Trojaner-Board - Leerer Desktop, Computer fährt automatisch herunter

Hm, kann ich die otl.txt-Datei auch hier im Wortlaut einfach reinstellen? Anhängen kann ich sie leider nicht, weil sie zu groß ist.

OTL Logfile:
Code:
OTL logfile created on: 1/3/2013 9:33:30 PM - Run 

OTLPE by OldTimer - Version 3.1.48.0     Folder = X:\Programs\OTLPE

Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM

Internet Explorer (Version = 8.0.6001.18702)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

1,022.00 Mb Total Physical Memory | 787.00 Mb Available Physical Memory | 77.00% Memory free

906.00 Mb Paging File | 824.00 Mb Available in Paging File | 91.00% Paging File free

Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme

Drive C: | 111.78 Gb Total Space | 8.54 Gb Free Space | 7.64% Space Free | Partition Type: NTFS

Drive D: | 7.42 Gb Total Space | 7.42 Gb Free Space | 100.00% Space Free | Partition Type: FAT32

Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

 

Computer Name: REATOGO | User Name: SYSTEM

Boot Mode: Normal | Scan Mode: All users

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

Using ControlSet: ControlSet001

 
 ========== Win32 Services (SafeList) ==========

 

SRV - File not found [Disabled] --  -- (HidServ)

SRV - [2012/12/17 07:35:40 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)

SRV - [2012/11/18 06:40:40 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)

SRV - [2012/09/20 07:28:48 | 030,785,672 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Programme\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)

SRV - [2011/07/04 07:16:16 | 000,269,480 | ---- | M] (Avira GmbH) [Auto] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)

SRV - [2011/04/30 08:01:59 | 000,136,360 | ---- | M] (Avira GmbH) [Auto] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)

SRV - [2010/01/09 14:37:50 | 004,640,000 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)

SRV - [2010/01/09 14:18:00 | 000,149,352 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose)

SRV - [2009/07/30 15:20:04 | 000,144,752 | ---- | M] (TOSHIBA CORPORATION) [Auto] -- C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)

SRV - [2008/11/09 15:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto] -- C:\Programme\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)

SRV - [2008/07/09 03:05:18 | 000,075,304 | ---- | M] (Zone Labs, LLC) [Auto] -- C:\WINDOWS\System32\ZoneLabs\vsmon.exe -- (vsmon)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV - File not found [Kernel | On_Demand] --  -- (WDICA)

DRV - File not found [Kernel | On_Demand] --  -- (RTL8187B)

DRV - File not found [Kernel | On_Demand] --  -- (PDRFRAME)

DRV - File not found [Kernel | On_Demand] --  -- (PDRELI)

DRV - File not found [Kernel | On_Demand] --  -- (PDFRAME)

DRV - File not found [Kernel | On_Demand] --  -- (PDCOMP)

DRV - File not found [Kernel | System] --  -- (PCIDump)

DRV - File not found [Kernel | System] --  -- (lbrtfdc)

DRV - File not found [Kernel | System] --  -- (InCDRm)

DRV - File not found [Kernel | System] --  -- (InCDPass)

DRV - File not found [Kernel | System] --  -- (i2omgmt)

DRV - File not found [Kernel | On_Demand] --  -- (hSONYPVh)

DRV - File not found [Kernel | On_Demand] --  -- (EagleNT)

DRV - File not found [Kernel | System] --  -- (Changer)

DRV - File not found [Kernel | On_Demand] --  -- (catchme)

DRV - [2011/12/28 13:12:50 | 000,281,760 | ---- | M] () [Kernel | Auto] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)

DRV - [2011/12/28 13:12:50 | 000,025,888 | ---- | M] () [Kernel | Auto] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)

DRV - [2011/07/04 07:16:18 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)

DRV - [2011/07/04 07:16:18 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)

DRV - [2009/07/28 14:01:26 | 000,069,480 | ---- | M] (TOSHIBA Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\tosrfcom.sys -- (Tosrfcom)

DRV - [2009/07/28 12:38:00 | 000,049,016 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\tosrfusb.sys -- (Tosrfusb)

DRV - [2009/07/24 05:31:58 | 000,021,608 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\tosrfnds.sys -- (tosrfnds)

DRV - [2009/07/07 15:38:34 | 000,168,936 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\tosrfbd.sys -- (tosrfbd)

DRV - [2009/06/19 03:57:42 | 000,059,888 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\TosRfSnd.sys -- (TosRfSnd)

DRV - [2009/06/17 05:59:46 | 000,046,984 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\tosporte.sys -- (tosporte)

DRV - [2009/06/11 08:05:00 | 000,036,992 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\tosrfbnp.sys -- (tosrfbnp)

DRV - [2009/05/20 04:23:36 | 000,074,368 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Tosrfhid.sys -- (Tosrfhid)

DRV - [2009/05/11 05:49:19 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\Programme\Avira\AntiVir Desktop\avgio.sys -- (avgio)

DRV - [2009/05/11 03:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)

DRV - [2008/07/09 03:05:22 | 000,394,952 | ---- | M] (Zone Labs, LLC) [Kernel | System] -- C:\WINDOWS\system32\vsdatant.sys -- (vsdatant)

DRV - [2008/02/26 21:10:44 | 000,051,176 | ---- | M] (Zone Labs, LLC) [Kernel | Boot] -- C:\WINDOWS\system32\ZoneLabs\srescan.sys -- (srescan)

DRV - [2007/07/19 09:10:28 | 000,127,768 | ---- | M] (Kaspersky Lab) [File_System | System] -- C:\WINDOWS\system32\drivers\klif.sys -- (KLIF)

DRV - [2006/02/27 12:47:00 | 004,241,920 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)

DRV - [2005/09/30 05:11:42 | 000,078,720 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)

DRV - [2005/09/16 08:09:02 | 000,846,792 | ---- | M] (Motorola Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\smserial.sys -- (smserial)

DRV - [2005/01/07 11:07:16 | 000,145,920 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Hdaudio.sys -- (HdAudAddService)

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

IE - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.chatzum.com/

IE - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 

 

 

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

 

IE - HKU\Leif_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = 

IE - HKU\Leif_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp

IE - HKU\Leif_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de

IE - HKU\Leif_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 28 A3 A2 3B 44 DC CD 01  [binary data]

IE - HKU\Leif_ON_C\..\URLSearchHook:  - Reg Error: Key error. File not found

IE - HKU\Leif_ON_C\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - Reg Error: Key error. File not found

IE - HKU\Leif_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

 

 

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll ()

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Programme\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\Programme\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Programme\Microsoft Office\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Programme\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Programme\Mozilla Firefox\components [2012/11/18 06:40:41 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2012/11/18 06:40:31 | 000,000,000 | ---D | M]

 

[2012/11/18 06:40:29 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions

[2012/11/18 06:40:41 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll

[2011/05/26 10:38:41 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\mozilla firefox\plugins\npdeployJava1.dll

[2012/08/01 04:58:22 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml

[2012/09/10 07:39:34 | 000,002,465 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml

[2012/08/01 04:58:22 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml

[2012/08/01 04:58:22 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml

[2012/08/01 04:58:22 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml

[2012/08/01 04:58:22 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml

 

O1 HOSTS File: ([2012/03/22 02:48:30 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1       localhost

O2 - BHO: (Browser Companion Helper) - {00cbb66b-1d3b-46d3-9577-323a336acb50} - C:\Programme\BrowserCompanion\jsloader.dll ( )

O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.

O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.

O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)

O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

O2 - BHO: (Browser Companion Helper Verifier) - {963B125B-8B21-49A2-A3A8-E37092276531} - C:\Programme\BrowserCompanion\updatebhoWin32.dll ( )

O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)

O4 - HKLM..\Run: [BCSSync] C:\Programme\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)

O4 - HKLM..\Run: [Eraser] C:\Programme\Eraser\Eraser.exe (The Eraser Project)

O4 - HKLM..\Run: [ITSecMng] C:\Programme\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe (TOSHIBA CORPORATION)

O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)

O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)

O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()

O4 - HKLM..\Run: [SMSERIAL] C:\WINDOWS\sm56hlpr.exe (Motorola Inc.)

O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)

O4 - HKLM..\Run: [Verknüpfung mit der High Definition Audio-Eigenschaftenseite] C:\WINDOWS\System32\HdAShCut.exe (Windows (R) Server 2003 DDK provider)

O4 - HKLM..\Run: [ZoneAlarm Client] C:\Programme\Zone Labs\ZoneAlarm\zlclient.exe (Zone Labs, LLC)

O4 - HKU\Leif_ON_C..\Run: [Messenger (Yahoo!)] C:\Programme\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)

O4 - HKU\Administrator_ON_C..\RunOnce: [NeroHomeFirstStart] C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMFirstStart.exe (Nero AG)

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\Leif_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323

O7 - HKU\Leif_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863

O7 - HKU\Leif_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)

O9 - Extra Button: Secret City - {D401C3A2-12EF-4D1D-A086-F3AB10B565BF} -  File not found

O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -  File not found

O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -  File not found

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)

O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object)

O18 - Protocol\Handler\base64 {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Programme\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)

O18 - Protocol\Handler\chrome {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Programme\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)

O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)

O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)

O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)

O18 - Protocol\Handler\prox {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Programme\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)

O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)

O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home

O24 - Desktop WallPaper: 

O24 - Desktop BackupWallPaper: 

O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2008/11/24 12:43:06 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]

O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]

O34 - HKLM BootExecute: (autocheck autochk *) -  File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = ComFile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 

ActiveX: {03F998B2-0E00-11D3-A498-00104B6EB52E} - Viewpoint Media Player

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)

ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vektorgrafik-Rendering (VML)

ActiveX: {14F4D1F6-79E4-4256-A10B-3CCD138698C6} - Microsoft .NET Framework 1.0 Hotfix (KB2656378)

ActiveX: {1897C549-AE52-4571-8996-44854F5612B2} - Microsoft .NET Framework 1.1 Security Update (KB2656370)

ActiveX: {1B00725B-C455-4DE6-BFB6-AD540AD427CD} - Viewpoint Media Player

ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow

ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4

ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation

ActiveX: {29A43E48-B726-47B6-9EAC-AA2B7B48E133} - Microsoft .NET Framework 1.0 Security Update (KB2698035)

ActiveX: {29E7D24F-BF30-45E7-8A40-AD27AFD8F5C6} - Microsoft .NET Framework 1.0 Hotfix (KB979904)

ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

ActiveX: {339E9413-F230-4F0F-ADDD-17914D95FD6D} - Microsoft .NET Framework 1.0 Hotfix (KB2604042)

ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML-Datenbindung für Java

ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack

ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe

ActiveX: {407408d4-94ed-4d86-ab69-a7f649d112ee} - %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection QuickLaunchShortcut 640 %systemroot%\inf\mcdftreg.inf

ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)

ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Erweitertes Authoring

ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install

ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT

ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow

ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx

ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help

ActiveX: {4F00D11B-8327-4C55-B7DA-B8D8C10F28A8} - Microsoft .NET Framework 1.0 Hotfix (KB2572066)

ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes

ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.8

ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser

ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW

ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools

ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements

ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player

ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access

ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework

ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders

ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings

ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install

ActiveX: {8BF1B8CD-9A6C-4382-A454-CC769B913F48} - Microsoft .NET Framework 1.0 Hotfix (KB2656378)

ActiveX: {8F736E10-8E5C-4399-A532-D0C00A406227} - Microsoft .NET Framework 1.1 Security Update (KB2698023)

ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding

ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework

ActiveX: {C314CE45-3392-3B73-B4E1-139CD41CA933} - .NET Framework

ActiveX: {C3C986D6-06B1-43BF-90DD-BE30756C00DE} - RevokedRootsUpdate

ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts

ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework

ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Taskplaner

ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1

ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Macromedia Shockwave Flash

ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help

ActiveX: {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - Reg Error: Value error.

ActiveX: {E78BFA60-5393-4C38-82AB-E8019E464EB4} - .NET Framework

ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface

ActiveX: {EA29D410-CE41-4953-A862-2DE706A1DAD7} - Microsoft .NET Framework 1.0 Service Pack 3

ActiveX: {FDC11A6F-17D1-48f9-9EA3-9051954BAA24} - .NET Framework

ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe

ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP

ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE

ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP

ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE

 

NetSvcs: 6to4 -  File not found

NetSvcs: HidServ -  File not found

NetSvcs: Ias -  File not found

NetSvcs: Iprip -  File not found

NetSvcs: Irmon -  File not found

NetSvcs: NWCWorkstation -  File not found

NetSvcs: Nwsapagent -  File not found

NetSvcs: WmdmPmSp -  File not found

 

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2013/01/01 17:17:15 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData

[2013/01/01 16:48:58 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Administrator\Recent

[2013/01/01 16:40:50 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Avira

[2013/01/01 16:31:24 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Leif\Recent

[2012/12/17 07:18:20 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Leif\Anwendungsdaten\Yahoo!

[2012/12/17 07:17:58 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Yahoo! Messenger

[2012/12/17 07:14:52 | 000,000,000 | ---D | C] -- C:\Programme\Yahoo!

[2012/12/17 06:15:31 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Leif\Anwendungsdaten\Skype

[2012/12/17 05:55:43 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft

[2012/12/17 05:55:27 | 000,000,000 | ---D | C] -- C:\Programme\Windows Live SkyDrive

[2012/12/17 05:55:20 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Windows Live

[2012/12/17 05:55:05 | 000,000,000 | ---D | C] -- C:\Programme\Windows Live

[2009/03/23 13:34:26 | 000,250,544 | ---- | C] (KeyWorks Software) -- C:\Programme\Gemeinsame Dateien\keyhelp.ocx

[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

 
 ========== Files - Modified Within 30 Days ==========

 

[2013/01/01 17:27:54 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat

[2013/01/01 17:17:47 | 000,197,354 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml

[2013/01/01 17:16:23 | 000,001,082 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job

[2013/01/01 17:16:18 | 000,001,086 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

[2013/01/01 16:38:43 | 221,249,568 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.dat

[2013/01/01 16:38:43 | 002,588,648 | -HS- | M] () -- C:\WINDOWS\System32\drivers\fidbox.idx

[2013/01/01 16:03:02 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl

[2012/12/17 08:35:01 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job

[2012/12/17 07:35:37 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe

[2012/12/17 07:35:37 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl

[2012/12/17 07:17:59 | 000,000,800 | ---- | M] () -- C:\Dokumente und Einstellungen\Leif\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk

[2012/12/17 07:17:59 | 000,000,782 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Yahoo! Messenger.lnk

[2012/12/17 07:17:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Yahoo! Messenger

[2012/12/17 05:56:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Windows Live

[2012/12/17 05:46:57 | 000,358,383 | ---- | M] () -- C:\WINDOWS\System32\vsconfig.xml

[2012/12/12 10:09:03 | 000,030,788 | ---- | M] () -- C:\Dokumente und Einstellungen\Leif\helden.zip.hld.ok

[2012/12/12 10:09:03 | 000,030,788 | ---- | M] () -- C:\Dokumente und Einstellungen\Leif\helden.zip.hld.5.2.1

[2012/12/12 10:09:03 | 000,000,511 | ---- | M] () -- C:\Dokumente und Einstellungen\Leif\.dsa4.properties

[2012/12/10 07:08:10 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini

[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

 
 ========== Files Created - No Company Name ==========

 

[2012/12/17 07:17:59 | 000,000,800 | ---- | C] () -- C:\Dokumente und Einstellungen\Leif\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk

[2012/12/17 07:17:59 | 000,000,782 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Yahoo! Messenger.lnk

[2012/09/23 11:15:45 | 000,030,788 | ---- | C] () -- C:\Dokumente und Einstellungen\Leif\helden.zip.hld.5.2.1

[2012/07/15 11:20:54 | 000,015,878 | ---- | C] () -- C:\Dokumente und Einstellungen\Leif\pluginsautoUpdater.jar

[2012/07/08 08:41:17 | 000,030,480 | ---- | C] () -- C:\Dokumente und Einstellungen\Leif\helden.zip.hld.5.2.0

[2012/03/24 03:52:07 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll

[2012/03/22 02:15:42 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe

[2012/03/22 02:15:42 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe

[2012/03/22 02:15:42 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe

[2012/03/22 02:15:42 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe

[2012/03/22 02:15:42 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe

[2012/01/24 12:38:47 | 000,030,788 | ---- | C] () -- C:\Dokumente und Einstellungen\Leif\helden.zip.hld.ok

[2012/01/22 11:10:33 | 000,030,788 | ---- | C] () -- C:\Dokumente und Einstellungen\Leif\helden.zip.hld

[2011/10/24 14:02:47 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat

[2011/05/22 11:24:57 | 000,162,304 | ---- | C] () -- C:\WINDOWS\System32\ztvunrar36.dll

[2011/05/22 11:24:57 | 000,077,312 | ---- | C] () -- C:\WINDOWS\System32\ztvunace26.dll

[2011/05/22 11:24:57 | 000,075,264 | ---- | C] () -- C:\WINDOWS\System32\unacev2.dll

[2011/05/22 11:24:56 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\UNRAR3.dll

[2010/08/18 05:16:14 | 000,000,883 | ---- | C] () -- C:\Dokumente und Einstellungen\Leif\.recently-used.xbel

[2010/08/10 12:06:48 | 000,000,262 | ---- | C] () -- C:\WINDOWS\videodeLuxe.INI

[2010/08/10 10:55:28 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll

[2010/08/10 10:47:25 | 000,000,085 | ---- | C] () -- C:\WINDOWS\magix.ini

[2010/08/10 10:47:19 | 000,001,104 | ---- | C] () -- C:\WINDOWS\mgxoschk.ini

[2010/05/14 05:50:42 | 000,010,392 | ---- | C] () -- C:\Dokumente und Einstellungen\Leif\2009.elfo

[2010/03/25 08:48:58 | 000,060,416 | ---- | C] () -- C:\WINDOWS\rbap350.dll

[2010/03/25 08:48:50 | 000,060,416 | ---- | C] () -- C:\WINDOWS\System32\rbap350.dll

[2009/11/25 10:50:31 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\qttask.exe

[2009/11/25 10:49:35 | 000,000,000 | ---- | C] () -- C:\WINDOWS\bdb.ini

[2009/11/14 06:02:29 | 000,103,535 | ---- | C] () -- C:\WINDOWS\hpoins04.dat

[2009/11/14 06:02:29 | 000,017,176 | ---- | C] () -- C:\WINDOWS\hpomdl04.dat

[2009/10/21 12:00:04 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat

[2009/10/08 12:18:44 | 000,032,695 | ---- | C] () -- C:\Dokumente und Einstellungen\Leif\helden.xml

[2009/10/08 11:39:33 | 000,008,245 | ---- | C] () -- C:\Dokumente und Einstellungen\Leif\.heldEinstellungen4_1.xml

[2009/08/27 07:58:20 | 000,000,042 | ---- | C] () -- C:\Dokumente und Einstellungen\Leif\default.pls

[2009/08/24 13:55:07 | 000,281,760 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys

[2009/08/24 13:55:07 | 000,025,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys

[2009/08/23 12:17:45 | 000,000,095 | ---- | C] () -- C:\WINDOWS\Kyor.ini

[2009/08/22 06:00:34 | 000,002,933 | ---- | C] () -- C:\Dokumente und Einstellungen\Leif\.heldEinstellungen.xml

[2009/08/22 06:00:33 | 000,000,511 | ---- | C] () -- C:\Dokumente und Einstellungen\Leif\.dsa4.properties

[2009/07/17 09:42:00 | 000,000,238 | ---- | C] () -- C:\Dokumente und Einstellungen\Leif\Anwendungsdaten\wklnhst.dat

[2008/12/31 08:59:18 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat

[2008/12/18 16:40:58 | 000,000,562 | ---- | C] () -- C:\WINDOWS\SIERRA.INI

[2008/12/18 04:12:57 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini

[2008/12/18 04:12:52 | 000,038,912 | ---- | C] () -- C:\Dokumente und Einstellungen\Leif\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2008/12/09 09:29:39 | 221,249,568 | -HS- | C] () -- C:\WINDOWS\System32\drivers\fidbox.dat

[2008/12/09 09:27:47 | 000,004,212 | -H-- | C] () -- C:\WINDOWS\System32\zllictbl.dat

[2008/12/09 09:27:44 | 000,021,904 | ---- | C] () -- C:\WINDOWS\System32\imsinstall_loc0407.dll

[2008/12/09 09:27:44 | 000,017,808 | ---- | C] () -- C:\WINDOWS\System32\imslsp_install_loc0407.dll

[2008/12/09 09:27:33 | 000,796,048 | ---- | C] () -- C:\WINDOWS\System32\libeay32_0.9.6l.dll

[2008/11/24 14:55:18 | 000,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI

[2008/11/24 13:03:26 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll

[2008/11/24 13:03:26 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe

[2008/11/24 13:01:40 | 001,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll

[2008/11/24 13:01:40 | 001,657,376 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe

[2008/11/24 13:01:40 | 001,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll

[2008/11/24 13:01:39 | 001,507,328 | ---- | C] () -- C:\WINDOWS\System32\nview.dll

[2008/11/24 13:01:39 | 001,346,080 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe

[2008/11/24 13:01:39 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll

[2008/11/24 13:01:39 | 000,449,056 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe

[2008/11/24 13:01:38 | 000,069,632 | ---- | C] () -- C:\WINDOWS\sm56spn.dll

[2008/11/24 13:01:38 | 000,069,632 | ---- | C] () -- C:\WINDOWS\sm56itl.dll

[2008/11/24 13:01:38 | 000,069,632 | ---- | C] () -- C:\WINDOWS\sm56eng.dll

[2008/11/24 13:01:38 | 000,069,632 | ---- | C] () -- C:\WINDOWS\sm56brz.dll

[2008/11/24 13:01:38 | 000,061,440 | ---- | C] () -- C:\WINDOWS\sm56ger.dll

[2008/11/24 13:01:38 | 000,061,440 | ---- | C] () -- C:\WINDOWS\sm56fra.dll

[2008/11/24 13:01:38 | 000,053,248 | ---- | C] () -- C:\WINDOWS\sm56jpn.dll

[2008/11/24 13:01:38 | 000,049,152 | ---- | C] () -- C:\WINDOWS\sm56cht.dll

[2008/11/24 13:01:38 | 000,049,152 | ---- | C] () -- C:\WINDOWS\sm56chs.dll

[2008/11/24 12:54:23 | 000,000,137 | ---- | C] () -- C:\Dokumente und Einstellungen\Leif\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat

[2008/11/24 12:51:43 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat

[2008/11/24 12:46:20 | 000,001,124 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI

[2008/11/24 12:39:28 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat

[2008/11/24 12:33:11 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI

[2008/11/24 12:32:09 | 000,323,520 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT

[2008/10/07 02:13:30 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll

[2008/10/07 02:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll

[2008/10/07 02:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll

[2008/10/07 02:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll

[2008/10/07 02:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll

[2008/10/07 02:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll

[2008/10/07 02:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll

[2008/10/07 02:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll

[2008/10/07 02:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll

[2008/10/07 02:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll

[2005/08/05 08:26:04 | 000,239,104 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll

[2004/08/10 14:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat

[2004/08/10 14:00:00 | 000,459,194 | ---- | C] () -- C:\WINDOWS\System32\perfh007.dat

[2004/08/10 14:00:00 | 000,441,552 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat

[2004/08/10 14:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat

[2004/08/10 14:00:00 | 000,269,480 | ---- | C] () -- C:\WINDOWS\System32\perfi007.dat

[2004/08/10 14:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat

[2004/08/10 14:00:00 | 000,084,708 | ---- | C] () -- C:\WINDOWS\System32\perfc007.dat

[2004/08/10 14:00:00 | 000,071,488 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat

[2004/08/10 14:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin

[2004/08/10 14:00:00 | 000,034,478 | ---- | C] () -- C:\WINDOWS\System32\perfd007.dat

[2004/08/10 14:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat

[2004/08/10 14:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat

[2004/08/10 14:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin

[2004/08/10 14:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat

[2003/07/30 04:48:28 | 000,004,711 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat

[2003/07/30 03:49:22 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin

[2001/03/30 15:58:36 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\Property.dll

[1996/04/03 14:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys

 
 ========== LOP Check ==========

 

[2012/07/17 10:37:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Leif\Anwendungsdaten\BrowserCompanion

[2012/07/21 08:03:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Leif\Anwendungsdaten\Dropbox

[2012/06/12 12:15:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Leif\Anwendungsdaten\DVDVideoSoft

[2011/01/05 05:22:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Leif\Anwendungsdaten\DVDVideoSoftIEHelpers

[2012/05/22 11:44:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Leif\Anwendungsdaten\Dyiwa

[2010/04/13 12:28:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Leif\Anwendungsdaten\elsterformular

[2012/11/19 10:07:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Leif\Anwendungsdaten\fotw

[2010/07/15 06:36:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Leif\Anwendungsdaten\gtk-2.0

[2012/05/27 06:12:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Leif\Anwendungsdaten\Homoa

[2009/03/13 11:05:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Leif\Anwendungsdaten\My Games

[2009/07/17 09:42:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Leif\Anwendungsdaten\Template

[2011/05/22 10:33:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Leif\Anwendungsdaten\TuneUp Software

[2012/05/22 09:07:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Leif\Anwendungsdaten\Veewy

[2010/04/13 12:27:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\elsterformular

[2011/10/17 08:35:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ICQ

[2008/12/09 09:27:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MailFrontier

[2012/12/03 08:27:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Package Cache

[2009/08/12 06:15:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Phase6

[2011/12/24 15:48:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SimCity Societies

[2012/01/11 13:25:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TOSHIBA

[2011/05/22 11:12:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TuneUp Software

[2009/02/10 11:16:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Viewpoint

[2011/05/22 10:32:57 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}

 
 ========== Purity Check ==========

 

 

 
 ========== Custom Scans ==========

 

 
 < %SYSTEMDRIVE%\*. >

[2012/11/19 10:14:24 | 000,000,000 | ---D | M] -- C:\76f86e3e594e7d2e39c22aa96b211d

[2008/11/24 12:48:44 | 000,000,000 | ---D | M] -- C:\AddOn

[2012/03/14 07:54:30 | 000,000,000 | ---D | M] -- C:\Cache

[2012/02/27 08:29:53 | 000,000,000 | ---D | M] -- C:\Data

[2012/04/04 08:29:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen

[2010/07/27 18:36:44 | 000,000,000 | ---D | M] -- C:\DVD

[2011/03/14 12:51:54 | 000,000,000 | ---D | M] -- C:\found.000

[2011/12/29 12:21:18 | 000,000,000 | ---D | M] -- C:\found.001

[2012/06/20 11:25:32 | 000,000,000 | RH-D | M] -- C:\MSOCache

[2012/05/01 10:59:54 | 000,000,000 | ---D | M] -- C:\NVIDIA

[2009/06/15 14:24:45 | 000,000,000 | ---D | M] -- C:\Program Files

[2012/12/17 07:14:52 | 000,000,000 | R--D | M] -- C:\Programme

[2012/03/22 02:53:35 | 000,000,000 | ---D | M] -- C:\Qoobox

[2013/01/03 21:31:44 | 000,000,000 | -HSD | M] -- C:\RECYCLER

[2012/11/27 11:41:27 | 000,000,000 | ---D | M] -- C:\skins

[2013/01/01 17:27:53 | 000,000,000 | -HSD | M] -- C:\System Volume Information

[2013/01/01 17:21:18 | 000,000,000 | ---D | M] -- C:\WINDOWS

[2012/03/21 10:30:02 | 000,000,000 | ---D | M] -- C:\_OTL

 
 < %PROGRAMFILES%\*.exe >

 

Invalid Environment Variable: %LOCALAPPDATA%\*.exe

 
 < %systemroot%\*. /mp /s >

 

 
 < MD5 for: AGP440.SYS  >

[2004/08/10 14:00:00 | 017,006,491 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys

[2008/04/14 02:03:54 | 020,108,202 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys

[2008/04/14 02:03:54 | 020,108,202 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys

[2008/04/13 18:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys

[2008/04/13 18:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys

 
 < MD5 for: ATAPI.SYS  >

[2004/08/10 14:00:00 | 017,006,491 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys

[2008/04/14 02:03:54 | 020,108,202 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys

[2008/04/14 02:03:54 | 020,108,202 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys

[2008/04/13 18:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys

[2008/04/13 18:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys

[2004/08/10 14:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys

[2004/08/10 14:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\ERDNT\cache\atapi.sys

[2004/08/10 14:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\ReinstallBackups\0006\DriverFiles\i386\atapi.sys

 
 < MD5 for: EVENTLOG.DLL  >

[2008/04/14 01:52:12 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll

[2008/04/14 01:52:12 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\system32\eventlog.dll

[2004/08/10 14:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=B932C077D5A65B71B4512544AC404CB4 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll

[2004/08/10 14:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=B932C077D5A65B71B4512544AC404CB4 -- C:\WINDOWS\ERDNT\cache\eventlog.dll

 
 < MD5 for: EXPLORER.EXE  >

[2004/08/10 14:00:00 | 001,035,264 | ---- | M] (Microsoft Corporation) MD5=22FE1BE02EADDE1632E478E4125639E0 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe

[2004/08/10 14:00:00 | 001,035,264 | ---- | M] (Microsoft Corporation) MD5=22FE1BE02EADDE1632E478E4125639E0 -- C:\WINDOWS\ERDNT\cache\explorer.exe

[2008/04/14 01:52:46 | 001,036,800 | ---- | M] (Microsoft Corporation) MD5=418045A93CD87A352098AB7DABE1B53E -- C:\WINDOWS\explorer.exe

[2008/04/14 01:52:46 | 001,036,800 | ---- | M] (Microsoft Corporation) MD5=418045A93CD87A352098AB7DABE1B53E -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe

 
 < MD5 for: IASTOR.SYS  >

[2005/10/12 06:07:12 | 000,874,240 | ---- | M] (Intel Corporation) MD5=309C4D86D989FB1FCF64BD30DC81C51B -- C:\WINDOWS\system32\drivers\iaStor.sys

 
 < MD5 for: NETLOGON.DLL  >

[2008/04/14 01:52:20 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll

[2008/04/14 01:52:20 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\system32\netlogon.dll

[2004/08/10 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=D27395EDCD3416AFD125A9370DCB585C -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll

[2004/08/10 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=D27395EDCD3416AFD125A9370DCB585C -- C:\WINDOWS\ERDNT\cache\netlogon.dll

 
 < MD5 for: NVATABUS.SYS  >

[2005/08/18 10:52:06 | 000,093,568 | ---- | M] (NVIDIA Corporation) MD5=0344AA9113DC16EEC379F4652020849D -- C:\WINDOWS\system32\drivers\nvatabus.sys

 
 < MD5 for: SCECLI.DLL  >

[2008/04/14 01:52:24 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll

[2008/04/14 01:52:24 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\system32\scecli.dll

[2004/08/10 14:00:00 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=64DC26B3CF7BCCAD431CE360A4C625D5 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll

[2004/08/10 14:00:00 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=64DC26B3CF7BCCAD431CE360A4C625D5 -- C:\WINDOWS\ERDNT\cache\scecli.dll

 
 < MD5 for: USER32.DLL  >

[2005/03/02 13:09:46 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=3751D7CF0E0A113D84414992146BCE6A -- C:\WINDOWS\$NtServicePackUninstall$\user32.dll

[2005/03/02 13:09:46 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=3751D7CF0E0A113D84414992146BCE6A -- C:\WINDOWS\ERDNT\cache\user32.dll

[2005/03/02 13:19:56 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=4C90159A69A5FD3EB39C71411F28FCFF -- C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\user32.dll

[2008/04/14 01:52:32 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\ServicePackFiles\i386\user32.dll

[2008/04/14 01:52:32 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\system32\user32.dll

 
 < MD5 for: USERINIT.EXE  >

[2008/04/14 01:53:04 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe

[2008/04/14 01:53:04 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\system32\userinit.exe

[2004/08/10 14:00:00 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=D1E53DC57143F2584B1DD53B036C0633 -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe

[2004/08/10 14:00:00 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=D1E53DC57143F2584B1DD53B036C0633 -- C:\WINDOWS\ERDNT\cache\userinit.exe

 
 < MD5 for: VIAMRAID.SYS  >

[2005/04/08 04:43:26 | 000,060,928 | ---- | M] (VIA Technologies inc,.ltd) MD5=0363E216E4EB5052969C96608934DBDE -- C:\WINDOWS\system32\drivers\viamraid.sys

 
 < MD5 for: WINLOGON.EXE  >

[2004/08/10 14:00:00 | 000,507,392 | ---- | M] (Microsoft Corporation) MD5=2B6A0BAF33A9918F09442D873848FF72 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe

[2004/08/10 14:00:00 | 000,507,392 | ---- | M] (Microsoft Corporation) MD5=2B6A0BAF33A9918F09442D873848FF72 -- C:\WINDOWS\ERDNT\cache\winlogon.exe

[2008/04/14 01:53:06 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe

[2008/04/14 01:53:06 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\system32\winlogon.exe

 
 < MD5 for: WS2IFSL.SYS  >

[2004/08/10 14:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\dllcache\ws2ifsl.sys

[2004/08/10 14:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\drivers\ws2ifsl.sys

 
 < %systemroot%\system32\drivers\*.sys /lockedfiles >

 
 < %systemroot%\System32\config\*.sav >

[2008/11/24 13:31:13 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav

[2008/11/24 13:31:13 | 000,663,552 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav

[2008/11/24 13:31:13 | 000,430,080 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav

 
 < %systemroot%\system32\*.dll /lockedfiles >

[2011/03/03 01:54:43 | 000,149,504 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\dnsapi.dll

[2012/08/28 13:35:48 | 011,111,424 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\ieframe.dll

[2012/08/28 10:05:47 | 002,000,384 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\iertutil.dll

[2008/04/14 01:52:20 | 000,280,064 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\mstask.dll

[2008/04/14 01:52:22 | 000,067,072 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\ntdsapi.dll

[2012/06/08 09:25:14 | 008,503,808 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\shell32.dll

 

Invalid Environment Variable: %USERPROFILE%\*.*

 

Invalid Environment Variable: %USERPROFILE%\Local Settings\Temp\*.exe

 

Invalid Environment Variable: %USERPROFILE%\Local Settings\Temp\*.dll

 

Invalid Environment Variable: %USERPROFILE%\Application Data\*.exe

< End of report >
--- --- ---