| ulfilas-bs | 30.04.2015 11:52 |
Gerne:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 29-04-2015 01
Ran by Ulfilas57 (administrator) on ULFILAS on 30-04-2015 12:45:38
Running from C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Eigene Dateien\Downloads
Loaded Profiles: Ulfilas57 (Available profiles: Ulfilas57)
Platform: Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 7 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Programme\Windows Defender\MsMpEng.exe
(AOL LLC) C:\Programme\Gemeinsame Dateien\aol\ACS\AOLacsd.exe
(Apple Inc.) C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
(Apple Inc.) C:\Programme\Bonjour\mDNSResponder.exe
(InterVideo Inc.) C:\Programme\Gemeinsame Dateien\InterVideo\DeviceService\DevSvc.exe
(SEIKO EPSON CORPORATION) C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\EPSON\EPW!3 SSRP\E_S40RP7.EXE
(Aladdin Knowledge Systems Ltd.) C:\WINDOWS\system32\hasplms.exe
(Nero AG) C:\Programme\Nero\Nero 7\InCD\InCDsrv.exe
(InterVideo) C:\Programme\Gemeinsame Dateien\InterVideo\RegMgr\iviRegMgr.exe
(Hewlett-Packard Company) C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
(Malwarebytes Corporation) C:\Programme\Malwarebytes Anti-Malware\mbamscheduler.exe
(NVIDIA Corporation) C:\WINDOWS\system32\nvsvc32.exe
(O&O Software GmbH) C:\WINDOWS\system32\oodag.exe
() C:\Programme\CyberLink\Shared Files\RichVideo.exe
() C:\WINDOWS\system32\PAStiSvc.exe
(Ulead Systems, Inc.) C:\Programme\Gemeinsame Dateien\Ulead Systems\DVD\ULCDRSvr.exe
(America Online, Inc.) C:\WINDOWS\wanmpsvc.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(SSC Localization Group) C:\Programme\SSC Service Utility\ssc_serv.exe
(Nero AG) C:\Programme\Nero\Nero 7\InCD\NBHGui.exe
(Apple Inc.) C:\Programme\QuickTime\QTTask.exe
(Nero AG) C:\Programme\Nero\Nero 7\InCD\InCD.exe
(America Online, Inc.) C:\Programme\Gemeinsame Dateien\aol\1186092089\ee\aolsoftware.exe
(Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe
(Hewlett-Packard Company) C:\Programme\Gemeinsame Dateien\LightScribe\LightScribeControlPanel.exe
(Logitech Inc.) C:\Programme\Logitech\SetPoint\SetPoint.exe
(OpenOffice.org) C:\Programme\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Programme\OpenOffice.org 3\program\soffice.bin
(Logitech Inc.) C:\Programme\Gemeinsame Dateien\Logitech\khalshared\KHALMNPR.exe
(Google Inc.) C:\Programme\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Programme\Google\Chrome\Application\chrome.exe
(Farbar) C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Eigene Dateien\Downloads\FRST (1).exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Automatisch EPSON Stylus Photo R200 Series auf MARION] => C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0H2.EXE [99840 2003-09-11] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [TkBellExe] => C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe [198160 2009-09-11] (RealNetworks, Inc.)
HKLM\...\Run: [SSC Service Utility] => C:\Programme\SSC Service Utility\ssc_serv.exe [665600 2007-10-09] (SSC Localization Group)
HKLM\...\Run: [SecurDisc] => C:\Programme\Nero\Nero 7\InCD\NBHGui.exe [1629480 2007-11-26] (Nero AG)
HKLM\...\Run: [QuickTime Task] => C:\Programme\QuickTime\qttask.exe [417792 2009-09-05] (Apple Inc.)
HKLM\...\Run: [nwiz] => nwiz.exe /install
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [NeroFilterCheck] => C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroCheck.exe [153136 2007-03-01] (Nero AG)
HKLM\...\Run: [Logitech Hardware Abstraction Layer] => C:\WINDOWS\KHALMNPR.EXE [101136 2007-01-23] (Logitech Inc.)
HKLM\...\Run: [InCD] => C:\Programme\Nero\Nero 7\InCD\InCD.exe [1057064 2007-11-26] (Nero AG)
HKLM\...\Run: [HostManager] => C:\Programme\Gemeinsame Dateien\AOL\1186092089\ee\AOLSoftware.exe [50736 2006-09-26] (America Online, Inc.)
HKLM\...\Run: [Adobe ARM] => C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe [959904 2014-05-08] (Adobe Systems Incorporated)
HKLM\...\Run: [NvMediaCenter] => RunDLL32.exe NvMCTray.dll,NvTaskbarInit
HKU\S-1-5-21-484763869-630328440-839522115-1004\...\Run: [LightScribe Control Panel] => C:\Programme\Gemeinsame Dateien\LightScribe\LightScribeControlPanel.exe [2363392 2009-11-20] (Hewlett-Packard Company)
HKU\S-1-5-18\...\Run: [DWQueuedReporting] => C:\Programme\Gemeinsame Dateien\Microsoft Shared\DW\DWTRIG20.EXE [519584 2010-02-28] (Microsoft Corporation)
Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Adobe Gamma Loader.exe.lnk [2015-04-12]
ShortcutTarget: Adobe Gamma Loader.exe.lnk -> C:\Programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Logitech SetPoint.lnk [2015-04-12]
ShortcutTarget: Logitech SetPoint.lnk -> C:\Programme\Logitech\SetPoint\SetPoint.exe (Logitech Inc.)
Startup: C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Startmenü\Programme\Autostart\Adobe Gamma.lnk [2015-04-14]
ShortcutTarget: Adobe Gamma.lnk -> C:\Programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Startmenü\Programme\Autostart\OpenOffice.org 3.4.1.lnk [2015-04-12]
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Programme\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Dokumente und Einstellungen\Ulfilas57 - Kopie\Startmenü\Programme\Autostart\Adobe Gamma.lnk [2012-10-18]
ShortcutTarget: Adobe Gamma.lnk -> C:\Programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Startmenü\Programme\Autostart\Adobe Gamma.lnk [2015-04-14]
ShortcutTarget: Adobe Gamma.lnk -> C:\Programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Startmenü\Programme\Autostart\OpenOffice.org 3.4.1.lnk [2015-04-12]
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Programme\OpenOffice.org 3\program\quickstart.exe ()
BootExecute: autocheck autochk * OODBS
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-484763869-630328440-839522115-1004\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-484763869-630328440-839522115-1004\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Adobe PDF Reader -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2012-09-23] (Adobe Systems Incorporated)
BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Programme\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll [2010-01-14] (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Programme\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-04-01] (Oracle Corporation)
BHO: EpsonToolBandKicker Class -> {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} -> C:\Programme\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-21] (SEIKO EPSON CORPORATION)
Toolbar: HKLM - EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Programme\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-21] (SEIKO EPSON CORPORATION)
DPF: {0EB73E39-8AD4-43E8-8FBA-0165C2CCDB8B} hxxp://midasplayer.aol.de/midasa.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://go.microsoft.com/fwlink/?linkid=39204
DPF: {22E5D91F-89E6-4405-AD9C-0AF27BA6F06B} file:///C:/Dokumente%20und%20Einstellungen/Ulfilas57/Desktop/components/hidinputmonitorx.ocx
DPF: {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {26CBF141-7D0F-46E1-AA06-718958B6E4D2} hxxp://download.ebay.com/turbo_lister/DE/install.cab
DPF: {45A0A292-ECC6-4D8F-9EA9-A4BD411D24C1} hxxp://king.aolsvc.de/ctl/kingcomie.cab
DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.0.cab
DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} hxxp://aolcc.aol.de/computercheckup/qdiagcc.cab
DPF: {4F63D44B-6274-4D60-8AB1-CAA7116B8AF3} file:///C:/Dokumente%20und%20Einstellungen/Ulfilas57/Desktop/components/A9.ocx
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1115727237102
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1152046154312
DPF: {7030CC6C-1A88-4591-BB5A-651B9F7F0C30} file:///C:/Dokumente%20und%20Einstellungen/Ulfilas57/Desktop/components/wmvhdrating.ocx
DPF: {86A88967-7A20-11D2-8EDA-00600818EDB1} hxxp://www.parallelgraphics.com/bin/cortvrml.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_40-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} hxxp://office.dogcam.smalldog.com/activex/AxisCamControl.cab
DPF: {ABC1D8DE-CAB5-4FB7-BCD0-137BAB9F09DC} hxxp://www.aldisued-fotos-druck.de/upload/aldi_sued_bilduebertragung.cab
DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} hxxp://game14.zylomgames.com/activex/zylomgamesplayer.cab
DPF: {CAFEEFAC-0018-0000-0040-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_40-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_40-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: haufereader - {39198710-62F7-42CD-9458-069843FA5D32} - C:\Programme\Haufe\HaufeReader\HRInstmon.dll [2005-04-27] (Haufe Mediengruppe)
Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll [2008-04-14] (Microsoft Corporation)
Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll [2008-04-14] (Microsoft Corporation)
Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll [2008-04-14] (Microsoft Corporation)
Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll [2008-04-14] (Microsoft Corporation)
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll [2008-04-14] (Microsoft Corporation)
Handler: lid - {5C135180-9973-46D9-ABF4-148267CBB8BF} - C:\WINDOWS\System32\msvidctl.dll [2008-04-14] (Microsoft Corporation)
Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - c:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll [2008-07-30] (Microsoft Corporation)
Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll [2008-04-14] (Microsoft Corporation)
Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll [2008-04-14] (Microsoft Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll [2014-02-26] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll [2014-02-26] (Microsoft Corporation)
ShellExecuteHooks: Microsoft AntiMalware ShellExecuteHook - {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Programme\Windows Defender\MpShHook.dll [83224 2006-11-03] (Microsoft Corporation)
Winsock: Catalog5 04 C:\Programme\Bonjour\mdnsNSP.dll [147456 2008-12-12] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll [2010-01-27] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\WINDOWS\system32\Adobe\Director\np32dsw.dll [2011-04-26] (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Programme\iTunes\Mozilla Plugins\npitunes.dll [2009-10-23] ()
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 -> C:\Programme\DivX\DivX Player\npDivxPlayerPlugin.dll [2007-01-03] (DivX, Inc)
FF Plugin: @java.com/DTPlugin,version=10.25.2 -> C:\WINDOWS\system32\npDeployJava1.dll [2013-08-20] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin -> C:\Programme\Java\jre1.8.0_40\bin\new_plugin\npjp2.dll No File
FF Plugin: @java.com/JavaPlugin,version=11.40.2 -> C:\Programme\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-04-01] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Programme\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=6.0.12.448 -> c:\programme\real\realone player\Netscape6\nppl3260.dll [2009-09-11] (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=1.0.3.448 -> c:\programme\real\realone player\Netscape6\nprjplug.dll [2009-09-11] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.448 -> c:\programme\real\realone player\Netscape6\nprpjplug.dll [2009-09-11] (RealNetworks, Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Programme\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-18] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Programme\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-03-18] (Google Inc.)
FF Plugin: @viewpoint.com/VMP -> C:\Programme\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll [2004-02-20] ()
FF Plugin: @zylom.com/ZylomGamesPlayer -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll [2006-09-26] (Zylom)
FF Plugin: Adobe Reader -> C:\Programme\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-08-23]
Chrome:
=======
CHR StartupUrls: Default -> "hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=54E00010DCFAF9B2&affID=119357&tsp=4945"
CHR Plugin: (Shockwave Flash) - C:\Programme\Google\Chrome\Application\42.0.2311.135\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Shockwave Flash) - C:\Programme\Google\Chrome\Application\42.0.2311.135\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Programme\Google\Chrome\Application\42.0.2311.135\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Programme\Google\Chrome\Application\42.0.2311.135\pdf.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Programme\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.290.11) - C:\Programme\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java(TM) Platform SE 6 U29) - C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.4) - C:\Programme\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.4) - C:\Programme\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.4) - C:\Programme\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.4) - C:\Programme\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.4) - C:\Programme\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.4) - C:\Programme\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.4) - C:\Programme\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Microsoft DRM) - C:\Programme\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Microsoft DRM) - C:\Programme\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Programme\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Zylom Plugin) - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL No File
CHR Plugin: (DivX Player Netscape Plugin) - C:\Programme\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
CHR Plugin: (Google Earth Plugin) - C:\Programme\Google\Google Earth\plugin\npgeplugin.dll No File
CHR Plugin: (Google Updater) - C:\Programme\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll No File
CHR Plugin: (Google Update) - C:\Programme\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File
CHR Plugin: (MetaStream 3 Plugin) - C:\Programme\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
CHR Plugin: (iTunes Application Detector) - C:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Shockwave for Director) - C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
CHR Plugin: (Silverlight Plug-In) - c:\Programme\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Plugin: (Windows Presentation Foundation) - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - c:\programme\real\realone player\Netscape6\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - c:\programme\real\realone player\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
CHR Plugin: (RealJukebox NS Plugin) - c:\programme\real\realone player\Netscape6\nprjplug.dll (RealNetworks, Inc.)
CHR Profile: C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default
CHR Extension: (Chrome Hotword Shared Module) - C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-25]
CHR Extension: (Google Wallet) - C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-18]
StartMenuInternet: chrome.exe - Chrome.exe
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 Adobe LM Service; C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2005-06-27] (Adobe Systems) [File not signed]
R2 AOL ACS; C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLAcsd.exe [46640 2006-10-23] (AOL LLC)
R2 Apple Mobile Device; C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [144672 2009-08-28] (Apple Inc.)
R2 Bonjour Service; C:\Programme\Bonjour\mDNSResponder.exe [238888 2008-12-12] (Apple Inc.)
R2 Capture Device Service; C:\Programme\Gemeinsame Dateien\InterVideo\DeviceService\DevSvc.exe [198168 2007-03-06] (InterVideo Inc.)
R2 EPSON_PM_RPCV4_01; C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\EPSON\EPW!3 SSRP\E_S40RP7.EXE [113664 2007-01-11] (SEIKO EPSON CORPORATION)
S3 FLEXnet Licensing Service; C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [655624 2010-02-20] (Acresso Software Inc.)
S2 gupdate1c9871269d85f5e; C:\Programme\Google\Update\GoogleUpdate.exe [107848 2015-03-18] (Google Inc.)
S3 gupdatem; C:\Programme\Google\Update\GoogleUpdate.exe [107848 2015-03-18] (Google Inc.)
S3 gusvc; C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe [194104 2011-09-09] (Google)
R2 hasplms; C:\WINDOWS\system32\hasplms.exe [2562048 2008-04-24] (Aladdin Knowledge Systems Ltd.)
S3 IDriverT; C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 InCDsrv; C:\Programme\Nero\Nero 7\InCD\InCDsrv.exe [1554728 2007-11-26] (Nero AG)
S3 iPod Service; C:\Programme\iPod\bin\iPodService.exe [545568 2009-10-28] (Apple Inc.)
R2 IviRegMgr; C:\Programme\Gemeinsame Dateien\InterVideo\RegMgr\iviRegMgr.exe [112152 2007-01-04] (InterVideo)
R2 LightScribeService; C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe [73728 2009-11-20] (Hewlett-Packard Company) [File not signed]
S3 Macromedia Licensing Service; C:\Programme\Gemeinsame Dateien\Macromedia Shared\Service\Macromedia Licensing.exe [68096 2007-09-10] () [File not signed]
R2 MBAMScheduler; C:\Programme\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-03-17] (Malwarebytes Corporation)
S2 MBAMService; C:\Programme\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
S3 NBService; C:\Programme\Nero\Nero 7\Nero BackItUp\NBService.exe [800040 2007-09-17] (Nero AG)
S3 NMIndexingService; C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexingService.exe [279848 2007-06-27] (Nero AG)
R2 NVSvc; C:\WINDOWS\system32\nvsvc32.exe [143436 2006-03-09] (NVIDIA Corporation) [File not signed]
R2 O&O Defrag; C:\WINDOWS\system32\oodag.exe [339456 2006-06-02] (O&O Software GmbH) [File not signed]
R2 RichVideo; C:\Programme\CyberLink\Shared Files\RichVideo.exe [272024 2007-05-14] ()
R2 STI Simulator; C:\WINDOWS\System32\PAStiSvc.exe [53248 2005-01-14] () [File not signed]
R2 UleadBurningHelper; C:\Programme\Gemeinsame Dateien\Ulead Systems\DVD\ULCDRSvr.exe [67056 2007-01-18] (Ulead Systems, Inc.)
S3 UPnPService; C:\Programme\Gemeinsame Dateien\MAGIX Shared\UPnPService\UPnPService.exe [544768 2006-12-14] (Magix AG) [File not signed]
R2 WANMiniportService; C:\WINDOWS\wanmpsvc.exe [65536 2003-08-27] (America Online, Inc.) [File not signed]
R2 WinDefend; C:\Programme\Windows Defender\MsMpEng.exe [13592 2006-11-03] (Microsoft Corporation)
S3 WMPNetworkSvc; C:\Programme\Windows Media Player\WMPNetwk.exe [920576 2006-11-03] (Microsoft Corporation)
S3 FirebirdServerMAGIXInstance; C:\MAGIX\Common\Database\bin\fbserver.exe [X]
S3 McComponentHostService; "C:\Programme\McAfee Security Scan\2.0.181\McCHSvc.exe" [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 61883; C:\WINDOWS\System32\DRIVERS\61883.sys [48128 2008-04-13] (Microsoft Corporation)
R2 aksfridge; C:\WINDOWS\System32\DRIVERS\aksfridge.sys [350720 2008-03-18] (Aladdin Knowledge Systems Ltd.)
S3 akshasp; C:\WINDOWS\System32\DRIVERS\akshasp.sys [238976 2007-07-05] (Aladdin Knowledge Systems Ltd.)
S3 akshhl; C:\WINDOWS\System32\DRIVERS\akshhl.sys [46336 2007-07-23] (Aladdin Knowledge Systems Ltd.)
S3 aksusb; C:\WINDOWS\System32\DRIVERS\aksusb.sys [14976 2007-07-05] (Aladdin Knowledge Systems Ltd.)
R3 ALCXWDM; C:\WINDOWS\System32\drivers\ALCXWDM.SYS [695852 2003-01-10] (Realtek Semiconductor Corp.) [File not signed]
S3 BENDER; C:\WINDOWS\System32\drivers\bender.sys [200320 2005-08-22] (Pinnacle Systems) [File not signed]
S3 BVRPMPR5; C:\WINDOWS\system32\drivers\BVRPMPR5.SYS [49904 2008-05-14] (Avanquest Software) [File not signed]
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
R1 cdrblock; C:\WINDOWS\System32\DRIVERS\cdrblock.sys [27704 2008-05-30] (Canopus Co,. Ltd.)
R3 gameenum; C:\WINDOWS\System32\DRIVERS\gameenum.sys [10624 2008-04-13] (Microsoft Corporation)
S3 giveio; C:\WINDOWS\system32\giveio.sys [5248 2009-05-15] () [File not signed]
R2 Hardlock; C:\WINDOWS\system32\drivers\hardlock.sys [586240 2008-02-11] (Aladdin Knowledge Systems Ltd.)
R0 hotcore; C:\WINDOWS\System32\drivers\hotcore.sys [18208 2005-10-14] (Paragon Software Group) [File not signed]
R4 InCDfs; C:\WINDOWS\system32\Drivers\InCDfs.sys [118952 2007-11-26] (Nero AG)
R1 InCDPass; C:\WINDOWS\System32\DRIVERS\InCDPass.sys [36776 2007-11-26] (Nero AG)
U1 InCDrec; C:\WINDOWS\system32\Drivers\InCDrec.sys [16040 2007-11-26] (Nero AG)
R1 incdrm; C:\WINDOWS\system32\Drivers\incdrm.sys [38440 2007-11-26] (Nero AG)
R3 Iviaspi; C:\WINDOWS\System32\drivers\iviaspi.sys [10368 2005-09-20] (InterVideo, Inc.) [File not signed]
S3 KMWDFilter; C:\WINDOWS\System32\Drivers\KMWDFilter.SYS [17024 2007-03-29] (Windows (R) Codename Longhorn DDK provider) [File not signed]
R3 MarvinBus; C:\WINDOWS\System32\DRIVERS\MarvinBus.sys [171008 2005-06-02] (Pinnacle Systems GmbH) [File not signed]
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2015-03-17] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [119512 2015-04-14] (Malwarebytes Corporation)
R3 ms_mpu401; C:\WINDOWS\System32\drivers\msmpu401.sys [2944 2001-08-17] (Microsoft Corporation)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
R3 nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [3650368 2006-03-09] (NVIDIA Corporation) [File not signed]
R1 PCLEPCI; C:\WINDOWS\system32\drivers\pclepci.sys [14165 2002-03-19] (Pinnacle Systems GmbH) [File not signed]
R3 rtl8139; C:\WINDOWS\System32\DRIVERS\R8139n51.SYS [46976 2002-10-04] (Realtek Semiconductor Corporation )
R1 SSHDRV85; C:\WINDOWS\system32\drivers\SSHDRV85.sys [78848 2007-03-28] () [File not signed]
S3 USBAAPL; C:\WINDOWS\System32\Drivers\usbaapl.sys [32000 2008-07-10] (Apple, Inc.) [File not signed]
R3 wanatw; C:\WINDOWS\System32\DRIVERS\wanatw4.sys [33588 2003-01-10] (America Online, Inc.)
S2 adfs; No ImagePath
S3 catchme; \??\C:\DOKUME~1\ULFILA~1.ULF\LOKALE~1\Temp\catchme.sys [X]
S3 GMSIPCI; \??\I:\INSTALL\GMSIPCI.SYS [X]
S4 hpt3xx; No ImagePath
S4 IntelIde; No ImagePath
S3 NTACCESS; \??\I:\NTACCESS.sys [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
S3 SetupNTGLM7X; \??\I:\NTGLM7X.sys [X]
U3 TlntSvr; No ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-14 17:43 - 2015-04-14 17:43 - 00000000 ____D () C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Eigene Dateien\Updater
2015-04-14 16:28 - 2015-04-14 16:28 - 00001736 _____ () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Adobe Help Center.lnk
2015-04-14 16:25 - 2015-04-14 16:25 - 00001718 _____ () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Adobe Bridge.lnk
2015-04-14 16:24 - 2015-04-14 16:24 - 00001768 _____ () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Adobe Photoshop CS2.lnk
2015-04-14 16:24 - 2015-04-14 16:24 - 00001765 _____ () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Adobe ImageReady CS2.lnk
2015-04-14 16:07 - 2015-04-14 16:10 - 00000000 ____D () C:\PS_CS2_Gr_NonRet
2015-04-14 13:33 - 2015-04-14 13:33 - 00000000 _____ () C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Desktop\NknB.tmp
2015-04-14 13:16 - 2015-04-14 13:16 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Nikon Scan 4
2015-04-14 13:14 - 2015-04-14 13:14 - 00001623 _____ () C:\Dokumente und Einstellungen\All Users\Desktop\Nikon Scan.lnk
2015-04-14 13:12 - 2002-01-05 21:10 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc70deu.dll
2015-04-14 13:12 - 1996-03-28 00:13 - 00010656 _____ (Nikon Inc.) C:\WINDOWS\system32\NKNSCN95.DLL
2015-04-14 13:11 - 2015-04-14 13:12 - 00000000 ____D () C:\WINDOWS\system32\Color
2015-04-14 13:09 - 2015-04-14 13:09 - 00000000 ____D () C:\Programme\Nikon
2015-04-13 00:20 - 2015-04-13 00:20 - 00000477 _____ () C:\WINDOWS\nsw.log
2015-04-11 00:58 - 2015-04-11 00:58 - 00000000 ____D () C:\Programme\Viewpoint
2015-04-11 00:58 - 2015-04-11 00:58 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Viewpoint
2015-04-10 22:35 - 2015-04-10 22:36 - 00000000 ____D () C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Desktop\dsfsfsfsfsdf
2015-04-02 02:12 - 2015-04-02 02:12 - 00090112 _____ () C:\WINDOWS\Minidump\Mini040215-01.dmp
2015-04-01 14:44 - 2015-04-10 22:20 - 00000000 ____D () C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Anwendungsdaten\Canopus
2015-04-01 13:34 - 2013-08-20 13:22 - 00867240 _____ (Oracle Corporation) C:\WINDOWS\system32\npDeployJava1.dll
2015-04-01 13:34 - 2013-08-20 13:22 - 00789416 _____ (Oracle Corporation) C:\WINDOWS\system32\deployJava1.dll
2015-04-01 13:32 - 2015-04-01 13:33 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Java
2015-04-01 13:29 - 2015-04-01 13:29 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Oracle
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-30 12:49 - 2013-07-08 12:53 - 00000000 ____D () C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Lokale Einstellungen\Temp
2015-04-30 12:45 - 2015-03-18 18:25 - 00000000 ____D () C:\FRST
2015-04-30 12:39 - 2006-04-11 14:20 - 00050257 _____ () C:\WINDOWS\system32\nvapps.xml
2015-04-30 12:38 - 2015-03-20 00:39 - 00000230 _____ () C:\WINDOWS\Tasks\Ende des Supports für Microsoft Windows XP – Benachrichtigung – Anmeldung.job
2015-04-30 12:38 - 2012-01-31 16:19 - 00000314 _____ () C:\WINDOWS\Tasks\GlaryInitialize.job
2015-04-30 12:38 - 2009-06-30 03:32 - 00001086 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-30 12:38 - 2005-05-10 14:06 - 00032516 _____ () C:\WINDOWS\SchedLgU.Txt
2015-04-30 12:38 - 2001-08-18 13:00 - 00013050 _____ () C:\WINDOWS\system32\wpa.dbl
2015-04-30 12:24 - 2009-06-30 03:32 - 00001090 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-30 11:26 - 2015-03-27 13:54 - 00001781 _____ () C:\Dokumente und Einstellungen\All Users\Desktop\Google Chrome.lnk
2015-04-30 03:14 - 2005-05-10 14:14 - 01207935 _____ () C:\WINDOWS\WindowsUpdate.log
2015-04-30 03:01 - 2005-05-15 23:51 - 125832184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-04-30 02:12 - 2013-08-10 15:43 - 00000322 ____H () C:\WINDOWS\Tasks\MP Scheduled Scan.job
2015-04-29 20:45 - 2015-03-20 17:18 - 00000000 ____D () C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\temp
2015-04-29 20:03 - 2005-05-10 14:54 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2015-04-29 20:02 - 2005-05-10 14:54 - 00000050 _____ () C:\WINDOWS\wiaservc.log
2015-04-29 20:02 - 2005-05-10 14:51 - 02173296 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-04-29 20:01 - 2006-07-28 23:12 - 00743505 _____ () C:\WINDOWS\system32\OODBS.lor
2015-04-29 20:01 - 2005-05-10 14:02 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-04-14 17:52 - 2013-07-16 12:02 - 00000000 ____D () C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Lokale Einstellungen\Anwendungsdaten\Adobe
2015-04-14 17:52 - 2013-07-08 12:53 - 00000190 ___SH () C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\ntuser.ini
2015-04-14 17:43 - 2013-07-16 12:02 - 00000000 ____D () C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Anwendungsdaten\Adobe
2015-04-14 16:29 - 2005-05-10 20:20 - 00000000 ____D () C:\Programme\Adobe
2015-04-14 16:28 - 2005-05-10 14:52 - 00000000 ___RD () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme
2015-04-14 16:26 - 2013-07-08 12:53 - 00000000 ___RD () C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Startmenü\Programme\Autostart
2015-04-14 16:25 - 2005-05-11 19:10 - 00000000 ____D () C:\Programme\Gemeinsame Dateien\Adobe
2015-04-14 16:25 - 2005-05-11 19:10 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Adobe
2015-04-14 16:23 - 2006-05-04 19:50 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Adobe
2015-04-14 15:16 - 2015-03-21 14:39 - 00119512 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-04-14 13:53 - 2010-09-19 03:10 - 00491561 _____ () C:\WINDOWS\setupapi.log
2015-04-14 13:12 - 2009-11-06 00:21 - 00000000 ____D () C:\Programme\Gemeinsame Dateien\Nikon
2015-04-14 13:12 - 2005-05-10 14:46 - 00000000 ____D () C:\WINDOWS\twain_32
2015-04-14 13:11 - 2005-05-10 14:28 - 00000000 ___HD () C:\Programme\InstallShield Installation Information
2015-04-14 13:09 - 2005-05-10 14:52 - 00000000 ___RD () C:\Programme
2015-04-13 00:20 - 2013-07-08 12:53 - 00000000 ___HD () C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Netzwerkumgebung
2015-04-12 23:33 - 2005-05-31 15:55 - 00000000 ____D () C:\WINDOWS\pss
2015-04-12 23:33 - 2005-05-10 14:52 - 00000000 ___RD () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart
2015-04-12 23:33 - 2005-05-10 14:49 - 00000327 __RSH () C:\boot.ini
2015-04-12 23:33 - 2001-08-18 13:00 - 00001690 _____ () C:\WINDOWS\win.ini
2015-04-12 23:33 - 2001-08-18 13:00 - 00000227 _____ () C:\WINDOWS\system.ini
2015-04-11 00:28 - 2009-03-08 02:34 - 00000103 _____ () C:\WINDOWS\canopus.ini
2015-04-10 22:20 - 2013-07-08 13:04 - 00092976 _____ () C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Lokale Einstellungen\Anwendungsdaten\GDIPFONTCACHEV1.DAT
2015-04-10 21:56 - 2015-03-20 00:39 - 00000224 _____ () C:\WINDOWS\Tasks\Ende des Supports für Microsoft Windows XP – Monatliche Benachrichtigung.job
2015-04-10 21:54 - 2005-05-10 14:01 - 00000000 ____D () C:\WINDOWS\system32\Restore
2015-04-10 21:43 - 2005-05-10 14:06 - 00000190 ___SH () C:\Dokumente und Einstellungen\LocalService\ntuser.ini
2015-04-01 13:35 - 2005-07-01 12:34 - 00000000 ____D () C:\Programme\Java
2015-04-01 13:34 - 2005-07-01 12:34 - 00000000 ____D () C:\Programme\Gemeinsame Dateien\Java
2015-04-01 13:31 - 2013-08-20 13:22 - 00096680 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2015-04-01 13:31 - 2011-01-17 17:51 - 00146432 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl
2015-03-31 13:21 - 2005-05-10 14:06 - 00000000 __SHD () C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Verlauf
2015-03-31 13:21 - 2005-05-10 14:06 - 00000000 __SHD () C:\Dokumente und Einstellungen\NetworkService
==================== Files in the root of some directories =======
2013-07-16 12:05 - 2013-07-16 12:05 - 0000000 _____ () C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Anwendungsdaten\sversion.ini
2014-01-22 15:43 - 2014-03-21 00:33 - 0006144 _____ () C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-07-16 12:45 - 2013-07-16 12:45 - 0000150 _____ () C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
Some content of TEMP:
====================
C:\Dokumente und Einstellungen\Ulfilas57\Lokale Einstellungen\Temp\contentDATs.exe
C:\Dokumente und Einstellungen\Ulfilas57\Lokale Einstellungen\Temp\mgxfonts.exe
C:\Dokumente und Einstellungen\Ulfilas57\Lokale Einstellungen\Temp\SecurityScan_Release.exe
C:\Dokumente und Einstellungen\Ulfilas57\Lokale Einstellungen\Temp\_is8C1.exe
C:\Dokumente und Einstellungen\Ulfilas57 - Kopie\Lokale Einstellungen\Temp\jre-6u34-windows-i586-iftw.exe
C:\Dokumente und Einstellungen\Ulfilas57 - Kopie\Lokale Einstellungen\Temp\mgxfonts.exe
C:\Dokumente und Einstellungen\Ulfilas57 - Kopie\Lokale Einstellungen\Temp\_is8C1.exe
C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Lokale Einstellungen\Temp\install_reader11xp_de_mssd_aaa_aih.exe
C:\Dokumente und Einstellungen\Ulfilas57.ULFILAS\Lokale Einstellungen\Temp\jre-8u40-windows-au.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
==================== End Of Log ============================
--- --- ---
Viele Grüße
Wolfgang |
