WTR Loader funktioniert nicht und Host capplication funktioniert nicht (Catalyst Control Center)

OTL logfile created on: 28.04.2011 16:13:48 - Run 1
OTL by OldTimer - Version 3.2.22.3     Folder = C:\Users\Dirk Jäger\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 42,00% Memory free
7,00 Gb Paging File | 5,00 Gb Available in Paging File | 72,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 576,17 Gb Total Space | 420,35 Gb Free Space | 72,96% Space Free | Partition Type: NTFS
Drive D: | 19,99 Gb Total Space | 9,86 Gb Free Space | 49,31% Space Free | Partition Type: FAT32
 
Computer Name: PC-DIRK | User Name: Dirk Jäger | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Dirk Jäger\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Avira\AntiVir Desktop\avscan.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Windows\System32\ZoneLabs\vsmon.exe (Check Point Software Technologies LTD)
PRC - C:\Programme\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
PRC - C:\Programme\CheckPoint\ZAForceField\ISWSVC.exe (Check Point Software Technologies)
PRC - C:\Programme\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - C:\Programme\Avira\AntiVir Desktop\avcenter.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corp.)
PRC - C:\Programme\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe (Adobe Systems Incorporated)
PRC - C:\Programme\ScanWizard 5\ScannerFinder.exe ()
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
PRC - C:\Windows\System32\mcbuilder.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Windows\System32\PSIService.exe ()
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\Dirk Jäger\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (Check Point Software Technologies)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d08d7da0442a985d\msvcr80.dll (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d08d7da0442a985d\msvcp80.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (vsmon) -- C:\Windows\System32\ZoneLabs\vsmon.exe (Check Point Software Technologies LTD)
SRV - (IswSvc) -- C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe (Check Point Software Technologies)
SRV - (FLEXnet Licensing Service) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (nosGetPlusHelper) getPlus(R) -- C:\Programme\NOS\bin\getPlus_Helper_3004.dll (NOS Microsystems Ltd.)
SRV - (Lavasoft Ad-Aware Service) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
SRV - (AdobeActiveFileMonitor7.0) -- C:\Programme\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe (Adobe Systems Incorporated)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (ProtexisLicensing) -- C:\Windows\System32\PSIService.exe ()
 
 
========== Driver Services (SafeList) ==========
 
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (ISWKL) -- C:\Programme\CheckPoint\ZAForceField\ISWKL.sys (Check Point Software Technologies)
DRV - (MBAMSwissArmy) -- C:\Windows\System32\drivers\mbamswissarmy.sys (Malwarebytes Corporation)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (dc3d) MS Hardware Device Detection Driver (USB) -- C:\Windows\System32\drivers\dc3d.sys (Microsoft Corporation)
DRV - (Vsdatant) -- C:\Windows\System32\drivers\vsdatant.sys (Check Point Software Technologies LTD)
DRV - (tbhsd) -- C:\Windows\System32\drivers\tbhsd.sys (RapidSolution Software AG)
DRV - (RRNetCapMP) -- C:\Windows\System32\drivers\rrnetcap.sys (RapidSolution Software AG)
DRV - (RRNetCap) -- C:\Windows\System32\drivers\rrnetcap.sys (RapidSolution Software AG)
DRV - (MSHUSBVideo) -- C:\Windows\System32\drivers\nx6000.sys (Microsoft Corporation)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys (Avira GmbH)
DRV - (StarOpen) -- C:\Windows\System32\drivers\StarOpen.sys ()
DRV - (Lbd) -- C:\Windows\system32\DRIVERS\Lbd.sys (Lavasoft AB)
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (RTHDMIAzAudService) -- C:\Windows\System32\drivers\RtHDMIV.sys (Realtek Semiconductor Corp.)
DRV - (ahcix86s) -- C:\Windows\system32\DRIVERS\ahcix86s.sys (Advanced Micro Devices, Inc)
DRV - (AtiPcie) ATI PCI Express (3GIO) -- C:\Windows\system32\DRIVERS\AtiPcie.sys (ATI Technologies Inc.)
DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation                                            )
DRV - (amdide) -- C:\Windows\system32\DRIVERS\amdide.sys (Advanced Micro Devices)
DRV - (netr28u) -- C:\Windows\System32\drivers\netr28u.sys (Ralink Technology Corp.)
DRV - (AF15BDA) Cinergy T USB XE (MKII) -- C:\Windows\System32\drivers\AF15BDA.sys (AfaTech                  )
DRV - (ss_mdm) -- C:\Windows\System32\drivers\ss_mdm.sys (MCCI Corporation)
DRV - (ss_mdfl) -- C:\Windows\System32\drivers\ss_mdfl.sys (MCCI Corporation)
DRV - (ss_bus) SAMSUNG Mobile USB Device 1.0 driver (WDM) -- C:\Windows\System32\drivers\ss_bus.sys (MCCI Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Welcome to ALDI
IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Programme\ZoneAlarm-Sicherheit\tbZone.dll (Conduit Ltd.)
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-1441123505-3431308637-3807024610-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Welcome to ALDI
IE - HKU\S-1-5-21-1441123505-3431308637-3807024610-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Google
IE - HKU\S-1-5-21-1441123505-3431308637-3807024610-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2269050
IE - HKU\S-1-5-21-1441123505-3431308637-3807024610-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-1441123505-3431308637-3807024610-1000\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-1441123505-3431308637-3807024610-1000\..\URLSearchHook: {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Programme\ZoneAlarm-Sicherheit\tbZone.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-1441123505-3431308637-3807024610-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1441123505-3431308637-3807024610-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultthis.engineName: "ZoneAlarm-Sicherheit Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2613550&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "ZoneAlarm-Sicherheit Customized Web Search"
FF - prefs.js..browser.startup.homepage: "www.google.de"
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.4
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.90
FF - prefs.js..extensions.enabledItems: toolbar@web.de:1.5.1
FF - prefs.js..keyword.URL: "chrome://browser-region/locale/region.properties"
FF - prefs.js..network.proxy.type: 4
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\TrustChecker [2011.03.18 14:18:32 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.03.28 15:46:10 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.03.28 15:46:29 | 000,000,000 | ---D | M]
 
[2009.02.09 18:03:52 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Dirk Jäger\AppData\Roaming\mozilla\Extensions
[2011.04.26 13:58:02 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Dirk Jäger\AppData\Roaming\mozilla\Firefox\Profiles\lm4mjpb8.default\extensions
[2010.05.12 16:16:50 | 000,000,000 | -H-D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Dirk Jäger\AppData\Roaming\mozilla\Firefox\Profiles\lm4mjpb8.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.04.13 18:56:38 | 000,000,000 | -H-D | M] (DVDVideoSoftTB Community Toolbar) -- C:\Users\Dirk Jäger\AppData\Roaming\mozilla\Firefox\Profiles\lm4mjpb8.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2011.04.02 11:13:30 | 000,000,000 | -H-D | M] (DownloadHelper) -- C:\Users\Dirk Jäger\AppData\Roaming\mozilla\Firefox\Profiles\lm4mjpb8.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2011.03.28 20:10:35 | 000,000,000 | -H-D | M] (ZoneAlarm-Sicherheit Community Toolbar) -- C:\Users\Dirk Jäger\AppData\Roaming\mozilla\Firefox\Profiles\lm4mjpb8.default\extensions\{fc2b76fc-2132-4d80-a9a3-1f5c6e49066b}
[2011.04.12 16:23:50 | 000,000,000 | -H-D | M] (Conduit Engine) -- C:\Users\Dirk Jäger\AppData\Roaming\mozilla\Firefox\Profiles\lm4mjpb8.default\extensions\engine@conduit.com
[2011.03.28 15:46:19 | 000,000,000 | -H-D | M] (No name found) -- C:\Users\Dirk Jäger\AppData\Roaming\mozilla\Firefox\Profiles\lm4mjpb8.default\extensions\nostmp
[2010.12.03 12:02:59 | 000,000,000 | -H-D | M] (Sammsoft Toolbar) -- C:\Users\Dirk Jäger\AppData\Roaming\mozilla\Firefox\Profiles\lm4mjpb8.default\extensions\toolbar@ask.com
[2011.01.17 15:41:40 | 000,000,943 | -H-- | M] () -- C:\Users\Dirk Jäger\AppData\Roaming\Mozilla\Firefox\Profiles\lm4mjpb8.default\searchplugins\conduit.xml
[2011.03.28 15:46:10 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
File not found (No name found) -- 
File not found (No name found) -- C:\USERS\DIRK JäGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LM4MJPB8.DEFAULT\EXTENSIONS\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
File not found (No name found) -- C:\USERS\DIRK JäGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LM4MJPB8.DEFAULT\EXTENSIONS\{B9DB16A4-6EDC-47EC-A1F4-B86292ED211D}
File not found (No name found) -- C:\USERS\DIRK JäGER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LM4MJPB8.DEFAULT\EXTENSIONS\TOOLBAR@WEB.DE.XPI
[2011.03.18 19:56:37 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Programme\Mozilla Firefox\components\browsercomps.dll
[2010.01.01 10:00:00 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.01.01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\bing.xml
[2010.01.01 10:00:00 | 000,001,153 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.01.01 10:00:00 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.01.01 10:00:00 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.01.01 10:00:00 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
O2 - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Programme\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)
O2 - BHO: (Sammsoft Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (ZoneAlarm-Sicherheit Toolbar) - {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Programme\ZoneAlarm-Sicherheit\tbZone.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (TerraTec Home Cinema) - {AD6E6555-FB2C-47D4-8339-3E2965509877} - C:\Programme\TerraTec\TerraTec Home Cinema\ThcDeskBand.dll (TerraTec Electronic GmbH)
O3 - HKLM\..\Toolbar: (Sammsoft Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Programme\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKLM\..\Toolbar: (ZoneAlarm-Sicherheit Toolbar) - {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Programme\ZoneAlarm-Sicherheit\tbZone.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-1441123505-3431308637-3807024610-1000\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Programme\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-1441123505-3431308637-3807024610-1000\..\Toolbar\WebBrowser: (Sammsoft Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\S-1-5-21-1441123505-3431308637-3807024610-1000\..\Toolbar\WebBrowser: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Programme\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKU\S-1-5-21-1441123505-3431308637-3807024610-1000\..\Toolbar\WebBrowser: (ZoneAlarm-Sicherheit Toolbar) - {FC2B76FC-2132-4D80-A9A3-1F5C6E49066B} - C:\Programme\ZoneAlarm-Sicherheit\tbZone.dll (Conduit Ltd.)
O4 - HKLM..\Run: [Ad-Watch] C:\Programme\Lavasoft\Ad-Aware\AAWTray.exe (Lavasoft)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [Google EULA Launcher] C:\Program Files\Google\Google EULA\GoogleEULALauncher.exe (Google)
O4 - HKLM..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies)
O4 - HKLM..\Run: [LexwareInfoService] C:\Program Files\Common Files\Lexware\Update Manager\LxUpdateManager.exe (Haufe-Lexware GmbH & Co. KG)
O4 - HKLM..\Run: [Skytel] C:\Programme\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
O4 - HKU\.DEFAULT..\Run: [Picasa Media Detector] C:\Programme\Picasa2\PicasaMediaDetector.exe (Google Inc.)
O4 - HKU\S-1-5-18..\Run: [Picasa Media Detector] C:\Programme\Picasa2\PicasaMediaDetector.exe (Google Inc.)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-1441123505-3431308637-3807024610-1000..\Run: [AROReminder] C:\Program Files\Advanced Registry Optimizer\ARO.exe (Sammsoft)
O4 - HKU\S-1-5-21-1441123505-3431308637-3807024610-1000..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Nero AG)
O4 - HKU\S-1-5-21-1441123505-3431308637-3807024610-1000..\Run: [msnmsgr]  File not found
O4 - HKU\S-1-5-21-1441123505-3431308637-3807024610-1000..\Run: [sFGtypQnwU]  File not found
O4 - HKU\S-1-5-21-1441123505-3431308637-3807024610-1000..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Users\Dirk Jäger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk = C:\Programme\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O4 - Startup: C:\Users\Dirk Jäger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote Inhaltsverzeichnis.onetoc2 ()
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll (Google Inc.)
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} -  File not found
O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} -  File not found
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-1441123505-3431308637-3807024610-1000\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKU\S-1-5-21-1441123505-3431308637-3807024610-1000\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab (Java Plug-in 1.6.0_11)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\haufereader - No CLSID value found
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Common Files\microsoft shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Programme\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Programme\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Dirk Jäger\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Dirk Jäger\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{1c4ac6e6-73d2-11df-81fe-00242119819d}\Shell\AutoRun\command - "" = J:\avira.exe
O33 - MountPoints2\{4e23da06-a095-11de-8ed4-00242119819d}\Shell\AutoRun\command - "" = J:\
O33 - MountPoints2\{4e23da06-a095-11de-8ed4-00242119819d}\Shell\usbuntu\command - "" = J:\VirtualBox\Virtualize_This_Key.exe
O33 - MountPoints2\{4e23da06-a095-11de-8ed4-00242119819d}\Shell\usbuntu2\command - "" = J:\VirtualBox\VirtualBox.exe
O33 - MountPoints2\{4e23da06-a095-11de-8ed4-00242119819d}\Shell\usbuntu3\command - "" = J:\wubi.exe --cdmenu
O33 - MountPoints2\J\Shell\AutoRun\command - "" = J:\menu.exe
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O34 - HKLM BootExecute: (lsdelete) - C:\Windows\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias -  File not found
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
 
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: Lavasoft Ad-Aware Service - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
SafeBootMin: NTDS -  File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Lavasoft Ad-Aware Service - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe (Lavasoft)
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS -  File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vsmon - C:\Windows\System32\ZoneLabs\vsmon.exe (Check Point Software Technologies LTD)
SafeBootNet: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfPf - Driver
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files\Common Files\LightScribe\LSRunOnce.exe"
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - 
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 10.4
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Adobe Shockwave Director 10.4
ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {2F6EFCE6-10DF-49F9-9E64-9AE3775B2588} - Microsoft .NET Framework 1.1 Security Update (KB2416447)
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - 
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Webordner
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {9C450606-ED24-4958-92BA-B8940C99D441} - C:\Program Files\PixiePack Codec Pack\InstallerHelper.exe
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.04.28 15:36:18 | 000,000,000 | ---D | C] -- C:\Users\Dirk Jäger\AppData\Roaming\Malwarebytes
[2011.04.28 15:35:45 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011.04.28 15:35:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.04.28 15:35:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.04.28 15:35:38 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011.04.28 15:35:38 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2011.04.28 08:21:36 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011.04.28 08:21:36 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2011.04.28 08:21:36 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2011.04.28 08:21:36 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2011.04.28 08:21:36 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2011.04.28 08:21:36 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2011.04.28 08:21:36 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011.04.28 08:21:36 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2011.04.28 08:21:35 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2011.04.28 08:21:35 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2011.04.28 08:21:35 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011.04.28 08:21:35 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2011.04.28 08:21:35 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2011.04.28 08:21:35 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2011.04.28 08:21:34 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2011.04.28 08:21:34 | 000,580,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011.04.28 08:21:34 | 000,353,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2011.04.28 08:21:34 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2011.04.28 08:21:34 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2011.04.28 08:21:34 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2011.04.28 08:21:34 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2011.04.28 08:21:34 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2011.04.28 08:21:34 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2011.04.28 08:21:34 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2011.04.28 08:21:33 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011.04.28 08:21:33 | 000,420,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2011.04.28 08:21:33 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2011.04.28 08:21:33 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2011.04.28 08:21:33 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2011.04.28 08:21:33 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2011.04.28 08:21:32 | 001,797,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2011.04.28 08:21:32 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2011.04.28 08:21:32 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2011.04.28 08:21:32 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011.04.28 08:21:32 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2011.04.28 08:21:31 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2011.04.28 08:21:31 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2011.04.28 08:21:31 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2011.04.28 08:21:31 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2011.04.27 17:12:01 | 000,000,000 | ---D | C] -- C:\Users\Dirk Jäger\AppData\Roaming\Avira
[2011.04.27 13:55:14 | 004,240,384 | ---- | C] (Microsoft) -- C:\Windows\System32\GameUXLegacyGDFs.dll
[2011.04.27 13:55:14 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Apphlpdm.dll
[2011.04.27 13:55:06 | 000,876,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2011.04.14 19:03:07 | 000,292,864 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2011.04.14 19:03:06 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2011.04.14 19:02:53 | 001,162,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42u.dll
[2011.04.14 19:02:52 | 001,136,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc42.dll
[2011.04.14 19:02:49 | 002,041,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2011.04.14 19:02:45 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dnscacheugc.exe
[2011.04.11 22:42:03 | 000,000,000 | -H-D | C] -- C:\Users\Dirk Jäger\AppData\Local\{BE8B85F4-083C-4E03-AA1C-E0457BD3929D}
[2011.04.11 22:41:10 | 000,000,000 | ---D | C] -- C:\Windows\de
[2011.04.11 22:35:28 | 000,000,000 | -H-D | C] -- C:\Users\Dirk Jäger\AppData\Local\{EFE10B00-2D0F-439D-9FAF-E7F75D10A000}
[2011.04.11 19:45:58 | 000,000,000 | ---D | C] -- C:\Programme\DVDVideoSoftTB
[2009.09.18 16:28:21 | 000,250,544 | ---- | C] (KeyWorks Software) -- C:\Programme\Common Files\keyhelp.ocx
[1 C:\Windows\System32\drivers\*.tmp files -> C:\Windows\System32\drivers\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2011.04.28 16:20:00 | 000,000,438 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{103B65BD-4798-4CA0-9487-EB211B637804}.job
[2011.04.28 15:59:00 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.04.28 15:35:45 | 000,000,910 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.04.28 15:20:42 | 000,642,482 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.04.28 15:20:42 | 000,607,470 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.04.28 15:20:42 | 000,132,022 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.04.28 15:20:42 | 000,108,742 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.04.28 15:08:26 | 000,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.04.28 15:08:26 | 000,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.04.28 14:52:29 | 029,221,888 | ---- | M] () -- C:\Users\Dirk Jäger\Documents\Outlook backup.pst
[2011.04.28 13:08:52 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.04.28 13:07:57 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.04.28 13:07:08 | 3487,883,264 | -HS- | M] () -- C:\hiberfil.sys
[2011.04.28 08:21:46 | 000,008,798 | ---- | M] () -- C:\Windows\System32\icrav03.rat
[2011.04.28 08:21:46 | 000,001,988 | ---- | M] () -- C:\Windows\System32\ticrf.rat
[2011.04.28 08:21:36 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011.04.28 08:21:36 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2011.04.28 08:21:36 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2011.04.28 08:21:36 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2011.04.28 08:21:36 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2011.04.28 08:21:36 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2011.04.28 08:21:36 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011.04.28 08:21:36 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2011.04.28 08:21:35 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2011.04.28 08:21:35 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2011.04.28 08:21:35 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011.04.28 08:21:35 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2011.04.28 08:21:35 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2011.04.28 08:21:35 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2011.04.28 08:21:35 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2011.04.28 08:21:34 | 001,427,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2011.04.28 08:21:34 | 000,580,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011.04.28 08:21:34 | 000,353,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2011.04.28 08:21:34 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2011.04.28 08:21:34 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2011.04.28 08:21:34 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2011.04.28 08:21:34 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2011.04.28 08:21:34 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2011.04.28 08:21:34 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2011.04.28 08:21:34 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2011.04.28 08:21:33 | 002,382,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011.04.28 08:21:33 | 000,420,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2011.04.28 08:21:33 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2011.04.28 08:21:33 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2011.04.28 08:21:33 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2011.04.28 08:21:33 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2011.04.28 08:21:32 | 001,797,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2011.04.28 08:21:32 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2011.04.28 08:21:32 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2011.04.28 08:21:32 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011.04.28 08:21:32 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2011.04.28 08:21:31 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2011.04.28 08:21:31 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2011.04.28 08:21:31 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2011.04.28 08:21:31 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2011.04.15 14:59:26 | 000,450,088 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011.04.11 22:48:11 | 000,093,696 | -H-- | M] () -- C:\Users\Dirk Jäger\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.04.11 22:20:40 | 000,001,036 | -H-- | M] () -- C:\Users\Dirk Jäger\Desktop\DVDVideoSoft Free Studio.lnk
[2011.04.11 19:45:45 | 000,001,025 | -H-- | M] () -- C:\Users\Dirk Jäger\Desktop\Free Video Dub.lnk
[2011.04.06 19:42:43 | 000,040,972 | -H-- | M] () -- C:\Users\Dirk Jäger\Documents\Zeitplan_Abschluss_2011.pdf
[2011.04.06 19:40:38 | 000,012,974 | -H-- | M] () -- C:\Users\Dirk Jäger\AppData\Roaming\Microsoft Excel 97-2003.CAL
[2011.04.04 17:57:05 | 000,000,474 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job
[2011.03.30 16:46:45 | 000,000,264 | -H-- | M] () -- C:\Users\Dirk Jäger\Desktop\Musik.lnk
[1 C:\Windows\System32\drivers\*.tmp files -> C:\Windows\System32\drivers\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2011.04.28 15:35:45 | 000,000,910 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.04.28 08:21:34 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2011.04.11 19:45:54 | 000,001,036 | -H-- | C] () -- C:\Users\Dirk Jäger\Desktop\DVDVideoSoft Free Studio.lnk
[2011.04.11 19:45:45 | 000,001,025 | -H-- | C] () -- C:\Users\Dirk Jäger\Desktop\Free Video Dub.lnk
[2011.04.06 19:42:40 | 000,040,972 | -H-- | C] () -- C:\Users\Dirk Jäger\Documents\Zeitplan_Abschluss_2011.pdf
[2011.04.06 19:40:38 | 000,012,974 | -H-- | C] () -- C:\Users\Dirk Jäger\AppData\Roaming\Microsoft Excel 97-2003.CAL
[2011.03.30 16:46:19 | 000,000,264 | -H-- | C] () -- C:\Users\Dirk Jäger\Desktop\Musik.lnk
[2010.08.08 14:45:15 | 000,015,688 | ---- | C] () -- C:\Windows\System32\lsdelete.exe
[2010.02.03 14:03:45 | 000,142,935 | ---- | C] () -- C:\Windows\hppins23.dat
[2010.02.03 13:56:42 | 000,002,188 | ---- | C] () -- C:\Windows\hppmdl23.dat
[2009.12.29 19:09:30 | 000,021,840 | ---- | C] () -- C:\Windows\System32\SIntfNT.dll
[2009.12.29 19:09:30 | 000,017,212 | ---- | C] () -- C:\Windows\System32\SIntf32.dll
[2009.12.29 19:09:30 | 000,012,067 | ---- | C] () -- C:\Windows\System32\SIntf16.dll
[2009.12.29 18:52:34 | 000,000,196 | ---- | C] () -- C:\Windows\SCHMIDT.INI
[2009.12.22 20:46:44 | 000,038,439 | -H-- | C] () -- C:\Users\Dirk Jäger\AppData\Roaming\Microsoft Excel 97-2003.ADR
[2009.11.30 19:44:32 | 000,000,098 | -H-- | C] () -- C:\Users\Dirk Jäger\AppData\Local\fusioncache.dat
[2009.11.24 17:34:05 | 000,293,712 | ---- | C] () -- C:\Windows\System32\Tbsql03.dll
[2009.11.24 17:34:05 | 000,246,368 | ---- | C] () -- C:\Windows\System32\Tbqry03.dll
[2009.11.24 17:34:05 | 000,145,696 | ---- | C] () -- C:\Windows\System32\Tblib.dll
[2009.11.24 17:34:05 | 000,090,688 | ---- | C] () -- C:\Windows\System32\Tbutl03.dll
[2009.11.24 17:34:05 | 000,014,512 | ---- | C] () -- C:\Windows\System32\Tbgui03.dll
[2009.11.24 17:34:05 | 000,005,488 | ---- | C] () -- C:\Windows\System32\Tbmds03.dll
[2009.11.08 13:12:06 | 000,038,439 | -H-- | C] () -- C:\Users\Dirk Jäger\AppData\Roaming\Kommagetrennte Werte (Windows).ADR
[2009.09.10 18:21:57 | 000,002,048 | -H-- | C] () -- C:\Users\Dirk Jäger\AppData\Local\_rschroe.FPT
[2009.09.10 18:21:57 | 000,000,809 | -H-- | C] () -- C:\Users\Dirk Jäger\AppData\Local\_rschroe.dbf
[2009.06.20 13:53:55 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2009.06.20 13:53:54 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.06.08 19:40:10 | 000,000,000 | ---- | C] () -- C:\Windows\asym.ini
[2009.04.16 15:29:20 | 000,371,070 | -H-- | C] () -- C:\Users\Dirk Jäger\AppData\Roaming\mdbu.bin
[2009.04.06 17:29:21 | 000,044,491 | ---- | C] () -- C:\Windows\System32\MiiIniFile13.ini
[2009.04.06 17:29:19 | 000,285,216 | ---- | C] () -- C:\Windows\System32\drivers\Onsio.sys
[2009.04.06 17:29:19 | 000,007,680 | ---- | C] () -- C:\Windows\System32\drivers\Onsreged.sys
[2009.04.05 13:22:57 | 000,000,680 | -H-- | C] () -- C:\Users\Dirk Jäger\AppData\Local\d3d9caps.dat
[2009.04.05 12:21:09 | 000,038,449 | -H-- | C] () -- C:\Users\Dirk Jäger\AppData\Roaming\Kommagetrennte Werte (DOS).ADR
[2009.03.02 12:33:32 | 000,067,584 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
[2009.02.16 16:39:05 | 000,093,696 | -H-- | C] () -- C:\Users\Dirk Jäger\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.02.12 19:56:12 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2009.02.12 19:37:37 | 000,000,008 | RHS- | C] () -- C:\Windows\System32\78EBE74780.sys
[2009.02.12 19:37:36 | 000,004,076 | -HS- | C] () -- C:\Windows\System32\KGyGaAvL.sys
[2009.02.09 20:45:27 | 000,000,432 | -H-- | C] () -- C:\Windows\BRWMARK.INI
[2009.02.09 20:45:27 | 000,000,034 | ---- | C] () -- C:\Windows\System32\BD2040.DAT
[2009.02.09 20:45:08 | 000,008,975 | ---- | C] () -- C:\Windows\HL-2040.INI
[2009.02.09 20:45:08 | 000,000,145 | ---- | C] () -- C:\Windows\BRVIDEO.INI
[2009.02.09 20:45:08 | 000,000,114 | ---- | C] () -- C:\Windows\System32\brlmw03a.ini
[2009.02.09 20:45:08 | 000,000,023 | -H-- | C] () -- C:\Windows\Brownie.ini
[2009.02.09 20:45:08 | 000,000,000 | -H-- | C] () -- C:\Windows\brmx2001.ini
[2009.02.09 19:07:28 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys
[2009.02.09 19:06:19 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll
[2009.02.09 17:48:47 | 000,026,112 | ---- | C] () -- C:\Windows\RunUnDrv.exe
[2008.12.18 13:31:13 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2008.12.10 16:31:50 | 000,000,032 | ---- | C] () -- C:\Windows\System32\drivers\VERSION.DAT
[2008.12.10 15:55:29 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2008.12.01 22:46:10 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2008.12.01 22:08:38 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat
[2008.11.24 19:37:33 | 000,642,482 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2008.11.24 19:37:33 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2008.11.24 19:37:33 | 000,132,022 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2008.11.24 19:37:33 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2008.11.24 11:42:24 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2008.10.30 16:45:42 | 000,180,720 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2008.10.21 19:40:00 | 000,081,920 | ---- | C] () -- C:\Windows\System32\ATIODE.exe
[2008.10.21 19:40:00 | 000,045,056 | ---- | C] () -- C:\Windows\System32\ATIODCLI.exe
[2007.06.05 14:20:32 | 000,177,704 | ---- | C] () -- C:\Windows\System32\PSIService.exe
[2006.11.02 14:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 14:47:37 | 000,450,088 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 12:33:01 | 000,607,470 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 12:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 12:33:01 | 000,108,742 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 12:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 12:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 10:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 10:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 09:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006.04.21 11:08:22 | 000,253,952 | ---- | C] () -- C:\Windows\System32\HtmlHelp.dll
 
========== LOP Check ==========
 
[2009.10.11 14:37:22 | 000,000,000 | -H-D | M] -- C:\Users\Dirk Jäger\AppData\Roaming\Amazon
[2010.08.08 09:36:11 | 000,000,000 | ---D | M] -- C:\Users\Dirk Jäger\AppData\Roaming\CheckPoint
[2009.06.23 17:26:31 | 000,000,000 | -H-D | M] -- C:\Users\Dirk Jäger\AppData\Roaming\cornelsen
[2010.05.29 14:30:57 | 000,000,000 | -H-D | M] -- C:\Users\Dirk Jäger\AppData\Roaming\Facebook
[2011.01.21 19:28:03 | 000,000,000 | -H-D | M] -- C:\Users\Dirk Jäger\AppData\Roaming\FileZilla
[2010.06.16 17:09:24 | 000,000,000 | -H-D | M] -- C:\Users\Dirk Jäger\AppData\Roaming\FreeVideoConverter
[2011.01.24 21:57:48 | 000,000,000 | -H-D | M] -- C:\Users\Dirk Jäger\AppData\Roaming\gtk-2.0
[2010.05.27 19:22:52 | 000,000,000 | -H-D | M] -- C:\Users\Dirk Jäger\AppData\Roaming\Image Zone Express
[2009.02.25 15:10:14 | 000,000,000 | -H-D | M] -- C:\Users\Dirk Jäger\AppData\Roaming\JAlbum
[2009.02.12 21:24:10 | 000,000,000 | -H-D | M] -- C:\Users\Dirk Jäger\AppData\Roaming\Lexware
[2009.05.31 15:10:36 | 000,000,000 | -H-D | M] -- C:\Users\Dirk Jäger\AppData\Roaming\MatchWare
[2010.03.07 16:30:01 | 000,000,000 | -H-D | M] -- C:\Users\Dirk Jäger\AppData\Roaming\Printer Info Cache
[2010.08.08 11:02:00 | 000,000,000 | -H-D | M] -- C:\Users\Dirk Jäger\AppData\Roaming\Sammsoft
[2009.04.06 14:58:15 | 000,000,000 | -H-D | M] -- C:\Users\Dirk Jäger\AppData\Roaming\Samsung
[2009.03.04 22:55:04 | 000,000,000 | -H-D | M] -- C:\Users\Dirk Jäger\AppData\Roaming\TerraTec
[2011.04.04 17:57:05 | 000,000,474 | ---- | M] () -- C:\Windows\Tasks\Ad-Aware Update (Weekly).job
[2011.04.28 08:32:00 | 000,032,530 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011.04.28 16:20:00 | 000,000,438 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{103B65BD-4798-4CA0-9487-EB211B637804}.job
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2010.09.30 14:28:12 | 000,000,000 | -H-D | M] -- C:\Users\Dirk Jäger\AppData\Roaming\Adobe
[2009.10.11 14:37:22 | 000,000,000 | -H-D | M] -- C:\Users\Dirk Jäger\AppData\Roaming\Amazon
[2009.12.21 18:46:03 | 000,000,000 | -H-D | M] -- C:\Users\Dirk Jäger\AppData\Roaming\Apple Computer
[2009.02.05 18:41:26 | 000,000,000 | -H-D | M] -- C:\Users\Dirk Jäger\AppData\Roaming\ATI
[2011.04.27 17:12:01 | 000,000,000 | ---D | M] -- C:\Users\Dirk Jäger\AppData\Roaming\Avira
[2009.02.09 20:45:48 | 000,000,000 | RH-D | M] -- C:\Users\Dirk Jäger\AppData\Roaming\Brother
[2010.08.08 09:36:11 | 000,000,000 | ---D | M] -- C:\Users\Dirk Jäger\AppData\Roaming\CheckPoint
[2009.02.12 19:37:37 | 000,000,000 | -H-D | M] -- C:\Users\Dirk Jäger\AppData\Roaming\Corel
[2009.06.23 17:26:31 | 000,000,000 | -H-D | M] -- C:\Users\Dirk Jäger\AppData\Roaming\cornelsen
[2010.05.29 14:30:57 | 000,000,000 | -H-D | M] -- C:\Users\Dirk Jäger\AppData\Roaming\Facebook
[2011.01.21 19:28:03 | 000,000,000 | -H-D | M] -- C:\Users\Dirk Jäger\AppData\Roaming\FileZilla
[2010.06.16 17:09:24 | 000,000,000 | -H-D | M] -- C:\Users\Dirk Jäger\AppData\Roaming\FreeVideoConverter
[2009.02.09 18:00:09 | 000,000,000 | -H-D | M] -- C:\Users\Dirk Jäger\AppData\Roaming\Google
[2011.01.24 21:57:48 | 000,000,000 | -H-D | M] -- C:\Users\Dirk Jäger\AppData\Roaming\gtk-2.0
[2010.02.03 15:33:50 | 000,000,000 | -H-D | M] -- C:\Users\Dirk Jäger\AppData\Roaming\HP
[2011.02.18 09:29:28 | 000,000,000 | -H-D | M] -- C:\Users\Dirk Jäger\AppData\Roaming\HpUpdate
[2009.02.05 18:41:00 | 000,000,000 | -H-D | M] -- C:\Users\Dirk Jäger\AppData\Roaming\Identities
[2010.05.27 19:22:52 | 000,000,000 | -H-D | M] -- C:\Users\Dirk Jäger\AppData\Roaming\Image Zone Express
[2009.02.12 21:17:01 | 000,000,000 | -H-D | M] -- C:\Users\Dirk Jäger\AppData\Roaming\InstallShield
[2009.02.25 15:10:14 | 000,000,000 | -H-D | M] -- C:\Users\Dirk Jäger\AppData\Roaming\JAlbum
[2009.02.12 21:24:10 | 000,000,000 | -H-D | M] -- C:\Users\Dirk Jäger\AppData\Roaming\Lexware
[2009.02.05 18:40:10 | 000,000,000 | -H-D | M] -- C:\Users\Dirk Jäger\AppData\Roaming\Macromedia
[2011.04.28 15:36:18 | 000,000,000 | ---D | M] -- C:\Users\Dirk Jäger\AppData\Roaming\Malwarebytes
[2009.05.31 15:10:36 | 000,000,000 | -H-D | M] -- C:\Users\Dirk Jäger\AppData\Roaming\MatchWare
[2006.11.02 14:37:34 | 000,000,000 | -H-D | M] -- C:\Users\Dirk Jäger\AppData\Roaming\Media Center Programs
[2011.02.17 18:37:56 | 000,000,000 | --SD | M] -- C:\Users\Dirk Jäger\AppData\Roaming\Microsoft
[2009.02.09 18:03:52 | 000,000,000 | -H-D | M] -- C:\Users\Dirk Jäger\AppData\Roaming\Mozilla
[2009.02.09 20:14:00 | 000,000,000 | -H-D | M] -- C:\Users\Dirk Jäger\AppData\Roaming\Nero
[2010.03.07 16:30:01 | 000,000,000 | -H-D | M] -- C:\Users\Dirk Jäger\AppData\Roaming\Printer Info Cache
[2010.08.08 11:02:00 | 000,000,000 | -H-D | M] -- C:\Users\Dirk Jäger\AppData\Roaming\Sammsoft
[2009.04.06 14:58:15 | 000,000,000 | -H-D | M] -- C:\Users\Dirk Jäger\AppData\Roaming\Samsung
[2010.01.05 21:20:50 | 000,000,000 | -H-D | M] -- C:\Users\Dirk Jäger\AppData\Roaming\Skype
[2010.01.05 19:24:43 | 000,000,000 | -H-D | M] -- C:\Users\Dirk Jäger\AppData\Roaming\skypePM
[2009.03.04 22:55:04 | 000,000,000 | -H-D | M] -- C:\Users\Dirk Jäger\AppData\Roaming\TerraTec
 
< %APPDATA%\*.exe /s >
[2010.05.29 14:30:57 | 000,050,354 | -H-- | M] (Facebook, Inc.) -- C:\Users\Dirk Jäger\AppData\Roaming\Facebook\uninstall.exe
[2009.12.27 15:33:06 | 000,001,078 | RH-- | M] () -- C:\Users\Dirk Jäger\AppData\Roaming\Microsoft\Installer\{38EE230F-F631-451F-8800-E29F5E5C9E7D}\_0044238C9C33EE6AE43EBB.exe
[2009.12.27 15:33:06 | 000,031,702 | RH-- | M] () -- C:\Users\Dirk Jäger\AppData\Roaming\Microsoft\Installer\{38EE230F-F631-451F-8800-E29F5E5C9E7D}\_21F3885A18D238E15AAE81.exe
[2009.12.27 15:33:06 | 000,031,702 | RH-- | M] () -- C:\Users\Dirk Jäger\AppData\Roaming\Microsoft\Installer\{38EE230F-F631-451F-8800-E29F5E5C9E7D}\_2964C3DE7E291AF3F2353D.exe
[2009.12.27 15:33:06 | 000,025,214 | RH-- | M] () -- C:\Users\Dirk Jäger\AppData\Roaming\Microsoft\Installer\{38EE230F-F631-451F-8800-E29F5E5C9E7D}\_4D456665B6A1916105928F.exe
[2009.12.27 15:33:06 | 000,025,214 | RH-- | M] () -- C:\Users\Dirk Jäger\AppData\Roaming\Microsoft\Installer\{38EE230F-F631-451F-8800-E29F5E5C9E7D}\_6459EB3CC1021F99697573.exe
[2009.12.27 15:33:06 | 000,031,702 | RH-- | M] () -- C:\Users\Dirk Jäger\AppData\Roaming\Microsoft\Installer\{38EE230F-F631-451F-8800-E29F5E5C9E7D}\_6FEFF9B68218417F98F549.exe
[2009.10.01 20:24:53 | 000,015,086 | RH-- | M] () -- C:\Users\Dirk Jäger\AppData\Roaming\Microsoft\Installer\{84B01A13-F78F-4281-9224-C96FB3530A2C}\ARPPRODUCTICON.exe
[2009.11.30 19:44:34 | 000,001,078 | RH-- | M] () -- C:\Users\Dirk Jäger\AppData\Roaming\Microsoft\Installer\{BE6AC902-190B-49D7-8844-419F1E156426}\_27251643.exe
[2009.11.30 19:44:34 | 000,001,078 | RH-- | M] () -- C:\Users\Dirk Jäger\AppData\Roaming\Microsoft\Installer\{BE6AC902-190B-49D7-8844-419F1E156426}\_285248db.exe
[2009.11.30 19:44:34 | 000,051,262 | RH-- | M] () -- C:\Users\Dirk Jäger\AppData\Roaming\Microsoft\Installer\{BE6AC902-190B-49D7-8844-419F1E156426}\_55797cfe.exe
[2009.11.30 19:44:34 | 000,051,262 | RH-- | M] () -- C:\Users\Dirk Jäger\AppData\Roaming\Microsoft\Installer\{BE6AC902-190B-49D7-8844-419F1E156426}\_5d24588.exe
[2009.11.30 19:44:34 | 000,051,262 | RH-- | M] () -- C:\Users\Dirk Jäger\AppData\Roaming\Microsoft\Installer\{BE6AC902-190B-49D7-8844-419F1E156426}\_74ad4eae.exe
[2009.11.30 19:44:34 | 000,001,078 | RH-- | M] () -- C:\Users\Dirk Jäger\AppData\Roaming\Microsoft\Installer\{BE6AC902-190B-49D7-8844-419F1E156426}\_de56f3c.exe
[2010.08.13 09:13:32 | 000,032,032 | -H-- | M] (NOS Microsystems Ltd.) -- C:\Users\Dirk Jäger\AppData\Roaming\Mozilla\Firefox\Profiles\lm4mjpb8.default\extensions\nostmp\content\getPlusPlus_Adobe_reg.exe
 
< %SYSTEMDRIVE%\*.exe >
 
 
< MD5 for: AGP440.SYS  >
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_51b95d75\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
 
< MD5 for: AHCIX86S.SYS  >
[2008.10.03 18:08:52 | 000,183,312 | -H-- | M] (Advanced Micro Devices, Inc) MD5=03081E98C515CB838434D252F407F6E8 -- C:\ATI\WinVista\8_561\Packages\Drivers\SBDrv\SB7xx\RAID\LH\ahcix86s.sys
[2008.10.03 18:08:52 | 000,183,312 | ---- | M] (Advanced Micro Devices, Inc) MD5=03081E98C515CB838434D252F407F6E8 -- C:\Windows\System32\drivers\ahcix86s.sys
[2008.10.03 18:08:52 | 000,183,312 | ---- | M] (Advanced Micro Devices, Inc) MD5=03081E98C515CB838434D252F407F6E8 -- C:\Windows\System32\DriverStore\FileRepository\ahcix86s.inf_697786ab\ahcix86s.sys
[2007.11.01 21:31:44 | 000,122,880 | -H-- | M] (Promise Technology, Inc.) MD5=4283A0F3A9557EB133D2BA8979747A77 -- C:\ATI\WinVista\8_561\Packages\Drivers\SBDrv\SB6xx\RAID\LH\ahcix86s.sys
 
< MD5 for: ATAPI.SYS  >
[2008.11.12 15:12:11 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=0D83C87A801A3DFCD1BF73893FE7518C -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_4c9c5a00\atapi.sys
[2008.11.12 15:12:11 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=0D83C87A801A3DFCD1BF73893FE7518C -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18034_none_dd1bb97e219e87cb\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\drivers\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_b12d8e84\atapi.sys
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2008.11.12 15:12:11 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=96DC4E1A9F90CCD489950A8935425C59 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.22134_none_dda556493abc2795\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
 
< MD5 for: EVENTLOG.DLL  >
[2007.05.17 22:34:04 | 000,007,216 | ---- | M] () MD5=C2A279A458A06DE2C83D842AA042B5A8 -- C:\Programme\HomeCinema\PowerDirector\EventLog.dll
 
< MD5 for: EXPLORER.EXE  >
[2008.10.29 08:20:29 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2008.10.29 08:29:41 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2008.10.30 05:59:17 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\explorer.exe
[2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) MD5=D07D4C3038F3578FFCE1C0237F2A1253 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6002.18005_none_53a0201e76de3a0b\explorer.exe
[2008.10.28 04:15:02 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2008.01.21 04:24:24 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
 
< MD5 for: IASTORV.SYS  >
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\System32\netlogon.dll
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008.01.21 04:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2008.01.21 04:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\System32\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
 
< MD5 for: USER32.DLL  >
[2008.01.21 04:24:21 | 000,627,200 | ---- | M] (Microsoft Corporation) MD5=B974D9F06DC7D1908E825DC201681269 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll
[2009.04.11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\user32.dll
[2009.04.11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\System32\winlogon.exe
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008.01.21 04:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2008.01.21 04:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2008.01.21 04:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_4f86a0d4c7cda641\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2010.05.15 17:30:46 | 000,457,304 | ---- | M] (Check Point Software Technologies LTD) Unable to obtain MD5 -- C:\Windows\System32\drivers\vsdatant.sys
[1 C:\Windows\system32\drivers\*.tmp files -> C:\Windows\system32\drivers\*.tmp -> ]
 
< %systemroot%\System32\config\*.sav >
[2008.01.21 05:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2008.01.21 05:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2008.01.21 05:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006.11.02 12:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006.11.02 12:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >

< End of report >