Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Polizei Trojaner

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 30.08.2012, 11:02   #1
cboenicke
 
Polizei Trojaner - Standard

Polizei Trojaner



Hallo

Mich hat es auf einer Internetseite erwischt...
Ich bräuchte ein FIX-Script für OTL

Hier der Log von OTL

Code:
ATTFilter
OTL logfile created on: 8/29/2012 11:10:33 PM - Run 
OTLPE by OldTimer - Version 3.1.48.0     Folder = X:\Programs\OTLPE
64bit-Windows 7 Professional Service Pack 1 (Version = 6.1.7601) - Type = System
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 90.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = J: | %SystemRoot% = J:\Windows | %ProgramFiles% = J:\Program Files (x86)
Drive C: | 100.00 Mb Total Space | 75.86 Mb Free Space | 75.87% Space Free | Partition Type: NTFS
Drive D: | 100.00 Mb Total Space | 75.86 Mb Free Space | 75.87% Space Free | Partition Type: NTFS
Drive E: | 149.01 Gb Total Space | 101.60 Gb Free Space | 68.18% Space Free | Partition Type: FAT32
Drive J: | 595.95 Gb Total Space | 233.48 Gb Free Space | 39.18% Space Free | Partition Type: NTFS
Drive K: | 595.95 Gb Total Space | 233.48 Gb Free Space | 39.18% Space Free | Partition Type: NTFS
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2010/12/13 09:37:16 | 000,194,416 | ---- | M] (Microsoft Corporation) [Auto] -- J:\Program Files\Microsoft LifeCam\MSCamS64.exe -- (MSCamSvc)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto] -- J:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 21:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand] -- J:\Windows\System32\appmgmts.dll -- (AppMgmt)
SRV - [2012/08/19 17:10:39 | 000,927,840 | ---- | M] () [Auto] -- J:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.0\ToolbarUpdater.exe -- (vToolbarUpdater12.2.0)
SRV - [2012/08/14 15:27:05 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- J:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/07/19 10:51:17 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand] -- J:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/07/17 16:31:18 | 000,116,632 | ---- | M] () [Auto] -- J:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe -- (Motorola Device Manager)
SRV - [2012/07/13 07:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto] -- J:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/05/09 15:31:38 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- J:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012/05/09 15:31:37 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- J:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012/02/29 20:02:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) [Auto] -- J:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012/02/29 07:26:46 | 000,382,272 | ---- | M] (NVIDIA Corporation) [Auto] -- J:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011/09/02 10:06:38 | 000,065,657 | ---- | M] (Motorola) [Auto] -- J:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe -- (PST Service)
SRV - [2011/06/06 06:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto] -- J:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/03/04 17:24:30 | 003,246,040 | ---- | M] (Acronis) [Auto] -- J:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe -- (afcdpsrv)
SRV - [2010/11/23 01:23:44 | 001,112,240 | ---- | M] (Acronis) [Auto] -- J:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2010/11/20 08:19:20 | 000,397,824 | ---- | M] (Microsoft Corporation) [On_Demand] -- J:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2010/11/20 08:19:20 | 000,397,824 | ---- | M] (Microsoft Corporation) [Auto] -- J:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (W3SVC)
SRV - [2010/11/20 08:18:03 | 000,061,440 | ---- | M] (Microsoft Corporation) [Auto] -- J:\Windows\SysWOW64\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2010/03/18 07:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto] -- J:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled] -- J:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007/06/15 06:57:42 | 000,145,504 | ---- | M] (B.H.A Corporation) [Auto] -- J:\Windows\SysWOW64\bgsvcgen.exe -- (bgsvcgen)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012/08/19 17:10:40 | 000,031,080 | ---- | M] (AVG Technologies) [Kernel | System] -- J:\Windows\System32\drivers\avgtpx64.sys -- (avgtp)
DRV:64bit: - [2012/06/11 05:56:34 | 000,022,016 | ---- | M] (Motorola Mobility Inc) [Kernel | On_Demand] -- J:\Windows\System32\drivers\motccgp.sys -- (motccgp)
DRV:64bit: - [2012/06/08 10:09:12 | 000,027,136 | ---- | M] (Motorola Mobility Inc) [Kernel | On_Demand] -- J:\Windows\System32\drivers\Motousbnet.sys -- (Motousbnet)
DRV:64bit: - [2012/06/08 10:08:54 | 000,008,832 | ---- | M] (Motorola) [Kernel | On_Demand] -- J:\Windows\System32\drivers\motswch.sys -- (MotoSwitchService)
DRV:64bit: - [2012/06/08 10:08:28 | 000,031,232 | ---- | M] (Motorola Mobility Inc) [Kernel | On_Demand] -- J:\Windows\System32\drivers\motmodem.sys -- (motmodem)
DRV:64bit: - [2012/05/09 15:31:38 | 000,132,832 | ---- | M] (Avira GmbH) [Kernel | System] -- J:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2012/05/09 15:31:38 | 000,098,848 | ---- | M] (Avira GmbH) [File_System | Auto] -- J:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2012/01/25 08:57:46 | 000,009,728 | ---- | M] (Motorola Mobility Inc) [Kernel | On_Demand] -- J:\Windows\System32\drivers\motccgpfl.sys -- (motccgpfl)
DRV:64bit: - [2012/01/17 08:45:56 | 000,188,224 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- J:\Windows\System32\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2011/11/08 07:59:12 | 000,011,776 | ---- | M] (Motorola Inc) [Kernel | On_Demand] -- J:\Windows\System32\drivers\motusbdevice.sys -- (motusbdevice)
DRV:64bit: - [2011/09/16 11:08:07 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System] -- J:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2011/03/04 17:24:31 | 000,285,280 | ---- | M] (Acronis) [File_System | On_Demand] -- J:\Windows\System32\drivers\afcdp.sys -- (afcdp)
DRV:64bit: - [2011/03/04 17:24:28 | 001,263,200 | ---- | M] (Acronis) [Kernel | Boot] -- J:\Windows\System32\drivers\tdrpm273.sys -- (tdrpman273) Acronis Try&Decide and Restore Points filter (build 273)
DRV:64bit: - [2011/03/04 17:24:25 | 000,970,336 | ---- | M] (Acronis) [Kernel | Boot] -- J:\Windows\System32\drivers\timntr.sys -- (timounter)
DRV:64bit: - [2011/03/04 17:24:19 | 000,277,088 | ---- | M] (Acronis) [Kernel | Boot] -- J:\Windows\System32\drivers\snapman.sys -- (snapman)
DRV:64bit: - [2010/12/02 17:30:36 | 000,031,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- J:\Windows\System32\drivers\nx6000.sys -- (MSHUSBVideo)
DRV:64bit: - [2010/11/20 07:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- J:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/06/14 04:32:54 | 000,016,448 | ---- | M] (Teruten Inc) [File_System | On_Demand] -- J:\Windows\System32\drivers\TFsExDisk.sys -- (TFsExDisk)
DRV:64bit: - [2010/04/26 22:25:20 | 000,172,104 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- J:\Windows\System32\drivers\sscdmdm.sys -- (sscdmdm)
DRV:64bit: - [2010/04/26 22:25:20 | 000,136,264 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- J:\Windows\System32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
DRV:64bit: - [2010/04/26 22:25:20 | 000,019,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- J:\Windows\System32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV:64bit: - [2010/02/24 06:20:40 | 000,191,616 | ---- | M] (Protect Software GmbH) [Kernel | Auto] -- J:\Windows\System32\drivers\acedrv11.sys -- (acedrv11)
DRV:64bit: - [2009/12/28 05:39:22 | 000,834,544 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot] -- J:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2009/10/25 05:13:04 | 000,314,016 | ---- | M] () [Kernel | Auto] -- J:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV:64bit: - [2009/10/25 05:13:04 | 000,043,680 | ---- | M] () [Kernel | Auto] -- J:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV:64bit: - [2009/07/10 08:06:50 | 000,031,744 | ---- | M] (Motorola) [Kernel | On_Demand] -- J:\Windows\System32\drivers\motoandroid.sys -- (motandroidusb)
DRV:64bit: - [2009/06/10 16:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand] -- J:\Windows\System32\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- J:\Windows\system32\DRIVERS\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- J:\Windows\system32\DRIVERS\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- J:\Windows\System32\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/05/18 05:32:26 | 000,231,224 | ---- | M] (Advanced Micro Devices, Inc) [Kernel | Boot] -- J:\Windows\System32\drivers\ahcix64s.sys -- (ahcix64s)
DRV:64bit: - [2009/05/04 12:30:28 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot] -- J:\Windows\System32\drivers\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO)
DRV:64bit: - [2009/04/03 00:39:58 | 000,034,872 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand] -- J:\Windows\System32\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2009/03/01 17:05:32 | 000,187,392 | ---- | M] (Realtek Corporation                                            ) [Kernel | On_Demand] -- J:\Windows\System32\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/01/29 12:11:38 | 000,006,144 | ---- | M] (Motorola Inc) [Kernel | On_Demand] -- J:\Windows\System32\drivers\motfilt.sys -- (BTCFilterService)
DRV:64bit: - [2008/10/13 15:14:04 | 000,226,320 | R--- | M] (Advanced Micro Devices, Inc) [Kernel | Boot] -- J:\Windows\System32\drivers\ahcix64.sys -- (ahcix64)
DRV:64bit: - [2007/10/22 02:58:43 | 000,011,576 | R--- | M] (Samsung Electronics) [Kernel | Auto] -- J:\Windows\System32\drivers\SSPORT.SYS -- (SSPORT)
DRV:64bit: - [2007/10/22 02:55:45 | 000,054,072 | R--- | M] (Samsung Electronics) [Kernel | Auto] -- J:\Windows\System32\drivers\DgivEcp.sys -- (DgiVecp)
DRV:64bit: - [2006/11/10 09:08:58 | 000,030,720 | ---- | M] () [Kernel | On_Demand] -- J:\Windows\System32\drivers\ATITool64.sys -- (ATITool)
DRV:64bit: - [2005/09/23 17:18:34 | 000,261,120 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand] -- J:\Windows\System32\drivers\MarvinBus64.sys -- (MarvinBus)
DRV - [2011/03/18 14:15:52 | 000,012,400 | ---- | M] (Macrovision Europe Ltd) [Kernel | Auto] -- J:\Windows\SysWOW64\drivers\SECDRV.SYS -- (SecDrv)
DRV - [2010/06/14 04:32:54 | 000,016,448 | ---- | M] (Teruten Inc) [File_System | On_Demand] -- J:\Windows\SysWOW64\drivers\TFsExDisk.Sys -- (TFsExDisk)
DRV - [2009/10/17 12:52:43 | 000,024,072 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand] -- J:\Windows\gdrv.sys -- (gdrv)
DRV - [2005/10/11 15:20:56 | 000,019,328 | ---- | M] (Insyde Software) [Kernel | On_Demand] -- J:\Users\cboenicke\AppData\Local\Temp\iscFB73tmp\iscflash.sys -- (iscFlash)
DRV - [2004/10/25 14:02:58 | 000,021,664 | ---- | M] (EnTech Taiwan) [Kernel | Disabled] -- J:\Windows\SysWOW64\drivers\Entech.sys -- (.nevplaute)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\cboenicke_ON_K\Software\Microsoft\Internet Explorer\Main,Start Page = https://isearch.avg.com/?cid={FDD96C34-E689-462F-AFCE-69F8B650AC49}&mid=97d41fb7dc4147d0b5edd16d5b992893-58e9572a44b463339b04f638b48ad89add75d220&lang=de&ds=bm015&pr=sa&d=2012-08-19 23:10:41&v=12.2.0.5&sap=hp
IE - HKU\cboenicke_ON_K\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\cboenicke_ON_K\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\cboenicke_ON_K\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = EF 82 3D 43 8C 78 CC 01  [binary data]
IE - HKU\cboenicke_ON_K\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
 
 
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "AVG Secure Search"
FF - prefs.js..browser.search.selectedEngine: "AVG Secure Search"
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: J:\Windows\System32\Macromed\Flash\NPSWF64_11_3_300_271.dll ()
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE:  File not found
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer: J:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer: J:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: J:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\12.2.0\\npsitesafety.dll ()
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin: J:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: J:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: J:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: J:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE:  File not found
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision: J:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming: J:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@real.com/nppl3260;version=6.0.12.448: J:\Program Files (x86)\Win7codecs\rm\Browser\Plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: J:\Program Files (x86)\Win7codecs\rm\Browser\Plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3: J:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9: J:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\Adobe Reader: J:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\12.2.0.5\ [2012/08/19 17:10:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/07/19 10:51:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/07/17 16:48:03 | 000,000,000 | ---D | M]
 
[2010/03/13 18:30:44 | 000,000,000 | ---D | M] (No name found) -- J:\Users\cboenicke\AppData\Roaming\Mozilla\Extensions
[2012/08/22 15:34:32 | 000,000,000 | ---D | M] (No name found) -- J:\Users\cboenicke\AppData\Roaming\Mozilla\Firefox\Profiles\gp5v1t8c.default\extensions
[2012/08/22 15:34:32 | 000,000,000 | ---D | M] (Blue Fox) -- J:\Users\cboenicke\AppData\Roaming\Mozilla\Firefox\Profiles\gp5v1t8c.default\extensions\{241aae70-0022-11de-87af-0800200c9a66}
[2012/05/22 14:26:20 | 000,000,000 | ---D | M] (Bloody Red) -- J:\Users\cboenicke\AppData\Roaming\Mozilla\Firefox\Profiles\gp5v1t8c.default\extensions\{2458abc0-f443-11dd-87af-0800200c9a66}
[2012/05/09 15:38:50 | 000,000,000 | ---D | M] (FT GraphiteGlow) -- J:\Users\cboenicke\AppData\Roaming\Mozilla\Firefox\Profiles\gp5v1t8c.default\extensions\{99e34760-2754-11e0-91fa-0800200c9a66}
[2011/11/02 10:33:47 | 000,000,000 | ---D | M] (20-20 3D Viewer - IKEA) -- J:\Users\cboenicke\AppData\Roaming\Mozilla\Firefox\Profiles\gp5v1t8c.default\extensions\2020Player_IKEA@2020Technologies.com
[2012/06/20 23:49:53 | 000,000,000 | ---D | M] (LavaFox V2-Blue) -- J:\Users\cboenicke\AppData\Roaming\Mozilla\Firefox\Profiles\gp5v1t8c.default\extensions\djziggy@gmail.com
[2012/03/18 05:03:54 | 000,000,000 | ---D | M] (Softonic Toolbar) -- J:\Users\cboenicke\AppData\Roaming\Mozilla\Firefox\Profiles\gp5v1t8c.default\extensions\ffxtlbra@softonic.com
[2012/01/08 11:52:47 | 000,000,000 | ---D | M] (No name found) -- J:\Program Files (x86)\Mozilla Firefox\extensions
File not found (No name found) -- 
[2012/07/19 10:51:18 | 000,136,672 | ---- | M] (Mozilla Foundation) -- J:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/10/02 23:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- J:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2012/02/25 21:32:09 | 000,001,392 | ---- | M] () -- J:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012/08/19 17:10:37 | 000,003,751 | ---- | M] () -- J:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
[2012/02/25 21:32:09 | 000,002,252 | ---- | M] () -- J:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/02/25 21:32:09 | 000,001,153 | ---- | M] () -- J:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012/02/25 21:32:09 | 000,006,805 | ---- | M] () -- J:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012/02/25 21:32:09 | 000,001,178 | ---- | M] () -- J:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012/02/25 21:32:09 | 000,001,105 | ---- | M] () -- J:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - J:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - J:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - J:\Program Files (x86)\AVG Secure Search\12.2.0.5\AVG Secure Search_toolbar.dll ()
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - J:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Softonic Helper Object) - {E87806B5-E908-45FD-AF5E-957D83E58E68} - J:\Program Files (x86)\Softonic\softonic\1.5.11.5\bh\softonic.dll (Softonic.com)
O3 - HKLM\..\Toolbar: (Softonic Toolbar) - {5018CFD2-804D-4C99-9F81-25EAEA2769DE} - J:\Program Files (x86)\Softonic\softonic\1.5.11.5\softonicTlbr.dll (Softonic.com)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - J:\Program Files (x86)\AVG Secure Search\12.2.0.5\AVG Secure Search_toolbar.dll ()
O4:64bit: - HKLM..\Run: [Acronis Scheduler2 Service] J:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
O4 - HKLM..\Run: [3170 Scan2PC] J:\Windows\twain_32\Samsung\CLX3170\Scan2Pc.exe ()
O4 - HKLM..\Run: [amd_dc_opt] J:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
O4 - HKLM..\Run: [avgnt] J:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [LifeCam] J:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [mumservice]  File not found
O4 - HKLM..\Run: [NPSStartup]  File not found
O4 - HKLM..\Run: [ROC_roc_ssl_v12] J:\Program Files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe ()
O4 - HKLM..\Run: [Samsung PanelMgr] J:\Windows\Samsung\PanelMgr\SSMMgr.exe ()
O4 - HKLM..\Run: [SAOB Monitor] J:\Program Files (x86)\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe (Acronis)
O4 - HKLM..\Run: [Smart File Advisor] J:\Program Files (x86)\Smart File Advisor\sfa.exe (Filefacts.net)
O4 - HKLM..\Run: [SysMetrix]  File not found
O4 - HKLM..\Run: [TrueImageMonitor.exe] J:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
O4 - HKLM..\Run: [vProt] J:\Program Files (x86)\AVG Secure Search\vprot.exe ()
O4 - HKU\cboenicke_ON_K..\Run: [DAEMON Tools Lite] J:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\cboenicke_ON_K..\Run: [RGSC]  File not found
O4 - HKU\DefaultAppPool_ON_K..\Run: [Sidebar] J:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\LocalService_ON_K..\Run: [Sidebar] J:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\NetworkService_ON_K..\Run: [Sidebar] J:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\UpdatusUser_ON_K..\Run: [Sidebar] J:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\DefaultAppPool_ON_K..\RunOnce: [mctadmin]  File not found
O4 - HKU\LocalService_ON_K..\RunOnce: [mctadmin]  File not found
O4 - HKU\NetworkService_ON_K..\RunOnce: [mctadmin]  File not found
O4 - HKU\UpdatusUser_ON_K..\RunOnce: [mctadmin]  File not found
O4 - Startup: J:\Users\cboenicke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk ()
O4 - Startup: J:\Users\cboenicke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Startup.event ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKU\cboenicke_ON_K\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0
O7 - HKU\cboenicke_ON_K\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: SmarThru4 Als HTML speichern - J:\Program Files (x86)\SmarThru 4\WEBCapture.dll1.htm ()
O8:64bit: - Extra context menu item: SmarThru4 Auswahl erfassen - J:\Program Files (x86)\SmarThru 4\WEBCapture.dll2.htm ()
O8:64bit: - Extra context menu item: SmarThru4 Capture Selection - J:\Program Files (x86)\SmarThru 4\x64\WEBCapture.dll2.htm ()
O8:64bit: - Extra context menu item: SmarThru4 Markierten Text speichern - J:\Program Files (x86)\SmarThru 4\WEBCapture.dll.htm ()
O8:64bit: - Extra context menu item: SmarThru4 Save as HTML - J:\Program Files (x86)\SmarThru 4\x64\WEBCapture.dll1.htm ()
O8:64bit: - Extra context menu item: SmarThru4 Save Selected Text - J:\Program Files (x86)\SmarThru 4\x64\WEBCapture.dll.htm ()
O8:64bit: - Extra context menu item: SmarThru4 Web Capture - J:\Program Files (x86)\SmarThru 4\WebCapture.dll ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - J:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: SmarThru4 Als HTML speichern - J:\Program Files (x86)\SmarThru 4\WEBCapture.dll1.htm ()
O8 - Extra context menu item: SmarThru4 Auswahl erfassen - J:\Program Files (x86)\SmarThru 4\WEBCapture.dll2.htm ()
O8 - Extra context menu item: SmarThru4 Capture Selection - J:\Program Files (x86)\SmarThru 4\x64\WEBCapture.dll2.htm ()
O8 - Extra context menu item: SmarThru4 Markierten Text speichern - J:\Program Files (x86)\SmarThru 4\WEBCapture.dll.htm ()
O8 - Extra context menu item: SmarThru4 Save as HTML - J:\Program Files (x86)\SmarThru 4\x64\WEBCapture.dll1.htm ()
O8 - Extra context menu item: SmarThru4 Save Selected Text - J:\Program Files (x86)\SmarThru 4\x64\WEBCapture.dll.htm ()
O8 - Extra context menu item: SmarThru4 Web Capture - J:\Program Files (x86)\SmarThru 4\WebCapture.dll ()
O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} -  File not found
O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} -  File not found
O13:64bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 10.5.1)
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - J:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - J:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - J:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKU\cboenicke_ON_K Winlogon: Shell - (explorer.exe) - J:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKU\cboenicke_ON_K Winlogon: Shell - (C:\Users\cboenicke\AppData\Roaming\msconfig.dat) - J:\Users\cboenicke\AppData\Roaming\msconfig.dat ()
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{6397a6f7-bcec-11de-8387-00241d7dc160}\Shell - "" = AutoRun
O33 - MountPoints2\{6397a6f7-bcec-11de-8387-00241d7dc160}\Shell\AutoRun\command - "" = F:\Autorun.exe
O33 - MountPoints2\{7bd9f448-e75b-11e0-ba82-00241d7dc160}\Shell - "" = AutoRun
O33 - MountPoints2\{7bd9f448-e75b-11e0-ba82-00241d7dc160}\Shell\AutoRun\command - "" = N:\setup.exe -a
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
64bit: O35 - HKLM\..comfile [open] -- "%1" %* File not found
64bit: O35 - HKLM\..exefile [open] -- "%1" %* File not found
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
NetSvcs:64bit: AppMgmt - J:\Windows\System32\appmgmts.dll (Microsoft Corporation)
 
MsConfig:64bit - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^PHOTOfunSTUDIO 4.0 HD Edition.lnk - J:\Program Files (x86)\Panasonic\PHOTOfunSTUDIO 4.0 HD\AutoStartupService.exe - (Panasonic Corporation)
MsConfig:64bit - StartUpFolder: C:^Users^cboenicke^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office Groove.lnk - J:\Program Files (x86)\Microsoft Office\Office12\GROOVE.EXE - (Microsoft Corporation)
MsConfig:64bit - StartUpReg: GrooveMonitor - hkey= - key= - J:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
MsConfig:64bit - StartUpReg: Steam - hkey= - key= - J:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
MsConfig:64bit - State: "startup" - 2
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012/08/26 07:20:30 | 000,000,000 | ---D | C] -- J:\Users\cboenicke\Documents\WB Games
[2012/08/26 07:18:52 | 000,000,000 | ---D | C] -- J:\Users\cboenicke\AppData\Local\Downloaded Installations
[2012/08/26 07:16:29 | 000,000,000 | ---D | C] -- J:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
[2012/08/20 15:51:02 | 000,000,000 | ---D | C] -- J:\Users\cboenicke\Desktop\Neuer Ordner (4)
[2012/08/19 17:10:52 | 000,000,000 | ---D | C] -- J:\Users\cboenicke\AppData\Local\AVG Secure Search
[2012/08/19 17:10:49 | 000,000,000 | ---D | C] -- J:\ProgramData\AVG Secure Search
[2012/08/19 17:10:40 | 000,031,080 | ---- | C] (AVG Technologies) -- J:\Windows\System32\drivers\avgtpx64.sys
[2012/08/19 17:10:38 | 000,000,000 | ---D | C] -- J:\Program Files (x86)\Common Files\AVG Secure Search
[2012/08/19 17:10:38 | 000,000,000 | ---D | C] -- J:\Program Files (x86)\AVG Secure Search
[2012/08/19 17:10:09 | 000,000,000 | -H-D | C] -- J:\ProgramData\Common Files
[2012/08/19 17:10:01 | 000,000,000 | ---D | C] -- J:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Split And Merge
[2012/08/19 17:10:00 | 000,000,000 | ---D | C] -- J:\Program Files (x86)\pdfsam
[2012/08/19 16:45:35 | 000,000,000 | ---D | C] -- J:\Users\cboenicke\AppData\Local\Motorola
[2012/08/19 09:06:12 | 000,000,000 | ---D | C] -- J:\ProgramData\Motorola
[2012/08/19 08:45:04 | 000,000,000 | ---D | C] -- J:\ProgramData\Microsoft\Windows\Start Menu\Programs\Motorola
[2012/08/19 08:43:37 | 000,000,000 | ---D | C] -- J:\ProgramData\Microsoft\Windows\Start Menu\Programs\Motorola MMCP Drivers Installer
[2012/08/19 08:43:12 | 000,000,000 | ---D | C] -- J:\Users\cboenicke\AppData\Roaming\Motorola Mobility
[2012/08/19 08:42:47 | 000,000,000 | ---D | C] -- J:\Program Files (x86)\Common Files\MSSoap
[2012/08/19 08:42:47 | 000,000,000 | ---D | C] -- J:\Program Files (x86)\Motorola Mobility
[2012/08/19 08:39:58 | 000,000,000 | ---D | C] -- J:\Program Files\Motorola Inc
[2012/08/19 08:38:24 | 000,000,000 | ---D | C] -- J:\Users\cboenicke\AppData\Roaming\Motorola
[2012/08/15 16:24:09 | 000,096,768 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\mshtmled.dll
[2012/08/15 16:24:09 | 000,073,216 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\mshtmled.dll
[2012/08/15 16:24:08 | 000,237,056 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\url.dll
[2012/08/15 16:24:08 | 000,231,936 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\url.dll
[2012/08/15 16:24:07 | 000,248,320 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\ieui.dll
[2012/08/15 16:24:07 | 000,176,640 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\ieui.dll
[2012/08/15 16:24:07 | 000,173,056 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\ieUnatt.exe
[2012/08/15 16:24:06 | 002,312,704 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\jscript9.dll
[2012/08/15 16:24:06 | 001,494,528 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\inetcpl.cpl
[2012/08/15 16:24:06 | 001,427,968 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\inetcpl.cpl
[2012/08/15 16:24:06 | 000,142,848 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\ieUnatt.exe
[2012/08/15 16:24:05 | 001,800,704 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\jscript9.dll
[2012/08/15 16:24:05 | 000,816,640 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\jscript.dll
[2012/08/15 16:24:05 | 000,717,824 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\jscript.dll
[2012/08/15 16:19:30 | 000,000,000 | ---D | C] -- J:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2012/08/15 16:19:01 | 000,503,808 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\srcore.dll
[2012/08/15 16:18:58 | 000,751,104 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\win32spl.dll
[2012/08/15 16:18:58 | 000,492,032 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\win32spl.dll
[2012/08/15 16:18:58 | 000,067,072 | ---- | C] (Microsoft Corporation) -- J:\Windows\splwow64.exe
[2012/08/15 16:18:55 | 000,073,216 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\netapi32.dll
[2012/08/15 16:18:55 | 000,059,392 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\browcli.dll
[2012/08/15 16:18:55 | 000,041,984 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\browcli.dll
[2012/08/15 16:18:43 | 000,956,928 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\localspl.dll
[2012/08/12 08:39:04 | 000,000,000 | ---D | C] -- J:\Users\cboenicke\Desktop\Neuer Ordner (3)
[2012/08/12 08:16:00 | 000,000,000 | ---D | C] -- J:\Users\cboenicke\Desktop\Neuer Ordner (2)
[2012/08/05 18:19:43 | 000,159,232 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\imagehlp.dll
[2012/08/05 18:19:43 | 000,081,408 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\imagehlp.dll
[2012/08/05 18:19:43 | 000,023,408 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\drivers\fs_rec.sys
[2012/08/05 18:19:42 | 000,220,672 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\wintrust.dll
[2012/08/05 18:19:42 | 000,172,544 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\wintrust.dll
[2012/08/05 18:10:10 | 001,544,704 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\DWrite.dll
[2012/08/05 18:10:10 | 001,077,248 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\DWrite.dll
[2012/08/05 18:10:05 | 000,002,048 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\msxml3r.dll
[2012/08/05 18:10:05 | 000,002,048 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\msxml3r.dll
[2012/08/05 18:09:21 | 001,462,272 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\crypt32.dll
[2012/08/05 18:09:20 | 000,140,288 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\cryptnet.dll
[2012/08/05 18:07:06 | 000,307,200 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\ncrypt.dll
[2012/08/05 18:07:06 | 000,219,136 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\ncrypt.dll
[2012/08/05 18:06:49 | 005,559,664 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\ntoskrnl.exe
[2012/08/05 18:06:48 | 003,968,368 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\ntkrnlpa.exe
[2012/08/05 18:06:48 | 003,913,072 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\ntoskrnl.exe
[2012/08/05 18:06:39 | 000,805,376 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\cdosys.dll
[2012/08/05 18:06:38 | 001,133,568 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\cdosys.dll
[2012/08/05 18:06:32 | 003,216,384 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\msi.dll
[2012/08/05 18:06:31 | 002,342,400 | ---- | C] (Microsoft Corporation) -- J:\Windows\SysWow64\msi.dll
[2012/08/05 18:06:12 | 000,149,504 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\rdpcorekmts.dll
[2012/08/05 18:06:11 | 000,077,312 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\rdpwsx.dll
[2012/08/05 18:06:11 | 000,009,216 | ---- | C] (Microsoft Corporation) -- J:\Windows\System32\rdrmemptylst.exe
[2 J:\Windows\*.tmp files -> J:\Windows\*.tmp -> ]
[2 J:\*.tmp files -> J:\*.tmp -> ]
[1 J:\Users\cboenicke\Desktop\*.tmp files -> J:\Users\cboenicke\Desktop\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012/08/29 12:10:39 | 000,000,045 | ---- | M] () -- J:\Users\cboenicke\AppData\Roaming\msconfig.ini
[2012/08/29 11:51:53 | 000,015,376 | -H-- | M] () -- J:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/08/29 11:51:53 | 000,015,376 | -H-- | M] () -- J:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/08/29 11:49:13 | 000,764,044 | ---- | M] () -- J:\Windows\System32\perfh007.dat
[2012/08/29 11:49:13 | 000,707,348 | ---- | M] () -- J:\Windows\System32\perfh009.dat
[2012/08/29 11:49:13 | 000,171,162 | ---- | M] () -- J:\Windows\System32\perfc007.dat
[2012/08/29 11:49:13 | 000,139,436 | ---- | M] () -- J:\Windows\System32\perfc009.dat
[2012/08/29 11:44:22 | 000,001,112 | ---- | M] () -- J:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/08/29 11:44:08 | 000,067,584 | --S- | M] () -- J:\Windows\bootstat.dat
[2012/08/29 11:43:59 | 2140,454,911 | -HS- | M] () -- J:\hiberfil.sys
[2012/08/28 15:28:02 | 000,001,116 | ---- | M] () -- J:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/08/27 17:27:00 | 000,000,884 | ---- | M] () -- J:\Windows\tasks\Adobe Flash Player Updater.job
[2012/08/26 07:16:30 | 000,000,000 | R--D | M] -- J:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
[2012/08/26 07:16:29 | 000,000,000 | ---D | M] -- J:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
[2012/08/26 07:16:14 | 000,001,346 | ---- | M] () -- J:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live ID.lnk
[2012/08/26 06:21:53 | 000,000,221 | ---- | M] () -- J:\Users\cboenicke\Desktop\Batman Arkham City.url
[2012/08/19 17:10:40 | 000,031,080 | ---- | M] (AVG Technologies) -- J:\Windows\System32\drivers\avgtpx64.sys
[2012/08/19 17:10:01 | 000,000,000 | ---D | M] -- J:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Split And Merge
[2012/08/19 16:47:53 | 000,000,000 | -H-- | M] () -- J:\Windows\System32\drivers\Msft_Kernel_motoandroid_01007.Wdf
[2012/08/19 09:07:33 | 000,000,000 | -H-- | M] () -- J:\Windows\System32\drivers\Msft_Kernel_motmodem_01007.Wdf
[2012/08/19 09:07:17 | 000,000,000 | -H-- | M] () -- J:\Windows\System32\drivers\Msft_Kernel_motfilt_01007.Wdf
[2012/08/19 09:07:15 | 000,000,000 | -H-- | M] () -- J:\Windows\System32\drivers\Msft_Kernel_Motousbnet_01007.Wdf
[2012/08/19 09:06:11 | 000,000,000 | -H-- | M] () -- J:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2012/08/19 09:05:39 | 000,000,000 | -H-- | M] () -- J:\Windows\System32\drivers\Msft_Kernel_motccgpfl_01007.Wdf
[2012/08/19 09:05:39 | 000,000,000 | -H-- | M] () -- J:\Windows\System32\drivers\Msft_Kernel_motccgp_01007.Wdf
[2012/08/19 09:05:01 | 000,000,000 | -H-- | M] () -- J:\Windows\System32\drivers\Msft_Kernel_motusbdevice_01007.Wdf
[2012/08/19 08:45:10 | 000,002,056 | ---- | M] () -- J:\Users\Public\Desktop\Motorola Software Update.lnk
[2012/08/19 08:45:10 | 000,000,000 | ---D | M] -- J:\ProgramData\Microsoft\Windows\Start Menu\Programs\Motorola
[2012/08/19 08:43:37 | 000,000,000 | ---D | M] -- J:\ProgramData\Microsoft\Windows\Start Menu\Programs\Motorola MMCP Drivers Installer
[2012/08/16 06:46:22 | 000,535,144 | ---- | M] () -- J:\Windows\System32\FNTCACHE.DAT
[2012/08/15 16:43:37 | 000,267,696 | ---- | M] () -- J:\Users\cboenicke\Desktop\Baugenehmigung.pdf
[2012/08/15 16:19:30 | 000,000,000 | ---D | M] -- J:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2012/08/14 15:27:04 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- J:\Windows\SysWow64\FlashPlayerApp.exe
[2012/08/14 15:27:04 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- J:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/08/12 15:42:00 | 000,207,087 | ---- | M] () -- J:\Users\cboenicke\Desktop\Steinstr.55 WE DG.JPG
[2012/08/12 15:35:34 | 002,238,370 | ---- | M] () -- J:\Users\cboenicke\Desktop\kaufvertrag 3e.pdf
[2012/08/08 18:06:08 | 000,064,510 | ---- | M] () -- J:\Users\cboenicke\Desktop\airberlin - Flug nach Palma und retour.pdf
[2 J:\Windows\*.tmp files -> J:\Windows\*.tmp -> ]
[2 J:\*.tmp files -> J:\*.tmp -> ]
[1 J:\Users\cboenicke\Desktop\*.tmp files -> J:\Users\cboenicke\Desktop\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012/08/28 16:08:14 | 000,000,045 | ---- | C] () -- J:\Users\cboenicke\AppData\Roaming\msconfig.ini
[2012/08/26 07:16:14 | 000,001,346 | ---- | C] () -- J:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live ID.lnk
[2012/08/26 06:21:53 | 000,000,221 | ---- | C] () -- J:\Users\cboenicke\Desktop\Batman Arkham City.url
[2012/08/19 16:47:53 | 000,000,000 | -H-- | C] () -- J:\Windows\System32\drivers\Msft_Kernel_motoandroid_01007.Wdf
[2012/08/19 09:07:33 | 000,000,000 | -H-- | C] () -- J:\Windows\System32\drivers\Msft_Kernel_motmodem_01007.Wdf
[2012/08/19 09:07:17 | 000,000,000 | -H-- | C] () -- J:\Windows\System32\drivers\Msft_Kernel_motfilt_01007.Wdf
[2012/08/19 09:07:15 | 000,000,000 | -H-- | C] () -- J:\Windows\System32\drivers\Msft_Kernel_Motousbnet_01007.Wdf
[2012/08/19 09:06:11 | 000,000,000 | -H-- | C] () -- J:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2012/08/19 09:05:39 | 000,000,000 | -H-- | C] () -- J:\Windows\System32\drivers\Msft_Kernel_motccgpfl_01007.Wdf
[2012/08/19 09:05:39 | 000,000,000 | -H-- | C] () -- J:\Windows\System32\drivers\Msft_Kernel_motccgp_01007.Wdf
[2012/08/19 09:05:01 | 000,000,000 | -H-- | C] () -- J:\Windows\System32\drivers\Msft_Kernel_motusbdevice_01007.Wdf
[2012/08/19 08:45:10 | 000,002,056 | ---- | C] () -- J:\Users\Public\Desktop\Motorola Software Update.lnk
[2012/08/15 16:43:37 | 000,267,696 | ---- | C] () -- J:\Users\cboenicke\Desktop\Baugenehmigung.pdf
[2012/08/12 15:42:00 | 000,207,087 | ---- | C] () -- J:\Users\cboenicke\Desktop\Steinstr.55 WE DG.JPG
[2012/08/12 15:35:34 | 002,238,370 | ---- | C] () -- J:\Users\cboenicke\Desktop\kaufvertrag 3e.pdf
[2012/08/08 18:06:07 | 000,064,510 | ---- | C] () -- J:\Users\cboenicke\Desktop\airberlin - Flug nach Palma und retour.pdf
[2012/02/29 07:26:56 | 000,416,064 | ---- | C] () -- J:\Windows\SysWow64\nvStreaming.exe
[2012/01/13 13:09:28 | 000,080,384 | ---- | C] () -- J:\Users\cboenicke\AppData\Roaming\msconfig.dat
[2011/09/28 11:44:14 | 000,179,271 | ---- | C] () -- J:\Windows\SysWow64\xlive.dll.cat
[2011/09/19 09:03:40 | 000,045,056 | ---- | C] () -- J:\Windows\SysWow64\rtvcvfw32.dll
[2011/08/31 11:28:48 | 000,252,928 | ---- | C] () -- J:\Windows\SysWow64\DShowRdpFilter.dll
[2011/03/18 14:14:49 | 000,000,530 | ---- | C] () -- J:\Windows\eReg.dat
[2010/04/19 12:45:40 | 000,111,932 | ---- | C] () -- J:\Windows\SysWow64\EPPICPrinterDB.dat
[2010/04/19 12:45:40 | 000,031,053 | ---- | C] () -- J:\Windows\SysWow64\EPPICPattern131.dat
[2010/04/19 12:45:40 | 000,027,417 | ---- | C] () -- J:\Windows\SysWow64\EPPICPattern121.dat
[2010/04/19 12:45:40 | 000,026,154 | ---- | C] () -- J:\Windows\SysWow64\EPPICPattern1.dat
[2010/04/19 12:45:40 | 000,024,903 | ---- | C] () -- J:\Windows\SysWow64\EPPICPattern3.dat
[2010/04/19 12:45:40 | 000,021,390 | ---- | C] () -- J:\Windows\SysWow64\EPPICPattern5.dat
[2010/04/19 12:45:40 | 000,020,148 | ---- | C] () -- J:\Windows\SysWow64\EPPICPattern2.dat
[2010/04/19 12:45:40 | 000,011,811 | ---- | C] () -- J:\Windows\SysWow64\EPPICPattern4.dat
[2010/04/19 12:45:40 | 000,004,943 | ---- | C] () -- J:\Windows\SysWow64\EPPICPattern6.dat
[2010/04/19 12:45:40 | 000,001,146 | ---- | C] () -- J:\Windows\SysWow64\EPPICPresetData_DU.dat
[2010/04/19 12:45:40 | 000,001,139 | ---- | C] () -- J:\Windows\SysWow64\EPPICPresetData_PT.dat
[2010/04/19 12:45:40 | 000,001,139 | ---- | C] () -- J:\Windows\SysWow64\EPPICPresetData_BP.dat
[2010/04/19 12:45:40 | 000,001,136 | ---- | C] () -- J:\Windows\SysWow64\EPPICPresetData_ES.dat
[2010/04/19 12:45:40 | 000,001,129 | ---- | C] () -- J:\Windows\SysWow64\EPPICPresetData_FR.dat
[2010/04/19 12:45:40 | 000,001,129 | ---- | C] () -- J:\Windows\SysWow64\EPPICPresetData_CF.dat
[2010/04/19 12:45:40 | 000,001,120 | ---- | C] () -- J:\Windows\SysWow64\EPPICPresetData_IT.dat
[2010/04/19 12:45:40 | 000,001,107 | ---- | C] () -- J:\Windows\SysWow64\EPPICPresetData_GE.dat
[2010/04/19 12:45:40 | 000,001,104 | ---- | C] () -- J:\Windows\SysWow64\EPPICPresetData_EN.dat
[2010/04/19 12:45:40 | 000,000,097 | ---- | C] () -- J:\Windows\SysWow64\PICSDK.ini
[2010/03/13 20:31:21 | 000,065,536 | ---- | C] () -- J:\Users\cboenicke\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/03/13 18:29:51 | 000,000,000 | -H-- | C] () -- J:\Users\cboenicke\AppData\Roaming\Roaming.event
[2010/03/13 18:29:51 | 000,000,000 | -H-- | C] () -- J:\Users\cboenicke\AppData\Local\Local.event
[2010/03/13 18:29:49 | 000,000,000 | -H-- | C] () -- J:\Users\cboenicke\AppData\AppData.event
[2010/03/13 18:25:29 | 000,002,516 | -HS- | C] () -- J:\ProgramData\KGyGaAvL.sys
[2010/03/13 18:25:29 | 000,000,088 | RHS- | C] () -- J:\ProgramData\3DE1C37709.sys
[2010/03/10 01:03:42 | 000,120,200 | ---- | C] () -- J:\Windows\SysWow64\DLLDEV32i.dll
[2010/03/10 01:03:15 | 000,007,119 | ---- | C] () -- J:\Windows\mgxoschk.ini
[2010/03/10 00:25:49 | 000,000,238 | ---- | C] () -- J:\Windows\ULEAD32.INI
[2010/03/10 00:25:18 | 000,000,014 | ---- | C] () -- J:\Windows\dswplug.ini
[2010/02/20 23:48:22 | 000,085,504 | ---- | C] () -- J:\Windows\SysWow64\ff_vfw.dll
[2010/02/20 17:28:28 | 000,002,560 | ---- | C] () -- J:\Windows\_MSRSTRT.EXE
[2010/01/31 15:41:38 | 000,000,075 | ---- | C] () -- J:\ProgramData\nvUnsupRes.dat
[2009/12/28 17:38:55 | 000,000,551 | ---- | C] () -- J:\Users\cboenicke\AppData\Roaming\AutoGK.ini
[2009/12/23 14:15:43 | 000,479,232 | ---- | C] () -- J:\Windows\ssndii.exe
[2009/12/23 14:15:37 | 000,010,884 | ---- | C] () -- J:\Users\cboenicke\AppData\Roaming\SmarThruOptions.xml
[2009/12/23 14:15:25 | 000,036,864 | ---- | C] () -- J:\Windows\SysWow64\SvcMan.exe
[2009/12/23 14:15:21 | 000,172,032 | ---- | C] () -- J:\Windows\SysWow64\SecSNMP.dll
[2009/12/23 13:59:38 | 000,110,592 | R--- | C] () -- J:\Windows\Wiainst.exe
[2009/12/05 06:43:33 | 000,136,167 | ---- | C] () -- J:\Users\cboenicke\AppData\Local\RAContactHistory.xml
[2009/10/27 19:52:30 | 000,000,056 | ---- | C] () -- J:\Windows\SysWow64\ezsidmv.dat
[2009/10/21 14:12:37 | 001,664,664 | ---- | C] () -- J:\Windows\SysWow64\PerfStringBackup.INI
[2009/10/21 13:23:13 | 000,000,877 | ---- | C] () -- J:\Users\cboenicke\AppData\Roaming\burnaware.ini
[2009/10/18 18:41:01 | 000,003,972 | ---- | C] () -- J:\Windows\SysWow64\drivers\PciBus.sys
[2009/10/17 09:18:40 | 000,000,010 | ---- | C] () -- J:\Windows\GSetup.ini
[2009/08/16 05:08:36 | 000,178,176 | ---- | C] () -- J:\Windows\SysWow64\unrar.dll
[2009/07/14 01:38:36 | 000,067,584 | --S- | C] () -- J:\Windows\bootstat.dat
[2009/07/13 22:35:51 | 000,000,741 | ---- | C] () -- J:\Windows\SysWow64\NOISE.DAT
[2009/07/13 22:34:42 | 000,215,943 | ---- | C] () -- J:\Windows\SysWow64\dssec.dat
[2009/07/13 20:10:29 | 000,043,131 | ---- | C] () -- J:\Windows\mib.bin
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- J:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 18:25:04 | 000,197,632 | ---- | C] () -- J:\Windows\SysWow64\ir32_32.dll
[2009/07/13 17:03:59 | 000,364,544 | ---- | C] () -- J:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 17:26:10 | 000,673,088 | ---- | C] () -- J:\Windows\SysWow64\mlang.dat
[2009/05/29 10:52:26 | 000,204,800 | ---- | C] () -- J:\Windows\SysWow64\xvidvfw.dll
[2009/05/29 10:47:06 | 000,881,664 | ---- | C] () -- J:\Windows\SysWow64\xvidcore.dll
[2007/10/25 12:26:10 | 000,005,632 | ---- | C] () -- J:\Windows\SysWow64\drivers\StarOpen.sys
[2007/06/21 02:34:08 | 000,203,328 | R--- | C] () -- J:\Windows\GSetup.exe
[2007/02/05 14:05:26 | 000,000,038 | ---- | C] () -- J:\Windows\AviSplitter.INI
 
========== LOP Check ==========
 
[2011/03/04 21:05:30 | 000,000,000 | ---D | M] -- J:\ProgramData\Acronis
[2009/10/17 07:44:58 | 000,000,000 | -HSD | M] -- J:\ProgramData\Anwendungsdaten
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- J:\ProgramData\Application Data
[2012/08/19 17:10:50 | 000,000,000 | ---D | M] -- J:\ProgramData\AVG Secure Search
[2012/05/15 10:24:15 | 000,000,000 | ---D | M] -- J:\ProgramData\Battle.net
[2012/08/19 17:10:09 | 000,000,000 | -H-D | M] -- J:\ProgramData\Common Files
[2009/12/28 05:38:44 | 000,000,000 | ---D | M] -- J:\ProgramData\DAEMON Tools Lite
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- J:\ProgramData\Desktop
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- J:\ProgramData\Documents
[2009/10/17 07:44:58 | 000,000,000 | -HSD | M] -- J:\ProgramData\Dokumente
[2010/02/18 16:00:34 | 000,000,000 | ---D | M] -- J:\ProgramData\DrTax
[2010/12/24 15:32:27 | 000,000,000 | ---D | M] -- J:\ProgramData\eMule
[2009/10/17 07:44:58 | 000,000,000 | -HSD | M] -- J:\ProgramData\Favoriten
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- J:\ProgramData\Favorites
[2010/09/24 10:49:38 | 000,000,000 | ---D | M] -- J:\ProgramData\ifolor
[2010/03/23 13:10:02 | 000,000,000 | ---D | M] -- J:\ProgramData\MAGIX
[2012/08/19 09:06:12 | 000,000,000 | ---D | M] -- J:\ProgramData\Motorola
[2009/11/21 15:33:11 | 000,000,000 | ---D | M] -- J:\ProgramData\NCH Swift Sound
[2010/04/19 13:30:14 | 000,000,000 | ---D | M] -- J:\ProgramData\Panasonic
[2011/01/02 06:03:15 | 000,000,000 | ---D | M] -- J:\ProgramData\Pinnacle
[2011/01/02 06:03:15 | 000,000,000 | ---D | M] -- J:\ProgramData\Pinnacle Studio Plus
[2010/03/11 17:33:39 | 000,000,000 | ---D | M] -- J:\ProgramData\Pinnacle Studio Ultimate Collection
[2011/11/22 08:21:20 | 000,000,000 | ---D | M] -- J:\ProgramData\Samsung
[2010/03/12 19:08:54 | 000,000,000 | ---D | M] -- J:\ProgramData\Shark007
[2010/02/13 14:41:44 | 000,000,000 | ---D | M] -- J:\ProgramData\Solidshield
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- J:\ProgramData\Start Menu
[2009/10/17 07:44:58 | 000,000,000 | -HSD | M] -- J:\ProgramData\Startmenü
[2011/01/02 06:03:15 | 000,000,000 | ---D | M] -- J:\ProgramData\Studio 14
[2010/12/24 15:19:14 | 000,000,000 | ---D | M] -- J:\ProgramData\Tages
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- J:\ProgramData\Templates
[2010/08/29 07:09:33 | 000,000,000 | ---D | M] -- J:\ProgramData\Ubisoft
[2009/10/17 07:44:58 | 000,000,000 | -HSD | M] -- J:\ProgramData\Vorlagen
[2010/03/12 19:10:53 | 000,000,000 | ---D | M] -- J:\ProgramData\Win7codecs
[2012/06/09 09:36:47 | 000,032,640 | ---- | M] () -- J:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
 
< %SYSTEMDRIVE%\*. >
[2009/10/17 07:45:10 | 000,000,000 | -HSD | M] -- J:\$Recycle.Bin
[2012/01/24 17:50:49 | 000,000,000 | ---D | M] -- J:\Battlefield 3
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- J:\Documents and Settings
[2009/10/17 07:44:58 | 000,000,000 | -HSD | M] -- J:\Dokumente und Einstellungen
[2010/03/13 18:23:50 | 000,000,000 | ---D | M] -- J:\IExp0.tmp
[2010/03/13 18:23:52 | 000,000,000 | ---D | M] -- J:\IExp1.tmp
[2012/03/07 17:23:45 | 000,000,000 | ---D | M] -- J:\inetpub
[2009/10/18 07:43:05 | 000,000,000 | ---D | M] -- J:\Live! Cam
[2009/10/19 16:21:39 | 000,000,000 | RH-D | M] -- J:\MSOCache
[2012/05/15 13:30:07 | 000,000,000 | ---D | M] -- J:\NVIDIA
[2009/10/18 08:52:10 | 000,000,000 | ---D | M] -- J:\OscarData
[2009/07/13 23:20:08 | 000,000,000 | ---D | M] -- J:\PerfLogs
[2009/12/28 17:06:45 | 000,000,000 | ---D | M] -- J:\platodvdripper
[2012/08/19 08:39:58 | 000,000,000 | R--D | M] -- J:\Program Files
[2012/08/19 17:10:38 | 000,000,000 | R--D | M] -- J:\Program Files (x86)
[2012/08/19 17:10:49 | 000,000,000 | -H-D | M] -- J:\ProgramData
[2009/10/17 07:44:58 | 000,000,000 | -HSD | M] -- J:\Programme
[2010/11/22 15:55:54 | 000,000,000 | ---D | M] -- J:\Programs
[2009/10/17 07:44:58 | 000,000,000 | -HSD | M] -- J:\Recovery
[2012/08/26 09:01:34 | 000,000,000 | -HSD | M] -- J:\System Volume Information
[2012/08/29 11:44:17 | 000,000,000 | ---D | M] -- J:\Temp
[2012/05/19 05:27:25 | 000,000,000 | R--D | M] -- J:\Users
[2012/08/28 16:16:43 | 000,000,000 | ---D | M] -- J:\Windows
 
< %PROGRAMFILES%\*.exe >
 
Invalid Environment Variable: %LOCALAPPDATA%\*.exe
 
< %systemroot%\*. /mp /s >
 
 
< MD5 for: AGP440.SYS  >
[2009/07/13 21:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- J:\Windows\System32\drivers\AGP440.sys
[2009/07/13 21:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- J:\Windows\System32\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009/07/13 21:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- J:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
[2009/07/13 21:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- J:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009/07/13 21:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- J:\Windows\System32\drivers\atapi.sys
[2009/07/13 21:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- J:\Windows\System32\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009/07/13 21:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- J:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009/07/13 21:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- J:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2009/07/13 21:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- J:\Windows\SysWOW64\cngaudit.dll
[2009/07/13 21:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- J:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009/07/13 21:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- J:\Windows\System32\cngaudit.dll
[2009/07/13 21:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- J:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
 
< MD5 for: EVENTLOG.DLL  >
[2009/05/15 09:17:02 | 000,032,768 | ---- | M] (Panasonic Corporation) MD5=18312FA8B6AAEC330A2A9483A77FF650 -- J:\Program Files (x86)\Panasonic\PHOTOfunSTUDIO 4.0 HD\HDWTools\EventLog.dll
[2009/07/17 02:15:14 | 000,043,008 | ---- | M] (Panasonic Corporation) MD5=3D64F1720C7B740CE7E3B9AA50F3633F -- J:\Program Files (x86)\Panasonic\PHOTOfunSTUDIO 4.0 HD\Core\EventLog\EventLog.dll
 
< MD5 for: EXPLORER.EXE  >
[2011/02/26 02:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- J:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011/02/26 01:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- J:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009/07/13 21:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- J:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011/02/26 01:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- J:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009/10/31 01:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- J:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011/02/26 01:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- J:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011/02/25 02:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- J:\Windows\explorer.exe
[2011/02/25 02:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- J:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011/02/26 02:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- J:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010/11/20 08:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- J:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009/08/03 02:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- J:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011/02/25 01:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- J:\Windows\SysWOW64\explorer.exe
[2011/02/25 01:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- J:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009/10/31 02:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- J:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009/08/03 01:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- J:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010/11/20 09:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- J:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009/10/31 02:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- J:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009/08/03 01:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- J:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009/07/13 21:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- J:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009/10/31 02:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- J:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011/02/26 02:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- J:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009/08/03 02:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- J:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
 
< MD5 for: IASTORV.SYS  >
[2010/11/20 09:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- J:\Windows\System32\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010/11/20 09:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- J:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011/03/11 02:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- J:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011/03/11 02:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- J:\Windows\System32\drivers\iaStorV.sys
[2011/03/11 02:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- J:\Windows\System32\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011/03/11 02:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- J:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
[2011/03/11 02:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- J:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys
[2011/03/11 02:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- J:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys
[2009/07/13 21:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- J:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2009/07/13 21:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- J:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2010/11/20 09:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- J:\Windows\System32\netlogon.dll
[2010/11/20 09:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- J:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010/11/20 08:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- J:\Windows\SysWOW64\netlogon.dll
[2010/11/20 08:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- J:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
[2009/07/13 21:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- J:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2009/07/13 21:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- J:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
[2011/03/11 02:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- J:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys
[2011/03/11 02:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- J:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys
[2011/03/11 02:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- J:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011/03/11 02:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- J:\Windows\System32\drivers\nvstor.sys
[2011/03/11 02:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- J:\Windows\System32\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011/03/11 02:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- J:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010/11/20 09:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- J:\Windows\System32\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010/11/20 09:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- J:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2009/07/13 21:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- J:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009/07/13 21:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- J:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010/11/20 08:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- J:\Windows\SysWOW64\scecli.dll
[2010/11/20 08:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- J:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010/11/20 09:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- J:\Windows\System32\scecli.dll
[2010/11/20 09:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- J:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
 
< MD5 for: USER32.DLL  >
[2010/11/20 08:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- J:\Windows\SysWOW64\user32.dll
[2010/11/20 08:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- J:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
[2009/07/13 21:41:56 | 001,008,640 | ---- | M] (Microsoft Corporation) MD5=72D7B3EA16946E8F0CF7458150031CC6 -- J:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll
[2009/07/13 21:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- J:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll
[2010/11/20 09:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- J:\Windows\System32\user32.dll
[2010/11/20 09:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- J:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2010/11/20 08:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- J:\Windows\SysWOW64\userinit.exe
[2010/11/20 08:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- J:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/13 21:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- J:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009/07/13 21:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- J:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010/11/20 09:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- J:\Windows\System32\userinit.exe
[2010/11/20 09:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- J:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2010/11/20 09:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- J:\Windows\System32\winlogon.exe
[2010/11/20 09:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- J:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009/07/13 21:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- J:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009/10/28 03:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- J:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009/10/28 02:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- J:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2009/07/13 20:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- J:\Windows\System32\drivers\ws2ifsl.sys
[2009/07/13 20:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- J:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\system32\*.dll /lockedfiles >
 
Invalid Environment Variable: %USERPROFILE%\*.*
 
Invalid Environment Variable: %USERPROFILE%\Local Settings\Temp\*.exe
 
Invalid Environment Variable: %USERPROFILE%\Local Settings\Temp\*.dll
 
Invalid Environment Variable: %USERPROFILE%\Application Data\*.exe
 
< End of report >
         
Vielen Dank

Alt 30.08.2012, 11:33   #2
markusg
/// Malware-holic
 
Polizei Trojaner - Standard

Polizei Trojaner



hi
weist du noch welche seite? falls ja als private nachicht an mich

auf deinem zweiten pc gehe auf start, programme zubehör editor, kopiere dort
rein:
Code:
ATTFilter
:OTL
O20 - HKU\cboenicke_ON_K Winlogon: Shell - (C:\Users\cboenicke\AppData\Roaming\msconfig.dat) - J:\Users\cboenicke\AppData\Roaming\msconfig.dat ()
:Files
C:\Users\cboenicke\AppData\Roaming\msconfig.dat
:Commands
[Reboot]
         


dieses speicherst du auf nem usb stick als fix.txt
nutze nun wieder OTLPENet.exe (starte also von der erstellten cd) und hake alles an, wie es bereits im post zu OTLPENet.exe beschrieben ist.
• Klicke nun bitte auf den Fix Button.
es sollte nun eine meldung ähnlich dieser: "load fix from file" erscheinen, lade also die fix.txt von deinem stick.
wenn dies nicht funktioniert, bitte den fix manuell eintragen.
dann klicke erneut den fix buton. pc startet evtl. neu. wenn ja, nimm die cd aus dem laufwerk, windows sollte nun normal starten und die otl.txt öffnen,
log posten bitte.

falls du keine symbole hast, dann rechtsklick, ansicht, desktop symbole einblenden

Hinweis: Die Datei bitte wie in der Anleitung zum UpChannel angegeben auch da hochladen. Bitte NICHT die ZIP-Datei hier als Anhang
in den Thread posten!




Drücke bitte die + E Taste.
  • Öffne dein Systemlaufwerk ( meistens C: )
  • Suche nun
    folgenden Ordner: _OTL und öffne diesen.
  • Mache einen Rechtsklick auf den Ordner Movedfiles --> Senden an --> Zip-Komprimierter Ordner

  • Dies wird eine Movedfiles.zip Datei in _OTL erstellen
  • Lade diese bitte in unseren Uploadchannel
    hoch. ( Durchsuchen --> C:\_OTL\Movedfiles.zip )
Teile mir mit ob der Upload problemlos geklappt hat. Danke im voraus


für eine weitere analyse benötige ich mal folgendes.
c:\Users\name\AppData\LocalLow\Sun\Java\Deployment\cache
dort rechtsklick auf den ordner cache, diesen mit winrar oder einem anderen programm packen, und im upload channel hochladen bitte
Trojaner-Board Upload Channel
wenn dies erledigt ist, bittemelden.
__________________

__________________

Alt 30.08.2012, 11:56   #3
cboenicke
 
Polizei Trojaner - Standard

Polizei Trojaner



Danke für Deine schnelle Hilfe,

Hast Du im LOG gesehen, dass mein System ursprünglich ein Raid war...
Frage, fixt OTL automatisch beide Platten und kann ich bei einem Neustart das Raid wieder anstellen?

Grüsse
__________________

Alt 30.08.2012, 12:06   #4
markusg
/// Malware-holic
 
Polizei Trojaner - Standard

Polizei Trojaner



du brauchst mir nicht 5 minuten nach dem post ne pm senden.
kann dir deine frage nicht 100 %ig sicher beantworten, führe den fix mal aus.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 30.08.2012, 19:32   #5
cboenicke
 
Polizei Trojaner - Standard

Polizei Trojaner



Es ist wie vermutet, der FIX hat nicht beide Festplatten betroffen. Beim Start im Raid Fehlermeldungen. Also Raid wieder ausgeschaltet. Konnte von beiden Platten starten, jedoch wieder nur weisser Bildschirm.

Eine Festplatte vom System getrennt, so dass es sich jetzt um ein normales System mit einer Platte handelt. Wieder mit OTL von CD gestartet und FIX erneut ausführen wollen -> Resultat Bluescreen

Habe jetzt mit nur noch einer Platte am System, nochmals einen Scan laufen lassen. Log:

Code:
ATTFilter
OTL logfile created on: 8/31/2012 4:05:34 AM - Run 
OTLPE by OldTimer - Version 3.1.48.0     Folder = X:\Programs\OTLPE
64bit-Windows 7 Professional Service Pack 1 (Version = 6.1.7601) - Type = System
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 91.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = I: | %SystemRoot% = I:\Windows | %ProgramFiles% = I:\Program Files (x86)
Drive C: | 100.00 Mb Total Space | 75.86 Mb Free Space | 75.87% Space Free | Partition Type: NTFS
Drive D: | 149.01 Gb Total Space | 101.60 Gb Free Space | 68.18% Space Free | Partition Type: FAT32
Drive I: | 595.95 Gb Total Space | 233.49 Gb Free Space | 39.18% Space Free | Partition Type: NTFS
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2010/12/13 09:37:16 | 000,194,416 | ---- | M] (Microsoft Corporation) [Auto] -- I:\Program Files\Microsoft LifeCam\MSCamS64.exe -- (MSCamSvc)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto] -- I:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 21:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand] -- I:\Windows\System32\appmgmts.dll -- (AppMgmt)
SRV - [2012/08/19 17:10:39 | 000,927,840 | ---- | M] () [Auto] -- I:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\12.2.0\ToolbarUpdater.exe -- (vToolbarUpdater12.2.0)
SRV - [2012/08/14 15:27:05 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- I:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/07/19 10:51:17 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand] -- I:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/07/17 16:31:18 | 000,116,632 | ---- | M] () [Auto] -- I:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe -- (Motorola Device Manager)
SRV - [2012/07/13 07:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto] -- I:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/05/09 15:31:38 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- I:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012/05/09 15:31:37 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- I:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012/02/29 20:02:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) [Auto] -- I:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012/02/29 07:26:46 | 000,382,272 | ---- | M] (NVIDIA Corporation) [Auto] -- I:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011/09/02 10:06:38 | 000,065,657 | ---- | M] (Motorola) [Auto] -- I:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe -- (PST Service)
SRV - [2011/06/06 06:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto] -- I:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/03/04 17:24:30 | 003,246,040 | ---- | M] (Acronis) [Auto] -- I:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe -- (afcdpsrv)
SRV - [2010/11/23 01:23:44 | 001,112,240 | ---- | M] (Acronis) [Auto] -- I:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2010/11/20 08:19:20 | 000,397,824 | ---- | M] (Microsoft Corporation) [On_Demand] -- I:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2010/11/20 08:19:20 | 000,397,824 | ---- | M] (Microsoft Corporation) [Auto] -- I:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (W3SVC)
SRV - [2010/11/20 08:18:03 | 000,061,440 | ---- | M] (Microsoft Corporation) [Auto] -- I:\Windows\SysWOW64\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2010/03/18 07:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto] -- I:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled] -- I:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007/06/15 06:57:42 | 000,145,504 | ---- | M] (B.H.A Corporation) [Auto] -- I:\Windows\SysWOW64\bgsvcgen.exe -- (bgsvcgen)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012/08/19 17:10:40 | 000,031,080 | ---- | M] (AVG Technologies) [Kernel | System] -- I:\Windows\System32\drivers\avgtpx64.sys -- (avgtp)
DRV:64bit: - [2012/06/11 05:56:34 | 000,022,016 | ---- | M] (Motorola Mobility Inc) [Kernel | On_Demand] -- I:\Windows\System32\drivers\motccgp.sys -- (motccgp)
DRV:64bit: - [2012/06/08 10:09:12 | 000,027,136 | ---- | M] (Motorola Mobility Inc) [Kernel | On_Demand] -- I:\Windows\System32\drivers\Motousbnet.sys -- (Motousbnet)
DRV:64bit: - [2012/06/08 10:08:54 | 000,008,832 | ---- | M] (Motorola) [Kernel | On_Demand] -- I:\Windows\System32\drivers\motswch.sys -- (MotoSwitchService)
DRV:64bit: - [2012/06/08 10:08:28 | 000,031,232 | ---- | M] (Motorola Mobility Inc) [Kernel | On_Demand] -- I:\Windows\System32\drivers\motmodem.sys -- (motmodem)
DRV:64bit: - [2012/05/09 15:31:38 | 000,132,832 | ---- | M] (Avira GmbH) [Kernel | System] -- I:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2012/05/09 15:31:38 | 000,098,848 | ---- | M] (Avira GmbH) [File_System | Auto] -- I:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2012/01/25 08:57:46 | 000,009,728 | ---- | M] (Motorola Mobility Inc) [Kernel | On_Demand] -- I:\Windows\System32\drivers\motccgpfl.sys -- (motccgpfl)
DRV:64bit: - [2012/01/17 08:45:56 | 000,188,224 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- I:\Windows\System32\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2011/11/08 07:59:12 | 000,011,776 | ---- | M] (Motorola Inc) [Kernel | On_Demand] -- I:\Windows\System32\drivers\motusbdevice.sys -- (motusbdevice)
DRV:64bit: - [2011/09/16 11:08:07 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System] -- I:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2011/03/04 17:24:31 | 000,285,280 | ---- | M] (Acronis) [File_System | On_Demand] -- I:\Windows\System32\drivers\afcdp.sys -- (afcdp)
DRV:64bit: - [2011/03/04 17:24:28 | 001,263,200 | ---- | M] (Acronis) [Kernel | Boot] -- I:\Windows\System32\drivers\tdrpm273.sys -- (tdrpman273) Acronis Try&Decide and Restore Points filter (build 273)
DRV:64bit: - [2011/03/04 17:24:25 | 000,970,336 | ---- | M] (Acronis) [Kernel | Boot] -- I:\Windows\System32\drivers\timntr.sys -- (timounter)
DRV:64bit: - [2011/03/04 17:24:19 | 000,277,088 | ---- | M] (Acronis) [Kernel | Boot] -- I:\Windows\System32\drivers\snapman.sys -- (snapman)
DRV:64bit: - [2010/12/02 17:30:36 | 000,031,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- I:\Windows\System32\drivers\nx6000.sys -- (MSHUSBVideo)
DRV:64bit: - [2010/11/20 07:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- I:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/06/14 04:32:54 | 000,016,448 | ---- | M] (Teruten Inc) [File_System | On_Demand] -- I:\Windows\System32\drivers\TFsExDisk.sys -- (TFsExDisk)
DRV:64bit: - [2010/04/26 22:25:20 | 000,172,104 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- I:\Windows\System32\drivers\sscdmdm.sys -- (sscdmdm)
DRV:64bit: - [2010/04/26 22:25:20 | 000,136,264 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- I:\Windows\System32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
DRV:64bit: - [2010/04/26 22:25:20 | 000,019,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- I:\Windows\System32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV:64bit: - [2010/02/24 06:20:40 | 000,191,616 | ---- | M] (Protect Software GmbH) [Kernel | Auto] -- I:\Windows\System32\drivers\acedrv11.sys -- (acedrv11)
DRV:64bit: - [2009/12/28 05:39:22 | 000,834,544 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot] -- I:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2009/10/25 05:13:04 | 000,314,016 | ---- | M] () [Kernel | Auto] -- I:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV:64bit: - [2009/10/25 05:13:04 | 000,043,680 | ---- | M] () [Kernel | Auto] -- I:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV:64bit: - [2009/07/10 08:06:50 | 000,031,744 | ---- | M] (Motorola) [Kernel | On_Demand] -- I:\Windows\System32\drivers\motoandroid.sys -- (motandroidusb)
DRV:64bit: - [2009/06/10 16:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand] -- I:\Windows\System32\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- I:\Windows\system32\DRIVERS\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- I:\Windows\system32\DRIVERS\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- I:\Windows\System32\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/05/18 05:32:26 | 000,231,224 | ---- | M] (Advanced Micro Devices, Inc) [Kernel | Boot] -- I:\Windows\System32\drivers\ahcix64s.sys -- (ahcix64s)
DRV:64bit: - [2009/05/04 12:30:28 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot] -- I:\Windows\System32\drivers\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO)
DRV:64bit: - [2009/04/03 00:39:58 | 000,034,872 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand] -- I:\Windows\System32\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2009/03/01 17:05:32 | 000,187,392 | ---- | M] (Realtek Corporation                                            ) [Kernel | On_Demand] -- I:\Windows\System32\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/01/29 12:11:38 | 000,006,144 | ---- | M] (Motorola Inc) [Kernel | On_Demand] -- I:\Windows\System32\drivers\motfilt.sys -- (BTCFilterService)
DRV:64bit: - [2008/10/13 15:14:04 | 000,226,320 | R--- | M] (Advanced Micro Devices, Inc) [Kernel | Boot] -- I:\Windows\System32\drivers\ahcix64.sys -- (ahcix64)
DRV:64bit: - [2007/10/22 02:58:43 | 000,011,576 | R--- | M] (Samsung Electronics) [Kernel | Auto] -- I:\Windows\System32\drivers\SSPORT.SYS -- (SSPORT)
DRV:64bit: - [2007/10/22 02:55:45 | 000,054,072 | R--- | M] (Samsung Electronics) [Kernel | Auto] -- I:\Windows\System32\drivers\DgivEcp.sys -- (DgiVecp)
DRV:64bit: - [2006/11/10 09:08:58 | 000,030,720 | ---- | M] () [Kernel | On_Demand] -- I:\Windows\System32\drivers\ATITool64.sys -- (ATITool)
DRV:64bit: - [2005/09/23 17:18:34 | 000,261,120 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand] -- I:\Windows\System32\drivers\MarvinBus64.sys -- (MarvinBus)
DRV - [2011/03/18 14:15:52 | 000,012,400 | ---- | M] (Macrovision Europe Ltd) [Kernel | Auto] -- I:\Windows\SysWOW64\drivers\SECDRV.SYS -- (SecDrv)
DRV - [2010/06/14 04:32:54 | 000,016,448 | ---- | M] (Teruten Inc) [File_System | On_Demand] -- I:\Windows\SysWOW64\drivers\TFsExDisk.Sys -- (TFsExDisk)
DRV - [2009/10/17 12:52:43 | 000,024,072 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand] -- I:\Windows\gdrv.sys -- (gdrv)
DRV - [2005/10/11 15:20:56 | 000,019,328 | ---- | M] (Insyde Software) [Kernel | On_Demand] -- I:\Users\cboenicke\AppData\Local\Temp\iscFB73tmp\iscflash.sys -- (iscFlash)
DRV - [2004/10/25 14:02:58 | 000,021,664 | ---- | M] (EnTech Taiwan) [Kernel | Disabled] -- I:\Windows\SysWOW64\drivers\Entech.sys -- (.nevplaute)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: I:\Windows\System32\Macromed\Flash\NPSWF64_11_3_300_271.dll ()
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE:  File not found
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer: I:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer: I:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: I:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\12.2.0\\npsitesafety.dll ()
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin: I:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: I:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: I:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: I:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE:  File not found
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision: I:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming: I:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@real.com/nppl3260;version=6.0.12.448: I:\Program Files (x86)\Win7codecs\rm\Browser\Plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: I:\Program Files (x86)\Win7codecs\rm\Browser\Plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3: I:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9: I:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\Adobe Reader: I:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Firefox\extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\12.2.0.5\ [2012/08/19 17:10:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/07/19 10:51:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011/07/17 16:48:03 | 000,000,000 | ---D | M]
 
[2012/01/08 11:52:47 | 000,000,000 | ---D | M] (No name found) -- I:\Program Files (x86)\Mozilla Firefox\extensions
[2012/07/19 10:51:18 | 000,136,672 | ---- | M] (Mozilla Foundation) -- I:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011/10/02 23:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- I:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2012/02/25 21:32:09 | 000,001,392 | ---- | M] () -- I:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012/08/19 17:10:37 | 000,003,751 | ---- | M] () -- I:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
[2012/02/25 21:32:09 | 000,002,252 | ---- | M] () -- I:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/02/25 21:32:09 | 000,001,153 | ---- | M] () -- I:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012/02/25 21:32:09 | 000,006,805 | ---- | M] () -- I:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012/02/25 21:32:09 | 000,001,178 | ---- | M] () -- I:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012/02/25 21:32:09 | 000,001,105 | ---- | M] () -- I:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - I:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - I:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - I:\Program Files (x86)\AVG Secure Search\12.2.0.5\AVG Secure Search_toolbar.dll ()
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - I:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Softonic Helper Object) - {E87806B5-E908-45FD-AF5E-957D83E58E68} - I:\Program Files (x86)\Softonic\softonic\1.5.11.5\bh\softonic.dll (Softonic.com)
O3 - HKLM\..\Toolbar: (Softonic Toolbar) - {5018CFD2-804D-4C99-9F81-25EAEA2769DE} - I:\Program Files (x86)\Softonic\softonic\1.5.11.5\softonicTlbr.dll (Softonic.com)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - I:\Program Files (x86)\AVG Secure Search\12.2.0.5\AVG Secure Search_toolbar.dll ()
O4:64bit: - HKLM..\Run: [Acronis Scheduler2 Service] I:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
O4 - HKLM..\Run: [3170 Scan2PC] I:\Windows\twain_32\Samsung\CLX3170\Scan2Pc.exe ()
O4 - HKLM..\Run: [amd_dc_opt] I:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
O4 - HKLM..\Run: [avgnt] I:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [LifeCam] I:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [mumservice]  File not found
O4 - HKLM..\Run: [NPSStartup]  File not found
O4 - HKLM..\Run: [ROC_roc_ssl_v12] I:\Program Files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe ()
O4 - HKLM..\Run: [Samsung PanelMgr] I:\Windows\Samsung\PanelMgr\SSMMgr.exe ()
O4 - HKLM..\Run: [SAOB Monitor] I:\Program Files (x86)\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe (Acronis)
O4 - HKLM..\Run: [Smart File Advisor] I:\Program Files (x86)\Smart File Advisor\sfa.exe (Filefacts.net)
O4 - HKLM..\Run: [SysMetrix]  File not found
O4 - HKLM..\Run: [TrueImageMonitor.exe] I:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
O4 - HKLM..\Run: [vProt] I:\Program Files (x86)\AVG Secure Search\vprot.exe ()
O4 - Startup: Error locating startup folders.
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} -  File not found
O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} -  File not found
O13:64bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 10.5.1)
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - I:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - I:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - I:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
64bit: O35 - HKLM\..comfile [open] -- "%1" %* File not found
64bit: O35 - HKLM\..exefile [open] -- "%1" %* File not found
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012/08/30 22:19:44 | 002,237,440 | R--- | C] (OldTimer Tools) -- I:\OTLPE.exe
[2012/08/30 22:19:44 | 000,000,000 | ---D | C] -- I:\_OTL
[2012/08/26 07:16:29 | 000,000,000 | ---D | C] -- I:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
[2012/08/19 17:10:49 | 000,000,000 | ---D | C] -- I:\ProgramData\AVG Secure Search
[2012/08/19 17:10:40 | 000,031,080 | ---- | C] (AVG Technologies) -- I:\Windows\System32\drivers\avgtpx64.sys
[2012/08/19 17:10:38 | 000,000,000 | ---D | C] -- I:\Program Files (x86)\Common Files\AVG Secure Search
[2012/08/19 17:10:38 | 000,000,000 | ---D | C] -- I:\Program Files (x86)\AVG Secure Search
[2012/08/19 17:10:09 | 000,000,000 | -H-D | C] -- I:\ProgramData\Common Files
[2012/08/19 17:10:01 | 000,000,000 | ---D | C] -- I:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Split And Merge
[2012/08/19 17:10:00 | 000,000,000 | ---D | C] -- I:\Program Files (x86)\pdfsam
[2012/08/19 09:06:12 | 000,000,000 | ---D | C] -- I:\ProgramData\Motorola
[2012/08/19 08:45:04 | 000,000,000 | ---D | C] -- I:\ProgramData\Microsoft\Windows\Start Menu\Programs\Motorola
[2012/08/19 08:43:37 | 000,000,000 | ---D | C] -- I:\ProgramData\Microsoft\Windows\Start Menu\Programs\Motorola MMCP Drivers Installer
[2012/08/19 08:42:47 | 000,000,000 | ---D | C] -- I:\Program Files (x86)\Common Files\MSSoap
[2012/08/19 08:42:47 | 000,000,000 | ---D | C] -- I:\Program Files (x86)\Motorola Mobility
[2012/08/19 08:39:58 | 000,000,000 | ---D | C] -- I:\Program Files\Motorola Inc
[2012/08/15 16:24:09 | 000,096,768 | ---- | C] (Microsoft Corporation) -- I:\Windows\System32\mshtmled.dll
[2012/08/15 16:24:09 | 000,073,216 | ---- | C] (Microsoft Corporation) -- I:\Windows\SysWow64\mshtmled.dll
[2012/08/15 16:24:08 | 000,237,056 | ---- | C] (Microsoft Corporation) -- I:\Windows\System32\url.dll
[2012/08/15 16:24:08 | 000,231,936 | ---- | C] (Microsoft Corporation) -- I:\Windows\SysWow64\url.dll
[2012/08/15 16:24:07 | 000,248,320 | ---- | C] (Microsoft Corporation) -- I:\Windows\System32\ieui.dll
[2012/08/15 16:24:07 | 000,176,640 | ---- | C] (Microsoft Corporation) -- I:\Windows\SysWow64\ieui.dll
[2012/08/15 16:24:07 | 000,173,056 | ---- | C] (Microsoft Corporation) -- I:\Windows\System32\ieUnatt.exe
[2012/08/15 16:24:06 | 002,312,704 | ---- | C] (Microsoft Corporation) -- I:\Windows\System32\jscript9.dll
[2012/08/15 16:24:06 | 001,494,528 | ---- | C] (Microsoft Corporation) -- I:\Windows\System32\inetcpl.cpl
[2012/08/15 16:24:06 | 001,427,968 | ---- | C] (Microsoft Corporation) -- I:\Windows\SysWow64\inetcpl.cpl
[2012/08/15 16:24:06 | 000,142,848 | ---- | C] (Microsoft Corporation) -- I:\Windows\SysWow64\ieUnatt.exe
[2012/08/15 16:24:05 | 001,800,704 | ---- | C] (Microsoft Corporation) -- I:\Windows\SysWow64\jscript9.dll
[2012/08/15 16:24:05 | 000,816,640 | ---- | C] (Microsoft Corporation) -- I:\Windows\System32\jscript.dll
[2012/08/15 16:24:05 | 000,717,824 | ---- | C] (Microsoft Corporation) -- I:\Windows\SysWow64\jscript.dll
[2012/08/15 16:19:30 | 000,000,000 | ---D | C] -- I:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2012/08/15 16:19:01 | 000,503,808 | ---- | C] (Microsoft Corporation) -- I:\Windows\System32\srcore.dll
[2012/08/15 16:18:58 | 000,751,104 | ---- | C] (Microsoft Corporation) -- I:\Windows\System32\win32spl.dll
[2012/08/15 16:18:58 | 000,492,032 | ---- | C] (Microsoft Corporation) -- I:\Windows\SysWow64\win32spl.dll
[2012/08/15 16:18:58 | 000,067,072 | ---- | C] (Microsoft Corporation) -- I:\Windows\splwow64.exe
[2012/08/15 16:18:55 | 000,073,216 | ---- | C] (Microsoft Corporation) -- I:\Windows\System32\netapi32.dll
[2012/08/15 16:18:55 | 000,059,392 | ---- | C] (Microsoft Corporation) -- I:\Windows\System32\browcli.dll
[2012/08/15 16:18:55 | 000,041,984 | ---- | C] (Microsoft Corporation) -- I:\Windows\SysWow64\browcli.dll
[2012/08/15 16:18:43 | 000,956,928 | ---- | C] (Microsoft Corporation) -- I:\Windows\System32\localspl.dll
[2012/08/05 18:19:43 | 000,159,232 | ---- | C] (Microsoft Corporation) -- I:\Windows\SysWow64\imagehlp.dll
[2012/08/05 18:19:43 | 000,081,408 | ---- | C] (Microsoft Corporation) -- I:\Windows\System32\imagehlp.dll
[2012/08/05 18:19:43 | 000,023,408 | ---- | C] (Microsoft Corporation) -- I:\Windows\System32\drivers\fs_rec.sys
[2012/08/05 18:19:42 | 000,220,672 | ---- | C] (Microsoft Corporation) -- I:\Windows\System32\wintrust.dll
[2012/08/05 18:19:42 | 000,172,544 | ---- | C] (Microsoft Corporation) -- I:\Windows\SysWow64\wintrust.dll
[2012/08/05 18:10:10 | 001,544,704 | ---- | C] (Microsoft Corporation) -- I:\Windows\System32\DWrite.dll
[2012/08/05 18:10:10 | 001,077,248 | ---- | C] (Microsoft Corporation) -- I:\Windows\SysWow64\DWrite.dll
[2012/08/05 18:10:05 | 000,002,048 | ---- | C] (Microsoft Corporation) -- I:\Windows\SysWow64\msxml3r.dll
[2012/08/05 18:10:05 | 000,002,048 | ---- | C] (Microsoft Corporation) -- I:\Windows\System32\msxml3r.dll
[2012/08/05 18:09:21 | 001,462,272 | ---- | C] (Microsoft Corporation) -- I:\Windows\System32\crypt32.dll
[2012/08/05 18:09:20 | 000,140,288 | ---- | C] (Microsoft Corporation) -- I:\Windows\System32\cryptnet.dll
[2012/08/05 18:07:06 | 000,307,200 | ---- | C] (Microsoft Corporation) -- I:\Windows\System32\ncrypt.dll
[2012/08/05 18:07:06 | 000,219,136 | ---- | C] (Microsoft Corporation) -- I:\Windows\SysWow64\ncrypt.dll
[2012/08/05 18:06:49 | 005,559,664 | ---- | C] (Microsoft Corporation) -- I:\Windows\System32\ntoskrnl.exe
[2012/08/05 18:06:48 | 003,968,368 | ---- | C] (Microsoft Corporation) -- I:\Windows\SysWow64\ntkrnlpa.exe
[2012/08/05 18:06:48 | 003,913,072 | ---- | C] (Microsoft Corporation) -- I:\Windows\SysWow64\ntoskrnl.exe
[2012/08/05 18:06:39 | 000,805,376 | ---- | C] (Microsoft Corporation) -- I:\Windows\SysWow64\cdosys.dll
[2012/08/05 18:06:38 | 001,133,568 | ---- | C] (Microsoft Corporation) -- I:\Windows\System32\cdosys.dll
[2012/08/05 18:06:32 | 003,216,384 | ---- | C] (Microsoft Corporation) -- I:\Windows\System32\msi.dll
[2012/08/05 18:06:31 | 002,342,400 | ---- | C] (Microsoft Corporation) -- I:\Windows\SysWow64\msi.dll
[2012/08/05 18:06:12 | 000,149,504 | ---- | C] (Microsoft Corporation) -- I:\Windows\System32\rdpcorekmts.dll
[2012/08/05 18:06:11 | 000,077,312 | ---- | C] (Microsoft Corporation) -- I:\Windows\System32\rdpwsx.dll
[2012/08/05 18:06:11 | 000,009,216 | ---- | C] (Microsoft Corporation) -- I:\Windows\System32\rdrmemptylst.exe
[2 I:\Windows\*.tmp files -> I:\Windows\*.tmp -> ]
[2 I:\*.tmp files -> I:\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012/08/30 16:30:19 | 2140,454,911 | -HS- | M] () -- I:\hiberfil.sys
[2012/08/30 16:30:19 | 000,067,584 | --S- | M] () -- I:\Windows\bootstat.dat
[2012/08/29 11:51:53 | 000,015,376 | -H-- | M] () -- I:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/08/29 11:51:53 | 000,015,376 | -H-- | M] () -- I:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/08/29 11:49:13 | 000,764,044 | ---- | M] () -- I:\Windows\System32\perfh007.dat
[2012/08/29 11:49:13 | 000,707,348 | ---- | M] () -- I:\Windows\System32\perfh009.dat
[2012/08/29 11:49:13 | 000,171,162 | ---- | M] () -- I:\Windows\System32\perfc007.dat
[2012/08/29 11:49:13 | 000,139,436 | ---- | M] () -- I:\Windows\System32\perfc009.dat
[2012/08/29 11:44:22 | 000,001,112 | ---- | M] () -- I:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/08/28 15:28:02 | 000,001,116 | ---- | M] () -- I:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/08/27 17:27:00 | 000,000,884 | ---- | M] () -- I:\Windows\tasks\Adobe Flash Player Updater.job
[2012/08/26 07:16:30 | 000,000,000 | R--D | M] -- I:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
[2012/08/26 07:16:29 | 000,000,000 | ---D | M] -- I:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
[2012/08/26 07:16:14 | 000,001,346 | ---- | M] () -- I:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live ID.lnk
[2012/08/19 17:10:40 | 000,031,080 | ---- | M] (AVG Technologies) -- I:\Windows\System32\drivers\avgtpx64.sys
[2012/08/19 17:10:01 | 000,000,000 | ---D | M] -- I:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Split And Merge
[2012/08/19 16:47:53 | 000,000,000 | -H-- | M] () -- I:\Windows\System32\drivers\Msft_Kernel_motoandroid_01007.Wdf
[2012/08/19 09:07:33 | 000,000,000 | -H-- | M] () -- I:\Windows\System32\drivers\Msft_Kernel_motmodem_01007.Wdf
[2012/08/19 09:07:17 | 000,000,000 | -H-- | M] () -- I:\Windows\System32\drivers\Msft_Kernel_motfilt_01007.Wdf
[2012/08/19 09:07:15 | 000,000,000 | -H-- | M] () -- I:\Windows\System32\drivers\Msft_Kernel_Motousbnet_01007.Wdf
[2012/08/19 09:06:11 | 000,000,000 | -H-- | M] () -- I:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2012/08/19 09:05:39 | 000,000,000 | -H-- | M] () -- I:\Windows\System32\drivers\Msft_Kernel_motccgpfl_01007.Wdf
[2012/08/19 09:05:39 | 000,000,000 | -H-- | M] () -- I:\Windows\System32\drivers\Msft_Kernel_motccgp_01007.Wdf
[2012/08/19 09:05:01 | 000,000,000 | -H-- | M] () -- I:\Windows\System32\drivers\Msft_Kernel_motusbdevice_01007.Wdf
[2012/08/19 08:45:10 | 000,000,000 | ---D | M] -- I:\ProgramData\Microsoft\Windows\Start Menu\Programs\Motorola
[2012/08/19 08:43:37 | 000,000,000 | ---D | M] -- I:\ProgramData\Microsoft\Windows\Start Menu\Programs\Motorola MMCP Drivers Installer
[2012/08/16 06:46:22 | 000,535,144 | ---- | M] () -- I:\Windows\System32\FNTCACHE.DAT
[2012/08/15 16:19:30 | 000,000,000 | ---D | M] -- I:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2012/08/14 15:27:04 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- I:\Windows\SysWow64\FlashPlayerApp.exe
[2012/08/14 15:27:04 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- I:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2 I:\Windows\*.tmp files -> I:\Windows\*.tmp -> ]
[2 I:\*.tmp files -> I:\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012/08/26 07:16:14 | 000,001,346 | ---- | C] () -- I:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live ID.lnk
[2012/08/19 16:47:53 | 000,000,000 | -H-- | C] () -- I:\Windows\System32\drivers\Msft_Kernel_motoandroid_01007.Wdf
[2012/08/19 09:07:33 | 000,000,000 | -H-- | C] () -- I:\Windows\System32\drivers\Msft_Kernel_motmodem_01007.Wdf
[2012/08/19 09:07:17 | 000,000,000 | -H-- | C] () -- I:\Windows\System32\drivers\Msft_Kernel_motfilt_01007.Wdf
[2012/08/19 09:07:15 | 000,000,000 | -H-- | C] () -- I:\Windows\System32\drivers\Msft_Kernel_Motousbnet_01007.Wdf
[2012/08/19 09:06:11 | 000,000,000 | -H-- | C] () -- I:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2012/08/19 09:05:39 | 000,000,000 | -H-- | C] () -- I:\Windows\System32\drivers\Msft_Kernel_motccgpfl_01007.Wdf
[2012/08/19 09:05:39 | 000,000,000 | -H-- | C] () -- I:\Windows\System32\drivers\Msft_Kernel_motccgp_01007.Wdf
[2012/08/19 09:05:01 | 000,000,000 | -H-- | C] () -- I:\Windows\System32\drivers\Msft_Kernel_motusbdevice_01007.Wdf
[2012/02/29 07:26:56 | 000,416,064 | ---- | C] () -- I:\Windows\SysWow64\nvStreaming.exe
[2011/09/28 11:44:14 | 000,179,271 | ---- | C] () -- I:\Windows\SysWow64\xlive.dll.cat
[2011/09/19 09:03:40 | 000,045,056 | ---- | C] () -- I:\Windows\SysWow64\rtvcvfw32.dll
[2011/08/31 11:28:48 | 000,252,928 | ---- | C] () -- I:\Windows\SysWow64\DShowRdpFilter.dll
[2011/03/18 14:14:49 | 000,000,530 | ---- | C] () -- I:\Windows\eReg.dat
[2010/04/19 12:45:40 | 000,111,932 | ---- | C] () -- I:\Windows\SysWow64\EPPICPrinterDB.dat
[2010/04/19 12:45:40 | 000,031,053 | ---- | C] () -- I:\Windows\SysWow64\EPPICPattern131.dat
[2010/04/19 12:45:40 | 000,027,417 | ---- | C] () -- I:\Windows\SysWow64\EPPICPattern121.dat
[2010/04/19 12:45:40 | 000,026,154 | ---- | C] () -- I:\Windows\SysWow64\EPPICPattern1.dat
[2010/04/19 12:45:40 | 000,024,903 | ---- | C] () -- I:\Windows\SysWow64\EPPICPattern3.dat
[2010/04/19 12:45:40 | 000,021,390 | ---- | C] () -- I:\Windows\SysWow64\EPPICPattern5.dat
[2010/04/19 12:45:40 | 000,020,148 | ---- | C] () -- I:\Windows\SysWow64\EPPICPattern2.dat
[2010/04/19 12:45:40 | 000,011,811 | ---- | C] () -- I:\Windows\SysWow64\EPPICPattern4.dat
[2010/04/19 12:45:40 | 000,004,943 | ---- | C] () -- I:\Windows\SysWow64\EPPICPattern6.dat
[2010/04/19 12:45:40 | 000,001,146 | ---- | C] () -- I:\Windows\SysWow64\EPPICPresetData_DU.dat
[2010/04/19 12:45:40 | 000,001,139 | ---- | C] () -- I:\Windows\SysWow64\EPPICPresetData_PT.dat
[2010/04/19 12:45:40 | 000,001,139 | ---- | C] () -- I:\Windows\SysWow64\EPPICPresetData_BP.dat
[2010/04/19 12:45:40 | 000,001,136 | ---- | C] () -- I:\Windows\SysWow64\EPPICPresetData_ES.dat
[2010/04/19 12:45:40 | 000,001,129 | ---- | C] () -- I:\Windows\SysWow64\EPPICPresetData_FR.dat
[2010/04/19 12:45:40 | 000,001,129 | ---- | C] () -- I:\Windows\SysWow64\EPPICPresetData_CF.dat
[2010/04/19 12:45:40 | 000,001,120 | ---- | C] () -- I:\Windows\SysWow64\EPPICPresetData_IT.dat
[2010/04/19 12:45:40 | 000,001,107 | ---- | C] () -- I:\Windows\SysWow64\EPPICPresetData_GE.dat
[2010/04/19 12:45:40 | 000,001,104 | ---- | C] () -- I:\Windows\SysWow64\EPPICPresetData_EN.dat
[2010/04/19 12:45:40 | 000,000,097 | ---- | C] () -- I:\Windows\SysWow64\PICSDK.ini
[2010/03/13 18:25:29 | 000,002,516 | -HS- | C] () -- I:\ProgramData\KGyGaAvL.sys
[2010/03/13 18:25:29 | 000,000,088 | RHS- | C] () -- I:\ProgramData\3DE1C37709.sys
[2010/03/10 01:03:42 | 000,120,200 | ---- | C] () -- I:\Windows\SysWow64\DLLDEV32i.dll
[2010/03/10 01:03:15 | 000,007,119 | ---- | C] () -- I:\Windows\mgxoschk.ini
[2010/03/10 00:25:49 | 000,000,238 | ---- | C] () -- I:\Windows\ULEAD32.INI
[2010/03/10 00:25:18 | 000,000,014 | ---- | C] () -- I:\Windows\dswplug.ini
[2010/02/20 23:48:22 | 000,085,504 | ---- | C] () -- I:\Windows\SysWow64\ff_vfw.dll
[2010/02/20 17:28:28 | 000,002,560 | ---- | C] () -- I:\Windows\_MSRSTRT.EXE
[2010/01/31 15:41:38 | 000,000,075 | ---- | C] () -- I:\ProgramData\nvUnsupRes.dat
[2009/12/23 14:15:43 | 000,479,232 | ---- | C] () -- I:\Windows\ssndii.exe
[2009/12/23 14:15:25 | 000,036,864 | ---- | C] () -- I:\Windows\SysWow64\SvcMan.exe
[2009/12/23 14:15:21 | 000,172,032 | ---- | C] () -- I:\Windows\SysWow64\SecSNMP.dll
[2009/12/23 13:59:38 | 000,110,592 | R--- | C] () -- I:\Windows\Wiainst.exe
[2009/10/27 19:52:30 | 000,000,056 | ---- | C] () -- I:\Windows\SysWow64\ezsidmv.dat
[2009/10/21 14:12:37 | 001,664,664 | ---- | C] () -- I:\Windows\SysWow64\PerfStringBackup.INI
[2009/10/18 18:41:01 | 000,003,972 | ---- | C] () -- I:\Windows\SysWow64\drivers\PciBus.sys
[2009/10/17 09:18:40 | 000,000,010 | ---- | C] () -- I:\Windows\GSetup.ini
[2009/08/16 05:08:36 | 000,178,176 | ---- | C] () -- I:\Windows\SysWow64\unrar.dll
[2009/07/14 01:38:36 | 000,067,584 | --S- | C] () -- I:\Windows\bootstat.dat
[2009/07/13 22:35:51 | 000,000,741 | ---- | C] () -- I:\Windows\SysWow64\NOISE.DAT
[2009/07/13 22:34:42 | 000,215,943 | ---- | C] () -- I:\Windows\SysWow64\dssec.dat
[2009/07/13 20:10:29 | 000,043,131 | ---- | C] () -- I:\Windows\mib.bin
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- I:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 18:25:04 | 000,197,632 | ---- | C] () -- I:\Windows\SysWow64\ir32_32.dll
[2009/07/13 17:03:59 | 000,364,544 | ---- | C] () -- I:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 17:26:10 | 000,673,088 | ---- | C] () -- I:\Windows\SysWow64\mlang.dat
[2009/05/29 10:52:26 | 000,204,800 | ---- | C] () -- I:\Windows\SysWow64\xvidvfw.dll
[2009/05/29 10:47:06 | 000,881,664 | ---- | C] () -- I:\Windows\SysWow64\xvidcore.dll
[2007/10/25 12:26:10 | 000,005,632 | ---- | C] () -- I:\Windows\SysWow64\drivers\StarOpen.sys
[2007/06/21 02:34:08 | 000,203,328 | R--- | C] () -- I:\Windows\GSetup.exe
[2007/02/05 14:05:26 | 000,000,038 | ---- | C] () -- I:\Windows\AviSplitter.INI
 
========== LOP Check ==========
 
[2011/03/04 21:05:30 | 000,000,000 | ---D | M] -- I:\ProgramData\Acronis
[2009/10/17 07:44:58 | 000,000,000 | -HSD | M] -- I:\ProgramData\Anwendungsdaten
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- I:\ProgramData\Application Data
[2012/08/19 17:10:50 | 000,000,000 | ---D | M] -- I:\ProgramData\AVG Secure Search
[2012/05/15 10:24:15 | 000,000,000 | ---D | M] -- I:\ProgramData\Battle.net
[2012/08/19 17:10:09 | 000,000,000 | -H-D | M] -- I:\ProgramData\Common Files
[2009/12/28 05:38:44 | 000,000,000 | ---D | M] -- I:\ProgramData\DAEMON Tools Lite
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- I:\ProgramData\Desktop
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- I:\ProgramData\Documents
[2009/10/17 07:44:58 | 000,000,000 | -HSD | M] -- I:\ProgramData\Dokumente
[2010/02/18 16:00:34 | 000,000,000 | ---D | M] -- I:\ProgramData\DrTax
[2010/12/24 15:32:27 | 000,000,000 | ---D | M] -- I:\ProgramData\eMule
[2009/10/17 07:44:58 | 000,000,000 | -HSD | M] -- I:\ProgramData\Favoriten
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- I:\ProgramData\Favorites
[2010/09/24 10:49:38 | 000,000,000 | ---D | M] -- I:\ProgramData\ifolor
[2010/03/23 13:10:02 | 000,000,000 | ---D | M] -- I:\ProgramData\MAGIX
[2012/08/19 09:06:12 | 000,000,000 | ---D | M] -- I:\ProgramData\Motorola
[2009/11/21 15:33:11 | 000,000,000 | ---D | M] -- I:\ProgramData\NCH Swift Sound
[2010/04/19 13:30:14 | 000,000,000 | ---D | M] -- I:\ProgramData\Panasonic
[2011/01/02 06:03:15 | 000,000,000 | ---D | M] -- I:\ProgramData\Pinnacle
[2011/01/02 06:03:15 | 000,000,000 | ---D | M] -- I:\ProgramData\Pinnacle Studio Plus
[2010/03/11 17:33:39 | 000,000,000 | ---D | M] -- I:\ProgramData\Pinnacle Studio Ultimate Collection
[2011/11/22 08:21:20 | 000,000,000 | ---D | M] -- I:\ProgramData\Samsung
[2010/03/12 19:08:54 | 000,000,000 | ---D | M] -- I:\ProgramData\Shark007
[2010/02/13 14:41:44 | 000,000,000 | ---D | M] -- I:\ProgramData\Solidshield
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- I:\ProgramData\Start Menu
[2009/10/17 07:44:58 | 000,000,000 | -HSD | M] -- I:\ProgramData\Startmenü
[2011/01/02 06:03:15 | 000,000,000 | ---D | M] -- I:\ProgramData\Studio 14
[2010/12/24 15:19:14 | 000,000,000 | ---D | M] -- I:\ProgramData\Tages
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- I:\ProgramData\Templates
[2010/08/29 07:09:33 | 000,000,000 | ---D | M] -- I:\ProgramData\Ubisoft
[2009/10/17 07:44:58 | 000,000,000 | -HSD | M] -- I:\ProgramData\Vorlagen
[2010/03/12 19:10:53 | 000,000,000 | ---D | M] -- I:\ProgramData\Win7codecs
[2012/06/09 09:36:47 | 000,032,640 | ---- | M] () -- I:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
< End of report >
         
Danke im voraus


Alt 04.09.2012, 21:05   #6
markusg
/// Malware-holic
 
Polizei Trojaner - Standard

Polizei Trojaner



hmm, im zweiten log ist die malware nicht zu sehen.
hast du denn mit true image nen backup erstellt, dann spiele das ein.
__________________
--> Polizei Trojaner

Antwort

Themen zu Polizei Trojaner
adobe, antivir, avg, avg secure search, avg security toolbar, avira, bho, defender, desktop, device driver, error, firefox, flash player, format, google earth, langs, logfile, monitor, mozilla, nvidia update, object, realtek, registry, rundll, scan, secure search, security, server, shark, software, temp, trojaner, vtoolbarupdater



Ähnliche Themen: Polizei Trojaner


  1. Polizei Trojaner GVU
    Log-Analyse und Auswertung - 30.09.2013 (6)
  2. GVU Polizei Trojaner
    Plagegeister aller Art und deren Bekämpfung - 17.06.2013 (26)
  3. Viren eingefangen (JAVA/dldr.lamar.TP), auch Trojaner (Polizei.Trojaner) gefunden
    Log-Analyse und Auswertung - 07.05.2013 (15)
  4. Polizei-Trojaner
    Plagegeister aller Art und deren Bekämpfung - 22.04.2013 (17)
  5. Polizei-Trojaner, ist er weg?
    Plagegeister aller Art und deren Bekämpfung - 04.02.2013 (1)
  6. Polizei Trojaner
    Plagegeister aller Art und deren Bekämpfung - 23.11.2012 (13)
  7. Polizei Trojaner
    Log-Analyse und Auswertung - 24.10.2012 (8)
  8. Polizei Trojaner
    Plagegeister aller Art und deren Bekämpfung - 09.10.2012 (6)
  9. Polizei Trojaner
    Plagegeister aller Art und deren Bekämpfung - 07.10.2012 (9)
  10. Polizei-Trojaner
    Plagegeister aller Art und deren Bekämpfung - 07.10.2012 (10)
  11. Polizei Trojaner
    Log-Analyse und Auswertung - 29.09.2012 (2)
  12. Polizei Trojaner
    Log-Analyse und Auswertung - 03.09.2012 (3)
  13. Polizei Trojaner
    Plagegeister aller Art und deren Bekämpfung - 23.08.2012 (13)
  14. Polizei Trojaner
    Plagegeister aller Art und deren Bekämpfung - 20.08.2012 (12)
  15. Polizei Trojaner
    Log-Analyse und Auswertung - 14.08.2012 (4)
  16. GVU/ Polizei Trojaner
    Plagegeister aller Art und deren Bekämpfung - 28.06.2012 (1)
  17. Polizei Trojaner
    Diskussionsforum - 21.11.2007 (64)

Zum Thema Polizei Trojaner - Hallo Mich hat es auf einer Internetseite erwischt... Ich bräuchte ein FIX-Script für OTL Hier der Log von OTL Code: Alles auswählen Aufklappen ATTFilter OTL logfile created on: 8/29/2012 11:10:33 - Polizei Trojaner...
Archiv
Du betrachtest: Polizei Trojaner auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.