:46 | 000,431,376 | ---- | C] (Microsoft Corporation) -- C:\Programme\riched20.dll
[2009/07/27 15:05:46 | 000,315,392 | ---- | C] (MAGIX AG) -- C:\Programme\eModeUpgradeDlg.dll
[2009/07/27 15:05:46 | 000,024,576 | ---- | C] (Magix AG) -- C:\Programme\Validation.exe
[2009/07/27 15:05:24 | 000,189,920 | ---- | C] (MAGIX AG) -- C:\Programme\instslct.exe
[2009/07/27 15:05:24 | 000,185,824 | ---- | C] (MAGIX AG) -- C:\Programme\unwise.exe
[2009/07/27 15:05:24 | 000,087,520 | ---- | C] (MAGIX AG) -- C:\Programme\unwise.adf
[2009/07/27 15:05:24 | 000,034,304 | ---- | C] (MAGIX) -- C:\Programme\CDBurnProfiler.exe
[2009/07/27 15:05:15 | 000,237,568 | ---- | C] (MAGIX Development) -- C:\Programme\MxAutoUpdate.dll
[2009/07/27 15:05:14 | 000,094,208 | ---- | C] (MAGIX AG) -- C:\Programme\MagixOFA-ger.dll
[2009/07/27 15:05:13 | 009,736,192 | ---- | C] (MAGIX AG) -- C:\Programme\CleaningLab.exe
[2009/07/27 15:05:13 | 000,806,912 | ---- | C] (MAGIX AG) -- C:\Programme\AudioIDMng.dll
[2009/07/27 15:04:57 | 000,884,736 | ---- | C] (MAGIX AG) -- C:\Programme\MXTLC.dll
[2009/07/27 15:04:57 | 000,182,752 | ---- | C] (Microsoft Corporation) -- C:\Programme\URLMON.DLL
[2009/07/27 15:04:57 | 000,094,208 | ---- | C] ( ) -- C:\Programme\UNZDLL.DLL
[2009/07/27 15:04:56 | 000,770,048 | ---- | C] (MAGIX AG) -- C:\Programme\MagixOFA.dll
[2009/07/27 15:04:56 | 000,137,728 | ---- | C] (Intel Corporation) -- C:\Programme\IJL10.DLL
[2009/07/27 15:04:56 | 000,131,072 | ---- | C] (CASH) -- C:\Programme\Dac32.dll
[2009/07/27 15:04:56 | 000,045,056 | ---- | C] (Algorithmix GmbH) -- C:\Programme\Dscr.dll
[2009/07/27 15:04:56 | 000,040,960 | ---- | C] (Magix Development) -- C:\Programme\HHVREND2.AX
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2014/01/09 16:07:59 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2014/01/09 16:06:48 | 000,000,318 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2014/01/09 16:06:47 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014/01/07 15:57:02 | 000,207,304 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/12/26 07:35:10 | 000,000,448 | ---- | M] () -- C:\WINDOWS\tasks\PCCT - MAGIX AG.job
[2013/12/25 12:37:49 | 000,002,422 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/12/25 12:27:01 | 000,000,000 | R--D | M] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Zubehör
[2013/12/25 11:55:15 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/12/25 11:48:32 | 000,000,374 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.ics
[2013/12/22 08:55:48 | 000,000,390 | ---- | M] () -- C:\Dokumente und Einstellungen\Eltern\Desktop\iTunes.lnk
[2013/12/22 08:39:46 | 000,001,505 | ---- | M] () -- C:\Dokumente und Einstellungen\Eltern\Desktop\Rechner.lnk
[2013/12/21 15:31:58 | 000,001,603 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop\QuickTime Player.lnk
[2013/12/21 15:31:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\QuickTime
[2013/12/21 14:10:02 | 000,288,911 | ---- | M] () -- C:\Dokumente und Einstellungen\Jakob\Desktop\Secunia - Internet Explorer.odt
[2013/12/21 12:03:33 | 000,000,744 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Autostart\Secunia PSI Tray.lnk
[2013/12/21 12:03:33 | 000,000,707 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Secunia PSI.lnk
[2013/12/21 12:03:33 | 000,000,000 | R--D | M] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Autostart
[2013/12/20 10:32:18 | 000,001,058 | ---- | M] () -- C:\Dokumente und Einstellungen\Eltern\Startmenü\Programme\Autostart\Dropbox.lnk
[2013/12/20 10:31:54 | 000,001,052 | ---- | M] () -- C:\Dokumente und Einstellungen\Eltern\Desktop\Dropbox.lnk
[2013/12/20 06:59:45 | 000,000,814 | ---- | M] () -- C:\Dokumente und Einstellungen\Eltern\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\Internet Explorer Browser starten.lnk
[2013/12/19 13:38:26 | 000,000,814 | ---- | M] () -- C:\Dokumente und Einstellungen\Jakob\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\Internet Explorer Browser starten.lnk
[2013/12/19 13:35:30 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2013/12/19 12:46:00 | 000,000,733 | ---- | M] () -- C:\Dokumente und Einstellungen\Jakob\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2013/12/19 12:45:53 | 000,000,721 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Mozilla Firefox.lnk
[2013/12/19 12:45:53 | 000,000,715 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop\Mozilla Firefox.lnk
[2013/12/19 11:51:07 | 000,122,366 | ---- | M] () -- C:\Dokumente und Einstellungen\Eltern\Eigene Dateien\bookmarks-2013-12-19.json
[2013/12/19 11:21:07 | 000,001,733 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop\Adobe Reader XI.lnk
[2013/12/19 11:21:06 | 000,001,804 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Adobe Reader XI.lnk
[2013/12/19 11:01:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Java
[2013/12/19 11:01:10 | 000,094,632 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2013/12/19 11:01:08 | 000,264,616 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2013/12/19 11:01:08 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2013/12/19 11:01:08 | 000,174,504 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2013/12/19 11:01:08 | 000,145,408 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2013/12/19 10:59:58 | 029,040,552 | ---- | M] (Oracle Corporation) -- C:\jre-7u45-windows-i586.exe
[2013/12/19 09:44:43 | 000,135,648 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2013/12/19 09:44:43 | 000,090,400 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2013/12/14 09:07:28 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013/12/25 12:22:26 | 000,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod
[2013/12/25 12:22:25 | 000,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty
[2013/12/25 12:22:23 | 000,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img
[2013/12/22 08:55:48 | 000,000,390 | ---- | C] () -- C:\Dokumente und Einstellungen\Eltern\Desktop\iTunes.lnk
[2013/12/21 15:31:58 | 000,001,603 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop\QuickTime Player.lnk
[2013/12/21 14:10:00 | 000,288,911 | ---- | C] () -- C:\Dokumente und Einstellungen\Jakob\Desktop\Secunia - Internet Explorer.odt
[2013/12/21 12:03:33 | 000,000,744 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Autostart\Secunia PSI Tray.lnk
[2013/12/21 12:03:33 | 000,000,707 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Secunia PSI.lnk
[2013/12/19 12:46:00 | 000,000,733 | ---- | C] () -- C:\Dokumente und Einstellungen\Jakob\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2013/12/19 12:45:53 | 000,000,721 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Mozilla Firefox.lnk
[2013/12/19 12:45:53 | 000,000,715 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop\Mozilla Firefox.lnk
[2013/12/19 11:51:07 | 000,122,366 | ---- | C] () -- C:\Dokumente und Einstellungen\Eltern\Eigene Dateien\bookmarks-2013-12-19.json
[2013/12/19 11:21:06 | 000,001,804 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Adobe Reader XI.lnk
[2013/12/19 11:21:06 | 000,001,733 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop\Adobe Reader XI.lnk
[2013/12/14 08:47:41 | 000,000,245 | ---- | C] () -- C:\Boot.bak
[2013/12/14 08:47:38 | 000,262,448 | RHS- | C] () -- C:\cmldr
[2013/12/14 08:43:29 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2013/12/14 08:43:29 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2013/12/14 08:43:29 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2013/12/14 08:43:29 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2013/12/14 08:43:29 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2013/10/16 05:07:42 | 000,000,004 | ---- | C] () -- C:\Dokumente und Einstellungen\Eltern\Anwendungsdaten\settings.ini
[2013/10/08 16:50:37 | 000,002,494 | ---- | C] () -- C:\WINDOWS\System32\ASOROSet.bin
[2013/05/06 18:09:09 | 000,000,004 | ---- | C] () -- C:\Dokumente und Einstellungen\Eltern\Anwendungsdaten\skype.ini
[2013/01/27 11:56:42 | 000,005,632 | ---- | C] () -- C:\Dokumente und Einstellungen\Jakob\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/10/18 16:07:07 | 000,000,046 | ---- | C] () -- C:\WINDOWS\PCCT.INI
[2012/10/18 13:20:02 | 000,000,256 | ---- | C] () -- C:\WINDOWS\System32\pool.bin
[2012/08/14 14:07:42 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\CMedia.dll
[2012/08/14 14:07:42 | 000,077,824 | ---- | C] () -- C:\WINDOWS\CMedia.dll
[2012/08/14 14:07:42 | 000,049,152 | ---- | C] () -- C:\WINDOWS\c38uinst.exe
[2012/08/14 14:07:15 | 000,000,068 | ---- | C] () -- C:\WINDOWS\CMISETUP.INI
[2011/11/29 10:38:12 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll
[2011/11/29 10:38:12 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll
[2011/11/29 10:38:12 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll
[2011/11/29 10:38:12 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll
[2011/08/04 01:24:34 | 000,000,025 | ---- | C] () -- C:\WINDOWS\mixerdef.ini
[2011/08/03 16:06:19 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4926.dll
[2011/08/03 15:51:21 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
[2011/08/03 15:18:50 | 000,036,924 | ---- | C] () -- C:\WINDOWS\cmijack.dat
[2011/08/03 15:18:50 | 000,020,333 | ---- | C] () -- C:\WINDOWS\cmaudio.ini
[2011/08/03 15:18:50 | 000,020,333 | ---- | C] () -- C:\WINDOWS\cmaudio.dat
[2011/08/01 15:36:50 | 000,120,200 | ---- | C] () -- C:\WINDOWS\System32\DLLDEV32i.dll
[2011/07/13 09:49:53 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2011/05/11 15:16:07 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\rp_stats.dat
[2011/05/11 15:16:07 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\rp_rules.dat
[2011/04/11 16:26:26 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\unredmon.exe
[2011/04/11 16:26:25 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\redmonnt.dll
[2010/11/29 17:47:25 | 000,000,016 | -H-- | C] () -- C:\Dokumente und Einstellungen\Eltern\Anwendungsdaten\mxfilerelatedcache.mxc2
[2010/11/29 17:47:09 | 000,000,016 | -H-- | C] () -- C:\Dokumente und Einstellungen\Simon\mxfilerelatedcache.mxc2
[2010/11/29 17:47:09 | 000,000,016 | -H-- | C] () -- C:\Dokumente und Einstellungen\Lukas\mxfilerelatedcache.mxc2
[2010/11/29 17:47:09 | 000,000,016 | -H-- | C] () -- C:\Dokumente und Einstellungen\Jakob\mxfilerelatedcache.mxc2
[2010/11/29 17:47:09 | 000,000,016 | -H-- | C] () -- C:\Dokumente und Einstellungen\Eltern\mxfilerelatedcache.mxc2
[2010/11/29 17:47:09 | 000,000,016 | -H-- | C] () -- C:\Dokumente und Einstellungen\Elias\mxfilerelatedcache.mxc2
[2010/09/05 08:35:49 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2010/02/14 06:44:21 | 000,000,000 | ---- | C] () -- C:\WINDOWS\MusicEditor.INI
[2009/12/27 07:06:03 | 000,000,016 | -H-- | C] () -- C:\Programme\mxfilerelatedcache.mxc2
[2009/10/30 08:59:35 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2009/09/21 15:53:13 | 006,229,313 | ---- | C] () -- C:\Programme\pfsetup8.exe
[2009/09/19 04:32:16 | 000,036,824 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2009/09/18 03:45:55 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009/08/28 08:53:16 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2009/08/28 08:53:16 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2009/08/28 08:53:16 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2009/07/27 15:40:53 | 000,000,000 | ---- | C] () -- C:\WINDOWS\CleaningLab.INI
[2009/07/27 15:13:17 | 000,000,493 | ---- | C] () -- C:\Programme\crm.dat
[2009/07/27 15:12:44 | 000,010,129 | ---- | C] () -- C:\Programme\CleaningLab.ini
[2009/07/27 15:12:44 | 000,000,092 | ---- | C] () -- C:\Programme\CleaningLab_TB.ini
[2009/07/27 15:05:48 | 000,000,896 | ---- | C] () -- C:\Programme\reinstall3rdParty.ini
[2009/07/27 15:05:46 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll
[2009/07/27 15:05:46 | 000,000,142 | ---- | C] () -- C:\Programme\Validation.ini
[2009/07/27 15:05:45 | 000,786,305 | ---- | C] () -- C:\Programme\MAGIX Creation Logo.pdf
[2009/07/27 15:05:24 | 000,016,460 | ---- | C] () -- C:\Programme\support.rtf
[2009/07/27 15:05:24 | 000,015,338 | ---- | C] () -- C:\Programme\order.rtf
[2009/07/27 15:05:24 | 000,006,034 | ---- | C] () -- C:\Programme\uninstall.ini
[2009/07/27 15:05:24 | 000,002,778 | ---- | C] () -- C:\Programme\register.rtf
[2009/07/27 15:05:24 | 000,000,739 | ---- | C] () -- C:\Programme\unwise.ini
[2009/07/27 15:05:15 | 000,001,853 | ---- | C] () -- C:\Programme\mp3encoder_upgrade.rtf
[2009/07/27 15:05:14 | 003,264,259 | ---- | C] () -- C:\Programme\manual.pdf
[2009/07/27 15:05:14 | 000,217,088 | ---- | C] () -- C:\Programme\FreeDB_IT.dll
[2009/07/27 15:05:14 | 000,217,088 | ---- | C] () -- C:\Programme\FreeDB_FR.dll
[2009/07/27 15:05:14 | 000,217,088 | ---- | C] () -- C:\Programme\FreeDB_ES.dll
[2009/07/27 15:05:14 | 000,217,088 | ---- | C] () -- C:\Programme\FreeDB_D.dll
[2009/07/27 15:05:14 | 000,212,992 | ---- | C] () -- C:\Programme\FreeDB_NL.dll
[2009/07/27 15:05:14 | 000,212,992 | ---- | C] () -- C:\Programme\FreeDB_E.dll
[2009/07/27 15:05:14 | 000,176,128 | ---- | C] () -- C:\Programme\MagixRestart.exe
[2009/07/27 15:05:14 | 000,002,414 | ---- | C] () -- C:\Programme\Install.cfg
[2009/07/27 15:05:13 | 001,118,350 | ---- | C] () -- C:\Programme\CleaningLab.chm
[2009/07/27 15:05:13 | 000,028,672 | ---- | C] () -- C:\Programme\explore.exe
[2009/07/27 15:05:13 | 000,002,839 | ---- | C] () -- C:\Programme\AACencoder_upgrade.rtf
[2009/07/27 15:04:57 | 000,205,824 | ---- | C] () -- C:\Programme\mpeg2.dll
[2009/07/27 15:04:57 | 000,151,552 | ---- | C] () -- C:\Programme\OggDS.dll
[2009/07/27 15:04:57 | 000,055,808 | ---- | C] () -- C:\Programme\MP3UTIL.DLL
[2009/07/27 15:04:57 | 000,008,927 | ---- | C] () -- C:\Programme\pframe.bin
[2009/07/27 15:04:56 | 000,442,368 | ---- | C] () -- C:\Programme\MFL.dll
[2009/07/27 15:04:56 | 000,254,464 | ---- | C] () -- C:\Programme\mdabase.dll
[2009/07/27 15:04:56 | 000,001,462 | ---- | C] () -- C:\Programme\DxPlugins.ini
[2009/07/27 15:03:35 | 000,006,642 | ---- | C] () -- C:\WINDOWS\mgxoschk.ini
[2009/06/24 16:29:23 | 000,000,070 | ---- | C] () -- C:\WINDOWS\pex.INI
[2009/06/24 15:06:35 | 000,000,320 | ---- | C] () -- C:\WINDOWS\ulead32.ini
[2009/06/20 06:26:57 | 000,003,286 | ---- | C] () -- C:\Dokumente und Einstellungen\Eltern\.recently-used.xbel
[2009/05/01 13:28:07 | 000,001,387 | ---- | C] () -- C:\WINDOWS\disney.ini
[2009/04/29 02:30:15 | 000,193,536 | ---- | C] () -- C:\Dokumente und Einstellungen\Eltern\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/02/10 17:03:53 | 000,000,139 | ---- | C] () -- C:\Dokumente und Einstellungen\Eltern\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2009/02/10 17:01:33 | 000,278,583 | ---- | C] () -- C:\WINDOWS\System32\dnt27.dll
[2009/02/10 17:01:33 | 000,077,882 | ---- | C] () -- C:\WINDOWS\System32\dntvmc27.dll
[2009/02/10 17:01:33 | 000,073,785 | ---- | C] () -- C:\WINDOWS\System32\dntvm27.dll
[2009/02/10 17:00:47 | 000,001,126 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2009/02/10 17:00:47 | 000,000,052 | ---- | C] () -- C:\WINDOWS\Intuprof.ini
[2009/01/26 15:37:10 | 000,000,404 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI
[2009/01/26 15:32:05 | 000,002,698 | ---- | C] () -- C:\WINDOWS\System32\44wiaUiStr.bin
[2009/01/24 13:18:03 | 000,001,946 | ---- | C] () -- C:\WINDOWS\eReg.dat
[2009/01/22 09:02:44 | 000,003,680 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2009/01/21 04:56:05 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4764.dll
[2009/01/21 04:54:30 | 000,143,360 | R--- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2009/01/21 04:54:30 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2009/01/21 04:47:38 | 005,767,168 | -H-- | C] () -- C:\Dokumente und Einstellungen\Lukas\NTUSER.bak
[2009/01/21 04:44:41 | 006,029,312 | -H-- | C] () -- C:\Dokumente und Einstellungen\Jakob\NTUSER.bak
[2009/01/20 11:13:12 | 000,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009/01/20 11:13:12 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2009/01/20 11:13:10 | 000,755,027 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009/01/20 11:13:10 | 000,159,839 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009/01/20 11:13:08 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009/01/20 10:55:24 | 005,767,168 | -H-- | C] () -- C:\Dokumente und Einstellungen\Elias\NTUSER.bak
[2009/01/20 10:51:23 | 011,796,480 | ---- | C] () -- C:\Dokumente und Einstellungen\Eltern\NTUSER.bak
[2009/01/20 10:50:39 | 000,245,760 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\NTUSER.bak
[2009/01/20 10:50:36 | 000,245,760 | ---- | C] () -- C:\Dokumente und Einstellungen\NetworkService\NTUSER.bak
[2009/01/20 10:49:18 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009/01/20 10:44:22 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009/01/20 10:34:24 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009/01/20 10:33:13 | 000,207,304 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2006/02/28 07:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2006/02/28 07:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2006/02/28 07:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2006/02/28 07:00:00 | 000,269,480 | ---- | C] () -- C:\WINDOWS\System32\perfi007.dat
[2006/02/28 07:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2006/02/28 07:00:00 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll
[2006/02/28 07:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2006/02/28 07:00:00 | 000,034,478 | ---- | C] () -- C:\WINDOWS\System32\perfd007.dat
[2006/02/28 07:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2006/02/28 07:00:00 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
[2006/02/28 07:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2006/02/28 07:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2006/02/28 07:00:00 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2005/11/16 06:27:02 | 000,008,636 | ---- | C] () -- C:\WINDOWS\System32\modifype.exe
[2005/03/24 07:18:04 | 000,491,077 | ---- | C] () -- C:\WINDOWS\System32\QCONNECT.DLL
[2004/11/11 07:00:00 | 000,452,400 | ---- | C] () -- C:\WINDOWS\System32\perfh007.dat
[2004/11/11 07:00:00 | 000,435,140 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/11/11 07:00:00 | 000,082,570 | ---- | C] () -- C:\WINDOWS\System32\perfc007.dat
[2004/11/11 07:00:00 | 000,069,320 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/11/11 07:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/05/08 10:00:00 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\SecoCrypt32.DLL
[2001/05/24 04:20:38 | 000,544,256 | ---- | C] () -- C:\WINDOWS\System32\janGraphics.dll
[2000/06/27 19:00:00 | 000,124,416 | ---- | C] () -- C:\WINDOWS\System32\dXCtrls.dll
[1999/12/06 09:31:22 | 000,017,920 | ---- | C] () -- C:\WINDOWS\System32\IMPLODE.DLL
[1999/09/21 18:03:54 | 000,100,352 | ---- | C] () -- C:\WINDOWS\System32\PG32CONV.DLL
[1999/01/27 17:54:31 | 000,102,400 | ---- | C] () -- C:\Programme\Rn5b3241.dll
[1997/06/14 02:56:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll
 
========== LOP Check ==========
 
[2009/01/20 11:09:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Elias\Anwendungsdaten\Thunderbird
[2012/03/25 07:53:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Eltern\Anwendungsdaten\788C8
[2012/05/23 04:24:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Eltern\Anwendungsdaten\Amazon
[2009/02/08 13:24:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Eltern\Anwendungsdaten\Canneverbe_Limited
[2009/02/10 17:07:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Eltern\Anwendungsdaten\DataDesign
[2013/12/25 11:50:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Eltern\Anwendungsdaten\Dropbox
[2012/09/17 09:35:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Eltern\Anwendungsdaten\DVDVideoSoft
[2012/03/03 05:50:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Eltern\Anwendungsdaten\e-academy Inc
[2011/08/03 14:58:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Eltern\Anwendungsdaten\Easeware
[2009/06/20 06:26:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Eltern\Anwendungsdaten\gtk-2.0
[2013/06/27 11:29:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Eltern\Anwendungsdaten\Hybafu
[2009/06/29 08:54:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Eltern\Anwendungsdaten\Leadertech
[2011/08/01 15:50:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Eltern\Anwendungsdaten\MAGIX
[2010/05/03 11:41:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Eltern\Anwendungsdaten\MatchWare
[2009/01/26 10:51:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Eltern\Anwendungsdaten\OpenOffice.org
[2012/06/03 09:22:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Eltern\Anwendungsdaten\Opera
[2012/05/20 04:21:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Eltern\Anwendungsdaten\PC Suite
[2009/03/16 11:14:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Eltern\Anwendungsdaten\Phase6
[2012/06/08 08:40:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Eltern\Anwendungsdaten\Philipp Winterberg
[2012/10/18 13:19:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Eltern\Anwendungsdaten\Research In Motion
[2012/05/01 02:13:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Eltern\Anwendungsdaten\Saaz
[2011/12/21 10:15:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Eltern\Anwendungsdaten\Samsung
[2009/01/26 15:37:09 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Eltern\Anwendungsdaten\ScanSoft
[2012/06/03 09:20:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Eltern\Anwendungsdaten\TeamViewer
[2009/07/15 06:02:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Eltern\Anwendungsdaten\temp
[2012/10/15 04:18:23 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Eltern\Anwendungsdaten\Thunderbird
[2013/10/03 02:53:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Eltern\Anwendungsdaten\Ulead Systems
[2012/09/18 14:10:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Eltern\Anwendungsdaten\Uniblue
[2011/09/26 05:43:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Eltern\Anwendungsdaten\XMedia Recode
[2013/06/26 17:04:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Eltern\Anwendungsdaten\Xydyx
[2013/06/24 17:21:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Eltern\Anwendungsdaten\Yzyf
[2013/11/13 16:06:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jakob\Anwendungsdaten\Dropbox
[2013/04/18 16:45:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jakob\Anwendungsdaten\DVDVideoSoft
[2013/01/27 05:59:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jakob\Anwendungsdaten\MAGIX
[2009/02/14 03:31:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jakob\Anwendungsdaten\OpenOffice.org
[2009/05/20 05:53:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jakob\Anwendungsdaten\Phase6
[2009/02/18 04:01:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jakob\Anwendungsdaten\temp
[2013/12/19 11:26:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jakob\Anwendungsdaten\Thunderbird
[2009/01/22 07:29:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lukas\Anwendungsdaten\OpenOffice.org
[2009/01/27 08:00:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lukas\Anwendungsdaten\temp
[2009/01/21 04:48:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lukas\Anwendungsdaten\Thunderbird
[2009/01/20 11:10:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Simon\Anwendungsdaten\Thunderbird
[2013/05/17 11:48:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\789135DF91D28AC600007890BD528E80
[2011/04/11 16:29:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\FreePDF
[2011/08/01 15:38:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\MAGIX
[2010/12/25 09:03:23 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\OLYMPUS
[2011/03/13 12:30:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\Phase6
[2012/05/08 15:11:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\Samsung
[2009/01/26 15:37:09 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\ScanSoft
[2009/06/24 15:02:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\Ulead Systems
[2010/07/01 10:48:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/09/13 05:35:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/09/04 08:43:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2012/09/12 08:20:58 | 000,000,392 | ---- | M] () -- C:\WINDOWS\Tasks\DriverEasy Scheduled Scan.job
[2013/12/26 07:35:10 | 000,000,448 | ---- | M] () -- C:\WINDOWS\Tasks\PCCT - MAGIX AG.job
[2013/12/25 12:38:54 | 000,032,544 | ---- | M] () -- C:\WINDOWS\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Files - Unicode (All) ==========
[2013/11/21 14:27:00 | 105,531,440 | ---- | M] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\㍯뎌L
[2013/11/21 14:27:00 | 105,531,440 | ---- | C] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\㍯뎌L
[2013/11/18 12:23:35 | 104,931,504 | ---- | M] ()(C:\WINDOWS\System32\?\L) -- C:\WINDOWS\System32\㻽∖L
[2013/11/18 12:23:35 | 104,931,504 | ---- | C] ()(C:\WINDOWS\System32\?\L) -- C:\WINDOWS\System32\㻽∖L
[2013/11/13 11:21:05 | 104,010,312 | ---- | M] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\툹蕰L
[2013/11/13 11:21:05 | 104,010,312 | ---- | C] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\툹蕰L
[2013/11/12 16:23:42 | 103,974,937 | ---- | M] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\븅嫦L
[2013/11/12 16:23:42 | 103,974,937 | ---- | C] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\븅嫦L
[2013/11/12 09:38:50 | 103,891,779 | ---- | M] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\勈ﻻL
[2013/11/12 09:38:50 | 103,891,779 | ---- | C] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\勈ﻻL
[2013/11/11 09:22:35 | 103,716,811 | ---- | M] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\誺옃L
[2013/11/11 09:22:35 | 103,716,811 | ---- | C] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\誺옃L
[2013/11/10 12:52:46 | 103,551,423 | ---- | M] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\쇉ᗻL
[2013/11/10 12:52:46 | 103,551,423 | ---- | C] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\쇉ᗻL
[2013/11/09 09:13:49 | 103,378,319 | ---- | M] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\阝L
[2013/11/09 09:01:53 | 103,378,319 | ---- | C] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\阝L
[2013/11/04 12:50:32 | 104,964,650 | ---- | M] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\꟢컳L
[2013/11/04 12:50:32 | 104,964,650 | ---- | C] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\꟢컳L
[2013/10/23 08:07:52 | 102,551,358 | ---- | M] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\�蔓L
[2013/10/23 08:07:52 | 102,551,358 | ---- | C] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\�蔓L
[2013/10/22 11:31:24 | 102,329,055 | ---- | M] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\㛢L
[2013/10/22 11:31:24 | 102,329,055 | ---- | C] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\㛢L
[2013/10/21 13:19:14 | 102,171,793 | ---- | M] ()(C:\WINDOWS\System32\T?L) -- C:\WINDOWS\System32\T獷L
[2013/10/21 13:19:14 | 102,171,793 | ---- | C] ()(C:\WINDOWS\System32\T?L) -- C:\WINDOWS\System32\T獷L
[2013/10/17 05:32:41 | 101,413,064 | ---- | M] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\嬑蛷L
[2013/10/17 05:32:41 | 101,413,064 | ---- | C] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\嬑蛷L
[2013/10/16 12:21:53 | 101,406,750 | ---- | M] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\鏠綀L
[2013/10/16 12:21:53 | 101,406,750 | ---- | C] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\鏠綀L
[2013/10/15 02:37:30 | 101,076,544 | ---- | M] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\⛞ﴜL
[2013/10/15 02:37:30 | 101,076,544 | ---- | C] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\⛞ﴜL
[2013/10/14 11:42:30 | 100,910,526 | ---- | M] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\ባ屷L
[2013/10/14 11:42:30 | 100,910,526 | ---- | C] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\ባ屷L
[2013/10/12 01:28:36 | 100,595,853 | ---- | M] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\鶛겱L
[2013/10/12 01:28:36 | 100,595,853 | ---- | C] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\鶛겱L
[2013/10/11 04:20:29 | 100,446,413 | ---- | M] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\단ꞲL
[2013/10/11 04:20:29 | 100,446,413 | ---- | C] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\단ꞲL
[2013/10/04 02:20:46 | 099,176,917 | ---- | M] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\糯L
[2013/10/04 02:20:46 | 099,176,917 | ---- | C] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\糯L
[2013/10/01 14:01:27 | 098,612,549 | ---- | M] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\샣L
[2013/10/01 14:01:27 | 098,612,549 | ---- | C] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\샣L
[2013/09/17 15:14:01 | 098,062,984 | ---- | M] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\篔䛿L
[2013/09/17 15:14:01 | 098,062,984 | ---- | C] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\篔䛿L
< End of report >

eine Extras.txt habe ich leider nicht gefunden. (Habe die ganzen Laufwerk durchsucht.)

schrauber · 13.01.2014, 10:56

Fixen mit OTL

Starte bitte die OTL.exe.
Kopiere nun den Inhalt aus der Codebox in die Textbox.

Code:

ATTFilter

:OTL
O34 - HKLM BootExecute: (sprestrt) - C:\WINDOWS\System32\sprestrt.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (sprestrt) - C:\WINDOWS\System32\sprestrt.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (sprestrt) - C:\WINDOWS\System32\sprestrt.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (sprestrt) - C:\WINDOWS\System32\sprestrt.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (sprestrt) - C:\WINDOWS\System32\sprestrt.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (sprestrt) - C:\WINDOWS\System32\sprestrt.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (sprestrt) - C:\WINDOWS\System32\sprestrt.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (sprestrt) - C:\WINDOWS\System32\sprestrt.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (sprestrt) - C:\WINDOWS\System32\sprestrt.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (sprestrt) - C:\WINDOWS\System32\sprestrt.exe (Microsoft Corporation)

Solltest du deinen Benutzernamen z. B. durch "*****" unkenntlich gemacht haben, so füge an entsprechender Stelle deinen richtigen Benutzernamen ein. Andernfalls wird der Fix nicht funktionieren.
Schließe bitte nun alle Programme.
Klicke nun bitte auf den Fix Button.
OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
Nach dem Neustart findest Du ein Textdokument auf deinem Desktop.
( Auch zu finden unter C:\_OTL\MovedFiles\<Uhrzeit_Datum>.txt)
Kopiere nun den Inhalt hier in Deinen Thread

Versuch mal den Rechner neu zu starten. Wenn es nicht geht bitte ein frisches OTLPE Log. Daten schon gesichert?

dcom13 · 13.01.2014, 21:38

die 01132014_210309.txt:

Code:

ATTFilter

========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Control\Session manager\\BootExecute:sprestrt deleted successfully.
C:\WINDOWS\system32\sprestrt.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Control\Session manager\\BootExecute:sprestrt deleted successfully.
File C:\WINDOWS\System32\sprestrt.exe not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Control\Session manager\\BootExecute:sprestrt deleted successfully.
File C:\WINDOWS\System32\sprestrt.exe not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Control\Session manager\\BootExecute:sprestrt deleted successfully.
File C:\WINDOWS\System32\sprestrt.exe not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Control\Session manager\\BootExecute:sprestrt deleted successfully.
File C:\WINDOWS\System32\sprestrt.exe not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Control\Session manager\\BootExecute:sprestrt deleted successfully.
File C:\WINDOWS\System32\sprestrt.exe not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Control\Session manager\\BootExecute:sprestrt deleted successfully.
File C:\WINDOWS\System32\sprestrt.exe not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Control\Session manager\\BootExecute:sprestrt deleted successfully.
File C:\WINDOWS\System32\sprestrt.exe not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Control\Session manager\\BootExecute:sprestrt deleted successfully.
File C:\WINDOWS\System32\sprestrt.exe not found.
Registry value HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Control\Session manager\\BootExecute:sprestrt deleted successfully.
File C:\WINDOWS\System32\sprestrt.exe not found.
 
OTLPE by OldTimer - Version 3.1.48.0 log created on 01132014_210309

Nach Neustart wie gehabt, nach dem Windows-Fenster kam wieder der Absturz.

der neue OTLPE log:

Code:

ATTFilter

OTL logfile created on: 1/13/2014 9:23:08 PM - Run 
OTLPE by OldTimer - Version 3.1.48.0     Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 2 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 6.0.2800.2180)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1,015.00 Mb Total Physical Memory | 776.00 Mb Available Physical Memory | 76.00% Memory free
903.00 Mb Paging File | 843.00 Mb Available in Paging File | 93.00% Paging File free
Paging file location(s): d:\pagefile.sys 1024 1024 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 48.83 Gb Total Space | 10.31 Gb Free Space | 21.12% Space Free | Partition Type: NTFS
Drive D: | 184.05 Gb Total Space | 50.38 Gb Free Space | 27.37% Space Free | Partition Type: NTFS
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet004
 
========== Win32 Services (SafeList) ==========
 
SRV - File not found [Auto] --  -- (LckFldService)
SRV - File not found [Disabled] --  -- (HidServ)
SRV - File not found [On_Demand] --  -- (AppMgmt)
SRV - [2013/12/19 11:27:48 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/12/19 09:44:33 | 000,440,376 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2013/12/19 09:40:16 | 001,011,768 | ---- | M] (Avira Operations GmbH & Co. KG) [Disabled] -- C:\Programme\Avira\AntiVir Desktop\AVWEBGRD.EXE -- (AntiVirWebService)
SRV - [2013/12/11 16:55:37 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/12/06 09:47:20 | 001,229,528 | ---- | M] (Secunia) [Auto] -- C:\Programme\Secunia\PSI\PSIA.exe -- (Secunia PSI Agent)
SRV - [2013/12/06 09:47:20 | 000,662,232 | ---- | M] (Secunia) [Auto] -- C:\Programme\Secunia\PSI\sua.exe -- (Secunia Update Agent)
SRV - [2013/12/04 12:46:55 | 000,440,376 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2013/04/04 08:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto] -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 08:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto] -- C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/05/24 06:28:56 | 000,055,184 | ---- | M] (Apple Inc.) [Auto] -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2008/10/20 15:18:26 | 000,071,096 | ---- | M] () [Auto] -- C:\Programme\CDBurnerXP\NMSAccessU.exe -- (NMSAccessU)
SRV - [2007/06/08 10:58:52 | 000,126,976 | ---- | M] (Olivetti) [Auto] -- C:\Programme\Olivetti\ANY_WAY\olMntrService.exe -- (olMntrService)
SRV - [2006/12/14 09:00:00 | 000,544,768 | ---- | M] (Magix AG) [On_Demand] -- C:\Programme\Gemeinsame Dateien\MAGIX Shared\UPnPService\UPnPService.exe -- (UPnPService)
SRV - [2005/11/17 07:18:52 | 001,527,900 | ---- | M] (MAGIX®) [On_Demand] -- C:\Common\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
SRV - [2004/10/21 20:24:18 | 000,073,728 | ---- | M] (Macrovision Corporation) [On_Demand] -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand] --  -- (UIUSys)
DRV - File not found [Kernel | On_Demand] --  -- (rtl8139) NT-Treiber für Realtek RTL8139(A/B/C)
DRV - File not found [Kernel | Boot] --  -- (PxHelp20)
DRV - File not found [Kernel | On_Demand] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] --  -- (PDCOMP)
DRV - File not found [Kernel | System] --  -- (PCIDump)
DRV - File not found [Kernel | On_Demand] --  -- (pccsmcfd)
DRV - File not found [Kernel | System] --  -- (lbrtfdc)
DRV - File not found [Kernel | On_Demand] --  -- (Lavasoft Kernexplorer)
DRV - File not found [Kernel | System] --  -- (i2omgmt)
DRV - File not found [Kernel | On_Demand] --  -- (cpuz132)
DRV - File not found [Kernel | System] --  -- (Changer)
DRV - File not found [Kernel | On_Demand] --  -- (catchme)
DRV - [2013/12/19 09:44:43 | 000,135,648 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2013/12/19 09:44:43 | 000,090,400 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2013/12/06 09:47:12 | 000,016,024 | ---- | M] (Secunia) [File_System | On_Demand] -- C:\WINDOWS\system32\drivers\psi_mf_x86.sys -- (PSI)
DRV - [2013/12/04 12:57:45 | 000,037,352 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System] -- C:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2013/04/04 08:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012/08/27 08:50:24 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010/08/12 07:15:20 | 000,064,288 | ---- | M] (Lavasoft AB) [File_System | Boot] -- C:\WINDOWS\system32\drivers\Lbd.sys -- (Lbd)
DRV - [2009/09/10 09:58:26 | 000,021,648 | ---- | M] (OLYMPUS IMAGING CORP.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\OlyCamComm.sys -- (OlyCamComm)
DRV - [2009/03/25 07:29:52 | 000,130,432 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2008/04/04 11:34:26 | 000,014,208 | ---- | M] (MAGIX) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\disksec.sys -- (DiskSec)
DRV - [2007/05/11 06:59:20 | 000,017,536 | ---- | M] (Olivetti-Engineering SA) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\olsrvusb.sys -- (OLSVUSB)
DRV - [2006/09/12 13:27:00 | 004,381,184 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2006/02/28 07:00:00 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2004/11/11 06:00:00 | 000,010,240 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nvmpu401.sys -- (nvmpu401) Service for NVIDIA(R) nForce(TM)
DRV - [2002/10/22 09:45:42 | 000,668,160 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\sbpci.sys -- (sbpci) SB PCI Family Audio Driver (WDM)
DRV - [2002/09/06 03:54:28 | 000,010,194 | ---- | M] (Creative Technology Ltd.) [Kernel | Auto] -- C:\WINDOWS\system32\PFMODNT.SYS -- (PfModNT)
DRV - [2002/07/16 03:58:12 | 000,379,726 | ---- | M] (C-Media Inc) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\cmaudio.sys -- (cmpci) C-Media PCI Audio Driver (WDM)
DRV - [2001/08/17 06:19:34 | 000,040,704 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\es1371mp.sys -- (es1371) Creative AudioPCI (ES1371,ES1373) (WDM)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\Administrator_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\Elias_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\Eltern_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKU\Eltern_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKU\Eltern_ON_C\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com
IE - HKU\Eltern_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com
IE - HKU\Eltern_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\Jakob_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKU\Jakob_ON_C\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com
IE - HKU\Jakob_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com
IE - HKU\Jakob_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\LocalService_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snap.do/?publisher=Tuguu&dpid=Tuguu&co=DE&userid=9860d7ef-875b-4f67-8bbf-8ad46998548d&searchtype=ds&q={searchTerms}&installDate=26/04/2013
IE - HKU\LocalService_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed.snap.do/?publisher=Tuguu&dpid=Tuguu&co=DE&userid=9860d7ef-875b-4f67-8bbf-8ad46998548d&searchtype=hp&installDate=26/04/2013
IE - HKU\LocalService_ON_C\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://feed.snap.do/?publisher=Tuguu&dpid=Tuguu&co=DE&userid=9860d7ef-875b-4f67-8bbf-8ad46998548d&searchtype=ds&q={searchTerms}&installDate=26/04/2013
IE - HKU\LocalService_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://feed.snap.do/?publisher=Tuguu&dpid=Tuguu&co=DE&userid=9860d7ef-875b-4f67-8bbf-8ad46998548d&searchtype=ds&q={searchTerms}&installDate=26/04/2013
IE - HKU\LocalService_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\Lukas_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\NetworkService_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snap.do/?publisher=Tuguu&dpid=Tuguu&co=DE&userid=9860d7ef-875b-4f67-8bbf-8ad46998548d&searchtype=ds&q={searchTerms}&installDate=26/04/2013
IE - HKU\NetworkService_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed.snap.do/?publisher=Tuguu&dpid=Tuguu&co=DE&userid=9860d7ef-875b-4f67-8bbf-8ad46998548d&searchtype=hp&installDate=26/04/2013
IE - HKU\NetworkService_ON_C\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://feed.snap.do/?publisher=Tuguu&dpid=Tuguu&co=DE&userid=9860d7ef-875b-4f67-8bbf-8ad46998548d&searchtype=ds&q={searchTerms}&installDate=26/04/2013
IE - HKU\NetworkService_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://feed.snap.do/?publisher=Tuguu&dpid=Tuguu&co=DE&userid=9860d7ef-875b-4f67-8bbf-8ad46998548d&searchtype=ds&q={searchTerms}&installDate=26/04/2013
IE - HKU\NetworkService_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\Simon_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\systemprofile_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: D:\SICHERUNG\Lukas Ordner\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0:  
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Programme\Java\jre7\bin\dtplugin\npdeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin:  File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: C:\Programme\K-Lite Codec Pack\Real\Browser\Plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Programme\K-Lite Codec Pack\Real\Browser\Plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=8:  
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Programme\Mozilla Firefox\components [2013/12/21 15:32:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2013/12/21 15:32:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 24.2.0\extensions\\Components: C:\Programme\Mozilla Thunderbird\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 24.2.0\extensions\\Plugins: C:\Programme\Mozilla Thunderbird\plugins
 
[2013/12/19 11:13:31 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2013/12/19 12:45:51 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\browser\extensions
[2013/12/19 12:45:51 | 000,000,000 | ---D | M] (Default) -- C:\Programme\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
O1 HOSTS File: ([2013/12/14 09:07:28 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKU\Elias_ON_C..\Run: [RDReminder]  File not found
O4 - HKU\Jakob_ON_C..\RunOnce: [TSClientAXDisabler] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
O4 - HKU\Jakob_ON_C..\RunOnce: [TSClientMSIUninstaller] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
O4 - Startup: C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Autostart\Secunia PSI Tray.lnk = C:\Programme\Secunia\PSI\psi_tray.exe (Secunia)
O4 - Startup: C:\Dokumente und Einstellungen\Eltern\Startmenü\Programme\Autostart\Dropbox.lnk =  File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSharedDocuments = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoInternetOpenWith = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSharedDocuments = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 1
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSharedDocuments = 1
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\Elias_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKU\Elias_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 1
O7 - HKU\Elias_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSharedDocuments = 1
O7 - HKU\Elias_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\Eltern_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKU\Eltern_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 1
O7 - HKU\Eltern_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSharedDocuments = 1
O7 - HKU\Eltern_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\Eltern_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0
O7 - HKU\Jakob_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\Jakob_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 1
O7 - HKU\Jakob_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSharedDocuments = 1
O7 - HKU\Jakob_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\Jakob_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 67108863
O7 - HKU\Jakob_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 1
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSharedDocuments = 1
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\Lukas_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKU\Lukas_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 1
O7 - HKU\Lukas_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSharedDocuments = 1
O7 - HKU\Lukas_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 1
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSharedDocuments = 1
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\Simon_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKU\Simon_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 1
O7 - HKU\Simon_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSharedDocuments = 1
O7 - HKU\Simon_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\systemprofile_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKU\systemprofile_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 1
O7 - HKU\systemprofile_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSharedDocuments = 1
O7 - HKU\systemprofile_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - Reg Error: Value error. File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O12 - Plugin for: .UVR - C:\Programme\Internet Explorer\Plugins\NPUPano.dll (Ulead Systems, Inc.)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1387471123250 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_45-windows-i586.cab (Java Plug-in 10.45.2)
O16 - DPF: {CAFEEFAC-0017-0000-0045-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_45-windows-i586.cab (Java Plug-in 1.7.0_45)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_45-windows-i586.cab (Java Plug-in 1.7.0_45)
O18 - Protocol\Handler\haufereader {39198710-62F7-42CD-9458-069843FA5D32} - C:\Programme\Haufe\HaufeReader\HRInstmon.dll (Haufe Mediengruppe)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/01/20 10:46:41 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/01/13 21:03:09 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/12/25 12:39:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\All Users
[2013/12/25 12:26:43 | 000,000,000 | ---D | C] -- C:\Programme\Messenger
[2013/12/25 12:26:42 | 000,377,984 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2dvaa.dll
[2013/12/25 12:26:42 | 000,229,376 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2cqag.dll
[2013/12/25 12:26:42 | 000,201,728 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2dvag.dll
[2013/12/25 12:26:41 | 001,888,992 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ati3duag.dll
[2013/12/25 12:26:41 | 001,737,856 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\mtxparhd.dll
[2013/12/25 12:26:41 | 000,870,784 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ati3d1ag.dll
[2013/12/25 12:26:41 | 000,516,768 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ativvaxx.dll
[2013/12/25 12:26:41 | 000,086,016 | ---- | C] (Conexant) -- C:\WINDOWS\System32\mdmxsdk.dll
[2013/12/25 12:26:41 | 000,032,768 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativtmxx.dll
[2013/12/25 12:26:41 | 000,032,285 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\hsfcisp2.dll
[2013/12/25 12:26:41 | 000,023,040 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativmvxx.ax
[2013/12/25 12:26:41 | 000,009,728 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativdaxx.ax
[2013/12/25 12:26:40 | 004,274,816 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nv4_disp.dll
[2013/12/25 12:26:40 | 000,397,056 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\s3gnb.dll
[2013/12/25 12:26:40 | 000,286,792 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slextspk.dll
[2013/12/25 12:26:40 | 000,188,508 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slgen.dll
[2013/12/25 12:26:40 | 000,073,832 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slcoinst.dll
[2013/12/25 12:26:40 | 000,073,796 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slserv.exe
[2013/12/25 12:26:40 | 000,032,866 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slrundll.exe
[2013/12/25 12:26:40 | 000,032,866 | ---- | C] (Smart Link) -- C:\WINDOWS\slrundll.exe
[2013/12/25 12:26:40 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vidcap.ax
[2013/12/25 12:26:38 | 000,000,000 | ---D | C] -- C:\Programme\msn
[2013/12/25 12:26:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2013/12/25 12:22:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2013/12/25 12:22:29 | 000,004,255 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv01nt5.dll
[2013/12/25 12:22:29 | 000,003,967 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv02nt5.dll
[2013/12/25 12:22:29 | 000,003,647 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv07nt5.dll
[2013/12/25 12:22:29 | 000,003,615 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv05nt5.dll
[2013/12/25 12:22:29 | 000,003,135 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv08nt5.dll
[2013/12/25 12:22:28 | 000,063,663 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1rvxx.sys
[2013/12/25 12:22:28 | 000,056,623 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1btxx.sys
[2013/12/25 12:22:28 | 000,030,671 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1raxx.sys
[2013/12/25 12:22:28 | 000,012,047 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1pdxx.sys
[2013/12/25 12:22:28 | 000,011,615 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1mdxx.sys
[2013/12/25 12:22:28 | 000,003,775 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv11nt5.dll
[2013/12/25 12:22:28 | 000,003,711 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv09nt5.dll
[2013/12/25 12:22:27 | 000,701,952 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtag.sys
[2013/12/25 12:22:27 | 000,327,168 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtaa.sys
[2013/12/25 12:22:27 | 000,104,960 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinrvxx.sys
[2013/12/25 12:22:27 | 000,057,856 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinbtxx.sys
[2013/12/25 12:22:27 | 000,052,224 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinraxx.sys
[2013/12/25 12:22:27 | 000,036,463 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1tuxx.sys
[2013/12/25 12:22:27 | 000,034,735 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xsxx.sys
[2013/12/25 12:22:27 | 000,029,455 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xbxx.sys
[2013/12/25 12:22:27 | 000,026,367 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1snxx.sys
[2013/12/25 12:22:27 | 000,021,343 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1ttxx.sys
[2013/12/25 12:22:27 | 000,014,336 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinpdxx.sys
[2013/12/25 12:22:27 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinmdxx.sys
[2013/12/25 12:22:26 | 000,073,216 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atintuxx.sys
[2013/12/25 12:22:26 | 000,063,488 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxsxx.sys
[2013/12/25 12:22:26 | 000,031,744 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxbxx.sys
[2013/12/25 12:22:26 | 000,028,672 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinsnxx.sys
[2013/12/25 12:22:26 | 000,025,471 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv04nt5.dll
[2013/12/25 12:22:26 | 000,021,183 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv01nt5.dll
[2013/12/25 12:22:26 | 000,017,279 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv10nt5.dll
[2013/12/25 12:22:26 | 000,014,143 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv06nt5.dll
[2013/12/25 12:22:26 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinttxx.sys
[2013/12/25 12:22:26 | 000,011,359 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv02nt5.dll
[2013/12/25 12:22:25 | 000,015,423 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\ch7xxnt5.dll
[2013/12/25 12:22:23 | 001,309,184 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlstrm.sys
[2013/12/25 12:22:23 | 000,452,736 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\drivers\mtxparhm.sys
[2013/12/25 12:22:23 | 000,126,686 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlmnt5.sys
[2013/12/25 12:22:23 | 000,012,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mutohpen.sys
[2013/12/25 12:22:22 | 000,180,360 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\ntmtlfax.sys
[2013/12/25 12:22:22 | 000,030,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rndismpx.sys
[2013/12/25 12:22:22 | 000,013,776 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\recagent.sys
[2013/12/25 12:22:21 | 000,404,990 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slntamr.sys
[2013/12/25 12:22:21 | 000,166,912 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\drivers\s3gnbm.sys
[2013/12/25 12:22:21 | 000,129,535 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnt7554.sys
[2013/12/25 12:22:21 | 000,095,424 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnthal.sys
[2013/12/25 12:22:21 | 000,013,240 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slwdmsup.sys
[2013/12/25 12:22:21 | 000,011,325 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\vchnt5.dll
[2013/12/25 12:22:21 | 000,003,901 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\siint5.dll
[2013/12/25 12:22:20 | 000,025,471 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\watv10nt.sys
[2013/12/25 12:22:20 | 000,022,271 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\watv06nt.sys
[2013/12/25 12:22:20 | 000,011,935 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv11nt.sys
[2013/12/25 12:22:20 | 000,011,871 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv09nt.sys
[2013/12/25 12:22:20 | 000,011,807 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv07nt.sys
[2013/12/25 12:22:20 | 000,011,295 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv08nt.sys
[2013/12/25 12:20:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\EHome
[2013/12/21 15:31:58 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\QuickTime
[2013/12/21 15:31:44 | 000,000,000 | ---D | C] -- C:\Programme\QuickTime
[2013/12/21 12:03:48 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Jakob\Lokale Einstellungen\Anwendungsdaten\Secunia PSI
[2013/12/21 12:03:24 | 000,000,000 | ---D | C] -- C:\Programme\Secunia
[2013/12/20 10:18:05 | 000,275,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll
[2013/12/20 10:18:05 | 000,018,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll.mui
[2013/12/20 06:59:41 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\Eltern\IETldCache
[2013/12/19 15:15:49 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft CAPICOM 2.1.0.2
[2013/12/19 13:42:59 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\Jakob\IECompatCache
[2013/12/19 13:40:36 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\Jakob\PrivacIE
[2013/12/19 13:38:23 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\Jakob\IETldCache
[2013/12/19 13:32:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2013/12/19 13:28:59 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2013/12/19 13:23:24 | 000,522,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsdbgui.dll
[2013/12/19 13:22:24 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[2013/12/19 11:27:35 | 000,000,000 | ---D | C] -- C:\Programme\Mozilla Thunderbird
[2013/12/19 11:26:10 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Jakob\Lokale Einstellungen\Anwendungsdaten\Thunderbird
[2013/12/19 11:20:15 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Adobe
[2013/12/19 11:01:35 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2013/12/19 11:01:28 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2013/12/19 11:01:28 | 000,174,504 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2013/12/19 11:01:28 | 000,094,632 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2013/12/19 11:01:28 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Java
[2013/12/19 10:59:30 | 029,040,552 | ---- | C] (Oracle Corporation) -- C:\jre-7u45-windows-i586.exe
[2013/12/19 10:49:16 | 000,010,194 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\PFMODNT.SYS
[2013/12/19 10:49:16 | 000,000,000 | ---D | C] -- C:\Programme\Creative
[2013/12/16 17:14:22 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2013/12/15 18:56:34 | 000,000,000 | ---D | C] -- C:\FRST-OlderVersion
[2010/12/06 17:09:55 | 003,171,208 | ---- | C] (Piriform Ltd) -- C:\Programme\ccsetup216.exe
[2009/07/27 15:05:48 | 000,494,520 | ---- | C] (MAGIX AG) -- C:\Programme\addoninstall.exe
[2009/07/27 15:05:48 | 000,202,208 | ---- | C] (MAGIX AG) -- C:\Programme\reinstall3rdParty.exe
[2009/07/27 15:05:46 | 000,431,376 | ---- | C] (Microsoft Corporation) -- C:\Programme\riched20.dll
[2009/07/27 15:05:46 | 000,315,392 | ---- | C] (MAGIX AG) -- C:\Programme\eModeUpgradeDlg.dll
[2009/07/27 15:05:46 | 000,024,576 | ---- | C] (Magix AG) -- C:\Programme\Validation.exe
[2009/07/27 15:05:24 | 000,189,920 | ---- | C] (MAGIX AG) -- C:\Programme\instslct.exe
[2009/07/27 15:05:24 | 000,185,824 | ---- | C] (MAGIX AG) -- C:\Programme\unwise.exe
[2009/07/27 15:05:24 | 000,087,520 | ---- | C] (MAGIX AG) -- C:\Programme\unwise.adf
[2009/07/27 15:05:24 | 000,034,304 | ---- | C] (MAGIX) -- C:\Programme\CDBurnProfiler.exe
[2009/07/27 15:05:15 | 000,237,568 | ---- | C] (MAGIX Development) -- C:\Programme\MxAutoUpdate.dll
[2009/07/27 15:05:14 | 000,094,208 | ---- | C] (MAGIX AG) -- C:\Programme\MagixOFA-ger.dll
[2009/07/27 15:05:13 | 009,736,192 | ---- | C] (MAGIX AG) -- C:\Programme\CleaningLab.exe
[2009/07/27 15:05:13 | 000,806,912 | ---- | C] (MAGIX AG) -- C:\Programme\AudioIDMng.dll
[2009/07/27 15:04:57 | 000,884,736 | ---- | C] (MAGIX AG) -- C:\Programme\MXTLC.dll
[2009/07/27 15:04:57 | 000,182,752 | ---- | C] (Microsoft Corporation) -- C:\Programme\URLMON.DLL
[2009/07/27 15:04:57 | 000,094,208 | ---- | C] ( ) -- C:\Programme\UNZDLL.DLL
[2009/07/27 15:04:56 | 000,770,048 | ---- | C] (MAGIX AG) -- C:\Programme\MagixOFA.dll
[2009/07/27 15:04:56 | 000,137,728 | ---- | C] (Intel Corporation) -- C:\Programme\IJL10.DLL
[2009/07/27 15:04:56 | 000,131,072 | ---- | C] (CASH) -- C:\Programme\Dac32.dll
[2009/07/27 15:04:56 | 000,045,056 | ---- | C] (Algorithmix GmbH) -- C:\Programme\Dscr.dll
[2009/07/27 15:04:56 | 000,040,960 | ---- | C] (Magix Development) -- C:\Programme\HHVREND2.AX
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2014/01/09 16:07:59 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2014/01/09 16:06:48 | 000,000,318 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2014/01/09 16:06:47 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014/01/07 15:57:02 | 000,207,304 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/12/26 07:35:10 | 000,000,448 | ---- | M] () -- C:\WINDOWS\tasks\PCCT - MAGIX AG.job
[2013/12/25 12:37:49 | 000,002,422 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/12/25 12:27:01 | 000,000,000 | R--D | M] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Zubehör
[2013/12/25 11:55:15 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/12/22 08:55:48 | 000,000,390 | ---- | M] () -- C:\Dokumente und Einstellungen\Eltern\Desktop\iTunes.lnk
[2013/12/22 08:39:46 | 000,001,505 | ---- | M] () -- C:\Dokumente und Einstellungen\Eltern\Desktop\Rechner.lnk
[2013/12/21 15:31:58 | 000,001,603 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop\QuickTime Player.lnk
[2013/12/21 15:31:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\QuickTime
[2013/12/21 14:10:02 | 000,288,911 | ---- | M] () -- C:\Dokumente und Einstellungen\Jakob\Desktop\Secunia - Internet Explorer.odt
[2013/12/21 12:03:33 | 000,000,744 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Autostart\Secunia PSI Tray.lnk
[2013/12/21 12:03:33 | 000,000,707 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Secunia PSI.lnk
[2013/12/21 12:03:33 | 000,000,000 | R--D | M] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Autostart
[2013/12/20 10:32:18 | 000,001,058 | ---- | M] () -- C:\Dokumente und Einstellungen\Eltern\Startmenü\Programme\Autostart\Dropbox.lnk
[2013/12/20 10:31:54 | 000,001,052 | ---- | M] () -- C:\Dokumente und Einstellungen\Eltern\Desktop\Dropbox.lnk
[2013/12/20 06:59:45 | 000,000,814 | ---- | M] () -- C:\Dokumente und Einstellungen\Eltern\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\Internet Explorer Browser starten.lnk
[2013/12/19 13:38:26 | 000,000,814 | ---- | M] () -- C:\Dokumente und Einstellungen\Jakob\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\Internet Explorer Browser starten.lnk
[2013/12/19 13:35:30 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2013/12/19 12:46:00 | 000,000,733 | ---- | M] () -- C:\Dokumente und Einstellungen\Jakob\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2013/12/19 12:45:53 | 000,000,721 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Mozilla Firefox.lnk
[2013/12/19 12:45:53 | 000,000,715 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop\Mozilla Firefox.lnk
[2013/12/19 11:51:07 | 000,122,366 | ---- | M] () -- C:\Dokumente und Einstellungen\Eltern\Eigene Dateien\bookmarks-2013-12-19.json
[2013/12/19 11:21:07 | 000,001,733 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop\Adobe Reader XI.lnk
[2013/12/19 11:21:06 | 000,001,804 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Adobe Reader XI.lnk
[2013/12/19 11:01:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Java
[2013/12/19 11:01:10 | 000,094,632 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\WindowsAccessBridge.dll
[2013/12/19 11:01:08 | 000,264,616 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaws.exe
[2013/12/19 11:01:08 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javaw.exe
[2013/12/19 11:01:08 | 000,174,504 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\java.exe
[2013/12/19 11:01:08 | 000,145,408 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\System32\javacpl.cpl
[2013/12/19 10:59:58 | 029,040,552 | ---- | M] (Oracle Corporation) -- C:\jre-7u45-windows-i586.exe
[2013/12/19 09:44:43 | 000,135,648 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2013/12/19 09:44:43 | 000,090,400 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013/12/25 12:22:26 | 000,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod
[2013/12/25 12:22:25 | 000,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty
[2013/12/25 12:22:23 | 000,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img
[2013/12/22 08:55:48 | 000,000,390 | ---- | C] () -- C:\Dokumente und Einstellungen\Eltern\Desktop\iTunes.lnk
[2013/12/21 15:31:58 | 000,001,603 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop\QuickTime Player.lnk
[2013/12/21 14:10:00 | 000,288,911 | ---- | C] () -- C:\Dokumente und Einstellungen\Jakob\Desktop\Secunia - Internet Explorer.odt
[2013/12/21 12:03:33 | 000,000,744 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Autostart\Secunia PSI Tray.lnk
[2013/12/21 12:03:33 | 000,000,707 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Secunia PSI.lnk
[2013/12/19 12:46:00 | 000,000,733 | ---- | C] () -- C:\Dokumente und Einstellungen\Jakob\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2013/12/19 12:45:53 | 000,000,721 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Mozilla Firefox.lnk
[2013/12/19 12:45:53 | 000,000,715 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop\Mozilla Firefox.lnk
[2013/12/19 11:51:07 | 000,122,366 | ---- | C] () -- C:\Dokumente und Einstellungen\Eltern\Eigene Dateien\bookmarks-2013-12-19.json
[2013/12/19 11:21:06 | 000,001,804 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Adobe Reader XI.lnk
[2013/12/19 11:21:06 | 000,001,733 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop\Adobe Reader XI.lnk
[2013/12/14 08:43:29 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2013/12/14 08:43:29 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2013/12/14 08:43:29 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2013/12/14 08:43:29 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2013/12/14 08:43:29 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2013/10/16 05:07:42 | 000,000,004 | ---- | C] () -- C:\Dokumente und Einstellungen\Eltern\Anwendungsdaten\settings.ini
[2013/10/08 16:50:37 | 000,002,494 | ---- | C] () -- C:\WINDOWS\System32\ASOROSet.bin
[2013/05/06 18:09:09 | 000,000,004 | ---- | C] () -- C:\Dokumente und Einstellungen\Eltern\Anwendungsdaten\skype.ini
[2013/01/27 11:56:42 | 000,005,632 | ---- | C] () -- C:\Dokumente und Einstellungen\Jakob\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/10/18 16:07:07 | 000,000,046 | ---- | C] () -- C:\WINDOWS\PCCT.INI
[2012/10/18 13:20:02 | 000,000,256 | ---- | C] () -- C:\WINDOWS\System32\pool.bin
[2012/08/14 14:07:42 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\CMedia.dll
[2012/08/14 14:07:42 | 000,077,824 | ---- | C] () -- C:\WINDOWS\CMedia.dll
[2012/08/14 14:07:42 | 000,049,152 | ---- | C] () -- C:\WINDOWS\c38uinst.exe
[2012/08/14 14:07:15 | 000,000,068 | ---- | C] () -- C:\WINDOWS\CMISETUP.INI
[2011/11/29 10:38:12 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll
[2011/11/29 10:38:12 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll
[2011/11/29 10:38:12 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll
[2011/11/29 10:38:12 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll
[2011/08/04 01:24:34 | 000,000,025 | ---- | C] () -- C:\WINDOWS\mixerdef.ini
[2011/08/03 16:06:19 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4926.dll
[2011/08/03 15:51:21 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
[2011/08/03 15:18:50 | 000,036,924 | ---- | C] () -- C:\WINDOWS\cmijack.dat
[2011/08/03 15:18:50 | 000,020,333 | ---- | C] () -- C:\WINDOWS\cmaudio.ini
[2011/08/03 15:18:50 | 000,020,333 | ---- | C] () -- C:\WINDOWS\cmaudio.dat
[2011/08/01 15:36:50 | 000,120,200 | ---- | C] () -- C:\WINDOWS\System32\DLLDEV32i.dll
[2011/07/13 09:49:53 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2011/05/11 15:16:07 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\rp_stats.dat
[2011/05/11 15:16:07 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\rp_rules.dat
[2011/04/11 16:26:26 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\unredmon.exe
[2011/04/11 16:26:25 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\redmonnt.dll
[2010/11/29 17:47:25 | 000,000,016 | -H-- | C] () -- C:\Dokumente und Einstellungen\Eltern\Anwendungsdaten\mxfilerelatedcache.mxc2
[2010/11/29 17:47:09 | 000,000,016 | -H-- | C] () -- C:\Dokumente und Einstellungen\Simon\mxfilerelatedcache.mxc2
[2010/11/29 17:47:09 | 000,000,016 | -H-- | C] () -- C:\Dokumente und Einstellungen\Lukas\mxfilerelatedcache.mxc2
[2010/11/29 17:47:09 | 000,000,016 | -H-- | C] () -- C:\Dokumente und Einstellungen\Jakob\mxfilerelatedcache.mxc2
[2010/11/29 17:47:09 | 000,000,016 | -H-- | C] () -- C:\Dokumente und Einstellungen\Eltern\mxfilerelatedcache.mxc2
[2010/11/29 17:47:09 | 000,000,016 | -H-- | C] () -- C:\Dokumente und Einstellungen\Elias\mxfilerelatedcache.mxc2
[2010/09/05 08:35:49 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2010/02/14 06:44:21 | 000,000,000 | ---- | C] () -- C:\WINDOWS\MusicEditor.INI
[2009/12/27 07:06:03 | 000,000,016 | -H-- | C] () -- C:\Programme\mxfilerelatedcache.mxc2
[2009/10/30 08:59:35 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2009/09/21 15:53:13 | 006,229,313 | ---- | C] () -- C:\Programme\pfsetup8.exe
[2009/09/19 04:32:16 | 000,036,824 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2009/09/18 03:45:55 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009/08/28 08:53:16 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2009/08/28 08:53:16 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2009/08/28 08:53:16 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2009/07/27 15:40:53 | 000,000,000 | ---- | C] () -- C:\WINDOWS\CleaningLab.INI
[2009/07/27 15:13:17 | 000,000,493 | ---- | C] () -- C:\Programme\crm.dat
[2009/07/27 15:12:44 | 000,010,129 | ---- | C] () -- C:\Programme\CleaningLab.ini
[2009/07/27 15:12:44 | 000,000,092 | ---- | C] () -- C:\Programme\CleaningLab_TB.ini
[2009/07/27 15:05:48 | 000,000,896 | ---- | C] () -- C:\Programme\reinstall3rdParty.ini
[2009/07/27 15:05:46 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll
[2009/07/27 15:05:46 | 000,000,142 | ---- | C] () -- C:\Programme\Validation.ini
[2009/07/27 15:05:45 | 000,786,305 | ---- | C] () -- C:\Programme\MAGIX Creation Logo.pdf
[2009/07/27 15:05:24 | 000,016,460 | ---- | C] () -- C:\Programme\support.rtf
[2009/07/27 15:05:24 | 000,015,338 | ---- | C] () -- C:\Programme\order.rtf
[2009/07/27 15:05:24 | 000,006,034 | ---- | C] () -- C:\Programme\uninstall.ini
[2009/07/27 15:05:24 | 000,002,778 | ---- | C] () -- C:\Programme\register.rtf
[2009/07/27 15:05:24 | 000,000,739 | ---- | C] () -- C:\Programme\unwise.ini
[2009/07/27 15:05:15 | 000,001,853 | ---- | C] () -- C:\Programme\mp3encoder_upgrade.rtf
[2009/07/27 15:05:14 | 003,264,259 | ---- | C] () -- C:\Programme\manual.pdf
[2009/07/27 15:05:14 | 000,217,088 | ---- | C] () -- C:\Programme\FreeDB_IT.dll
[2009/07/27 15:05:14 | 000,217,088 | ---- | C] () -- C:\Programme\FreeDB_FR.dll
[2009/07/27 15:05:14 | 000,217,088 | ---- | C] () -- C:\Programme\FreeDB_ES.dll
[2009/07/27 15:05:14 | 000,217,088 | ---- | C] () -- C:\Programme\FreeDB_D.dll
[2009/07/27 15:05:14 | 000,212,992 | ---- | C] () -- C:\Programme\FreeDB_NL.dll
[2009/07/27 15:05:14 | 000,212,992 | ---- | C] () -- C:\Programme\FreeDB_E.dll
[2009/07/27 15:05:14 | 000,176,128 | ---- | C] () -- C:\Programme\MagixRestart.exe
[2009/07/27 15:05:14 | 000,002,414 | ---- | C] () -- C:\Programme\Install.cfg
[2009/07/27 15:05:13 | 001,118,350 | ---- | C] () -- C:\Programme\CleaningLab.chm
[2009/07/27 15:05:13 | 000,028,672 | ---- | C] () -- C:\Programme\explore.exe
[2009/07/27 15:05:13 | 000,002,839 | ---- | C] () -- C:\Programme\AACencoder_upgrade.rtf
[2009/07/27 15:04:57 | 000,205,824 | ---- | C] () -- C:\Programme\mpeg2.dll
[2009/07/27 15:04:57 | 000,151,552 | ---- | C] () -- C:\Programme\OggDS.dll
[2009/07/27 15:04:57 | 000,055,808 | ---- | C] () -- C:\Programme\MP3UTIL.DLL
[2009/07/27 15:04:57 | 000,008,927 | ---- | C] () -- C:\Programme\pframe.bin
[2009/07/27 15:04:56 | 000,442,368 | ---- | C] () -- C:\Programme\MFL.dll
[2009/07/27 15:04:56 | 000,254,464 | ---- | C] () -- C:\Programme\mdabase.dll
[2009/07/27 15:04:56 | 000,001,462 | ---- | C] () -- C:\Programme\DxPlugins.ini
[2009/07/27 15:03:35 | 000,006,642 | ---- | C] () -- C:\WINDOWS\mgxoschk.ini
[2009/06/24 16:29:23 | 000,000,070 | ---- | C] () -- C:\WINDOWS\pex.INI
[2009/06/24 15:06:35 | 000,000,320 | ---- | C] () -- C:\WINDOWS\ulead32.ini
[2009/06/20 06:26:57 | 000,003,286 | ---- | C] () -- C:\Dokumente und Einstellungen\Eltern\.recently-used.xbel
[2009/05/01 13:28:07 | 000,001,387 | ---- | C] () -- C:\WINDOWS\disney.ini
[2009/04/29 02:30:15 | 000,193,536 | ---- | C] () -- C:\Dokumente und Einstellungen\Eltern\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/02/10 17:03:53 | 000,000,139 | ---- | C] () -- C:\Dokumente und Einstellungen\Eltern\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2009/02/10 17:01:33 | 000,278,583 | ---- | C] () -- C:\WINDOWS\System32\dnt27.dll
[2009/02/10 17:01:33 | 000,077,882 | ---- | C] () -- C:\WINDOWS\System32\dntvmc27.dll
[2009/02/10 17:01:33 | 000,073,785 | ---- | C] () -- C:\WINDOWS\System32\dntvm27.dll
[2009/02/10 17:00:47 | 000,001,126 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2009/02/10 17:00:47 | 000,000,052 | ---- | C] () -- C:\WINDOWS\Intuprof.ini
[2009/01/26 15:37:10 | 000,000,404 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI
[2009/01/26 15:32:05 | 000,002,698 | ---- | C] () -- C:\WINDOWS\System32\44wiaUiStr.bin
[2009/01/24 13:18:03 | 000,001,946 | ---- | C] () -- C:\WINDOWS\eReg.dat
[2009/01/22 09:02:44 | 000,003,680 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2009/01/21 04:56:05 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4764.dll
[2009/01/21 04:54:30 | 000,143,360 | R--- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2009/01/21 04:54:30 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2009/01/21 04:47:38 | 005,767,168 | -H-- | C] () -- C:\Dokumente und Einstellungen\Lukas\NTUSER.bak
[2009/01/21 04:44:41 | 006,029,312 | -H-- | C] () -- C:\Dokumente und Einstellungen\Jakob\NTUSER.bak
[2009/01/20 11:13:12 | 000,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009/01/20 11:13:12 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2009/01/20 11:13:10 | 000,755,027 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009/01/20 11:13:10 | 000,159,839 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009/01/20 11:13:08 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009/01/20 10:55:24 | 005,767,168 | -H-- | C] () -- C:\Dokumente und Einstellungen\Elias\NTUSER.bak
[2009/01/20 10:51:23 | 011,796,480 | ---- | C] () -- C:\Dokumente und Einstellungen\Eltern\NTUSER.bak
[2009/01/20 10:50:39 | 000,245,760 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\NTUSER.bak
[2009/01/20 10:50:36 | 000,245,760 | ---- | C] () -- C:\Dokumente und Einstellungen\NetworkService\NTUSER.bak
[2009/01/20 10:49:18 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009/01/20 10:44:22 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009/01/20 10:34:24 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009/01/20 10:33:13 | 000,207,304 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2006/02/28 07:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2006/02/28 07:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2006/02/28 07:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2006/02/28 07:00:00 | 000,269,480 | ---- | C] () -- C:\WINDOWS\System32\perfi007.dat
[2006/02/28 07:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2006/02/28 07:00:00 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll
[2006/02/28 07:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2006/02/28 07:00:00 | 000,034,478 | ---- | C] () -- C:\WINDOWS\System32\perfd007.dat
[2006/02/28 07:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2006/02/28 07:00:00 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
[2006/02/28 07:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2006/02/28 07:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2006/02/28 07:00:00 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2005/11/16 06:27:02 | 000,008,636 | ---- | C] () -- C:\WINDOWS\System32\modifype.exe
[2005/03/24 07:18:04 | 000,491,077 | ---- | C] () -- C:\WINDOWS\System32\QCONNECT.DLL
[2004/11/11 07:00:00 | 000,452,400 | ---- | C] () -- C:\WINDOWS\System32\perfh007.dat
[2004/11/11 07:00:00 | 000,435,140 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/11/11 07:00:00 | 000,082,570 | ---- | C] () -- C:\WINDOWS\System32\perfc007.dat
[2004/11/11 07:00:00 | 000,069,320 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/11/11 07:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/05/08 10:00:00 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\SecoCrypt32.DLL
[2001/05/24 04:20:38 | 000,544,256 | ---- | C] () -- C:\WINDOWS\System32\janGraphics.dll
[2000/06/27 19:00:00 | 000,124,416 | ---- | C] () -- C:\WINDOWS\System32\dXCtrls.dll
[1999/12/06 09:31:22 | 000,017,920 | ---- | C] () -- C:\WINDOWS\System32\IMPLODE.DLL
[1999/09/21 18:03:54 | 000,100,352 | ---- | C] () -- C:\WINDOWS\System32\PG32CONV.DLL
[1999/01/27 17:54:31 | 000,102,400 | ---- | C] () -- C:\Programme\Rn5b3241.dll
[1997/06/14 02:56:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll
 
========== LOP Check ==========
 
[2009/01/20 11:09:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Elias\Anwendungsdaten\Thunderbird
[2012/03/25 07:53:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Eltern\Anwendungsdaten\788C8
[2012/05/23 04:24:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Eltern\Anwendungsdaten\Amazon
[2009/02/08 13:24:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Eltern\Anwendungsdaten\Canneverbe_Limited
[2009/02/10 17:07:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Eltern\Anwendungsdaten\DataDesign
[2013/12/25 11:50:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Eltern\Anwendungsdaten\Dropbox
[2012/09/17 09:35:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Eltern\Anwendungsdaten\DVDVideoSoft
[2012/03/03 05:50:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Eltern\Anwendungsdaten\e-academy Inc
[2011/08/03 14:58:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Eltern\Anwendungsdaten\Easeware
[2009/06/20 06:26:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Eltern\Anwendungsdaten\gtk-2.0
[2013/06/27 11:29:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Eltern\Anwendungsdaten\Hybafu
[2009/06/29 08:54:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Eltern\Anwendungsdaten\Leadertech
[2011/08/01 15:50:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Eltern\Anwendungsdaten\MAGIX
[2010/05/03 11:41:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Eltern\Anwendungsdaten\MatchWare
[2009/01/26 10:51:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Eltern\Anwendungsdaten\OpenOffice.org
[2012/06/03 09:22:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Eltern\Anwendungsdaten\Opera
[2012/05/20 04:21:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Eltern\Anwendungsdaten\PC Suite
[2009/03/16 11:14:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Eltern\Anwendungsdaten\Phase6
[2012/06/08 08:40:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Eltern\Anwendungsdaten\Philipp Winterberg
[2012/10/18 13:19:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Eltern\Anwendungsdaten\Research In Motion
[2012/05/01 02:13:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Eltern\Anwendungsdaten\Saaz
[2011/12/21 10:15:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Eltern\Anwendungsdaten\Samsung
[2009/01/26 15:37:09 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Eltern\Anwendungsdaten\ScanSoft
[2012/06/03 09:20:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Eltern\Anwendungsdaten\TeamViewer
[2009/07/15 06:02:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Eltern\Anwendungsdaten\temp
[2012/10/15 04:18:23 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Eltern\Anwendungsdaten\Thunderbird
[2013/10/03 02:53:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Eltern\Anwendungsdaten\Ulead Systems
[2012/09/18 14:10:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Eltern\Anwendungsdaten\Uniblue
[2011/09/26 05:43:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Eltern\Anwendungsdaten\XMedia Recode
[2013/06/26 17:04:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Eltern\Anwendungsdaten\Xydyx
[2013/06/24 17:21:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Eltern\Anwendungsdaten\Yzyf
[2013/11/13 16:06:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jakob\Anwendungsdaten\Dropbox
[2013/04/18 16:45:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jakob\Anwendungsdaten\DVDVideoSoft
[2013/01/27 05:59:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jakob\Anwendungsdaten\MAGIX
[2009/02/14 03:31:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jakob\Anwendungsdaten\OpenOffice.org
[2009/05/20 05:53:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jakob\Anwendungsdaten\Phase6
[2009/02/18 04:01:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jakob\Anwendungsdaten\temp
[2013/12/19 11:26:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jakob\Anwendungsdaten\Thunderbird
[2009/01/22 07:29:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lukas\Anwendungsdaten\OpenOffice.org
[2009/01/27 08:00:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lukas\Anwendungsdaten\temp
[2009/01/21 04:48:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lukas\Anwendungsdaten\Thunderbird
[2009/01/20 11:10:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Simon\Anwendungsdaten\Thunderbird
[2013/05/17 11:48:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\789135DF91D28AC600007890BD528E80
[2011/04/11 16:29:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\FreePDF
[2011/08/01 15:38:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\MAGIX
[2010/12/25 09:03:23 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\OLYMPUS
[2011/03/13 12:30:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\Phase6
[2012/05/08 15:11:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\Samsung
[2009/01/26 15:37:09 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\ScanSoft
[2009/06/24 15:02:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\Ulead Systems
[2010/07/01 10:48:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/09/13 05:35:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/09/04 08:43:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2012/09/12 08:20:58 | 000,000,392 | ---- | M] () -- C:\WINDOWS\Tasks\DriverEasy Scheduled Scan.job
[2013/12/26 07:35:10 | 000,000,448 | ---- | M] () -- C:\WINDOWS\Tasks\PCCT - MAGIX AG.job
[2013/12/25 12:38:54 | 000,032,544 | ---- | M] () -- C:\WINDOWS\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Files - Unicode (All) ==========
[2013/11/21 14:27:00 | 105,531,440 | ---- | M] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\㍯뎌L
[2013/11/21 14:27:00 | 105,531,440 | ---- | C] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\㍯뎌L
[2013/11/18 12:23:35 | 104,931,504 | ---- | M] ()(C:\WINDOWS\System32\?\L) -- C:\WINDOWS\System32\㻽∖L
[2013/11/18 12:23:35 | 104,931,504 | ---- | C] ()(C:\WINDOWS\System32\?\L) -- C:\WINDOWS\System32\㻽∖L
[2013/11/13 11:21:05 | 104,010,312 | ---- | M] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\툹蕰L
[2013/11/13 11:21:05 | 104,010,312 | ---- | C] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\툹蕰L
[2013/11/12 16:23:42 | 103,974,937 | ---- | M] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\븅嫦L
[2013/11/12 16:23:42 | 103,974,937 | ---- | C] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\븅嫦L
[2013/11/12 09:38:50 | 103,891,779 | ---- | M] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\勈ﻻL
[2013/11/12 09:38:50 | 103,891,779 | ---- | C] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\勈ﻻL
[2013/11/11 09:22:35 | 103,716,811 | ---- | M] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\誺옃L
[2013/11/11 09:22:35 | 103,716,811 | ---- | C] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\誺옃L
[2013/11/10 12:52:46 | 103,551,423 | ---- | M] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\쇉ᗻL
[2013/11/10 12:52:46 | 103,551,423 | ---- | C] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\쇉ᗻL
[2013/11/09 09:13:49 | 103,378,319 | ---- | M] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\阝L
[2013/11/09 09:01:53 | 103,378,319 | ---- | C] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\阝L
[2013/11/04 12:50:32 | 104,964,650 | ---- | M] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\꟢컳L
[2013/11/04 12:50:32 | 104,964,650 | ---- | C] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\꟢컳L
[2013/10/23 08:07:52 | 102,551,358 | ---- | M] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\�蔓L
[2013/10/23 08:07:52 | 102,551,358 | ---- | C] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\�蔓L
[2013/10/22 11:31:24 | 102,329,055 | ---- | M] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\㛢L
[2013/10/22 11:31:24 | 102,329,055 | ---- | C] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\㛢L
[2013/10/21 13:19:14 | 102,171,793 | ---- | M] ()(C:\WINDOWS\System32\T?L) -- C:\WINDOWS\System32\T獷L
[2013/10/21 13:19:14 | 102,171,793 | ---- | C] ()(C:\WINDOWS\System32\T?L) -- C:\WINDOWS\System32\T獷L
[2013/10/17 05:32:41 | 101,413,064 | ---- | M] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\嬑蛷L
[2013/10/17 05:32:41 | 101,413,064 | ---- | C] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\嬑蛷L
[2013/10/16 12:21:53 | 101,406,750 | ---- | M] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\鏠綀L
[2013/10/16 12:21:53 | 101,406,750 | ---- | C] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\鏠綀L
[2013/10/15 02:37:30 | 101,076,544 | ---- | M] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\⛞ﴜL
[2013/10/15 02:37:30 | 101,076,544 | ---- | C] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\⛞ﴜL
[2013/10/14 11:42:30 | 100,910,526 | ---- | M] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\ባ屷L
[2013/10/14 11:42:30 | 100,910,526 | ---- | C] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\ባ屷L
[2013/10/12 01:28:36 | 100,595,853 | ---- | M] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\鶛겱L
[2013/10/12 01:28:36 | 100,595,853 | ---- | C] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\鶛겱L
[2013/10/11 04:20:29 | 100,446,413 | ---- | M] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\단ꞲL
[2013/10/11 04:20:29 | 100,446,413 | ---- | C] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\단ꞲL
[2013/10/04 02:20:46 | 099,176,917 | ---- | M] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\糯L
[2013/10/04 02:20:46 | 099,176,917 | ---- | C] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\糯L
[2013/10/01 14:01:27 | 098,612,549 | ---- | M] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\샣L
[2013/10/01 14:01:27 | 098,612,549 | ---- | C] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\샣L
[2013/09/17 15:14:01 | 098,062,984 | ---- | M] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\篔䛿L
[2013/09/17 15:14:01 | 098,062,984 | ---- | C] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\篔䛿L
< End of report >

Allerdings ist mir der Rechner bei der Suche nach der extras.txt abgestürzt und bootet garnicht mehr.

schrauber · 14.01.2014, 14:55

Zitat:

Allerdings ist mir der Rechner bei der Suche nach der extras.txt abgestürzt und bootet garnicht mehr.

Geht das ein wenig genauer?

dcom13 · 15.01.2014, 22:50

ich hatte die Laufwerke nach der txt-Datei durchsucht, dabei ist der Rechner abgestürzt.
Er fährt nicht mehr noch. Er macht garnichts mehr. Nur noch ein schwarzer Bidlschirm. Dasselbe bei erneueten einschalten.

heute abend hat der Rechner wieder gebootet. Ging aber nur bis "Starting Reatogo-X-PE". Habe den Rechner über eine Stunde laufen lassen, hat sich aber nicht weiter getan.

schrauber · 16.01.2014, 16:22

Was passiert wenn Du den Rechner normal bootest, ohne CD, also Windows, und mehrfach F8 drückst. Kommst Du bis zur auswahl Safe Mode und Co?

dcom13 · 17.01.2014, 22:25

also mit F8 bin ich im abgesicherten Modus bis zum "Setup"-Fenster gekommen.
Nach dem Neustart ist der Rechner wieder hochgefahren und ich hatte wieder den Desktop von Reatogo.
Insofern könnte ich, wie es aussieht, nach deinen Anweisungen weiter mit dem Reparieren fortfahren.

schrauber · 18.01.2014, 09:56

Wie kann der Rechner nach Reatogo booten, wenn ich gesagt habe du sollst den Rechner bitte normal booten ohne CD?

Egal, öffne OTLPE und kopiere das in die Box

Code:

ATTFilter

restorepoints

bitte auf Scan klicken und das Log posten.

dcom13 · 18.01.2014, 21:38

sorry, wenn ich etwas falsch gemacht habe.
Hatte den Rechner ohne CD mit F8 im abgesichertern Modus gestartet. Hier ging es aber nur zum "Setup"-Fenster und der Rechner wird neu gestartet.
Danach hatte ich die CD eingelegt und bin zum Reatogo-X-PEDesktop gekommen.

die neu OTL-Datei:

Code:

ATTFilter

OTL logfile created on: 1/18/2014 10:00:39 PM - Run 
OTLPE by OldTimer - Version 3.1.48.0     Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 2 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 6.0.2800.2180)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1,015.00 Mb Total Physical Memory | 772.00 Mb Available Physical Memory | 76.00% Memory free
903.00 Mb Paging File | 840.00 Mb Available in Paging File | 93.00% Paging File free
Paging file location(s): d:\pagefile.sys 1024 1024 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 48.83 Gb Total Space | 10.31 Gb Free Space | 21.12% Space Free | Partition Type: NTFS
Drive D: | 184.05 Gb Total Space | 49.38 Gb Free Space | 26.83% Space Free | Partition Type: NTFS
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet004
 
========== Win32 Services (SafeList) ==========
 
SRV - File not found [Auto] --  -- (LckFldService)
SRV - File not found [Disabled] --  -- (HidServ)
SRV - File not found [On_Demand] --  -- (AppMgmt)
SRV - [2013/12/19 11:27:48 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/12/19 09:44:33 | 000,440,376 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2013/12/19 09:40:16 | 001,011,768 | ---- | M] (Avira Operations GmbH & Co. KG) [Disabled] -- C:\Programme\Avira\AntiVir Desktop\AVWEBGRD.EXE -- (AntiVirWebService)
SRV - [2013/12/11 16:55:37 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/12/06 09:47:20 | 001,229,528 | ---- | M] (Secunia) [Auto] -- C:\Programme\Secunia\PSI\PSIA.exe -- (Secunia PSI Agent)
SRV - [2013/12/06 09:47:20 | 000,662,232 | ---- | M] (Secunia) [Auto] -- C:\Programme\Secunia\PSI\sua.exe -- (Secunia Update Agent)
SRV - [2013/12/04 12:46:55 | 000,440,376 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2013/04/04 08:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto] -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 08:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto] -- C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/05/24 06:28:56 | 000,055,184 | ---- | M] (Apple Inc.) [Auto] -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2008/10/20 15:18:26 | 000,071,096 | ---- | M] () [Auto] -- C:\Programme\CDBurnerXP\NMSAccessU.exe -- (NMSAccessU)
SRV - [2007/06/08 10:58:52 | 000,126,976 | ---- | M] (Olivetti) [Auto] -- C:\Programme\Olivetti\ANY_WAY\olMntrService.exe -- (olMntrService)
SRV - [2006/12/14 09:00:00 | 000,544,768 | ---- | M] (Magix AG) [On_Demand] -- C:\Programme\Gemeinsame Dateien\MAGIX Shared\UPnPService\UPnPService.exe -- (UPnPService)
SRV - [2005/11/17 07:18:52 | 001,527,900 | ---- | M] (MAGIX®) [On_Demand] -- C:\Common\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
SRV - [2004/10/21 20:24:18 | 000,073,728 | ---- | M] (Macrovision Corporation) [On_Demand] -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand] --  -- (UIUSys)
DRV - File not found [Kernel | On_Demand] --  -- (rtl8139) NT-Treiber für Realtek RTL8139(A/B/C)
DRV - File not found [Kernel | Boot] --  -- (PxHelp20)
DRV - File not found [Kernel | On_Demand] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] --  -- (PDCOMP)
DRV - File not found [Kernel | System] --  -- (PCIDump)
DRV - File not found [Kernel | On_Demand] --  -- (pccsmcfd)
DRV - File not found [Kernel | System] --  -- (lbrtfdc)
DRV - File not found [Kernel | On_Demand] --  -- (Lavasoft Kernexplorer)
DRV - File not found [Kernel | System] --  -- (i2omgmt)
DRV - File not found [Kernel | On_Demand] --  -- (cpuz132)
DRV - File not found [Kernel | System] --  -- (Changer)
DRV - File not found [Kernel | On_Demand] --  -- (catchme)
DRV - [2013/12/19 09:44:43 | 000,135,648 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2013/12/19 09:44:43 | 000,090,400 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2013/12/06 09:47:12 | 000,016,024 | ---- | M] (Secunia) [File_System | On_Demand] -- C:\WINDOWS\system32\drivers\psi_mf_x86.sys -- (PSI)
DRV - [2013/12/04 12:57:45 | 000,037,352 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System] -- C:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2013/04/04 08:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012/08/27 08:50:24 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010/08/12 07:15:20 | 000,064,288 | ---- | M] (Lavasoft AB) [File_System | Boot] -- C:\WINDOWS\system32\drivers\Lbd.sys -- (Lbd)
DRV - [2009/09/10 09:58:26 | 000,021,648 | ---- | M] (OLYMPUS IMAGING CORP.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\OlyCamComm.sys -- (OlyCamComm)
DRV - [2009/03/25 07:29:52 | 000,130,432 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2008/04/04 11:34:26 | 000,014,208 | ---- | M] (MAGIX) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\disksec.sys -- (DiskSec)
DRV - [2007/05/11 06:59:20 | 000,017,536 | ---- | M] (Olivetti-Engineering SA) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\olsrvusb.sys -- (OLSVUSB)
DRV - [2006/09/12 13:27:00 | 004,381,184 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2006/02/28 07:00:00 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2004/11/11 06:00:00 | 000,010,240 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nvmpu401.sys -- (nvmpu401) Service for NVIDIA(R) nForce(TM)
DRV - [2002/10/22 09:45:42 | 000,668,160 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\sbpci.sys -- (sbpci) SB PCI Family Audio Driver (WDM)
DRV - [2002/09/06 03:54:28 | 000,010,194 | ---- | M] (Creative Technology Ltd.) [Kernel | Auto] -- C:\WINDOWS\system32\PFMODNT.SYS -- (PfModNT)
DRV - [2002/07/16 03:58:12 | 000,379,726 | ---- | M] (C-Media Inc) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\cmaudio.sys -- (cmpci) C-Media PCI Audio Driver (WDM)
DRV - [2001/08/17 06:19:34 | 000,040,704 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\es1371mp.sys -- (es1371) Creative AudioPCI (ES1371,ES1373) (WDM)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\Administrator_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\Elias_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\Eltern_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKU\Eltern_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKU\Eltern_ON_C\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com
IE - HKU\Eltern_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com
IE - HKU\Eltern_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\Jakob_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKU\Jakob_ON_C\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com
IE - HKU\Jakob_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com
IE - HKU\Jakob_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\LocalService_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snap.do/?publisher=Tuguu&dpid=Tuguu&co=DE&userid=9860d7ef-875b-4f67-8bbf-8ad46998548d&searchtype=ds&q={searchTerms}&installDate=26/04/2013
IE - HKU\LocalService_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed.snap.do/?publisher=Tuguu&dpid=Tuguu&co=DE&userid=9860d7ef-875b-4f67-8bbf-8ad46998548d&searchtype=hp&installDate=26/04/2013
IE - HKU\LocalService_ON_C\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://feed.snap.do/?publisher=Tuguu&dpid=Tuguu&co=DE&userid=9860d7ef-875b-4f67-8bbf-8ad46998548d&searchtype=ds&q={searchTerms}&installDate=26/04/2013
IE - HKU\LocalService_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://feed.snap.do/?publisher=Tuguu&dpid=Tuguu&co=DE&userid=9860d7ef-875b-4f67-8bbf-8ad46998548d&searchtype=ds&q={searchTerms}&installDate=26/04/2013
IE - HKU\LocalService_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\Lukas_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\NetworkService_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snap.do/?publisher=Tuguu&dpid=Tuguu&co=DE&userid=9860d7ef-875b-4f67-8bbf-8ad46998548d&searchtype=ds&q={searchTerms}&installDate=26/04/2013
IE - HKU\NetworkService_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed.snap.do/?publisher=Tuguu&dpid=Tuguu&co=DE&userid=9860d7ef-875b-4f67-8bbf-8ad46998548d&searchtype=hp&installDate=26/04/2013
IE - HKU\NetworkService_ON_C\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://feed.snap.do/?publisher=Tuguu&dpid=Tuguu&co=DE&userid=9860d7ef-875b-4f67-8bbf-8ad46998548d&searchtype=ds&q={searchTerms}&installDate=26/04/2013
IE - HKU\NetworkService_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://feed.snap.do/?publisher=Tuguu&dpid=Tuguu&co=DE&userid=9860d7ef-875b-4f67-8bbf-8ad46998548d&searchtype=ds&q={searchTerms}&installDate=26/04/2013
IE - HKU\NetworkService_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\Simon_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\systemprofile_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: D:\SICHERUNG\Lukas Ordner\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0:  
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Programme\Java\jre7\bin\dtplugin\npdeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin:  File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.69: C:\Programme\K-Lite Codec Pack\Real\Browser\Plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Programme\K-Lite Codec Pack\Real\Browser\Plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=8:  
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Programme\Mozilla Firefox\components [2013/12/21 15:32:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2013/12/21 15:32:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 24.2.0\extensions\\Components: C:\Programme\Mozilla Thunderbird\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 24.2.0\extensions\\Plugins: C:\Programme\Mozilla Thunderbird\plugins
 
[2013/12/19 11:13:31 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2013/12/19 12:45:51 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\browser\extensions
[2013/12/19 12:45:51 | 000,000,000 | ---D | M] (Default) -- C:\Programme\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
O1 HOSTS File: ([2013/12/14 09:07:28 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKU\Elias_ON_C..\Run: [RDReminder]  File not found
O4 - HKU\Jakob_ON_C..\RunOnce: [TSClientAXDisabler] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
O4 - HKU\Jakob_ON_C..\RunOnce: [TSClientMSIUninstaller] C:\WINDOWS\System32\cmd.exe (Microsoft Corporation)
O4 - Startup: C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Autostart\Secunia PSI Tray.lnk = C:\Programme\Secunia\PSI\psi_tray.exe (Secunia)
O4 - Startup: C:\Dokumente und Einstellungen\Eltern\Startmenü\Programme\Autostart\Dropbox.lnk =  File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSharedDocuments = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoInternetOpenWith = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSharedDocuments = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 1
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSharedDocuments = 1
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\Elias_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKU\Elias_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 1
O7 - HKU\Elias_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSharedDocuments = 1
O7 - HKU\Elias_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\Eltern_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKU\Eltern_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 1
O7 - HKU\Eltern_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSharedDocuments = 1
O7 - HKU\Eltern_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\Eltern_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0
O7 - HKU\Jakob_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\Jakob_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 1
O7 - HKU\Jakob_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSharedDocuments = 1
O7 - HKU\Jakob_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\Jakob_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 67108863
O7 - HKU\Jakob_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 1
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSharedDocuments = 1
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\Lukas_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKU\Lukas_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 1
O7 - HKU\Lukas_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSharedDocuments = 1
O7 - HKU\Lukas_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 1
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSharedDocuments = 1
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\Simon_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKU\Simon_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 1
O7 - HKU\Simon_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSharedDocuments = 1
O7 - HKU\Simon_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\systemprofile_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKU\systemprofile_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 1
O7 - HKU\systemprofile_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSharedDocuments = 1
O7 - HKU\systemprofile_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - Reg Error: Value error. File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O12 - Plugin for: .UVR - C:\Programme\Internet Explorer\Plugins\NPUPano.dll (Ulead Systems, Inc.)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1387471123250 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_45-windows-i586.cab (Java Plug-in 10.45.2)
O16 - DPF: {CAFEEFAC-0017-0000-0045-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_45-windows-i586.cab (Java Plug-in 1.7.0_45)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_45-windows-i586.cab (Java Plug-in 1.7.0_45)
O18 - Protocol\Handler\haufereader {39198710-62F7-42CD-9458-069843FA5D32} - C:\Programme\Haufe\HaufeReader\HRInstmon.dll (Haufe Mediengruppe)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/01/20 10:46:41 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/01/18 21:48:09 | 000,000,000 | ---D | C] -- C:\Driver_Win98
[2014/01/13 21:03:09 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/12/25 12:39:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\All Users
[2013/12/25 12:26:43 | 000,000,000 | ---D | C] -- C:\Programme\Messenger
[2013/12/25 12:26:42 | 000,377,984 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2dvaa.dll
[2013/12/25 12:26:42 | 000,229,376 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2cqag.dll
[2013/12/25 12:26:42 | 000,201,728 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ati2dvag.dll
[2013/12/25 12:26:41 | 001,888,992 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ati3duag.dll
[2013/12/25 12:26:41 | 001,737,856 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\mtxparhd.dll
[2013/12/25 12:26:41 | 000,870,784 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ati3d1ag.dll
[2013/12/25 12:26:41 | 000,516,768 | ---- | C] (ATI Technologies Inc. ) -- C:\WINDOWS\System32\ativvaxx.dll
[2013/12/25 12:26:41 | 000,086,016 | ---- | C] (Conexant) -- C:\WINDOWS\System32\mdmxsdk.dll
[2013/12/25 12:26:41 | 000,032,768 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativtmxx.dll
[2013/12/25 12:26:41 | 000,032,285 | ---- | C] (Conexant Systems, Inc.) -- C:\WINDOWS\System32\hsfcisp2.dll
[2013/12/25 12:26:41 | 000,023,040 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativmvxx.ax
[2013/12/25 12:26:41 | 000,009,728 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\ativdaxx.ax
[2013/12/25 12:26:40 | 004,274,816 | ---- | C] (NVIDIA Corporation) -- C:\WINDOWS\System32\nv4_disp.dll
[2013/12/25 12:26:40 | 000,397,056 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\s3gnb.dll
[2013/12/25 12:26:40 | 000,286,792 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slextspk.dll
[2013/12/25 12:26:40 | 000,188,508 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slgen.dll
[2013/12/25 12:26:40 | 000,073,832 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slcoinst.dll
[2013/12/25 12:26:40 | 000,073,796 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slserv.exe
[2013/12/25 12:26:40 | 000,032,866 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\slrundll.exe
[2013/12/25 12:26:40 | 000,032,866 | ---- | C] (Smart Link) -- C:\WINDOWS\slrundll.exe
[2013/12/25 12:26:40 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\vidcap.ax
[2013/12/25 12:26:38 | 000,000,000 | ---D | C] -- C:\Programme\msn
[2013/12/25 12:26:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2013/12/25 12:22:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2013/12/25 12:22:29 | 000,004,255 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv01nt5.dll
[2013/12/25 12:22:29 | 000,003,967 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv02nt5.dll
[2013/12/25 12:22:29 | 000,003,647 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv07nt5.dll
[2013/12/25 12:22:29 | 000,003,615 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv05nt5.dll
[2013/12/25 12:22:29 | 000,003,135 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv08nt5.dll
[2013/12/25 12:22:28 | 000,063,663 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1rvxx.sys
[2013/12/25 12:22:28 | 000,056,623 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1btxx.sys
[2013/12/25 12:22:28 | 000,030,671 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1raxx.sys
[2013/12/25 12:22:28 | 000,012,047 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1pdxx.sys
[2013/12/25 12:22:28 | 000,011,615 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1mdxx.sys
[2013/12/25 12:22:28 | 000,003,775 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv11nt5.dll
[2013/12/25 12:22:28 | 000,003,711 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\adv09nt5.dll
[2013/12/25 12:22:27 | 000,701,952 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtag.sys
[2013/12/25 12:22:27 | 000,327,168 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati2mtaa.sys
[2013/12/25 12:22:27 | 000,104,960 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinrvxx.sys
[2013/12/25 12:22:27 | 000,057,856 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinbtxx.sys
[2013/12/25 12:22:27 | 000,052,224 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinraxx.sys
[2013/12/25 12:22:27 | 000,036,463 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1tuxx.sys
[2013/12/25 12:22:27 | 000,034,735 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xsxx.sys
[2013/12/25 12:22:27 | 000,029,455 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1xbxx.sys
[2013/12/25 12:22:27 | 000,026,367 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1snxx.sys
[2013/12/25 12:22:27 | 000,021,343 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\ati1ttxx.sys
[2013/12/25 12:22:27 | 000,014,336 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinpdxx.sys
[2013/12/25 12:22:27 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinmdxx.sys
[2013/12/25 12:22:26 | 000,073,216 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atintuxx.sys
[2013/12/25 12:22:26 | 000,063,488 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxsxx.sys
[2013/12/25 12:22:26 | 000,031,744 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinxbxx.sys
[2013/12/25 12:22:26 | 000,028,672 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinsnxx.sys
[2013/12/25 12:22:26 | 000,025,471 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv04nt5.dll
[2013/12/25 12:22:26 | 000,021,183 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv01nt5.dll
[2013/12/25 12:22:26 | 000,017,279 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv10nt5.dll
[2013/12/25 12:22:26 | 000,014,143 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv06nt5.dll
[2013/12/25 12:22:26 | 000,013,824 | ---- | C] (ATI Technologies Inc.) -- C:\WINDOWS\System32\drivers\atinttxx.sys
[2013/12/25 12:22:26 | 000,011,359 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\atv02nt5.dll
[2013/12/25 12:22:25 | 000,015,423 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\ch7xxnt5.dll
[2013/12/25 12:22:23 | 001,309,184 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlstrm.sys
[2013/12/25 12:22:23 | 000,452,736 | ---- | C] (Matrox Graphics Inc.) -- C:\WINDOWS\System32\drivers\mtxparhm.sys
[2013/12/25 12:22:23 | 000,126,686 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\mtlmnt5.sys
[2013/12/25 12:22:23 | 000,012,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mutohpen.sys
[2013/12/25 12:22:22 | 000,180,360 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\ntmtlfax.sys
[2013/12/25 12:22:22 | 000,030,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rndismpx.sys
[2013/12/25 12:22:22 | 000,013,776 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\recagent.sys
[2013/12/25 12:22:21 | 000,404,990 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slntamr.sys
[2013/12/25 12:22:21 | 000,166,912 | ---- | C] (S3 Graphics, Inc.) -- C:\WINDOWS\System32\drivers\s3gnbm.sys
[2013/12/25 12:22:21 | 000,129,535 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnt7554.sys
[2013/12/25 12:22:21 | 000,095,424 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slnthal.sys
[2013/12/25 12:22:21 | 000,013,240 | ---- | C] (Smart Link) -- C:\WINDOWS\System32\drivers\slwdmsup.sys
[2013/12/25 12:22:21 | 000,011,325 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\vchnt5.dll
[2013/12/25 12:22:21 | 000,003,901 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\siint5.dll
[2013/12/25 12:22:20 | 000,025,471 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\watv10nt.sys
[2013/12/25 12:22:20 | 000,022,271 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\watv06nt.sys
[2013/12/25 12:22:20 | 000,011,935 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv11nt.sys
[2013/12/25 12:22:20 | 000,011,871 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv09nt.sys
[2013/12/25 12:22:20 | 000,011,807 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv07nt.sys
[2013/12/25 12:22:20 | 000,011,295 | ---- | C] (Intel(R) Corporation) -- C:\WINDOWS\System32\drivers\wadv08nt.sys
[2013/12/25 12:20:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\EHome
[2013/12/21 15:31:58 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\QuickTime
[2013/12/21 15:31:44 | 000,000,000 | ---D | C] -- C:\Programme\QuickTime
[2013/12/21 12:03:48 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Jakob\Lokale Einstellungen\Anwendungsdaten\Secunia PSI
[2013/12/21 12:03:24 | 000,000,000 | ---D | C] -- C:\Programme\Secunia
[2013/12/20 10:18:05 | 000,275,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll
[2013/12/20 10:18:05 | 000,018,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\mucltui.dll.mui
[2013/12/20 06:59:41 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\Eltern\IETldCache
[2010/12/06 17:09:55 | 003,171,208 | ---- | C] (Piriform Ltd) -- C:\Programme\ccsetup216.exe
[2009/07/27 15:05:48 | 000,494,520 | ---- | C] (MAGIX AG) -- C:\Programme\addoninstall.exe
[2009/07/27 15:05:48 | 000,202,208 | ---- | C] (MAGIX AG) -- C:\Programme\reinstall3rdParty.exe
[2009/07/27 15:05:46 | 000,431,376 | ---- | C] (Microsoft Corporation) -- C:\Programme\riched20.dll
[2009/07/27 15:05:46 | 000,315,392 | ---- | C] (MAGIX AG) -- C:\Programme\eModeUpgradeDlg.dll
[2009/07/27 15:05:46 | 000,024,576 | ---- | C] (Magix AG) -- C:\Programme\Validation.exe
[2009/07/27 15:05:24 | 000,189,920 | ---- | C] (MAGIX AG) -- C:\Programme\instslct.exe
[2009/07/27 15:05:24 | 000,185,824 | ---- | C] (MAGIX AG) -- C:\Programme\unwise.exe
[2009/07/27 15:05:24 | 000,087,520 | ---- | C] (MAGIX AG) -- C:\Programme\unwise.adf
[2009/07/27 15:05:24 | 000,034,304 | ---- | C] (MAGIX) -- C:\Programme\CDBurnProfiler.exe
[2009/07/27 15:05:15 | 000,237,568 | ---- | C] (MAGIX Development) -- C:\Programme\MxAutoUpdate.dll
[2009/07/27 15:05:14 | 000,094,208 | ---- | C] (MAGIX AG) -- C:\Programme\MagixOFA-ger.dll
[2009/07/27 15:05:13 | 009,736,192 | ---- | C] (MAGIX AG) -- C:\Programme\CleaningLab.exe
[2009/07/27 15:05:13 | 000,806,912 | ---- | C] (MAGIX AG) -- C:\Programme\AudioIDMng.dll
[2009/07/27 15:04:57 | 000,884,736 | ---- | C] (MAGIX AG) -- C:\Programme\MXTLC.dll
[2009/07/27 15:04:57 | 000,182,752 | ---- | C] (Microsoft Corporation) -- C:\Programme\URLMON.DLL
[2009/07/27 15:04:57 | 000,094,208 | ---- | C] ( ) -- C:\Programme\UNZDLL.DLL
[2009/07/27 15:04:56 | 000,770,048 | ---- | C] (MAGIX AG) -- C:\Programme\MagixOFA.dll
[2009/07/27 15:04:56 | 000,137,728 | ---- | C] (Intel Corporation) -- C:\Programme\IJL10.DLL
[2009/07/27 15:04:56 | 000,131,072 | ---- | C] (CASH) -- C:\Programme\Dac32.dll
[2009/07/27 15:04:56 | 000,045,056 | ---- | C] (Algorithmix GmbH) -- C:\Programme\Dscr.dll
[2009/07/27 15:04:56 | 000,040,960 | ---- | C] (Magix Development) -- C:\Programme\HHVREND2.AX
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2014/01/17 15:55:04 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014/01/17 15:54:24 | 000,207,304 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2014/01/09 16:07:59 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2014/01/09 16:06:48 | 000,000,318 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2013/12/26 07:35:10 | 000,000,448 | ---- | M] () -- C:\WINDOWS\tasks\PCCT - MAGIX AG.job
[2013/12/25 12:37:49 | 000,002,422 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/12/25 12:27:01 | 000,000,000 | R--D | M] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Zubehör
[2013/12/25 11:55:15 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/12/22 08:55:48 | 000,000,390 | ---- | M] () -- C:\Dokumente und Einstellungen\Eltern\Desktop\iTunes.lnk
[2013/12/22 08:39:46 | 000,001,505 | ---- | M] () -- C:\Dokumente und Einstellungen\Eltern\Desktop\Rechner.lnk
[2013/12/21 15:31:58 | 000,001,603 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop\QuickTime Player.lnk
[2013/12/21 15:31:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\QuickTime
[2013/12/21 14:10:02 | 000,288,911 | ---- | M] () -- C:\Dokumente und Einstellungen\Jakob\Desktop\Secunia - Internet Explorer.odt
[2013/12/21 12:03:33 | 000,000,744 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Autostart\Secunia PSI Tray.lnk
[2013/12/21 12:03:33 | 000,000,707 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Secunia PSI.lnk
[2013/12/21 12:03:33 | 000,000,000 | R--D | M] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Autostart
[2013/12/20 10:32:18 | 000,001,058 | ---- | M] () -- C:\Dokumente und Einstellungen\Eltern\Startmenü\Programme\Autostart\Dropbox.lnk
[2013/12/20 10:31:54 | 000,001,052 | ---- | M] () -- C:\Dokumente und Einstellungen\Eltern\Desktop\Dropbox.lnk
[2013/12/20 06:59:45 | 000,000,814 | ---- | M] () -- C:\Dokumente und Einstellungen\Eltern\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\Internet Explorer Browser starten.lnk
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013/12/25 12:22:26 | 000,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod
[2013/12/25 12:22:25 | 000,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty
[2013/12/25 12:22:23 | 000,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img
[2013/12/22 08:55:48 | 000,000,390 | ---- | C] () -- C:\Dokumente und Einstellungen\Eltern\Desktop\iTunes.lnk
[2013/12/21 15:31:58 | 000,001,603 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Desktop\QuickTime Player.lnk
[2013/12/21 14:10:00 | 000,288,911 | ---- | C] () -- C:\Dokumente und Einstellungen\Jakob\Desktop\Secunia - Internet Explorer.odt
[2013/12/21 12:03:33 | 000,000,744 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Autostart\Secunia PSI Tray.lnk
[2013/12/21 12:03:33 | 000,000,707 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Startmenü\Programme\Secunia PSI.lnk
[2013/12/14 08:43:29 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2013/12/14 08:43:29 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2013/12/14 08:43:29 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2013/12/14 08:43:29 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2013/12/14 08:43:29 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2013/10/16 05:07:42 | 000,000,004 | ---- | C] () -- C:\Dokumente und Einstellungen\Eltern\Anwendungsdaten\settings.ini
[2013/10/08 16:50:37 | 000,002,494 | ---- | C] () -- C:\WINDOWS\System32\ASOROSet.bin
[2013/05/06 18:09:09 | 000,000,004 | ---- | C] () -- C:\Dokumente und Einstellungen\Eltern\Anwendungsdaten\skype.ini
[2013/01/27 11:56:42 | 000,005,632 | ---- | C] () -- C:\Dokumente und Einstellungen\Jakob\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/10/18 16:07:07 | 000,000,046 | ---- | C] () -- C:\WINDOWS\PCCT.INI
[2012/10/18 13:20:02 | 000,000,256 | ---- | C] () -- C:\WINDOWS\System32\pool.bin
[2012/08/14 14:07:42 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\CMedia.dll
[2012/08/14 14:07:42 | 000,077,824 | ---- | C] () -- C:\WINDOWS\CMedia.dll
[2012/08/14 14:07:42 | 000,049,152 | ---- | C] () -- C:\WINDOWS\c38uinst.exe
[2012/08/14 14:07:15 | 000,000,068 | ---- | C] () -- C:\WINDOWS\CMISETUP.INI
[2011/11/29 10:38:12 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll
[2011/11/29 10:38:12 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll
[2011/11/29 10:38:12 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll
[2011/11/29 10:38:12 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll
[2011/08/04 01:24:34 | 000,000,025 | ---- | C] () -- C:\WINDOWS\mixerdef.ini
[2011/08/03 16:06:19 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4926.dll
[2011/08/03 15:51:21 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
[2011/08/03 15:18:50 | 000,036,924 | ---- | C] () -- C:\WINDOWS\cmijack.dat
[2011/08/03 15:18:50 | 000,020,333 | ---- | C] () -- C:\WINDOWS\cmaudio.ini
[2011/08/03 15:18:50 | 000,020,333 | ---- | C] () -- C:\WINDOWS\cmaudio.dat
[2011/08/01 15:36:50 | 000,120,200 | ---- | C] () -- C:\WINDOWS\System32\DLLDEV32i.dll
[2011/07/13 09:49:53 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2011/05/11 15:16:07 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\rp_stats.dat
[2011/05/11 15:16:07 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\rp_rules.dat
[2011/04/11 16:26:26 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\unredmon.exe
[2011/04/11 16:26:25 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\redmonnt.dll
[2010/11/29 17:47:25 | 000,000,016 | -H-- | C] () -- C:\Dokumente und Einstellungen\Eltern\Anwendungsdaten\mxfilerelatedcache.mxc2
[2010/11/29 17:47:09 | 000,000,016 | -H-- | C] () -- C:\Dokumente und Einstellungen\Simon\mxfilerelatedcache.mxc2
[2010/11/29 17:47:09 | 000,000,016 | -H-- | C] () -- C:\Dokumente und Einstellungen\Lukas\mxfilerelatedcache.mxc2
[2010/11/29 17:47:09 | 000,000,016 | -H-- | C] () -- C:\Dokumente und Einstellungen\Jakob\mxfilerelatedcache.mxc2
[2010/11/29 17:47:09 | 000,000,016 | -H-- | C] () -- C:\Dokumente und Einstellungen\Eltern\mxfilerelatedcache.mxc2
[2010/11/29 17:47:09 | 000,000,016 | -H-- | C] () -- C:\Dokumente und Einstellungen\Elias\mxfilerelatedcache.mxc2
[2010/09/05 08:35:49 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2010/02/14 06:44:21 | 000,000,000 | ---- | C] () -- C:\WINDOWS\MusicEditor.INI
[2009/12/27 07:06:03 | 000,000,016 | -H-- | C] () -- C:\Programme\mxfilerelatedcache.mxc2
[2009/10/30 08:59:35 | 000,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2009/09/21 15:53:13 | 006,229,313 | ---- | C] () -- C:\Programme\pfsetup8.exe
[2009/09/19 04:32:16 | 000,036,824 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2009/09/18 03:45:55 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009/08/28 08:53:16 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll
[2009/08/28 08:53:16 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll
[2009/08/28 08:53:16 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll
[2009/07/27 15:40:53 | 000,000,000 | ---- | C] () -- C:\WINDOWS\CleaningLab.INI
[2009/07/27 15:13:17 | 000,000,493 | ---- | C] () -- C:\Programme\crm.dat
[2009/07/27 15:12:44 | 000,010,129 | ---- | C] () -- C:\Programme\CleaningLab.ini
[2009/07/27 15:12:44 | 000,000,092 | ---- | C] () -- C:\Programme\CleaningLab_TB.ini
[2009/07/27 15:05:48 | 000,000,896 | ---- | C] () -- C:\Programme\reinstall3rdParty.ini
[2009/07/27 15:05:46 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll
[2009/07/27 15:05:46 | 000,000,142 | ---- | C] () -- C:\Programme\Validation.ini
[2009/07/27 15:05:45 | 000,786,305 | ---- | C] () -- C:\Programme\MAGIX Creation Logo.pdf
[2009/07/27 15:05:24 | 000,016,460 | ---- | C] () -- C:\Programme\support.rtf
[2009/07/27 15:05:24 | 000,015,338 | ---- | C] () -- C:\Programme\order.rtf
[2009/07/27 15:05:24 | 000,006,034 | ---- | C] () -- C:\Programme\uninstall.ini
[2009/07/27 15:05:24 | 000,002,778 | ---- | C] () -- C:\Programme\register.rtf
[2009/07/27 15:05:24 | 000,000,739 | ---- | C] () -- C:\Programme\unwise.ini
[2009/07/27 15:05:15 | 000,001,853 | ---- | C] () -- C:\Programme\mp3encoder_upgrade.rtf
[2009/07/27 15:05:14 | 003,264,259 | ---- | C] () -- C:\Programme\manual.pdf
[2009/07/27 15:05:14 | 000,217,088 | ---- | C] () -- C:\Programme\FreeDB_IT.dll
[2009/07/27 15:05:14 | 000,217,088 | ---- | C] () -- C:\Programme\FreeDB_FR.dll
[2009/07/27 15:05:14 | 000,217,088 | ---- | C] () -- C:\Programme\FreeDB_ES.dll
[2009/07/27 15:05:14 | 000,217,088 | ---- | C] () -- C:\Programme\FreeDB_D.dll
[2009/07/27 15:05:14 | 000,212,992 | ---- | C] () -- C:\Programme\FreeDB_NL.dll
[2009/07/27 15:05:14 | 000,212,992 | ---- | C] () -- C:\Programme\FreeDB_E.dll
[2009/07/27 15:05:14 | 000,176,128 | ---- | C] () -- C:\Programme\MagixRestart.exe
[2009/07/27 15:05:14 | 000,002,414 | ---- | C] () -- C:\Programme\Install.cfg
[2009/07/27 15:05:13 | 001,118,350 | ---- | C] () -- C:\Programme\CleaningLab.chm
[2009/07/27 15:05:13 | 000,028,672 | ---- | C] () -- C:\Programme\explore.exe
[2009/07/27 15:05:13 | 000,002,839 | ---- | C] () -- C:\Programme\AACencoder_upgrade.rtf
[2009/07/27 15:04:57 | 000,205,824 | ---- | C] () -- C:\Programme\mpeg2.dll
[2009/07/27 15:04:57 | 000,151,552 | ---- | C] () -- C:\Programme\OggDS.dll
[2009/07/27 15:04:57 | 000,055,808 | ---- | C] () -- C:\Programme\MP3UTIL.DLL
[2009/07/27 15:04:57 | 000,008,927 | ---- | C] () -- C:\Programme\pframe.bin
[2009/07/27 15:04:56 | 000,442,368 | ---- | C] () -- C:\Programme\MFL.dll
[2009/07/27 15:04:56 | 000,254,464 | ---- | C] () -- C:\Programme\mdabase.dll
[2009/07/27 15:04:56 | 000,001,462 | ---- | C] () -- C:\Programme\DxPlugins.ini
[2009/07/27 15:03:35 | 000,006,642 | ---- | C] () -- C:\WINDOWS\mgxoschk.ini
[2009/06/24 16:29:23 | 000,000,070 | ---- | C] () -- C:\WINDOWS\pex.INI
[2009/06/24 15:06:35 | 000,000,320 | ---- | C] () -- C:\WINDOWS\ulead32.ini
[2009/06/20 06:26:57 | 000,003,286 | ---- | C] () -- C:\Dokumente und Einstellungen\Eltern\.recently-used.xbel
[2009/05/01 13:28:07 | 000,001,387 | ---- | C] () -- C:\WINDOWS\disney.ini
[2009/04/29 02:30:15 | 000,193,536 | ---- | C] () -- C:\Dokumente und Einstellungen\Eltern\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/02/10 17:03:53 | 000,000,139 | ---- | C] () -- C:\Dokumente und Einstellungen\Eltern\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2009/02/10 17:01:33 | 000,278,583 | ---- | C] () -- C:\WINDOWS\System32\dnt27.dll
[2009/02/10 17:01:33 | 000,077,882 | ---- | C] () -- C:\WINDOWS\System32\dntvmc27.dll
[2009/02/10 17:01:33 | 000,073,785 | ---- | C] () -- C:\WINDOWS\System32\dntvm27.dll
[2009/02/10 17:00:47 | 000,001,126 | ---- | C] () -- C:\WINDOWS\QUICKEN.INI
[2009/02/10 17:00:47 | 000,000,052 | ---- | C] () -- C:\WINDOWS\Intuprof.ini
[2009/01/26 15:37:10 | 000,000,404 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI
[2009/01/26 15:32:05 | 000,002,698 | ---- | C] () -- C:\WINDOWS\System32\44wiaUiStr.bin
[2009/01/24 13:18:03 | 000,001,946 | ---- | C] () -- C:\WINDOWS\eReg.dat
[2009/01/22 09:02:44 | 000,003,680 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2009/01/21 04:56:05 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\igfxCoIn_v4764.dll
[2009/01/21 04:54:30 | 000,143,360 | R--- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2009/01/21 04:54:30 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2009/01/21 04:47:38 | 005,767,168 | -H-- | C] () -- C:\Dokumente und Einstellungen\Lukas\NTUSER.bak
[2009/01/21 04:44:41 | 006,029,312 | -H-- | C] () -- C:\Dokumente und Einstellungen\Jakob\NTUSER.bak
[2009/01/20 11:13:12 | 000,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009/01/20 11:13:12 | 000,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini
[2009/01/20 11:13:10 | 000,755,027 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009/01/20 11:13:10 | 000,159,839 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009/01/20 11:13:08 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009/01/20 10:55:24 | 005,767,168 | -H-- | C] () -- C:\Dokumente und Einstellungen\Elias\NTUSER.bak
[2009/01/20 10:51:23 | 011,796,480 | ---- | C] () -- C:\Dokumente und Einstellungen\Eltern\NTUSER.bak
[2009/01/20 10:50:39 | 000,245,760 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\NTUSER.bak
[2009/01/20 10:50:36 | 000,245,760 | ---- | C] () -- C:\Dokumente und Einstellungen\NetworkService\NTUSER.bak
[2009/01/20 10:49:18 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009/01/20 10:44:22 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009/01/20 10:34:24 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009/01/20 10:33:13 | 000,207,304 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2006/02/28 07:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2006/02/28 07:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2006/02/28 07:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2006/02/28 07:00:00 | 000,269,480 | ---- | C] () -- C:\WINDOWS\System32\perfi007.dat
[2006/02/28 07:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2006/02/28 07:00:00 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll
[2006/02/28 07:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2006/02/28 07:00:00 | 000,034,478 | ---- | C] () -- C:\WINDOWS\System32\perfd007.dat
[2006/02/28 07:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2006/02/28 07:00:00 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys
[2006/02/28 07:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2006/02/28 07:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2006/02/28 07:00:00 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2005/11/16 06:27:02 | 000,008,636 | ---- | C] () -- C:\WINDOWS\System32\modifype.exe
[2005/03/24 07:18:04 | 000,491,077 | ---- | C] () -- C:\WINDOWS\System32\QCONNECT.DLL
[2004/11/11 07:00:00 | 000,452,400 | ---- | C] () -- C:\WINDOWS\System32\perfh007.dat
[2004/11/11 07:00:00 | 000,435,140 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/11/11 07:00:00 | 000,082,570 | ---- | C] () -- C:\WINDOWS\System32\perfc007.dat
[2004/11/11 07:00:00 | 000,069,320 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/11/11 07:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/05/08 10:00:00 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\SecoCrypt32.DLL
[2001/05/24 04:20:38 | 000,544,256 | ---- | C] () -- C:\WINDOWS\System32\janGraphics.dll
[2000/06/27 19:00:00 | 000,124,416 | ---- | C] () -- C:\WINDOWS\System32\dXCtrls.dll
[1999/12/06 09:31:22 | 000,017,920 | ---- | C] () -- C:\WINDOWS\System32\IMPLODE.DLL
[1999/09/21 18:03:54 | 000,100,352 | ---- | C] () -- C:\WINDOWS\System32\PG32CONV.DLL
[1999/01/27 17:54:31 | 000,102,400 | ---- | C] () -- C:\Programme\Rn5b3241.dll
[1997/06/14 02:56:08 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\iyvu9_32.dll
 
========== LOP Check ==========
 
[2009/01/20 11:09:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Elias\Anwendungsdaten\Thunderbird
[2012/03/25 07:53:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Eltern\Anwendungsdaten\788C8
[2012/05/23 04:24:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Eltern\Anwendungsdaten\Amazon
[2009/02/08 13:24:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Eltern\Anwendungsdaten\Canneverbe_Limited
[2009/02/10 17:07:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Eltern\Anwendungsdaten\DataDesign
[2013/12/25 11:50:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Eltern\Anwendungsdaten\Dropbox
[2012/09/17 09:35:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Eltern\Anwendungsdaten\DVDVideoSoft
[2012/03/03 05:50:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Eltern\Anwendungsdaten\e-academy Inc
[2011/08/03 14:58:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Eltern\Anwendungsdaten\Easeware
[2009/06/20 06:26:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Eltern\Anwendungsdaten\gtk-2.0
[2013/06/27 11:29:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Eltern\Anwendungsdaten\Hybafu
[2009/06/29 08:54:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Eltern\Anwendungsdaten\Leadertech
[2011/08/01 15:50:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Eltern\Anwendungsdaten\MAGIX
[2010/05/03 11:41:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Eltern\Anwendungsdaten\MatchWare
[2009/01/26 10:51:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Eltern\Anwendungsdaten\OpenOffice.org
[2012/06/03 09:22:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Eltern\Anwendungsdaten\Opera
[2012/05/20 04:21:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Eltern\Anwendungsdaten\PC Suite
[2009/03/16 11:14:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Eltern\Anwendungsdaten\Phase6
[2012/06/08 08:40:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Eltern\Anwendungsdaten\Philipp Winterberg
[2012/10/18 13:19:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Eltern\Anwendungsdaten\Research In Motion
[2012/05/01 02:13:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Eltern\Anwendungsdaten\Saaz
[2011/12/21 10:15:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Eltern\Anwendungsdaten\Samsung
[2009/01/26 15:37:09 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Eltern\Anwendungsdaten\ScanSoft
[2012/06/03 09:20:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Eltern\Anwendungsdaten\TeamViewer
[2009/07/15 06:02:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Eltern\Anwendungsdaten\temp
[2012/10/15 04:18:23 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Eltern\Anwendungsdaten\Thunderbird
[2013/10/03 02:53:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Eltern\Anwendungsdaten\Ulead Systems
[2012/09/18 14:10:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Eltern\Anwendungsdaten\Uniblue
[2011/09/26 05:43:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Eltern\Anwendungsdaten\XMedia Recode
[2013/06/26 17:04:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Eltern\Anwendungsdaten\Xydyx
[2013/06/24 17:21:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Eltern\Anwendungsdaten\Yzyf
[2013/11/13 16:06:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jakob\Anwendungsdaten\Dropbox
[2013/04/18 16:45:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jakob\Anwendungsdaten\DVDVideoSoft
[2013/01/27 05:59:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jakob\Anwendungsdaten\MAGIX
[2009/02/14 03:31:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jakob\Anwendungsdaten\OpenOffice.org
[2009/05/20 05:53:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jakob\Anwendungsdaten\Phase6
[2009/02/18 04:01:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jakob\Anwendungsdaten\temp
[2013/12/19 11:26:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Jakob\Anwendungsdaten\Thunderbird
[2009/01/22 07:29:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lukas\Anwendungsdaten\OpenOffice.org
[2009/01/27 08:00:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lukas\Anwendungsdaten\temp
[2009/01/21 04:48:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Lukas\Anwendungsdaten\Thunderbird
[2009/01/20 11:10:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Simon\Anwendungsdaten\Thunderbird
[2013/05/17 11:48:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\789135DF91D28AC600007890BD528E80
[2011/04/11 16:29:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\FreePDF
[2011/08/01 15:38:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\MAGIX
[2010/12/25 09:03:23 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\OLYMPUS
[2011/03/13 12:30:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\Phase6
[2012/05/08 15:11:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\Samsung
[2009/01/26 15:37:09 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\ScanSoft
[2009/06/24 15:02:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\Ulead Systems
[2010/07/01 10:48:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/09/13 05:35:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/09/04 08:43:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users.WINDOWS\Anwendungsdaten\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2012/09/12 08:20:58 | 000,000,392 | ---- | M] () -- C:\WINDOWS\Tasks\DriverEasy Scheduled Scan.job
[2013/12/26 07:35:10 | 000,000,448 | ---- | M] () -- C:\WINDOWS\Tasks\PCCT - MAGIX AG.job
[2013/12/25 12:38:54 | 000,032,544 | ---- | M] () -- C:\WINDOWS\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
 
 
========== Restore Points Found ==========
[2013/12/25 12:21:08 | 000,000,000 | ---D | M] -- C:\System Volume Information\_restore{53E80B9F-E0B1-4E1D-AAE1-68A20CD48EEA}\RP165\snapshot
[2013/12/22 14:22:21 | 000,000,000 | ---D | M] -- C:\System Volume Information\_restore{53E80B9F-E0B1-4E1D-AAE1-68A20CD48EEA}\RP164\snapshot
[2013/12/21 13:29:24 | 000,000,000 | ---D | M] -- C:\System Volume Information\_restore{53E80B9F-E0B1-4E1D-AAE1-68A20CD48EEA}\RP163\snapshot
[2013/12/20 10:37:17 | 000,000,000 | ---D | M] -- C:\System Volume Information\_restore{53E80B9F-E0B1-4E1D-AAE1-68A20CD48EEA}\RP162\snapshot
[2013/12/19 15:14:37 | 000,000,000 | ---D | M] -- C:\System Volume Information\_restore{53E80B9F-E0B1-4E1D-AAE1-68A20CD48EEA}\RP161\snapshot
[2013/12/19 13:31:27 | 000,000,000 | ---D | M] -- C:\System Volume Information\_restore{53E80B9F-E0B1-4E1D-AAE1-68A20CD48EEA}\RP160\snapshot
[2013/12/19 13:30:21 | 000,000,000 | ---D | M] -- C:\System Volume Information\_restore{53E80B9F-E0B1-4E1D-AAE1-68A20CD48EEA}\RP159\snapshot
[2013/12/19 11:42:39 | 000,000,000 | ---D | M] -- C:\System Volume Information\_restore{53E80B9F-E0B1-4E1D-AAE1-68A20CD48EEA}\RP158\snapshot
[2013/12/19 11:13:18 | 000,000,000 | ---D | M] -- C:\System Volume Information\_restore{53E80B9F-E0B1-4E1D-AAE1-68A20CD48EEA}\RP157\snapshot
[2013/12/19 11:00:59 | 000,000,000 | ---D | M] -- C:\System Volume Information\_restore{53E80B9F-E0B1-4E1D-AAE1-68A20CD48EEA}\RP156\snapshot
[2013/12/19 10:49:29 | 000,000,000 | ---D | M] -- C:\System Volume Information\_restore{53E80B9F-E0B1-4E1D-AAE1-68A20CD48EEA}\RP155\snapshot
[2013/12/19 10:49:10 | 000,000,000 | ---D | M] -- C:\System Volume Information\_restore{53E80B9F-E0B1-4E1D-AAE1-68A20CD48EEA}\RP154\snapshot
[2013/12/19 10:47:22 | 000,000,000 | ---D | M] -- C:\System Volume Information\_restore{53E80B9F-E0B1-4E1D-AAE1-68A20CD48EEA}\RP153\snapshot
[2013/12/19 10:17:54 | 000,000,000 | ---D | M] -- C:\System Volume Information\_restore{53E80B9F-E0B1-4E1D-AAE1-68A20CD48EEA}\RP152\snapshot
[2013/12/15 14:35:58 | 000,000,000 | ---D | M] -- C:\System Volume Information\_restore{53E80B9F-E0B1-4E1D-AAE1-68A20CD48EEA}\RP151\snapshot
[2013/12/14 12:24:33 | 000,000,000 | ---D | M] -- C:\System Volume Information\_restore{53E80B9F-E0B1-4E1D-AAE1-68A20CD48EEA}\RP150\snapshot
[2013/12/13 10:00:18 | 000,000,000 | ---D | M] -- C:\System Volume Information\_restore{53E80B9F-E0B1-4E1D-AAE1-68A20CD48EEA}\RP149\snapshot
[2013/12/12 17:04:28 | 000,000,000 | ---D | M] -- C:\System Volume Information\_restore{53E80B9F-E0B1-4E1D-AAE1-68A20CD48EEA}\RP148\snapshot
[2013/12/11 16:39:03 | 000,000,000 | ---D | M] -- C:\System Volume Information\_restore{53E80B9F-E0B1-4E1D-AAE1-68A20CD48EEA}\RP146\snapshot
[2013/12/11 16:38:31 | 000,000,000 | ---D | M] -- C:\System Volume Information\_restore{53E80B9F-E0B1-4E1D-AAE1-68A20CD48EEA}\RP147\snapshot
[2013/12/04 12:45:09 | 000,000,000 | ---D | M] -- C:\System Volume Information\_restore{53E80B9F-E0B1-4E1D-AAE1-68A20CD48EEA}\RP145\snapshot
[2013/11/25 17:20:10 | 000,000,000 | ---D | M] -- C:\System Volume Information\_restore{53E80B9F-E0B1-4E1D-AAE1-68A20CD48EEA}\RP144\snapshot
[2013/11/24 14:32:39 | 000,000,000 | ---D | M] -- C:\System Volume Information\_restore{53E80B9F-E0B1-4E1D-AAE1-68A20CD48EEA}\RP143\snapshot
[2013/11/21 16:04:34 | 000,000,000 | ---D | M] -- C:\System Volume Information\_restore{53E80B9F-E0B1-4E1D-AAE1-68A20CD48EEA}\RP142\snapshot
[2013/11/14 00:59:53 | 000,000,000 | ---D | M] -- C:\System Volume Information\_restore{53E80B9F-E0B1-4E1D-AAE1-68A20CD48EEA}\RP141\snapshot
[2013/11/13 15:24:52 | 000,000,000 | ---D | M] -- C:\System Volume Information\_restore{53E80B9F-E0B1-4E1D-AAE1-68A20CD48EEA}\RP139\snapshot
[2013/11/13 15:24:28 | 000,000,000 | ---D | M] -- C:\System Volume Information\_restore{53E80B9F-E0B1-4E1D-AAE1-68A20CD48EEA}\RP140\snapshot
[2013/11/03 12:43:12 | 000,000,000 | ---D | M] -- C:\System Volume Information\_restore{53E80B9F-E0B1-4E1D-AAE1-68A20CD48EEA}\RP138\snapshot
[2013/10/25 14:57:00 | 000,000,000 | ---D | M] -- C:\System Volume Information\_restore{53E80B9F-E0B1-4E1D-AAE1-68A20CD48EEA}\RP137\snapshot
[2013/10/13 08:13:47 | 000,000,000 | ---D | M] -- C:\System Volume Information\_restore{53E80B9F-E0B1-4E1D-AAE1-68A20CD48EEA}\RP136\snapshot
[2013/10/10 15:32:29 | 000,000,000 | ---D | M] -- C:\System Volume Information\_restore{53E80B9F-E0B1-4E1D-AAE1-68A20CD48EEA}\RP135\snapshot
[2013/10/09 09:30:28 | 000,000,000 | ---D | M] -- C:\System Volume Information\_restore{53E80B9F-E0B1-4E1D-AAE1-68A20CD48EEA}\RP134\snapshot
[2013/10/09 09:23:34 | 000,000,000 | ---D | M] -- C:\System Volume Information\_restore{53E80B9F-E0B1-4E1D-AAE1-68A20CD48EEA}\RP133\snapshot
[2013/10/08 16:49:39 | 000,000,000 | ---D | M] -- C:\System Volume Information\_restore{53E80B9F-E0B1-4E1D-AAE1-68A20CD48EEA}\RP132\snapshot
 
========== Files - Unicode (All) ==========
[2013/11/21 14:27:00 | 105,531,440 | ---- | M] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\㍯뎌L
[2013/11/21 14:27:00 | 105,531,440 | ---- | C] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\㍯뎌L
[2013/11/18 12:23:35 | 104,931,504 | ---- | M] ()(C:\WINDOWS\System32\?\L) -- C:\WINDOWS\System32\㻽∖L
[2013/11/18 12:23:35 | 104,931,504 | ---- | C] ()(C:\WINDOWS\System32\?\L) -- C:\WINDOWS\System32\㻽∖L
[2013/11/13 11:21:05 | 104,010,312 | ---- | M] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\툹蕰L
[2013/11/13 11:21:05 | 104,010,312 | ---- | C] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\툹蕰L
[2013/11/12 16:23:42 | 103,974,937 | ---- | M] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\븅嫦L
[2013/11/12 16:23:42 | 103,974,937 | ---- | C] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\븅嫦L
[2013/11/12 09:38:50 | 103,891,779 | ---- | M] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\勈ﻻL
[2013/11/12 09:38:50 | 103,891,779 | ---- | C] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\勈ﻻL
[2013/11/11 09:22:35 | 103,716,811 | ---- | M] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\誺옃L
[2013/11/11 09:22:35 | 103,716,811 | ---- | C] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\誺옃L
[2013/11/10 12:52:46 | 103,551,423 | ---- | M] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\쇉ᗻL
[2013/11/10 12:52:46 | 103,551,423 | ---- | C] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\쇉ᗻL
[2013/11/09 09:13:49 | 103,378,319 | ---- | M] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\阝L
[2013/11/09 09:01:53 | 103,378,319 | ---- | C] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\阝L
[2013/11/04 12:50:32 | 104,964,650 | ---- | M] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\꟢컳L
[2013/11/04 12:50:32 | 104,964,650 | ---- | C] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\꟢컳L
[2013/10/23 08:07:52 | 102,551,358 | ---- | M] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\�蔓L
[2013/10/23 08:07:52 | 102,551,358 | ---- | C] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\�蔓L
[2013/10/22 11:31:24 | 102,329,055 | ---- | M] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\㛢L
[2013/10/22 11:31:24 | 102,329,055 | ---- | C] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\㛢L
[2013/10/21 13:19:14 | 102,171,793 | ---- | M] ()(C:\WINDOWS\System32\T?L) -- C:\WINDOWS\System32\T獷L
[2013/10/21 13:19:14 | 102,171,793 | ---- | C] ()(C:\WINDOWS\System32\T?L) -- C:\WINDOWS\System32\T獷L
[2013/10/17 05:32:41 | 101,413,064 | ---- | M] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\嬑蛷L
[2013/10/17 05:32:41 | 101,413,064 | ---- | C] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\嬑蛷L
[2013/10/16 12:21:53 | 101,406,750 | ---- | M] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\鏠綀L
[2013/10/16 12:21:53 | 101,406,750 | ---- | C] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\鏠綀L
[2013/10/15 02:37:30 | 101,076,544 | ---- | M] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\⛞ﴜL
[2013/10/15 02:37:30 | 101,076,544 | ---- | C] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\⛞ﴜL
[2013/10/14 11:42:30 | 100,910,526 | ---- | M] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\ባ屷L
[2013/10/14 11:42:30 | 100,910,526 | ---- | C] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\ባ屷L
[2013/10/12 01:28:36 | 100,595,853 | ---- | M] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\鶛겱L
[2013/10/12 01:28:36 | 100,595,853 | ---- | C] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\鶛겱L
[2013/10/11 04:20:29 | 100,446,413 | ---- | M] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\단ꞲL
[2013/10/11 04:20:29 | 100,446,413 | ---- | C] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\단ꞲL
[2013/10/04 02:20:46 | 099,176,917 | ---- | M] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\糯L
[2013/10/04 02:20:46 | 099,176,917 | ---- | C] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\糯L
[2013/10/01 14:01:27 | 098,612,549 | ---- | M] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\샣L
[2013/10/01 14:01:27 | 098,612,549 | ---- | C] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\샣L
[2013/09/17 15:14:01 | 098,062,984 | ---- | M] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\篔䛿L
[2013/09/17 15:14:01 | 098,062,984 | ---- | C] ()(C:\WINDOWS\System32\??L) -- C:\WINDOWS\System32\篔䛿L
< End of report >

06.01.2014, 16:43	#32
schrauber /// the machine /// TB-Ausbilder	Server mit DCOM nicht registiert werden / führt zu Pc-Absturz bei Windows XP Auch im abgesicherten Modus? in allen 3? __________________ __________________

07.01.2014, 10:21	#34
schrauber /// the machine /// TB-Ausbilder	Server mit DCOM nicht registiert werden / führt zu Pc-Absturz bei Windows XP mach bitte nochmal den fixboot Befehl in der Recovery, ebenso bitte noch diesen Befehl: fixmbr __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

Server mit DCOM nicht registiert werden / führt zu Pc-Absturz bei Windows XP

Plagegeister aller Art und deren Bekämpfung: Server mit DCOM nicht registiert werden / führt zu Pc-Absturz bei Windows XP