| |
| |||||||
Log-Analyse und Auswertung: vlc.de --> bin ich versucht?Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
09.01.2012, 01:06
| #1 |
| |  vlc.de --> bin ich versucht? Hallo, ich idiot bin auf vlc.de reingefallen und hab es erst nach dem ausführen gemerkt. hab danach gegoogelt und einen thread aus dem jahre 2008 gefunden wo drin stand das die dateien infiziert sind. wollte euch fragen ob das immernoch so ist? danke schonmal für die hilfe meine logs: Code:
ATTFilter OTL logfile created on: 09.01.2012 00:51:33 - Run 1 OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\derUser\Desktop 64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,91 Gb Total Physical Memory | 2,03 Gb Available Physical Memory | 52,01% Memory free 7,82 Gb Paging File | 5,46 Gb Available in Paging File | 69,84% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 97,56 Gb Total Space | 54,13 Gb Free Space | 55,48% Space Free | Partition Type: NTFS Drive E: | 200,43 Gb Total Space | 179,47 Gb Free Space | 89,54% Space Free | Partition Type: NTFS Computer Name: derUser | User Name: derUser | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2012.01.09 00:50:44 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\derUser\Desktop\OTL.exe PRC - [2012.01.09 00:49:13 | 000,050,477 | ---- | M] () -- C:\Users\derUser\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M69V1T7G\Defogger.exe PRC - [2011.07.14 13:21:10 | 000,108,032 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\vlc.exe PRC - [2011.06.06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2011.04.01 17:08:30 | 000,660,480 | ---- | M] (DELL) -- C:\Program Files (x86)\Dell\Dell KM632 Wireless Keyboard Caps Lock Indicator\IndicatorOSD.exe PRC - [2011.01.17 18:50:34 | 011,322,880 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe PRC - [2011.01.17 18:50:34 | 011,314,688 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin PRC - [2011.01.12 19:17:54 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\Dell\Dell KM632 Wireless Keyboard Caps Lock Indicator\LaunchOSDSrv.exe PRC - [2010.12.15 10:46:50 | 000,686,704 | ---- | M] () -- C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe PRC - [2010.12.01 15:07:46 | 000,176,128 | ---- | M] (Chicony) -- C:\Program Files (x86)\Dell\Dell KM632 Wireless Keyboard Caps Lock Indicator\OSDSrv.exe PRC - [2010.11.17 09:53:16 | 000,113,288 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe PRC - [2010.11.03 12:01:34 | 000,983,104 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe PRC - [2010.11.03 12:01:20 | 001,298,496 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe PRC - [2010.11.03 11:53:28 | 000,897,088 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe PRC - [2010.11.03 11:53:06 | 000,979,008 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe PRC - [2010.10.05 21:04:12 | 002,655,768 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe PRC - [2010.10.05 21:04:08 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe ========== Modules (No Company Name) ========== MOD - [2012.01.09 00:49:13 | 000,050,477 | ---- | M] () -- C:\Users\derUser\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M69V1T7G\Defogger.exe MOD - [2012.01.04 20:15:31 | 000,985,088 | ---- | M] () -- C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll MOD - [2011.07.14 13:21:22 | 001,712,128 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libvorbis_plugin.dll MOD - [2011.07.14 13:21:22 | 001,108,992 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libtaglib_plugin.dll MOD - [2011.07.14 13:21:22 | 000,368,640 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libtheora_plugin.dll MOD - [2011.07.14 13:21:22 | 000,325,120 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libswscale_plugin.dll MOD - [2011.07.14 13:21:22 | 000,078,848 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libzip_plugin.dll MOD - [2011.07.14 13:21:22 | 000,046,592 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libwaveout_plugin.dll MOD - [2011.07.14 13:21:22 | 000,040,448 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libyuy2_i420_plugin.dll MOD - [2011.07.14 13:21:22 | 000,038,912 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libvout_wrapper_plugin.dll MOD - [2011.07.14 13:21:22 | 000,036,864 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libyuy2_i422_plugin.dll MOD - [2011.07.14 13:21:22 | 000,031,232 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libyuvp_plugin.dll MOD - [2011.07.14 13:21:22 | 000,031,232 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libugly_resampler_plugin.dll MOD - [2011.07.14 13:21:20 | 011,496,448 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libqt4_plugin.dll MOD - [2011.07.14 13:21:20 | 002,169,856 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libskins2_plugin.dll MOD - [2011.07.14 13:21:20 | 001,013,248 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libschroedinger_plugin.dll MOD - [2011.07.14 13:21:20 | 000,130,048 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libspeex_plugin.dll MOD - [2011.07.14 13:21:20 | 000,036,864 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libscaletempo_plugin.dll MOD - [2011.07.14 13:21:20 | 000,034,304 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libstream_filter_rar_plugin.dll MOD - [2011.07.14 13:21:20 | 000,033,792 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libsimple_channel_mixer_plugin.dll MOD - [2011.07.14 13:21:20 | 000,031,744 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libscale_plugin.dll MOD - [2011.07.14 13:21:20 | 000,031,232 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libstream_filter_record_plugin.dll MOD - [2011.07.14 13:21:18 | 000,237,568 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libpng_plugin.dll MOD - [2011.07.14 13:21:18 | 000,194,048 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libmp4_plugin.dll MOD - [2011.07.14 13:21:18 | 000,128,000 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libmpgatofixed32_plugin.dll MOD - [2011.07.14 13:21:18 | 000,038,912 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libmono_plugin.dll MOD - [2011.07.14 13:21:18 | 000,037,888 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libmpeg_audio_plugin.dll MOD - [2011.07.14 13:21:16 | 001,776,128 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\liblibass_plugin.dll MOD - [2011.07.14 13:21:16 | 000,338,432 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\liblua_plugin.dll MOD - [2011.07.14 13:21:16 | 000,135,680 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libi420_rgb_sse2_plugin.dll MOD - [2011.07.14 13:21:16 | 000,073,728 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libi420_rgb_mmx_plugin.dll MOD - [2011.07.14 13:21:16 | 000,052,224 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libi420_rgb_plugin.dll MOD - [2011.07.14 13:21:16 | 000,048,640 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libi420_yuy2_sse2_plugin.dll MOD - [2011.07.14 13:21:16 | 000,046,592 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libhotkeys_plugin.dll MOD - [2011.07.14 13:21:16 | 000,046,080 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libi422_yuy2_sse2_plugin.dll MOD - [2011.07.14 13:21:16 | 000,039,936 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libi420_yuy2_mmx_plugin.dll MOD - [2011.07.14 13:21:16 | 000,038,400 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libi420_yuy2_plugin.dll MOD - [2011.07.14 13:21:16 | 000,037,888 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libi422_yuy2_mmx_plugin.dll MOD - [2011.07.14 13:21:16 | 000,036,352 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libi422_yuy2_plugin.dll MOD - [2011.07.14 13:21:16 | 000,035,840 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\liblpcm_plugin.dll MOD - [2011.07.14 13:21:16 | 000,033,792 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libmemcpymmxext_plugin.dll MOD - [2011.07.14 13:21:16 | 000,033,792 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libglobalhotkeys_plugin.dll MOD - [2011.07.14 13:21:16 | 000,032,768 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libi422_i420_plugin.dll MOD - [2011.07.14 13:21:16 | 000,032,768 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libgrey_yuv_plugin.dll MOD - [2011.07.14 13:21:14 | 000,652,800 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libfreetype_plugin.dll MOD - [2011.07.14 13:21:14 | 000,309,760 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libfaad_plugin.dll MOD - [2011.07.14 13:21:14 | 000,265,216 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libflac_plugin.dll MOD - [2011.07.14 13:21:14 | 000,258,048 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libfluidsynth_plugin.dll MOD - [2011.07.14 13:21:14 | 000,231,424 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libdvdnav_plugin.dll MOD - [2011.07.14 13:21:14 | 000,210,944 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libdshow_plugin.dll MOD - [2011.07.14 13:21:14 | 000,178,176 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libdtstofloat32_plugin.dll MOD - [2011.07.14 13:21:14 | 000,067,072 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libdirectx_plugin.dll MOD - [2011.07.14 13:21:14 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libdirect3d_plugin.dll MOD - [2011.07.14 13:21:14 | 000,039,424 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libfilesystem_plugin.dll MOD - [2011.07.14 13:21:14 | 000,039,424 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libdts_plugin.dll MOD - [2011.07.14 13:21:14 | 000,037,376 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libfake_plugin.dll MOD - [2011.07.14 13:21:14 | 000,032,256 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libdtstospdif_plugin.dll MOD - [2011.07.14 13:21:14 | 000,032,256 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libdolby_surround_decoder_plugin.dll MOD - [2011.07.14 13:21:14 | 000,031,744 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libfloat32_mixer_plugin.dll MOD - [2011.07.14 13:21:14 | 000,031,232 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libdrawable_plugin.dll MOD - [2011.07.14 13:21:12 | 008,248,320 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libavcodec_plugin.dll MOD - [2011.07.14 13:21:12 | 000,088,064 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libavi_plugin.dll MOD - [2011.07.14 13:21:12 | 000,057,856 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libblend_plugin.dll MOD - [2011.07.14 13:21:12 | 000,046,592 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libaout_directx_plugin.dll MOD - [2011.07.14 13:21:12 | 000,045,568 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libaraw_plugin.dll MOD - [2011.07.14 13:21:12 | 000,041,472 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libaudio_format_plugin.dll MOD - [2011.07.14 13:21:12 | 000,034,304 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libcdg_plugin.dll MOD - [2011.07.14 13:21:12 | 000,033,280 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libaes3_plugin.dll MOD - [2011.07.14 13:21:12 | 000,032,768 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libconverter_fixed_plugin.dll MOD - [2011.07.14 13:21:10 | 002,263,552 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\libvlccore.dll MOD - [2011.07.14 13:21:10 | 000,108,032 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\vlc.exe MOD - [2011.07.14 13:21:10 | 000,101,376 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\libvlc.dll MOD - [2011.07.14 13:21:10 | 000,090,112 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\libaccess_bd_plugin.dll MOD - [2011.07.14 13:21:10 | 000,065,536 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\liba52tofloat32_plugin.dll MOD - [2011.07.14 13:21:10 | 000,036,352 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\liba52_plugin.dll MOD - [2011.07.14 13:21:10 | 000,030,720 | ---- | M] () -- C:\Program Files (x86)\VideoLAN\VLC\plugins\liba52tospdif_plugin.dll MOD - [2011.01.12 19:17:54 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\Dell\Dell KM632 Wireless Keyboard Caps Lock Indicator\LaunchOSDSrv.exe MOD - [2010.12.15 10:46:50 | 000,686,704 | ---- | M] () -- C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe ========== Win32 Services (SafeList) ========== SRV:64bit: - [2011.05.11 22:53:46 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV:64bit: - [2011.04.27 17:21:18 | 000,288,272 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv) SRV:64bit: - [2011.04.27 17:21:18 | 000,012,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc) SRV:64bit: - [2010.12.03 10:26:34 | 003,143,472 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\SysNative\vcsFPService.exe -- (vcsFPService) SRV:64bit: - [2010.11.29 15:00:56 | 000,149,504 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost) SRV:64bit: - [2010.11.07 11:04:00 | 000,499,200 | ---- | M] (Red Bend Ltd.) [Auto | Running] -- C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe -- (DMAgent) SRV:64bit: - [2010.11.07 10:56:30 | 000,869,376 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe -- (WiMAXAppSrv) SRV:64bit: - [2010.09.22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc) SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt) SRV - [2011.06.06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2011.05.27 11:06:16 | 000,301,568 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Programme\IDT\WDM\stacsv64.exe -- (STacSV) SRV - [2010.12.17 14:41:32 | 001,515,792 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) Intel(R) SRV - [2010.12.17 14:28:46 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Programme\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS) SRV - [2010.12.17 14:26:50 | 000,836,880 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) Intel(R) SRV - [2010.12.03 10:14:58 | 002,696,496 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vcsFPService.exe -- (vcsFPService) SRV - [2010.12.01 15:07:46 | 000,176,128 | ---- | M] (Chicony) [Auto | Running] -- C:\Program Files (x86)\Dell\Dell KM632 Wireless Keyboard Caps Lock Indicator\OSDSrv.exe -- (OSDSvc) SRV - [2010.11.03 12:01:34 | 000,983,104 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service) SRV - [2010.11.03 12:01:20 | 001,298,496 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe -- (Bluetooth Media Service) SRV - [2010.11.03 11:53:28 | 000,897,088 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor) SRV - [2010.10.05 21:04:12 | 002,655,768 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R) SRV - [2010.10.05 21:04:08 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R) SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009.03.03 02:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Programme\IDT\WDM\AESTSr64.exe -- (AESTFilters) ========== Driver Services (SafeList) ========== DRV:64bit: - [2011.08.09 08:32:02 | 012,289,472 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdpmd64.sys -- (intelkmd) DRV:64bit: - [2011.08.09 08:32:02 | 012,289,472 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:64bit: - [2011.06.10 06:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167) DRV:64bit: - [2011.05.27 11:06:16 | 000,528,384 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA) DRV:64bit: - [2011.05.12 02:16:38 | 009,319,424 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag) DRV:64bit: - [2011.05.11 22:16:54 | 000,304,128 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap) DRV:64bit: - [2011.04.27 15:25:24 | 000,084,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv) DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2010.12.21 09:08:48 | 008,505,856 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64) ___ Intel(R) DRV:64bit: - [2010.12.15 19:56:06 | 001,402,416 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP) DRV:64bit: - [2010.12.13 09:34:14 | 000,027,760 | ---- | M] (ST Microelectronics) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelern.sys -- (Acceler) DRV:64bit: - [2010.12.10 13:50:36 | 000,181,248 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc) DRV:64bit: - [2010.12.10 13:50:36 | 000,080,384 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub) DRV:64bit: - [2010.11.29 15:00:04 | 000,016,120 | ---- | M] (Intel(R) Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB) DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010.11.20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010.11.04 05:07:06 | 000,058,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmaux.sys -- (btmaux) DRV:64bit: - [2010.11.04 03:31:44 | 000,059,904 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iBtFltCoex.sys -- (iBtFltCoex) DRV:64bit: - [2010.10.29 09:11:42 | 000,250,984 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR) DRV:64bit: - [2010.10.25 19:56:14 | 000,075,264 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bpenum.sys -- (bpenum) Intel(R) Centrino(R) DRV:64bit: - [2010.10.19 23:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel(R) DRV:64bit: - [2010.10.19 18:12:58 | 000,274,432 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmhsf.sys -- (btmhsf) DRV:64bit: - [2010.10.15 01:28:16 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel(R) DRV:64bit: - [2010.08.20 11:05:12 | 000,021,616 | ---- | M] (ST Microelectronics) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stdcfltn.sys -- (stdcfltn) DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = F6 57 B7 64 EC CA CC 01 [binary data] IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.01.03 17:10:24 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.01.03 17:10:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\derUser\AppData\Roaming\mozilla\Extensions [2012.01.03 17:42:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\derUser\AppData\Roaming\mozilla\Firefox\Profiles\x08ibrh5.default\extensions [2012.01.09 00:22:56 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2012.01.04 20:07:49 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2012.01.09 00:22:56 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} File not found (No name found) -- C:\USERS\derUser\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\X08IBRH5.DEFAULT\EXTENSIONS\{73A6FE31-595D-460B-A920-FCC0F8843232}.XPI File not found (No name found) -- C:\USERS\derUser\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\X08IBRH5.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI [2011.12.21 08:42:29 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2011.12.21 06:08:50 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2011.12.21 06:02:40 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2011.12.21 06:08:50 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2011.12.21 06:08:50 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2011.12.21 06:08:50 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2011.12.21 06:08:50 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.) O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll (Intel Corporation) O4:64bit: - HKLM..\Run: [FreeFallProtection] C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe () O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation) O4:64bit: - HKLM..\Run: [IntelWirelessWiMAX] C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe (Intel® Corporation) O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Programme\IDT\WDM\sttray64.exe (IDT, Inc.) O4 - HKLM..\Run: [Chicony_OSD] C:\Program Files (x86)\Dell\Dell KM632 Wireless Keyboard Caps Lock Indicator\LaunchOSDSrv.exe () O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - Startup: C:\Users\derUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30) O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.35.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A41E25C9-1CDD-4CC9-AB52-D336E41D1DF8}: DhcpNameServer = 192.168.35.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C70565E1-90B0-441E-88DC-D1245707BD88}: DhcpNameServer = 83.169.184.161 83.169.184.225 O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{687c22d7-3621-11e1-93f2-806e6f6e6963}\Shell - "" = AutoRun O33 - MountPoints2\{687c22d7-3621-11e1-93f2-806e6f6e6963}\Shell\AutoRun\command - "" = D:\autorun.exe O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun) ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0 ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6 ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7 ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation) CREATERESTOREPOINT Restore point Set: OTL Restore Point ========== Files/Folders - Created Within 30 Days ========== [2012.01.09 00:50:41 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\derUser\Desktop\OTL.exe [2012.01.09 00:39:02 | 000,000,000 | ---D | C] -- C:\Users\derUser\AppData\Roaming\vlc [2012.01.09 00:36:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN [2012.01.09 00:36:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN [2012.01.09 00:33:25 | 000,000,000 | ---D | C] -- C:\Users\derUser\AppData\Roaming\Media Player Classic [2012.01.09 00:33:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2012.01.09 00:20:11 | 000,000,000 | ---D | C] -- C:\Users\derUser\Desktop\Final Referat [2012.01.08 17:32:44 | 000,000,000 | ---D | C] -- C:\Users\derUser\Desktop\referat [2012.01.08 15:17:50 | 000,000,000 | ---D | C] -- C:\Users\derUser\AppData\Roaming\Adobe [2012.01.08 15:17:50 | 000,000,000 | ---D | C] -- C:\Users\derUser\AppData\Local\Adobe [2012.01.08 13:44:19 | 000,000,000 | ---D | C] -- C:\Users\derUser\AppData\Roaming\OpenOffice.org [2012.01.08 13:39:49 | 000,000,000 | ---D | C] -- C:\Users\derUser\AppData\Local\ElevatedDiagnostics [2012.01.08 13:36:57 | 000,000,000 | ---D | C] -- C:\Users\derUser\AppData\Local\Diagnostics [2012.01.04 20:18:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip [2012.01.04 20:18:51 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip [2012.01.04 20:17:15 | 000,000,000 | ---D | C] -- C:\Program Files\Paint.NET [2012.01.04 20:17:07 | 000,000,000 | ---D | C] -- C:\Users\derUser\AppData\Local\Paint.NET [2012.01.04 20:16:13 | 000,000,000 | ---D | C] -- C:\Users\derUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++ [2012.01.04 20:16:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++ [2012.01.04 20:16:11 | 000,000,000 | ---D | C] -- C:\Users\derUser\AppData\Roaming\Notepad++ [2012.01.04 20:16:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Notepad++ [2012.01.04 20:15:11 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.3 [2012.01.04 20:14:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Player Classic - Home Cinema x64 [2012.01.04 20:13:48 | 000,000,000 | ---D | C] -- C:\Program Files\Media Player Classic - Home Cinema [2012.01.04 20:09:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenOffice.org 3 [2012.01.04 20:07:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun [2012.01.04 20:07:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java [2012.01.04 19:40:28 | 000,000,000 | ---D | C] -- C:\Users\derUser\Desktop\OpenOffice.org 3.3 (de) Installation Files [2012.01.04 18:05:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ubisoft [2012.01.04 17:06:03 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SPReview [2012.01.04 15:53:04 | 000,000,000 | ---D | C] -- C:\Program Files\AuthenTec [2012.01.04 15:52:25 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders [2012.01.04 15:39:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Validity [2012.01.04 15:38:55 | 000,000,000 | ---D | C] -- C:\Program Files\Validity Sensors [2012.01.04 15:33:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight [2012.01.04 15:32:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight [2012.01.04 15:08:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client [2012.01.04 15:07:49 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client [2012.01.04 14:58:44 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live [2012.01.04 14:57:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live [2012.01.04 14:57:02 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH [2012.01.04 14:56:20 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Live [2012.01.04 14:54:58 | 000,000,000 | ---D | C] -- C:\Users\derUser\AppData\Local\Windows Live [2012.01.04 14:54:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Windows Live [2012.01.04 14:09:35 | 000,116,224 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysNative\fms.dll [2012.01.04 14:09:21 | 000,093,696 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysWow64\fms.dll [2012.01.04 13:51:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe [2012.01.04 13:51:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe [2012.01.04 13:50:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe [2012.01.04 13:46:20 | 000,000,000 | ---D | C] -- C:\Users\derUser\AppData\Roaming\xm1 [2012.01.04 13:46:10 | 000,000,000 | ---D | C] -- C:\Users\derUser\AppData\Roaming\MiKTeX [2012.01.04 13:45:51 | 000,000,000 | ---D | C] -- C:\Users\derUser\AppData\Local\MiKTeX [2012.01.04 13:45:40 | 000,000,000 | ---D | C] -- C:\Users\derUser\Documents\LaTeX-Test [2012.01.04 13:34:06 | 000,000,000 | ---D | C] -- C:\Users\derUser\AppData\Roaming\Intel [2012.01.04 13:34:00 | 000,000,000 | ---D | C] -- C:\Users\derUser\Roaming [2012.01.04 13:33:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Roaming [2012.01.04 13:32:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cisco [2012.01.04 13:20:56 | 000,021,616 | ---- | C] (ST Microelectronics) -- C:\Windows\SysNative\drivers\stdcfltn.sys [2012.01.04 13:20:56 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE [2012.01.04 13:20:53 | 000,000,000 | ---D | C] -- C:\Program Files\STMicroelectronics [2012.01.04 13:20:37 | 000,081,008 | ---- | C] (ST Microelectronics) -- C:\Windows\SysNative\accelernco01.dll [2012.01.04 13:20:37 | 000,027,760 | ---- | C] (ST Microelectronics) -- C:\Windows\SysNative\drivers\Accelern.sys [2012.01.04 13:20:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\STMicroelectronics [2012.01.04 13:06:02 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless [2012.01.04 13:04:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\vmm32 [2012.01.04 12:35:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Dell [2012.01.04 12:29:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Dell [2012.01.03 19:04:19 | 000,000,000 | ---D | C] -- C:\Users\derUser\AppData\Roaming\ATI [2012.01.03 19:04:19 | 000,000,000 | ---D | C] -- C:\Users\derUser\AppData\Local\ATI [2012.01.03 19:04:19 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI [2012.01.03 19:02:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Intel [2012.01.03 19:02:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intel [2012.01.03 19:02:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP [2012.01.03 19:02:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center [2012.01.03 19:02:02 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies [2012.01.03 19:01:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies [2012.01.03 19:01:00 | 000,000,000 | ---D | C] -- C:\Program Files\ATI [2012.01.03 19:00:34 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies [2012.01.03 18:59:33 | 000,004,096 | ---- | C] ( ) -- C:\Windows\SysNative\IGFXDEVLib.dll [2012.01.03 18:59:32 | 000,120,320 | ---- | C] (AMD) -- C:\Windows\SysNative\atitmm64.dll [2012.01.03 18:59:32 | 000,058,880 | ---- | C] (AMD) -- C:\Windows\SysNative\coinst.dll [2012.01.03 18:59:31 | 000,480,256 | ---- | C] (AMD) -- C:\Windows\SysNative\atieclxx.exe [2012.01.03 18:59:31 | 000,203,264 | ---- | C] (AMD) -- C:\Windows\SysNative\atiesrxx.exe [2012.01.03 18:59:31 | 000,016,384 | ---- | C] (AMD) -- C:\Windows\SysNative\atimuixx.dll [2012.01.03 18:51:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET [2012.01.03 18:43:35 | 000,000,000 | ---D | C] -- C:\Users\derUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Texmaker [2012.01.03 18:43:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Texmaker [2012.01.03 18:43:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Texmaker [2012.01.03 18:35:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiKTeX 2.9 [2012.01.03 18:34:01 | 000,000,000 | ---D | C] -- C:\ProgramData\MiKTeX [2012.01.03 18:28:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MiKTeX 2.9 [2012.01.03 18:21:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Intel [2012.01.03 17:29:31 | 000,000,000 | ---D | C] -- C:\Program Files\IDT [2012.01.03 17:27:31 | 000,000,000 | ---D | C] -- C:\Program Files\Synaptics [2012.01.03 17:26:23 | 000,000,000 | ---D | C] -- C:\Program Files\Intel [2012.01.03 17:23:11 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\sda [2012.01.03 17:21:43 | 000,053,248 | R--- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\SysWow64\CSVer.dll [2012.01.03 17:21:06 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel [2012.01.03 17:20:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\postureAgent [2012.01.03 17:20:16 | 000,000,000 | ---D | C] -- C:\Users\derUser\AppData\Roaming\InstallShield [2012.01.03 17:18:37 | 004,780,032 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\stlang64.dll [2012.01.03 17:18:37 | 001,523,712 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\IDTNC64.cpl [2012.01.03 17:18:37 | 000,455,168 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\slapoi64.dll [2012.01.03 17:18:36 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SRSLabs [2012.01.03 17:18:18 | 001,965,056 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\stapo64.dll [2012.01.03 17:18:18 | 000,654,336 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\stapi64.dll [2012.01.03 17:18:18 | 000,528,384 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\drivers\stwrt64.sys [2012.01.03 17:18:18 | 000,431,616 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\stcplx64.dll [2012.01.03 17:18:18 | 000,224,256 | ---- | C] (IDT, Inc.) -- C:\Windows\SysNative\st646341.dll [2012.01.03 17:18:17 | 000,334,848 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO3064.dll [2012.01.03 17:17:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Renesas Electronics [2012.01.03 17:17:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Renesas Electronics [2012.01.03 17:17:16 | 000,000,000 | -HSD | C] -- C:\Windows\Installer [2012.01.03 17:17:04 | 001,402,416 | ---- | C] (Synaptics Incorporated) -- C:\Windows\SysNative\drivers\SynTP.sys [2012.01.03 17:17:04 | 000,404,776 | ---- | C] (Synaptics Incorporated) -- C:\Windows\SysNative\SynCOM.dll [2012.01.03 17:17:04 | 000,273,704 | ---- | C] (Synaptics Incorporated) -- C:\Windows\SysNative\SynCtrl.dll [2012.01.03 17:17:04 | 000,218,408 | ---- | C] (Synaptics Incorporated) -- C:\Windows\SysWow64\SynCtrl.dll [2012.01.03 17:17:04 | 000,216,360 | ---- | C] (Synaptics Incorporated) -- C:\Windows\SysNative\SynTPAPI.dll [2012.01.03 17:17:04 | 000,173,352 | ---- | C] (Synaptics Incorporated) -- C:\Windows\SysWow64\SynCOM.dll [2012.01.03 17:17:04 | 000,148,776 | ---- | C] (Synaptics Incorporated) -- C:\Windows\SysNative\SynTPCo5.dll [2012.01.03 17:17:04 | 000,107,816 | ---- | C] (Synaptics Incorporated) -- C:\Windows\SysWow64\SynTPCOM.dll [2012.01.03 17:16:28 | 000,000,000 | ---D | C] -- C:\dell [2012.01.03 17:10:28 | 000,000,000 | ---D | C] -- C:\Users\derUser\AppData\Roaming\Mozilla [2012.01.03 17:10:28 | 000,000,000 | ---D | C] -- C:\Users\derUser\AppData\Local\Mozilla [2012.01.03 17:10:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2012.01.03 17:06:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel [2012.01.03 17:06:31 | 000,000,000 | ---D | C] -- C:\Intel [2012.01.03 17:03:31 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information [2012.01.03 17:03:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek [2012.01.03 16:51:30 | 000,000,000 | R--D | C] -- C:\Users\derUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2012.01.03 16:51:30 | 000,000,000 | R--D | C] -- C:\Users\derUser\Searches [2012.01.03 16:51:30 | 000,000,000 | R--D | C] -- C:\Users\derUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2012.01.03 16:51:19 | 000,000,000 | ---D | C] -- C:\Users\derUser\AppData\Roaming\Identities [2012.01.03 16:51:14 | 000,000,000 | R--D | C] -- C:\Users\derUser\Contacts [2012.01.03 16:51:12 | 000,000,000 | ---D | C] -- C:\Users\derUser\AppData\Local\VirtualStore [2012.01.03 16:50:54 | 000,000,000 | -HSD | C] -- C:\Users\derUser\Vorlagen [2012.01.03 16:50:54 | 000,000,000 | -HSD | C] -- C:\Users\derUser\AppData\Local\Verlauf [2012.01.03 16:50:54 | 000,000,000 | -HSD | C] -- C:\Users\derUser\AppData\Local\Temporary Internet Files [2012.01.03 16:50:54 | 000,000,000 | -HSD | C] -- C:\Users\derUser\Startmenü [2012.01.03 16:50:54 | 000,000,000 | -HSD | C] -- C:\Users\derUser\SendTo [2012.01.03 16:50:54 | 000,000,000 | -HSD | C] -- C:\Users\derUser\Recent [2012.01.03 16:50:54 | 000,000,000 | -HSD | C] -- C:\Users\derUser\Netzwerkumgebung [2012.01.03 16:50:54 | 000,000,000 | -HSD | C] -- C:\Users\derUser\Lokale Einstellungen [2012.01.03 16:50:54 | 000,000,000 | -HSD | C] -- C:\Users\derUser\Documents\Eigene Videos [2012.01.03 16:50:54 | 000,000,000 | -HSD | C] -- C:\Users\derUser\Documents\Eigene Musik [2012.01.03 16:50:54 | 000,000,000 | -HSD | C] -- C:\Users\derUser\Eigene Dateien [2012.01.03 16:50:54 | 000,000,000 | -HSD | C] -- C:\Users\derUser\Documents\Eigene Bilder [2012.01.03 16:50:54 | 000,000,000 | -HSD | C] -- C:\Users\derUser\Druckumgebung [2012.01.03 16:50:54 | 000,000,000 | -HSD | C] -- C:\Users\derUser\Cookies [2012.01.03 16:50:54 | 000,000,000 | -HSD | C] -- C:\Users\derUser\AppData\Local\Anwendungsdaten [2012.01.03 16:50:54 | 000,000,000 | -HSD | C] -- C:\Users\derUser\Anwendungsdaten [2012.01.03 16:50:53 | 000,000,000 | --SD | C] -- C:\Users\derUser\AppData\Roaming\Microsoft [2012.01.03 16:50:53 | 000,000,000 | R--D | C] -- C:\Users\derUser\Videos [2012.01.03 16:50:53 | 000,000,000 | R--D | C] -- C:\Users\derUser\Saved Games [2012.01.03 16:50:53 | 000,000,000 | R--D | C] -- C:\Users\derUser\Pictures [2012.01.03 16:50:53 | 000,000,000 | R--D | C] -- C:\Users\derUser\Music [2012.01.03 16:50:53 | 000,000,000 | R--D | C] -- C:\Users\derUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [2012.01.03 16:50:53 | 000,000,000 | R--D | C] -- C:\Users\derUser\Links [2012.01.03 16:50:53 | 000,000,000 | R--D | C] -- C:\Users\derUser\Favorites [2012.01.03 16:50:53 | 000,000,000 | R--D | C] -- C:\Users\derUser\Downloads [2012.01.03 16:50:53 | 000,000,000 | R--D | C] -- C:\Users\derUser\Documents [2012.01.03 16:50:53 | 000,000,000 | R--D | C] -- C:\Users\derUser\Desktop [2012.01.03 16:50:53 | 000,000,000 | R--D | C] -- C:\Users\derUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2012.01.03 16:50:53 | 000,000,000 | -H-D | C] -- C:\Users\derUser\AppData [2012.01.03 16:50:53 | 000,000,000 | ---D | C] -- C:\Users\derUser\AppData\Local\Temp [2012.01.03 16:50:53 | 000,000,000 | ---D | C] -- C:\Users\derUser\AppData\Local\Microsoft [2012.01.03 16:50:53 | 000,000,000 | ---D | C] -- C:\Users\derUser\AppData\Roaming\Media Center Programs [2012.01.03 16:50:46 | 000,000,000 | -HSD | C] -- C:\Recovery [2012.01.03 16:50:45 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen [2012.01.03 16:50:45 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü [2012.01.03 16:50:45 | 000,000,000 | -HSD | C] -- C:\Programme [2012.01.03 16:50:45 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien [2012.01.03 16:50:45 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten [2012.01.03 16:50:45 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos [2012.01.03 16:50:45 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik [2012.01.03 16:50:45 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder [2012.01.03 16:50:45 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen [2012.01.03 16:50:45 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente [2012.01.03 16:50:45 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten [2012.01.03 16:50:40 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution [2012.01.03 16:41:57 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch [2012.01.03 16:41:35 | 000,000,000 | -HSD | C] -- C:\System Volume Information [2012.01.03 16:40:59 | 000,000,000 | ---D | C] -- C:\Windows\Panther ========== Files - Modified Within 30 Days ========== [2012.01.09 00:50:44 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\derUser\Desktop\OTL.exe [2012.01.09 00:49:34 | 000,000,000 | ---- | M] () -- C:\Users\derUser\defogger_reenable [2012.01.09 00:36:56 | 000,001,070 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk [2012.01.09 00:20:39 | 001,505,034 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012.01.09 00:20:39 | 000,656,266 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2012.01.09 00:20:39 | 000,618,108 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012.01.09 00:20:39 | 000,131,006 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2012.01.09 00:20:39 | 000,107,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012.01.09 00:19:25 | 000,009,936 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.01.09 00:19:25 | 000,009,936 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.01.09 00:15:36 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.01.09 00:15:18 | 3148,222,464 | -HS- | M] () -- C:\hiberfil.sys [2012.01.08 19:04:41 | 000,670,702 | ---- | M] () -- C:\Users\derUser\Desktop\sozialstruktueren.odp [2012.01.08 17:25:31 | 000,027,912 | ---- | M] () -- C:\Users\derUser\Desktop\Handout.odt [2012.01.08 15:37:05 | 000,025,504 | ---- | M] () -- C:\Users\derUser\Desktop\ref final.odt [2012.01.08 14:57:59 | 000,027,347 | ---- | M] () -- C:\Users\derUser\Desktop\Referat.odt [2012.01.08 13:44:58 | 000,001,239 | ---- | M] () -- C:\Users\derUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk [2012.01.08 13:42:07 | 000,292,872 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012.01.04 20:18:24 | 000,001,288 | ---- | M] () -- C:\Users\Public\Desktop\Paint.NET.lnk [2012.01.04 20:15:11 | 000,001,124 | ---- | M] () -- C:\Users\Public\Desktop\OpenOffice.org 3.3.lnk [2012.01.04 20:14:01 | 000,002,014 | ---- | M] () -- C:\Users\derUser\Desktop\Media Player Classic - Home Cinema x64.lnk [2012.01.04 15:15:16 | 000,002,154 | ---- | M] () -- C:\Windows\epplauncher.mif [2012.01.04 15:14:35 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_WinUSB_01007.Wdf [2012.01.04 15:08:07 | 001,526,948 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2012.01.04 13:51:45 | 000,002,019 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk [2012.01.04 13:37:48 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_btmaux_01009.Wdf [2012.01.04 13:37:43 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_iBtFltCoex_01009.Wdf [2012.01.04 13:06:53 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_bpenum_01007.Wdf [2012.01.03 19:01:52 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin [2012.01.03 18:43:36 | 000,001,015 | ---- | M] () -- C:\Users\derUser\Desktop\Texmaker.lnk [2012.01.03 17:59:09 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf [2012.01.03 17:59:07 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf [2012.01.03 17:27:35 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_SynTP_01009.Wdf [2012.01.03 17:26:24 | 000,001,045 | ---- | M] () -- C:\Users\Public\Desktop\Überwachungstool für die Intel® Turbo-Boost-Technik 2.0.lnk [2012.01.03 17:10:24 | 000,001,142 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2012.01.03 16:44:50 | 000,057,035 | ---- | M] () -- C:\Windows\SysWow64\license.rtf [2012.01.03 16:44:50 | 000,057,035 | ---- | M] () -- C:\Windows\SysNative\license.rtf [2012.01.03 16:43:37 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf ========== Files Created - No Company Name ========== [2012.01.09 00:49:34 | 000,000,000 | ---- | C] () -- C:\Users\derUser\defogger_reenable [2012.01.09 00:36:56 | 000,001,070 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk [2012.01.08 17:26:13 | 000,670,702 | ---- | C] () -- C:\Users\derUser\Desktop\sozialstruktueren.odp [2012.01.08 15:47:05 | 000,027,912 | ---- | C] () -- C:\Users\derUser\Desktop\Handout.odt [2012.01.08 14:58:52 | 000,025,504 | ---- | C] () -- C:\Users\derUser\Desktop\ref final.odt [2012.01.08 14:57:58 | 000,027,347 | ---- | C] () -- C:\Users\derUser\Desktop\Referat.odt [2012.01.08 13:44:58 | 000,001,239 | ---- | C] () -- C:\Users\derUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk [2012.01.04 20:18:24 | 000,001,300 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paint.NET.lnk [2012.01.04 20:18:24 | 000,001,288 | ---- | C] () -- C:\Users\Public\Desktop\Paint.NET.lnk [2012.01.04 20:15:11 | 000,001,124 | ---- | C] () -- C:\Users\Public\Desktop\OpenOffice.org 3.3.lnk [2012.01.04 20:14:01 | 000,002,014 | ---- | C] () -- C:\Users\derUser\Desktop\Media Player Classic - Home Cinema x64.lnk [2012.01.04 15:15:16 | 000,002,154 | ---- | C] () -- C:\Windows\epplauncher.mif [2012.01.04 15:14:35 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_WinUSB_01007.Wdf [2012.01.04 15:08:07 | 001,526,948 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2012.01.04 15:07:53 | 000,001,897 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk [2012.01.04 14:10:15 | 000,347,904 | ---- | C] () -- C:\Windows\SysNative\systemsf.ebd [2012.01.04 14:09:13 | 000,010,429 | ---- | C] () -- C:\Windows\SysNative\ScavengeSpace.xml [2012.01.04 14:09:08 | 000,105,559 | ---- | C] () -- C:\Windows\SysWow64\RacRules.xml [2012.01.04 14:09:08 | 000,105,559 | ---- | C] () -- C:\Windows\SysNative\RacRules.xml [2012.01.04 14:09:03 | 000,146,389 | ---- | C] () -- C:\Windows\SysWow64\printmanagement.msc [2012.01.04 14:09:03 | 000,001,041 | ---- | C] () -- C:\Windows\SysWow64\tcpbidi.xml [2012.01.04 13:51:45 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk [2012.01.04 13:51:45 | 000,002,019 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk [2012.01.04 13:37:48 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_btmaux_01009.Wdf [2012.01.04 13:37:43 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_iBtFltCoex_01009.Wdf [2012.01.04 13:06:53 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_bpenum_01007.Wdf [2012.01.03 19:02:29 | 000,002,178 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Umschaltbare Grafik.lnk [2012.01.03 19:02:00 | 000,003,914 | ---- | C] () -- C:\Windows\SysWow64\atipblup.dat [2012.01.03 19:02:00 | 000,003,914 | ---- | C] () -- C:\Windows\SysNative\atipblup.dat [2012.01.03 19:01:52 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2012.01.03 18:59:36 | 000,017,340 | ---- | C] () -- C:\Windows\SysNative\iglhxs64.vp [2012.01.03 18:59:33 | 000,216,000 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin [2012.01.03 18:59:33 | 000,216,000 | ---- | C] () -- C:\Windows\SysNative\igfcg600m.bin [2012.01.03 18:59:33 | 000,075,776 | ---- | C] () -- C:\Windows\SysNative\igdde64.dll [2012.01.03 18:59:33 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll [2012.01.03 18:59:32 | 013,903,872 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll [2012.01.03 18:59:32 | 000,916,704 | ---- | C] () -- C:\Windows\SysWow64\atiumdva.cap [2012.01.03 18:59:32 | 000,916,704 | ---- | C] () -- C:\Windows\SysNative\atiumd6a.cap [2012.01.03 18:59:32 | 000,211,217 | ---- | C] () -- C:\Windows\SysNative\Gfxres.th-TH.resources [2012.01.03 18:59:32 | 000,198,037 | ---- | C] () -- C:\Windows\SysNative\Gfxres.el-GR.resources [2012.01.03 18:59:32 | 000,182,649 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ru-RU.resources [2012.01.03 18:59:32 | 000,179,992 | ---- | C] () -- C:\Windows\SysNative\difx64.exe [2012.01.03 18:59:32 | 000,156,192 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ar-SA.resources [2012.01.03 18:59:32 | 000,153,129 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ja-JP.resources [2012.01.03 18:59:32 | 000,148,981 | ---- | C] () -- C:\Windows\SysNative\Gfxres.he-IL.resources [2012.01.03 18:59:32 | 000,140,212 | ---- | C] () -- C:\Windows\SysNative\Gfxres.it-IT.resources [2012.01.03 18:59:32 | 000,138,707 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ko-KR.resources [2012.01.03 18:59:32 | 000,137,840 | ---- | C] () -- C:\Windows\SysNative\Gfxres.de-DE.resources [2012.01.03 18:59:32 | 000,137,641 | ---- | C] () -- C:\Windows\SysNative\Gfxres.es-ES.resources [2012.01.03 18:59:32 | 000,136,584 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ro-RO.resources [2012.01.03 18:59:32 | 000,135,654 | ---- | C] () -- C:\Windows\SysNative\Gfxres.fr-FR.resources [2012.01.03 18:59:32 | 000,135,357 | ---- | C] () -- C:\Windows\SysNative\Gfxres.tr-TR.resources [2012.01.03 18:59:32 | 000,134,821 | ---- | C] () -- C:\Windows\SysNative\Gfxres.pt-BR.resources [2012.01.03 18:59:32 | 000,134,407 | ---- | C] () -- C:\Windows\SysNative\Gfxres.nl-NL.resources [2012.01.03 18:59:32 | 000,134,373 | ---- | C] () -- C:\Windows\SysNative\Gfxres.hu-HU.resources [2012.01.03 18:59:32 | 000,133,841 | ---- | C] () -- C:\Windows\SysNative\Gfxres.sv-SE.resources [2012.01.03 18:59:32 | 000,133,683 | ---- | C] () -- C:\Windows\SysNative\Gfxres.pt-PT.resources [2012.01.03 18:59:32 | 000,133,381 | ---- | C] () -- C:\Windows\SysNative\Gfxres.cs-CZ.resources [2012.01.03 18:59:32 | 000,133,149 | ---- | C] () -- C:\Windows\SysNative\Gfxres.pl-PL.resources [2012.01.03 18:59:32 | 000,132,887 | ---- | C] () -- C:\Windows\SysNative\Gfxres.fi-FI.resources [2012.01.03 18:59:32 | 000,132,785 | ---- | C] () -- C:\Windows\SysNative\Gfxres.sk-SK.resources [2012.01.03 18:59:32 | 000,131,840 | ---- | C] () -- C:\Windows\SysNative\Gfxres.hr-HR.resources [2012.01.03 18:59:32 | 000,128,998 | ---- | C] () -- C:\Windows\SysNative\Gfxres.sl-SI.resources [2012.01.03 18:59:32 | 000,128,802 | ---- | C] () -- C:\Windows\SysNative\Gfxres.nb-NO.resources [2012.01.03 18:59:32 | 000,128,542 | ---- | C] () -- C:\Windows\SysNative\Gfxres.da-DK.resources [2012.01.03 18:59:32 | 000,117,657 | ---- | C] () -- C:\Windows\SysNative\Gfxres.zh-TW.resources [2012.01.03 18:59:32 | 000,116,368 | ---- | C] () -- C:\Windows\SysNative\Gfxres.zh-CN.resources [2012.01.03 18:59:32 | 000,003,914 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat [2012.01.03 18:59:32 | 000,003,914 | ---- | C] () -- C:\Windows\SysNative\atipblag.dat [2012.01.03 18:59:31 | 000,233,012 | ---- | C] () -- C:\Windows\SysNative\atiicdxx.dat [2012.01.03 18:59:31 | 000,150,136 | ---- | C] () -- C:\Windows\SysNative\atiapfxx.blb [2012.01.03 18:59:31 | 000,030,831 | ---- | C] () -- C:\Windows\atiogl.xml [2012.01.03 18:43:36 | 000,001,015 | ---- | C] () -- C:\Users\derUser\Desktop\Texmaker.lnk [2012.01.03 17:59:09 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf [2012.01.03 17:59:07 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf [2012.01.03 17:27:35 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_SynTP_01009.Wdf [2012.01.03 17:26:24 | 000,001,045 | ---- | C] () -- C:\Users\Public\Desktop\Überwachungstool für die Intel® Turbo-Boost-Technik 2.0.lnk [2012.01.03 17:21:05 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\drivers\IntelMEFWVer.dll [2012.01.03 17:21:05 | 000,008,192 | ---- | C] () -- C:\Windows\SysNative\drivers\IntelMEFWVer.dll [2012.01.03 17:18:37 | 000,022,621 | ---- | C] () -- C:\Windows\SysNative\W92HDM80.xml [2012.01.03 17:17:04 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll [2012.01.03 17:10:24 | 000,001,154 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2012.01.03 17:10:24 | 000,001,142 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2012.01.03 16:51:38 | 000,001,409 | ---- | C] () -- C:\Users\derUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk [2012.01.03 16:51:32 | 000,001,443 | ---- | C] () -- C:\Users\derUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk [2012.01.03 16:44:46 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk [2012.01.03 16:44:35 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk [2012.01.03 16:43:37 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf [2012.01.03 16:41:35 | 3148,222,464 | -HS- | C] () -- C:\hiberfil.sys [2011.10.21 17:27:54 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin [2011.10.21 17:27:54 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin [2011.05.11 23:57:52 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll [2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat [2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT [2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat [2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin [2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll [2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll [2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat ========== LOP Check ========== [2012.01.04 20:16:13 | 000,000,000 | ---D | M] -- C:\Users\derUser\AppData\Roaming\Notepad++ [2012.01.08 13:44:19 | 000,000,000 | ---D | M] -- C:\Users\derUser\AppData\Roaming\OpenOffice.org [2012.01.04 13:47:04 | 000,000,000 | ---D | M] -- C:\Users\derUser\AppData\Roaming\xm1 [2009.07.14 06:08:49 | 000,005,670 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*. > [2012.01.03 16:51:13 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin [2012.01.03 17:16:28 | 000,000,000 | ---D | M] -- C:\dell [2009.07.14 06:08:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings [2012.01.03 16:50:45 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen [2012.01.03 17:06:31 | 000,000,000 | ---D | M] -- C:\Intel [2009.07.14 04:20:08 | 000,000,000 | ---D | M] -- C:\PerfLogs [2012.01.04 20:18:51 | 000,000,000 | R--D | M] -- C:\Program Files [2012.01.09 00:36:46 | 000,000,000 | R--D | M] -- C:\Program Files (x86) [2012.01.04 20:07:59 | 000,000,000 | -H-D | M] -- C:\ProgramData [2012.01.03 16:50:45 | 000,000,000 | -HSD | M] -- C:\Programme [2012.01.03 16:50:46 | 000,000,000 | -HSD | M] -- C:\Recovery [2012.01.09 00:52:47 | 000,000,000 | -HSD | M] -- C:\System Volume Information [2012.01.03 16:50:53 | 000,000,000 | R--D | M] -- C:\Users [2012.01.04 18:22:23 | 000,000,000 | ---D | M] -- C:\Windows < %PROGRAMFILES%\*.exe > < %LOCALAPPDATA%\*.exe > < %systemroot%\*. /mp /s > < %systemroot%\system32\*.manifest /3 > < MD5 for: AFD.SYS > [2011.04.25 03:44:02 | 000,499,712 | ---- | M] (Microsoft Corporation) MD5=6EF20DDF3172E97D69F596FB90602F29 -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7600.16802_none_3430bc3977dfec2d\afd.sys [2009.07.14 00:21:42 | 000,500,224 | ---- | M] (Microsoft Corporation) MD5=B9384E03479D2506BC924C16A3DB87BC -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7600.16385_none_33dd3439781e25f7\afd.sys [2010.11.20 10:23:34 | 000,499,712 | ---- | M] (Microsoft Corporation) MD5=D31DC7A16DEA4A9BAF179F3D6FBDB38C -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17514_none_360e4801750ca991\afd.sys [2011.04.25 03:34:03 | 000,499,200 | ---- | M] (Microsoft Corporation) MD5=D5B031C308A409A0A576BFF4CF083D30 -- C:\Windows\SysNative\drivers\afd.sys [2011.04.25 03:34:03 | 000,499,200 | ---- | M] (Microsoft Corporation) MD5=D5B031C308A409A0A576BFF4CF083D30 -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.17603_none_3618198975057170\afd.sys [2011.04.25 04:09:35 | 000,499,200 | ---- | M] (Microsoft Corporation) MD5=F4AD06143EAC303F55D0E86C40802976 -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7601.21712_none_3695e61e8e2c13d4\afd.sys [2011.04.25 03:44:27 | 000,499,712 | ---- | M] (Microsoft Corporation) MD5=FBFF8B7C9D116229E9208A0D1CAEB49B -- C:\Windows\winsxs\amd64_microsoft-windows-winsock-core_31bf3856ad364e35_6.1.7600.20951_none_3483491e9126fe55\afd.sys < MD5 for: EXPLORER.EXE > [2011.02.26 07:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe [2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe [2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe [2011.02.26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe [2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe [2011.02.26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe [2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe [2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe [2011.02.26 07:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe [2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe [2009.08.03 07:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe [2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe [2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe [2009.10.31 07:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe [2009.08.03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe [2010.11.20 14:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe [2009.10.31 07:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe [2009.08.03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe [2009.07.14 02:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe [2009.10.31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe [2011.02.26 07:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe [2009.08.03 07:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe < MD5 for: REGEDIT.EXE > [2009.07.14 02:39:29 | 000,427,008 | ---- | M] (Microsoft Corporation) MD5=2E2C937846A0B8789E5E91739284D17A -- C:\Windows\winsxs\amd64_microsoft-windows-registry-editor_31bf3856ad364e35_6.1.7600.16385_none_5023a70bf589ad3e\regedit.exe [2009.07.14 02:39:29 | 000,427,008 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\regedit.exe [2009.07.14 02:14:30 | 000,398,336 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\SysWOW64\regedit.exe [2009.07.14 02:14:30 | 000,398,336 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\winsxs\wow64_microsoft-windows-registry-editor_31bf3856ad364e35_6.1.7600.16385_none_5a78515e29ea6f39\regedit.exe < MD5 for: USERINIT.EXE > [2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe [2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe [2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe [2009.07.14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe [2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe [2010.11.20 14:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe < MD5 for: WININIT.EXE > [2009.07.14 02:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe [2009.07.14 02:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe [2009.07.14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe [2009.07.14 02:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe < MD5 for: WINLOGON.EXE > [2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe [2010.11.20 14:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe [2009.07.14 02:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe [2009.10.28 08:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe [2009.10.28 07:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe < HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs > HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data] HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 < HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU > < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs > < End of report > Code:
ATTFilter OTL Extras logfile created on: 09.01.2012 00:51:33 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\derUser\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,91 Gb Total Physical Memory | 2,03 Gb Available Physical Memory | 52,01% Memory free
7,82 Gb Paging File | 5,46 Gb Available in Paging File | 69,84% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 97,56 Gb Total Space | 54,13 Gb Free Space | 55,48% Space Free | Partition Type: NTFS
Drive E: | 200,43 Gb Total Space | 179,47 Gb Free Space | 89,54% Space Free | Partition Type: NTFS
Computer Name: derUser | User Name: derUser | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{05BFB060-4F22-4710-B0A2-2801A1B606C5}" = Microsoft Antimalware
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1280E900-35DA-4E08-A700-B79A5B2B8532}" = Microsoft Antimalware Service DE-DE Language Pack
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1DDFD39E-D22B-E286-CC09-C04614D11FEB}" = ccc-utility64
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{290D4DB2-F1B4-4B8E-918D-D71EF29A001B}" = Intel(R) PROSet/Wireless WiFi-Software
"{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1" = Media Player Classic - Home Cinema v1.5.2.3456 x64
"{42738DB0-FC3E-4672-A99B-9372F5696E30}" = Microsoft Security Client
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}" = Paint.NET v3.5.10
"{56BAC4EE-B1DA-42A7-ACA5-7A353F2ED1DA}" = Validity Sensors DDK
"{57CC96D5-EC41-6CFA-9BBE-2F004C839318}" = ATI Catalyst Install Manager
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{7CE8BE79-ABC3-4B2C-9543-28ED2B0A9EA8}" = Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology
"{88157035-B4DE-7306-D5A8-447BA87DF40C}" = ATI AVIVO64 Codecs
"{90F4251E-088E-46B4-8FC2-7C9644A19811}" = AuthenTec Fingerprint Driver
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}" = Überwachungstool für die Intel® Turbo-Boost-Technik 2.0
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DC911ADF-7B60-40F2-A112-FB1EB6402D07}" = Microsoft Security Client DE-DE Language Pack
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FBCA6D68-2FBE-4A52-8EAA-856CFEA714C8}" = Intel® PROSet/Wireless WiMAX Software
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft Security Client" = Microsoft Security Essentials
"ProInst" = Intel PROSet Wireless
"SynTPDeinstKey" = Dell Touchpad
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0F4D1A90-0F37-88FF-1A19-2181C4487F3C}" = Catalyst Control Center InstallProxy
"{157655B1-F0E9-E2AF-31AA-4D73DD4BBE7C}" = CCC Help Danish
"{16FC2109-87B9-E4FB-1B28-5BFB6A0FFCF2}" = CCC Help Italian
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 30
"{28C6CB44-80FA-B7E7-69B7-8CE09F73752D}" = Catalyst Control Center Profiles Mobile
"{2D56471F-6A36-5167-C2BF-659A937A4C38}" = CCC Help Chinese Traditional
"{32796058-EB00-58D7-F2F0-A5E256190A8D}" = CCC Help Japanese
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3980034C-5A6D-A7FA-3140-D86671BAEBA1}" = Catalyst Control Center
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{42929F0F-CE14-47AF-9FC7-FF297A603021}" = Dell Resource CD
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{51DE13E9-D06D-BAFD-805E-E341CD417AE0}" = CCC Help English
"{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"{55586382-6704-4237-AAA7-85FF9C055022}" = Dell KM632 Wireless Keyboard Caps Lock Indicator
"{58309C48-B10B-451C-6B87-16544B5B6403}" = CCC Help Finnish
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6B54C6A9-8144-AE1F-2130-DE5B022F28B5}" = CCC Help French
"{73ACF2AC-C736-4CE1-16BD-0BD579854DB7}" = CCC Help Russian
"{745D37C2-26F4-4B65-BA13-F9840EBFA75B}" = Might & Magic Heroes VI
"{752889C9-BF13-8481-6F9C-3B2E4B1ACA2F}" = CCC Help Korean
"{77E94A62-2136-09E3-93C5-073AC3498713}" = CCC Help German
"{785943DC-7E16-88CF-78CE-9675FF6ACED0}" = CCC Help Spanish
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{87434D51-51DB-4109-B68F-A829ECDCF380}" = AccelerometerP11
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A0EDE2F6-1F40-8844-D824-6C7EDD9F3515}" = CCC Help Chinese Standard
"{AAF53E29-92FE-8AC5-22A6-F91844B44EEC}" = CCC Help Dutch
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.1) - Deutsch
"{AC7C97E3-042D-952B-7AD0-5CD260CF7079}" = Catalyst Control Center Localization All
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{AFEA7544-6B97-4867-A94D-1C39BA61B64F}" = Catalyst Control Center - Branding
"{B6033510-7438-A5C7-4D6C-11C46335F5EC}" = PX Profile Update
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C5EB9B5A-2964-D5A3-869A-520448200FC3}" = PowerXpressHybrid
"{C823DD73-43ED-99EC-4F3E-C8B8DAB18CB7}" = CCC Help Portuguese
"{CB4E0ED5-123E-4E0D-C1BC-B74673899D15}" = CCC Help Norwegian
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E237AC95-4D76-0A3E-BB15-2A8415A1B639}" = CCC Help Swedish
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Display Audio Driver
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"MiKTeX 2.9" = MiKTeX 2.9
"Mozilla Firefox 9.0.1 (x86 de)" = Mozilla Firefox 9.0.1 (x86 de)
"Notepad++" = Notepad++
"Texmaker" = Texmaker
"VLC media player" = VLC media player 1.1.11
"WinLiveSuite" = Windows Live Essentials
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 08.01.2012 08:40:51 | Computer Name = derUser | Source = ATIeRecord | ID = 16398
Description = ATI EEU failed to post message to CCC
Error - 08.01.2012 08:40:51 | Computer Name = derUser | Source = ATIeRecord | ID = 16398
Description = ATI EEU failed to post message to CCC
Error - 08.01.2012 08:40:51 | Computer Name = derUser | Source = ATIeRecord | ID = 16398
Description = ATI EEU failed to post message to CCC
Error - 08.01.2012 08:40:51 | Computer Name = derUser | Source = ATIeRecord | ID = 16398
Description = ATI EEU failed to post message to CCC
Error - 08.01.2012 08:45:16 | Computer Name = derUser | Source = ATIeRecord | ID = 16398
Description = ATI EEU failed to post message to CCC
Error - 08.01.2012 08:45:16 | Computer Name = derUser | Source = ATIeRecord | ID = 16398
Description = ATI EEU failed to post message to CCC
Error - 08.01.2012 14:51:21 | Computer Name = derUser | Source = ATIeRecord | ID = 16398
Description = ATI EEU failed to post message to CCC
Error - 08.01.2012 14:51:21 | Computer Name = derUser | Source = ATIeRecord | ID = 16398
Description = ATI EEU failed to post message to CCC
Error - 08.01.2012 14:51:21 | Computer Name = derUser | Source = ATIeRecord | ID = 16398
Description = ATI EEU failed to post message to CCC
Error - 08.01.2012 14:51:21 | Computer Name = derUser | Source = ATIeRecord | ID = 16398
Description = ATI EEU failed to post message to CCC
[ System Events ]
Error - 08.01.2012 09:33:00 | Computer Name = derUser | Source = Microsoft Antimalware | ID = 3002
Description = Fehler in %%860-Echtzeitschutzfunktion. Funktion: %%835 Fehlercode:
0x80004005 Fehlerbeschreibung: Unbekannter Fehler Ursache: %%842
Error - 08.01.2012 12:29:26 | Computer Name = derUser | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
Error - 08.01.2012 12:29:27 | Computer Name = derUser | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
Error - 08.01.2012 12:29:27 | Computer Name = derUser | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
Error - 08.01.2012 12:29:28 | Computer Name = derUser | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
Error - 08.01.2012 14:51:22 | Computer Name = derUser | Source = DCOM | ID = 10010
Description =
Error - 08.01.2012 14:51:55 | Computer Name = derUser | Source = DCOM | ID = 10010
Description =
Error - 08.01.2012 15:43:01 | Computer Name = derUser | Source = Microsoft Antimalware | ID = 3002
Description = Fehler in %%860-Echtzeitschutzfunktion. Funktion: %%835 Fehlercode:
0x80004005 Fehlerbeschreibung: Unbekannter Fehler Ursache: %%842
Error - 08.01.2012 15:43:51 | Computer Name = derUser | Source = DCOM | ID = 10010
Description =
Error - 08.01.2012 19:16:35 | Computer Name = derUser | Source = Microsoft Antimalware | ID = 3002
Description = Fehler in %%860-Echtzeitschutzfunktion. Funktion: %%835 Fehlercode:
0x80004005 Fehlerbeschreibung: Unbekannter Fehler Ursache: %%842
< End of report >
|
|
09.01.2012, 06:40
| #2 | |||
| /// Helfer-Team    | vlc.de --> bin ich versucht? Hallo und Herzlich Willkommen!
__________________ Bevor wir unsere Zusammenarbeit beginnen, [Bitte Vollständig lesen]: Zitat:
Wichtig: Alle Befehle bitte als Administrator ausführen! rechte Maustaste auf die Eingabeaufforderung und "als Administrator ausführen" auswählen Auf der angewählten Anwendung einen Rechtsklick (rechte Maustaste) und "Als Administrator ausführen" wählen! Zitat:
► Gibt es Probleme beim alltäglichen Einsatz mit dem Rechner? ► Da ist nichts schlimmes dabei 1. Ich würde gerne noch all deine installierten Programme sehen: Lade dir das Tool CCleaner herunter → Download installieren (Software-Lizenzvereinbarung lesen, falls angeboten wird "Füge CCleaner Yahoo! Toolbar hinzu" abwählen)→ starten→ Sprache → Deutsch auswählen dann klick auf "Extra (um die installierten Programme auch anzuzeigen)→ weiter auf "Als Textdatei speichern..." wird eine Textdatei (*.txt) erstellt, kopiere dazu den Inhalt und füge ihn da ein 2. reinige dein System mit CCleaner:
3. -> Führe dann einen Komplett-Systemcheck mit Eset Online Scanner (NOD32)Kostenlose Online Scanner durch Achtung!: >>Du sollst nicht die Antivirus-Sicherheitssoftware installieren, sondern dein System nur online scannen<< Zitat:
kira
__________________ |
|
| Themen zu vlc.de --> bin ich versucht? |
| 64-bit, adobe, autorun, explorer, failed, firefox, format, helper, home, igdpmd64.sys, infiziert, install.exe, installation, langs, logfile, microsoft security, monitor, plug-in, realtek, registry, required, rundll, scan, security, software, usb, usb 2.0, usb 3.0, version=1.0, vlc.de, webcheck, windows, windows xp, winlogon.exe, wrapper |
Linear-Darstellung
