| charly883 | 05.06.2012 21:09 |
Laptop streikt, Weißer Bildschirm,Trojaner?
Hallo
Brauche Hilfe.
Sofort nach dem Hochfahren erscheint ein weißer Bildschirm mit der Meldung
Bitte warten sie während die Verbindung hergestellt wird
Nichts geht mehr.Taskmanager wurde blockiert. Im abgesicherten Modus ist plötzlich ein Admin eingetragen als Benutzer, den ich natürlich ohne Passwort nicht öffnen kann, und wenn ich auf meinen Namen klicke, kommt der weiße Bildschirm. Bin am verzweifeln. :headbang:
Laptop Asus AMD Turion 64
Windows XP SP3
Danke schon mal im vorraus.
Hab mich etwas belesen mit dem Thema. Scheint in letzter Zeit häufig vorzukommen. Bin leider Laie was dieses Gebiet angeht und kann mit OTLExtra usw. nichts anfangen :-(
Hab jetzt mal OTL-Text erstellt. Brauche dringend Hilfe. Bitte :-(OTL Logfile: Code:
OTL logfile created on: 6/6/2012 6:03:11 PM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1,023.00 Mb Total Physical Memory | 820.00 Mb Available Physical Memory | 80.00% Memory free
907.00 Mb Paging File | 852.00 Mb Available in Paging File | 94.00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 66.03 Gb Total Space | 11.79 Gb Free Space | 17.85% Space Free | Partition Type: NTFS
Drive D: | 43.88 Gb Total Space | 34.18 Gb Free Space | 77.88% Space Free | Partition Type: FAT32
Drive E: | 7.45 Gb Total Space | 7.25 Gb Free Space | 97.40% Space Free | Partition Type: FAT32
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
========== Win32 Services (SafeList) ==========
SRV - File not found [Auto] -- -- (asurscsi)
SRV - [2012/05/04 14:12:22 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/04/24 23:32:04 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/02/16 10:02:22 | 000,087,368 | ---- | M] (Nero AG) [Auto] -- C:\Programme\Motorola Media Link\Lite\NServiceEntry.exe -- (DeviceMonitorService)
SRV - [2012/02/01 17:55:58 | 000,214,896 | ---- | M] () [Auto] -- C:\Programme\Motorola\MotoHelper\MotoHelperService.exe -- (MotoHelper)
SRV - [2012/01/04 08:32:36 | 000,718,888 | ---- | M] (Nokia) [On_Demand] -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2011/11/09 15:05:42 | 002,420,616 | ---- | M] (Check Point Software Technologies LTD) [Auto] -- C:\Programme\CheckPoint\ZoneAlarm\vsmon.exe -- (vsmon)
SRV - [2011/11/03 10:44:28 | 000,497,280 | ---- | M] (Check Point Software Technologies) [Auto] -- C:\Programme\CheckPoint\ZAForceField\IswSvc.exe -- (IswSvc)
SRV - [2011/08/09 15:37:34 | 000,136,360 | ---- | M] (Avira GmbH) [Auto] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011/08/09 15:37:32 | 000,269,480 | ---- | M] (Avira GmbH) [Auto] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011/05/24 12:41:14 | 000,604,488 | ---- | M] (TuneUp Software) [Auto] -- C:\WINDOWS\system32\TUProgSt.exe -- (TuneUp.ProgramStatisticsSvc)
SRV - [2011/05/24 12:41:08 | 000,361,288 | ---- | M] (TuneUp Software) [On_Demand] -- C:\WINDOWS\system32\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2011/03/06 10:48:50 | 000,145,504 | ---- | M] (B.H.A Corporation) [Auto] -- C:\WINDOWS\System32\bgsvcgen.exe -- (bgsvcgen)
SRV - [2011/02/19 11:22:20 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand] -- C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009/11/16 07:25:48 | 000,029,000 | ---- | M] (TuneUp Software) [Auto] -- C:\WINDOWS\system32\uxtuneup.dll -- (UxTuneUp)
SRV - [2008/01/22 06:13:26 | 000,275,752 | ---- | M] (Nero AG) [On_Demand] -- C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService)
SRV - [2006/07/30 20:02:00 | 000,370,756 | R--- | M] (AVM Berlin) [Auto] -- C:\Programme\avmwlanstick\WLanNetService.exe -- (AVM WLAN Connection Service)
SRV - [2003/07/28 07:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand] -- -- (VcommMgr)
DRV - File not found [Kernel | On_Demand] -- -- (VComm)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | System] -- -- (i2omgmt)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - File not found [Kernel | On_Demand] -- -- (BTWUSB)
DRV - File not found [Kernel | On_Demand] -- -- (btwhid)
DRV - File not found [Kernel | On_Demand] -- -- (BTWDNDIS)
DRV - File not found [Kernel | Boot] -- -- (BTHidMgr)
DRV - File not found [Kernel | Boot] -- -- (BTHidEnum)
DRV - File not found [Kernel | On_Demand] -- -- (BTDriver)
DRV - File not found [Kernel | On_Demand] -- -- (Btcsrusb)
DRV - File not found [Kernel | On_Demand] -- -- (btaudio)
DRV - File not found [Kernel | On_Demand] -- -- (BT)
DRV - File not found [Kernel | On_Demand] -- -- (BlueletSCOAudio)
DRV - File not found [Kernel | On_Demand] -- -- (BlueletAudio)
DRV - [2011/11/09 15:01:38 | 000,525,840 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System] -- C:\WINDOWS\system32\vsdatant.sys -- (Vsdatant)
DRV - [2011/11/03 10:44:20 | 000,027,016 | ---- | M] (Check Point Software Technologies) [Kernel | Auto] -- C:\Programme\CheckPoint\ZAForceField\ISWKL.sys -- (ISWKL)
DRV - [2011/11/01 05:07:26 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2011/11/01 05:07:26 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2011/11/01 05:07:26 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2011/11/01 05:07:24 | 000,137,600 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2011/11/01 05:07:24 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2011/11/01 05:07:24 | 000,008,576 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc)
DRV - [2011/08/09 15:37:34 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2011/08/09 15:37:34 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011/03/06 10:48:50 | 000,033,408 | ---- | M] (B.H.A Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\CDRBSDRV.SYS -- (cdrbsdrv)
DRV - [2011/02/18 14:45:07 | 000,015,781 | ---- | M] (Meetinghouse Data Communications) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\mdc8021x.sys -- (MDC8021X) AEGIS Protocol (IEEE 802.1x)
DRV - [2009/05/11 06:49:19 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\Programme\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2009/05/11 04:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2008/09/24 05:40:22 | 004,122,368 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2008/08/26 04:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008/04/13 14:46:22 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\MPE.sys -- (MPE)
DRV - [2006/07/30 20:02:00 | 000,264,704 | R--- | M] (AVM GmbH) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\fwlanusb.sys -- (FWLANUSB)
DRV - [2006/02/02 03:33:00 | 000,846,592 | R--- | M] (Philips Semiconductors GmbH) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\3xHybrid.sys -- (3xHybrid)
DRV - [2005/07/14 07:14:34 | 000,027,904 | ---- | M] (REDC) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\risdptsk.sys -- (risdptsk)
DRV - [2005/07/12 14:00:30 | 000,051,328 | ---- | M] (REDC) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2005/06/22 02:50:50 | 001,034,752 | R--- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2005/06/22 02:50:12 | 000,216,320 | R--- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\HSFHWSIS.sys -- (HSFHWSIS)
DRV - [2005/06/22 02:50:04 | 000,716,416 | R--- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2005/03/09 10:53:00 | 000,043,008 | ---- | M] (Advanced Micro Devices) [Kernel | System] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2005/03/04 06:10:26 | 000,074,496 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys -- (RTL8023xp)
DRV - [2005/02/23 09:58:56 | 000,011,776 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc)
DRV - [2005/02/17 11:07:48 | 000,005,632 | R--- | M] () [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ATKACPI.sys -- (MTsensor)
DRV - [2005/02/11 16:46:22 | 000,371,712 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2002/11/28 10:18:04 | 000,015,360 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ElbyCDFL.sys -- (ElbyCDFL)
DRV - [2002/11/28 06:43:49 | 000,022,016 | ---- | M] (Elaborate Bytes AG) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\ElbyVCD.sys -- (ElbyVCD)
DRV - [2002/09/09 14:54:06 | 000,016,269 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand] -- C:\WINDOWS\system32\ASNDIS5.sys -- (ASNDIS5)
DRV - [2001/08/17 08:51:32 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\irsir.sys -- (irsir)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Charly_ON_C\..\URLSearchHook: {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Programme\ZoneAlarm-Sicherheit\tbZone.dll (Conduit Ltd.)
IE - HKU\Charly_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultthis.engineName: "ZoneAlarm-Sicherheit Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2613550&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.startup.homepage: "hxxp://www.aol.de/"
FF - prefs.js..extensions.enabledItems: {3CE993BF-A3D9-4fd2-B3B6-768CBBC337F8}:0.9.6
FF - prefs.js..extensions.enabledItems: fastdial@telega.phpnet.us:3.4
FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.6.2
FF - prefs.js..extensions.enabledItems: {0545b830-f0aa-4d7e-8820-50a4629a56fe}:4.6.5
FF - prefs.js..extensions.enabledItems: bkmrksync@nokia.com:1.0.0.736
FF - prefs.js..extensions.enabledItems: {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b}:3.3.3.2
FF - prefs.js..extensions.enabledItems: {FFB96CC1-7EB3-449D-B827-DB661701C6BB}:1.5.232.0
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.5
FF - prefs.js..extensions.enabledItems: {446c03e0-2c35-11db-a98b-0800200c9a67}:0.5
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.8.5
FF - prefs.js..keyword.URL: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2613550&q="
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Programme\CheckPoint\ZAForceField\Trustchecker\bin\npFFApi.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Programme\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.7: C:\Programme\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Programme\CheckPoint\ZAForceField\TrustChecker [2012/03/09 12:04:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Programme\Mozilla Firefox\components [2012/04/24 23:32:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2012/04/19 16:32:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\te_9.0@nokia.com: C:\Programme\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_9.0 [2012/02/26 06:10:58 | 000,000,000 | ---D | M]
[2011/02/18 16:02:26 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\mozilla\Extensions
[2012/06/01 10:56:37 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\mozilla\Firefox\Profiles\iuhxuyrl.default\extensions
[2011/12/09 00:20:33 | 000,000,000 | ---D | M] (Forecastfox) -- C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\mozilla\Firefox\Profiles\iuhxuyrl.default\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
[2011/02/20 07:51:29 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\mozilla\Firefox\Profiles\iuhxuyrl.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/02/18 16:03:50 | 000,000,000 | ---D | M] (Forecastbar Enhanced) -- C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\mozilla\Firefox\Profiles\iuhxuyrl.default\extensions\{3CE993BF-A3D9-4fd2-B3B6-768CBBC337F8}
[2011/03/15 17:02:08 | 000,000,000 | ---D | M] (Favicon Picker 3) -- C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\mozilla\Firefox\Profiles\iuhxuyrl.default\extensions\{446c03e0-2c35-11db-a98b-0800200c9a67}
[2011/11/21 16:05:41 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\mozilla\Firefox\Profiles\iuhxuyrl.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012/06/01 10:56:37 | 000,000,000 | ---D | M] (Fast Dial) -- C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\mozilla\Firefox\Profiles\iuhxuyrl.default\extensions\fastdial@telega.phpnet.us
[2011/03/15 17:02:07 | 000,000,000 | ---D | M] (Personas) -- C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\mozilla\Firefox\Profiles\iuhxuyrl.default\extensions\personas@christopher.beard
[2011/01/17 09:41:40 | 000,000,943 | ---- | M] () -- C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\Mozilla\Firefox\Profiles\iuhxuyrl.default\searchplugins\conduit.xml
[2012/01/07 06:49:32 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
File not found (No name found) --
() (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\CHARLY\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\IUHXUYRL.DEFAULT\EXTENSIONS\{0545B830-F0AA-4D7E-8820-50A4629A56FE}.XPI
() (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\CHARLY\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\IUHXUYRL.DEFAULT\EXTENSIONS\{19503E42-CA3C-4C27-B1E2-9CDB2170EE34}.XPI
() (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\CHARLY\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\IUHXUYRL.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2012/04/24 23:32:04 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll
[2011/10/02 23:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\mozilla firefox\plugins\npdeployJava1.dll
[2011/03/17 15:57:30 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Programme\mozilla firefox\plugins\npwachk.dll
[2011/04/26 14:28:33 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011/04/26 14:28:33 | 000,002,252 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml
[2011/04/26 14:28:33 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2011/04/26 14:28:33 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2011/04/26 14:28:33 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2011/04/26 14:28:33 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2011/02/19 11:39:15 | 000,000,853 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 activate.adobe.com
O2 - BHO: (Octh Class) - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Programme\Orbitdownloader\orbitcth.dll (Orbitdownloader.com)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Programme\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Programme\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKLM\..\Toolbar: (ZoneAlarm-Sicherheit Toolbar) - {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Programme\ZoneAlarm-Sicherheit\tbZone.dll (Conduit Ltd.)
O3 - HKU\Charly_ON_C\..\Toolbar\WebBrowser: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Programme\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [AVMWlanClient] C:\Programme\avmwlanstick\WLanGUI.exe (AVM Berlin)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [C0mDiXEtF1yrWmk] C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\TarArchiver.exe (SEIKO EPSON CORP.)
O4 - HKLM..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe ()
O4 - HKLM..\Run: [ISW] C:\Programme\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [ZoneAlarm] C:\Programme\CheckPoint\ZoneAlarm\zatray.exe (Check Point Software Technologies LTD)
O4 - HKU\Charly_ON_C..\Run: [] File not found
O4 - HKU\Charly_ON_C..\Run: [C0mDiXEtF1yrWmk] C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\TarArchiver.exe (SEIKO EPSON CORP.)
O4 - HKU\Charly_ON_C..\Run: [MotoCast] C:\Programme\Motorola Mobility\MotoCast\MotoLauncher.lnk ()
O4 - HKU\Charly_ON_C..\Run: [pl468q4scf] File not found
O4 - HKU\Charly_ON_C..\Run: [TuneUp MemOptimizer] C:\Programme\TuneUp Utilities 2009\MemOptimizer.exe (TuneUp Software GmbH)
O4 - HKU\_ocster_backup__ON_C..\RunOnce: [NeroHomeFirstStart] C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMFirstStart.exe (Nero AG)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\_ocster_backup__ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Charly_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 91 00 00 00 [binary data]
O7 - HKU\Charly_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 1
O7 - HKU\Charly_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O7 - HKU\Charly_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &Download by Orbit - C:\Programme\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: &Grab video by Orbit - C:\Programme\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Do&wnload selected by Orbit - C:\Programme\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Down&load all by Orbit - C:\Programme\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1298063497765 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\TarArchiver.exe) - C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\TarArchiver.exe (SEIKO EPSON CORP.)
O20 - HKLM Winlogon: UserInit - (C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\TarArchiver.exe) - C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\TarArchiver.exe (SEIKO EPSON CORP.)
O20 - HKU\Charly_ON_C Winlogon: Shell - (C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\TarArchiver.exe) - C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\TarArchiver.exe (SEIKO EPSON CORP.)
O20 - HKU\Charly_ON_C Winlogon: UserInit - (C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\TarArchiver.exe) - C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\TarArchiver.exe (SEIKO EPSON CORP.)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper:
O24 - Desktop BackupWallPaper:
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/02/18 13:52:41 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{ab0a0abf-3b91-11e0-9fcb-0018f3c414c9}\Shell - "" = AutoRun
O33 - MountPoints2\{ab0a0abf-3b91-11e0-9fcb-0018f3c414c9}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{ab0a0abf-3b91-11e0-9fcb-0018f3c414c9}\Shell\AutoRun\command - "" = F:\pushinst.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2012/06/05 13:14:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\CSC
[2012/06/05 12:02:09 | 000,000,000 | -HSD | C] -- C:\found.000
[2012/06/04 23:39:17 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Charly\Recent
[2012/06/04 23:35:46 | 000,244,736 | ---- | C] (SEIKO EPSON CORP.) -- C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\TarArchiver.exe
[2012/06/02 04:34:57 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Charly\Desktop\LMMC Fotos 2012
[2012/05/28 05:03:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[2012/05/14 15:16:53 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Charly\Desktop\fotos i
[2012/05/08 15:40:38 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Charly\Desktop\Kochfeld
[2011/02/19 10:16:59 | 000,047,360 | ---- | C] (VSO Software) -- C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\pcouffin.sys
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012/06/05 13:21:15 | 000,453,144 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2012/06/05 13:21:15 | 000,436,354 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/06/05 13:21:15 | 000,081,840 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2012/06/05 13:21:15 | 000,068,866 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/06/05 13:17:16 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/06/05 13:14:46 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/06/05 12:47:00 | 000,000,420 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{7DC1D308-4624-4E67-9311-D118C7E04AA6}.job
[2012/06/05 12:38:42 | 000,000,494 | ---- | M] () -- C:\WINDOWS\tasks\1-Klick-Wartung.job
[2012/06/04 23:35:17 | 000,244,736 | ---- | M] (SEIKO EPSON CORP.) -- C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\TarArchiver.exe
[2012/06/04 23:17:59 | 000,037,106 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2012/06/04 16:12:00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/06/03 23:55:07 | 000,117,248 | ---- | M] () -- C:\Dokumente und Einstellungen\Charly\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/06/03 16:06:08 | 000,002,509 | ---- | M] () -- C:\Dokumente und Einstellungen\Charly\Desktop\Microsoft Office Word 2003.lnk
[2012/06/03 09:24:17 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2012/05/31 09:22:01 | 000,604,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\crypt32.dll
[2012/05/22 15:40:43 | 000,000,029 | ---- | M] () -- C:\WINDOWS\standard.sta
[2012/05/13 03:15:24 | 000,000,772 | ---- | M] () -- C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook starten.lnk
[2012/05/09 21:17:41 | 002,169,472 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/05/09 17:08:12 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012/05/09 16:20:02 | 000,001,355 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2012/02/16 08:38:41 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011/11/13 09:55:43 | 000,003,072 | R--- | C] () -- C:\WINDOWS\System32\34CoInstaller.dll
[2011/11/13 09:55:34 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll
[2011/08/02 12:40:05 | 000,000,069 | ---- | C] () -- C:\WINDOWS\TC.INI
[2011/07/04 15:26:46 | 000,000,043 | ---- | C] () -- C:\WINDOWS\gswin32.ini
[2011/05/05 13:11:41 | 000,187,392 | ---- | C] () -- C:\WINDOWS\LTANN62N.DLL
[2011/05/05 13:11:41 | 000,076,288 | ---- | C] () -- C:\WINDOWS\LTIMG62N.DLL
[2011/05/05 13:11:41 | 000,043,008 | ---- | C] () -- C:\WINDOWS\LTFIL62N.DLL
[2011/05/05 13:11:41 | 000,029,184 | ---- | C] () -- C:\WINDOWS\LTWND62N.DLL
[2011/05/05 13:11:41 | 000,024,064 | ---- | C] () -- C:\WINDOWS\LTTWN62N.DLL
[2011/05/05 13:11:41 | 000,019,968 | ---- | C] () -- C:\WINDOWS\LFWMF62N.DLL
[2011/05/05 13:11:41 | 000,019,456 | ---- | C] () -- C:\WINDOWS\LFWPG62N.DLL
[2011/05/05 13:11:41 | 000,017,408 | ---- | C] () -- C:\WINDOWS\LFWFX62N.DLL
[2011/05/05 13:11:40 | 000,175,616 | ---- | C] () -- C:\WINDOWS\LFFAX62N.DLL
[2011/05/05 13:11:40 | 000,158,720 | ---- | C] () -- C:\WINDOWS\LFCMP62N.DLL
[2011/05/05 13:11:40 | 000,047,616 | ---- | C] () -- C:\WINDOWS\LFTIF62N.DLL
[2011/05/05 13:11:40 | 000,027,136 | ---- | C] () -- C:\WINDOWS\LFLMA62N.DLL
[2011/05/05 13:11:40 | 000,024,576 | ---- | C] () -- C:\WINDOWS\LFICA62N.DLL
[2011/05/05 13:11:40 | 000,023,552 | ---- | C] () -- C:\WINDOWS\LFPCX62N.DLL
[2011/05/05 13:11:40 | 000,023,552 | ---- | C] () -- C:\WINDOWS\LFLMB62N.DLL
[2011/05/05 13:11:40 | 000,022,528 | ---- | C] () -- C:\WINDOWS\LFEPS62N.DLL
[2011/05/05 13:11:40 | 000,022,016 | ---- | C] () -- C:\WINDOWS\LFPCT62N.DLL
[2011/05/05 13:11:40 | 000,022,016 | ---- | C] () -- C:\WINDOWS\LFGIF62N.DLL
[2011/05/05 13:11:40 | 000,022,016 | ---- | C] () -- C:\WINDOWS\LFBMP62N.DLL
[2011/05/05 13:11:40 | 000,020,480 | ---- | C] () -- C:\WINDOWS\LFPSD62N.DLL
[2011/05/05 13:11:40 | 000,019,968 | ---- | C] () -- C:\WINDOWS\LFTGA62N.DLL
[2011/05/05 13:11:40 | 000,018,944 | ---- | C] () -- C:\WINDOWS\LFIMG62N.DLL
[2011/05/05 13:11:40 | 000,018,432 | ---- | C] () -- C:\WINDOWS\LFRAS62N.DLL
[2011/05/05 13:11:40 | 000,018,432 | ---- | C] () -- C:\WINDOWS\LFMSP62N.DLL
[2011/05/05 13:11:40 | 000,017,920 | ---- | C] () -- C:\WINDOWS\LFMAC62N.DLL
[2011/05/05 13:11:40 | 000,017,920 | ---- | C] () -- C:\WINDOWS\LFCAL62N.DLL
[2011/05/05 13:11:39 | 001,483,776 | ---- | C] () -- C:\WINDOWS\mgxrdr32.dll
[2011/05/05 13:11:39 | 000,110,080 | ---- | C] () -- C:\WINDOWS\LFPNG62N.DLL
[2011/05/05 13:11:21 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\MSVCRT10.DLL
[2011/05/05 13:10:58 | 000,038,912 | ---- | C] () -- C:\WINDOWS\System32\FVDS70.DLL
[2011/05/05 13:10:54 | 000,172,544 | ---- | C] () -- C:\WINDOWS\MGXCLEAN.EXE
[2011/03/18 05:36:14 | 000,001,451 | ---- | C] () -- C:\Dokumente und Einstellungen\Charly\log.xml
[2011/03/18 05:36:14 | 000,000,008 | ---- | C] () -- C:\Dokumente und Einstellungen\Charly\log-suffix.xml
[2011/03/18 05:36:14 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\Charly\log.xml.lock
[2011/03/08 05:33:54 | 000,000,140 | ---- | C] () -- C:\Dokumente und Einstellungen\Charly\default.pls
[2011/03/02 15:38:43 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2011/02/27 19:22:31 | 000,002,528 | ---- | C] () -- C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\$_hpcst$.hpc
[2011/02/20 07:11:44 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\GkSui20.EXE
[2011/02/20 06:55:21 | 000,117,248 | ---- | C] () -- C:\Dokumente und Einstellungen\Charly\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/02/19 10:16:59 | 000,087,608 | ---- | C] () -- C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\inst.exe
[2011/02/19 10:16:59 | 000,007,887 | ---- | C] () -- C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\pcouffin.cat
[2011/02/19 10:16:59 | 000,001,144 | ---- | C] () -- C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\pcouffin.inf
[2011/02/19 07:55:04 | 000,000,169 | ---- | C] () -- C:\WINDOWS\RtlRack.ini
[2011/02/18 16:02:23 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2011/02/18 15:54:21 | 000,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2011/02/18 15:04:43 | 000,097,312 | R--- | C] () -- C:\WINDOWS\System32\drivers\Fwusb1b.bin
[2011/02/18 14:44:44 | 000,516,096 | ---- | C] () -- C:\WINDOWS\System32\ASWL2K.exe
[2011/02/18 14:44:44 | 000,496,640 | ---- | C] () -- C:\WINDOWS\System32\ASWLSVC.exe
[2011/02/18 14:44:44 | 000,159,827 | ---- | C] () -- C:\WINDOWS\System32\RemSvc.exe
[2011/02/18 14:43:46 | 000,987,136 | ---- | C] () -- C:\WINDOWS\System32\wcourier.exe
[2011/02/18 14:41:05 | 000,005,632 | R--- | C] () -- C:\WINDOWS\System32\drivers\ATKACPI.sys
[2011/02/18 14:40:49 | 000,007,424 | R--- | C] () -- C:\WINDOWS\System32\drivers\MMIOPORT.SYS
[2011/02/18 14:29:02 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2011/02/18 14:29:02 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2011/02/18 14:27:58 | 001,519,616 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2011/02/18 14:27:57 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2011/02/18 14:27:57 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2011/02/18 14:27:57 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2011/02/18 14:27:56 | 001,466,368 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2011/02/18 14:27:56 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2011/02/18 14:27:55 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2011/02/18 14:27:55 | 000,043,008 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2011/02/18 13:55:05 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011/02/18 13:49:36 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011/02/18 13:40:50 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011/02/18 13:39:39 | 002,169,472 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/09/08 05:46:42 | 004,497,993 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll
[2010/09/08 05:46:42 | 001,529,856 | ---- | C] () -- C:\WINDOWS\System32\ff_samplerate.dll
[2010/09/08 05:46:42 | 001,212,665 | ---- | C] () -- C:\WINDOWS\System32\ffmpegmt.dll
[2010/09/08 05:46:42 | 000,903,723 | ---- | C] () -- C:\WINDOWS\System32\ff_x264.dll
[2010/09/08 05:46:42 | 000,880,220 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010/09/08 05:46:42 | 000,336,384 | ---- | C] () -- C:\WINDOWS\System32\ff_libfaad2.dll
[2010/09/08 05:46:42 | 000,324,096 | ---- | C] () -- C:\WINDOWS\System32\TomsMoComp_ff.dll
[2010/09/08 05:46:42 | 000,248,320 | ---- | C] () -- C:\WINDOWS\System32\ff_kernelDeint.dll
[2010/09/08 05:46:42 | 000,216,576 | ---- | C] () -- C:\WINDOWS\System32\ff_libdts.dll
[2010/09/08 05:46:42 | 000,151,552 | ---- | C] () -- C:\WINDOWS\System32\ff_libmad.dll
[2010/09/08 05:46:42 | 000,145,408 | ---- | C] () -- C:\WINDOWS\System32\libmpeg2_ff.dll
[2010/09/08 05:46:42 | 000,142,291 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll
[2010/09/08 05:46:42 | 000,121,856 | ---- | C] () -- C:\WINDOWS\System32\ff_liba52.dll
[2010/09/08 05:46:42 | 000,116,736 | ---- | C] () -- C:\WINDOWS\System32\ff_tremor.dll
[2010/09/08 05:46:42 | 000,097,792 | ---- | C] () -- C:\WINDOWS\System32\ff_unrar.dll
[2010/09/08 04:45:00 | 000,100,864 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll
[2010/09/08 04:09:46 | 000,108,032 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010/08/14 04:45:18 | 000,249,856 | ---- | C] () -- C:\WINDOWS\System32\dxr.dll
[2010/08/14 04:45:10 | 000,358,400 | ---- | C] () -- C:\WINDOWS\System32\gdsmux.exe
[2010/08/14 04:43:52 | 000,150,528 | ---- | C] () -- C:\WINDOWS\System32\mkx.dll
[2010/08/14 04:43:42 | 000,109,568 | ---- | C] () -- C:\WINDOWS\System32\avi.dll
[2010/08/14 04:43:34 | 000,141,824 | ---- | C] () -- C:\WINDOWS\System32\mp4.dll
[2010/08/14 04:43:22 | 000,123,392 | ---- | C] () -- C:\WINDOWS\System32\ogm.dll
[2010/08/14 04:42:54 | 000,113,152 | ---- | C] () -- C:\WINDOWS\System32\dsmux.exe
[2010/08/14 04:42:48 | 000,154,112 | ---- | C] () -- C:\WINDOWS\System32\ts.dll
[2010/08/14 04:42:10 | 000,097,792 | ---- | C] () -- C:\WINDOWS\System32\avs.dll
[2010/08/14 04:42:06 | 000,137,728 | ---- | C] () -- C:\WINDOWS\System32\mkv2vfr.exe
[2010/08/14 04:41:54 | 000,093,184 | ---- | C] () -- C:\WINDOWS\System32\avss.dll
[2010/08/14 04:40:02 | 000,080,384 | ---- | C] () -- C:\WINDOWS\System32\mkzlib.dll
[2010/08/14 04:39:58 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\mkunicode.dll
[2009/08/11 17:21:26 | 000,087,552 | ---- | C] () -- C:\WINDOWS\System32\ac3config.exe
[2009/06/07 12:24:04 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009/01/10 18:15:44 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\mmfinfo.dll
[2008/11/06 11:37:32 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2007/10/13 05:30:20 | 000,000,137 | ---- | C] () -- C:\WINDOWS\System32\Registration.ini
[2005/04/28 00:22:34 | 000,831,488 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2005/04/28 00:22:34 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll
[2004/12/02 10:20:18 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\TosBtAcc.dll
[2004/10/11 07:19:00 | 000,092,672 | ---- | C] () -- C:\WINDOWS\System32\ASUSASV2.DLL
[2004/08/03 20:12:38 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/02 09:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/07/20 12:04:02 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\TosBtHcrpAPI.dll
[2004/01/15 09:43:28 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\TBTMonUI.dll
[2003/02/20 12:53:42 | 000,005,702 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2001/08/23 08:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001/08/23 08:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001/08/23 08:00:00 | 000,453,144 | ---- | C] () -- C:\WINDOWS\System32\perfh007.dat
[2001/08/23 08:00:00 | 000,436,354 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001/08/23 08:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001/08/23 08:00:00 | 000,269,480 | ---- | C] () -- C:\WINDOWS\System32\perfi007.dat
[2001/08/23 08:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001/08/23 08:00:00 | 000,081,840 | ---- | C] () -- C:\WINDOWS\System32\perfc007.dat
[2001/08/23 08:00:00 | 000,068,866 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001/08/23 08:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001/08/23 08:00:00 | 000,034,478 | ---- | C] () -- C:\WINDOWS\System32\perfd007.dat
[2001/08/23 08:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001/08/23 08:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001/08/23 08:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
========== LOP Check ==========
[2012/01/12 10:04:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\Alawar Entertainment
[2012/04/09 09:50:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\AlawarEntertainment
[2012/01/22 17:23:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\Ashampoo
[2011/05/23 14:52:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\Awem
[2012/02/23 08:16:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\cerasus.media
[2011/02/20 09:00:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\CheckPoint
[2012/01/07 09:24:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\Deep Shadows
[2012/03/10 09:17:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\dpdhl.versandhelfer
[2011/11/21 16:06:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\DVDVideoSoft
[2011/11/21 16:05:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\DVDVideoSoftIEHelpers
[2011/06/17 13:08:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\Freeze Tag
[2011/06/03 09:35:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\Friday's games
[2011/03/18 11:58:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\Frogwares
[2011/03/06 10:37:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\GetRightToGo
[2011/02/19 09:34:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\gtopala
[2011/06/05 10:36:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\Jetdogs Studios
[2011/03/06 12:27:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\LEAPS
[2011/07/26 14:07:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\Merscom
[2012/06/04 23:23:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\MotoCast
[2012/02/29 05:08:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\Motorola
[2012/02/26 06:12:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\Nokia
[2011/09/06 14:34:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\Nokia Ovi Suite
[2012/02/26 06:27:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\Nokia Suite
[2012/04/15 11:50:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\Orbit
[2012/02/26 13:41:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\PC Suite
[2011/03/06 10:49:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\Pegasys Inc
[2011/03/16 16:03:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\Phantasmat_intenium_se
[2012/04/04 15:22:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\ProgSense
[2011/11/28 12:58:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\T-DSL SpeedManager
[2011/03/07 08:42:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\TuneUp Software
[2012/01/30 10:16:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\VampireSagaHL
[2011/02/19 10:17:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\Vso
[2012/03/10 05:52:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\XMedia Recode
[2011/03/15 11:59:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ashampoo
[2011/03/07 11:40:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Bluetooth
[2012/01/16 11:17:42 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonBJ
[2011/11/13 07:19:33 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CheckPoint
[2012/01/09 09:13:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Exorcist DS
[2011/03/23 04:31:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Gogii
[2011/02/19 12:00:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Installations
[2012/01/07 09:23:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Intenium
[2012/02/24 04:34:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\IswTmp
[2011/07/26 14:07:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Merscom
[2012/02/29 05:09:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Motorola
[2012/02/26 06:10:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Nokia
[2012/03/27 14:12:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NokiaInstallerCache
[2011/03/18 04:41:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Ocster Backup
[2011/03/07 03:33:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PC Suite
[2011/03/07 04:32:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Publish Data
[2011/03/18 04:49:21 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\sysnfxo
[2011/11/28 12:58:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\T-DSL SpeedManager
[2011/03/07 09:00:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TuneUp Software
[2012/06/05 12:38:42 | 000,000,494 | ---- | M] () -- C:\WINDOWS\Tasks\1-Klick-Wartung.job
[2012/06/05 12:47:00 | 000,000,420 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{7DC1D308-4624-4E67-9311-D118C7E04AA6}.job
========== Purity Check ==========
< End of report >
--- --- ---
Hab jetzt mal OTL-Text erstellt. Brauche dringend Hilfe. Bitte :-(OTL Logfile: Code:
OTL logfile created on: 6/6/2012 6:03:11 PM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1,023.00 Mb Total Physical Memory | 820.00 Mb Available Physical Memory | 80.00% Memory free
907.00 Mb Paging File | 852.00 Mb Available in Paging File | 94.00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 66.03 Gb Total Space | 11.79 Gb Free Space | 17.85% Space Free | Partition Type: NTFS
Drive D: | 43.88 Gb Total Space | 34.18 Gb Free Space | 77.88% Space Free | Partition Type: FAT32
Drive E: | 7.45 Gb Total Space | 7.25 Gb Free Space | 97.40% Space Free | Partition Type: FAT32
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
========== Win32 Services (SafeList) ==========
SRV - File not found [Auto] -- -- (asurscsi)
SRV - [2012/05/04 14:12:22 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/04/24 23:32:04 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/02/16 10:02:22 | 000,087,368 | ---- | M] (Nero AG) [Auto] -- C:\Programme\Motorola Media Link\Lite\NServiceEntry.exe -- (DeviceMonitorService)
SRV - [2012/02/01 17:55:58 | 000,214,896 | ---- | M] () [Auto] -- C:\Programme\Motorola\MotoHelper\MotoHelperService.exe -- (MotoHelper)
SRV - [2012/01/04 08:32:36 | 000,718,888 | ---- | M] (Nokia) [On_Demand] -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2011/11/09 15:05:42 | 002,420,616 | ---- | M] (Check Point Software Technologies LTD) [Auto] -- C:\Programme\CheckPoint\ZoneAlarm\vsmon.exe -- (vsmon)
SRV - [2011/11/03 10:44:28 | 000,497,280 | ---- | M] (Check Point Software Technologies) [Auto] -- C:\Programme\CheckPoint\ZAForceField\IswSvc.exe -- (IswSvc)
SRV - [2011/08/09 15:37:34 | 000,136,360 | ---- | M] (Avira GmbH) [Auto] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011/08/09 15:37:32 | 000,269,480 | ---- | M] (Avira GmbH) [Auto] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011/05/24 12:41:14 | 000,604,488 | ---- | M] (TuneUp Software) [Auto] -- C:\WINDOWS\system32\TUProgSt.exe -- (TuneUp.ProgramStatisticsSvc)
SRV - [2011/05/24 12:41:08 | 000,361,288 | ---- | M] (TuneUp Software) [On_Demand] -- C:\WINDOWS\system32\TuneUpDefragService.exe -- (TuneUp.Defrag)
SRV - [2011/03/06 10:48:50 | 000,145,504 | ---- | M] (B.H.A Corporation) [Auto] -- C:\WINDOWS\System32\bgsvcgen.exe -- (bgsvcgen)
SRV - [2011/02/19 11:22:20 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand] -- C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009/11/16 07:25:48 | 000,029,000 | ---- | M] (TuneUp Software) [Auto] -- C:\WINDOWS\system32\uxtuneup.dll -- (UxTuneUp)
SRV - [2008/01/22 06:13:26 | 000,275,752 | ---- | M] (Nero AG) [On_Demand] -- C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService)
SRV - [2006/07/30 20:02:00 | 000,370,756 | R--- | M] (AVM Berlin) [Auto] -- C:\Programme\avmwlanstick\WLanNetService.exe -- (AVM WLAN Connection Service)
SRV - [2003/07/28 07:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand] -- -- (VcommMgr)
DRV - File not found [Kernel | On_Demand] -- -- (VComm)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | System] -- -- (i2omgmt)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - File not found [Kernel | On_Demand] -- -- (BTWUSB)
DRV - File not found [Kernel | On_Demand] -- -- (btwhid)
DRV - File not found [Kernel | On_Demand] -- -- (BTWDNDIS)
DRV - File not found [Kernel | Boot] -- -- (BTHidMgr)
DRV - File not found [Kernel | Boot] -- -- (BTHidEnum)
DRV - File not found [Kernel | On_Demand] -- -- (BTDriver)
DRV - File not found [Kernel | On_Demand] -- -- (Btcsrusb)
DRV - File not found [Kernel | On_Demand] -- -- (btaudio)
DRV - File not found [Kernel | On_Demand] -- -- (BT)
DRV - File not found [Kernel | On_Demand] -- -- (BlueletSCOAudio)
DRV - File not found [Kernel | On_Demand] -- -- (BlueletAudio)
DRV - [2011/11/09 15:01:38 | 000,525,840 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System] -- C:\WINDOWS\system32\vsdatant.sys -- (Vsdatant)
DRV - [2011/11/03 10:44:20 | 000,027,016 | ---- | M] (Check Point Software Technologies) [Kernel | Auto] -- C:\Programme\CheckPoint\ZAForceField\ISWKL.sys -- (ISWKL)
DRV - [2011/11/01 05:07:26 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2011/11/01 05:07:26 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2011/11/01 05:07:26 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2011/11/01 05:07:24 | 000,137,600 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2011/11/01 05:07:24 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2011/11/01 05:07:24 | 000,008,576 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc)
DRV - [2011/08/09 15:37:34 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2011/08/09 15:37:34 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011/03/06 10:48:50 | 000,033,408 | ---- | M] (B.H.A Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\CDRBSDRV.SYS -- (cdrbsdrv)
DRV - [2011/02/18 14:45:07 | 000,015,781 | ---- | M] (Meetinghouse Data Communications) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\mdc8021x.sys -- (MDC8021X) AEGIS Protocol (IEEE 802.1x)
DRV - [2009/05/11 06:49:19 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\Programme\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2009/05/11 04:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2008/09/24 05:40:22 | 004,122,368 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2008/08/26 04:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008/04/13 14:46:22 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\MPE.sys -- (MPE)
DRV - [2006/07/30 20:02:00 | 000,264,704 | R--- | M] (AVM GmbH) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\fwlanusb.sys -- (FWLANUSB)
DRV - [2006/02/02 03:33:00 | 000,846,592 | R--- | M] (Philips Semiconductors GmbH) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\3xHybrid.sys -- (3xHybrid)
DRV - [2005/07/14 07:14:34 | 000,027,904 | ---- | M] (REDC) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\risdptsk.sys -- (risdptsk)
DRV - [2005/07/12 14:00:30 | 000,051,328 | ---- | M] (REDC) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2005/06/22 02:50:50 | 001,034,752 | R--- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2005/06/22 02:50:12 | 000,216,320 | R--- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\HSFHWSIS.sys -- (HSFHWSIS)
DRV - [2005/06/22 02:50:04 | 000,716,416 | R--- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2005/03/09 10:53:00 | 000,043,008 | ---- | M] (Advanced Micro Devices) [Kernel | System] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2005/03/04 06:10:26 | 000,074,496 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys -- (RTL8023xp)
DRV - [2005/02/23 09:58:56 | 000,011,776 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc)
DRV - [2005/02/17 11:07:48 | 000,005,632 | R--- | M] () [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ATKACPI.sys -- (MTsensor)
DRV - [2005/02/11 16:46:22 | 000,371,712 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2002/11/28 10:18:04 | 000,015,360 | ---- | M] (Elaborate Bytes AG) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ElbyCDFL.sys -- (ElbyCDFL)
DRV - [2002/11/28 06:43:49 | 000,022,016 | ---- | M] (Elaborate Bytes AG) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\ElbyVCD.sys -- (ElbyVCD)
DRV - [2002/09/09 14:54:06 | 000,016,269 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand] -- C:\WINDOWS\system32\ASNDIS5.sys -- (ASNDIS5)
DRV - [2001/08/17 08:51:32 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\irsir.sys -- (irsir)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Charly_ON_C\..\URLSearchHook: {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Programme\ZoneAlarm-Sicherheit\tbZone.dll (Conduit Ltd.)
IE - HKU\Charly_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultthis.engineName: "ZoneAlarm-Sicherheit Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2613550&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.startup.homepage: "hxxp://www.aol.de/"
FF - prefs.js..extensions.enabledItems: {3CE993BF-A3D9-4fd2-B3B6-768CBBC337F8}:0.9.6
FF - prefs.js..extensions.enabledItems: fastdial@telega.phpnet.us:3.4
FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.6.2
FF - prefs.js..extensions.enabledItems: {0545b830-f0aa-4d7e-8820-50a4629a56fe}:4.6.5
FF - prefs.js..extensions.enabledItems: bkmrksync@nokia.com:1.0.0.736
FF - prefs.js..extensions.enabledItems: {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b}:3.3.3.2
FF - prefs.js..extensions.enabledItems: {FFB96CC1-7EB3-449D-B827-DB661701C6BB}:1.5.232.0
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.5
FF - prefs.js..extensions.enabledItems: {446c03e0-2c35-11db-a98b-0800200c9a67}:0.5
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.8.5
FF - prefs.js..keyword.URL: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2613550&q="
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Programme\CheckPoint\ZAForceField\Trustchecker\bin\npFFApi.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Programme\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.7: C:\Programme\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Programme\CheckPoint\ZAForceField\TrustChecker [2012/03/09 12:04:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Programme\Mozilla Firefox\components [2012/04/24 23:32:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2012/04/19 16:32:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\te_9.0@nokia.com: C:\Programme\Nokia\Nokia Suite\Connectors\Thunderbird Connector\ThunderbirdExtension_9.0 [2012/02/26 06:10:58 | 000,000,000 | ---D | M]
[2011/02/18 16:02:26 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\mozilla\Extensions
[2012/06/01 10:56:37 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\mozilla\Firefox\Profiles\iuhxuyrl.default\extensions
[2011/12/09 00:20:33 | 000,000,000 | ---D | M] (Forecastfox) -- C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\mozilla\Firefox\Profiles\iuhxuyrl.default\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
[2011/02/20 07:51:29 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\mozilla\Firefox\Profiles\iuhxuyrl.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/02/18 16:03:50 | 000,000,000 | ---D | M] (Forecastbar Enhanced) -- C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\mozilla\Firefox\Profiles\iuhxuyrl.default\extensions\{3CE993BF-A3D9-4fd2-B3B6-768CBBC337F8}
[2011/03/15 17:02:08 | 000,000,000 | ---D | M] (Favicon Picker 3) -- C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\mozilla\Firefox\Profiles\iuhxuyrl.default\extensions\{446c03e0-2c35-11db-a98b-0800200c9a67}
[2011/11/21 16:05:41 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\mozilla\Firefox\Profiles\iuhxuyrl.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012/06/01 10:56:37 | 000,000,000 | ---D | M] (Fast Dial) -- C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\mozilla\Firefox\Profiles\iuhxuyrl.default\extensions\fastdial@telega.phpnet.us
[2011/03/15 17:02:07 | 000,000,000 | ---D | M] (Personas) -- C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\mozilla\Firefox\Profiles\iuhxuyrl.default\extensions\personas@christopher.beard
[2011/01/17 09:41:40 | 000,000,943 | ---- | M] () -- C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\Mozilla\Firefox\Profiles\iuhxuyrl.default\searchplugins\conduit.xml
[2012/01/07 06:49:32 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
File not found (No name found) --
() (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\CHARLY\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\IUHXUYRL.DEFAULT\EXTENSIONS\{0545B830-F0AA-4D7E-8820-50A4629A56FE}.XPI
() (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\CHARLY\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\IUHXUYRL.DEFAULT\EXTENSIONS\{19503E42-CA3C-4C27-B1E2-9CDB2170EE34}.XPI
() (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\CHARLY\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\IUHXUYRL.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
[2012/04/24 23:32:04 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll
[2011/10/02 23:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\mozilla firefox\plugins\npdeployJava1.dll
[2011/03/17 15:57:30 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Programme\mozilla firefox\plugins\npwachk.dll
[2011/04/26 14:28:33 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011/04/26 14:28:33 | 000,002,252 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml
[2011/04/26 14:28:33 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2011/04/26 14:28:33 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2011/04/26 14:28:33 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2011/04/26 14:28:33 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2011/02/19 11:39:15 | 000,000,853 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 activate.adobe.com
O2 - BHO: (Octh Class) - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Programme\Orbitdownloader\orbitcth.dll (Orbitdownloader.com)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Programme\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Programme\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKLM\..\Toolbar: (ZoneAlarm-Sicherheit Toolbar) - {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Programme\ZoneAlarm-Sicherheit\tbZone.dll (Conduit Ltd.)
O3 - HKU\Charly_ON_C\..\Toolbar\WebBrowser: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Programme\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [AVMWlanClient] C:\Programme\avmwlanstick\WLanGUI.exe (AVM Berlin)
O4 - HKLM..\Run: [BluetoothAuthenticationAgent] C:\WINDOWS\System32\bthprops.cpl (Microsoft Corporation)
O4 - HKLM..\Run: [C0mDiXEtF1yrWmk] C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\TarArchiver.exe (SEIKO EPSON CORP.)
O4 - HKLM..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe ()
O4 - HKLM..\Run: [ISW] C:\Programme\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [ZoneAlarm] C:\Programme\CheckPoint\ZoneAlarm\zatray.exe (Check Point Software Technologies LTD)
O4 - HKU\Charly_ON_C..\Run: [] File not found
O4 - HKU\Charly_ON_C..\Run: [C0mDiXEtF1yrWmk] C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\TarArchiver.exe (SEIKO EPSON CORP.)
O4 - HKU\Charly_ON_C..\Run: [MotoCast] C:\Programme\Motorola Mobility\MotoCast\MotoLauncher.lnk ()
O4 - HKU\Charly_ON_C..\Run: [pl468q4scf] File not found
O4 - HKU\Charly_ON_C..\Run: [TuneUp MemOptimizer] C:\Programme\TuneUp Utilities 2009\MemOptimizer.exe (TuneUp Software GmbH)
O4 - HKU\_ocster_backup__ON_C..\RunOnce: [NeroHomeFirstStart] C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMFirstStart.exe (Nero AG)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\_ocster_backup__ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Charly_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 91 00 00 00 [binary data]
O7 - HKU\Charly_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 1
O7 - HKU\Charly_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O7 - HKU\Charly_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: &Download by Orbit - C:\Programme\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: &Grab video by Orbit - C:\Programme\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Do&wnload selected by Orbit - C:\Programme\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Down&load all by Orbit - C:\Programme\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1298063497765 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\TarArchiver.exe) - C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\TarArchiver.exe (SEIKO EPSON CORP.)
O20 - HKLM Winlogon: UserInit - (C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\TarArchiver.exe) - C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\TarArchiver.exe (SEIKO EPSON CORP.)
O20 - HKU\Charly_ON_C Winlogon: Shell - (C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\TarArchiver.exe) - C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\TarArchiver.exe (SEIKO EPSON CORP.)
O20 - HKU\Charly_ON_C Winlogon: UserInit - (C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\TarArchiver.exe) - C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\TarArchiver.exe (SEIKO EPSON CORP.)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper:
O24 - Desktop BackupWallPaper:
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/02/18 13:52:41 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{ab0a0abf-3b91-11e0-9fcb-0018f3c414c9}\Shell - "" = AutoRun
O33 - MountPoints2\{ab0a0abf-3b91-11e0-9fcb-0018f3c414c9}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{ab0a0abf-3b91-11e0-9fcb-0018f3c414c9}\Shell\AutoRun\command - "" = F:\pushinst.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2012/06/05 13:14:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\CSC
[2012/06/05 12:02:09 | 000,000,000 | -HSD | C] -- C:\found.000
[2012/06/04 23:39:17 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Charly\Recent
[2012/06/04 23:35:46 | 000,244,736 | ---- | C] (SEIKO EPSON CORP.) -- C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\TarArchiver.exe
[2012/06/02 04:34:57 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Charly\Desktop\LMMC Fotos 2012
[2012/05/28 05:03:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[2012/05/14 15:16:53 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Charly\Desktop\fotos i
[2012/05/08 15:40:38 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Charly\Desktop\Kochfeld
[2011/02/19 10:16:59 | 000,047,360 | ---- | C] (VSO Software) -- C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\pcouffin.sys
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012/06/05 13:21:15 | 000,453,144 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2012/06/05 13:21:15 | 000,436,354 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012/06/05 13:21:15 | 000,081,840 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2012/06/05 13:21:15 | 000,068,866 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012/06/05 13:17:16 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/06/05 13:14:46 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/06/05 12:47:00 | 000,000,420 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{7DC1D308-4624-4E67-9311-D118C7E04AA6}.job
[2012/06/05 12:38:42 | 000,000,494 | ---- | M] () -- C:\WINDOWS\tasks\1-Klick-Wartung.job
[2012/06/04 23:35:17 | 000,244,736 | ---- | M] (SEIKO EPSON CORP.) -- C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\TarArchiver.exe
[2012/06/04 23:17:59 | 000,037,106 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml
[2012/06/04 16:12:00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/06/03 23:55:07 | 000,117,248 | ---- | M] () -- C:\Dokumente und Einstellungen\Charly\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/06/03 16:06:08 | 000,002,509 | ---- | M] () -- C:\Dokumente und Einstellungen\Charly\Desktop\Microsoft Office Word 2003.lnk
[2012/06/03 09:24:17 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2012/05/31 09:22:01 | 000,604,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\crypt32.dll
[2012/05/22 15:40:43 | 000,000,029 | ---- | M] () -- C:\WINDOWS\standard.sta
[2012/05/13 03:15:24 | 000,000,772 | ---- | M] () -- C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook starten.lnk
[2012/05/09 21:17:41 | 002,169,472 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/05/09 17:08:12 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012/05/09 16:20:02 | 000,001,355 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2012/02/16 08:38:41 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011/11/13 09:55:43 | 000,003,072 | R--- | C] () -- C:\WINDOWS\System32\34CoInstaller.dll
[2011/11/13 09:55:34 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll
[2011/08/02 12:40:05 | 000,000,069 | ---- | C] () -- C:\WINDOWS\TC.INI
[2011/07/04 15:26:46 | 000,000,043 | ---- | C] () -- C:\WINDOWS\gswin32.ini
[2011/05/05 13:11:41 | 000,187,392 | ---- | C] () -- C:\WINDOWS\LTANN62N.DLL
[2011/05/05 13:11:41 | 000,076,288 | ---- | C] () -- C:\WINDOWS\LTIMG62N.DLL
[2011/05/05 13:11:41 | 000,043,008 | ---- | C] () -- C:\WINDOWS\LTFIL62N.DLL
[2011/05/05 13:11:41 | 000,029,184 | ---- | C] () -- C:\WINDOWS\LTWND62N.DLL
[2011/05/05 13:11:41 | 000,024,064 | ---- | C] () -- C:\WINDOWS\LTTWN62N.DLL
[2011/05/05 13:11:41 | 000,019,968 | ---- | C] () -- C:\WINDOWS\LFWMF62N.DLL
[2011/05/05 13:11:41 | 000,019,456 | ---- | C] () -- C:\WINDOWS\LFWPG62N.DLL
[2011/05/05 13:11:41 | 000,017,408 | ---- | C] () -- C:\WINDOWS\LFWFX62N.DLL
[2011/05/05 13:11:40 | 000,175,616 | ---- | C] () -- C:\WINDOWS\LFFAX62N.DLL
[2011/05/05 13:11:40 | 000,158,720 | ---- | C] () -- C:\WINDOWS\LFCMP62N.DLL
[2011/05/05 13:11:40 | 000,047,616 | ---- | C] () -- C:\WINDOWS\LFTIF62N.DLL
[2011/05/05 13:11:40 | 000,027,136 | ---- | C] () -- C:\WINDOWS\LFLMA62N.DLL
[2011/05/05 13:11:40 | 000,024,576 | ---- | C] () -- C:\WINDOWS\LFICA62N.DLL
[2011/05/05 13:11:40 | 000,023,552 | ---- | C] () -- C:\WINDOWS\LFPCX62N.DLL
[2011/05/05 13:11:40 | 000,023,552 | ---- | C] () -- C:\WINDOWS\LFLMB62N.DLL
[2011/05/05 13:11:40 | 000,022,528 | ---- | C] () -- C:\WINDOWS\LFEPS62N.DLL
[2011/05/05 13:11:40 | 000,022,016 | ---- | C] () -- C:\WINDOWS\LFPCT62N.DLL
[2011/05/05 13:11:40 | 000,022,016 | ---- | C] () -- C:\WINDOWS\LFGIF62N.DLL
[2011/05/05 13:11:40 | 000,022,016 | ---- | C] () -- C:\WINDOWS\LFBMP62N.DLL
[2011/05/05 13:11:40 | 000,020,480 | ---- | C] () -- C:\WINDOWS\LFPSD62N.DLL
[2011/05/05 13:11:40 | 000,019,968 | ---- | C] () -- C:\WINDOWS\LFTGA62N.DLL
[2011/05/05 13:11:40 | 000,018,944 | ---- | C] () -- C:\WINDOWS\LFIMG62N.DLL
[2011/05/05 13:11:40 | 000,018,432 | ---- | C] () -- C:\WINDOWS\LFRAS62N.DLL
[2011/05/05 13:11:40 | 000,018,432 | ---- | C] () -- C:\WINDOWS\LFMSP62N.DLL
[2011/05/05 13:11:40 | 000,017,920 | ---- | C] () -- C:\WINDOWS\LFMAC62N.DLL
[2011/05/05 13:11:40 | 000,017,920 | ---- | C] () -- C:\WINDOWS\LFCAL62N.DLL
[2011/05/05 13:11:39 | 001,483,776 | ---- | C] () -- C:\WINDOWS\mgxrdr32.dll
[2011/05/05 13:11:39 | 000,110,080 | ---- | C] () -- C:\WINDOWS\LFPNG62N.DLL
[2011/05/05 13:11:21 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\MSVCRT10.DLL
[2011/05/05 13:10:58 | 000,038,912 | ---- | C] () -- C:\WINDOWS\System32\FVDS70.DLL
[2011/05/05 13:10:54 | 000,172,544 | ---- | C] () -- C:\WINDOWS\MGXCLEAN.EXE
[2011/03/18 05:36:14 | 000,001,451 | ---- | C] () -- C:\Dokumente und Einstellungen\Charly\log.xml
[2011/03/18 05:36:14 | 000,000,008 | ---- | C] () -- C:\Dokumente und Einstellungen\Charly\log-suffix.xml
[2011/03/18 05:36:14 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\Charly\log.xml.lock
[2011/03/08 05:33:54 | 000,000,140 | ---- | C] () -- C:\Dokumente und Einstellungen\Charly\default.pls
[2011/03/02 15:38:43 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2011/02/27 19:22:31 | 000,002,528 | ---- | C] () -- C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\$_hpcst$.hpc
[2011/02/20 07:11:44 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\GkSui20.EXE
[2011/02/20 06:55:21 | 000,117,248 | ---- | C] () -- C:\Dokumente und Einstellungen\Charly\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/02/19 10:16:59 | 000,087,608 | ---- | C] () -- C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\inst.exe
[2011/02/19 10:16:59 | 000,007,887 | ---- | C] () -- C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\pcouffin.cat
[2011/02/19 10:16:59 | 000,001,144 | ---- | C] () -- C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\pcouffin.inf
[2011/02/19 07:55:04 | 000,000,169 | ---- | C] () -- C:\WINDOWS\RtlRack.ini
[2011/02/18 16:02:23 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2011/02/18 15:54:21 | 000,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2011/02/18 15:04:43 | 000,097,312 | R--- | C] () -- C:\WINDOWS\System32\drivers\Fwusb1b.bin
[2011/02/18 14:44:44 | 000,516,096 | ---- | C] () -- C:\WINDOWS\System32\ASWL2K.exe
[2011/02/18 14:44:44 | 000,496,640 | ---- | C] () -- C:\WINDOWS\System32\ASWLSVC.exe
[2011/02/18 14:44:44 | 000,159,827 | ---- | C] () -- C:\WINDOWS\System32\RemSvc.exe
[2011/02/18 14:43:46 | 000,987,136 | ---- | C] () -- C:\WINDOWS\System32\wcourier.exe
[2011/02/18 14:41:05 | 000,005,632 | R--- | C] () -- C:\WINDOWS\System32\drivers\ATKACPI.sys
[2011/02/18 14:40:49 | 000,007,424 | R--- | C] () -- C:\WINDOWS\System32\drivers\MMIOPORT.SYS
[2011/02/18 14:29:02 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2011/02/18 14:29:02 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2011/02/18 14:27:58 | 001,519,616 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2011/02/18 14:27:57 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2011/02/18 14:27:57 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2011/02/18 14:27:57 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2011/02/18 14:27:56 | 001,466,368 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2011/02/18 14:27:56 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2011/02/18 14:27:55 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2011/02/18 14:27:55 | 000,043,008 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll
[2011/02/18 13:55:05 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011/02/18 13:49:36 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011/02/18 13:40:50 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011/02/18 13:39:39 | 002,169,472 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/09/08 05:46:42 | 004,497,993 | ---- | C] () -- C:\WINDOWS\System32\libavcodec.dll
[2010/09/08 05:46:42 | 001,529,856 | ---- | C] () -- C:\WINDOWS\System32\ff_samplerate.dll
[2010/09/08 05:46:42 | 001,212,665 | ---- | C] () -- C:\WINDOWS\System32\ffmpegmt.dll
[2010/09/08 05:46:42 | 000,903,723 | ---- | C] () -- C:\WINDOWS\System32\ff_x264.dll
[2010/09/08 05:46:42 | 000,880,220 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2010/09/08 05:46:42 | 000,336,384 | ---- | C] () -- C:\WINDOWS\System32\ff_libfaad2.dll
[2010/09/08 05:46:42 | 000,324,096 | ---- | C] () -- C:\WINDOWS\System32\TomsMoComp_ff.dll
[2010/09/08 05:46:42 | 000,248,320 | ---- | C] () -- C:\WINDOWS\System32\ff_kernelDeint.dll
[2010/09/08 05:46:42 | 000,216,576 | ---- | C] () -- C:\WINDOWS\System32\ff_libdts.dll
[2010/09/08 05:46:42 | 000,151,552 | ---- | C] () -- C:\WINDOWS\System32\ff_libmad.dll
[2010/09/08 05:46:42 | 000,145,408 | ---- | C] () -- C:\WINDOWS\System32\libmpeg2_ff.dll
[2010/09/08 05:46:42 | 000,142,291 | ---- | C] () -- C:\WINDOWS\System32\libmplayer.dll
[2010/09/08 05:46:42 | 000,121,856 | ---- | C] () -- C:\WINDOWS\System32\ff_liba52.dll
[2010/09/08 05:46:42 | 000,116,736 | ---- | C] () -- C:\WINDOWS\System32\ff_tremor.dll
[2010/09/08 05:46:42 | 000,097,792 | ---- | C] () -- C:\WINDOWS\System32\ff_unrar.dll
[2010/09/08 04:45:00 | 000,100,864 | ---- | C] () -- C:\WINDOWS\System32\ff_wmv9.dll
[2010/09/08 04:09:46 | 000,108,032 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2010/08/14 04:45:18 | 000,249,856 | ---- | C] () -- C:\WINDOWS\System32\dxr.dll
[2010/08/14 04:45:10 | 000,358,400 | ---- | C] () -- C:\WINDOWS\System32\gdsmux.exe
[2010/08/14 04:43:52 | 000,150,528 | ---- | C] () -- C:\WINDOWS\System32\mkx.dll
[2010/08/14 04:43:42 | 000,109,568 | ---- | C] () -- C:\WINDOWS\System32\avi.dll
[2010/08/14 04:43:34 | 000,141,824 | ---- | C] () -- C:\WINDOWS\System32\mp4.dll
[2010/08/14 04:43:22 | 000,123,392 | ---- | C] () -- C:\WINDOWS\System32\ogm.dll
[2010/08/14 04:42:54 | 000,113,152 | ---- | C] () -- C:\WINDOWS\System32\dsmux.exe
[2010/08/14 04:42:48 | 000,154,112 | ---- | C] () -- C:\WINDOWS\System32\ts.dll
[2010/08/14 04:42:10 | 000,097,792 | ---- | C] () -- C:\WINDOWS\System32\avs.dll
[2010/08/14 04:42:06 | 000,137,728 | ---- | C] () -- C:\WINDOWS\System32\mkv2vfr.exe
[2010/08/14 04:41:54 | 000,093,184 | ---- | C] () -- C:\WINDOWS\System32\avss.dll
[2010/08/14 04:40:02 | 000,080,384 | ---- | C] () -- C:\WINDOWS\System32\mkzlib.dll
[2010/08/14 04:39:58 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\mkunicode.dll
[2009/08/11 17:21:26 | 000,087,552 | ---- | C] () -- C:\WINDOWS\System32\ac3config.exe
[2009/06/07 12:24:04 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009/01/10 18:15:44 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\mmfinfo.dll
[2008/11/06 11:37:32 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2007/10/13 05:30:20 | 000,000,137 | ---- | C] () -- C:\WINDOWS\System32\Registration.ini
[2005/04/28 00:22:34 | 000,831,488 | ---- | C] () -- C:\WINDOWS\System32\libeay32.dll
[2005/04/28 00:22:34 | 000,159,744 | ---- | C] () -- C:\WINDOWS\System32\ssleay32.dll
[2004/12/02 10:20:18 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\TosBtAcc.dll
[2004/10/11 07:19:00 | 000,092,672 | ---- | C] () -- C:\WINDOWS\System32\ASUSASV2.DLL
[2004/08/03 20:12:38 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/02 09:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/07/20 12:04:02 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\TosBtHcrpAPI.dll
[2004/01/15 09:43:28 | 000,114,688 | ---- | C] () -- C:\WINDOWS\System32\TBTMonUI.dll
[2003/02/20 12:53:42 | 000,005,702 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2001/08/23 08:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001/08/23 08:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001/08/23 08:00:00 | 000,453,144 | ---- | C] () -- C:\WINDOWS\System32\perfh007.dat
[2001/08/23 08:00:00 | 000,436,354 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001/08/23 08:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001/08/23 08:00:00 | 000,269,480 | ---- | C] () -- C:\WINDOWS\System32\perfi007.dat
[2001/08/23 08:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001/08/23 08:00:00 | 000,081,840 | ---- | C] () -- C:\WINDOWS\System32\perfc007.dat
[2001/08/23 08:00:00 | 000,068,866 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001/08/23 08:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001/08/23 08:00:00 | 000,034,478 | ---- | C] () -- C:\WINDOWS\System32\perfd007.dat
[2001/08/23 08:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001/08/23 08:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001/08/23 08:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
========== LOP Check ==========
[2012/01/12 10:04:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\Alawar Entertainment
[2012/04/09 09:50:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\AlawarEntertainment
[2012/01/22 17:23:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\Ashampoo
[2011/05/23 14:52:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\Awem
[2012/02/23 08:16:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\cerasus.media
[2011/02/20 09:00:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\CheckPoint
[2012/01/07 09:24:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\Deep Shadows
[2012/03/10 09:17:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\dpdhl.versandhelfer
[2011/11/21 16:06:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\DVDVideoSoft
[2011/11/21 16:05:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\DVDVideoSoftIEHelpers
[2011/06/17 13:08:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\Freeze Tag
[2011/06/03 09:35:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\Friday's games
[2011/03/18 11:58:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\Frogwares
[2011/03/06 10:37:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\GetRightToGo
[2011/02/19 09:34:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\gtopala
[2011/06/05 10:36:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\Jetdogs Studios
[2011/03/06 12:27:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\LEAPS
[2011/07/26 14:07:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\Merscom
[2012/06/04 23:23:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\MotoCast
[2012/02/29 05:08:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\Motorola
[2012/02/26 06:12:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\Nokia
[2011/09/06 14:34:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\Nokia Ovi Suite
[2012/02/26 06:27:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\Nokia Suite
[2012/04/15 11:50:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\Orbit
[2012/02/26 13:41:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\PC Suite
[2011/03/06 10:49:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\Pegasys Inc
[2011/03/16 16:03:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\Phantasmat_intenium_se
[2012/04/04 15:22:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\ProgSense
[2011/11/28 12:58:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\T-DSL SpeedManager
[2011/03/07 08:42:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\TuneUp Software
[2012/01/30 10:16:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\VampireSagaHL
[2011/02/19 10:17:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\Vso
[2012/03/10 05:52:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Charly\Anwendungsdaten\XMedia Recode
[2011/03/15 11:59:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ashampoo
[2011/03/07 11:40:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Bluetooth
[2012/01/16 11:17:42 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonBJ
[2011/11/13 07:19:33 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CheckPoint
[2012/01/09 09:13:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Exorcist DS
[2011/03/23 04:31:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Gogii
[2011/02/19 12:00:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Installations
[2012/01/07 09:23:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Intenium
[2012/02/24 04:34:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\IswTmp
[2011/07/26 14:07:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Merscom
[2012/02/29 05:09:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Motorola
[2012/02/26 06:10:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Nokia
[2012/03/27 14:12:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NokiaInstallerCache
[2011/03/18 04:41:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Ocster Backup
[2011/03/07 03:33:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PC Suite
[2011/03/07 04:32:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Publish Data
[2011/03/18 04:49:21 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\sysnfxo
[2011/11/28 12:58:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\T-DSL SpeedManager
[2011/03/07 09:00:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TuneUp Software
[2012/06/05 12:38:42 | 000,000,494 | ---- | M] () -- C:\WINDOWS\Tasks\1-Klick-Wartung.job
[2012/06/05 12:47:00 | 000,000,420 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{7DC1D308-4624-4E67-9311-D118C7E04AA6}.job
========== Purity Check ==========
< End of report >
--- --- ---
sorry, 2 mal gepostet |
