Bka Virus, XP startet nicht mehr abgesichert, Scan inside
Hallo, musste sowas noch nie machen....
Habe im Board eine Anleitung von cosinus gefunden und einen OTLPE/Scan gemacht....
> Code:
OTL logfile created on: 3/15/2012 5:38:39 PM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: yyyy-MM-dd
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 89.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 97.00% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 97.66 Gb Total Space | 17.20 Gb Free Space | 17.61% Space Free | Partition Type: NTFS
Drive D: | 110.75 Gb Total Space | 14.38 Gb Free Space | 12.98% Space Free | Partition Type: NTFS
Drive F: | 1.86 Gb Total Space | 1.41 Gb Free Space | 76.00% Space Free | Partition Type: FAT
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet002
========== Win32 Services (SafeList) ==========
SRV - File not found [On_Demand] -- -- (rpcapd) Remote Packet Capture Protocol v.0 (experimental)
SRV - [2011/08/14 18:26:48 | 003,246,040 | ---- | M] (Acronis) [Auto] -- C:\Programme\Gemeinsame Dateien\Acronis\CDP\afcdpsrv.exe -- (afcdpsrv)
SRV - [2011/07/12 09:11:49 | 000,269,480 | ---- | M] (Avira GmbH) [Auto] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011/06/08 07:02:00 | 000,633,856 | ---- | M] (Nokia) [On_Demand] -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2011/04/21 01:52:51 | 000,136,360 | ---- | M] (Avira GmbH) [Auto] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011/02/01 15:53:34 | 000,805,024 | ---- | M] (Acronis) [Auto] -- C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2009/03/03 06:19:28 | 000,691,200 | ---- | M] (FileZilla Project) [Auto] -- C:\Programme\FileZilla Server\FileZilla Server.exe -- (FileZilla Server)
SRV - [2009/02/23 21:51:19 | 005,767,168 | ---- | M] () [Auto] -- C:\Programme\Hewlett-Packard\PNM\server\mysql\bin\mysqld-nt.exe -- (HP ProCurve Datastore)
SRV - [2009/02/23 21:51:14 | 000,217,088 | ---- | M] () [Auto] -- C:\Programme\Hewlett-Packard\PNM\server\Wrapper.exe -- (HP ProCurve Network Manager Server)
SRV - [2009/02/23 21:49:43 | 000,217,088 | ---- | M] () [Auto] -- C:\Programme\Hewlett-Packard\PNM\pcm-agent\wrapper.exe -- (HP ProCurve Network Manager Agent)
SRV - [2009/02/05 10:36:00 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand] -- C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008/09/30 07:48:28 | 000,935,208 | ---- | M] (Nero AG) [Auto] -- C:\Programme\Gemeinsame Dateien\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2008/06/09 05:21:58 | 000,073,728 | ---- | M] (Hewlett-Packard Company) [Auto] -- C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe -- (LightScribeService)
SRV - [2008/03/19 11:52:44 | 000,166,520 | ---- | M] () [Auto] -- C:\Programme\IVT Corporation\BlueSoleil\BTNtService.exe -- (BlueSoleil Hid Service)
SRV - [2008/03/19 11:52:38 | 000,051,816 | ---- | M] () [Auto] -- C:\Programme\IVT Corporation\BlueSoleil\StartSkysolSvc.exe -- (Start BT in service)
SRV - [2007/07/24 05:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto] -- C:\Programme\Gemeinsame Dateien\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2007/05/28 12:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) [Auto] -- C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
SRV - [2007/05/04 04:27:00 | 000,071,360 | ---- | M] () [Auto] -- C:\Programme\CDBurnerXP\NMSAccessU.exe -- (NMSAccessU)
SRV - [2006/10/26 14:49:34 | 000,441,136 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2006/10/26 09:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2005/11/09 19:00:30 | 000,090,112 | ---- | M] (Dell Inc.) [Auto] -- C:\Programme\Dell Printers\Additional Color Laser Software\Status Monitor\dlpwdnt.exe -- (DLPWD)
SRV - [2005/08/25 12:53:00 | 000,135,168 | ---- | M] (Dell Inc.) [Auto] -- C:\Programme\Dell Printers\Additional Color Laser Software\Status Monitor\dlsdbnt.exe -- (DLSDB)
SRV - [2005/04/03 19:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand] -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2001/11/12 08:31:48 | 000,020,480 | ---- | M] (X10) [Auto] -- C:\Programme\Common Files\X10\Common\X10nets.exe -- (x10nets)
SRV - [2001/04/06 17:24:54 | 000,032,256 | ---- | M] (C-Dilla Ltd) [Auto] -- C:\WINDOWS\system32\drivers\CDANTSRV.EXE -- (C-DillaSrv)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | Boot] -- -- (rseb)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | System] -- -- (i2omgmt)
DRV - File not found [Kernel | On_Demand] -- -- (FXDrv32)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - [2012/03/15 03:54:00 | 000,284,792 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2011/08/14 18:26:49 | 000,167,968 | ---- | M] (Acronis) [File_System | On_Demand] -- C:\WINDOWS\system32\drivers\afcdp.sys -- (afcdp)
DRV - [2011/08/14 18:26:44 | 000,752,128 | ---- | M] (Acronis) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\tdrpm273.sys -- (tdrpman273) Acronis Try&Decide and Restore Points filter (build 273)
DRV - [2011/08/14 18:26:42 | 000,600,928 | ---- | M] (Acronis) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\timntr.sys -- (timounter)
DRV - [2011/08/14 18:26:34 | 000,170,528 | ---- | M] (Acronis) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\snapman.sys -- (snapman)
DRV - [2011/07/12 09:11:50 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2011/07/12 09:11:50 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011/05/18 04:12:38 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2011/05/18 04:12:36 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2011/05/18 04:12:32 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2011/05/18 04:12:28 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2011/05/18 04:09:48 | 000,137,600 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2011/05/18 04:09:48 | 000,008,576 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc)
DRV - [2010/12/30 06:59:18 | 006,290,024 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2010/11/17 08:03:56 | 000,101,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\AtihdXP3.sys -- (AtiHDAudioService)
DRV - [2009/11/25 12:54:23 | 000,003,026 | ---- | M] (Logix4u) [Kernel | System] -- C:\WINDOWS\system32\drivers\hwinterface.sys -- (hwinterface)
DRV - [2009/11/18 02:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2009/11/18 02:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2009/10/08 11:55:33 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/10/06 08:00:44 | 000,716,272 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2009/08/14 00:27:00 | 004,485,632 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2009/04/01 07:28:32 | 000,093,184 | R--- | M] (ATI Research Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2009/03/25 09:29:52 | 000,130,432 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2009/03/08 23:10:50 | 000,014,848 | R--- | M] (Silicon Laboratories) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\SiUSBXp.sys -- (SIUSBXP)
DRV - [2009/02/24 13:42:14 | 000,116,736 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mcdbus.sys -- (mcdbus)
DRV - [2009/02/13 06:35:01 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\Programme\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2008/08/26 04:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008/08/08 05:15:56 | 000,041,456 | ---- | M] (Cyberlink Corp.) [Kernel | Auto] -- C:\Programme\CyberLink\PowerDVD8\000.fcl -- ({FE4C91E7-22C2-4D0C-9F6B-82F1B7742054})
DRV - [2008/04/13 19:16:24 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\MPE.sys -- (MPE)
DRV - [2008/04/13 17:05:40 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) NT-Treiber für Realtek RTL8139(A/B/C)
DRV - [2008/02/26 09:07:54 | 000,073,728 | ---- | M] (EZB Systems, Inc.) [File_System | System] -- C:\Programme\UltraISO\drivers\ISODrive.sys -- (ISODrive)
DRV - [2007/11/08 05:29:52 | 000,458,752 | ---- | M] (PixArt Imaging Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\PAC7302.SYS -- (PAC7302)
DRV - [2007/06/27 02:05:52 | 000,053,184 | R--- | M] (FTDI Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ftdibus.sys -- (FTDIBUS)
DRV - [2007/06/27 02:04:14 | 000,071,488 | R--- | M] (FTDI Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ftser2k.sys -- (FTSER2K)
DRV - [2007/06/24 16:56:54 | 000,038,920 | ---- | M] (IVT Corporation.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\btcusb.sys -- (Btcsrusb)
DRV - [2007/06/24 16:56:40 | 000,027,656 | ---- | M] (IVT Corporation.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\BlueletSCOAudio.sys -- (BlueletSCOAudio)
DRV - [2007/06/24 16:56:34 | 000,034,312 | ---- | M] (IVT Corporation.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\blueletaudio.sys -- (BlueletAudio)
DRV - [2007/03/05 15:59:04 | 000,018,320 | ---- | M] (IVT Corporation.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\btnetdrv.sys -- (BT)
DRV - [2007/03/05 15:57:14 | 000,019,472 | ---- | M] (IVT Corporation.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\VHIDMini.sys -- (VHidMinidrv)
DRV - [2007/03/05 15:56:18 | 000,035,600 | ---- | M] (IVT Corporation.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\BTHidMgr.sys -- (BTHidMgr)
DRV - [2007/03/05 15:55:12 | 000,020,880 | ---- | M] (IVT Corporation.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\vbtenum.sys -- (BTHidEnum)
DRV - [2007/03/05 15:53:18 | 000,044,304 | ---- | M] (IVT Corporation.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\VcommMgr.sys -- (VcommMgr)
DRV - [2007/03/05 15:52:18 | 000,034,448 | ---- | M] (IVT Corporation.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\VComm.sys -- (VComm)
DRV - [2006/04/28 10:34:00 | 000,882,688 | R--- | M] (Philips Semiconductors GmbH) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\3xHybrid.sys -- (3xHybrid)
DRV - [2005/10/04 13:37:54 | 000,072,320 | R--- | M] (C-Media Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\cmiucr.SYS -- (CMISTOR)
DRV - [2005/07/25 05:04:08 | 000,048,640 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ser2pl.sys -- (Ser2pl)
DRV - [2005/07/14 15:58:38 | 000,241,536 | ---- | M] (Ralink Technology Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\rt2500usb.sys -- (RT2500USB)
DRV - [2005/06/30 07:16:00 | 001,094,848 | R--- | M] (Agere Systems) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2005/05/19 10:52:58 | 000,017,792 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\x10ufx2.sys -- (XUIF)
DRV - [2005/01/14 12:14:07 | 000,047,616 | ---- | M] (Protection Technology) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV - [2004/12/03 06:20:41 | 000,020,544 | ---- | M] (Protection Technology) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\sfsync02.sys -- (sfsync02) StarForce Protection Synchronization Driver (version 2.x)
DRV - [2004/10/28 06:47:59 | 000,006,656 | ---- | M] (Protection Technology) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2004/06/18 14:23:56 | 000,016,768 | R--- | M] () [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\SiBulk.sys -- (SiBulk)
DRV - [2003/12/05 04:40:24 | 000,262,987 | ---- | M] () [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\et251.sys -- (DCamUSBET251)
DRV - [2003/04/04 09:07:20 | 000,030,336 | ---- | M] (Politecnico di Torino) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF)
DRV - [2002/03/01 17:21:00 | 000,004,944 | ---- | M] () [Kernel | On_Demand] -- C:\Programme\Z-ParSwitch\WinIo.sys -- (WINIO)
DRV - [2001/08/17 07:14:24 | 000,444,416 | ---- | M] (AVM GmbH) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\fpcibase.sys -- (fpcibase)
DRV - [2001/08/17 07:13:48 | 000,037,568 | ---- | M] (AVM GmbH) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\avmwan.sys -- (AVMWAN)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Freak_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKU\Freak_ON_C\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKU\Freak_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.wetteronline.de/Bayern/BayWald.htm
IE - HKU\Freak_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.selectedEngine: "collectr"
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.3088: C:\Programme\Real Alternative\Browser\Plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.11.3006: C:\Programme\Real Alternative\Browser\Plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Programme\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2011/08/05 12:11:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Programme\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2011/08/05 12:11:11 | 000,000,000 | ---D | M]
[2009/01/26 04:44:36 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Freak\Anwendungsdaten\mozilla\Firefox\Profiles\humki2he.default\extensions
[2009/01/26 04:44:33 | 000,000,000 | ---D | M] (Screen grab!) -- C:\Dokumente und Einstellungen\Freak\Anwendungsdaten\mozilla\Firefox\Profiles\humki2he.default\extensions\{02450954-cdd9-410f-b1da-db804e18c671}
[2009/01/26 04:44:34 | 000,000,000 | ---D | M] (FlashGot) -- C:\Dokumente und Einstellungen\Freak\Anwendungsdaten\mozilla\Firefox\Profiles\humki2he.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}
[2009/01/26 04:44:34 | 000,000,000 | ---D | M] ("Simple Options Button") -- C:\Dokumente und Einstellungen\Freak\Anwendungsdaten\mozilla\Firefox\Profiles\humki2he.default\extensions\{1d1bf47b-eb43-4fd8-a49a-efb6ba833d29}
[2009/01/26 04:44:35 | 000,000,000 | ---D | M] (PDF Download) -- C:\Dokumente und Einstellungen\Freak\Anwendungsdaten\mozilla\Firefox\Profiles\humki2he.default\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}
[2009/01/26 04:44:35 | 000,000,000 | ---D | M] (Flashblock) -- C:\Dokumente und Einstellungen\Freak\Anwendungsdaten\mozilla\Firefox\Profiles\humki2he.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}
[2009/01/26 04:44:35 | 000,000,000 | ---D | M] (Stealther) -- C:\Dokumente und Einstellungen\Freak\Anwendungsdaten\mozilla\Firefox\Profiles\humki2he.default\extensions\{4776510a-a1f4-41f3-a3c8-35b474ecef23}
[2009/01/26 04:44:35 | 000,000,000 | ---D | M] (Modern Modoki) -- C:\Dokumente und Einstellungen\Freak\Anwendungsdaten\mozilla\Firefox\Profiles\humki2he.default\extensions\{4a428302-5267-4749-bb22-459b3236695f}
[2009/01/26 04:44:35 | 000,000,000 | ---D | M] (NoScript) -- C:\Dokumente und Einstellungen\Freak\Anwendungsdaten\mozilla\Firefox\Profiles\humki2he.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
[2009/01/26 04:44:35 | 000,000,000 | ---D | M] (TinyUrl Creator) -- C:\Dokumente und Einstellungen\Freak\Anwendungsdaten\mozilla\Firefox\Profiles\humki2he.default\extensions\{89736E8E-4B14-4042-8C75-AD00B6BD3900}
[2009/01/26 04:44:35 | 000,000,000 | ---D | M] (All-in-One Gestures) -- C:\Dokumente und Einstellungen\Freak\Anwendungsdaten\mozilla\Firefox\Profiles\humki2he.default\extensions\{8b86149f-01fb-4842-9dd8-4d7eb02fd055}
[2009/01/26 04:44:35 | 000,000,000 | ---D | M] (FireFTP button) -- C:\Dokumente und Einstellungen\Freak\Anwendungsdaten\mozilla\Firefox\Profiles\humki2he.default\extensions\{9BAE5926-8513-417d-8E47-774955A7C60D}
[2009/01/26 04:44:36 | 000,000,000 | ---D | M] (FireFTP) -- C:\Dokumente und Einstellungen\Freak\Anwendungsdaten\mozilla\Firefox\Profiles\humki2he.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}
[2009/01/26 04:44:36 | 000,000,000 | ---D | M] (BBCode) -- C:\Dokumente und Einstellungen\Freak\Anwendungsdaten\mozilla\Firefox\Profiles\humki2he.default\extensions\{AE37D527-6604-461c-8102-975CF8053A2F}
[2009/01/26 04:44:36 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Dokumente und Einstellungen\Freak\Anwendungsdaten\mozilla\Firefox\Profiles\humki2he.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009/01/26 04:44:33 | 000,000,000 | ---D | M] (Ctrl Tab Preview) -- C:\Dokumente und Einstellungen\Freak\Anwendungsdaten\mozilla\Firefox\Profiles\humki2he.default\extensions\ctrltabpreview@extensions.hesslow.se
[2009/01/26 04:44:33 | 000,000,000 | ---D | M] (Wortliste von hxxp://tkltrans.sf.net (alte und neue deutsche Rechtschreibung)) -- C:\Dokumente und Einstellungen\Freak\Anwendungsdaten\mozilla\Firefox\Profiles\humki2he.default\extensions\de-DE-comb@dictionaries.addons.mozilla.org
[2009/01/26 04:44:33 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Freak\Anwendungsdaten\mozilla\Firefox\Profiles\humki2he.default\extensions\ctrltabpreview@extensions.hesslow.se\chrome
[2008/04/25 16:08:23 | 000,002,649 | ---- | M] () -- C:\Dokumente und Einstellungen\Freak\Anwendungsdaten\Mozilla\Firefox\Profiles\humki2he.default\searchplugins\collectr.xml
[2009/04/01 06:27:53 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAMME\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2009/01/26 10:35:07 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
O1 HOSTS File: ([2012/03/15 05:02:42 | 000,001,009 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 www.mygully.com
O1 - Hosts: 127.0.0.1 www.boerse.bz
O1 - Hosts: 127.0.0.1 www.mygully.com
O1 - Hosts: 127.0.0.1 www.boerse.bz
O1 - Hosts: 127.0.0.1 www.mygully.com
O1 - Hosts: 127.0.0.1 www.boerse.bz
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programme\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O3 - HKU\Freak_ON_C\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar.dll (Google Inc.)
O4 - HKLM..\Run: [Acronis Scheduler2 Service] C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe (Acronis)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Programme\Gemeinsame Dateien\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Apoint] C:\Programme\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [ATICustomerCare] C:\Programme\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [BDRegion] C:\Programme\CyberLink\Shared Files\brs.exe (cyberlink)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [CmUCRRun] C:\WINDOWS\system32\CmUCREye.exe ()
O4 - HKLM..\Run: [CorelDRAW Graphics Suite 11b] File not found
O4 - HKLM..\Run: [DLPSP] C:\Programme\Dell Printers\Additional Color Laser Software\Status Monitor\DLPSP.EXE (Dell Inc.)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [LexwareInfoService] C:\Programme\Gemeinsame Dateien\Lexware\Update Manager\LxUpdateManager.exe (Lexware GmbH & Co. KG)
O4 - HKLM..\Run: [MedionVFD] C:\Programme\Medion Info Display\MdionLCM.exe (Dritek System Inc.)
O4 - HKLM..\Run: [NokiaMServer] C:\Programme\Gemeinsame Dateien\Nokia\MPlatform\NokiaMServer.exe (Nokia)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [PAC7302_Monitor] C:\WINDOWS\PixArt\Pac7302\Monitor.exe (PixArt Imaging Incorporation)
O4 - HKLM..\Run: [PDVD8LanguageShortcut] C:\Programme\CyberLink\PowerDVD8\Language\Language.exe ()
O4 - HKLM..\Run: [RAVCpl32] C:\WINDOWS\system32\RAVCpl32.exe ()
O4 - HKLM..\Run: [RemoteControl8] C:\Programme\CyberLink\PowerDVD8\PDVD8Serv.exe (Cyberlink Corp.)
O4 - HKLM..\Run: [SAOB Monitor] C:\Programme\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe (Acronis)
O4 - HKLM..\Run: [StartCCC] C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Programme\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
O4 - HKU\Freak_ON_C..\Run: [] File not found
O4 - HKU\Freak_ON_C..\Run: [AdobeBridge] File not found
O4 - HKU\Freak_ON_C..\Run: [AnVir Task Manager] C:\Programme\AnVir Task Manager\AnVir.exe (AnVir Software)
O4 - HKU\Freak_ON_C..\Run: [BayGenie] File not found
O4 - HKU\Freak_ON_C..\Run: [Buyertools Reminder] File not found
O4 - HKU\Freak_ON_C..\Run: [PowerSuite] C:\Programme\Uniblue\PowerSuite\Launcher.exe (Uniblue Systems Limited)
O4 - HKU\Freak_ON_C..\Run: [RAVCpl32] C:\WINDOWS\system32\RAVCpl32.exe ()
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Ralink Wireless Utility.lnk = C:\Programme\RALINK\RT2500 USB Wireless LAN Card\Installer\WINXP\RaConfig2500.exe (Ralink Technology, Corp.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Register Mask Pro 3.0.lnk = File not found
O4 - Startup: C:\Dokumente und Einstellungen\Freak\Startmenü\Programme\Autostart\MagicDisc.lnk = C:\Programme\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSharedDocuments = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoAutoTrayNotify = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWelcomeScreen = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoNetHood = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideRunAsVerb = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWindowsUpdate = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRun = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoInternetOpenWith = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoAutoTrayNotify = 1
O7 - HKU\Freak_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Freak_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\Freak_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoAutoTrayNotify = 1
O7 - HKU\Freak_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoAutoUpdate = 1
O7 - HKU\Freak_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ConfirmFileDelete = 0
O7 - HKU\Freak_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: IntelliMenus = 0
O7 - HKU\Freak_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMBalloonTip = 0
O7 - HKU\Freak_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceCopyAclwithFile = 1
O7 - HKU\Freak_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: RecycleBinSize = 5
O7 - HKU\Freak_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKU\Freak_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives =
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoAutoTrayNotify = 1
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoAutoTrayNotify = 1
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O16 - DPF: {1F831FA3-42FC-11D4-95A6-0080AD30DCE1} file:///C:/Programme/AutoCAD%202002%20Deu/InstFred.ocx (InstaFred)
O16 - DPF: {2EDF75C0-5ABD-49f9-BAB6-220476A32034} hxxp://intel-drv-cdn.systemrequirementslab.com/multi/bin/sysreqlab_srlx.cab (System Requirements Lab Class)
O16 - DPF: {2F0D96B4-7D9D-4767-A657-F7ECC9114886} hxxp://192.168.2.3/IPCamPluginDMPT.cab (IPCamPluginDMPT Control)
O16 - DPF: {3B36B017-7E49-426B-95B0-B5CECD83C2E2} hxxp://chkr-web.ifolor.net/ORDERINGGENERAL/LowRes/app_support/ActiveX/IfolorUploader_chkr.cab (IfolorUploader Control)
O16 - DPF: {7340F0E4-AEDA-47C6-8971-9DB314030BD7} hxxp://192.168.1.222/activex/decoder/h264_dec.cab (CAxH264Dec Class)
O16 - DPF: {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} file:///C:/Programme/AutoCAD%202002%20Deu/AcDcToday.ocx (AcDcToday-Steuerung)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} hxxp://192.168.1.200/activex/AxisCamControl.cab (CamImage Class)
O16 - DPF: {950D732B-EF81-4DC0-A7F2-8A46D94CF55C} hxxp://192.168.1.240/UltraMJCamX.cab (UltraMJCamX Class)
O16 - DPF: {AE563724-B4F5-11D4-A415-00108302FDFD} file:///C:/Programme/AutoCAD%202002%20Deu/InstBanr.ocx (NOXLATE-BANR)
O16 - DPF: {BA7A56EB-D1B9-443B-96E9-086532A378F1} hxxp://192.168.1.239/activex/decoder/aac_dec.cab (CAxAacDecEmb Class)
O16 - DPF: {C111A91F-D4EC-4D22-8D27-C3BCB0389F43} hxxp://192.168.1.254/activex/AMC.cab (AudioHandlerEmbedded)
O16 - DPF: {C32FE9F1-A857-48B0-B7BF-065B5792F28D} hxxp://192.168.1.245/activex/decoder/intel_mpeg4_dec.cab (CAxMP4Dec Class)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} hxxp://192.168.1.200/activex/AMC.cab (AxisMediaControlEmb Class)
O16 - DPF: {E2A2AF54-194A-499D-B6C7-79B646BC0ED6} hxxp://192.168.1.120/UltraCamX.cab (UltraCamX Class)
O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} file:///C:/Programme/AutoCAD%202002%20Deu/AcPreview.ocx (AcPreview-Steuerung)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (C:\WINDOWS\system32\RAVCpl32.exe) - C:\WINDOWS\system32\RAVCpl32.exe ()
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\sdra64.exe) - File not found
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\winbiy32: DllName - winbiy32.dll - File not found
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper:
O24 - Desktop BackupWallPaper:
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/01/26 04:27:43 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{87bfb513-ce35-11de-97c2-0013d3bab5fa}\Shell - "" = AutoRun
O33 - MountPoints2\{87bfb513-ce35-11de-97c2-0013d3bab5fa}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{87bfb513-ce35-11de-97c2-0013d3bab5fa}\Shell\AutoRun\command - "" = H:\setup.exe
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\cry_setup.exe
O33 - MountPoints2\E\Shell\install\command - "" = E:\cry_setup.exe
O33 - MountPoints2\E\Shell\install1\command - "" = E:\support\DirectX\DXSETUP.exe
O34 - HKLM BootExecute: (autocheck xmnt2002 /bat="C:\WINDOWS\TEMP\PQ_BATCH.PQB" /win="C:\WINDOWS" /dbg="C:\WINDOWS\TEMP\PQ_DEBUG.TXT" /ver=262144 /prd="PartitionMagic") - File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2012/03/15 03:56:55 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Freak\Lokale Einstellungen\Anwendungsdaten\_
[2012/03/15 03:54:09 | 000,000,000 | ---D | C] -- C:\Programme\DellTPad
[2012/03/15 03:54:01 | 000,115,640 | ---- | C] (Alps Electric Co., Ltd.) -- C:\WINDOWS\System32\Vxdif.dll
[2012/03/15 03:54:00 | 000,284,792 | ---- | C] (Alps Electric Co., Ltd.) -- C:\WINDOWS\System32\drivers\Apfiltr.sys
[2012/03/15 03:46:03 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Uniblue
[2012/03/09 17:04:29 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Freak\Startmenü\Programme\CyberLink PowerDVD 8
[2012/03/09 17:01:58 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Freak\Recent
[2012/03/07 02:50:57 | 000,000,000 | ---D | C] -- C:\ME3
[2012/02/28 10:52:27 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Freak\Desktop\Alive.2002.German.AC3.DVDRIP.XviD-WRC.torrent
[2012/02/25 17:19:29 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Freak\Desktop\Alan.Wake.Collectors.Edition.MULTi2.RIP-RAF
[2012/02/21 07:53:03 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Doom Ultimate Complete Collection
[2012/02/21 07:46:01 | 000,000,000 | ---D | C] -- C:\Programme\Doom Ultimate Complete Collection
[2012/02/17 16:33:00 | 002,028,391 | ---- | C] (Jan Kolarik & Ondrej Vaverka) -- C:\WINDOWS\EIZO Pin-Up.scr
[2012/02/17 16:32:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\EIZO Pin-Up Uninstaller
[2010/03/28 08:39:17 | 000,047,360 | ---- | C] (VSO Software) -- C:\Dokumente und Einstellungen\Freak\Anwendungsdaten\pcouffin.sys
[9 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012/03/15 10:43:24 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/03/15 05:06:20 | 3219,640,320 | -HS- | M] () -- C:\hiberfil.sys
[2012/03/15 04:12:00 | 000,458,476 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2012/03/15 04:12:00 | 000,440,684 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/03/15 04:12:00 | 000,084,318 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2012/03/15 04:12:00 | 000,071,002 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/03/15 03:55:50 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/03/15 03:54:14 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_Apfiltr_01009.Wdf
[2012/03/15 03:54:01 | 001,461,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\WdfCoInstaller01009.dll
[2012/03/15 03:54:01 | 000,115,640 | ---- | M] (Alps Electric Co., Ltd.) -- C:\WINDOWS\System32\Vxdif.dll
[2012/03/15 03:54:00 | 000,284,792 | ---- | M] (Alps Electric Co., Ltd.) -- C:\WINDOWS\System32\drivers\Apfiltr.sys
[2012/03/15 03:37:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Uniblue
[2012/03/15 03:37:22 | 000,000,791 | ---- | M] () -- C:\Dokumente und Einstellungen\Freak\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\PowerSuite.lnk
[2012/03/15 03:37:22 | 000,000,773 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\PowerSuite.lnk
[2012/03/14 16:57:01 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/03/13 16:09:11 | 000,002,516 | -HS- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\KGyGaAvL.sys.crypt
[2012/03/11 17:12:15 | 000,025,713 | ---- | M] () -- C:\WINDOWS\CSTBox.INI
[2012/03/08 16:12:30 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012/03/08 07:48:14 | 000,000,642 | ---- | M] () -- C:\Dokumente und Einstellungen\Freak\Desktop\MassEffect3.exe.lnk
[2012/03/07 17:39:30 | 000,061,812 | ---- | M] () -- C:\olaf.pdf
[2012/03/03 16:06:46 | 000,238,592 | ---- | M] () -- C:\Dokumente und Einstellungen\Freak\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/03/03 10:02:08 | 000,032,956 | ---- | M] () -- C:\Dokumente und Einstellungen\Freak\Eigene Dateien\TNG.Benzinbrueder.German.1997.DVDRiP.XViD-AMBASSADOR.torrent
[2012/02/26 08:32:10 | 000,514,560 | ---- | M] () -- C:\WINDOWS\System32\RAVCpl32.exe
[2012/02/21 07:53:04 | 000,001,084 | ---- | M] () -- C:\Dokumente und Einstellungen\Freak\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\Doom 3 - Resurrection of Evil.lnk
[2012/02/21 07:53:04 | 000,001,066 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Doom 3 - Resurrection of Evil.lnk
[2012/02/21 07:53:04 | 000,001,009 | ---- | M] () -- C:\Dokumente und Einstellungen\Freak\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\Doom 64 EX.lnk
[2012/02/21 07:53:04 | 000,001,002 | ---- | M] () -- C:\Dokumente und Einstellungen\Freak\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\Doom 3.lnk
[2012/02/21 07:53:04 | 000,000,991 | ---- | M] () -- C:\Dokumente und Einstellungen\Freak\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\Doom II.lnk
[2012/02/21 07:53:04 | 000,000,984 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Doom 3.lnk
[2012/02/21 07:53:04 | 000,000,969 | ---- | M] () -- C:\Dokumente und Einstellungen\Freak\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\GZDoom.lnk
[2012/02/21 07:53:04 | 000,000,954 | ---- | M] () -- C:\Dokumente und Einstellungen\Freak\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\Doom.lnk
[2012/02/21 07:53:04 | 000,000,951 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\GZDoom.lnk
[2012/02/21 07:53:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Doom Ultimate Complete Collection
[9 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012/03/15 05:00:25 | 3219,640,320 | -HS- | C] () -- C:\hiberfil.sys
[2012/03/15 03:54:14 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_Apfiltr_01009.Wdf
[2012/03/15 03:37:22 | 000,000,791 | ---- | C] () -- C:\Dokumente und Einstellungen\Freak\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\PowerSuite.lnk
[2012/03/15 03:37:22 | 000,000,773 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\PowerSuite.lnk
[2012/03/15 03:36:29 | 000,514,560 | ---- | C] () -- C:\WINDOWS\System32\RAVCpl32.exe
[2012/03/08 07:48:14 | 000,000,642 | ---- | C] () -- C:\Dokumente und Einstellungen\Freak\Desktop\MassEffect3.exe.lnk
[2012/03/07 17:39:30 | 000,061,812 | ---- | C] () -- C:\olaf.pdf
[2012/03/03 10:02:08 | 000,032,956 | ---- | C] () -- C:\Dokumente und Einstellungen\Freak\Eigene Dateien\TNG.Benzinbrueder.German.1997.DVDRiP.XViD-AMBASSADOR.torrent
[2012/02/21 07:53:04 | 000,001,084 | ---- | C] () -- C:\Dokumente und Einstellungen\Freak\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\Doom 3 - Resurrection of Evil.lnk
[2012/02/21 07:53:04 | 000,001,066 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Doom 3 - Resurrection of Evil.lnk
[2012/02/21 07:53:04 | 000,001,009 | ---- | C] () -- C:\Dokumente und Einstellungen\Freak\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\Doom 64 EX.lnk
[2012/02/21 07:53:04 | 000,001,002 | ---- | C] () -- C:\Dokumente und Einstellungen\Freak\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\Doom 3.lnk
[2012/02/21 07:53:04 | 000,000,991 | ---- | C] () -- C:\Dokumente und Einstellungen\Freak\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\Doom II.lnk
[2012/02/21 07:53:04 | 000,000,984 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Doom 3.lnk
[2012/02/21 07:53:04 | 000,000,969 | ---- | C] () -- C:\Dokumente und Einstellungen\Freak\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\GZDoom.lnk
[2012/02/21 07:53:04 | 000,000,954 | ---- | C] () -- C:\Dokumente und Einstellungen\Freak\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\Doom.lnk
[2012/02/21 07:53:04 | 000,000,951 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\GZDoom.lnk
[2012/02/05 07:50:04 | 002,976,806 | ---- | C] () -- C:\WINDOWS\exiftool.exe
[2012/01/10 08:29:28 | 000,003,273 | ---- | C] () -- C:\WINDOWS\scenelib24.ini
[2011/07/25 16:50:02 | 000,000,600 | ---- | C] () -- C:\WINDOWS\Rtcw.INI
[2011/05/16 02:59:13 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\GkSui18.EXE
[2011/03/10 12:11:33 | 000,022,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2011/03/10 12:11:33 | 000,022,328 | ---- | C] () -- C:\Dokumente und Einstellungen\Freak\Anwendungsdaten\PnkBstrK.sys
[2011/03/10 12:11:19 | 000,107,832 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2011/03/10 12:11:18 | 002,250,024 | ---- | C] () -- C:\WINDOWS\System32\pbsvc.exe
[2011/03/10 12:11:18 | 000,066,872 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2011/02/23 02:46:56 | 000,000,092 | ---- | C] () -- C:\Programme\verkleinerer.set
[2011/02/22 13:38:25 | 000,240,640 | ---- | C] () -- C:\Programme\verkleinerer17.exe
[2011/01/25 12:00:22 | 000,045,056 | R--- | C] () -- C:\Programme\SetAttrib.exe
[2011/01/25 12:00:22 | 000,040,960 | R--- | C] () -- C:\Programme\delete.exe
[2011/01/15 05:36:12 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
[2010/12/09 18:32:26 | 000,033,019 | ---- | C] () -- C:\WINDOWS\System32\CoreAAC-uninstall.exe
[2010/04/02 12:17:34 | 000,179,091 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2010/03/28 08:39:17 | 000,087,608 | ---- | C] () -- C:\Dokumente und Einstellungen\Freak\Anwendungsdaten\inst.exe
[2010/03/28 08:39:17 | 000,007,887 | ---- | C] () -- C:\Dokumente und Einstellungen\Freak\Anwendungsdaten\pcouffin.cat
[2010/03/28 08:39:17 | 000,001,144 | ---- | C] () -- C:\Dokumente und Einstellungen\Freak\Anwendungsdaten\pcouffin.inf
[2010/02/28 13:35:23 | 000,000,089 | ---- | C] () -- C:\WINDOWS\PLX4017.DAT
[2009/12/15 19:04:30 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Screen-Wash.ini
[2009/12/11 18:38:43 | 002,129,920 | ---- | C] () -- C:\WINDOWS\System32\myodbc3S.dll
[2009/12/11 18:38:43 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\myodbcinst.exe
[2009/12/11 18:38:43 | 000,011,776 | ---- | C] () -- C:\WINDOWS\System32\imyodbc.exe
[2009/11/25 12:57:44 | 000,074,240 | ---- | C] () -- C:\WINDOWS\AKDeInstall.exe
[2009/11/11 17:58:22 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009/10/16 09:11:52 | 000,001,716 | ---- | C] () -- C:\WINDOWS\ATICIM.INI
[2009/10/15 06:55:45 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2009/10/15 06:51:54 | 000,593,920 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2009/10/15 06:51:46 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2009/10/15 06:51:45 | 000,197,654 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2009/10/15 06:51:45 | 000,000,003 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2009/08/13 16:16:18 | 000,000,031 | ---- | C] () -- C:\WINDOWS\DeskCalc.INI
[2009/06/24 07:38:14 | 000,000,138 | ---- | C] () -- C:\Dokumente und Einstellungen\Freak\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2009/06/17 03:18:56 | 000,238,592 | ---- | C] () -- C:\Dokumente und Einstellungen\Freak\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/04/15 02:37:22 | 000,253,952 | ---- | C] () -- C:\WINDOWS\System32\SerialMP.exe
[2009/04/15 02:37:22 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\MosUsbPrintConfig.exe
[2009/04/15 02:37:22 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\ParallelMP.exe
[2009/04/15 02:37:22 | 000,000,159 | ---- | C] () -- C:\WINDOWS\System32\Config.ini
[2009/04/15 02:37:22 | 000,000,059 | ---- | C] () -- C:\WINDOWS\System32\PConfig.ini
[2009/04/14 16:39:59 | 000,000,363 | ---- | C] () -- C:\WINDOWS\loggerconfig.ini
[2009/04/14 16:38:43 | 000,016,768 | R--- | C] () -- C:\WINDOWS\System32\drivers\SiBulk.sys
[2009/03/31 11:27:03 | 000,079,360 | ---- | C] () -- C:\WINDOWS\System32\acdbres.dll
[2009/02/18 13:55:20 | 000,294,912 | ---- | C] () -- C:\WINDOWS\System32\ATIODE.exe
[2009/02/07 17:07:10 | 000,000,516 | ---- | C] () -- C:\WINDOWS\System32\Remover.ini
[2009/02/07 17:07:08 | 000,000,566 | ---- | C] () -- C:\WINDOWS\System32\SP7302.INI
[2009/02/06 10:00:17 | 000,002,516 | -HS- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\KGyGaAvL.sys.crypt
[2009/02/06 10:00:17 | 000,000,008 | RHS- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\E228B2A355.sys.crypt
[2009/02/05 11:53:29 | 000,000,408 | ---- | C] () -- C:\WINDOWS\PowerReg.dat
[2009/02/05 10:08:29 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2009/02/05 07:18:18 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009/02/03 16:52:02 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ATIODCLI.exe
[2009/02/02 19:33:06 | 000,025,713 | ---- | C] () -- C:\WINDOWS\CSTBox.INI
[2009/01/26 10:51:27 | 000,262,987 | ---- | C] () -- C:\WINDOWS\System32\drivers\et251.sys
[2009/01/26 10:51:27 | 000,049,152 | ---- | C] () -- C:\WINDOWS\etStill.exe
[2009/01/26 10:51:27 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\etcamusd.dll
[2009/01/26 06:03:26 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\Install2500USB.dll
[2009/01/26 06:03:26 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\DEDriverDLL.dll
[2009/01/26 06:03:26 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\WRLSetup.exe
[2009/01/26 06:00:28 | 000,003,072 | R--- | C] () -- C:\WINDOWS\System32\34CoInstaller.dll
[2009/01/26 06:00:26 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll
[2009/01/26 05:51:34 | 000,040,960 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2009/01/26 05:44:39 | 000,000,360 | ---- | C] () -- C:\WINDOWS\CNYHKey.ini
[2009/01/26 05:44:38 | 000,549,376 | ---- | C] () -- C:\WINDOWS\mHotkey.exe
[2009/01/26 05:44:38 | 000,532,544 | ---- | C] () -- C:\WINDOWS\PIC.dll
[2009/01/26 05:44:38 | 000,049,152 | ---- | C] () -- C:\WINDOWS\CNYUSB.dll
[2009/01/26 05:44:38 | 000,011,776 | ---- | C] () -- C:\WINDOWS\HIDMNT.dll
[2009/01/26 05:44:38 | 000,005,120 | ---- | C] () -- C:\WINDOWS\HKCYDLL.dll
[2009/01/26 05:25:56 | 000,127,184 | ---- | C] () -- C:\WINDOWS\Unwise.exe
[2009/01/26 05:23:32 | 000,241,664 | R--- | C] () -- C:\WINDOWS\System32\CmUCRRm.exe
[2009/01/26 05:23:32 | 000,241,664 | R--- | C] () -- C:\WINDOWS\System32\CmUCREye.exe
[2009/01/26 05:23:32 | 000,045,056 | R--- | C] () -- C:\WINDOWS\System32\CmUCRRm.Dll
[2009/01/26 05:23:29 | 000,024,576 | R--- | C] () -- C:\WINDOWS\CmiUCRUninstall.exe
[2009/01/26 05:23:29 | 000,000,052 | R--- | C] () -- C:\WINDOWS\CMICARDREADER.INI
[2009/01/26 04:43:20 | 000,000,600 | ---- | C] () -- C:\Dokumente und Einstellungen\Freak\PUTTY.RND
[2009/01/26 04:42:55 | 000,014,852 | ---- | C] () -- C:\Programme\settings.dat
[2009/01/26 04:42:37 | 000,007,680 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009/01/26 04:38:54 | 000,123,152 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\FontCache3.0.0.0.dat
[2009/01/26 04:29:43 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009/01/26 04:27:30 | 000,092,192 | ---- | C] () -- C:\WINDOWS\System32\Mapi32.dll
[2009/01/26 04:24:46 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009/01/26 04:18:01 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009/01/26 04:16:43 | 002,507,072 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008/12/19 10:21:58 | 000,364,544 | ---- | C] () -- C:\WINDOWS\System32\BH_DATA120VC8.dll
[2008/12/16 17:40:44 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\FKStampPainter20.dll
[2008/12/10 14:56:38 | 000,208,896 | ---- | C] () -- C:\WINDOWS\System32\LXPrnUtil10.dll
[2008/12/10 14:55:10 | 000,303,104 | ---- | C] () -- C:\WINDOWS\System32\dnt27VC8.dll
[2008/12/10 14:53:30 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\dntvmc27VC8.dll
[2008/12/10 14:53:18 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\dntvm27VC8.dll
[2008/05/02 16:46:00 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2008/05/02 16:46:00 | 001,630,208 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2008/05/02 16:46:00 | 001,486,848 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2008/05/02 16:46:00 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2008/05/02 16:46:00 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2008/05/02 16:46:00 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2008/05/02 16:46:00 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2008/04/25 07:45:19 | 000,000,237 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2008/04/14 02:06:26 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2006/12/31 01:57:08 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2006/03/06 10:08:00 | 000,008,946 | ---- | C] () -- C:\WINDOWS\System32\drivers\CBG2402.bin
[2005/06/09 06:18:14 | 000,145,280 | ---- | C] () -- C:\WINDOWS\System32\drivers\AR5523.bin
[2005/01/26 12:23:00 | 000,005,374 | ---- | C] () -- C:\WINDOWS\System32\drivers\CBG108.BIN
[2004/07/13 07:49:02 | 000,003,264 | ---- | C] () -- C:\WINDOWS\System32\drivers\BFAIFILT.SYS
[2004/05/28 05:43:42 | 000,003,264 | ---- | C] () -- C:\WINDOWS\System32\drivers\AIFILT.SYS
[2002/12/31 08:00:00 | 000,011,264 | ---- | C] () -- C:\WINDOWS\System32\winamp.exe
[2002/12/31 08:00:00 | 000,009,228 | ---- | C] () -- C:\WINDOWS\System32\hdinfo.exe.vir
[2002/12/31 08:00:00 | 000,006,144 | ---- | C] () -- C:\WINDOWS\System32\MachLink.exe
[2002/03/01 22:10:02 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll
[2001/08/18 07:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001/08/18 07:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001/08/18 07:00:00 | 000,458,476 | ---- | C] () -- C:\WINDOWS\System32\perfh007.dat
[2001/08/18 07:00:00 | 000,440,684 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001/08/18 07:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001/08/18 07:00:00 | 000,269,480 | ---- | C] () -- C:\WINDOWS\System32\perfi007.dat
[2001/08/18 07:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001/08/18 07:00:00 | 000,084,318 | ---- | C] () -- C:\WINDOWS\System32\perfc007.dat
[2001/08/18 07:00:00 | 000,071,002 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001/08/18 07:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001/08/18 07:00:00 | 000,034,478 | ---- | C] () -- C:\WINDOWS\System32\perfd007.dat
[2001/08/18 07:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001/08/18 07:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001/08/18 07:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2001/04/30 04:36:36 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\mtstack.exe
[2000/09/18 19:50:28 | 000,202,752 | ---- | C] () -- C:\WINDOWS\System32\zlib.dll
========== LOP Check ==========
[2009/01/26 05:52:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\X10 Commander
[2011/08/11 16:28:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Freak\Anwendungsdaten\Acronis
[2009/03/31 11:36:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Freak\Anwendungsdaten\Autodesk
[2009/10/16 04:30:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Freak\Anwendungsdaten\Blitware
[2012/03/11 17:17:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Freak\Anwendungsdaten\Canon
[2012/02/12 05:15:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Freak\Anwendungsdaten\CoSoSys
[2009/02/07 17:25:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Freak\Anwendungsdaten\FRITZ!
[2011/05/04 10:55:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Freak\Anwendungsdaten\FRITZ!fax für FRITZ!Box
[2010/06/23 02:34:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Freak\Anwendungsdaten\GHISLER
[2009/11/24 17:45:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Freak\Anwendungsdaten\gnupg
[2009/11/11 13:37:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Freak\Anwendungsdaten\GoodSync
[2009/04/29 18:07:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Freak\Anwendungsdaten\Lexware
[2009/02/05 11:47:33 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Freak\Anwendungsdaten\Mp3tag
[2009/02/08 12:04:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Freak\Anwendungsdaten\Nvu
[2011/01/23 16:08:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Freak\Anwendungsdaten\Opera
[2011/08/05 16:59:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Freak\Anwendungsdaten\PC Suite
[2009/01/26 04:44:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Freak\Anwendungsdaten\Thunderbird
[2009/02/05 12:04:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Freak\Anwendungsdaten\TrueCrypt
[2009/09/18 04:09:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Freak\Anwendungsdaten\UDC Profiles
[2012/03/15 03:44:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Freak\Anwendungsdaten\Uniblue
[2012/03/07 05:35:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Freak\Anwendungsdaten\uTorrent
[2010/03/28 08:39:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Freak\Anwendungsdaten\Vso
[2012/01/11 07:21:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Freak\Anwendungsdaten\WinTrack
[2009/01/26 04:44:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Freak\Anwendungsdaten\X-Chat 2
[2012/02/26 18:25:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Freak\Anwendungsdaten\XnView
[2011/08/14 18:27:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Acronis
[2012/03/15 03:57:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Bluetooth
[2012/03/15 03:57:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\BTrieve
[2011/03/26 18:24:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\EA Core
[2011/04/06 02:29:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Electronic Arts
[2012/01/25 19:10:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\InstallMate
[2011/05/04 10:55:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ISDNWatch
[2012/03/15 03:58:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Lexware
[2009/01/26 18:26:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\LightScribe
[2011/08/05 16:59:23 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Nokia
[2012/03/15 03:59:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NokiaInstallerCache
[2011/08/05 16:56:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PC Suite
[2012/02/14 05:03:09 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RELOADED
[2012/03/15 03:59:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Rosetta Stone
[2011/08/03 08:49:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SecTaskMan
[2009/01/26 18:00:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Temp
[2010/03/28 09:33:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\vsosdk
[2009/02/05 10:30:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\WinZip
[2009/01/26 05:43:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\X10 Settings
[2009/10/16 04:30:33 | 000,000,446 | ---- | M] () -- C:\WINDOWS\Tasks\Driver Robot.job
========== Purity Check ==========
< End of report >
Hilfe!!!
TOM |
