| Thomibleu | 13.01.2013 13:29 |
weisser Bildschirm nach Windowsstart
Habe einen weissen Schirm nach Windows-xp Start, erst nach druecken der AUS-Taste verschwindet die weisse Flaeche, man sieht den Desktop und der Rechner faehrt runter. F8 Funktionen sind parktisch ausgeschaltet.
Habe mit einer OTLPE-CD gebootet und den OTLPE Scan gemacht. Bekomme aber nur ein OTLPE.TXT File, kein Extras.txt.
Hier das OTLPE File:
Was muß ich jetzt noch machen?
Habe seit kurzem beim Booten von der Festplatte den gefälschten GVU Bildschirm mit Aufforderung 100€ zu zahlen anstatt des weißen Bildschirmes!
Danke fuer einen Tipp!
OTL Logfile: Code:
OTL logfile created on: 1/13/2013 10:55:09 AM - Run
OTLPE by OldTimer - Version 3.1.48.0 Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 88.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 97.00% Paging File free
Paging file location(s): C:\pagefile.sys 4610 6144 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 298.09 Gb Total Space | 77.90 Gb Free Space | 26.13% Space Free | Partition Type: NTFS
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet004
========== Win32 Services (SafeList) ==========
SRV - File not found [Auto] -- -- (NProtectService)
SRV - [2013/01/11 12:32:14 | 000,115,760 | ---- | M] (Mozilla Foundation) [On_Demand] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/01/09 04:34:29 | 000,251,400 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/12/25 03:53:30 | 002,547,816 | ---- | M] () [Auto] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\BrowserProtect\2.6.1040.25\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe -- (BrowserProtect)
SRV - [2012/12/14 04:17:04 | 003,467,768 | ---- | M] (TeamViewer GmbH) [Auto] -- C:\Programme\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2012/12/06 07:55:52 | 000,078,536 | ---- | M] (Macrovision ) [On_Demand] -- C:\Programme\Gemeinsame Dateien\InstallShield Shared\Service\InstallShield Licensing Service.exe -- (InstallShield Licensing Service)
SRV - [2012/11/15 17:34:30 | 005,814,904 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto] -- C:\Programme\AVG\AVG2013\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2012/11/13 08:07:24 | 000,168,384 | ---- | M] (Safer-Networking Ltd.) [Auto] -- C:\Programme\Spybot - Search & Destroy 2\SDWSCSvc.exe -- (SDWSCService)
SRV - [2012/11/13 08:07:20 | 001,369,624 | ---- | M] (Safer-Networking Ltd.) [Disabled] -- C:\Programme\Spybot - Search & Destroy 2\SDUpdSvc.exe -- (SDUpdateService)
SRV - [2012/11/13 08:07:16 | 001,103,392 | ---- | M] (Safer-Networking Ltd.) [Auto] -- C:\Programme\Spybot - Search & Destroy 2\SDFSSvc.exe -- (SDScannerService)
SRV - [2012/11/12 13:49:29 | 000,161,768 | ---- | M] (Oracle Corporation) [Auto] -- C:\Programme\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2012/11/09 05:21:24 | 000,160,944 | R--- | M] (Skype Technologies) [Auto] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/10/22 07:05:08 | 000,196,664 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto] -- C:\Programme\AVG\AVG2013\avgwdsvc.exe -- (avgwd)
SRV - [2012/10/16 13:09:17 | 000,711,112 | ---- | M] () [Auto] -- C:\Programme\Gemeinsame Dateien\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe -- (vToolbarUpdater13.2.0)
SRV - [2012/10/02 06:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012/09/12 19:53:06 | 000,196,112 | ---- | M] (Nitro PDF Software) [Auto] -- C:\Programme\Nitro PDF\Reader\NitroPDFReaderDriverService2.exe -- (NitroReaderDriverReadSpool2)
SRV - [2012/07/12 04:48:46 | 000,185,856 | ---- | M] () [Auto] -- C:\Programme\Web Assistant\ExtensionUpdaterService.exe -- (Web Assistant Updater)
SRV - [2012/01/20 01:41:36 | 000,008,192 | ---- | M] () [Auto] -- C:\WINDOWS\system32\srvany.exe -- (KMService)
SRV - [2011/11/23 05:25:42 | 000,072,704 | ---- | M] (Adobe Systems) [On_Demand] -- C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe -- (Adobe LM Service)
SRV - [2011/11/18 08:51:12 | 003,673,944 | ---- | M] () [Auto] -- C:\Programme\Tobit Radio.fx\Server\rfx-server.exe -- (Radio.fx)
SRV - [2011/07/19 22:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2011/07/02 07:13:46 | 000,269,480 | ---- | M] (Avira GmbH) [Auto] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011/05/03 10:03:19 | 001,045,256 | ---- | M] (Acresso Software Inc.) [On_Demand] -- C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011/04/27 02:08:59 | 000,136,360 | ---- | M] (Avira GmbH) [Auto] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011/03/21 06:21:24 | 000,632,832 | ---- | M] (Nokia) [On_Demand] -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2011/02/17 07:37:02 | 000,098,304 | ---- | M] (Robert McNeel & Associates) [Auto] -- C:\Programme\Rhinoceros 5.0 WIP\System\RhinoVersionCheckSvc32.exe -- (McNeelUpdates32) McNeel Update (32-bit)
SRV - [2011/01/07 22:08:28 | 000,038,400 | ---- | M] (Dassault Systemes) [Auto] -- C:\Programme\Dassault Systemes\B21\intel_a\code\bin\CATSysDemon.exe -- (BBDemon)
SRV - [2010/04/10 11:05:58 | 000,266,544 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Programme\Microsoft Fix it Center\Matsvc.exe -- (MatSvc)
SRV - [2010/03/29 10:13:26 | 000,602,624 | ---- | M] (Hauppauge Computer Works) [Auto] -- C:\Programme\WinTV\TVServer\HauppaugeTVServer.exe -- (HauppaugeTVServer)
SRV - [2010/03/18 04:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto] -- C:\Programme\Gemeinsame Dateien\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010/03/09 19:10:38 | 000,086,016 | ---- | M] () [Auto] -- C:\Programme\Autodesk\3ds Max Design 2011\mentalimages\satellite\raysat_3dsmax2011_32server.exe -- (mi-raysat_3dsmax2011_32)
SRV - [2010/01/09 15:37:50 | 004,640,000 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2010/01/09 15:18:00 | 000,149,352 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2009/12/08 04:35:31 | 000,079,360 | ---- | M] (Autodesk) [Auto] -- C:\Programme\Gemeinsame Dateien\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service)
SRV - [2009/09/16 19:03:00 | 000,369,952 | ---- | M] (SafeNet, Inc.) [Auto] -- C:\Programme\Gemeinsame Dateien\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe -- (SentinelKeysServer)
SRV - [2009/09/16 19:00:02 | 000,292,128 | ---- | M] (SafeNet, Inc.) [Auto] -- C:\Programme\Gemeinsame Dateien\SafeNet Sentinel\Sentinel Security Runtime\sntlsrtsrvr.exe -- (SentinelSecurityRuntime)
SRV - [2008/09/03 06:47:00 | 000,131,072 | ---- | M] (AuthenTec,Inc) [Auto] -- C:\WINDOWS\system32\FpLogonServ.exe -- (FingerprintServer)
SRV - [2008/07/17 07:24:40 | 000,110,592 | ---- | M] (TOSHIBA CORPORATION) [Auto] -- C:\Programme\Toshiba\3GUty\tw3gsvc.exe -- (TW3GSVC)
SRV - [2008/06/04 11:06:46 | 000,083,312 | ---- | M] (TOSHIBA Corporation) [Auto] -- C:\Programme\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe -- (TNaviSrv)
SRV - [2008/05/27 06:12:18 | 000,628,072 | ---- | M] (TOSHIBA Corporation) [Auto] -- C:\Programme\TOSHIBA\TPHM\TPCHSrv.exe -- (TPCHSrv)
SRV - [2008/05/05 09:19:16 | 000,552,312 | ---- | M] (TOSHIBA Corporation) [Auto] -- C:\WINDOWS\system32\ThpSrv.exe -- (Thpsrv)
SRV - [2008/04/29 08:45:54 | 002,058,776 | ---- | M] (Intel Corporation) [Auto] -- C:\Programme\Gemeinsame Dateien\Intel\Privacy Icon\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2008/04/29 08:45:50 | 000,174,616 | ---- | M] (Intel Corporation) [Auto] -- C:\Programme\Intel\AMT\LMS.exe -- (LMS) Intel(R)
SRV - [2008/04/14 07:00:00 | 000,015,872 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (W3SVC)
SRV - [2008/04/14 07:00:00 | 000,015,872 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (SMTPSVC) Simple Mail Transfer Protocol (SMTP)
SRV - [2008/04/14 07:00:00 | 000,015,872 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\inetsrv\inetinfo.exe -- (IISADMIN)
SRV - [2008/04/11 04:57:14 | 000,124,264 | ---- | M] (TOSHIBA CORPORATION) [Auto] -- C:\Programme\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)
SRV - [2008/03/09 18:04:52 | 000,065,536 | ---- | M] () [Auto] -- C:\Programme\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_32server.exe -- (mi-raysat_3dsMax2009_32)
SRV - [2008/01/22 11:35:52 | 000,103,808 | ---- | M] () [Auto] -- C:\Programme\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2007/12/16 21:00:00 | 000,143,872 | ---- | M] (SEIKO EPSON CORPORATION) [Auto] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\EPSON\EPW!3 SSRP\E_S40ST7.EXE -- (EPSON_EB_RPCV4_01) EPSON V5 Service4(01)
SRV - [2007/11/21 10:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) [Auto] -- C:\WINDOWS\system32\TODDSrv.exe -- (TODDSrv)
SRV - [2007/03/07 09:32:22 | 000,065,536 | ---- | M] () [Auto] -- C:\Programme\Autodesk\VIZ2008\mentalray\satellite\raysat_VIZ2008_32server.exe -- (mi-raysat_VIZ2008_32)
SRV - [2007/01/10 21:02:00 | 000,113,664 | ---- | M] (SEIKO EPSON CORPORATION) [Auto] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\EPSON\EPW!3 SSRP\E_S40RP7.EXE -- (EPSON_PM_RPCV4_01) EPSON V3 Service4(01)
SRV - [2006/10/26 07:40:34 | 000,335,872 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM)
SRV - [2006/10/05 06:10:12 | 000,009,216 | ---- | M] (Agere Systems) [Auto] -- C:\WINDOWS\system32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2006/01/19 13:51:20 | 000,118,784 | ---- | M] (TOSHIBA) [Auto] -- C:\Programme\TOSHIBA\TME3\Tmesrv31.exe -- (Tmesrv)
SRV - [2005/04/04 11:58:28 | 000,163,840 | ---- | M] (Adobe Systems Incorporated) [Auto] -- C:\Programme\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe -- (Adobe Version Cue CS2)
SRV - [2005/01/17 09:38:00 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto] -- C:\Programme\Toshiba\ConfigFree\CFSvcs.exe -- (CFSvcs)
SRV - [2004/10/21 19:24:18 | 000,073,728 | ---- | M] (Macrovision Corporation) [On_Demand] -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2004/04/19 04:05:06 | 000,608,768 | ---- | M] (GLOBEtrotter Software Inc.) [On_Demand] -- C:\FlexLM\lmgrd.exe -- (EON)
SRV - [2003/05/14 14:45:04 | 000,065,795 | R--- | M] (HP) [On_Demand] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
========== Driver Services (SafeList) ==========
DRV - File not found [File_System | On_Demand] -- -- (WinRing0_1_2_0)
DRV - File not found [Kernel | On_Demand] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP)
DRV - File not found [Kernel | System] -- -- (PCIDump)
DRV - File not found [Kernel | System] -- -- (lbrtfdc)
DRV - File not found [Kernel | System] -- -- (i2omgmt)
DRV - File not found [Kernel | Auto] -- -- (DS1410D)
DRV - File not found [Kernel | On_Demand] -- -- (DBGMSG)
DRV - File not found [Kernel | On_Demand] -- -- (CrystalSysInfo)
DRV - File not found [Kernel | System] -- -- (Changer)
DRV - File not found [Kernel | On_Demand] -- -- (APL531)
DRV - [2012/11/28 12:49:00 | 000,025,088 | ---- | M] (TeamViewer GmbH) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\teamviewervpn.sys -- (teamviewervpn)
DRV - [2012/11/15 17:33:26 | 000,094,048 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2012/10/22 07:02:46 | 000,179,936 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | System] -- C:\WINDOWS\system32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2012/10/16 13:09:18 | 000,026,984 | ---- | M] (AVG Technologies) [Kernel | System] -- C:\WINDOWS\system32\drivers\avgtpx86.sys -- (avgtp)
DRV - [2012/10/14 21:48:52 | 000,055,776 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2012/10/01 20:30:38 | 000,159,712 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2012/09/20 20:46:06 | 000,164,832 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2012/09/20 20:46:00 | 000,177,376 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\avglogx.sys -- (Avglogx)
DRV - [2012/09/20 20:45:54 | 000,019,936 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | System] -- C:\WINDOWS\system32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2012/09/13 20:05:20 | 000,035,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot] -- C:\WINDOWS\system32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2012/06/03 03:45:50 | 000,005,504 | ---- | M] () [File_System | Auto] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2011/12/16 10:53:28 | 000,013,304 | ---- | M] (TeamViewer GmbH) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\TVMonitor.sys -- (MonitorFunction)
DRV - [2011/08/18 11:38:53 | 000,015,584 | ---- | M] (Meetinghouse Data Communications) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\mdc8021x.sys -- (MDC8021X) AEGIS Protocol (IEEE 802.1x)
DRV - [2011/07/02 07:13:47 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2011/07/02 07:13:47 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011/02/24 13:15:00 | 000,011,232 | ---- | M] () [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\SWDUMon.sys -- (SWDUMon)
DRV - [2010/04/28 00:44:02 | 000,054,760 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
DRV - [2010/01/27 13:56:48 | 000,054,016 | R--- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\hcw17bda.sys -- (hcw17bda)
DRV - [2009/12/10 11:23:36 | 006,017,568 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2009/11/18 01:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2009/11/18 01:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2009/05/11 03:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009/02/13 05:35:01 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\Programme\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2008/08/26 03:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008/08/14 02:52:00 | 000,146,944 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\atswpdrv.sys -- (ATSWPDRV) AuthenTec TruePrint USB Driver (SwipeSensor)
DRV - [2008/07/25 08:41:36 | 000,042,608 | ---- | M] (Alfa Corporation) [File_System | Boot] -- C:\WINDOWS\system32\drivers\AlfaFF.sys -- (AlfaFF)
DRV - [2008/07/23 16:12:14 | 000,072,232 | R--- | M] (Ericsson AB) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\toshgps.sys -- (toshgps)
DRV - [2008/07/08 13:04:10 | 000,402,816 | R--- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\toshunic.sys -- (toshunic) Toshiba F3507g Mobile Broadband Network Adapter (WDM)
DRV - [2008/07/08 13:04:08 | 000,430,080 | R--- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\toshmdm2.sys -- (toshmdm2)
DRV - [2008/07/08 13:04:08 | 000,385,536 | R--- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\toshmdm.sys -- (toshmdm)
DRV - [2008/07/08 13:04:08 | 000,376,960 | R--- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\toshcard.sys -- (toshcard)
DRV - [2008/07/08 13:04:08 | 000,300,544 | R--- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\toshbus.sys -- (toshbus) Toshiba F3507g Mobile Broadband Device driver (WDM)
DRV - [2008/07/08 13:04:08 | 000,025,856 | R--- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\toshnd5.sys -- (toshnd5) Toshiba F3507g Mobile Broadband Network Adapter (NDIS)
DRV - [2008/07/08 13:04:08 | 000,014,976 | R--- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\toshmdfl2.sys -- (toshmdfl2)
DRV - [2008/07/08 13:04:08 | 000,014,976 | R--- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\toshmdfl.sys -- (toshmdfl)
DRV - [2008/07/02 04:18:18 | 000,024,232 | R--- | M] (Sony Ericsson) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\toshscard.sys -- (Sony_EricssonWWSC)
DRV - [2008/06/04 10:32:58 | 000,279,376 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\tos_sps32.sys -- (tos_sps32)
DRV - [2008/04/30 14:09:24 | 000,004,992 | ---- | M] (TOSHIBA Corporation) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\TVALZFL.sys -- (TVALZFL)
DRV - [2008/04/27 23:14:54 | 003,626,112 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\NETw5x32.sys -- (NETw5x32) Intel(R)
DRV - [2008/04/23 10:15:26 | 000,131,712 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\tosrfbd.sys -- (tosrfbd)
DRV - [2008/04/13 17:16:24 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\MPE.sys -- (MPE)
DRV - [2008/03/27 04:42:00 | 000,244,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\e1y5132.sys -- (e1yexpress) Intel(R)
DRV - [2008/03/26 07:12:56 | 000,040,832 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\HECI.sys -- (HECI) Intel(R)
DRV - [2008/03/25 06:54:02 | 000,041,472 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\tosporte.sys -- (tosporte)
DRV - [2008/03/19 04:38:24 | 000,074,112 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Tosrfhid.sys -- (Tosrfhid)
DRV - [2008/02/15 11:01:18 | 000,046,592 | ---- | M] (REDC) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2008/01/22 13:57:48 | 000,054,144 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\TosRfSnd.sys -- (TosRfSnd)
DRV - [2008/01/11 16:58:00 | 000,021,120 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\thpdrv.sys -- (Thpdrv)
DRV - [2007/12/24 02:18:48 | 000,068,696 | ---- | M] (O2Micro) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\oz776.sys -- (guardian2)
DRV - [2007/12/17 05:45:20 | 000,018,432 | ---- | M] (Chicony Electronics Co., Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\UVCFTR_S.SYS -- (UVCFTR)
DRV - [2007/11/29 02:45:44 | 000,036,608 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\tosrfbnp.sys -- (tosrfbnp)
DRV - [2007/10/18 07:25:00 | 000,041,856 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\tosrfusb.sys -- (Tosrfusb)
DRV - [2007/10/02 04:43:22 | 000,064,128 | ---- | M] (TOSHIBA Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\tosrfcom.sys -- (Tosrfcom)
DRV - [2007/09/04 04:14:00 | 000,006,528 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\Thpevm.sys -- (Thpevm)
DRV - [2007/07/30 04:54:02 | 000,038,400 | ---- | M] (REDC) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007/07/30 03:42:58 | 000,043,008 | ---- | M] (REDC) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2007/07/24 00:59:12 | 000,041,216 | ---- | M] (Infineon Technologies AG) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ifxtpm.sys -- (IFXTPM)
DRV - [2007/04/24 09:52:10 | 000,016,688 | ---- | M] (IBM) [Kernel | System] -- C:\WINDOWS\system32\drivers\LUMDriver.sys -- (LUMDriver)
DRV - [2007/03/26 05:22:18 | 000,105,856 | ---- | M] (TOSHIBA Corporation) [File_System | Auto] -- C:\WINDOWS\system32\drivers\tdudf.sys -- (tdudf)
DRV - [2007/02/22 08:10:30 | 000,016,128 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV - [2007/02/21 11:20:36 | 000,435,072 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\TEchoCan.sys -- (TEchoCan)
DRV - [2007/02/19 05:15:32 | 000,134,016 | ---- | M] (TOSHIBA Corporation) [File_System | Auto] -- C:\WINDOWS\system32\drivers\trudf.sys -- (trudf)
DRV - [2007/02/15 09:44:06 | 000,016,768 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\TVALZ.SYS -- (TVALZ)
DRV - [2006/11/28 09:11:00 | 001,161,888 | ---- | M] (Agere Systems) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2006/11/10 08:05:00 | 000,018,688 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc)
DRV - [2006/10/23 09:32:20 | 000,009,216 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\tosrfec.sys -- (tosrfec)
DRV - [2005/05/09 14:08:40 | 000,033,792 | ---- | M] (Team H2O) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\cledx.sys -- (CLEDX)
DRV - [2005/01/06 22:42:00 | 000,018,612 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\tosrfnds.sys -- (tosrfnds)
DRV - [2004/06/16 04:08:48 | 000,005,888 | ---- | M] (Toshiba Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\TMEI3E.sys -- (TMEI3E)
DRV - [2004/05/08 14:38:06 | 000,101,833 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2003/01/29 07:35:00 | 000,012,032 | ---- | M] (TOSHIBA Corporation.) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\Netdevio.sys -- (Netdevio)
DRV - [2002/06/30 19:49:30 | 000,061,536 | ---- | M] (PACE Anti-Piracy, Inc.) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\TPkd.sys -- (TPkd)
DRV - [2002/02/05 00:03:00 | 000,034,578 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\NPDRIVER.SYS -- (NPDriver)
DRV - [2001/10/16 09:19:18 | 000,058,032 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Programme\Symantec\SYMEVENT.SYS -- (SymEvent)
DRV - [2001/08/17 21:20:12 | 000,097,440 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2000/05/28 22:42:28 | 000,009,882 | R--- | M] () [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbbc.sys -- (Wdm1)
DRV - [1999/05/04 16:19:24 | 000,073,216 | ---- | M] () [Kernel | Auto] -- C:\WINDOWS\System32\Drivers\SENTINEL.SYS -- (Sentinel)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.t-online.de
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = localhost;127.0.0.1;<local>
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = localhost:8118
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.t-online.de
IE - HKU\Administrator_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\LocalService_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.t-online.de
IE - HKU\mathias_ON_C\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www.claro-search.com/?affID=114506&tt=0213_4&babsrc=HP_clro&mntrId=b058375200000000000000ff33103e9a
IE - HKU\mathias_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.certified-toolbar.com?si=41460&tid=592&bs=true&q=
IE - HKU\mathias_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.certified-toolbar.com?si=41460&tid=592&bs=true&q=
IE - HKU\mathias_ON_C\Software\Microsoft\Internet Explorer\Main,Start Default_Page_URL = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=592
IE - HKU\mathias_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\mathias_ON_C\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://search.certified-toolbar.com?si=41460&tid=592&bs=true&q=
IE - HKU\mathias_ON_C\Software\Microsoft\Internet Explorer\Search,Search Bar = hxxp://search.certified-toolbar.com?si=41460&tid=592&bs=true&q=
IE - HKU\mathias_ON_C\Software\Microsoft\Internet Explorer\Search,Search Page = hxxp://search.certified-toolbar.com?si=41460&tid=592&bs=true&q=
IE - HKU\mathias_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKU\mathias_ON_C\Software\Microsoft\Internet Explorer\Search,Start Default_Page_URL = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=592
IE - HKU\mathias_ON_C\Software\Microsoft\Internet Explorer\Search,Start Page = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=592
IE - HKU\mathias_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\mathias_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = localhost;127.0.0.1;<local>;*.local
IE - HKU\mathias_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = localhost:8118
IE - HKU\NetworkService_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.t-online.de
FF - HKLM\Software\MozillaPlugins\@3ds.com/3dxml: C:\Programme\Dassault Systemes\3D XML Player\intel_a\code\bin\NP3DXMLPlugin.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Programme\Gemeinsame Dateien\AVG Secure Search\SiteSafetyInstaller\13.2.0\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa2,version=2.0.0: C:\Programme\Picasa2\npPicasa2.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Programme\Picasa2\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Programme\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\Programme\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Programme\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Programme\Microsoft Office\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Programme\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nitropdf.com/NitroPDF: C:\Programme\Nitro PDF\Reader\npnitromozilla.dll ( )
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Programme\Web Assistant\Firefox [2012/08/19 03:39:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\avg@toolbar: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AVG Secure Search\FireFoxExt\13.2.0.5 [2012/11/09 00:25:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\webbooster@iminent.com: C:\Programme\Iminent\webbooster@iminent.com
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0\extensions\\Components: C:\Programme\Mozilla Firefox\components [2013/01/11 12:32:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins
[2013/01/07 05:53:29 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012/10/30 12:35:11 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012/12/03 06:02:00 | 000,000,000 | ---D | M] (DealPly) -- C:\Programme\Mozilla Firefox\extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}
[2013/01/07 05:55:23 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions\ffxtlbr@babylon.com
[2013/01/11 12:32:15 | 000,262,704 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll
[2012/11/29 04:19:31 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012/11/09 00:25:36 | 000,003,571 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\avg-secure-search.xml
[2012/11/29 04:19:31 | 000,002,465 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml
[2012/11/29 04:19:31 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2012/11/29 04:19:32 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2012/07/25 04:05:10 | 000,002,519 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\Search_Results.xml
[2012/10/15 14:15:35 | 000,003,280 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\Web Search.xml
[2012/11/29 04:19:31 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2012/11/29 04:19:31 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2013/01/08 19:29:21 | 000,445,085 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 15285 more lines...
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Shopping Assistant Plugin) - {1631550F-191D-4826-B069-D9439253D926} - C:\Programme\PriceGong\2.6.8\PriceGongIE.dll (PriceGong)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Bcool Class) - {831393E9-419A-BB04-EEF0-CCD937CDFF6D} - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Bcool\bhoclass.dll ()
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Programme\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll ()
O2 - BHO: (DataMngr) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\Programme\Windows iLivid Toolbar\Datamngr\BrowserConnection.dll (Bandoo Media, inc)
O2 - BHO: (no name) - {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} - No CLSID value found.
O2 - BHO: (Plugin for Media Finder) - {AD4DF010-E2FD-43CE-864A-6BD1EDC59AC2} - C:\Dokumente und Einstellungen\mathias\Anwendungsdaten\Media Finder\Extensions\IEPlugin32.dll (Media Finder)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Bcool Class) - {B2361478-84B8-18EC-4543-47564A8B5BEC} - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Bcool\bhoclass.dll ()
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Help the General-Search Project) - {CA4520F3-AE13-4FB1-A513-58E23991C86D} - C:\DOKUME~1\mathias\ANWEND~1\MEDIAF~1\EXTENS~1\GENCRA~1.DLL ()
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Programme\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - {98889811-442D-49dd-99D7-DC866BE87DBC} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {99079a25-328f-4bd4-be04-00955acaa0a7} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\mathias_ON_C\..\Toolbar\WebBrowser: (no name) - {2015C8D4-8534-48DB-B5FB-5C76291F080C} - No CLSID value found.
O3 - HKU\mathias_ON_C\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Version Cue CS2] C:\Programme\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe (Adobe Sytems Incorporated)
O4 - HKLM..\Run: [AVG_UI] C:\Programme\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [BCSSync] C:\Programme\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [SDTray] C:\Programme\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKLM..\Run: [svñhîst] File not found
O4 - HKU\Administrator_ON_C..\Run: [TOSCDSPD] C:\Programme\Toshiba\TOSCDSPD\TOSCDSPD.exe (TOSHIBA)
O4 - HKU\mathias_ON_C..\Run: [Akamai NetSession Interface] C:\Dokumente und Einstellungen\mathias\Lokale Einstellungen\Anwendungsdaten\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKU\mathias_ON_C..\Run: [PC Suite Tray] C:\Programme\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Norton System Doctor.lnk = File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\mathias_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\mathias_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentdocsInHistory = 0
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1354459863807 (MUWebControl Class)
O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Programme\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - Reg Error: Key error. File not found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Programme\Gemeinsame Dateien\AVG Secure Search\ViProtocolInstaller\13.2.0\ViProtocol.dll ()
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (c:\dokume~1\alluse~1\anwend~1\browse~2\261040~1.25\{c16c1~1\browse~1.dll) - C:\dokume~1\alluse~1\anwend~1\browse~2\261040~1.25\{c16c1~1\browse~1.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKU\mathias_ON_C Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKU\mathias_ON_C Winlogon: Shell - (C:\Dokumente und Einstellungen\mathias\Anwendungsdaten\skype.dat) - C:\Dokumente und Einstellungen\mathias\Anwendungsdaten\skype.dat ()
O20 - Winlogon\Notify\ATFUS: DllName - C:\WINDOWS\system32\FpWinLogonNp.dll - C:\WINDOWS\system32\FpWinlogonNp.dll (AuthenTec,Inc)
O20 - Winlogon\Notify\SDWinLogon: DllName - SDWinLogon.dll - File not found
O20 - Winlogon\Notify\TosBtNP: DllName - TosBtNP.dll - C:\WINDOWS\System32\TosBtNP.dll (TOSHIBA CORPORATION)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\TOSHIBA1440x0900.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\TOSHIBA1440x0900.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Programme\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/12/15 10:30:41 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O32 - AutoRun File - [2008/07/21 07:21:57 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2013\avgrsx.exe /sync /restart) - C:\Programme\AVG\AVG2013\avgrsx.exe (AVG Technologies CZ, s.r.o.)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2013/01/12 13:54:30 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\mathias\Recent
[2013/01/12 02:08:27 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\AVG
[2013/01/07 05:56:06 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\mathias\Utility\Programme\BrowserProtect
[2013/01/07 05:55:43 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\BrowserProtect
[2013/01/07 05:55:27 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\mathias\Anwendungsdaten\Claro LTD
[2013/01/07 05:55:22 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\mathias\Anwendungsdaten\PerformerSoft
[2013/01/07 05:55:10 | 000,017,464 | ---- | C] (PerformerSoft LLC) -- C:\WINDOWS\System32\roboot.exe
[2013/01/07 05:54:04 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\mathias\Lokale Einstellungen\Anwendungsdaten\Wajam
[2013/01/07 05:52:45 | 019,232,984 | ---- | C] (Mozilla) -- C:\Dokumente und Einstellungen\mathias\Desktop\Firefox-Setup-17-0-1.exe
[2013/01/04 07:53:13 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\mathias\Desktop\Poser53
[2013/01/04 05:00:34 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\mathias\Lokale Einstellungen\Anwendungsdaten\Akamai
[2013/01/04 03:12:24 | 000,035,892 | ---- | C] (Prolific Technology Inc.) -- C:\WINDOWS\System32\SER9PL.sys
[2013/01/03 05:50:39 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Norton Utilities
[2013/01/03 05:50:36 | 000,058,032 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\SYMEVENT.SYS
[2013/01/03 05:50:36 | 000,036,864 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\S32EVNT1.DLL
[2013/01/03 05:50:36 | 000,004,032 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\SYMEVNT1.DLL
[2013/01/03 05:49:25 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Symantec
[2013/01/03 05:49:24 | 000,000,000 | ---D | C] -- C:\Programme\Symantec
[2013/01/03 05:49:10 | 000,034,578 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\drivers\NPDRIVER.SYS
[2013/01/03 05:49:06 | 000,368,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\VBAR332.DLL
[2013/01/03 05:49:06 | 000,252,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSRD2X35.DLL
[2013/01/03 05:49:06 | 000,123,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSJINT35.DLL
[2013/01/03 05:49:06 | 000,024,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSJTER35.DLL
[2013/01/03 05:49:05 | 001,046,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\MSJET35.DLL
[2013/01/03 05:49:05 | 000,031,744 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\System32\S32STAT.DLL
[2013/01/03 05:48:50 | 000,617,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\COMCTL32.NU6
[2013/01/03 05:45:09 | 000,308,736 | ---- | C] (InstallShield Software Corporation) -- C:\WINDOWS\IsUn040c.exe
[2013/01/03 02:56:37 | 000,000,000 | ---D | C] -- C:\Programme\PC-Linq
[2013/01/02 10:21:19 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\mathias\Desktop\JPGS corrupt
[2013/01/02 10:20:00 | 000,000,000 | ---D | C] -- C:\Programme\Stellar Phoenix JPEG Repair
[2013/01/02 10:20:00 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Stellar Phoenix JPEG Repair
[2012/12/27 05:46:01 | 000,000,000 | ---D | C] -- C:\Programme\Dropbox
[2012/12/26 09:42:51 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\TeamViewer 8
[2012/12/21 11:14:31 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Vbox
[2012/12/21 11:03:26 | 000,000,000 | ---D | C] -- C:\Adobe Illustrator 10
[2012/12/21 10:58:29 | 000,000,000 | ---D | C] -- C:\Adobe illustrator
[2012/12/18 14:43:58 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\mathias\Desktop\Neuer Ordner
[2010/11/07 04:16:32 | 000,251,392 | ---- | C] (Vertice) -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Vertice.Installer.exe
[8 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[42 C:\Programme\*.tmp files -> C:\Programme\*.tmp -> ]
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Dokumente und Einstellungen\mathias\Lokale Einstellungen\Anwendungsdaten\*.tmp files -> C:\Dokumente und Einstellungen\mathias\Lokale Einstellungen\Anwendungsdaten\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013/03/09 15:00:30 | 000,919,456 | ---- | M] () -- C:\Dokumente und Einstellungen\mathias\Desktop\DSC00787.JPG
[2013/01/12 13:54:53 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/01/12 13:54:41 | 000,000,292 | ---- | M] () -- C:\WINDOWS\tasks\BrowserProtect.job
[2013/01/12 13:54:12 | 000,000,422 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{29377C61-43AD-4500-B869-6936B82733CB}.job
[2013/01/12 13:53:56 | 000,000,004 | ---- | M] () -- C:\Dokumente und Einstellungen\mathias\Anwendungsdaten\skype.ini
[2013/01/12 13:51:05 | 000,258,108 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml
[2013/01/12 13:50:03 | 000,001,086 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/01/12 13:49:53 | 000,000,604 | -H-- | M] () -- C:\WINDOWS\tasks\ConfigExec.job
[2013/01/12 13:49:51 | 000,000,612 | ---- | M] () -- C:\WINDOWS\tasks\Check for updates (Spybot - Search & Destroy).job
[2013/01/12 13:49:50 | 000,000,274 | ---- | M] () -- C:\WINDOWS\tasks\Game_Booster_AutoUpdate.job
[2013/01/12 13:49:49 | 000,000,274 | ---- | M] () -- C:\WINDOWS\tasks\Go for FilesUpdate.job
[2013/01/12 13:49:48 | 000,000,318 | ---- | M] () -- C:\WINDOWS\tasks\Protected Search.job
[2013/01/12 13:48:54 | 3216,232,448 | -HS- | M] () -- C:\hiberfil.sys
[2013/01/12 12:34:15 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/01/12 12:20:00 | 000,001,090 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/01/12 10:19:32 | 000,086,016 | RHS- | M] () -- C:\Dokumente und Einstellungen\mathias\wgsdgsdgdsgsd.exe
[2013/01/12 10:08:00 | 000,000,572 | -H-- | M] () -- C:\WINDOWS\tasks\DataUpload.job
[2013/01/12 02:08:27 | 000,000,740 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\AVG 2013.lnk
[2013/01/12 02:08:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\AVG
[2013/01/10 09:08:06 | 000,023,765 | ---- | M] () -- C:\Dokumente und Einstellungen\mathias\Eigene Dateien\Musterbrief_Rueckkaufswert.rtf
[2013/01/10 08:59:25 | 000,002,485 | ---- | M] () -- C:\Dokumente und Einstellungen\mathias\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\Microsoft PowerPoint 2003.lnk
[2013/01/10 08:14:44 | 000,000,126 | ---- | M] () -- C:\Dokumente und Einstellungen\mathias\Desktop\Nachdenkseiten.url
[2013/01/09 21:13:41 | 000,620,362 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2013/01/09 21:13:41 | 000,558,828 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/01/09 21:13:41 | 000,138,236 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2013/01/09 21:13:41 | 000,109,198 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/01/09 04:34:28 | 000,697,864 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013/01/09 04:34:28 | 000,074,248 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013/01/09 00:30:36 | 000,000,608 | ---- | M] () -- C:\WINDOWS\tasks\Refresh immunization (Spybot - Search & Destroy).job
[2013/01/08 19:29:21 | 000,445,085 | R--- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2013/01/08 09:28:05 | 000,002,471 | ---- | M] () -- C:\Dokumente und Einstellungen\mathias\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\Microsoft PowerPoint 2010.lnk
[2013/01/08 08:14:00 | 000,002,499 | ---- | M] () -- C:\Dokumente und Einstellungen\mathias\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Word 2003.lnk
[2013/01/08 05:40:15 | 000,001,618 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\CDBurnerXP.lnk
[2013/01/08 05:40:15 | 000,001,562 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\CDBurnerXP.lnk
[2013/01/08 03:11:14 | 039,875,741 | ---- | M] () -- C:\Dokumente und Einstellungen\mathias\Desktop\PEREC Zwischenbericht 08-12.zip
[2013/01/07 08:13:48 | 000,000,812 | ---- | M] () -- C:\Dokumente und Einstellungen\mathias\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk
[2013/01/07 08:07:40 | 000,472,376 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/01/07 07:59:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft Office
[2013/01/07 07:59:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\SharePoint
[2013/01/07 07:26:08 | 000,005,591 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2013/01/07 05:53:36 | 000,000,756 | ---- | M] () -- C:\Dokumente und Einstellungen\mathias\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2013/01/07 05:53:35 | 000,000,744 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Mozilla Firefox.lnk
[2013/01/07 05:53:35 | 000,000,738 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Mozilla Firefox.lnk
[2013/01/07 05:53:01 | 000,634,272 | ---- | M] () -- C:\Dokumente und Einstellungen\mathias\Desktop\pcp_claro.exe
[2013/01/07 05:52:51 | 019,232,984 | ---- | M] (Mozilla) -- C:\Dokumente und Einstellungen\mathias\Desktop\Firefox-Setup-17-0-1.exe
[2013/01/07 04:30:16 | 000,000,226 | RHS- | M] () -- C:\boot.ini
[2013/01/05 14:04:22 | 000,002,243 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Skype.lnk
[2013/01/04 14:00:59 | 000,039,936 | ---- | M] () -- C:\Dokumente und Einstellungen\mathias\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/01/04 12:42:38 | 066,951,200 | ---- | M] () -- C:\Dokumente und Einstellungen\mathias\Desktop\PEREC Film21.wmv
[2013/01/04 12:42:24 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2013/01/04 08:50:02 | 000,000,731 | ---- | M] () -- C:\Dokumente und Einstellungen\mathias\Desktop\Verknüpfung mit poser.exe.lnk
[2013/01/04 05:09:00 | 244,572,680 | ---- | M] () -- C:\Dokumente und Einstellungen\mathias\Eigene Dateien\SetupDWGTrueView2013_32bit.exe
[2013/01/04 04:38:43 | 008,019,903 | ---- | M] () -- C:\Dokumente und Einstellungen\mathias\Desktop\Leutenberg.pdf
[2013/01/04 03:24:28 | 000,000,075 | ---- | M] () -- C:\WINDOWS\USBBC.ini
[2013/01/03 14:30:41 | 000,000,729 | ---- | M] () -- C:\Dokumente und Einstellungen\mathias\Utility\Programme\Autostart\Norton Disk Doctor.LNK
[2013/01/03 08:56:34 | 000,000,449 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\PC-Linq.lnk
[2013/01/03 08:56:34 | 000,000,443 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\PC-Linq.lnk
[2013/01/03 06:23:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Protected Search
[2013/01/03 06:23:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\PDFCreator
[2013/01/03 06:23:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Norton Utilities
[2013/01/03 06:23:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Medion GoPal Assistant
[2013/01/03 06:23:26 | 000,000,721 | ---- | M] () -- C:\Dokumente und Einstellungen\mathias\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\TeamViewer 7.lnk
[2013/01/03 06:23:25 | 000,000,544 | ---- | M] () -- C:\Dokumente und Einstellungen\mathias\Desktop\Verknüpfung mit H2XQR-project.zip.lnk
[2013/01/03 05:50:43 | 000,000,784 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Norton System Doctor.lnk
[2013/01/03 05:50:43 | 000,000,000 | R--D | M] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart
[2013/01/03 05:45:18 | 000,000,022 | ---- | M] () -- C:\WINDOWS\_ISNU.INI
[2013/01/03 03:09:56 | 000,000,000 | ---- | M] () -- C:\WINDOWS\MDI.INI
[2013/01/02 10:20:01 | 000,000,723 | ---- | M] () -- C:\Dokumente und Einstellungen\mathias\Desktop\Stellar Phoenix JPEG Repair.lnk
[2013/01/02 10:20:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Stellar Phoenix JPEG Repair
[2013/01/01 06:22:36 | 000,000,438 | ---- | M] () -- C:\WINDOWS\tasks\Scan the system (Spybot - Search & Destroy).job
[2012/12/31 06:49:22 | 000,016,727 | ---- | M] () -- C:\Dokumente und Einstellungen\mathias\Eigene Dateien\GehaltDez2012.pdf
[2012/12/29 08:14:14 | 000,000,058 | ---- | M] () -- C:\Dokumente und Einstellungen\mathias\Desktop\Neu Wavesound.wav
[2012/12/29 04:19:13 | 000,000,185 | ---- | M] () -- C:\Dokumente und Einstellungen\mathias\Desktop\3D Scanner.url
[2012/12/28 03:19:36 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/12/27 10:01:28 | 003,025,248 | ---- | M] () -- C:\Dokumente und Einstellungen\mathias\Desktop\tg1000.exe
[2012/12/27 05:46:09 | 000,001,090 | ---- | M] () -- C:\Dokumente und Einstellungen\mathias\Utility\Programme\Autostart\Dropbox.lnk
[2012/12/27 01:23:27 | 000,015,374 | ---- | M] () -- C:\Dokumente und Einstellungen\mathias\Eigene Dateien\Weihnachten2012.pdf
[2012/12/26 09:42:51 | 000,000,829 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\TeamViewer 8.lnk
[2012/12/26 09:42:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\TeamViewer 8
[2012/12/24 08:36:35 | 002,109,050 | ---- | M] () -- C:\weihnachten 2012.3dm
[2012/12/24 08:36:16 | 000,650,235 | ---- | M] () -- C:\Weihnachten2012.png
[2012/12/24 08:24:46 | 005,809,191 | ---- | M] () -- C:\weihnachten2012.obj
[2012/12/24 08:24:46 | 000,007,377 | ---- | M] () -- C:\weihnachten2012.mtl
[2012/12/21 14:03:52 | 000,000,784 | -H-- | M] () -- C:\Dokumente und Einstellungen\All Users\Dokumente\os024889.bin
[2012/12/16 07:23:59 | 000,290,560 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\dllcache\atmfd.dll
[2012/12/16 07:23:59 | 000,290,560 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\atmfd.dll
[8 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[42 C:\Programme\*.tmp files -> C:\Programme\*.tmp -> ]
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\Dokumente und Einstellungen\mathias\Lokale Einstellungen\Anwendungsdaten\*.tmp files -> C:\Dokumente und Einstellungen\mathias\Lokale Einstellungen\Anwendungsdaten\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013/01/12 13:53:58 | 000,000,292 | ---- | C] () -- C:\WINDOWS\tasks\BrowserProtect.job
[2013/01/12 10:22:36 | 000,000,004 | ---- | C] () -- C:\Dokumente und Einstellungen\mathias\Anwendungsdaten\skype.ini
[2013/01/12 10:19:32 | 000,086,016 | RHS- | C] () -- C:\Dokumente und Einstellungen\mathias\wgsdgsdgdsgsd.exe
[2013/01/10 09:08:06 | 000,023,765 | ---- | C] () -- C:\Dokumente und Einstellungen\mathias\Eigene Dateien\Musterbrief_Rueckkaufswert.rtf
[2013/01/10 08:14:29 | 000,000,126 | ---- | C] () -- C:\Dokumente und Einstellungen\mathias\Desktop\Nachdenkseiten.url
[2013/01/09 14:13:41 | 000,919,456 | ---- | C] () -- C:\Dokumente und Einstellungen\mathias\Desktop\DSC00787.JPG
[2013/01/08 05:32:01 | 3216,232,448 | -HS- | C] () -- C:\hiberfil.sys
[2013/01/08 03:10:06 | 039,875,741 | ---- | C] () -- C:\Dokumente und Einstellungen\mathias\Desktop\PEREC Zwischenbericht 08-12.zip
[2013/01/07 05:53:35 | 000,000,756 | ---- | C] () -- C:\Dokumente und Einstellungen\mathias\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2013/01/07 05:52:45 | 000,634,272 | ---- | C] () -- C:\Dokumente und Einstellungen\mathias\Desktop\pcp_claro.exe
[2013/01/04 09:44:01 | 066,951,200 | ---- | C] () -- C:\Dokumente und Einstellungen\mathias\Desktop\PEREC Film21.wmv
[2013/01/04 08:50:02 | 000,000,731 | ---- | C] () -- C:\Dokumente und Einstellungen\mathias\Desktop\Verknüpfung mit poser.exe.lnk
[2013/01/04 05:08:21 | 244,572,680 | ---- | C] () -- C:\Dokumente und Einstellungen\mathias\Eigene Dateien\SetupDWGTrueView2013_32bit.exe
[2013/01/04 04:35:44 | 008,019,903 | ---- | C] () -- C:\Dokumente und Einstellungen\mathias\Desktop\Leutenberg.pdf
[2013/01/04 03:12:24 | 000,026,719 | ---- | C] () -- C:\WINDOWS\System32\SERSPL.VXD
[2013/01/03 14:30:41 | 000,000,729 | ---- | C] () -- C:\Dokumente und Einstellungen\mathias\Utility\Programme\Autostart\Norton Disk Doctor.LNK
[2013/01/03 08:56:34 | 000,000,449 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\PC-Linq.lnk
[2013/01/03 08:56:34 | 000,000,443 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\PC-Linq.lnk
[2013/01/03 05:50:43 | 000,000,784 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Norton System Doctor.lnk
[2013/01/03 05:50:36 | 000,120,379 | ---- | C] () -- C:\WINDOWS\System32\SYMEVNT.386
[2013/01/03 05:45:18 | 000,000,022 | ---- | C] () -- C:\WINDOWS\_ISNU.INI
[2013/01/03 03:09:56 | 000,000,075 | ---- | C] () -- C:\WINDOWS\USBBC.ini
[2013/01/03 03:09:56 | 000,000,000 | ---- | C] () -- C:\WINDOWS\MDI.INI
[2013/01/03 02:56:22 | 000,002,929 | R--- | C] () -- C:\WINDOWS\System32\coinst.dll
[2013/01/03 02:56:21 | 000,009,882 | R--- | C] () -- C:\WINDOWS\System32\drivers\usbbc.sys
[2013/01/02 10:20:01 | 000,000,723 | ---- | C] () -- C:\Dokumente und Einstellungen\mathias\Desktop\Stellar Phoenix JPEG Repair.lnk
[2012/12/31 06:49:21 | 000,016,727 | ---- | C] () -- C:\Dokumente und Einstellungen\mathias\Eigene Dateien\GehaltDez2012.pdf
[2012/12/29 08:14:14 | 000,000,058 | ---- | C] () -- C:\Dokumente und Einstellungen\mathias\Desktop\Neu Wavesound.wav
[2012/12/29 04:18:57 | 000,000,185 | ---- | C] () -- C:\Dokumente und Einstellungen\mathias\Desktop\3D Scanner.url
[2012/12/27 10:01:12 | 003,025,248 | ---- | C] () -- C:\Dokumente und Einstellungen\mathias\Desktop\tg1000.exe
[2012/12/27 01:23:25 | 000,015,374 | ---- | C] () -- C:\Dokumente und Einstellungen\mathias\Eigene Dateien\Weihnachten2012.pdf
[2012/12/24 08:36:35 | 002,109,050 | ---- | C] () -- C:\weihnachten 2012.3dm
[2012/12/24 08:36:14 | 000,650,235 | ---- | C] () -- C:\Weihnachten2012.png
[2012/12/24 08:24:39 | 005,809,191 | ---- | C] () -- C:\weihnachten2012.obj
[2012/12/24 08:24:39 | 000,007,377 | ---- | C] () -- C:\weihnachten2012.mtl
[2012/12/21 11:32:06 | 000,000,784 | -H-- | C] () -- C:\Dokumente und Einstellungen\All Users\Dokumente\os024889.bin
[2012/12/21 11:14:22 | 000,016,384 | ---- | C] () -- C:\WINDOWS\System32\FileOps.exe
[2012/11/28 03:34:35 | 000,000,231 | ---- | C] () -- C:\WINDOWS\System32\3dsviz.ini
[2012/11/12 10:32:04 | 000,420,842 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-System.dat
[2012/10/30 14:26:48 | 000,000,400 | ---- | C] () -- C:\WINDOWS\System32\drivers\dcompbg204.dat
[2012/10/30 14:26:48 | 000,000,400 | ---- | C] () -- C:\WINDOWS\d_iclink179.ini
[2012/10/16 05:15:03 | 000,290,500 | ---- | C] () -- C:\Dokumente und Einstellungen\mathias\Lokale Einstellungen\Anwendungsdaten\funmoods-speeddial_sf.crx
[2012/10/16 05:15:00 | 000,031,465 | ---- | C] () -- C:\Dokumente und Einstellungen\mathias\Lokale Einstellungen\Anwendungsdaten\funmoods.crx
[2012/08/30 13:27:07 | 000,089,908 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2012/08/27 07:44:52 | 000,000,049 | ---- | C] () -- C:\WINDOWS\hpntwksetup.ini
[2012/07/28 07:08:12 | 000,297,588 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2012/07/28 07:08:12 | 000,296,904 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2012/07/28 07:08:12 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2012/07/28 07:07:13 | 002,785,006 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data
[2012/06/03 06:05:25 | 000,155,757 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Autosave.3dm
[2012/05/21 16:58:22 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2012/04/06 10:18:58 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/02/05 00:28:40 | 000,962,560 | ---- | C] () -- C:\WINDOWS\tesseract.exe
[2012/02/05 00:06:26 | 000,073,216 | ---- | C] () -- C:\WINDOWS\cadkasdeinst01e.exe
[2012/01/20 12:28:18 | 000,000,112 | ---- | C] () -- C:\WINDOWS\ActiveSkin.INI
[2012/01/20 01:42:27 | 000,008,192 | ---- | C] () -- C:\WINDOWS\System32\srvany.exe
[2012/01/15 02:53:21 | 000,000,229 | ---- | C] () -- C:\WINDOWS\ULEAD32.INI
[2011/12/03 01:46:15 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\redmonnt.dll
[2011/10/31 11:31:54 | 000,000,861 | ---- | C] () -- C:\Dokumente und Einstellungen\mathias\.recently-used.xbel
[2011/08/18 11:38:29 | 000,001,726 | ---- | C] () -- C:\WINDOWS\ndinst.exe
[2011/08/09 03:29:24 | 000,000,028 | ---- | C] () -- C:\WINDOWS\pdf995.ini
[2011/08/08 09:37:36 | 000,000,140 | ---- | C] () -- C:\WINDOWS\wpd99.drv
[2011/08/08 09:37:35 | 000,051,716 | ---- | C] () -- C:\WINDOWS\System32\pdf995mon.dll
[2011/07/19 05:18:13 | 000,005,591 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2011/07/17 13:48:30 | 000,001,052 | R--- | C] () -- \reatogoMenu.ini
[2011/07/17 13:43:36 | 000,000,000 | R--- | C] () -- \WIN51IP.SP2
[2011/07/17 13:43:36 | 000,000,000 | R--- | C] () -- \WIN51IP
[2011/07/15 04:10:34 | 000,002,528 | ---- | C] () -- C:\Dokumente und Einstellungen\mathias\Anwendungsdaten\$_hpcst$.hpc
[2011/07/05 10:28:48 | 000,034,708 | ---- | C] () -- C:\WINDOWS\Irremote.ini
[2011/07/05 10:24:59 | 000,142,337 | ---- | C] () -- C:\WINDOWS\System32\Wait.exe
[2011/07/05 10:22:47 | 000,006,186 | ---- | C] () -- C:\WINDOWS\HCWPNP.INI
[2011/07/05 10:12:32 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\PsisDecd.dll
[2011/06/13 12:00:21 | 000,000,038 | ---- | C] () -- C:\WINDOWS\AviSplitter.INI
[2011/06/11 17:16:22 | 000,004,096 | -H-- | C] () -- C:\Dokumente und Einstellungen\mathias\Lokale Einstellungen\Anwendungsdaten\keyfile3.drm
[2011/04/28 12:37:25 | 000,024,222 | ---- | C] () -- C:\WINDOWS\System32\smtpctrs.ini
[2011/04/28 12:37:25 | 000,001,137 | ---- | C] () -- C:\WINDOWS\System32\ntfsdrct.ini
[2011/04/28 12:36:40 | 000,061,950 | ---- | C] () -- C:\WINDOWS\System32\w3ctrs.ini
[2011/04/28 12:36:39 | 000,016,173 | ---- | C] () -- C:\WINDOWS\System32\axperf.ini
[2011/04/28 12:36:38 | 000,017,590 | ---- | C] () -- C:\WINDOWS\System32\infoctrs.ini
[2011/04/02 04:05:33 | 000,000,099 | ---- | C] () -- C:\WINDOWS\WirelessFTP.INI
[2011/03/05 10:37:37 | 000,006,371 | R--- | C] () -- C:\WINDOWS\System32\hphmon05.dat
[2011/03/05 10:15:18 | 000,018,475 | ---- | C] () -- C:\WINDOWS\HPHins01.dat.temp
[2011/03/05 10:15:18 | 000,004,308 | ---- | C] () -- C:\WINDOWS\hphmdl01.dat.temp
[2011/03/05 09:45:23 | 000,018,475 | ---- | C] () -- C:\WINDOWS\HPHins01.dat
[2011/03/05 09:45:23 | 000,004,308 | ---- | C] () -- C:\WINDOWS\hphmdl01.dat
[2011/02/24 13:15:00 | 000,011,232 | ---- | C] () -- C:\WINDOWS\System32\drivers\SWDUMon.sys
[2011/01/14 14:10:45 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\eunsh.exe
[2010/12/11 11:32:41 | 000,554,496 | ---- | C] () -- C:\WINDOWS\System32\dvmsg.dll
[2010/11/14 07:12:21 | 000,000,610 | ---- | C] () -- C:\WINDOWS\System32\Verknüpfung mit SnippingTool.exe.lnk
[2010/11/12 05:54:55 | 000,073,216 | ---- | C] () -- C:\WINDOWS\System32\drivers\SENTINEL.SYS
[2010/11/12 05:53:48 | 000,017,920 | ---- | C] () -- C:\WINDOWS\System32\RNBOVDD.DLL
[2010/11/12 03:25:37 | 000,294,912 | ---- | C] () -- C:\WINDOWS\System32\mbr_sqlite.dll
[2010/11/11 12:36:49 | 000,047,616 | ---- | C] () -- C:\WINDOWS\System32\SNTI386.DLL
[2010/11/09 07:36:59 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ToDisc.INI
[2010/10/31 15:57:43 | 000,000,566 | ---- | C] () -- C:\WINDOWS\iMove Viewer.INI
[2010/10/31 07:08:30 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\BongoSDK.dll
[2010/10/08 02:26:15 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\custmon32.dll
[2010/10/04 11:48:26 | 000,049,933 | ---- | C] () -- C:\Dokumente und Einstellungen\mathias\Anwendungsdaten\EONRaptorLog.bak
[2010/10/03 22:22:04 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2010/10/03 10:43:29 | 000,000,016 | ---- | C] () -- C:\WINDOWS\System32\nvModes.dat
[2010/09/30 10:38:06 | 000,000,687 | ---- | C] () -- C:\Dokumente und Einstellungen\mathias\acdb.err
[2010/03/30 01:49:02 | 000,039,936 | ---- | C] () -- C:\Dokumente und Einstellungen\mathias\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/02/13 08:06:50 | 000,000,000 | ---- | C] () -- C:\WINDOWS\MONITOR.INI
[2010/02/13 07:50:58 | 000,253,952 | ---- | C] () -- C:\WINDOWS\System32\SerialMP.exe
[2010/02/13 07:50:58 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\ParallelMP.exe
[2010/02/13 07:50:58 | 000,000,159 | ---- | C] () -- C:\WINDOWS\System32\Config.ini
[2010/02/13 07:50:58 | 000,000,059 | ---- | C] () -- C:\WINDOWS\System32\PConfig.ini
[2010/02/13 07:50:57 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\MosUsbPrintConfig.exe
[2010/01/15 09:01:11 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009/12/16 06:38:20 | 002,293,286 | ---- | C] () -- C:\WINDOWS\System32\nvdata.bin
[2009/12/12 13:34:03 | 000,000,000 | ---- | C] () -- C:\WINDOWS\tosOBEX.INI
[2009/12/12 05:09:01 | 000,003,192 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2009/12/11 06:12:04 | 000,001,755 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\QTSBandwidthCache
[2009/12/11 06:03:36 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2009/12/08 09:55:33 | 000,000,222 | ---- | C] () -- C:\Dokumente und Einstellungen\mathias\.java.policy
[2009/12/08 05:41:25 | 000,005,504 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2009/12/08 05:12:47 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\MSVCRT10.DLL
[2009/12/08 04:45:06 | 000,000,483 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009/12/08 04:17:46 | 000,000,231 | ---- | C] () -- C:\WINDOWS\System32\3dsmax.ini
[2009/12/08 04:17:46 | 000,000,043 | ---- | C] () -- C:\WINDOWS\System32\InstallSettings.ini
[2009/12/07 05:15:24 | 000,000,146 | ---- | C] () -- C:\Dokumente und Einstellungen\mathias\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2009/08/02 18:21:54 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2009/08/02 18:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2009/08/02 18:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2009/08/02 18:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2009/08/02 18:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2009/08/02 18:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2009/08/02 18:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2009/08/02 18:21:54 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2009/08/02 18:21:52 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2009/08/02 18:21:52 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2009/03/17 03:59:18 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\BongoSDK.10.v40.dll
[2008/12/08 11:42:00 | 000,432,672 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
[2008/08/18 22:22:09 | 001,657,376 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2008/08/18 22:22:05 | 001,724,416 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2008/08/18 22:22:05 | 001,101,824 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2008/08/18 22:21:58 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2008/08/18 22:21:50 | 001,507,328 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2008/08/18 22:21:46 | 001,346,080 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2008/08/18 22:21:32 | 000,449,056 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2008/07/21 08:48:27 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2008/07/21 08:36:15 | 000,000,562 | ---- | C] () -- C:\WINDOWS\TBTdetect.ini
[2008/07/21 08:18:31 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2008/07/21 08:18:01 | 000,472,376 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2008/07/21 08:01:49 | 000,000,000 | ---- | C] () -- C:\WINDOWS\NDSTray.INI
[2008/07/21 07:51:13 | 000,128,113 | ---- | C] () -- C:\WINDOWS\System32\csellang.ini
[2008/07/21 07:51:13 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\csellang.dll
[2008/07/21 07:51:13 | 000,010,146 | ---- | C] () -- C:\WINDOWS\System32\tosmreg.ini
[2008/07/21 07:51:13 | 000,007,671 | ---- | C] () -- C:\WINDOWS\System32\cseltbl.ini
[2008/07/21 07:47:56 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\000StTHK.exe
[2008/07/21 07:47:48 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2008/07/21 07:47:35 | 000,007,104 | ---- | C] () -- C:\WINDOWS\System32\drivers\HDACfg.dat
[2008/07/21 07:39:43 | 000,000,146 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2008/07/21 07:37:47 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\ToshBIOS.dll
[2008/07/21 07:36:10 | 000,000,849 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2008/07/21 07:35:46 | 000,159,744 | ---- | C] () -- C:\WINDOWS\MakeMrk.exe
[2008/07/21 07:35:46 | 000,000,083 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2008/07/21 07:23:10 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2008/07/21 07:20:40 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008/07/21 07:14:43 | 000,620,362 | ---- | C] () -- C:\WINDOWS\System32\perfh007.dat
[2008/07/21 07:14:43 | 000,269,480 | ---- | C] () -- C:\WINDOWS\System32\perfi007.dat
[2008/07/21 07:14:43 | 000,138,236 | ---- | C] () -- C:\WINDOWS\System32\perfc007.dat
[2008/07/21 07:14:43 | 000,034,478 | ---- | C] () -- C:\WINDOWS\System32\perfd007.dat
[2008/07/21 07:14:41 | 000,558,828 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2008/07/21 07:14:41 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2008/07/21 07:14:41 | 000,109,198 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2008/07/21 07:14:41 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2008/07/21 07:14:41 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2008/07/21 07:14:40 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2008/07/21 07:14:40 | 000,058,880 | ---- | C] () -- C:\Dokumente und Einstellungen\mathias\Anwendungsdaten\skype.dat
[2008/07/21 07:14:40 | 000,004,598 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2008/07/21 07:14:40 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2008/07/21 07:14:38 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2008/07/21 07:14:38 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2008/07/21 07:14:35 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2008/07/21 07:14:35 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2008/05/26 16:23:36 | 000,016,834 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2008/05/26 16:23:34 | 000,024,188 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2008/05/26 16:23:32 | 000,016,568 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2008/05/26 15:59:42 | 000,018,904 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschematrivial.bin
[2008/05/26 15:59:40 | 000,106,605 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschema.bin
[2007/12/21 09:46:32 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\TosBtAcc.dll
[2006/03/29 04:32:32 | 000,368,640 | R--- | C] () -- C:\WINDOWS\System32\VirtualHandCore.dll
[2006/03/29 04:32:32 | 000,209,236 | R--- | C] () -- C:\WINDOWS\System32\vtidmCore.dll
[2006/03/29 04:32:32 | 000,172,032 | R--- | C] () -- C:\WINDOWS\System32\VirtualHandDevice.dll
[2006/03/29 04:32:32 | 000,057,344 | R--- | C] () -- C:\WINDOWS\System32\VirtualHandRegistry.dll
[2006/03/24 06:06:41 | 000,000,053 | R--- | C] () -- \AUTORUN.INF
[2005/08/30 17:35:24 | 000,118,784 | R--- | C] () -- C:\WINDOWS\System32\fglove.dll
[2005/07/22 14:30:18 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\TosCommAPI.dll
[2005/07/16 16:36:50 | 000,240,128 | R--- | C] () -- \reatogoMenu.exe
[2004/12/29 05:20:12 | 000,196,608 | R--- | C] () -- C:\WINDOWS\System32\spiclops.dll
[2004/09/01 09:32:28 | 000,065,536 | R--- | C] () -- C:\WINDOWS\System32\SGL13MD.dll
[2004/09/01 09:32:28 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\SPL12MD.dll
[2004/04/19 04:05:06 | 000,003,759 | R--- | C] () -- C:\WINDOWS\jscript.ini
[2004/04/19 04:05:06 | 000,003,389 | R--- | C] () -- C:\WINDOWS\vbscript.ini
[2004/04/19 04:04:54 | 000,782,420 | ---- | C] () -- C:\WINDOWS\System32\EONUtils.dll
[2004/03/23 10:38:40 | 000,086,016 | R--- | C] () -- C:\WINDOWS\System32\X3DGlCtl.dll
[2003/09/05 04:48:30 | 000,196,608 | R--- | C] () -- C:\WINDOWS\System32\Bird.dll
[2003/04/08 08:59:46 | 000,069,632 | R--- | C] () -- C:\WINDOWS\System32\QTMClient.dll
[1998/03/22 06:50:02 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
========== LOP Check ==========
[2012/10/23 11:18:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\Windows Desktop Search
[2009/12/07 13:52:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\toshiba
[2012/10/08 02:00:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\mathias\Anwendungsdaten\1&1 Mail & Media GmbH
[2012/11/01 02:54:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\mathias\Anwendungsdaten\Audacity
[2011/05/03 10:09:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\mathias\Anwendungsdaten\Autodesk
[2012/07/20 14:22:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\mathias\Anwendungsdaten\AVG Secure Search
[2012/10/16 13:13:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\mathias\Anwendungsdaten\AVG2013
[2011/04/30 23:36:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\mathias\Anwendungsdaten\Blender Foundation
[2011/08/27 07:01:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\mathias\Anwendungsdaten\Broad Intelligence
[2011/08/04 09:24:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\mathias\Anwendungsdaten\Canneverbe Limited
[2010/11/30 08:17:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\mathias\Anwendungsdaten\Canon
[2013/01/07 05:55:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\mathias\Anwendungsdaten\Claro LTD
[2012/10/23 07:38:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\mathias\Anwendungsdaten\DassaultSystemes
[2012/11/13 04:53:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\mathias\Anwendungsdaten\Downloaded Installations
[2013/01/12 13:51:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\mathias\Anwendungsdaten\Dropbox
[2012/06/01 06:40:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\mathias\Anwendungsdaten\FissaSearch
[2012/11/12 10:07:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\mathias\Anwendungsdaten\GinyasBrowserCompanion
[2012/10/20 04:33:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\mathias\Anwendungsdaten\GoforFiles
[2011/07/15 12:37:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\mathias\Anwendungsdaten\GoPal Assistant
[2011/10/31 11:33:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\mathias\Anwendungsdaten\gtk-2.0
[2011/04/13 09:53:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\mathias\Anwendungsdaten\iSpring Solutions
[2012/01/12 02:25:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\mathias\Anwendungsdaten\KDE
[2011/07/07 13:05:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\mathias\Anwendungsdaten\KeePass
[2010/04/24 07:34:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\mathias\Anwendungsdaten\kompozer.net
[2011/04/13 08:50:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\mathias\Anwendungsdaten\Leawo
[2011/07/17 10:37:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\mathias\Anwendungsdaten\LibreOffice
[2012/06/06 02:43:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\mathias\Anwendungsdaten\McNeel
[2012/06/04 23:42:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\mathias\Anwendungsdaten\Media Finder
[2011/04/13 08:50:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\mathias\Anwendungsdaten\Moyea
[2013/01/03 14:28:23 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\mathias\Anwendungsdaten\Nitro PDF
[2011/08/31 11:33:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\mathias\Anwendungsdaten\Nokia
[2011/07/18 06:26:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\mathias\Anwendungsdaten\OfferBox
[2009/12/08 09:30:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\mathias\Anwendungsdaten\OOo-dev
[2010/10/03 23:07:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\mathias\Anwendungsdaten\OpenOffice.org
[2010/07/04 08:18:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\mathias\Anwendungsdaten\PC Suite
[2011/08/09 03:29:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\mathias\Anwendungsdaten\pdf995
[2013/01/07 05:58:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\mathias\Anwendungsdaten\PerformerSoft
[2010/10/03 12:21:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\mathias\Anwendungsdaten\Poser 7
[2011/04/13 09:18:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\mathias\Anwendungsdaten\PPT2Video
[2012/12/04 08:43:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\mathias\Anwendungsdaten\PriceGong
[2011/07/17 12:16:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\mathias\Anwendungsdaten\searchquband
[2012/08/09 06:49:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\mathias\Anwendungsdaten\searchqutoolbar
[2011/09/19 00:30:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\mathias\Anwendungsdaten\SimLab
[2011/05/04 22:13:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\mathias\Anwendungsdaten\SoftGrid Client
[2011/04/13 00:16:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\mathias\Anwendungsdaten\Solveig Multimedia
[2012/09/25 09:17:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\mathias\Anwendungsdaten\SumatraPDF
[2012/01/08 03:53:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\mathias\Anwendungsdaten\Systweak
[2013/01/11 13:26:33 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\mathias\Anwendungsdaten\TeamViewer
[2010/12/11 11:32:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\mathias\Anwendungsdaten\Tobit
[2011/09/01 08:12:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\mathias\Anwendungsdaten\toshiba
[2011/05/04 08:35:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\mathias\Anwendungsdaten\TP
[2012/12/07 08:03:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\mathias\Anwendungsdaten\TrueCrypt
[2012/10/16 13:09:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\mathias\Anwendungsdaten\TuneUp Software
[2012/12/05 14:17:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\mathias\Anwendungsdaten\TV-Browser
[2011/07/17 11:59:09 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\mathias\Anwendungsdaten\widestream
[2012/11/21 03:32:23 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\mathias\Anwendungsdaten\WinBatch
[2011/11/18 00:38:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\mathias\Anwendungsdaten\Windows Desktop Search
[2011/11/03 07:51:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\mathias\Anwendungsdaten\Windows Live Writer
[2010/03/26 16:58:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\mathias\Anwendungsdaten\Windows Search
[2011/07/17 13:50:33 | 000,000,000 | R--D | M] -- \I386
[2011/07/17 13:43:48 | 000,000,000 | R--D | M] -- \PROGRAMS
[2011/07/17 13:49:08 | 000,000,000 | R--D | M] -- \SFX
[2012/11/12 10:22:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ASGvis
[2011/05/03 10:09:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Autodesk
[2012/11/16 03:11:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AVG Secure Search
[2012/10/16 13:10:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AVG2013
[2011/08/03 12:52:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\BabylonUpdater
[2012/07/20 12:41:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Bcool
[2012/07/25 06:40:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\boost_interprocess
[2013/01/07 05:55:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\BrowserProtect
[2009/12/08 05:41:33 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Canneverbe Limited
[2010/02/12 02:46:24 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonBJ
[2012/05/23 09:34:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonIJ
[2012/06/08 10:45:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonIJPLM
[2010/11/30 07:36:02 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonIJScan
[2012/07/20 12:34:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Common Files
[2010/10/16 08:05:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DassaultSystemes
[2011/12/19 09:47:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DesktopIcons
[2012/08/24 09:19:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Downloaded Installations
[2011/02/24 13:00:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Driver Whiz
[2012/08/11 04:32:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\EPSON
[2010/04/06 11:42:33 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Hagel Technologies
[2012/03/03 06:57:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\IBUpdaterService
[2011/08/27 06:56:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\IM
[2011/08/27 06:55:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\IncrediMail
[2012/08/16 08:25:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Installations
[2012/05/23 07:20:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\InstallMate
[2012/07/28 06:53:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\IObit
[2012/11/02 09:59:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\McNeel
[2013/01/12 11:55:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MFAData
[2011/11/15 02:25:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MSScanAppDataDir
[2011/04/12 07:52:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Nitro PDF
[2010/11/28 04:10:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Nokia
[2013/01/12 11:08:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PC Suite
[2012/03/23 10:03:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\pdf995
[2011/08/28 06:28:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Pinnacle
[2012/05/23 07:03:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Premium
[2011/04/30 23:34:33 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RapidSolution
[2011/08/27 08:57:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Socusoft
[2011/11/15 02:25:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SSScanAppDataDir
[2012/11/12 13:57:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Tarma Installer
[2013/01/04 01:49:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP
[2009/12/07 05:16:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TOSHIBA
[2011/05/03 04:02:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TSplines
[2011/05/04 11:04:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\VirtualizedApplications
[2009/12/07 13:52:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
[2011/01/24 13:56:46 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{290883D4-FF33-4C80-B8FB-E5D5A89C103B}
[2011/07/15 03:33:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{AB2D8F2E-F7AD-4446-A11A-50D846B2CF2A}
[2011/12/13 05:03:45 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{D423354A-E70D-49AC-B74E-9DB73BB8ACA3}
[2011/11/22 02:34:03 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{D8116CA6-DBDF-4415-AB4A-BE0CEFB71935}
[2013/01/12 13:54:41 | 000,000,292 | ---- | M] () -- C:\WINDOWS\Tasks\BrowserProtect.job
[2013/01/12 13:49:51 | 000,000,612 | ---- | M] () -- C:\WINDOWS\Tasks\Check for updates (Spybot - Search & Destroy).job
[2013/01/12 13:49:53 | 000,000,604 | -H-- | M] () -- C:\WINDOWS\Tasks\ConfigExec.job
[2013/01/12 10:08:00 | 000,000,572 | -H-- | M] () -- C:\WINDOWS\Tasks\DataUpload.job
[2013/01/12 13:49:50 | 000,000,274 | ---- | M] () -- C:\WINDOWS\Tasks\Game_Booster_AutoUpdate.job
[2013/01/12 13:49:49 | 000,000,274 | ---- | M] () -- C:\WINDOWS\Tasks\Go for FilesUpdate.job
[2013/01/12 13:49:48 | 000,000,318 | ---- | M] () -- C:\WINDOWS\Tasks\Protected Search.job
[2013/01/09 00:30:36 | 000,000,608 | ---- | M] () -- C:\WINDOWS\Tasks\Refresh immunization (Spybot - Search & Destroy).job
[2013/01/01 06:22:36 | 000,000,438 | ---- | M] () -- C:\WINDOWS\Tasks\Scan the system (Spybot - Search & Destroy).job
[2013/01/12 13:54:12 | 000,000,422 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{29377C61-43AD-4500-B869-6936B82733CB}.job
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 140 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:BF31A799
@Alternate Data Stream - 120 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:FC595E85
@Alternate Data Stream - 112 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:D1B5B4F1
< End of report >
--- --- --- |
