Hallo,
die Potential Unwanted Programs und kookies habe ich gelöscht
hier die otl.txt Code:
OTL logfile created on: 31.05.2013 22:53:44 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Dokumente und Einstellungen\Fiedi\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,87 Gb Total Physical Memory | 1,96 Gb Available Physical Memory | 68,28% Memory free
4,03 Gb Paging File | 3,04 Gb Available in Paging File | 75,35% Paging File free
Paging file location(s): C:\pagefile.sys 1344 2688 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 74,52 Gb Total Space | 41,62 Gb Free Space | 55,85% Space Free | Partition Type: NTFS
Drive D: | 76,69 Gb Total Space | 54,79 Gb Free Space | 71,45% Space Free | Partition Type: NTFS
Computer Name: FPOTTHAS-DA2972 | User Name: Fiedi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013.05.31 22:25:17 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Fiedi\Desktop\OTL.exe
PRC - [2013.05.31 08:12:59 | 000,181,664 | ---- | M] (Oracle Corporation) -- C:\Programme\Java\jre7\bin\jqs.exe
PRC - [2013.05.06 13:18:17 | 000,345,312 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2013.04.23 09:48:17 | 010,244,448 | ---- | M] (TeamViewer GmbH) -- c:\Programme\TeamViewer\Version8\TeamViewer.exe
PRC - [2013.04.23 09:48:17 | 004,171,104 | ---- | M] (TeamViewer GmbH) -- C:\Programme\TeamViewer\Version8\TeamViewer_Desktop.exe
PRC - [2013.04.23 09:48:17 | 003,574,624 | ---- | M] (TeamViewer GmbH) -- C:\Programme\TeamViewer\Version8\TeamViewer_Service.exe
PRC - [2013.04.23 09:40:59 | 000,193,888 | ---- | M] (TeamViewer GmbH) -- C:\Programme\TeamViewer\Version8\tv_w32.exe
PRC - [2013.04.08 02:20:00 | 000,087,040 | ---- | M] (DATEV eG) -- C:\DATEV\PROGRAMM\B0001442\PSNTServ.exe
PRC - [2013.04.04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013.04.04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013.04.04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2013.03.28 08:43:01 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2013.03.28 08:42:27 | 000,079,584 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2013.03.28 08:42:24 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2013.03.12 07:32:50 | 000,253,816 | ---- | M] (Oracle Corporation) -- C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
PRC - [2013.02.06 11:39:10 | 000,010,848 | ---- | M] (DATEV eG) -- C:\DATEV\SYSTEM\Datev.Framework.RemoteServiceModel.GenericService2010.exe
PRC - [2013.01.28 10:08:08 | 001,429,600 | ---- | M] (DATEV eG) -- C:\DATEV\PROGRAMM\Sws\LiMaService.exe
PRC - [2013.01.28 10:08:06 | 000,812,128 | ---- | M] (DATEV eG) -- C:\DATEV\PROGRAMM\Sws\LiMaServer.exe
PRC - [2012.12.20 03:01:00 | 000,288,352 | ---- | M] (DATEV eG) -- C:\DATEV\PROGRAMM\Install\DvInesASDMon.Exe
PRC - [2012.12.20 03:01:00 | 000,158,304 | ---- | M] (DATEV eG) -- C:\DATEV\PROGRAMM\Install\DvInesASDSvc.Exe
PRC - [2012.11.14 21:35:50 | 000,050,016 | ---- | M] (DATALINE GmbH & Co. KG) -- C:\Programme\Dataline Office Update\updctrl.exe
PRC - [2011.12.01 22:43:58 | 004,913,608 | ---- | M] (SafeNet Inc.) -- C:\WINDOWS\system32\hasplms.exe
PRC - [2008.04.14 04:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006.06.15 08:43:20 | 000,049,152 | ---- | M] (HP) -- C:\Programme\HP\ToolBoxFX\bin\HPTLBXFX.exe
========== Modules (No Company Name) ==========
MOD - [2013.05.20 19:51:17 | 000,023,040 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Datev.Network.Inter#\f1a1d4a70b854f74fe91c42f19af300b\Datev.Network.Interfaces.ni.dll
MOD - [2013.05.20 19:51:16 | 000,245,248 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Datev.Network\6a6f9cbaa9cf4b20017c1b261c590cb2\Datev.Network.ni.dll
MOD - [2013.05.20 19:46:28 | 002,683,904 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Datev.Framework.Int#\670be0f6690ea3796a8efd18d8bad465\Datev.Framework.Interface.ni.dll
MOD - [2013.05.20 19:45:50 | 000,145,920 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Datev.ConfigDB.Stor#\a5c1cde47931e2489cbadbce2b622126\Datev.ConfigDB.StorageProvider.ni.dll
MOD - [2013.05.20 19:45:50 | 000,019,456 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Datev.ConfigDB.Plug#\fa752df1c24be2008a832c92a77ccef7\Datev.ConfigDB.PlugIn.ni.dll
MOD - [2013.05.20 19:45:49 | 000,098,816 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Datev.ConfigDB.Inte#\ec4cc0cb1f7e3e78f47f0619373eda67\Datev.ConfigDB.Interfaces.ni.dll
MOD - [2013.05.20 19:45:48 | 002,095,104 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Datev.ConfigDB\34148d67521477e9cf16080b17860981\Datev.ConfigDB.ni.dll
MOD - [2013.05.20 18:41:28 | 000,034,816 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Datev.Framework.Rem#\71e38d4f2b1133cbc2f631088a1072f3\Datev.Framework.RemoteServiceModel.GenericServiceBase.ni.dll
MOD - [2013.05.20 18:41:27 | 001,945,600 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Datev.Framework.Rem#\785026070b931f587496fa4228f3a3d7\Datev.Framework.RemoteServiceModel.ni.dll
MOD - [2013.05.20 18:41:22 | 000,149,504 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Datev.Framework.Hos#\a8544f37571d4a8bddd08d94e648db52\Datev.Framework.Hosting.Interface.ni.dll
MOD - [2013.05.20 18:40:12 | 000,713,216 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Datev.Framework.Dia#\9fbdfd1fa6be9ca0d5d3d284ad992b46\Datev.Framework.Diagnostics.RealTimeTracing.ni.dll
MOD - [2013.05.20 18:40:10 | 002,476,032 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Datev.Framework.Mic#\d41e3e252a5b33ab876faae0275639c9\Datev.Framework.MicroKernel.ni.dll
MOD - [2013.05.15 12:29:05 | 001,078,272 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\6ff6bd832b03b5d6ea275ba9bee2d3ef\System.IdentityModel.ni.dll
MOD - [2013.05.15 12:29:03 | 018,080,256 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\be692307d47b83000bba8bb6b484aff0\System.ServiceModel.ni.dll
MOD - [2013.05.15 12:23:37 | 000,393,216 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\8732d692f02402dbd81280b0d3c4f6a9\System.Xml.Linq.ni.dll
MOD - [2013.05.15 12:23:36 | 001,021,952 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\019ed4a55ecc7d1f5b933c27970dce9b\System.Runtime.DurableInstancing.ni.dll
MOD - [2013.05.15 12:23:35 | 002,647,040 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\2609614ca03927f7a99418c74844059b\System.Runtime.Serialization.ni.dll
MOD - [2013.05.15 12:05:16 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\17440cd05eee7f87026b3c17119eed58\System.Configuration.ni.dll
MOD - [2013.05.15 11:56:59 | 012,433,920 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\81b85db6e9fe04e4d1c9547b993acfce\System.Windows.Forms.ni.dll
MOD - [2013.05.15 11:26:03 | 000,372,736 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
MOD - [2013.05.15 11:22:24 | 013,199,360 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\153143f74d840484b510d8cf5187796b\System.Windows.Forms.ni.dll
MOD - [2013.05.15 11:22:23 | 006,811,136 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Data\7eb2db9c15d8d3552873d1243b8892e8\System.Data.ni.dll
MOD - [2013.05.15 11:22:09 | 000,982,528 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\233661f3a2b632e9553915c8639637d0\System.Configuration.ni.dll
MOD - [2013.05.15 11:22:05 | 007,069,696 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\2f9e0112e10f9e70d3430d0be9863976\System.Core.ni.dll
MOD - [2013.02.23 12:50:23 | 000,397,704 | ---- | M] () -- C:\Programme\Avira\AntiVir Desktop\sqlite3.dll
MOD - [2013.02.14 09:07:42 | 000,221,696 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\766ccafdc4a09b964aa9286a15bca48a\System.ServiceProcess.ni.dll
MOD - [2013.02.14 08:56:21 | 011,817,472 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\e143370f0583abe015d8e3d2d536185e\System.Web.ni.dll
MOD - [2013.01.11 08:57:54 | 000,143,360 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\ef7642a4f2724135d445e2ea36582e78\SMDiagnostics.ni.dll
MOD - [2013.01.11 08:57:40 | 001,801,728 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xaml\866894ebe5258bf9f45d6b063229e990\System.Xaml.ni.dll
MOD - [2013.01.11 08:57:24 | 000,787,456 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\1d254fbc811d0de6c54a9d9c428c4497\System.EnterpriseServices.ni.dll
MOD - [2013.01.11 08:57:24 | 000,236,032 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\1d254fbc811d0de6c54a9d9c428c4497\System.EnterpriseServices.Wrapper.dll
MOD - [2013.01.11 08:57:23 | 000,649,728 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Transactions\dcb0e7d56ffca14d7c483103235b11ad\System.Transactions.ni.dll
MOD - [2013.01.11 08:36:05 | 000,771,584 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\d7a2248a76f0e94d56c92c5bf96f5175\System.Runtime.Remoting.ni.dll
MOD - [2013.01.11 08:25:42 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\fe025743210c22bea2f009e1612c38bf\System.Xml.ni.dll
MOD - [2013.01.11 08:25:20 | 001,593,856 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\7782f356a838c403b4a8e9c80df5a577\System.Drawing.ni.dll
MOD - [2013.01.11 08:23:04 | 007,977,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\aeac298c43c77d8860db8e7634d9f2eb\System.ni.dll
MOD - [2013.01.11 08:22:51 | 011,492,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\eab2340ead8e1a84bdf1a87868659979\mscorlib.ni.dll
MOD - [2013.01.11 00:24:45 | 001,667,584 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\b573c6a62bb88df0ee2af59b6a8ca910\System.Drawing.ni.dll
MOD - [2013.01.11 00:24:26 | 005,617,664 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\43cd41484df96d15df949eb17dd88152\System.Xml.ni.dll
MOD - [2013.01.11 00:24:19 | 009,094,656 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\15872842e3e63ddf0f720f406706198e\System.ni.dll
MOD - [2013.01.11 00:24:11 | 000,145,408 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Numerics\c300c8ca0910bbffb16a244b56be6d05\System.Numerics.ni.dll
MOD - [2013.01.11 00:24:09 | 014,412,800 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\3f95a6d480ed1ebe45cf27b770ba94ed\mscorlib.ni.dll
MOD - [2013.01.11 00:18:41 | 003,391,488 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_a295e631\mscorlib.dll
MOD - [2013.01.11 00:18:38 | 000,843,776 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_d1c01e25\system.drawing.dll
MOD - [2013.01.11 00:18:31 | 002,088,960 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_39750eed\system.xml.dll
MOD - [2013.01.11 00:18:23 | 003,035,136 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_f0558fad\system.windows.forms.dll
MOD - [2013.01.11 00:18:14 | 001,966,080 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_620a9d2e\system.dll
MOD - [2013.01.11 00:18:08 | 001,232,896 | ---- | M] () -- c:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll
MOD - [2013.01.11 00:18:06 | 000,471,040 | ---- | M] () -- c:\windows\assembly\gac\system.drawing\1.0.5000.0__b03f5f7f11d50a3a\system.drawing.dll
MOD - [2013.01.11 00:18:05 | 002,064,384 | ---- | M] () -- c:\windows\assembly\gac\system.windows.forms\1.0.5000.0__b77a5c561934e089\system.windows.forms.dll
MOD - [2012.06.06 15:58:22 | 000,122,880 | ---- | M] () -- C:\DATEV\SYSTEM\DVCCDBNETCONVAPIAX300.DLL
MOD - [2010.01.03 19:59:57 | 000,315,392 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010.01.03 19:59:53 | 000,434,176 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll
MOD - [2009.11.28 15:18:52 | 000,372,736 | ---- | M] () -- c:\windows\assembly\gac\system.management\1.0.5000.0__b03f5f7f11d50a3a\system.management.dll
MOD - [2009.11.28 15:18:51 | 001,339,392 | ---- | M] () -- c:\windows\assembly\gac\system.xml\1.0.5000.0__b77a5c561934e089\system.xml.dll
MOD - [2009.11.28 15:18:51 | 000,323,584 | ---- | M] () -- c:\windows\assembly\gac\system.runtime.remoting\1.0.5000.0__b77a5c561934e089\system.runtime.remoting.dll
MOD - [2009.11.28 15:18:49 | 000,131,072 | ---- | M] () -- c:\windows\assembly\gac\system.runtime.serialization.formatters.soap\1.0.5000.0__b03f5f7f11d50a3a\system.runtime.serialization.formatters.soap.dll
MOD - [2009.02.02 10:41:56 | 000,233,472 | ---- | M] () -- c:\windows\assembly\gac\mscorlib.resources\1.0.5000.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2009.01.10 16:28:26 | 000,233,472 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.2721.36826__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
MOD - [2009.01.10 16:28:26 | 000,184,320 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.2721.36883__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
MOD - [2009.01.10 16:28:26 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.2721.36860__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
MOD - [2009.01.10 16:28:25 | 001,675,264 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.2721.36868__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll
MOD - [2009.01.10 16:28:25 | 000,684,032 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Wizard\2.0.2721.37064__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Wizard.dll
MOD - [2009.01.10 16:28:25 | 000,360,448 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Wizard\2.0.2721.37092__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Wizard.dll
MOD - [2009.01.10 16:28:25 | 000,077,824 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.2721.37084__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
MOD - [2009.01.10 16:28:25 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.2721.37043__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
MOD - [2009.01.10 16:28:25 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Runtime\2.0.2721.36882__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Runtime.dll
MOD - [2009.01.10 16:28:25 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.2721.36981__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
MOD - [2009.01.10 16:28:25 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.2721.36846__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
MOD - [2009.01.10 16:28:24 | 000,483,328 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.2721.37121__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
MOD - [2009.01.10 16:28:01 | 000,135,168 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.2721.37126__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
MOD - [2009.01.10 16:28:01 | 000,102,400 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Dashboard\2.0.2721.36875__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Dashboard.dll
MOD - [2009.01.10 16:28:01 | 000,090,112 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.2721.37056__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
MOD - [2009.01.10 16:28:01 | 000,073,728 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.2721.36840__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
MOD - [2009.01.10 16:28:01 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Runtime\2.0.2721.36874__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Runtime.dll
MOD - [2009.01.10 16:28:00 | 000,331,776 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.2721.37050__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
MOD - [2009.01.10 16:28:00 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.2721.37049__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
MOD - [2009.01.10 16:27:59 | 000,897,024 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Dashboard\2.0.2721.37086__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Dashboard.dll
MOD - [2009.01.10 16:27:59 | 000,790,528 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.2721.36990__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
MOD - [2009.01.10 16:27:59 | 000,585,728 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.2721.36896__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll
MOD - [2009.01.10 16:27:59 | 000,438,272 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.2721.36847__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll
MOD - [2009.01.10 16:27:59 | 000,401,408 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.2721.37070__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
MOD - [2009.01.10 16:27:59 | 000,208,896 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.2721.36889__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
MOD - [2009.01.10 16:27:59 | 000,118,784 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.2721.37009__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
MOD - [2009.01.10 16:27:59 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.2721.36989__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
MOD - [2009.01.10 16:27:59 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.2721.36902__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
MOD - [2009.01.10 16:27:59 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.2721.37008__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
MOD - [2009.01.10 16:27:58 | 000,659,456 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Dashboard\2.0.2721.37044__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Dashboard.dll
MOD - [2009.01.10 16:27:58 | 000,475,136 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.2721.36982__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
MOD - [2009.01.10 16:27:58 | 000,057,344 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.2721.36981__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
MOD - [2009.01.10 16:27:58 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.2721.36989__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
MOD - [2009.01.10 16:27:58 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.2721.37029__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
MOD - [2009.01.10 16:27:58 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.2700.34701__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
MOD - [2009.01.10 16:27:58 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.2700.34689__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
MOD - [2009.01.10 16:27:58 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.2700.34750__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
MOD - [2009.01.10 16:27:58 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.2700.34706__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
MOD - [2009.01.10 16:27:58 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.2700.34739__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
MOD - [2009.01.10 16:27:58 | 000,006,656 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
MOD - [2009.01.10 16:27:57 | 000,049,152 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation\2.0.2700.34674__90ba9c70f846762e\CLI.Foundation.dll
MOD - [2009.01.10 16:27:57 | 000,049,152 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.2700.34697__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
MOD - [2009.01.10 16:27:57 | 000,049,152 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.2700.34727__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
MOD - [2009.01.10 16:27:57 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
MOD - [2009.01.10 16:27:57 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.2700.34759__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
MOD - [2009.01.10 16:27:57 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation\2.0.2700.34671__90ba9c70f846762e\LOG.Foundation.dll
MOD - [2009.01.10 16:27:57 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.2700.34808__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MOD - [2009.01.10 16:27:57 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.2700.34680__90ba9c70f846762e\NEWAEM.Foundation.dll
MOD - [2009.01.10 16:27:57 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.OS.I0602\2.0.2700.34751__90ba9c70f846762e\DEM.OS.I0602.dll
MOD - [2009.01.10 16:27:57 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.2700.34705__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
MOD - [2009.01.10 16:27:57 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.2700.34694__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
MOD - [2009.01.10 16:27:57 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.2700.34686__90ba9c70f846762e\CLI.Component.Client.Shared.dll
MOD - [2009.01.10 16:27:57 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Shared\2.0.2700.34714__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Shared.dll
MOD - [2009.01.10 16:27:57 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\MOM.Foundation\2.0.2700.34703__90ba9c70f846762e\MOM.Foundation.dll
MOD - [2009.01.10 16:27:57 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.OS\2.0.2700.34718__90ba9c70f846762e\DEM.OS.dll
MOD - [2009.01.10 16:27:57 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics\2.0.2700.34754__90ba9c70f846762e\DEM.Graphics.dll
MOD - [2009.01.10 16:27:57 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
MOD - [2009.01.10 16:27:57 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.2700.34702__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
MOD - [2009.01.10 16:27:57 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.2700.34713__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
MOD - [2009.01.10 16:27:57 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.2700.34729__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
MOD - [2009.01.10 16:27:56 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.2700.34728__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
MOD - [2009.01.10 16:27:56 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Shared\2.0.2700.34714__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Shared.dll
MOD - [2009.01.10 16:27:56 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.2700.34722__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
MOD - [2009.01.10 16:27:56 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.2705.19134__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
MOD - [2009.01.10 16:27:56 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.2700.34721__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
MOD - [2009.01.10 16:27:56 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.2700.34726__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
MOD - [2009.01.10 16:27:56 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.2700.34709__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
MOD - [2009.01.10 16:27:56 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.2700.34716__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
MOD - [2009.01.10 16:27:56 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.2700.34721__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
MOD - [2009.01.10 16:27:56 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.2700.34724__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
MOD - [2009.01.10 16:27:56 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.2700.34708__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
MOD - [2009.01.10 16:27:56 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Foundation\2.0.2700.34672__90ba9c70f846762e\AEM.Foundation.dll
MOD - [2009.01.10 16:27:56 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll
MOD - [2009.01.10 16:27:56 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.2700.34717__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
MOD - [2009.01.10 16:27:56 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\APM.Foundation\2.0.2700.34704__90ba9c70f846762e\APM.Foundation.dll
MOD - [2009.01.10 16:27:56 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Server.Shared\2.0.2700.34697__90ba9c70f846762e\AEM.Server.Shared.dll
MOD - [2009.01.10 16:27:51 | 000,086,016 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Systemtray.resources\2.0.2721.37099_de_90ba9c70f846762e\CLI.Component.Systemtray.resources.dll
MOD - [2009.01.10 16:27:50 | 000,036,864 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.2721.37150__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
MOD - [2009.01.10 16:27:50 | 000,006,656 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.2721.36817__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
MOD - [2009.01.10 16:27:49 | 000,471,040 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.2721.36855__90ba9c70f846762e\CLI.Component.Wizard.dll
MOD - [2009.01.10 16:27:49 | 000,446,464 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.2721.37099__90ba9c70f846762e\CLI.Component.Systemtray.dll
MOD - [2009.01.10 16:27:49 | 000,102,400 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\MOM.Implementation\2.0.2721.37107__90ba9c70f846762e\MOM.Implementation.dll
MOD - [2009.01.10 16:27:49 | 000,069,632 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.2721.36818__90ba9c70f846762e\CLI.Component.Runtime.dll
MOD - [2009.01.10 16:27:49 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.2721.37106__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MOD - [2009.01.10 16:27:49 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.2700.34690__90ba9c70f846762e\CLI.Foundation.Private.dll
MOD - [2009.01.10 16:27:49 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.2700.34706__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
MOD - [2009.01.10 16:27:49 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.2700.34681__90ba9c70f846762e\LOG.Foundation.Private.dll
MOD - [2009.01.10 16:27:49 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.2700.34752__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
MOD - [2009.01.10 16:27:49 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.2700.34708__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MOD - [2009.01.10 16:27:49 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.2700.34711__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
MOD - [2009.01.10 16:27:48 | 001,503,232 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.2721.36834__90ba9c70f846762e\CLI.Component.Dashboard.dll
MOD - [2009.01.10 16:27:48 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ATIDEMOS\2.0.2721.36819__90ba9c70f846762e\ATIDEMOS.dll
MOD - [2009.01.10 16:27:48 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\APM.Server\2.0.2721.36818__90ba9c70f846762e\APM.Server.dll
MOD - [2009.01.10 16:27:48 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Server\2.0.2721.36817__90ba9c70f846762e\AEM.Server.dll
MOD - [2009.01.10 16:27:48 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.2700.34698__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
MOD - [2009.01.10 16:27:48 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CCC.Implementation\2.0.2721.37107__90ba9c70f846762e\CCC.Implementation.dll
MOD - [2009.01.10 16:27:48 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
MOD - [2009.01.10 16:27:48 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.2700.34740__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
MOD - [2008.04.14 04:22:16 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2006.06.15 08:42:34 | 000,053,248 | ---- | M] () -- C:\Programme\HP\ToolBoxFX\bin\NativeUtils.dll
========== Services (SafeList) ==========
SRV - File not found [On_Demand | Stopped] -- Datev.Framework.RemoteServiceModel.GenericService2010.exe Datev.Unternehmen.SystemComponents.ServiceBus.V0300.PlugIn -- (Datev.Unternehmen.SystemComponents.ServiceBus.V0300.PlugIn)
SRV - File not found [On_Demand | Stopped] -- Datev.Framework.RemoteServiceModel.GenericService2010.exe Datev.Unternehmen.SystemComponents.ServiceBus.V0200.PlugIn -- (Datev.Unternehmen.SystemComponents.ServiceBus.V0200.PlugIn)
SRV - File not found [On_Demand | Running] -- C:\DATEV\SYSTEM\Datev.Framework.RemoteServiceModel.GenericService2010.exe Datev.Framework.RemoteServices -- (Datev.Framework.RemoteServices)
SRV - File not found [Auto | Running] -- C:\DATEV\SYSTEM\Datev.Framework.RemoteServiceModel.GenericService2010.exe Datev.Framework.RemoteServiceModel.EnablerService -- (Datev.Framework.RemoteServiceModel.EnablerService)
SRV - File not found [On_Demand | Stopped] -- C:\DATEV\SYSTEM\Datev.Framework.RemoteServiceModel.GenericService2010.exe Datev.Database.Conserve SvcRunLevel=1000 -- (Datev.Database.Conserve)
SRV - [2013.05.31 08:12:59 | 000,181,664 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Programme\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2013.05.31 07:12:09 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.04.23 09:48:17 | 003,574,624 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Programme\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2013.04.08 02:20:00 | 000,087,040 | ---- | M] (DATEV eG) [Auto | Running] -- C:\DATEV\PROGRAMM\B0001442\PSNTServ.exe -- (DatevPrintService)
SRV - [2013.04.04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013.04.04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013.03.28 08:43:01 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2013.03.28 08:42:24 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.12.20 03:01:00 | 000,158,304 | ---- | M] (DATEV eG) [Auto | Running] -- C:\DATEV\PROGRAMM\Install\DvInesASDSvc.Exe -- (DATEV Update-Service)
SRV - [2011.12.01 22:43:58 | 004,913,608 | ---- | M] (SafeNet Inc.) [Auto | Running] -- C:\WINDOWS\system32\hasplms.exe -- (hasplms)
SRV - [2003.07.28 13:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\usbser_lowerflt.sys -- (upperdev)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\pccsmcfd.sys -- (pccsmcfd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\cjusb.sys -- (cjusb)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOKUME~1\Fiedi\LOKALE~1\Temp\catchme.sys -- (catchme)
DRV - [2013.05.31 22:11:46 | 000,030,464 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hitmanpro37.sys -- (hitmanpro37)
DRV - [2013.04.04 14:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2013.03.28 08:43:10 | 000,135,136 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2013.03.28 08:43:10 | 000,084,744 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2013.03.28 08:43:10 | 000,037,352 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2013.02.23 12:50:59 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2011.10.04 13:03:48 | 000,367,560 | ---- | M] (SafeNet Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\aksfridge.sys -- (aksfridge)
DRV - [2011.08.10 14:05:24 | 000,596,424 | ---- | M] (SafeNet Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\hardlock.sys -- (hardlock)
DRV - [2011.06.17 21:28:18 | 000,240,736 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\RsFx0151.sys -- (RsFx0151)
DRV - [2009.01.10 16:32:38 | 000,015,600 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\gdrv.sys -- (gdrv)
DRV - [2008.08.05 10:08:22 | 000,093,312 | ---- | M] ( ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\cxbu1wdm.sys -- (cxbu1wdm)
DRV - [2007.06.15 03:58:56 | 002,301,440 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2007.05.10 11:28:00 | 004,419,584 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2006.12.14 10:44:06 | 000,085,120 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2006.06.19 00:38:18 | 000,043,520 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2006.06.12 03:36:30 | 000,009,344 | ---- | M] (Hewlett Packard) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hpfxbulk.sys -- (HPFXBULK)
DRV - [2001.08.17 13:11:06 | 000,066,591 | ---- | M] (3Com Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\el90xbc5.sys -- (EL90XBC)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{17B82017-3626-4335-9B2E-8E362809DA8A}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.textilreinigung-potthast.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = B2 6B 94 16 8B AB CC 01 [binary data]
IE - HKCU\..\URLSearchHook: - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{DB6E956F-9487-4769-8BAB-885D026743AC}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=crm&q={searchTerms}&locale=de_DE&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^YY^DE&apn_uid=cffcc3ea-8fa4-4922-9a02-2d58f1bdc6ad&apn_sauid=19C2FE10-B660-4A7F-9D0D-2ABC9C734C73
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
O1 HOSTS File: ([2013.05.29 23:26:47 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [DATALINE Office Updater] C:\Programme\DATALINE Office Update\updctrl.exe (DATALINE GmbH & Co. KG)
O4 - HKLM..\Run: [DATEV Update-Monitor] C:\DATEV\PROGRAMM\Install\DvInesASDMon.exe (DATEV eG)
O4 - HKLM..\Run: [SfWinStartInfo] C:\Programme\SFirm32\sfWinStartupInfo.exe (Star Finanz - Software Entwicklung und Vertriebs GmbH)
O4 - HKLM..\Run: [StartCCC] C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ()
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Oracle Corporation)
O4 - HKLM..\Run: [ToolBoxFX] C:\Programme\HP\ToolBoxFX\bin\HPTLBXFX.exe (HP)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Basisschnittstelle Office Initialisierung.lnk = C:\DATEV\PROGRAMM\BSOffice\service\OfficeDiag.exe (DATEV eG)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\CleanupPrintJobs.lnk = C:\DATEV\PROGRAMM\B0001401\CleanupPrintJobs.exe (DATEV eG)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Lizenz-Manager Server.lnk = C:\DATEV\PROGRAMM\Sws\LiMaServer.exe (DATEV eG)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\SkyUserDevmode-Update.lnk = C:\DATEV\PROGRAMM\B0001401\UpdateDevmode.exe (DATEV eG)
O4 - Startup: C:\Dokumente und Einstellungen\Fiedi\Startmenü\Programme\Autostart\fernsupport.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1327306912921 (MUWebControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1566A2A8-F9C1-4735-925B-8E10E68ECD8A}: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Grüne Idylle.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Grüne Idylle.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.01.10 16:13:37 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2013.05.31 22:25:15 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Fiedi\Desktop\OTL.exe
[2013.05.31 12:18:05 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\HitmanPro
[2013.05.31 12:17:31 | 000,000,000 | ---D | C] -- C:\hit
[2013.05.31 08:55:56 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Fiedi\Lokale Einstellungen\Anwendungsdaten\Sun
[2013.05.31 08:22:04 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Fiedi\Recent
[2013.05.31 08:22:04 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2013.05.31 08:15:13 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Java
[2013.05.31 07:20:30 | 000,000,000 | ---D | C] -- C:\Programme\Adobe
[2013.05.30 22:14:06 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\CCleaner
[2013.05.30 22:14:05 | 000,000,000 | ---D | C] -- C:\Programme\CCleaner
[2013.05.30 22:12:45 | 004,378,864 | ---- | C] (Piriform Ltd) -- C:\Dokumente und Einstellungen\Fiedi\Desktop\ccsetup402.exe
[2013.05.30 15:58:10 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Fiedi\Anwendungsdaten\Malwarebytes
[2013.05.30 15:58:00 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware
[2013.05.30 15:57:59 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2013.05.30 15:57:59 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2013.05.30 15:57:59 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2013.05.30 15:56:25 | 010,285,040 | ---- | C] (Malwarebytes Corporation ) -- C:\Dokumente und Einstellungen\Fiedi\Desktop\mbam-setup-1.75.0.1300.exe
[2013.05.29 23:19:12 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2013.05.29 22:52:12 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2013.05.29 22:52:12 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2013.05.29 22:52:12 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2013.05.29 22:52:12 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2013.05.29 22:52:07 | 000,000,000 | ---D | C] -- C:\ComboFix
[2013.05.29 22:52:03 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013.05.29 22:52:01 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Fiedi\Startmenü\Programme\Verwaltung
[2013.05.29 22:51:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2013.05.29 22:50:33 | 005,075,099 | R--- | C] (Swearware) -- C:\Dokumente und Einstellungen\Fiedi\Desktop\ComboFix.exe
[2013.05.29 22:19:06 | 002,237,968 | ---- | C] (Kaspersky Lab ZAO) -- C:\Dokumente und Einstellungen\Fiedi\Desktop\tdsskiller.exe
[2013.05.14 14:34:53 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Fiedi\Desktop\Datensicherung 2013 Potthast
[2013.05.14 10:08:54 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Fiedi\Eigene Dateien\DATEV
[2013.05.14 10:00:26 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\TeamViewer 8
[2013.05.14 10:00:22 | 000,000,000 | ---D | C] -- C:\Programme\TeamViewer
[2013.05.03 10:27:39 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Fiedi\Desktop\Prüfungen
========== Files - Modified Within 30 Days ==========
[2013.05.31 22:36:15 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013.05.31 22:25:17 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Fiedi\Desktop\OTL.exe
[2013.05.31 22:17:02 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013.05.31 22:11:46 | 000,030,464 | ---- | M] () -- C:\WINDOWS\System32\drivers\hitmanpro37.sys
[2013.05.31 22:11:44 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013.05.31 22:09:55 | 000,000,310 | ---- | M] () -- C:\WINDOWS\System32\.crusader
[2013.05.31 12:06:52 | 012,213,707 | ---- | M] () -- C:\Dokumente und Einstellungen\Fiedi\Desktop\HitmanPro_3.7.5.199.zip
[2013.05.31 08:41:17 | 000,632,031 | ---- | M] () -- C:\Dokumente und Einstellungen\Fiedi\Desktop\adwcleaner.exe
[2013.05.31 07:21:00 | 000,001,714 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Adobe Reader XI.lnk
[2013.05.30 22:14:06 | 000,000,654 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\CCleaner.lnk
[2013.05.30 22:12:47 | 004,378,864 | ---- | M] (Piriform Ltd) -- C:\Dokumente und Einstellungen\Fiedi\Desktop\ccsetup402.exe
[2013.05.30 15:58:01 | 000,000,756 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2013.05.30 15:56:39 | 010,285,040 | ---- | M] (Malwarebytes Corporation ) -- C:\Dokumente und Einstellungen\Fiedi\Desktop\mbam-setup-1.75.0.1300.exe
[2013.05.30 15:46:29 | 000,000,016 | ---- | M] () -- C:\WINDOWS\hbcikrnl.ini
[2013.05.29 23:26:47 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2013.05.29 23:19:16 | 000,000,339 | RHS- | M] () -- C:\boot.ini
[2013.05.29 22:49:10 | 005,075,099 | R--- | M] (Swearware) -- C:\Dokumente und Einstellungen\Fiedi\Desktop\ComboFix.exe
[2013.05.29 22:19:07 | 002,237,968 | ---- | M] (Kaspersky Lab ZAO) -- C:\Dokumente und Einstellungen\Fiedi\Desktop\tdsskiller.exe
[2013.05.29 22:16:53 | 000,014,314 | ---- | M] () -- C:\Dokumente und Einstellungen\Fiedi\Desktop\download-tdsskiller.htm
[2013.05.28 11:43:45 | 000,002,537 | ---- | M] () -- C:\Dokumente und Einstellungen\Fiedi\Desktop\Microsoft Office Excel 2003.lnk
[2013.05.28 08:31:09 | 000,002,509 | ---- | M] () -- C:\Dokumente und Einstellungen\Fiedi\Desktop\Microsoft Office Word 2003.lnk
[2013.05.20 21:46:32 | 000,000,836 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2013.05.20 21:32:27 | 000,002,517 | ---- | M] () -- C:\Dokumente
[2013.05.20 19:18:26 | 000,000,021 | ---- | M] () -- C:\WINDOWS\DvInesKurusOleServer003.INI
[2013.05.20 19:06:11 | 000,000,805 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\DATEV Arbeitsplatz pro V.3.2.lnk
[2013.05.20 19:01:03 | 000,000,871 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Basisschnittstelle Office Initialisierung.lnk
[2013.05.20 18:56:42 | 000,001,685 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\CleanupPrintJobs.lnk
[2013.05.20 18:56:42 | 000,001,674 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\SkyUserDevmode-Update.lnk
[2013.05.20 18:44:51 | 000,000,740 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Lizenz-Manager Server.lnk
[2013.05.20 18:38:00 | 000,000,108 | ---- | M] () -- C:\WINDOWS\Startup.INI
[2013.05.15 11:50:57 | 000,196,160 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013.05.15 11:26:34 | 000,593,780 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2013.05.15 11:26:34 | 000,568,702 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013.05.15 11:26:34 | 000,131,490 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2013.05.15 11:26:34 | 000,114,018 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013.05.14 10:00:26 | 000,000,787 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\TeamViewer 8.lnk
========== Files Created - No Company Name ==========
[2013.05.31 22:11:46 | 000,030,464 | ---- | C] () -- C:\WINDOWS\System32\drivers\hitmanpro37.sys
[2013.05.31 22:09:55 | 000,000,310 | ---- | C] () -- C:\WINDOWS\System32\.crusader
[2013.05.31 17:30:09 | 001,335,576 | ---- | C] () -- C:\Dokumente und Einstellungen\Fiedi\Startmenü\Programme\Autostart\fernsupport.exe
[2013.05.31 12:06:43 | 012,213,707 | ---- | C] () -- C:\Dokumente und Einstellungen\Fiedi\Desktop\HitmanPro_3.7.5.199.zip
[2013.05.31 08:41:16 | 000,632,031 | ---- | C] () -- C:\Dokumente und Einstellungen\Fiedi\Desktop\adwcleaner.exe
[2013.05.31 07:21:00 | 000,001,804 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Adobe Reader XI.lnk
[2013.05.31 07:21:00 | 000,001,714 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Adobe Reader XI.lnk
[2013.05.31 07:12:10 | 000,000,884 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013.05.30 22:14:06 | 000,000,654 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\CCleaner.lnk
[2013.05.30 15:58:01 | 000,000,756 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2013.05.29 23:19:16 | 000,000,223 | ---- | C] () -- C:\Boot.bak
[2013.05.29 23:19:14 | 000,262,448 | RHS- | C] () -- C:\cmldr
[2013.05.29 22:52:12 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2013.05.29 22:52:12 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2013.05.29 22:52:12 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2013.05.29 22:52:12 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2013.05.29 22:52:12 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2013.05.29 22:16:53 | 000,014,314 | ---- | C] () -- C:\Dokumente und Einstellungen\Fiedi\Desktop\download-tdsskiller.htm
[2013.05.20 19:06:13 | 000,000,805 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\DATEV Arbeitsplatz pro V.3.2.lnk
[2013.05.14 10:00:26 | 000,000,787 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\TeamViewer 8.lnk
[2013.03.14 04:05:35 | 000,000,127 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2013.01.30 19:15:19 | 000,006,804 | ---- | C] () -- C:\Dokumente und Einstellungen\Fiedi\importreply.p7s
[2013.01.30 19:04:27 | 000,093,312 | ---- | C] ( ) -- C:\WINDOWS\System32\drivers\cxbu1wdm.sys
[2013.01.01 15:44:21 | 000,294,056 | ---- | C] () -- C:\WINDOWS\System32\ProUninstall.exe
[2012.10.19 20:10:14 | 000,000,227 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft.SqlServer.Compact.351.32.bc
[2012.10.19 19:43:14 | 000,000,103 | ---- | C] () -- C:\WINDOWS\WinInit.Ini
[2012.06.28 07:40:07 | 000,000,029 | ---- | C] () -- C:\WINDOWS\hbcikrnl.ini.lock
[2012.06.28 07:35:34 | 000,000,103 | ---- | C] () -- C:\WINDOWS\Setup_tmp.ini
[2012.06.25 15:39:16 | 000,055,216 | ---- | C] () -- C:\Dokumente und Einstellungen\Fiedi\ESt2011_Lawall_Andrea.elfo
[2012.02.14 23:56:39 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012.01.28 22:56:14 | 000,004,985 | ---- | C] () -- C:\Dokumente und Einstellungen\Fiedi\Lokale Einstellungen\Anwendungsdaten\EmptySettings.xml
[2011.11.25 17:55:41 | 000,000,138 | ---- | C] () -- C:\Dokumente und Einstellungen\Fiedi\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2011.03.21 16:24:33 | 000,354,291 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-S-1-5-21-1454471165-796845957-725345543-1004-0.dat
[2011.03.01 22:13:30 | 001,206,850 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-S-1-5-21-1454471165-796845957-725345543-1003-0.dat
[2011.03.01 22:13:29 | 000,160,474 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-System.dat
[2010.05.05 13:25:54 | 000,089,816 | ---- | C] () -- C:\Dokumente und Einstellungen\Fiedi\Anwendungsdaten\Elster-Bar.bmp
[2009.06.15 16:39:34 | 000,324,137 | ---- | C] () -- C:\Dokumente und Einstellungen\Fiedi\Anwendungsdaten\elster_1001.jpg
[2009.06.15 16:39:34 | 000,275,898 | ---- | C] () -- C:\Dokumente und Einstellungen\Fiedi\Anwendungsdaten\Bitmapwhite.bmp
[2009.06.15 16:39:34 | 000,174,680 | ---- | C] () -- C:\Dokumente und Einstellungen\Fiedi\Anwendungsdaten\ELSTER.bmp
[2009.06.15 16:39:34 | 000,174,678 | ---- | C] () -- C:\Dokumente und Einstellungen\Fiedi\Anwendungsdaten\ELSTER.orig.bmp
[2009.06.15 16:39:34 | 000,127,002 | ---- | C] () -- C:\Dokumente und Einstellungen\Fiedi\Anwendungsdaten\offen0.jpg
[2009.06.15 16:39:34 | 000,109,477 | ---- | C] () -- C:\Dokumente und Einstellungen\Fiedi\Anwendungsdaten\Nutzungsbedingungen GuDMW SW deutsch.rtf
[2009.06.15 16:39:34 | 000,009,352 | ---- | C] () -- C:\Dokumente und Einstellungen\Fiedi\Anwendungsdaten\ST-GuDStarSignUSBTokenfuerELSTER.jpg
========== ZeroAccess Check ==========
[2009.01.10 16:24:43 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2009.10.29 07:24:34 | 001,509,888 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.02.09 12:51:44 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008.04.14 04:22:32 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2013.05.20 13:08:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DATALINE Office
[2012.10.19 20:04:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DATEV
[2012.06.25 15:28:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\elsterformular
[2013.05.20 13:08:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\firebird
[2013.05.31 22:09:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\HitmanPro
[2013.05.31 08:42:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ICQ
[2010.04.12 22:53:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\IM
[2010.04.12 22:52:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\IncrediMail
[2011.04.16 15:23:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Installations
[2011.12.14 19:13:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\IsolatedStorage
[2011.04.16 15:28:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Nokia
[2011.04.16 15:16:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NokiaInstallerCache
[2011.04.16 15:34:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PC Suite
[2013.05.30 15:46:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\REINER SCT
[2012.06.28 07:35:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SFirm LOGS
[2013.05.31 22:18:33 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SFirm32
[2012.03.07 12:15:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SFirm32_Datensicherungen
[2009.02.02 10:53:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SkyCom
[2013.05.29 22:45:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Fiedi\Anwendungsdaten\CallingID
[2013.02.11 19:14:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Fiedi\Anwendungsdaten\Cauqk
[2013.03.13 22:10:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Fiedi\Anwendungsdaten\Dagygy
[2012.01.29 15:53:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Fiedi\Anwendungsdaten\DATEV
[2013.05.20 19:38:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Fiedi\Anwendungsdaten\DVASSV
[2012.06.25 15:28:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Fiedi\Anwendungsdaten\elsterformular
[2013.02.13 23:12:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Fiedi\Anwendungsdaten\Fegolo
[2013.03.01 19:18:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Fiedi\Anwendungsdaten\Ilqi
[2012.04.30 07:40:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Fiedi\Anwendungsdaten\Izmeil
[2013.03.14 04:21:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Fiedi\Anwendungsdaten\Neihfy
[2013.02.12 20:54:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Fiedi\Anwendungsdaten\Nunuy
[2012.04.29 22:29:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Fiedi\Anwendungsdaten\Pyvosa
[2011.11.28 21:15:23 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Fiedi\Anwendungsdaten\TeamViewer
[2013.03.14 08:23:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Fiedi\Anwendungsdaten\Ubivm
[2013.02.12 21:43:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Fiedi\Anwendungsdaten\Utta
[2012.04.21 21:35:23 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Fiedi\Anwendungsdaten\wargaming.net
[2013.03.10 22:23:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Fiedi\Anwendungsdaten\Xybyw
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*. >
[2009.11.28 15:41:46 | 000,000,000 | ---D | M] -- C:\303e4aa947f5e36b60
[2009.12.27 17:23:44 | 000,000,000 | ---D | M] -- C:\4742bab6c9d6ba9cd9500ef7cd9103b7
[2010.07.21 14:19:02 | 000,000,000 | ---D | M] -- C:\63c41e45c9427704dd689a2d
[2009.12.27 17:23:58 | 000,000,000 | ---D | M] -- C:\645849d665ac52e7f685cd062e
[2010.07.21 14:17:49 | 000,000,000 | ---D | M] -- C:\885cc1fd376617c6d1
[2009.11.28 15:37:10 | 000,000,000 | ---D | M] -- C:\a65588d8d321dda5afb2b6415513ab
[2009.11.28 15:36:07 | 000,000,000 | ---D | M] -- C:\aae7c658750ba304d3740f
[2013.05.29 23:19:16 | 000,000,000 | RHSD | M] -- C:\cmdcons
[2013.05.29 23:28:24 | 000,000,000 | ---D | M] -- C:\ComboFix
[2013.05.31 08:48:04 | 000,000,000 | ---D | M] -- C:\Config.Msi
[2010.07.21 14:18:24 | 000,000,000 | ---D | M] -- C:\d9bd6f6772e42b001397
[2009.02.02 11:09:28 | 000,000,000 | ---D | M] -- C:\DASSDVS
[2011.01.23 22:19:14 | 000,000,000 | ---D | M] -- C:\DATEV
[2009.02.02 11:05:32 | 000,000,000 | ---D | M] -- C:\DDS
[2011.11.25 17:53:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen
[2009.04.08 20:44:32 | 000,000,000 | ---D | M] -- C:\Download
[2010.06.15 10:10:33 | 000,000,000 | ---D | M] -- C:\f02e35aca72ddbf139
[2013.05.31 12:35:51 | 000,000,000 | ---D | M] -- C:\hit
[2009.02.11 21:44:14 | 000,000,000 | ---D | M] -- C:\HP LJP2015 PCL5
[2009.01.11 11:05:38 | 000,000,000 | R--D | M] -- C:\MSOCache
[2013.05.31 08:42:39 | 000,000,000 | R--D | M] -- C:\Programme
[2013.05.29 23:28:23 | 000,000,000 | ---D | M] -- C:\Qoobox
[2013.05.31 08:22:04 | 000,000,000 | -HSD | M] -- C:\RECYCLER
[2011.11.24 17:19:19 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2013.01.01 15:44:42 | 000,000,000 | ---D | M] -- C:\Temp
[2013.05.31 22:17:37 | 000,000,000 | ---D | M] -- C:\WINDOWS
< %PROGRAMFILES%\*.exe >
Invalid Environment Variable: LOCALAPPDATA
< %systemroot%\*. /mp /s >
< C:\Windows\system32\*.tsp >
[2008.04.14 04:23:08 | 000,266,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\h323.tsp
[2008.04.14 04:23:08 | 000,029,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\hidphone.tsp
[2008.04.14 04:23:08 | 000,017,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ipconf.tsp
[2008.04.14 04:23:08 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kmddsp.tsp
[2008.04.14 04:23:08 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ndptsp.tsp
[2008.04.14 04:23:08 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\remotesp.tsp
[2008.04.14 04:23:08 | 000,207,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\unimdm.tsp
[2009.01.10 16:11:45 | 000,000,065 | RH-- | C] () -- C:\WINDOWS\Tasks\desktop.ini
[2009.01.10 16:18:10 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2013.05.31 07:12:10 | 000,000,884 | ---- | C] () -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
< MD5 for: AGP440.SYS >
[2007.10.29 14:00:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2009.01.10 16:57:00 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2009.01.10 16:57:00 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\erdnt\cache\agp440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
< MD5 for: ATAPI.SYS >
[2007.10.29 14:00:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2009.01.10 16:57:00 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2009.01.10 16:57:00 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\erdnt\cache\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2007.10.29 14:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
< MD5 for: EVENTLOG.DLL >
[2008.04.14 04:22:10 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\erdnt\cache\eventlog.dll
[2008.04.14 04:22:10 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 04:22:10 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\system32\eventlog.dll
[2007.10.29 14:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=B932C077D5A65B71B4512544AC404CB4 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
< MD5 for: EXPLORER.EXE >
[2007.10.29 14:00:00 | 001,035,264 | ---- | M] (Microsoft Corporation) MD5=22FE1BE02EADDE1632E478E4125639E0 -- C:\WINDOWS\$NtServicePackUninstall$\explorer.exe
[2008.04.14 04:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) MD5=418045A93CD87A352098AB7DABE1B53E -- C:\WINDOWS\erdnt\cache\explorer.exe
[2008.04.14 04:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) MD5=418045A93CD87A352098AB7DABE1B53E -- C:\WINDOWS\explorer.exe
[2008.04.14 04:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) MD5=418045A93CD87A352098AB7DABE1B53E -- C:\WINDOWS\ServicePackFiles\i386\explorer.exe
< MD5 for: NETLOGON.DLL >
[2008.04.14 04:22:19 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\erdnt\cache\netlogon.dll
[2008.04.14 04:22:19 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 04:22:19 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\system32\netlogon.dll
[2007.10.29 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=D27395EDCD3416AFD125A9370DCB585C -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
< MD5 for: SCECLI.DLL >
[2008.04.14 04:22:23 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\erdnt\cache\scecli.dll
[2008.04.14 04:22:23 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 04:22:23 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\system32\scecli.dll
[2007.10.29 14:00:00 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=64DC26B3CF7BCCAD431CE360A4C625D5 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
< MD5 for: USER32.DLL >
[2007.10.29 14:00:00 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=56785FD5236D7B22CF471A6DA9DB46D8 -- C:\WINDOWS\$NtServicePackUninstall$\user32.dll
[2008.04.14 04:22:31 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\erdnt\cache\user32.dll
[2008.04.14 04:22:31 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\ServicePackFiles\i386\user32.dll
[2008.04.14 04:22:31 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\system32\user32.dll
< MD5 for: USERINIT.EXE >
[2008.04.14 04:23:03 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\erdnt\cache\userinit.exe
[2008.04.14 04:23:03 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 04:23:03 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\system32\userinit.exe
[2007.10.29 14:00:00 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=D1E53DC57143F2584B1DD53B036C0633 -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
< MD5 for: WINLOGON.EXE >
[2007.10.29 14:00:00 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=00F0521FB60946D16AFA483C2FE68F34 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2013.04.04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Programme\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2008.04.14 04:23:05 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\erdnt\cache\winlogon.exe
[2008.04.14 04:23:05 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 04:23:05 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\system32\winlogon.exe
< MD5 for: WS2IFSL.SYS >
[2007.10.29 14:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\dllcache\ws2ifsl.sys
[2007.10.29 14:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\drivers\ws2ifsl.sys
< %systemroot%\system32\drivers\*.sys /lockedfiles >
< %systemroot%\System32\config\*.sav >
[2009.01.10 16:55:24 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2009.01.10 16:55:24 | 000,663,552 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2009.01.10 16:55:24 | 000,438,272 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav
< %systemroot%\system32\*.dll /lockedfiles >
< %USERPROFILE%\*.* >
[2012.06.25 16:40:20 | 000,055,216 | ---- | M] () -- C:\Dokumente und Einstellungen\Fiedi\ESt2011_Lawall_Andrea.elfo
[2013.01.30 19:15:19 | 000,006,804 | ---- | M] () -- C:\Dokumente und Einstellungen\Fiedi\importreply.p7s
[2013.05.31 22:10:40 | 003,670,016 | -H-- | M] () -- C:\Dokumente und Einstellungen\Fiedi\NTUSER.DAT
[2013.05.31 22:53:40 | 000,001,024 | -H-- | M] () -- C:\Dokumente und Einstellungen\Fiedi\NTUSER.DAT.LOG
[2013.05.31 22:10:36 | 000,000,190 | -HS- | M] () -- C:\Dokumente und Einstellungen\Fiedi\ntuser.ini
< %USERPROFILE%\Local Settings\Temp\*.exe >
< %USERPROFILE%\Local Settings\Temp\*.dll >
< %USERPROFILE%\Application Data\*.exe >
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs >
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Kmode: %SystemRoot%\system32\win32k.sys [2013.04.12 16:00:54 | 001,876,480 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
< >
< End of report >
eine extra.txt hab ich nicht gefunden |
Textbox.