Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Proxyserver ? rechner läuft merkwürdig. (https://www.trojaner-board.de/99188-proxyserver-rechner-laeuft-merkwuerdig.html)

beazmusix 17.05.2011 07:14
Proxyserver ? rechner läuft merkwürdig.
 
hallo, irgendwas stimmt mit meinem rechner nicht. diverse internet anwendungen laufen nicht mehr. und in den browsern wurde irgendwas mit proxyserver verstellt.

ausserdem gehen teilweise die online spiele nicht mehr. es scheint irgendwas manipuliert worden zu sein. regedit und taskmanager wurden vom administrator deaktiviert. ich konnte sie zwar die wieder aktivieren. aber ich denke hier liegt was im argen.

bitte um schnelle info. muss ich das system neu aufsetzen?

hier noch eine logfile von avira. ich denke nicht das es viel bringt :=)

Code:
Der Suchlauf über die ausgewählten Dateien wird begonnen:

Beginne mit der Suche in 'C:\' <System>
C:\ProgramData\SecTaskMan\2mP7I8YwIMIY.exe.q_Quarantine_18589006_q
  [FUND]      Ist das Trojanische Pferd TR/Dropper.Gen
C:\ProgramData\SecTaskMan\2mP7I8YwIMIY.exe.q_Quarantine_18589006_q.old
  [FUND]      Ist das Trojanische Pferd TR/Dropper.Gen
C:\ProgramData\SecTaskMan\msmsgs.exe.q_Quarantine_116BAA02_q.q_Quarantine_AC9AA02_q
  [FUND]      Ist das Trojanische Pferd TR/Sasfis.axuc
C:\Users\BEAZMUSIX\AppData\Local\Temp\server.exe
  [FUND]      Ist das Trojanische Pferd TR/Dropper.Gen
C:\Users\BEAZMUSIX\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45\7682016d-15a595f9
[0] Archivtyp: ZIP
[FUND]      Enthält Erkennungsmuster des Java-Virus JAVA/ClassLoad.C
--> vload.class
[FUND]      Enthält Erkennungsmuster des Java-Virus JAVA/ClassLoad.C
--> vmain.class
[FUND]      Enthält Erkennungsmuster des Java-Virus JAVA/Remote.C
Beginne mit der Suche in 'D:\' <Stuff>
Beginne mit der Suche in 'E:\' <Projekte>
Beginne mit der Suche in 'F:\' <System Reserved>
Beginne mit der Suche in 'G:\'
Der zu durchsuchende Pfad G:\ konnte nicht geöffnet werden!
Systemfehler [1]: Unzulässige Funktion.
Beginne mit der Suche in 'K:\'
Der zu durchsuchende Pfad K:\ konnte nicht geöffnet werden!
Systemfehler [21]: Das Gerät ist nicht bereit.

Beginne mit der Desinfektion:
C:\Users\BEAZMUSIX\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45\7682016d-15a595f9
  [FUND]      Enthält Erkennungsmuster des Java-Virus JAVA/Remote.C
  [HINWEIS]  Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '4a90a889.qua' verschoben!
C:\Users\BEAZMUSIX\AppData\Local\Temp\server.exe
  [FUND]      Ist das Trojanische Pferd TR/Dropper.Gen
  [HINWEIS]  Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '5249875d.qua' verschoben!
C:\ProgramData\SecTaskMan\msmsgs.exe.q_Quarantine_116BAA02_q.q_Quarantine_AC9AA02_q
  [FUND]      Ist das Trojanische Pferd TR/Sasfis.axuc
  [HINWEIS]  Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '006ddd8b.qua' verschoben!
C:\ProgramData\SecTaskMan\2mP7I8YwIMIY.exe.q_Quarantine_18589006_q.old
  [FUND]      Ist das Trojanische Pferd TR/Dropper.Gen
  [HINWEIS]  Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '6647924f.qua' verschoben!
C:\ProgramData\SecTaskMan\2mP7I8YwIMIY.exe.q_Quarantine_18589006_q
  [FUND]      Ist das Trojanische Pferd TR/Dropper.Gen
  [HINWEIS]  Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '23c3bf71.qua' verschoben!

aus ein paar ähnlichen beiträgen konnt ich lesen das otl mal durchlaufen lassen soll.

das mache ich gerade und hänge dann die logfiles mit an.

gruß und danke


edit: ich habe gerade gesehen das ich die logfiles lieber hätte als zip packen und anhängen sollen. vielleicht kann ein admin mein beiträge nochmal löschen ? dann lade ich sie als zip archiv hoch.

danke.

beazmusix 17.05.2011 07:30
extras.txt

Code:
OTL Extras logfile created on: 17.05.2011 08:08:52 - Run 2
OTL by OldTimer - Version 3.2.22.3    Folder = C:\Users\BEAZMUSIX\Desktop
64bit- Ultimate Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 41,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 72,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 297,99 Gb Total Space | 133,52 Gb Free Space | 44,81% Space Free | Partition Type: NTFS
Drive D: | 931,51 Gb Total Space | 764,23 Gb Free Space | 82,04% Space Free | Partition Type: NTFS
Drive E: | 232,88 Gb Total Space | 84,71 Gb Free Space | 36,37% Space Free | Partition Type: NTFS
Drive F: | 100,00 Mb Total Space | 71,69 Mb Free Space | 71,69% Space Free | Partition Type: NTFS
Drive Y: | 1829,35 Gb Total Space | 1195,35 Gb Free Space | 65,34% Space Free | Partition Type: NTFS
Drive Z: | 1829,35 Gb Total Space | 1195,35 Gb Free Space | 65,34% Space Free | Partition Type: NTFS
 
Computer Name: BEAZMUSIX-PC | User Name: BEAZMUSIX | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-1294757140-3442182510-2919184659-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~3\Office12\ONENOTE.EXE "%L" File not found
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~3\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\FlashFXP\FlashFXP.exe" = C:\Program Files (x86)\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3
"C:\Program Files (x86)\FlashFXP 4\FlashFXP.exe" = C:\Program Files (x86)\FlashFXP 4\FlashFXP.exe:*:Enabled:FlashFXP v3
"C:\Program Files (x86)\FlashFXP\FlashFXP.exe" = C:\Program Files (x86)\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3
"C:\Program Files (x86)\FlashFXP 4\FlashFXP.exe" = C:\Program Files (x86)\FlashFXP 4\FlashFXP.exe:*:Enabled:FlashFXP v3
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\FlashFXP\FlashFXP.exe" = C:\Program Files (x86)\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3
"C:\Program Files (x86)\FlashFXP 4\FlashFXP.exe" = C:\Program Files (x86)\FlashFXP 4\FlashFXP.exe:*:Enabled:FlashFXP v3
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Disabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFWSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFWSvc.exe:*:Enabled:Spybot-S&D 2 Firewall service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDMonSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDMonSvc.exe:*:Enabled:Spybot-S&D 2 On-Access monitor service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDSODSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDSODSvc.exe:*:Enabled:Spybot-S&D 2 Scan On Demand service
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\FlashFXP\FlashFXP.exe" = C:\Program Files (x86)\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3
"C:\Program Files (x86)\FlashFXP 4\FlashFXP.exe" = C:\Program Files (x86)\FlashFXP 4\FlashFXP.exe:*:Enabled:FlashFXP v3
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Disabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFWSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFWSvc.exe:*:Enabled:Spybot-S&D 2 Firewall service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDMonSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDMonSvc.exe:*:Enabled:Spybot-S&D 2 On-Access monitor service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDSODSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDSODSvc.exe:*:Enabled:Spybot-S&D 2 Scan On Demand service
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1" = Core Temp version 0.99.8
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{0E543634-7E25-4B8F-8D5B-97880E5E5088}" = Bonjour
"{16DDB3D1-5C27-4599-9C63-E583287191CC}" = iTunes
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{28A0318C-B98D-B6B1-64D1-4E4755A8E668}" = AMD Drag and Drop Transcoding
"{34BD24DF-3B6F-8661-D4F0-0EBCACA2C834}" = ccc-utility64
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{48C0866E-57EB-444C-8371-8E4321066BC3}" = Network64
"{4B0748C5-2E63-B954-8C3F-71918C599800}" = WMV9/VC-1 Video Playback
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{71BA69AD-9E60-4092-A497-D3BD54779D52}" = Max 5.1.7
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{8F473675-D702-45F9-8EBC-342B40C17BF5}" = Apple Mobile Device Support
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{987FE247-4E69-4A2E-A961-D14F901FDBF6}" = Logitech Webcam Software
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{BE930E38-7BB3-45B6-85B2-5251F374F844}" = 64 Bit HP CIO Components Installer
"{C3113E55-7BCB-4de3-8EBF-60E6CE6B2296}_is1" = SiSoftware Sandra Profi Home 2010.SP3
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{CACBDC26-D504-49ED-3FEC-0CDDB3700240}" = ATI Catalyst Install Manager
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{D285FC5F-3021-32E9-9C59-24CA325BDC5C}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729
"{D5A71F7F-8F69-4CE8-996D-9CF2ADFC285B}" = M-Audio Ozone Driver 6.0.2 (x64)
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F86D9734-D358-4C5B-BC2B-6D90557FF05B}" = HP Officejet Pro 8500 A909 Series
"Automap Universal_is1" = Automap 3.7
"Cakewalk Rapture_is1" = Rapture 1.1
"CCleaner" = CCleaner
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.56
"HP Document Manager" = HP Document Manager 2.0
"HP Imaging Device Functions" = HP Imaging Device Functions 14.0
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 14.0
"HPExtendedCapabilities" = HP Customer Participation Program 14.0
"HPOCR" = OCR Software by I.R.I.S. 14.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Novation USB Audio Driver_is1" = Novation USB Audio Driver 1.5
"Pen Tablet Driver" = Bamboo
"RealVNC_is1" = VNC Enterprise Edition E4.5.1
"Shop for HP Supplies" = Shop for HP Supplies
"VNCMirror_is1" = VNC Mirror Driver 1.8.0
"VNCPrinter_is1" = VNC Printer Driver 1.6.0
"WinRAR archiver" = WinRAR
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0224CACC-994D-45F8-B973-D65056EA9C2F}" = Adobe XMP DVA Panels CS3
"{024521CF-C07E-4F8E-8481-0D75695E03AF}" = PxMergeModule
"{0327FA9D-975C-448C-A086-577D57BB25B8}" = Adobe Soundbooth CS3 Codecs
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{0659E943-DDF4-44FC-9FEE-A13B09F8BB08}" = Adobe Flash Media Live Encoder 3.2
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{08C8666B-C502-4AB3-B4CB-D74AC42D14FE}" = Nero BackItUp 10 Help (CHM)
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0EDBEB2B-7C8D-42E6-8312-0F84394A3223}" = Windows Media Center Add-in for Silverlight
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{11083C7A-D0D6-4DA4-8C3A-74B8389EC07B}" = ATI Catalyst Registration
"{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}" = DeviceDiscovery
"{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}" = HPProductAssistant
"{16987E99-C95C-4513-9239-7B44A0A71DB5}" = Nero SoundTrax 10 Help (CHM)
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{18D03DE2-D142-4A6C-B346-2FA7C8D76A57}" = BassStation
"{193EAFD0-1BAF-4FB4-B18F-79D5D6A4B285}" = Adobe After Effects CS3 Presets
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319
"{1BBD8D70-721A-41AD-AC8F-7308A0C8FA92}" = Adobe Creative Suite 5 Master Collection
"{1D58229F-C505-45CA-8223-F35F3A34B963}" = Adobe Version Cue CS3 Server {ko_KR}
"{1DE1B0F3-5897-4C66-BA18-F8A9E95FAE5C}" = ccc-core-static
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}" = Nero MediaHub 10
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{237CCB62-8454-43E3-B158-3ACD0134852E}" = High-Definition Video Playback 10
"{2436F2A8-4B7E-4B6C-AE4E-604C84AA6A4F}" = Nero Core Components 10
"{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}" = Adobe ExtendScript Toolkit 2
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 21
"{277C1559-4CF7-44FF-8D07-98AA9C13AABD}" = Nero Multimedia Suite 10
"{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{2A2820DB-CB78-4C24-9F48-49E67B0337E1}" = Phoscyon 1.8.0
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver
"{310BC5E2-31AF-49BB-904D-E71EB93645DC}" = AI Suite
"{31A559C1-9E4D-423B-9DD3-34A6C5398752}" = HTC BMP USB Driver
"{329411A0-19F3-4740-874F-17400B126F27}" = Nero Vision 10 Help (CHM)
"{33643918-7957-4839-92C7-EA96CB621A98}" = Nero Express 10 Help (CHM)
"{34490F4E-48D0-492E-8249-B48BECF0537C}" = Nero DiscSpeed 10
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3AC8457C-0385-4BEA-A959-E095F05D6D67}" = Battlefield: Bad Company™ 2
"{3CD5832D-13D9-4751-8B22-3A7D3F4ACA42}" = Quake Live Mozilla Plugin
"{3D73DC7A-2D1D-45CF-8A67-24873925C716}" = bpd_scan
"{3D843732-70CD-4DEF-A36F-AEFB87C80DC9}" = ProductContext
"{411E0CC3-587A-468C-B461-95FAFD05E4DE}" = Adobe InDesign CS3
"{45235788-142C-44BE-8A4D-DDE9A84492E5}" = AGEIA PhysX v7.09.13
"{485ACF57-F364-440A-8496-E1E81C8FA1AA}" = Adobe Premiere Pro CS3 Third Party Content
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AA5B8A5-BEEF-4AD8-B11D-4443A042EA4F}" = Adobe Dreamweaver CS3
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4D481F91-44BA-F0FE-CD07-8B3429A2A821}" = Catalyst Control Center Graphics Previews Common
"{50F102CA-4BE2-41A9-9810-5BB05EB91B9A}" = Adobe Premiere Pro CS3 Functional Content
"{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}" = Nero ControlCenter 10 Help (CHM)
"{5335DADB-34BA-4AE8-A519-648D78498846}" = Skype™ 5.3
"{543A0462-62A8-59CA-8EA7-B2173DA96DAC}" = CCC Help English
"{5461A74D-B169-4862-9F38-DB525CEA126B}" = Max Runtime 5.1.7
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{54B2EAD9-A110-43F7-B010-2859A1BD2AFE}" = Adobe Encore CS3
"{555868C6-49FB-484F-BB43-8980651A1B00}" = Nero BurnRights 10 Help (CHM)
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5809A31C-32FB-35CA-E1D2-0B898119E15F}" = Catalyst Control Center InstallProxy
"{58DCEEE5-532E-44F4-B1D7-A146EF9E9FDA}" = Adobe Premiere Pro CS3
"{5B025634-7D5B-4B8D-BE2A-7943C1CF2D5D}" = Status
"{634F79E1-2A41-4C40-9E8D-89EC740AC9D6}" = Logitech Harmony Remote Software
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{63AA3EAB-23BB-48B2-9AD0-44F878075604}" = Nero 10 Menu TemplatePack Basic
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{66049135-9659-4AAD-9169-9CCA269EBB3E}" = Nero InfoTool 10 Help (CHM)
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{68AB6930-5BFF-4FF6-923B-516A91984FE6}" = Nero BackItUp 10
"{69754D89-C21E-4851-83C0-399DE63C6579}" = 8500A909_Help
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A143FF0-BB9A-4A9C-A318-1688BA366BAE}" = Sorenson Squeeze 4.3
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6B708481-748A-4EB4-97C1-CD386244FF77}" = Adobe MotionPicture Color Files
"{6BBAA81D-6A7E-43AD-8889-2F002DCAAFDD}" = AHV content for Acrobat and Flash
"{6D6664A9-3342-4948-9B7E-034EFE366F0F}" = HTC Driver Installer
"{6DFB899F-17A2-48F0-A533-ED8D6866CF38}" = Nero Control Center 10
"{6E9EF98E-259E-416D-B5F8-0ABDB99942CE}" = Adobe Flash Player 10 ActiveX
"{6F868980-FF49-011B-2C95-409F199B9C19}" = Catalyst Control Center Graphics Previews Vista
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{70550193-1C22-445C-8FA4-564E155DB1A7}" = Nero Express 10
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{73B5D990-04EA-4751-B10F-5534770B91F2}" = Adobe Color EU Recommended Settings
"{74DC0593-6BC6-4001-AD5F-D810AFB68D86}" = HP Update
"{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}" = ICQ7.5
"{7A295D8F-484B-4FFB-89AB-C1FD497591FE}" = Nero WaveEditor 10 Help (CHM)
"{7A5D731D-B4B3-490E-B339-75685712BAAB}" = Nero Burning ROM 10
"{7ACFB90E-8FD0-4397-AD3A-5195412623A3}" = Adobe Help Viewer CS3
"{7E659C5C-4DF1-499B-B802-77BAE9ABE4D4}" = Razer Diamondback 3G
"{80C22308-DC4F-4F1E-BE7C-FB903B0AFCF8}" = The Bat! Professional v4.2.36.4
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83A606F5-BF6F-42ED-9F33-B9F74297CDED}" = Need for Speed(TM) Hot Pursuit
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{842C6AFC-7856-4fd9-99AF-8900554ACAA2}_is1" = V-Station 1.5.1
"{845A8DB9-8802-4FD3-9FE3-938A6C46A2EC}" = Adobe Video Profiles
"{853A4763-6643-4604-8D64-28BDD8925F4C}" = Apple Application Support
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ACC73AA-6511-7C55-B1A9-8E5D1DEAFAA3}" = The Lord of the Rings FREE Trial
"{8AEA6737-8AF3-47BB-95CE-AAB62BE68985}" = MPM
"{8B4AE751-7055-4518-87B0-E148A8D50D0A}" = Macromedia FreeHand MX
"{8C640345-AF96-4ABA-A697-97D2A0B8C6DB}" = Adobe Flash CS3
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E310838-457C-4269-B177-3EFB300CBDDC}" = Synology Data Replicator  3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{8ECEC853-5C3D-4B10-B5C7-FF11FF724807}" = Nero Recode 10
"{8EE94FD8-5F52-4463-A340-185D16328158}" = WebReg
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0407-1000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{918A9082-6287-4D25-9002-5E5D5E4971CB}" = League of Legends
"{9294F169-72EE-4D74-AE92-CA25F64B4FF8}" = Fax
"{92A51949-EE4C-466D-AAF0-99E74A49A63F}" = DocMgr
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92E25238-61A3-4ACD-A407-3C480EEF47A7}" = Nero RescueAgent 10 Help (CHM)
"{943CFD7D-5336-47AF-9418-E02473A5A517}" = Nero BurnRights 10
"{9782762F-639B-499B-A23D-5EBEAFC160E6}" = Microsoft Tool Web Package:diskpart.exe
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A4297F3-2A51-4ED9-92CA-4BCB8380947E}" = Nero Vision 10
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{9B6B24BE-80E7-46C4-9FA5-B167D5E0F345}" = Nero BurningROM 10 Help (CHM)
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9D318C86-AF4C-409F-A6AC-7183FF4CF424}" = Internet-TV für Windows Media Center
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A6B23EFA-6590-482C-A11F-5ACE1B91F5B9}" = Adobe Soundbooth CS3
"{A6F797DB-9D0C-4243-B15B-91CD21D7E980}" = 8500A909a
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A7A02E23-805C-4AAC-B408-D59A1D53AEA6}" = BPDSoftware
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}" = HPSSupply
"{AC4E477E-BBD4-4C68-8D6C-D10C3BB658F3}" = BPD_DSWizards
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-1033-F400-7760-000000000003}" = Adobe Acrobat 8 Professional - English, Français, Deutsch
"{AC76BA86-7AD7-1031-7B44-A94000000001}" = Adobe Reader 9.4.4 - Deutsch
"{AD0AA962-111E-41D5-A705-0E3D9178A661}" = BPDSoftware_Ini
"{AFF7E080-1974-45BF-9310-10DE1A1F5ED0}" = Adobe AIR
"{B01DD5B7-9862-43D7-BCA3-7882A17E4328}" = PhotoTools 1.0 Professional Edition
"{B318D3D1-3421-4E2A-9C63-5D8FC2457B9C}" = 8500A909_eDocs
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B3C02EC1-A7B0-4987-9A43-8789426AAA7D}" = Adobe Setup
"{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1" = Spybot - Search & Destroy 2
"{B671CBFD-4109-4D35-9252-3062D3CCB7B2}" = Adobe SING CS3
"{B73CFB12-C814-4638-AFFD-7E3AAFAF0B4E}" = Adobe BridgeTalk Plugin CS3
"{B8B7A4D8-80E1-4DAE-BD33-7FD535BA3931}" = Adobe Encore CS3 Codecs
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BAF2FA20-6886-483C-8CC6-3310A1A636E5}" = ElastikVst
"{BB3447F6-9553-4AA9-960E-0DB5310C5779}" = GPBaseService2
"{BC4F8E84-5E29-49EC-B4E7-E6F9CB50986C}" = Adobe Flash Player 9 ActiveX
"{BC5DD87B-0143-4D14-AAE6-97109614DC6B}" = SolutionCenter
"{BCEDD813-269C-4D8F-A4BA-01FDC66254D3}" = Adobe Flash Video Encoder
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{BE5F3842-8309-4754-92D5-83E02E6077A3}" = Adobe Extension Manager CS3
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{C18A0418-442A-4186-AF98-D08F5054A2FC}" = Nero DiscSpeed 10 Help (CHM)
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C3273C55-E1E4-41FF-8D69-0158090DB8D8}" = Nero CoverDesigner 10 Help (CHM)
"{C3580AC4-C827-4332-B935-9A282ED5BB97}" = Nero Dolby Files 10
"{C40C3C3D-97CF-44B5-836C-766E374464B3}" = 3DMark Vantage
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C5BD220A-EFE8-48A5-B70E-9503D535FACE}" = Adobe WAS CS3
"{C6BE4630-75B2-43FC-98A8-51CE130534B8}" = Sorenson Squeeze 4.3
"{C8D7A672-F697-4572-AC62-C856053A8DBC}" = Adobe Illustrator CS3
"{C9D456FD-C25B-49DE-AA71-6B76D6550B23}" = Adobe Fireworks CS3
"{CD31E63D-47FD-491C-8117-CF201D0AFAB5}" = TrayApp
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CFC9F871-7C40-40B6-BE4A-B98A5B309716}" = Adobe Flash Professional CS5
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D360FA88-17C8-4F14-B67F-13AAF9607B12}" = MarketResearch
"{D3C605D8-3A5E-4BAD-965D-2C61441BF2AC}" = Adobe Photoshop CS3
"{D3E72DA8-8467-4DAB-961F-A5B7989B09F0}" = Collage Maker
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D5A31AB1-345D-47C7-A87B-036A669F6DF1}" = Adobe XMP Panels CS3
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DA896917-C1DA-45B2-B4D2-68162F16C0DD}" = Adobe Creative Suite 3 Master Collection
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DB7C1D4A-08BA-4C7E-A8AA-B7F9BB372DCF}" = Nero Recode 10 Help (CHM)
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{DDA34038-89BD-4804-B0B8-DC48D5DFB463}" = Catalyst Control Center - Branding
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{DFFDDCF5-CB32-4354-8823-1B9E68025953}" = Adobe Setup
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E1EE5339-5D32-458F-BAAB-B19F6301BCE2}" = Nero SoundTrax 10
"{E337E787-CF61-4B7B-B84F-509202A54023}" = Nero RescueAgent 10
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{EA7B3CC4-366D-4CF6-8350-FD7A7034116E}" = Adobe InDesign CS3 Icon Handler
"{EB0202F7-016A-410C-ADE4-40F848CCC661}" = Adobe After Effects CS3
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}" = PL-2303 USB-to-Serial
"{EDCDFAD5-DF80-4600-A493-E9DAD6810230}" = Nero WaveEditor 10
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F2835483-37F2-4123-B4FE-0E77D58447F2}" = Far Cry 2
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F412B4AF-388C-4FF5-9B2F-33DB1C536953}" = Nero InfoTool 10
"{F467862A-D9CA-47ED-8D81-B4B3C9399272}" = Nero MediaHub 10 Help (CHM)
"{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}" = Nero 10 Movie ThemePack Basic
"{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}" = Nero StartSmart 10 Help (CHM)
"{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}" = Nero StartSmart 10
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FA0FF682-CC70-4C57-93CD-E276F3E7537E}" = BufferChm
"{FCF00A6E-FB58-477A-ABE9-232907105521}" = Nero CoverDesigner 10
"{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner
"{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}" = Adobe Color NA Extra Settings
"{FF3E2850-BD2E-4B56-A89D-21E588D518E0}" = Adobe Contribute CS3
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"2020 Musterbriefe" = 2020 Musterbriefe
"Adobe Acrobat 8 Professional - English, Français, Deutsch" = Adobe Acrobat 8.2.6 Professional
"Adobe Acrobat 8 Professional - English, Français, Deutsch_826" = Adobe Acrobat 8.2.6 - CPSID_83708
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Adobe_3e054d2218e7aa282c2369d939e58ff" = Adobe ExtendScript Toolkit 2
"Adobe_67a7fb1e97aa14ee9ef0950eb6fd757" = Adobe Creative Suite 3 Master Collection hinzufügen oder entfernen
"Akamai" = Akamai NetSession Interface
"Antares Autotune VST_is1" = Antares Autotune VST v5.09
"Arturia Arp2600 V v1.0" = Arturia Arp2600 V v1.0
"Arturia Prophet V VSTi RTAS_is1" = Arturia Prophet V VSTi RTAS v1.2.1
"AudioRealism" = AudioRealism Bass Line 2 (remove only)
"Automap Universal ReWire_is1" = Automap ReWire 1.0
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Biet-O-Matic v2.14.8" = Biet-O-Matic v2.14.8
"Brainworx BX DynEQ Bundle VST RTAS_is1" = Brainworx BX DynEQ Bundle VST RTAS v1.1
"Call of Duty Black Ops_is1" = Call of Duty Black Ops
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"Crysonic SINDO v1.0 VST" = Crysonic SINDO v1.0 VST
"Dash Synthesis daAlfa2k.v1.54" = Dash Synthesis daAlfa2k.v1.54
"DelinvFile_is1" = DelinvFile - 4.04
"discoDSP Discovery Pro VSTi_is1" = discoDSP Discovery Pro VSTi v1.0 Release 2
"EADM" = EA Download Manager
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EVEREST Corporate Edition_is1" = EVEREST Corporate Edition v5.30
"FileZilla Client" = FileZilla Client 3.3.5.1
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Plattform-Geräte-Manager
"JDownloader" = JDownloader
"Linplug Albino VSTi v2.01" = Linplug Albino VSTi v2.01
"Live 8.2.1" = Live 8.2.1
"Messenger Plus!" = Messenger Plus! 5
"MessengerDiscovery Live_is1" = MessengerDiscovery Live 1.5.0720
"mIRC" = mIRC
"Mozilla Firefox 4.0.1 (x86 de)" = Mozilla Firefox 4.0.1 (x86 de)
"Native Instruments Absynth 4" = Native Instruments Absynth 4
"Native Instruments FM8" = Native Instruments FM8
"Native Instruments Pro-53" = Native Instruments Pro-53
"Native Instruments Traktor DJ Studio v2..6.2.110" = Native Instruments Traktor DJ Studio v2..6.2.110
"nLite_is1" = nLite 1.4.9.1
"PDF-ShellTools_is1" = PDF-ShellTools 1.0.0.12 Trial
"Picasa 3" = Picasa 3
"Pro-sounds.Virus.Dream.Bank1" = Pro-sounds.Virus.Dream.Bank1
"PunkBusterSvc" = PunkBuster Services
"qiplus3_uninstall.exe" = Quite Imposing Plus 3 (Deutsch)
"Quake III Arena" = Quake III Arena
"Quake III Arena Point Release 1.32" = Quake III Arena Point Release 1.32
"Reason5_is1" = Reason 5.0
"reFX Vanguard_is1" = reFX Vanguard VSTi
"rgcAudio z3ta Plus v1.40" = rgcAudio z3ta Plus v1.40
"Rob Papen and LinPlug Albino Presets Addon" = Rob Papen and LinPlug Albino Presets Addon
"Security Task Manager" = Security Task Manager 1.8
"SL MkII Editor_is1" = SL MkII Editor
"SpeedFan" = SpeedFan (remove only)
"Synology Assistant" = Synology Assistant (remove only)
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Trilogy_is1" = Trilogy
"UltraISO_is1" = UltraISO Premium V9.35
"VLC media player" = VLC media player 1.1.7
"Wacom WebTabletPlugin for IE" = WebTablet IE Plugin
"Wacom WebTabletPlugin for Netscape" = WebTablet Netscape Plugin
"WaveLabPro" = WaveLab 6
"WBFS Manager 3.0" = WBFS Manager 3.0
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"WinLiveSuite" = Windows Live Essentials
"winscp3_is1" = WinSCP 4.2.9
"Yahoo! Messenger" = Yahoo! Messenger
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-1294757140-3442182510-2919184659-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"3571790099.d.seesmic.com" = Seesmic Desktop 2
"Google Chrome" = Google Chrome
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 11.05.2011 03:24:16 | Computer Name = BEAZMUSIX-PC | Source = Application Hang | ID = 1002
Description = Programm League of Legends.exe, Version 1.0.0.118 kann nicht mehr
unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf
 in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
 zu suchen.    Prozess-ID: 1818    Startzeit: 01cc0fac4d785647    Endzeit: 59    Anwendungspfad:
 C:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.0.44\deploy\League
 of Legends.exe    Berichts-ID: 
 
Error - 11.05.2011 03:50:50 | Computer Name = BEAZMUSIX-PC | Source = Application Hang | ID = 1002
Description = Programm League of Legends.exe, Version 1.0.0.118 kann nicht mehr
unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf
 in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
 zu suchen.    Prozess-ID: 1550    Startzeit: 01cc0faff2f54fa5    Endzeit: 56    Anwendungspfad:
 C:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.0.44\deploy\League
 of Legends.exe    Berichts-ID: 
 
Error - 11.05.2011 12:44:27 | Computer Name = BEAZMUSIX-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: NeroVision.exe, Version: 7.0.8.100,
 Zeitstempel: 0x4baad460  Name des fehlerhaften Moduls: NeSplitter.ax, Version: 7.0.16.5,
 Zeitstempel: 0x4ba0aec0  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00018631  ID des fehlerhaften
 Prozesses: 0x1188  Startzeit der fehlerhaften Anwendung: 0x01cc0ff3c207b615  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\Nero\Nero 10\Nero Vision\NeroVision.exe
Pfad
 des fehlerhaften Moduls: C:\Program Files (x86)\Nero\Nero 10\Nero Vision\SMC\NeSplitter.ax
Berichtskennung:
 ee9d31e4-7bed-11e0-9f8f-e0cb4e1f1846
 
Error - 11.05.2011 13:00:38 | Computer Name = BEAZMUSIX-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: NeroVision.exe, Version: 7.0.8.100,
 Zeitstempel: 0x4baad460  Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7600.16695,
 Zeitstempel: 0x4cc7ab86  Ausnahmecode: 0xc0000005  Fehleroffset: 0x000420a2  ID des fehlerhaften
 Prozesses: 0x1818  Startzeit der fehlerhaften Anwendung: 0x01cc0ffbc2eae159  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\Nero\Nero 10\Nero Vision\NeroVision.exe
Pfad
 des fehlerhaften Moduls: C:\Windows\SysWOW64\ntdll.dll  Berichtskennung: 31cbb30c-7bf0-11e0-9f8f-e0cb4e1f1846
 
Error - 11.05.2011 13:02:54 | Computer Name = BEAZMUSIX-PC | Source = Application Hang | ID = 1002
Description = Programm Explorer.EXE, Version 6.1.7600.16768 kann nicht mehr unter
 Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
 zu suchen.    Prozess-ID: ebc    Startzeit: 01cc0fa5c69b1ce9    Endzeit: 241    Anwendungspfad:
 C:\Windows\Explorer.EXE    Berichts-ID: 7d9b652a-7bf0-11e0-9f8f-e0cb4e1f1846 
 
Error - 11.05.2011 13:11:12 | Computer Name = BEAZMUSIX-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: NeroVision.exe, Version: 7.0.8.100,
 Zeitstempel: 0x4baad460  Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7600.16695,
 Zeitstempel: 0x4cc7ab86  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00061c1d  ID des fehlerhaften
 Prozesses: 0xdac  Startzeit der fehlerhaften Anwendung: 0x01cc0ffd66a6db83  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\Nero\Nero 10\Nero Vision\NeroVision.exe
Pfad
 des fehlerhaften Moduls: C:\Windows\SysWOW64\ntdll.dll  Berichtskennung: ab6fe9ee-7bf1-11e0-9f8f-e0cb4e1f1846
 
Error - 11.05.2011 21:01:50 | Computer Name = BEAZMUSIX-PC | Source = Windows Search Service | ID = 3007
Description =
 
Error - 13.05.2011 04:21:39 | Computer Name = BEAZMUSIX-PC | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts
 "System Writer".  Details: AddLegacyDriverFiles: Unable to back up image of binary
 VMware kbd.  System Error: Das System kann die angegebene Datei nicht finden.  .
 
Error - 13.05.2011 17:04:10 | Computer Name = BEAZMUSIX-PC | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts
 "System Writer".  Details: AddLegacyDriverFiles: Unable to back up image of binary
 VMware kbd.  System Error: Das System kann die angegebene Datei nicht finden.  .
 
Error - 16.05.2011 17:39:44 | Computer Name = BEAZMUSIX-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7600.16768,
 Zeitstempel: 0x4d688122  Name des fehlerhaften Moduls: wwanapi.dll, Version: 6.1.7600.16385,
 Zeitstempel: 0x4a5be0a8  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00000000000333eb
ID
 des fehlerhaften Prozesses: 0x7b0  Startzeit der fehlerhaften Anwendung: 0x01cc1411814988c3
Pfad
 der fehlerhaften Anwendung: C:\Windows\Explorer.EXE  Pfad des fehlerhaften Moduls:
 C:\Windows\system32\wwanapi.dll  Berichtskennung: 031003c5-8005-11e0-804b-e0cb4e1f1846
 
[ Spybot - Search & Destroy Events ]
Error - 11.05.2011 03:24:16 | Computer Name = BEAZMUSIX-PC | Source = Application Hang | ID = 1002
Description =
 
Error - 11.05.2011 03:50:50 | Computer Name = BEAZMUSIX-PC | Source = Application Hang | ID = 1002
Description =
 
Error - 11.05.2011 12:44:27 | Computer Name = BEAZMUSIX-PC | Source = Application Error | ID = 1000
Description =
 
Error - 11.05.2011 13:00:38 | Computer Name = BEAZMUSIX-PC | Source = Application Error | ID = 1000
Description =
 
Error - 11.05.2011 13:02:54 | Computer Name = BEAZMUSIX-PC | Source = Application Hang | ID = 1002
Description =
 
Error - 11.05.2011 13:11:12 | Computer Name = BEAZMUSIX-PC | Source = Application Error | ID = 1000
Description =
 
Error - 11.05.2011 21:01:50 | Computer Name = BEAZMUSIX-PC | Source = Windows Search Service | ID = 3007
Description =
 
Error - 13.05.2011 04:21:39 | Computer Name = BEAZMUSIX-PC | Source = Microsoft-Windows-CAPI2 | ID = 513
Description =
 
Error - 13.05.2011 17:04:10 | Computer Name = BEAZMUSIX-PC | Source = Microsoft-Windows-CAPI2 | ID = 513
Description =
 
Error - 16.05.2011 17:39:44 | Computer Name = BEAZMUSIX-PC | Source = Application Error | ID = 1000
Description =
 
[ System Events ]
Error - 16.05.2011 17:35:20 | Computer Name = BEAZMUSIX-PC | Source = DCOM | ID = 10005
Description =
 
Error - 16.05.2011 17:35:21 | Computer Name = BEAZMUSIX-PC | Source = DCOM | ID = 10005
Description =
 
Error - 16.05.2011 17:35:22 | Computer Name = BEAZMUSIX-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
 Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:  %%1068
 
Error - 16.05.2011 17:35:22 | Computer Name = BEAZMUSIX-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
 Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:  %%1068
 
Error - 16.05.2011 17:35:22 | Computer Name = BEAZMUSIX-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
 Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:  %%1068
 
Error - 16.05.2011 17:35:22 | Computer Name = BEAZMUSIX-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
 Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:  %%1068
 
Error - 16.05.2011 17:35:22 | Computer Name = BEAZMUSIX-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
 Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:  %%1068
 
Error - 16.05.2011 17:35:22 | Computer Name = BEAZMUSIX-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
 Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:  %%1068
 
Error - 16.05.2011 17:38:30 | Computer Name = BEAZMUSIX-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 VNC Server Version 4 erreicht.
 
Error - 16.05.2011 17:54:35 | Computer Name = BEAZMUSIX-PC | Source = Service Control Manager | ID = 7003
Description = Der Dienst "Net.Msmq-Listeneradapter" ist von folgendem Dienst abhängig:
 msmq. Dieser Dienst ist eventuell nicht installiert.
 
 
< End of report >

beazmusix 17.05.2011 07:31
otl.txt

Code:
OTL logfile created on: 17.05.2011 08:08:51 - Run 2
OTL by OldTimer - Version 3.2.22.3    Folder = C:\Users\BEAZMUSIX\Desktop
64bit- Ultimate Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 41,00% Memory free
8,00 Gb Paging File | 6,00 Gb Available in Paging File | 72,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 297,99 Gb Total Space | 133,52 Gb Free Space | 44,81% Space Free | Partition Type: NTFS
Drive D: | 931,51 Gb Total Space | 764,23 Gb Free Space | 82,04% Space Free | Partition Type: NTFS
Drive E: | 232,88 Gb Total Space | 84,71 Gb Free Space | 36,37% Space Free | Partition Type: NTFS
Drive F: | 100,00 Mb Total Space | 71,69 Mb Free Space | 71,69% Space Free | Partition Type: NTFS
Drive Y: | 1829,35 Gb Total Space | 1195,35 Gb Free Space | 65,34% Space Free | Partition Type: NTFS
Drive Z: | 1829,35 Gb Total Space | 1195,35 Gb Free Space | 65,34% Space Free | Partition Type: NTFS
 
Computer Name: BEAZMUSIX-PC | User Name: BEAZMUSIX | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\BEAZMUSIX\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Program Files (x86)\Novation\Automap\MidiAutomapClient.exe ()
PRC - C:\Program Files (x86)\Novation\Automap\AutomapServer.exe (Novation DMS Ltd.)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Synology Data Replicator  3\Backup.exe (Synology Inc.)
PRC - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe ()
PRC - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe ()
PRC - C:\Program Files (x86)\The Bat!\thebat.exe (Ritlabs S.R.L.)
PRC - C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG)
PRC - C:\Programme\Logitech\Logitech WebCam Software\LWS.exe ()
PRC - C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe ()
PRC - C:\Program Files (x86)\Razer\Diamondback 3G\razerhid.exe ()
PRC - C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe (Logitech Inc.)
PRC - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (Rocket Division Software)
PRC - C:\Program Files (x86)\Razer\Diamondback 3G\razerofa.exe (Razer Inc.)
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\BEAZMUSIX\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (LVPrcS64) -- C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
SRV:64bit: - (WinVNC4) -- C:\Program Files\RealVNC\VNC4\WinVNC4.exe (RealVNC Ltd.)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (Akamai) -- c:\program files (x86)\common files\akamai\netsession_win_3f211bc.dll ()
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (TabletServicePen) -- C:\Programme\Tablet\Pen\Pen_Tablet.exe (Wacom Technology, Corp.)
SRV - (TouchServicePen) -- C:\Programme\Tablet\Pen\Pen_TouchService.exe (Wacom Technology, Corp.)
SRV - (SynoDrService) -- C:\Program Files (x86)\Synology Data Replicator  3\SynoDrServicex64.exe ()
SRV - (AsSysCtrlService) -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe ()
SRV - (PassThru Service) -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe ()
SRV - (HPSLPSVC) -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL (Hewlett-Packard Co.)
SRV - (NAUpdate) -- C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (SandraAgentSrv) -- C:\Programme\SiSoftware\SiSoftware Sandra Profi Home 2010.SP3\RpcAgentSrv.exe (SiSoftware)
SRV - (WAS) -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll (Microsoft Corporation)
SRV - (W3SVC) -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll (Microsoft Corporation)
SRV - (AppHostSvc) -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (StarWindServiceAE) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (Rocket Division Software)
SRV - (Adobe Version Cue CS3) -- C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe (Adobe Systems Incorporated)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (NvnUsbAudio) -- C:\Windows\SysNative\drivers\nvnusbaudio.sys (Novation DMS Ltd.)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys ()
DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\drivers\ASACPI.sys ()
DRV:64bit: - (Ltn_stk7070P_64) -- C:\Windows\SysNative\drivers\Ltn_stk7070P_64.sys (LITEON)
DRV:64bit: - (Ltn_stkrc_64) -- C:\Windows\SysNative\drivers\Ltn_stkrc_64.sys (LITEON)
DRV:64bit: - (L1E) -- C:\Windows\SysNative\drivers\L1E62x64.sys (Atheros Communications, Inc.)
DRV:64bit: - (VIAHdAudAddService) -- C:\Windows\SysNative\drivers\viahduaa.sys (VIA Technologies, Inc.)
DRV:64bit: - (wacmoumonitor) -- C:\Windows\SysNative\drivers\wacmoumonitor.sys (Wacom Technology)
DRV:64bit: - (wacomvhid) -- C:\Windows\SysNative\drivers\wacomvhid.sys (Wacom Technology)
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (ATI Technologies, Inc.)
DRV:64bit: - (cpuz134) -- C:\Windows\SysNative\drivers\cpuz134_x64.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (htcnprot) -- C:\Windows\SysNative\drivers\htcnprot.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
DRV:64bit: - (HTCAND64) -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys (HTC, Corporation)
DRV:64bit: - (automap) -- C:\Windows\SysNative\drivers\automap.sys (Novation Digital Music Systems Limited)
DRV:64bit: - (LVUVC64) Logitech QuickCam Pro 5000(UVC) -- C:\Windows\SysNative\drivers\lvuvc64.sys (Logitech Inc.)
DRV:64bit: - (LVRS64) -- C:\Windows\SysNative\drivers\lvrs64.sys (Logitech Inc.)
DRV:64bit: - (lvpopf64) -- C:\Windows\SysNative\drivers\lvpopf64.sys (Logitech Inc.)
DRV:64bit: - (LVPr2Mon) -- C:\Windows\SysNative\drivers\LVPr2M64.sys ()
DRV:64bit: - (LVPr2M64) -- C:\Windows\SysNative\drivers\LVPr2M64.sys ()
DRV:64bit: - (MADFUOZONE) -- C:\Windows\SysNative\drivers\MAudioOzone_DFU.sys (M-Audio)
DRV:64bit: - (MAUSBOZONE) -- C:\Windows\SysNative\drivers\MAudioOzone.sys (Avid Technology, Inc.)
DRV:64bit: - (vncmirror) -- C:\Windows\SysNative\drivers\vncmirror.sys (RealVNC Ltd.)
DRV:64bit: - (Ser2pl) -- C:\Windows\SysNative\drivers\ser2pl64.sys (Prolific Technology Inc.)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (WSDPrintDevice) -- C:\Windows\SysNative\drivers\WSDPrint.sys (Microsoft Corporation)
DRV:64bit: - (StillCam) -- C:\Windows\SysNative\drivers\serscan.sys (Microsoft Corporation)
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions)
DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof ()
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (KMWDFILTER) -- C:\Windows\SysNative\drivers\KMWDFILTER.sys (Windows (R) Codename Longhorn DDK provider)
DRV:64bit: - (scramby_out) -- C:\Windows\SysNative\drivers\scramby_out.sys (RapidSolution Software AG)
DRV:64bit: - (wacommousefilter) -- C:\Windows\SysNative\drivers\wacommousefilter.sys (Wacom Technology)
DRV:64bit: - (scramby) -- C:\Windows\SysNative\drivers\scramby.sys (RapidSolution Software AG)
DRV:64bit: - (Razerlow) -- C:\Windows\SysNative\drivers\DB3G.sys (Razer (Asia-Pacific) Pte Ltd)
DRV - (SANDRA) -- C:\Programme\SiSoftware\SiSoftware Sandra Profi Home 2010.SP3\WNt500x64\sandra.sys (SiSoftware)
DRV - (ISODrive) -- C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys (EZB Systems, Inc.)
DRV - (speedfan) -- C:\Windows\SysWOW64\speedfan.sys (Windows (R) Server 2003 DDK provider)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-1294757140-3442182510-2919184659-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
IE - HKU\S-1-5-21-1294757140-3442182510-2919184659-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-1294757140-3442182510-2919184659-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\S-1-5-21-1294757140-3442182510-2919184659-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = D3 69 DC 6B C7 6A CB 01  [binary data]
IE - HKU\S-1-5-21-1294757140-3442182510-2919184659-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\S-1-5-21-1294757140-3442182510-2919184659-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKU\S-1-5-21-1294757140-3442182510-2919184659-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 127.0.0.1:4470
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "foxsearch"
FF - prefs.js..browser.search.order.1: "foxsearch"
FF - prefs.js..browser.search.selectedEngine: "foxsearch"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "google.de"
FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.8
FF - prefs.js..extensions.enabledItems: {01A8CA0A-4C96-465b-A49B-65C46FAD54F9}:6.0
FF - prefs.js..extensions.enabledItems: firebug@software.joehewitt.com:1.6.2
FF - prefs.js..extensions.enabledItems: {340c2bbc-ce74-4362-90b5-7c26312808ef}:1.7
FF - prefs.js..extensions.enabledItems: fb_add_on@avm.de:1.5.5
FF - prefs.js..extensions.enabledItems: webcamsvideochatplugin@wsmanagement.com:3.2.0.2
FF - prefs.js..keyword.URL: "hxxp://www.finduny.com?client=mozilla-firefox&cd=UTF-8&search=1&q="
FF - prefs.js..network.proxy.type: 0
 
FF - user.js..browser.search.selectedEngine: "foxsearch"
FF - user.js..browser.search.order.1: "foxsearch"
FF - user.js..browser.search.defaultenginename: "foxsearch"
FF - user.js..keyword.URL: "hxxp://www.finduny.com?client=mozilla-firefox&cd=UTF-8&search=1&q="
 
FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010.09.19 14:01:38 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}: C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2010.10.20 15:53:24 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.04.30 11:41:06 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.04.30 11:41:05 | 000,000,000 | ---D | M]
 
[2010.09.19 11:23:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\BEAZMUSIX\AppData\Roaming\mozilla\Extensions
[2011.05.11 17:37:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\BEAZMUSIX\AppData\Roaming\mozilla\Firefox\Profiles\lxnifgus.default\extensions
[2011.03.10 11:55:24 | 000,000,000 | ---D | M] (Firefox Sync) -- C:\Users\BEAZMUSIX\AppData\Roaming\mozilla\Firefox\Profiles\lxnifgus.default\extensions\{340c2bbc-ce74-4362-90b5-7c26312808ef}
[2011.03.12 15:29:52 | 000,000,000 | ---D | M] (Download Statusbar) -- C:\Users\BEAZMUSIX\AppData\Roaming\mozilla\Firefox\Profiles\lxnifgus.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
[2011.05.11 17:37:47 | 000,000,000 | ---D | M] ("FRITZ!Box AddOn") -- C:\Users\BEAZMUSIX\AppData\Roaming\mozilla\Firefox\Profiles\lxnifgus.default\extensions\fb_add_on@avm.de
[2011.04.18 10:26:54 | 000,000,000 | ---D | M] (WebcamsVideoChatPlugIn) -- C:\Users\BEAZMUSIX\AppData\Roaming\mozilla\Firefox\Profiles\lxnifgus.default\extensions\webcamsvideochatplugin@wsmanagement.com
[2011.04.30 11:41:06 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
File not found (No name found) --
[2010.10.20 15:53:24 | 000,000,000 | ---D | M] (Adobe Contribute Toolbar) -- C:\PROGRAM FILES (X86)\ADOBE\ADOBE CONTRIBUTE CS5\PLUGINS\FIREFOXPLUGIN\{01A8CA0A-4C96-465B-A49B-65C46FAD54F9}
() (No name found) -- C:\USERS\BEAZMUSIX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LXNIFGUS.DEFAULT\EXTENSIONS\FIREBUG@SOFTWARE.JOEHEWITT.COM.XPI
[2011.04.14 18:40:03 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2010.01.01 10:00:00 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.01.01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2010.01.01 10:00:00 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2010.01.01 10:00:00 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.01.01 10:00:00 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.01.01 10:00:00 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2010.09.19 14:41:57 | 000,000,854 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 activate.adobe.com
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -  File not found
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
O3 - HKLM\..\Toolbar: (no name) - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} - No CLSID value found.
O3 - HKU\S-1-5-21-1294757140-3442182510-2919184659-1001\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [Diamondback] C:\Program Files (x86)\Razer\Diamondback 3G\razerhid.exe ()
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1294757140-3442182510-2919184659-1001..\Run: [AlcoholAutomount] C:\Program Files (x86)\Alcohol Soft\Alcohol 120\axcmd.exe (Alcohol Soft Development Team)
O4 - HKU\S-1-5-21-1294757140-3442182510-2919184659-1001..\Run: [Data Replicator 3] C:\Program Files (x86)\Synology Data Replicator  3\Backup.exe (Synology Inc.)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin]  File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin]  File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKU\S-1-5-21-1294757140-3442182510-2919184659-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1294757140-3442182510-2919184659-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKU\S-1-5-21-1294757140-3442182510-2919184659-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKU\S-1-5-21-1294757140-3442182510-2919184659-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8:64bit: - Extra context menu item: add to &BOM - C:\\PROGRA~2\\BIET-O~1\\\\AddToBOM.hta ()
O8:64bit: - Extra context menu item: An vorhandenes PDF anfügen - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Ausgewählte Verknüpfungen in Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Ausgewählte Verknüpfungen in vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Auswahl in Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Auswahl in vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Verknüpfungsziel in Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: add to &BOM - C:\\PROGRA~2\\BIET-O~1\\\\AddToBOM.hta ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: An vorhandenes PDF anfügen - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Ausgewählte Verknüpfungen in Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Ausgewählte Verknüpfungen in vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Auswahl in Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Auswahl in vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Verknüpfungsziel in Adobe PDF konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {B015B944-7316-49AE-AC84-ACCA9379EA32} hxxp://192.168.1.110/IPCamPluginMJPEG.cab (IPCamPlugIn Control)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} -  File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.12.03 14:08:04 | 000,000,685 | ---- | M] () - E:\automap-License-2010-12-03.fnlf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
 
MsConfig:64bit - StartUpReg: Acrobat Assistant 8.0 - hkey= - key= - C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
MsConfig:64bit - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig:64bit - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
MsConfig:64bit - StartUpReg: AdobeAAMUpdater-1.0 - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
MsConfig:64bit - StartUpReg: AdobeCS5ServiceManager - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
MsConfig:64bit - StartUpReg: Adobe_ID0EYTHM - hkey= - key= - C:\PROGRA~2\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE (Adobe Systems Incorporated)
MsConfig:64bit - StartUpReg: AVMFBoxMonitor - hkey= - key= -  File not found
MsConfig:64bit - StartUpReg: Bing Bar - hkey= - key= -  File not found
MsConfig:64bit - StartUpReg: Cpu Level Up help - hkey= - key= - C:\Program Files (x86)\ASUS\AI Suite\CpuLevelUpHelp.exe ()
MsConfig:64bit - StartUpReg: Google Update - hkey= - key= - C:\Users\BEAZMUSIX\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
MsConfig:64bit - StartUpReg: GrooveMonitor - hkey= - key= - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
MsConfig:64bit - StartUpReg: HDAudDeck - hkey= - key= - C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
MsConfig:64bit - StartUpReg: HP Software Update - hkey= - key= - C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe (Hewlett-Packard)
MsConfig:64bit - StartUpReg: ICQ - hkey= - key= -  File not found
MsConfig:64bit - StartUpReg: M-Audio Taskbar Icon - hkey= - key= - C:\Windows\SysNative\M-AudioTaskBarIcon.exe (Avid Technology, Inc.)
MsConfig:64bit - StartUpReg: NBAgent - hkey= - key= - C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe (Nero AG)
MsConfig:64bit - StartUpReg: QFan Help - hkey= - key= - C:\Program Files (x86)\ASUS\AI Suite\QFan3\QFanHelp.exe ()
MsConfig:64bit - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
MsConfig:64bit - StartUpReg: SwitchBoard - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
MsConfig:64bit - StartUpReg: Windows SecurityAgent - hkey= - key= -  File not found
MsConfig:64bit - State: "startup" - Reg Error: Key error.
MsConfig:64bit - State: "bootini" - Reg Error: Key error.
MsConfig:64bit - State: "services" - Reg Error: Key error.
 
SafeBootMin:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PEVSystemStart - Service
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: procexp90.Sys - Driver
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PEVSystemStart - Service
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: procexp90.Sys - Driver
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PEVSystemStart - Service
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: procexp90.Sys - Driver
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: vmms - Service
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PEVSystemStart - Service
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: procexp90.Sys - Driver
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {AEC40118-CADC-D991-F168-4C3D8214FE4F} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Macromedia Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - Reg Error: Value error.
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: vidc.i420 - lvcod64.dll (Logitech Inc.)
Drivers32:64bit: VIDC.XFR1 - xfcodec64.dll ()
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.i420 - C:\Windows\SysWow64\lvcodec2.dll (Logitech Inc.)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.05.17 08:07:21 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\BEAZMUSIX\Desktop\OTL.exe
[2011.05.17 07:50:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2011.05.16 23:52:50 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\BestPractices
[2011.05.16 23:52:41 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\BestPractices
[2011.05.16 23:52:40 | 000,000,000 | ---D | C] -- C:\inetpub
[2011.05.16 23:12:25 | 000,000,000 | ---D | C] -- C:\Riot Games
[2011.05.16 23:12:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games
[2011.05.16 22:20:06 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{0CB36CA0-4650-4543-B629-8596BBA05BF1}
[2011.05.16 19:27:14 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\Desktop\LeagueOfLegends
[2011.05.16 18:19:10 | 000,404,640 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2011.05.16 18:01:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alcohol 120%
[2011.05.16 18:00:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Alcohol Soft
[2011.05.16 17:59:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Franzis
[2011.05.16 17:25:18 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\Desktop\backup_tanja
[2011.05.16 10:19:30 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{C223B861-18DF-4D7A-AAE0-21374D4D8758}
[2011.05.15 22:19:08 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{C838CF81-B701-469C-BFEB-9E7719B5E9A8}
[2011.05.15 11:32:38 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\Desktop\05 - Bravo Black Hits Vol.24
[2011.05.15 10:18:57 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{A56B7FDC-6657-4683-A8CE-36E9557F3694}
[2011.05.15 10:09:42 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\Desktop\US_TOP40_Single_Charts_14_05_2011-MCG
[2011.05.14 22:18:35 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{EDE30EAD-6F5A-4B9F-BD4A-52AFDF62CA40}
[2011.05.14 18:44:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2011.05.14 10:18:13 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{A597DFFD-8751-4580-AAAB-2EC395AD64FB}
[2011.05.13 22:17:38 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{EFD0933E-8ED0-4BE8-9C02-1667D5551753}
[2011.05.13 10:17:14 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{B84DC6B8-67B4-4852-A2AD-AB9193C7E104}
[2011.05.13 10:17:05 | 000,472,368 | ---- | C] (AVM Berlin) -- C:\Windows\install.dex
[2011.05.12 22:16:52 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{E573E63F-09EA-455A-A20D-79DD688659CB}
[2011.05.12 13:00:21 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Roaming\Canneverbe Limited
[2011.05.12 13:00:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Canneverbe Limited
[2011.05.12 11:19:50 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\Documents\Xilisoft DVD Creator 6
[2011.05.12 10:19:59 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\Xilisoft
[2011.05.12 10:18:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Xilisoft
[2011.05.12 10:16:30 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{D5264A9D-ECC6-4FE9-ABC3-4832B8C55212}
[2011.05.12 10:15:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICQ7.5
[2011.05.12 10:14:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ICQ7.5
[2011.05.11 22:15:55 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{62375FE8-D884-46BB-8FB6-213E9F0A2C66}
[2011.05.11 17:08:50 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\Documents\football1
[2011.05.11 17:08:22 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Roaming\ResourceCentral.E6E1B28A311BC518DB6C6883EA3757FDE0E90ADC.1
[2011.05.11 10:15:33 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{45CB7FBC-5647-463B-AF35-B201B9324E88}
[2011.05.11 08:46:00 | 005,509,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2011.05.11 08:45:58 | 003,957,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2011.05.11 08:45:57 | 003,901,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2011.05.11 08:45:50 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbport.sys
[2011.05.11 08:45:49 | 000,007,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usbd.sys
[2011.05.10 22:14:57 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{D991EEE2-27EA-4722-B443-273C1EB1D09A}
[2011.05.10 10:14:35 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{EC50BD16-1C10-49DE-8ABE-4CE8DF7CB1DE}
[2011.05.09 22:14:12 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{FF75994D-90D1-4EC7-AE20-33FFF0DDD226}
[2011.05.09 10:13:50 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{780E09BD-DA6B-413E-AA9E-8A3E42CA8D70}
[2011.05.08 22:13:28 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{68FE5C3A-5B0F-4DB5-8B18-ED6CB1376557}
[2011.05.08 10:13:06 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{5013E77F-4A2F-458A-9076-D7629C68D17A}
[2011.05.07 22:12:31 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{375FA578-BD19-4F90-A849-62E8F9DA0FC4}
[2011.05.07 10:12:09 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{3CED6E3B-5474-4763-A7C2-40B4A9851E77}
[2011.05.06 22:11:47 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{6D03D63C-F0FC-4725-A284-7B274F36FF85}
[2011.05.06 16:27:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
[2011.05.06 10:11:25 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{AF94CDD5-ED68-4D32-89F5-E5AEEBA00AD7}
[2011.05.05 22:11:02 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{4DCCD072-81D2-4397-B5E9-994921EA8758}
[2011.05.05 10:10:40 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{37E7B5CF-F365-4872-A6EE-DF590FF63C09}
[2011.05.04 22:10:03 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{B0049B62-E77A-4156-9FFA-B7E9D4C6A079}
[2011.05.04 10:09:52 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{C1A59263-A388-42AC-8419-AF36C807A622}
[2011.05.03 19:24:30 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{C4FFAE00-E995-4F05-91EA-967399105FB5}
[2011.05.03 18:08:48 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Roaming\mediAvatar
[2011.05.03 18:08:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\mediAvatar
[2011.05.03 17:57:37 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Roaming\Xilisoft
[2011.05.03 17:57:20 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Roaming\GetRightToGo
[2011.05.03 07:24:08 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{863CD3F5-D806-4564-ABC6-11F18A1FF92D}
[2011.05.02 19:23:47 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{26E4FC99-4234-4E4E-B7CB-0FD5B4D19EF4}
[2011.05.02 07:23:25 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{1D626F77-8EB7-48D1-B4F6-A4A9FC5EF37E}
[2011.05.01 19:23:03 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{B6D2679B-B482-409E-BD90-D812AB467136}
[2011.05.01 07:22:41 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{26AE4BC8-B3F6-4598-905F-4E126E985720}
[2011.04.30 20:56:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011.04.30 20:55:30 | 000,000,000 | ---D | C] -- C:\Programme\iPod
[2011.04.30 20:55:29 | 000,000,000 | ---D | C] -- C:\Programme\iTunes
[2011.04.30 20:55:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2011.04.30 20:53:33 | 000,000,000 | ---D | C] -- C:\Programme\Bonjour
[2011.04.30 19:22:30 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{78462F6F-C2E0-4571-B244-EBBE1BE22348}
[2011.04.30 07:22:08 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{CB703196-F34E-4D13-9AF0-8731DF06925A}
[2011.04.29 08:22:38 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{556A643E-DF9C-42F2-AB0A-3F2764E58298}
[2011.04.28 20:22:16 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{905DA88E-9B5D-4F18-8C9A-4D78D9E6A07C}
[2011.04.28 08:21:54 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{593AC823-3C08-4BD3-B079-7CB6C036A1DA}
[2011.04.27 21:34:50 | 002,870,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2011.04.27 21:34:49 | 002,614,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2011.04.27 21:34:45 | 000,662,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsPrint.dll
[2011.04.27 21:34:45 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsPrint.dll
[2011.04.27 21:34:25 | 002,566,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\esent.dll
[2011.04.27 21:34:25 | 001,686,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\esent.dll
[2011.04.27 21:34:25 | 000,107,904 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdsata.sys
[2011.04.27 21:34:24 | 000,187,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys
[2011.04.27 21:34:24 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\fsutil.exe
[2011.04.27 21:34:24 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\fsutil.exe
[2011.04.27 21:34:24 | 000,027,008 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdxata.sys
[2011.04.27 21:34:14 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\prevhost.exe
[2011.04.27 21:34:14 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\prevhost.exe
[2011.04.27 20:21:19 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{EB7F1D81-6802-44B7-8004-68B1CDAB1056}
[2011.04.27 19:47:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mp3Merge
[2011.04.27 08:20:57 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{4BE2BAE0-0B84-43E9-9553-D969DE3D8F27}
[2011.04.26 20:20:35 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{08337B58-CF15-490D-AF88-7C670F1BA296}
[2011.04.26 08:20:12 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{3C647CDA-B2DE-4F87-9736-05727C69C3D1}
[2011.04.25 20:19:50 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{5E482E35-C22B-450F-B4B9-B38A922D9176}
[2011.04.25 08:19:28 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{AC83F541-085F-4BD4-95AD-52D1F173A671}
[2011.04.24 20:19:06 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{F23D7FE4-E1DA-4F67-AB75-7DF0009116C9}
[2011.04.24 08:18:44 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{49703AEB-01CF-41AE-A551-D2DAF4DCBE50}
[2011.04.23 20:18:23 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{67918346-28D6-4CA8-909E-89619D646F71}
[2011.04.23 08:18:12 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{5FCE2615-587E-49ED-9D63-81579EC3900C}
[2011.04.21 20:57:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\nLite
[2011.04.21 20:57:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\nLite
[2011.04.21 19:36:10 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{90B6BA6C-21FD-4D8D-ADC9-8D31395EF013}
[2011.04.20 23:01:12 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{0013A474-5266-484E-8216-7DCD88D45D68}
[2011.04.20 11:00:50 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{31111E06-2DA0-493E-9FE8-8EFB0E0B3620}
[2011.04.19 23:00:28 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{1209C721-8C1D-4200-969B-E9BDB8898C37}
[2011.04.19 11:00:05 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{CF792FE1-97AF-497D-B672-ECDCD0782F5C}
[2011.04.18 22:59:43 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{0037529B-0FF4-493F-AC1F-B2B00A97462D}
[2011.04.18 10:59:21 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{74581150-9D3E-480E-B0E9-D71D94EC7909}
[2011.04.17 22:58:58 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{D2D3AF3D-A4E6-4471-869B-2A6CFA36D840}
[2011.04.17 10:58:23 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\AppData\Local\{E79A9758-9CC6-4666-8900-C157305A1D16}
[2011.04.17 09:02:52 | 000,000,000 | ---D | C] -- C:\Users\BEAZMUSIX\Desktop\mukke
[4 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[4 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2011.05.17 08:07:23 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\BEAZMUSIX\Desktop\OTL.exe
[2011.05.17 07:37:00 | 000,001,136 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1294757140-3442182510-2919184659-1001UA.job
[2011.05.16 23:58:55 | 000,016,944 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.05.16 23:58:55 | 000,016,944 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.05.16 23:54:16 | 001,830,514 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.05.16 23:54:16 | 000,789,736 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011.05.16 23:54:16 | 000,729,950 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.05.16 23:54:16 | 000,182,046 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011.05.16 23:54:16 | 000,148,600 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.05.16 23:54:06 | 001,734,800 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.05.16 23:37:42 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.05.16 23:37:41 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\drivers\lvuvc.hs
[2011.05.16 23:37:33 | 3220,480,000 | -HS- | M] () -- C:\hiberfil.sys
[2011.05.16 23:18:01 | 000,001,728 | ---- | M] () -- C:\Users\Public\Desktop\League of Legends spielen .lnk
[2011.05.16 21:04:53 | 000,000,850 | RHS- | M] () -- C:\Users\BEAZMUSIX\ntuser.pol
[2011.05.16 18:19:10 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2011.05.16 17:45:06 | 000,028,501 | ---- | M] () -- C:\Users\BEAZMUSIX\AppData\Roaming\UserTile.png
[2011.05.16 16:42:53 | 000,002,322 | ---- | M] () -- C:\Users\BEAZMUSIX\Desktop\video_marlixxx.lnk
[2011.05.16 13:29:58 | 000,001,456 | ---- | M] () -- C:\Users\BEAZMUSIX\AppData\Local\Adobe Für Web speichern 12.0 Prefs
[2011.05.16 12:37:00 | 000,001,084 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1294757140-3442182510-2919184659-1001Core.job
[2011.05.16 12:17:10 | 000,000,600 | ---- | M] () -- C:\Users\BEAZMUSIX\AppData\Roaming\winscp.rnd
[2011.05.15 19:27:09 | 000,073,728 | ---- | M] () -- C:\Users\BEAZMUSIX\AppData\Roaming\chrtmp
[2011.05.14 08:31:34 | 005,758,920 | ---- | M] () -- C:\Users\BEAZMUSIX\Desktop\VID_20110513_232947.m4v
[2011.05.11 19:11:04 | 000,000,069 | ---- | M] () -- C:\Windows\NeroDigital.ini
[2011.05.11 17:41:01 | 014,072,789 | ---- | M] () -- C:\Users\BEAZMUSIX\Documents\football1.ncor
[2011.05.10 15:09:22 | 000,000,132 | ---- | M] () -- C:\Users\BEAZMUSIX\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2011.05.09 09:00:12 | 000,027,648 | ---- | M] () -- C:\Users\BEAZMUSIX\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.05.04 21:09:37 | 004,153,134 | ---- | M] () -- C:\Users\BEAZMUSIX\Desktop\Version_1.psd
[2011.05.04 21:09:34 | 002,824,321 | ---- | M] () -- C:\Users\BEAZMUSIX\Desktop\flub.psd
[2011.05.01 14:06:36 | 000,001,189 | ---- | M] () -- C:\Users\BEAZMUSIX\Desktop\diamonds_dolls.lnk
[2011.04.30 11:39:10 | 000,000,600 | ---- | M] () -- C:\Users\BEAZMUSIX\AppData\Local\PUTTY.RND
[2011.04.28 03:22:53 | 005,279,736 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011.04.26 17:05:32 | 000,001,154 | ---- | M] () -- C:\Users\BEAZMUSIX\Desktop\jungtiere.lnk
[4 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[4 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2011.05.16 23:18:01 | 000,001,728 | ---- | C] () -- C:\Users\Public\Desktop\League of Legends spielen .lnk
[2011.05.16 18:01:47 | 000,073,728 | ---- | C] () -- C:\Users\BEAZMUSIX\AppData\Roaming\chrtmp
[2011.05.16 17:45:06 | 000,028,501 | ---- | C] () -- C:\Users\BEAZMUSIX\AppData\Roaming\UserTile.png
[2011.05.14 08:31:34 | 005,758,920 | ---- | C] () -- C:\Users\BEAZMUSIX\Desktop\VID_20110513_232947.m4v
[2011.05.11 17:08:49 | 014,072,789 | ---- | C] () -- C:\Users\BEAZMUSIX\Documents\football1.ncor
[2011.05.04 19:56:32 | 002,824,321 | ---- | C] () -- C:\Users\BEAZMUSIX\Desktop\flub.psd
[2011.05.04 19:47:58 | 004,153,134 | ---- | C] () -- C:\Users\BEAZMUSIX\Desktop\Version_1.psd
[2011.05.01 14:06:36 | 000,001,189 | ---- | C] () -- C:\Users\BEAZMUSIX\Desktop\diamonds_dolls.lnk
[2011.04.30 11:41:08 | 000,001,160 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2011.04.26 17:05:32 | 000,001,154 | ---- | C] () -- C:\Users\BEAZMUSIX\Desktop\jungtiere.lnk
[2011.04.09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011.02.11 09:24:30 | 000,000,306 | ---- | C] () -- C:\Windows\gttb64.ini
[2011.01.16 17:55:19 | 001,734,800 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.01.08 10:42:55 | 000,000,000 | -H-- | C] () -- C:\Users\BEAZMUSIX\AppData\Roaming\.536854402C7AD373.sys
[2010.11.22 18:36:17 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2010.11.17 23:58:08 | 000,149,216 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2010.11.17 20:24:59 | 000,000,524 | ---- | C] () -- C:\Windows\QIII.INI
[2010.11.08 20:27:34 | 000,015,873 | ---- | C] () -- C:\Windows\SysWow64\Inetde.dll
[2010.11.03 08:50:16 | 013,942,784 | ---- | C] () -- C:\ProgramData\sandra.mda
[2010.10.31 09:32:51 | 000,000,101 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2010.10.22 10:20:51 | 000,000,116 | ---- | C] () -- C:\Windows\TrusV2.dll
[2010.10.13 10:21:15 | 000,000,132 | ---- | C] () -- C:\Users\BEAZMUSIX\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2010.10.10 00:51:16 | 000,000,000 | -H-- | C] () -- C:\Users\BEAZMUSIX\AppData\Roaming\.5368544057A0E5FA.sys
[2010.10.09 12:46:46 | 000,002,892 | ---- | C] () -- C:\Windows\SysWow64\audcon.sys
[2010.10.09 12:45:56 | 000,000,051 | ---- | C] () -- C:\Windows\SysWow64\SYNSOPOS.exe.cfg
[2010.10.05 09:07:36 | 000,163,840 | ---- | C] () -- C:\Windows\SysWow64\ArtFfct.dll
[2010.10.05 08:59:26 | 000,319,487 | ---- | C] () -- C:\Windows\LOOP.exe
[2010.09.28 13:37:14 | 002,463,976 | ---- | C] () -- C:\Windows\SysWow64\NPSWF32.dll
[2010.09.24 15:49:04 | 000,000,600 | ---- | C] () -- C:\Users\BEAZMUSIX\AppData\Roaming\winscp.rnd
[2010.09.24 14:43:31 | 000,000,600 | ---- | C] () -- C:\Users\BEAZMUSIX\AppData\Local\PUTTY.RND
[2010.09.22 19:43:04 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2010.09.22 14:17:16 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe
[2010.09.20 09:48:34 | 000,001,456 | ---- | C] () -- C:\Users\BEAZMUSIX\AppData\Local\Adobe Für Web speichern 12.0 Prefs
[2010.09.20 07:57:51 | 000,266,400 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2010.09.20 07:57:49 | 002,373,712 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2010.09.20 07:57:49 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2010.09.19 19:34:31 | 000,027,648 | ---- | C] () -- C:\Users\BEAZMUSIX\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.09.19 18:23:50 | 000,007,602 | ---- | C] () -- C:\Users\BEAZMUSIX\AppData\Local\Resmon.ResmonCfg
[2010.09.19 16:14:59 | 000,000,021 | ---- | C] () -- C:\Windows\SurCode.INI
[2010.09.19 13:57:44 | 000,266,578 | ---- | C] () -- C:\Windows\hpwins22.dat
[2010.09.19 13:57:44 | 000,002,850 | ---- | C] () -- C:\Windows\hpwmdl22.dat
[2010.09.19 10:42:48 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010.09.19 10:37:03 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\AsIO.dll
[2010.09.19 10:37:03 | 000,013,440 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2010.09.19 10:30:49 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2010.06.16 00:28:58 | 000,002,857 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2009.07.14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2007.07.23 09:03:32 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll
[2007.07.23 09:03:32 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll
[2007.07.23 09:03:32 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll
[2007.07.23 09:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll
[2007.07.23 09:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll
[2007.07.23 09:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll
[2007.07.23 09:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll
[2007.07.23 09:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll
[2007.07.23 09:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll
[2002.10.03 15:42:27 | 000,000,034 | ---- | C] () -- C:\Windows\Q3version.ini
 
========== LOP Check ==========
 
[2011.01.04 19:09:42 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\Ableton
[2010.10.05 09:02:53 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\Antares
[2010.09.25 15:19:09 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\Bioshock2
[2011.03.01 00:08:49 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\BOM
[2011.05.12 13:00:21 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\Canneverbe Limited
[2010.10.27 13:45:52 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010.12.03 14:02:34 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\Cycling '74
[2010.09.19 14:39:31 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\DAEMON Tools Lite
[2010.10.20 14:24:52 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\DelinvFile
[2010.10.16 08:47:09 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\Dropbox
[2011.05.17 08:02:45 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\FileZilla
[2011.01.24 14:35:21 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\FRITZ!
[2011.01.08 10:59:26 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\FXpansion
[2011.05.03 17:57:38 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\GetRightToGo
[2010.11.10 12:27:59 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\Gutscheinmieze
[2011.05.16 23:38:41 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\ICQ
[2010.09.19 11:25:52 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\Leadertech
[2011.02.17 19:29:54 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\LolClient
[2011.05.03 18:08:48 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\mediAvatar
[2010.10.22 12:02:15 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\Nik Software
[2011.03.22 08:20:46 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\onOne Software
[2010.12.03 19:54:19 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\PACE Anti-Piracy
[2010.10.09 15:09:32 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\Propellerhead Software
[2011.02.06 14:16:34 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\Quite
[2011.05.11 17:08:22 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\ResourceCentral.E6E1B28A311BC518DB6C6883EA3757FDE0E90ADC.1
[2010.09.19 12:42:38 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\SorensonMedia
[2010.10.14 18:35:43 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2010.12.09 00:28:56 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\TeamViewer
[2011.05.17 07:26:38 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\The Bat!
[2010.09.24 23:37:01 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\Transcend
[2011.03.30 10:29:35 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\Trellian
[2011.05.17 08:02:45 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\TS3Client
[2010.12.26 23:03:52 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\TuneUp Software
[2010.10.19 21:09:11 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\WTouch
[2011.05.12 10:19:58 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\Xilisoft
[2010.12.15 11:50:12 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2011.01.04 19:09:42 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\Ableton
[2011.01.17 19:31:37 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\Adobe
[2010.10.14 18:47:46 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\Adobe Mini Bridge CS5
[2010.10.05 09:02:53 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\Antares
[2011.04.15 14:40:23 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\Apple Computer
[2010.09.19 10:39:58 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\ATI
[2010.10.01 14:29:04 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\atitray
[2010.09.20 08:31:38 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\Avira
[2010.09.25 15:19:09 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\Bioshock2
[2011.03.01 00:08:49 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\BOM
[2011.05.12 13:00:21 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\Canneverbe Limited
[2010.10.27 13:45:52 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010.12.03 14:02:34 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\Cycling '74
[2010.09.19 14:39:31 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\DAEMON Tools Lite
[2010.10.20 14:24:52 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\DelinvFile
[2010.10.16 08:47:09 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\Dropbox
[2011.05.17 08:02:45 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\FileZilla
[2011.01.24 14:35:21 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\FRITZ!
[2011.01.08 10:59:26 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\FXpansion
[2011.05.03 17:57:38 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\GetRightToGo
[2010.11.10 12:27:59 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\Gutscheinmieze
[2010.09.22 09:32:04 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\HP
[2010.10.31 09:06:12 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\HpUpdate
[2011.05.16 23:38:41 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\ICQ
[2010.09.19 16:21:35 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\Identities
[2010.09.19 10:34:10 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\InstallShield
[2010.09.19 11:25:52 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\Leadertech
[2010.10.04 14:52:18 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\Logitech
[2011.02.17 19:29:54 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\LolClient
[2010.09.20 08:46:06 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\Macromedia
[2010.11.16 14:39:17 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\Malwarebytes
[2009.07.14 20:18:19 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\Media Center Programs
[2011.05.03 18:08:48 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\mediAvatar
[2011.05.16 17:31:39 | 000,000,000 | --SD | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\Microsoft
[2011.05.03 16:24:44 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\mIRC
[2010.09.19 11:23:52 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\Mozilla
[2010.09.19 18:05:02 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\Nero
[2010.10.22 12:02:15 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\Nik Software
[2011.03.22 08:20:46 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\onOne Software
[2010.12.03 19:54:19 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\PACE Anti-Piracy
[2010.10.09 15:09:32 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\Propellerhead Software
[2011.02.06 14:16:34 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\Quite
[2011.05.11 17:08:22 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\ResourceCentral.E6E1B28A311BC518DB6C6883EA3757FDE0E90ADC.1
[2010.09.22 14:35:15 | 000,000,000 | RH-D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\SecuROM
[2011.05.17 08:08:57 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\Skype
[2010.12.22 19:19:31 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\skypePM
[2010.09.19 12:42:38 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\SorensonMedia
[2010.10.14 18:35:43 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2010.12.09 00:28:56 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\TeamViewer
[2011.05.17 07:26:38 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\The Bat!
[2010.09.24 23:37:01 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\Transcend
[2011.03.30 10:29:35 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\Trellian
[2011.05.17 08:02:45 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\TS3Client
[2010.12.26 23:03:52 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\TuneUp Software
[2011.05.10 19:36:48 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\vlc
[2011.05.13 10:18:49 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\VMware
[2010.09.19 16:47:18 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\WinRAR
[2010.10.19 21:24:43 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\WTablet
[2010.10.19 21:09:11 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\WTouch
[2011.05.12 10:19:58 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\Xilisoft
[2010.09.19 15:32:27 | 000,000,000 | ---D | M] -- C:\Users\BEAZMUSIX\AppData\Roaming\Yahoo!
 
< %APPDATA%\*.exe /s >
[2010.06.10 15:19:22 | 000,825,856 | ---- | M] (Synatix GmbH) -- C:\Users\BEAZMUSIX\AppData\Roaming\Gutscheinmieze\uninstall.exe
[2011.05.16 23:51:51 | 000,053,632 | ---- | M] (Adobe Systems Inc.) -- C:\Users\BEAZMUSIX\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2011.05.03 18:35:08 | 034,698,487 | ---- | M] () -- C:\Users\BEAZMUSIX\AppData\Roaming\mediAvatar\iPad Software Suite\mvc-ipad-software-suite.exe
[2010.09.19 14:55:07 | 000,010,134 | R--- | M] () -- C:\Users\BEAZMUSIX\AppData\Roaming\Microsoft\Installer\{024521CF-C07E-4F8E-8481-0D75695E03AF}\ARPPRODUCTICON.exe
[2007.06.29 14:23:32 | 000,053,248 | ---- | M] (Prolific Technology Inc.) -- C:\Users\BEAZMUSIX\AppData\Roaming\Transcend\JFSW2\IoctlSvc.exe
[2010.03.25 10:50:52 | 000,176,128 | ---- | M] () -- C:\Users\BEAZMUSIX\AppData\Roaming\Transcend\JFSW2\JFSW2Launch.exe
[2010.03.25 10:50:48 | 000,049,152 | ---- | M] () -- C:\Users\BEAZMUSIX\AppData\Roaming\Transcend\JFSW2\PLIoctlInstaller.exe
 
< %SYSTEMDRIVE%\*.exe >
 
 
< MD5 for: AGP440.SYS  >
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
 
< MD5 for: EXPLORER.EXE  >
[2011.02.26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\explorer.exe
[2011.02.26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\SysWOW64\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2009.08.03 08:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009.10.31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2009.10.31 08:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011.02.26 08:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009.08.03 08:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
 
< MD5 for: IASTORV.SYS  >
[2011.03.11 08:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
[2011.03.11 08:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011.03.11 08:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0033117673c16921\iaStorV.sys
[2011.03.11 08:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys
[2011.03.11 08:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys
[2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_18cccb83b34e1453\iaStorV.sys
[2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2009.07.14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\SysNative\netlogon.dll
[2009.07.14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvstor.sys
[2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
[2011.03.11 08:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\SysNative\drivers\nvstor.sys
[2011.03.11 08:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_38e464dbe521cc7f\nvstor.sys
[2011.03.11 08:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys
[2011.03.11 08:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys
[2011.03.11 08:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\SysNative\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
 
< MD5 for: USER32.DLL  >
[2009.07.14 03:41:56 | 001,008,640 | ---- | M] (Microsoft Corporation) MD5=72D7B3EA16946E8F0CF7458150031CC6 -- C:\Windows\SysNative\user32.dll
[2009.07.14 03:41:56 | 001,008,640 | ---- | M] (Microsoft Corporation) MD5=72D7B3EA16946E8F0CF7458150031CC6 -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll
[2009.07.14 03:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\SysWOW64\user32.dll
[2009.07.14 03:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\SysNative\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.10.28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\SysNative\winlogon.exe
[2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\SysNative\drivers\ws2ifsl.sys
[2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 1290 bytes -> C:\Users\BEAZMUSIX\AppData\Local\Temp:LmuUAy5TwVfsWUsdN
@Alternate Data Stream - 1215 bytes -> C:\ProgramData\Microsoft:kcVcqHnTe3XFisoBBGlI1FUOGo9sMO
@Alternate Data Stream - 1201 bytes -> C:\ProgramData\Microsoft:PkTlsSfjSKFkXoOx5oAXufdQ
@Alternate Data Stream - 1197 bytes -> C:\Program Files (x86)\Common Files\System:iKeUT1yDizA5spqhZkIq
@Alternate Data Stream - 1162 bytes -> C:\ProgramData\Microsoft:beRpKOOaydh2CmTGjWbJ
@Alternate Data Stream - 1159 bytes -> C:\Users\BEAZMUSIX\AppData\Local\kJ8J20TU44SC:cquGjBFO6IVJmp239aYmeL6a7
@Alternate Data Stream - 1106 bytes -> C:\ProgramData\Microsoft:PwWJ9Z1gpzaGM6qCtCrjGfGgJ

< End of report >

beazmusix 17.05.2011 07:32
hjtscanlist.txt

Code:

                        $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
                        º                                    º
                                    hjtscanlist v2.0             
                        º                                    º
                        $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$

Microsoft Windows [Version 6.1.7600]
 
 
C:

  17.05.2011 08:21    C:\Program Files (x86) --------- 40960 
  17.05.2011 08:11    C:\System Volume Information --------- 28672 
  17.05.2011 07:55    C:\Windows --------- 28672 
  17.05.2011 07:51    C:\PurgeIE --------- 4096 
  16.05.2011 23:52    C:\inetpub --------- 0 
  16.05.2011 23:52    C:\Config.Msi --------- 0 
      C:\pagefile.sys ---------   
      C:\hiberfil.sys ---------   
  16.05.2011 23:12    C:\Riot Games --------- 0 
  13.05.2011 10:18    C:\Program Files --------- 12288 
  12.05.2011 13:00    C:\ProgramData --------- 20480 
  11.02.2011 09:24    C:\PDOXUSRS.NET --------- 13030 
  16.01.2011 18:57    C:\.rnd --------- 1024 
  16.11.2010 14:29    C:\32788R22FWJFW --------- 49152 
  16.11.2010 11:42    C:\aaw7boot.cmd --------- 106 
  19.09.2010 17:08    C:\BOOTSECT.BAK --------- 8192 
  19.09.2010 17:08    C:\Boot --------- 4096 
  19.09.2010 17:00    C:\MSOCache --------- 0 
  19.09.2010 16:21    C:\$Recycle.Bin --------- 0 
  19.09.2010 16:21    C:\Users --------- 4096 
  19.09.2010 16:20    C:\w7ldr --------- 171136 
  19.09.2010 16:19    C:\Recovery --------- 0 
  19.09.2010 16:19    C:\Programme --------- 0 
  19.09.2010 16:19    C:\Dokumente und Einstellungen --------- 0 
  14.07.2009 07:08    C:\Documents and Settings --------- 0 
  14.07.2009 05:20    C:\PerfLogs --------- 0 
  14.07.2009 03:38    C:\bootmgr --------- 383562 
----------------------------------------

 
C:\Windows

  17.05.2011 08:00    C:\Windows\WindowsUpdate.log --------- 1879418 
  16.05.2011 23:37    C:\Windows\bootstat.dat --------- 67584 
  11.05.2011 19:11    C:\Windows\NeroDigital.ini --------- 69 
  26.02.2011 08:23    C:\Windows\explorer.exe --------- 2870272 
  11.02.2011 09:24    C:\Windows\gttb64.ini --------- 306 
  11.02.2011 09:22    C:\Windows\Mubri2002 --------- 22 
  10.12.2010 13:03    C:\Windows\SurCode.INI --------- 21 
  17.11.2010 20:24    C:\Windows\QIII.INI --------- 524 
  16.11.2010 10:03    C:\Windows\Lic.xxx --------- 54 
  02.11.2010 10:48    C:\Windows\DUMPf5ca.DMP --------- 262144 
  22.10.2010 11:16    C:\Windows\gktemp.wat --------- 30001 
  22.10.2010 10:20    C:\Windows\TrusV2.dll --------- 116 
  19.09.2010 17:26    C:\Windows\win.ini --------- 513 
  19.09.2010 14:04    C:\Windows\hpwins22.dat --------- 266578 
  19.09.2010 13:00    C:\Windows\Language_trs.ini --------- 1769 
  19.09.2010 10:42    C:\Windows\ativpsrm.bin --------- 0 
  19.09.2010 10:31    C:\Windows\difxapi.dll --------- 414632 
  12.08.2010 17:12    C:\Windows\atiogl.xml --------- 22190 
  28.07.2010 07:21    C:\Windows\hpwmdl22.dat --------- 2850 
  14.07.2009 06:54    C:\Windows\WindowsShell.Manifest --------- 749 
  14.07.2009 03:39    C:\Windows\write.exe --------- 10240 
  14.07.2009 03:39    C:\Windows\splwow64.exe --------- 61952 
  14.07.2009 03:39    C:\Windows\regedit.exe --------- 427008 
  14.07.2009 03:39    C:\Windows\notepad.exe --------- 193536 
  14.07.2009 03:39    C:\Windows\HelpPane.exe --------- 733696 
  14.07.2009 03:39    C:\Windows\hh.exe --------- 16896 
  14.07.2009 03:39    C:\Windows\fveupdate.exe --------- 15360 
  14.07.2009 03:38    C:\Windows\bfsvc.exe --------- 71168 
  14.07.2009 03:16    C:\Windows\twain_32.dll --------- 51200 
  14.07.2009 03:14    C:\Windows\winhlp32.exe --------- 9728 
  14.07.2009 03:14    C:\Windows\twunk_32.exe --------- 31232 
  14.07.2009 01:06    C:\Windows\mib.bin --------- 43131 
  06.07.2009 03:00    C:\Windows\install.dex --------- 472368 
  10.06.2009 23:41    C:\Windows\twunk_16.exe --------- 49680 
  10.06.2009 23:41    C:\Windows\twain.dll --------- 94784 
  10.06.2009 23:08    C:\Windows\system.ini --------- 219 
  10.06.2009 22:52    C:\Windows\WMSysPr9.prx --------- 316640 
  10.06.2009 22:36    C:\Windows\msdfmap.ini --------- 1405 
  10.06.2009 22:31    C:\Windows\Ultimate.xml --------- 51867 
  10.06.2009 22:31    C:\Windows\Starter.xml --------- 48201 
  02.06.2007 16:20    C:\Windows\ST5UNST.EXE --------- 71680 
  16.02.2004 02:45    C:\Windows\LOOP.exe --------- 319487 
  03.10.2002 15:42    C:\Windows\Q3version.ini --------- 34 
  17.12.1999 11:13    C:\Windows\unvise32.exe --------- 86016 
  17.11.1998 14:44    C:\Windows\IsUn0407.exe --------- 328704 
  29.10.1998 16:45    C:\Windows\IsUninst.exe --------- 306688 
----------------------------------------

 
C:\Windows\System

----------------------------------------

 
C:\Windows\System32

 17.05.2011 04:56    C:\Windows\system32\config --------- 24576 
 16.05.2011 23:58    C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 --------- 16944 
 16.05.2011 23:58    C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 --------- 16944 
 16.05.2011 23:54    C:\Windows\system32\perfh009.dat --------- 729950 
 16.05.2011 23:54    C:\Windows\system32\perfc009.dat --------- 148600 
 16.05.2011 23:54    C:\Windows\system32\perfh007.dat --------- 789736 
 16.05.2011 23:54    C:\Windows\system32\perfc007.dat --------- 182046 
 16.05.2011 23:54    C:\Windows\system32\PerfStringBackup.INI --------- 1830514 
 16.05.2011 23:52    C:\Windows\system32\de-DE --------- 327680 
 16.05.2011 23:52    C:\Windows\system32\migration --------- 0 
 16.05.2011 23:52    C:\Windows\system32\inetsrv --------- 8192 
 16.05.2011 23:52    C:\Windows\system32\BestPractices --------- 0 
 14.05.2011 18:44    C:\Windows\system32\Tasks --------- 4096 
 13.05.2011 10:20    C:\Windows\system32\GroupPolicyUsers --------- 0 
 13.05.2011 10:20    C:\Windows\system32\catroot --------- 4096 
 13.05.2011 10:20    C:\Windows\system32\DriverStore --------- 4096 
 13.05.2011 10:20    C:\Windows\system32\drivers --------- 65536 
 12.05.2011 03:02    C:\Windows\system32\MRT.exe --------- 44548040 
 11.05.2011 08:45    C:\Windows\system32\catroot2 --------- 20480 
 28.04.2011 03:22    C:\Windows\system32\FNTCACHE.DAT --------- 5279736 
 26.04.2011 12:25    C:\Windows\system32\lvcoinst.log --------- 17742 
 14.04.2011 19:03    C:\Windows\system32\DRVSTORE --------- 0 
 14.04.2011 06:56    C:\Windows\system32\Boot --------- 0 
 09.04.2011 08:45    C:\Windows\system32\ntoskrnl.exe --------- 5509504 
 06.04.2011 16:26    C:\Windows\system32\dns-sd.exe --------- 119584 
 06.04.2011 16:26    C:\Windows\system32\jdns_sd.dll --------- 69408 
 06.04.2011 16:26    C:\Windows\system32\dnssdX.dll --------- 237856 
 06.04.2011 16:26    C:\Windows\system32\dnssd.dll --------- 96544 
 12.03.2011 14:03    C:\Windows\system32\XpsPrint.dll --------- 662528 
 11.03.2011 08:19    C:\Windows\system32\mfc42u.dll --------- 1359872 
 11.03.2011 08:19    C:\Windows\system32\mfc42.dll --------- 1395712 
 11.03.2011 08:18    C:\Windows\system32\esent.dll --------- 2566144 
 11.03.2011 08:15    C:\Windows\system32\fsutil.exe --------- 96768 
 08.03.2011 08:14    C:\Windows\system32\inetcomm.dll --------- 976896 
 03.03.2011 08:17    C:\Windows\system32\dnsrslvr.dll --------- 182272 
 03.03.2011 08:17    C:\Windows\system32\dnsapi.dll --------- 356352 
 03.03.2011 08:14    C:\Windows\system32\dnscacheugc.exe --------- 30208 
 03.03.2011 05:58    C:\Windows\system32\win32k.sys --------- 3133440 
 24.02.2011 08:30    C:\Windows\system32\XpsGdiConverter.dll --------- 476160 
 24.02.2011 08:29    C:\Windows\system32\wininet.dll --------- 1197056 
 24.02.2011 08:28    C:\Windows\system32\urlmon.dll --------- 1499136 
 24.02.2011 08:25    C:\Windows\system32\mstime.dll --------- 1026560 
 24.02.2011 08:25    C:\Windows\system32\mshtmled.dll --------- 97280 
 24.02.2011 08:25    C:\Windows\system32\mshtml.dll --------- 9311744 
 24.02.2011 08:25    C:\Windows\system32\msfeedsbs.dll --------- 82944 
 24.02.2011 08:25    C:\Windows\system32\msfeeds.dll --------- 703488 
 24.02.2011 08:24    C:\Windows\system32\licmgr10.dll --------- 57856 
 24.02.2011 08:24    C:\Windows\system32\jsproxy.dll --------- 64512 
 24.02.2011 08:24    C:\Windows\system32\ieui.dll --------- 247808 
 24.02.2011 08:24    C:\Windows\system32\iertutil.dll --------- 2447872 
 24.02.2011 08:24    C:\Windows\system32\iepeers.dll --------- 256000 
 24.02.2011 08:24    C:\Windows\system32\ieframe.dll --------- 12369408 
 24.02.2011 08:24    C:\Windows\system32\iedkcs32.dll --------- 445952 
 24.02.2011 08:21    C:\Windows\system32\msfeedssync.exe --------- 12288 
 24.02.2011 07:05    C:\Windows\system32\html.iec --------- 482816 
 24.02.2011 06:24    C:\Windows\system32\mshtml.tlb --------- 1638912 
 19.02.2011 08:37    C:\Windows\system32\FntCache.dll --------- 1135104 
 19.02.2011 08:37    C:\Windows\system32\DWrite.dll --------- 1540608 
 19.02.2011 08:36    C:\Windows\system32\d2d1.dll --------- 902656 
 19.02.2011 08:36    C:\Windows\system32\atmlib.dll --------- 46080 
 19.02.2011 06:13    C:\Windows\system32\atmfd.dll --------- 367104 
 18.02.2011 16:36    C:\Windows\system32\usbaaplrc.dll --------- 4184352 
 18.02.2011 08:37    C:\Windows\system32\vbscript.dll --------- 612352 
 18.02.2011 08:36    C:\Windows\system32\jscript.dll --------- 852480 
 18.02.2011 08:33    C:\Windows\system32\prevhost.exe --------- 31232 
 12.02.2011 08:14    C:\Windows\system32\FXSCOVER.exe --------- 267776 
 05.02.2011 14:41    C:\Windows\system32\winresume.efi --------- 556928 
 05.02.2011 14:41    C:\Windows\system32\winload.efi --------- 640896 
 05.02.2011 14:41    C:\Windows\system32\kd1394.dll --------- 19328 
 05.02.2011 14:41    C:\Windows\system32\kdusb.dll --------- 20352 
 05.02.2011 14:41    C:\Windows\system32\kdcom.dll --------- 17792 
 05.02.2011 14:39    C:\Windows\system32\winresume.exe --------- 518160 
 05.02.2011 14:39    C:\Windows\system32\winload.exe --------- 603976 
 02.02.2011 18:11    C:\Windows\system32\MpSigStub.exe --------- 270720 
 28.01.2011 10:25    C:\Windows\system32\GroupPolicy --------- 0 
 26.01.2011 08:31    C:\Windows\system32\cdd.dll --------- 144384 
 20.01.2011 09:21    C:\Windows\system32\wdi --------- 4096 
 07.01.2011 15:02    C:\Windows\system32\mfcm100u.dll --------- 91472 
 07.01.2011 15:02    C:\Windows\system32\mfc100ita.dll --------- 62288 
 07.01.2011 15:02    C:\Windows\system32\vcomp100.dll --------- 57168 
 07.01.2011 15:02    C:\Windows\system32\mfcm100.dll --------- 91472 
 07.01.2011 15:02    C:\Windows\system32\mfc100fra.dll --------- 64336 
 07.01.2011 15:02    C:\Windows\system32\mfc100esn.dll --------- 63824 
 07.01.2011 15:02    C:\Windows\system32\msvcr100.dll --------- 827728 
 07.01.2011 15:02    C:\Windows\system32\mfc100enu.dll --------- 55120 
 07.01.2011 15:02    C:\Windows\system32\mfc100deu.dll --------- 64336 
 07.01.2011 15:02    C:\Windows\system32\mfc100cht.dll --------- 36176 
 07.01.2011 15:02    C:\Windows\system32\mfc100rus.dll --------- 60752 
 07.01.2011 15:02    C:\Windows\system32\mfc100jpn.dll --------- 43856 
 07.01.2011 15:02    C:\Windows\system32\mfc100kor.dll --------- 43344 
 07.01.2011 15:02    C:\Windows\system32\mfc100u.dll --------- 5523280 
 07.01.2011 15:02    C:\Windows\system32\mfc100chs.dll --------- 36176 
 07.01.2011 15:02    C:\Windows\system32\msvcp100.dll --------- 608080 
 07.01.2011 15:02    C:\Windows\system32\mfc100.dll --------- 5493576 
 07.01.2011 15:02    C:\Windows\system32\atl100.dll --------- 158536 
 23.12.2010 08:07    C:\Windows\system32\sbe.dll --------- 1118720 
 23.12.2010 08:07    C:\Windows\system32\EncDec.dll --------- 723968 
 23.12.2010 08:07    C:\Windows\system32\CPFilters.dll --------- 961024 
 23.12.2010 08:02    C:\Windows\system32\mpg2splt.ax --------- 259072 
 21.12.2010 08:16    C:\Windows\system32\wscsvc.dll --------- 97280 
----------------------------------------

 
C:\Windows\Prefetch

 17.05.2011 08:34    C:\Windows\Prefetch\CMD.EXE-4A81B364.pf --------- 15156 
 17.05.2011 08:34    C:\Windows\Prefetch\CONHOST.EXE-1F3E9D7E.pf --------- 20430 
 17.05.2011 08:33    C:\Windows\Prefetch\SVCHOST.EXE-80F4A784.pf --------- 129482 
 17.05.2011 08:33    C:\Windows\Prefetch\WINRAR.EXE-94E7D80C.pf --------- 146226 
 17.05.2011 08:33    C:\Windows\Prefetch\SEARCHFILTERHOST.EXE-77482212.pf --------- 16658 
 17.05.2011 08:33    C:\Windows\Prefetch\SEARCHPROTOCOLHOST.EXE-0CB8CADE.pf --------- 125518 
 17.05.2011 08:33    C:\Windows\Prefetch\DLLHOST.EXE-5E46FA0D.pf --------- 19662 
 17.05.2011 08:33    C:\Windows\Prefetch\TASKHOST.EXE-7238F31D.pf --------- 100394 
 17.05.2011 08:32    C:\Windows\Prefetch\AVWSC.EXE-9DE67EBB.pf --------- 72682 
 17.05.2011 08:31    C:\Windows\Prefetch\NOTEPAD.EXE-D8414F97.pf --------- 74134 
 17.05.2011 08:28    C:\Windows\Prefetch\MBAM.EXE-80210E2F.pf --------- 87056 
 17.05.2011 08:28    C:\Windows\Prefetch\REGSVR32.EXE-D5170E12.pf --------- 43546 
 17.05.2011 08:28    C:\Windows\Prefetch\MBAMGUI.EXE-1CA97248.pf --------- 15882 
 17.05.2011 08:28    C:\Windows\Prefetch\REGSVR32.EXE-8461DBEE.pf --------- 21084 
 17.05.2011 08:28    C:\Windows\Prefetch\MBAM-SETUP.TMP-61B82A64.pf --------- 34924 
 17.05.2011 08:28    C:\Windows\Prefetch\MBAM-SETUP.EXE-387B5C9E.pf --------- 24220 
 17.05.2011 08:24    C:\Windows\Prefetch\AUDIODG.EXE-BDFD3029.pf --------- 363276 
 17.05.2011 08:22    C:\Windows\Prefetch\SDSCAN.EXE-8BEA0233.pf --------- 118104 
 17.05.2011 08:22    C:\Windows\Prefetch\SDWELCOME.EXE-0FFFA5CE.pf --------- 77746 
 17.05.2011 08:22    C:\Windows\Prefetch\SDWSCSVC.EXE-B6A161F7.pf --------- 14526 
 17.05.2011 08:22    C:\Windows\Prefetch\SDMONSVC.EXE-1DCD22F0.pf --------- 58828 
 17.05.2011 08:22    C:\Windows\Prefetch\SDFWSVC.EXE-3145E78F.pf --------- 56122 
 17.05.2011 08:22    C:\Windows\Prefetch\SDFSSVC.EXE-D6B29DDB.pf --------- 92474 
 17.05.2011 08:22    C:\Windows\Prefetch\SDUPDSVC.EXE-22FCB87B.pf --------- 70482 
 17.05.2011 08:21    C:\Windows\Prefetch\SPYBOTSD-2.0.3-BETA1.TMP-DBF406D3.pf --------- 34220 
 17.05.2011 08:21    C:\Windows\Prefetch\SPYBOTSD-2.0.3-BETA1.EXE-4A73FA8F.pf --------- 24570 
 17.05.2011 08:20    C:\Windows\Prefetch\PLUGIN-CONTAINER.EXE-F1B02F03.pf --------- 104118 
 17.05.2011 08:18    C:\Windows\Prefetch\WLCOMM.EXE-324C9362.pf --------- 54720 
 17.05.2011 08:18    C:\Windows\Prefetch\WMIPRVSE.EXE-6768A320.pf --------- 42236 
 17.05.2011 08:18    C:\Windows\Prefetch\MSNMSGR.EXE-D22CE80C.pf --------- 171954 
 17.05.2011 08:18    C:\Windows\Prefetch\LVPRCSRV.EXE-A94CF8D0.pf --------- 11984 
 17.05.2011 08:14    C:\Windows\Prefetch\NOTEPAD.EXE-1605FA5B.pf --------- 77510 
 17.05.2011 08:13    C:\Windows\Prefetch\AVCENTER.EXE-FD66D2A7.pf --------- 174084 
 17.05.2011 08:11    C:\Windows\Prefetch\SVCHOST.EXE-7CFEDEA3.pf --------- 21916 
 17.05.2011 08:11    C:\Windows\Prefetch\VSSVC.EXE-B8AFC319.pf --------- 108246 
 17.05.2011 08:11    C:\Windows\Prefetch\DLLHOST.EXE-B2EB1806.pf --------- 30820 
 17.05.2011 08:11    C:\Windows\Prefetch\WMIPRVSE.EXE-1628051C.pf --------- 64656 
 17.05.2011 08:07    C:\Windows\Prefetch\OTL.EXE-DEE536B2.pf --------- 43144 
 17.05.2011 08:04    C:\Windows\Prefetch\FIREFOX.EXE-18ACFCFF.pf --------- 336664 
 17.05.2011 08:04    C:\Windows\Prefetch\HELPPANE.EXE-FEDC965B.pf --------- 74380 
 17.05.2011 08:03    C:\Windows\Prefetch\VDS.EXE-6E7946F9.pf --------- 32654 
 17.05.2011 08:03    C:\Windows\Prefetch\WBENGINE.EXE-28FD7E8B.pf --------- 24770 
 17.05.2011 08:03    C:\Windows\Prefetch\RSTRUI.EXE-2D50C58D.pf --------- 60086 
 17.05.2011 08:03    C:\Windows\Prefetch\VDSLDR.EXE-6B089E8B.pf --------- 19346 
 17.05.2011 08:03    C:\Windows\Prefetch\DLLHOST.EXE-ECB71776.pf --------- 26770 
 17.05.2011 08:03    C:\Windows\Prefetch\SVCHOST.EXE-E2C2633A.pf --------- 16606 
 17.05.2011 08:01    C:\Windows\Prefetch\LOGONUI.EXE-09140401.pf --------- 91040 
 17.05.2011 08:01    C:\Windows\Prefetch\MSASCUI.EXE-07E0123F.pf --------- 37206 
 17.05.2011 08:01    C:\Windows\Prefetch\CHROME.EXE-C674C164.pf --------- 208694 
 17.05.2011 08:00    C:\Windows\Prefetch\MPCMDRUN.EXE-F401FBB4.pf --------- 29928 
 17.05.2011 07:59    C:\Windows\Prefetch\AgGlFgAppHistory.db --------- 2289776 
 17.05.2011 07:59    C:\Windows\Prefetch\AgGlFaultHistory.db --------- 892003 
 17.05.2011 07:59    C:\Windows\Prefetch\AgGlGlobalHistory.db --------- 6895860 
 17.05.2011 07:59    C:\Windows\Prefetch\AgRobust.db --------- 804456 
 17.05.2011 07:51    C:\Windows\Prefetch\TASKMAN.EXE-37FA792A.pf --------- 66408 
 17.05.2011 07:51    C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-1294757140-3442182510-2919184659-1001.db --------- 1135422 
 17.05.2011 07:51    C:\Windows\Prefetch\AgGlUAD_S-1-5-21-1294757140-3442182510-2919184659-1001.db --------- 2446283 
 17.05.2011 07:51    C:\Windows\Prefetch\DELINVFILE.EXE-62FC1FBA.pf --------- 56648 
 17.05.2011 07:50    C:\Windows\Prefetch\CCLEANER64.EXE-7BB3E865.pf --------- 66640 
 17.05.2011 07:50    C:\Windows\Prefetch\PING.EXE-371F41E2.pf --------- 18826 
 17.05.2011 07:50    C:\Windows\Prefetch\CCSETUP306.EXE-9C6A76FF.pf --------- 49500 
 17.05.2011 07:49    C:\Windows\Prefetch\CCLEANER.EXE-72C9B7B3.pf --------- 17666 
 17.05.2011 07:49    C:\Windows\Prefetch\WERMGR.EXE-0F2AC88C.pf --------- 19614 
 17.05.2011 07:48    C:\Windows\Prefetch\SKYPE.EXE-E71BF59F.pf --------- 109488 
 17.05.2011 07:48    C:\Windows\Prefetch\AVNOTIFY.EXE-377AF47F.pf --------- 112234 
 17.05.2011 07:48    C:\Windows\Prefetch\SPLWOW64.EXE-297C4568.pf --------- 22702 
 17.05.2011 07:48    C:\Windows\Prefetch\WORDPAD.EXE-10B569CF.pf --------- 58168 
 17.05.2011 07:37    C:\Windows\Prefetch\TASKENG.EXE-48D4E289.pf --------- 371480 
 17.05.2011 07:37    C:\Windows\Prefetch\GOOGLEUPDATE.EXE-3AA2037F.pf --------- 43400 
 17.05.2011 07:26    C:\Windows\Prefetch\THEBAT.EXE-E94C54EE.pf --------- 151388 
 17.05.2011 07:10    C:\Windows\Prefetch\POWERCFG.EXE-668FA411.pf --------- 2552 
 17.05.2011 06:19    C:\Windows\Prefetch\WUAUCLT.EXE-70318591.pf --------- 24254 
 17.05.2011 04:46    C:\Windows\Prefetch\TRUSTEDINSTALLER.EXE-3CC531E5.pf --------- 159818 
 17.05.2011 04:40    C:\Windows\Prefetch\Layout.ini --------- 934826 
 17.05.2011 03:53    C:\Windows\Prefetch\RUNDLL32.EXE-230FC512.pf --------- 44456 
 17.05.2011 03:46    C:\Windows\Prefetch\RUNDLL32.EXE-411A328D.pf --------- 86452 
 17.05.2011 03:45    C:\Windows\Prefetch\AITAGENT.EXE-DA3E7689.pf --------- 2240 
 17.05.2011 02:17    C:\Windows\Prefetch\ReadyBoot --------- 0 
 17.05.2011 01:00    C:\Windows\Prefetch\SC.EXE-945D79AE.pf --------- 71922 
 16.05.2011 23:55    C:\Windows\Prefetch\WMIADAP.EXE-F8DFDFA2.pf --------- 22780 
 16.05.2011 23:54    C:\Windows\Prefetch\LOLCLIENT.EXE-D236C479.pf --------- 181384 
 16.05.2011 23:54    C:\Windows\Prefetch\LOLLAUNCHER.EXE-BEFF6BC4.pf --------- 118874 
 16.05.2011 23:54    C:\Windows\Prefetch\RADS_USER_KERNEL.EXE-9DAAF573.pf --------- 111872 
 16.05.2011 23:54    C:\Windows\Prefetch\PMB.EXE-3F581971.pf --------- 70168 
 16.05.2011 23:53    C:\Windows\Prefetch\LOL.LAUNCHER.EXE-4C860503.pf --------- 28568 
 16.05.2011 23:39    C:\Windows\Prefetch\WMPNSCFG.EXE-FC0D39BF.pf --------- 37032 
 16.05.2011 23:33    C:\Windows\Prefetch\PfSvPerfStats.bin --------- 584 
 16.05.2011 21:43    C:\Windows\Prefetch\WMPLAYER.EXE-26C72A86.pf --------- 197132 
 16.05.2011 18:43    C:\Windows\Prefetch\DLLHOST.EXE-76936ED5.pf --------- 98432 
 16.05.2011 12:19    C:\Windows\Prefetch\CS5SERVICEMANAGER.EXE-8B1F9E8A.pf --------- 34732 
 11.05.2011 08:37    C:\Windows\Prefetch\AgCx_SC4.db --------- 367188 
 20.01.2011 11:22    C:\Windows\Prefetch\NTOSBOOT-B00DFAAD.pf --------- 4422632 
 19.09.2010 16:10    C:\Windows\Prefetch\AgAppLaunch.db --------- 334168 
----------------------------------------

 
C:\Windows\Tasks

 17.05.2011 07:37    C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1294757140-3442182510-2919184659-1001UA.job --------- 1136 
 16.05.2011 23:37    C:\Windows\Tasks\SA.DAT --------- 6 
 16.05.2011 12:37    C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1294757140-3442182510-2919184659-1001Core.job --------- 1084 
 15.12.2010 11:50    C:\Windows\Tasks\SCHEDLGU.TXT --------- 32632 
----------------------------------------

 
C:\Windows\Temp

 17.05.2011 08:22    C:\Windows\Temp\Cookies --------- 0 
 17.05.2011 07:56    C:\Windows\Temp\History --------- 0 
 17.05.2011 07:56    C:\Windows\Temp\Temporary Internet Files --------- 0 
      C:\Windows\Temp\HPSLPSVC0068.log --------- 
 16.05.2011 23:37    C:\Windows\Temp\logishrd --------- 0 
----------------------------------------

 
C:\Users\BEAZMU~1\AppData\Local\Temp

 17.05.2011 08:28    C:\Users\BEAZMU~1\AppData\Local\Temp\~DF0FA9F9B7A37F1659.TMP --------- 81920 
 17.05.2011 08:22    C:\Users\BEAZMU~1\AppData\Local\Temp\is-8QG4I.tmp --------- 0 
 17.05.2011 08:20    C:\Users\BEAZMU~1\AppData\Local\Temp\plugtmp --------- 0 
 17.05.2011 08:22    C:\Users\BEAZMU~1\AppData\Local\Temp\MessengerCache --------- 53248 
 17.05.2011 08:22    C:\Users\BEAZMU~1\AppData\Local\Temp\de-de --------- 0 
 17.05.2011 08:22    C:\Users\BEAZMU~1\AppData\Local\Temp\en-us --------- 0 
 16.05.2011 23:18    C:\Users\BEAZMU~1\AppData\Local\Temp\{853917C7-184D-43CC-A444-727AFFCE5DFC} --------- 4096 
 27.02.2011 21:11    C:\Users\BEAZMU~1\AppData\Local\Temp\TeamViewer --------- 0 
 22.11.2010 17:38    C:\Users\BEAZMU~1\AppData\Local\Temp\Low --------- 0 
 16.11.2010 13:46    C:\Users\BEAZMU~1\AppData\Local\Temp\FXSAPIDebugLogFile.txt --------- 0 
----------------------------------------

 
C:\Program Files

 30.04.2011 20:56    C:\Program Files\iTunes --------- 4096 
 30.04.2011 20:55    C:\Program Files\iPod --------- 0 
 30.04.2011 20:53    C:\Program Files\Bonjour --------- 0 
 14.04.2011 19:00    C:\Program Files\Common Files --------- 4096 
 14.04.2011 06:57    C:\Program Files\Internet Explorer --------- 4096 
 24.01.2011 14:41    C:\Program Files\FRITZDSL --------- 8192 
 15.12.2010 11:48    C:\Program Files\Windows Mail --------- 4096 
 05.12.2010 10:30    C:\Program Files\Novation --------- 0 
 28.11.2010 16:23    C:\Program Files\7-Zip --------- 4096 
 05.11.2010 17:07    C:\Program Files\Core Temp --------- 4096 
 03.11.2010 08:50    C:\Program Files\SiSoftware --------- 0 
 31.10.2010 10:57    C:\Program Files\ATI Technologies --------- 0 
 29.10.2010 20:42    C:\Program Files\WBFS --------- 0 
 29.10.2010 19:30    C:\Program Files\WinRAR --------- 8192 
 19.10.2010 21:24    C:\Program Files\Tablet --------- 4096 
 19.10.2010 21:24    C:\Program Files\WTouch --------- 4096 
 14.10.2010 03:25    C:\Program Files\Windows Media Player --------- 4096 
 05.10.2010 09:11    C:\Program Files\Cakewalk --------- 0 
 27.09.2010 20:29    C:\Program Files\PlayReady --------- 4096 
 20.09.2010 08:41    C:\Program Files\RealVNC --------- 0 
 20.09.2010 07:42    C:\Program Files\Adobe --------- 4096 
 19.09.2010 23:48    C:\Program Files\CPUID --------- 0 
 19.09.2010 17:03    C:\Program Files\Microsoft Office --------- 0 
 19.09.2010 16:19    C:\Program Files\Windows NT --------- 4096 
 19.09.2010 16:19    C:\Program Files\Gemeinsame Dateien --------- 0 
 19.09.2010 11:26    C:\Program Files\M-Audio --------- 0 
 19.09.2010 11:25    C:\Program Files\Logitech --------- 0 
 19.09.2010 10:38    C:\Program Files\ATI --------- 0 
 14.07.2009 20:18    C:\Program Files\DVD Maker --------- 4096 
 14.07.2009 20:18    C:\Program Files\Windows Journal --------- 4096 
 14.07.2009 20:18    C:\Program Files\Microsoft Games --------- 4096 
 14.07.2009 19:58    C:\Program Files\Windows Sidebar --------- 4096 
 14.07.2009 19:58    C:\Program Files\Windows Photo Viewer --------- 4096 
 14.07.2009 19:58    C:\Program Files\Windows Defender --------- 4096 
 14.07.2009 07:32    C:\Program Files\Windows Portable Devices --------- 0 
 14.07.2009 07:32    C:\Program Files\Reference Assemblies --------- 0 
 14.07.2009 07:32    C:\Program Files\MSBuild --------- 0 
 14.07.2009 07:09    C:\Program Files\Uninstall Information --------- 0 
 14.07.2009 06:54    C:\Program Files\desktop.ini --------- 174 
----------------------------------------

 
C:\ProgramData\..

BEAZMUSIX   
Public   
Default   
Default User   
All Users   
desktop.ini   
----------------------------------------

 
C:\Windows\system32\drivers\etc\hosts

127.0.0.1 activate.adobe.com

----------------------------------------

 

Abbildname                    PID Sitzungsname      Sitz.-Nr. Speichernutzung
========================= ======== ================ =========== ===============
System Idle Process              0 Services                  0            24 K
System                          4 Services                  0        5.960 K
smss.exe                      296 Services                  0        1.236 K
csrss.exe                      392 Services                  0        5.920 K
wininit.exe                    468 Services                  0        4.544 K
csrss.exe                      492 Console                    1        10.452 K
services.exe                  524 Services                  0        10.560 K
lsass.exe                      540 Services                  0        14.472 K
lsm.exe                        548 Services                  0        4.772 K
winlogon.exe                  616 Console                    1        7.484 K
svchost.exe                    700 Services                  0        10.720 K
svchost.exe                    816 Services                  0        9.916 K
atiesrxx.exe                  884 Services                  0        4.424 K
svchost.exe                    948 Services                  0        25.768 K
svchost.exe                    984 Services                  0      202.760 K
svchost.exe                    124 Services                  0        46.188 K
svchost.exe                    832 Services                  0        18.420 K
Pen_TouchService.exe          1112 Services                  0        4.980 K
atieclxx.exe                  1196 Console                    1        6.228 K
wisptis.exe                  1216 Console                    1        8.812 K
svchost.exe                  1300 Services                  0        33.056 K
spoolsv.exe                  1432 Services                  0        20.696 K
sched.exe                    1460 Services                  0        2.340 K
svchost.exe                  1544 Services                  0        19.844 K
svchost.exe                  1664 Services                  0        14.600 K
avguard.exe                  1684 Services                  0        21.936 K
AppleMobileDeviceService.    1732 Services                  0        7.504 K
taskhost.exe                  1864 Console                    1        11.200 K
wisptis.exe                  1904 Console                    1        11.884 K
TabTip.exe                    2000 Console                    1        14.752 K
Pen_TouchUser.exe            2028 Console                    1        11.964 K
dwm.exe                      1136 Console                    1        40.980 K
avshadow.exe                  1172 Services                  0        8.180 K
TabTip32.exe                  1816 Console                    1        2.876 K
conhost.exe                  2104 Services                  0        2.800 K
AsSysCtrlService.exe          2144 Services                  0        3.276 K
mDNSResponder.exe            2172 Services                  0        5.792 K
svchost.exe                  2208 Services                  0        41.624 K
svchost.exe                  2232 Services                  0        11.168 K
LVPrcSrv.exe                  2264 Services                  0        6.460 K
svchost.exe                  2296 Services                  0        3.964 K
PassThruSvr.exe              2340 Services                  0        3.376 K
LVPrS64H.exe                  2408 Services                  0        4.504 K
svchost.exe                  2520 Services                  0        4.632 K
PnkBstrA.exe                  2544 Services                  0        4.204 K
StarWindServiceAE.exe        2596 Services                  0        6.072 K
svchost.exe                  2620 Services                  0        7.636 K
Pen_Tablet.exe                2648 Services                  0        10.896 K
Pen_TabletUser.exe            2768 Console                    1        6.260 K
Pen_Tablet.exe                2832 Console                    1        23.608 K
Backup.exe                    2996 Console                    1        22.356 K
hpqtra08.exe                  2112 Console                    1        18.876 K
AutomapServer.exe            1796 Console                    1        14.248 K
LWS.exe                      2684 Console                    1        17.840 K
avgnt.exe                    2744 Console                    1        2.672 K
razerhid.exe                  2740 Console                    1        7.188 K
iTunesHelper.exe              1004 Console                    1        13.280 K
MOM.exe                      3344 Console                    1        9.628 K
razerofa.exe                  3444 Console                    1        4.116 K
MidiAutomapClient.exe        3468 Console                    1        7.208 K
WLIDSVC.EXE                  3488 Services                  0        17.844 K
CCC.exe                      3684 Console                    1        19.048 K
SynoDrServicex64.exe          3924 Services                  0        4.748 K
COCIManager.exe              3964 Console                    1        7.444 K
WLIDSVCM.EXE                  3320 Services                  0        3.520 K
SearchIndexer.exe            1916 Services                  0        44.536 K
iPodService.exe              4268 Services                  0        7.632 K
svchost.exe                  4468 Services                  0        8.760 K
svchost.exe                  4536 Services                  0        6.136 K
wmpnetwk.exe                  3416 Services                  0        11.464 K
hpqste08.exe                  4676 Console                    1        11.280 K
hpqbam08.exe                  4600 Console                    1        6.200 K
hpqgpc01.exe                  3280 Console                    1        10.636 K
explorer.exe                  2960 Console                    1        78.152 K
InputPersonalization.exe      3892 Console                    1          528 K
svchost.exe                  1644 Services                  0        8.160 K
NASvc.exe                    5648 Services                  0        5.924 K
svchost.exe                  5724 Services                  0        43.872 K
svchost.exe                  4752 Services                  0        8.916 K
svchost.exe                  4744 Services                  0        9.872 K
SMSvcHost.exe                3912 Services                  0        25.180 K
svchost.exe                    348 Services                  0        4.228 K
firefox.exe                  5368 Console                    1      172.024 K
plugin-container.exe          5244 Console                    1        29.516 K
SDUpdSvc.exe                  4664 Services                  0        14.472 K
SDFSSvc.exe                  4236 Services                  0        34.000 K
SDFWSvc.exe                  2356 Services                  0        18.944 K
SDMonSvc.exe                  2392 Services                  0        20.328 K
SDWSCSvc.exe                  1860 Services                  0        8.564 K
SDScan.exe                    4816 Console                    1      336.028 K
mbam.exe                      5700 Console                    1        99.056 K
notepad.exe                  4112 Console                    1        7.832 K
notepad.exe                  3036 Console                    1        8.184 K
taskhost.exe                  4284 Console                    1        7.600 K
SearchFilterHost.exe          2940 Services                  0        6.972 K
svchost.exe                  5956 Services                  0        2.904 K
cmd.exe                      4280 Console                    1        3.876 K
conhost.exe                  4276 Console                    1        6.376 K
dllhost.exe                  5844 Console                    1        6.308 K
tasklist.exe                  1768 Console                    1        5.664 K
WmiPrvSE.exe                  644 Services                  0        6.284 K
SearchProtocolHost.exe        1620 Services                  0        5.228 K

 
***** Ende des Scans 17.05.2011 um  8:34:25,27 ***

beazmusix 17.05.2011 09:33
hier jetzt alle logfile nocheinmal zusammengefasst.

also die otl logs
die spybot s&d logs
die malwarbytes logs
und die hjtscanlist log

vielen dank im vorraus

beazmusix 17.05.2011 15:09
so ich habe noch ein wenig weiter gelesen und nun combofix durchlaufen lassen.


Alle Zeitangaben in WEZ +1. Es ist jetzt 21:14 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131