Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: In jedem Textfeld erscheinen ständig unendlich viele *x*

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 06.10.2012, 19:32   #1
zr7driver
 
In jedem Textfeld erscheinen ständig unendlich viele *x* - Standard

In jedem Textfeld erscheinen ständig unendlich viele *x*



Seit ein paar Tagen erscheinen in jedem Textfeld unendlich viele *x*! Egal ob online oder nicht. Manchmal sind sogar ganze Internetadressen durch *x* ersetzt! Alle Rettungsversuche sind bis jetzt gescheitert. Egal ob mit Avast, Avira oder Kaspersky Rettungs CD! Schreibe jetzt am LapTop! Deshalb auch keine Auswertungen... Was kann ich tun? Wer weiß Rat? DANKE!!

Avira AntiVir Rescue System findet auch nichts!!

Code:
ATTFilter
Malwarebytes Anti-Malware 1.65.0.1400
Malwarebytes : Free Anti-Malware download

Datenbank Version: v2012.10.06.06

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
zr7driver :: ZR7DRIVER-PC [Administrator]

07.10.2012 01:12:45
mbam-log-2012-10-07 (01-12-45).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 577454
Laufzeit: 3 Stunde(n), 2 Minute(n), 38 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\loadtbs-3.0 (PUP.LoadTubes) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 3
C:\Users\zr7driver\AppData\Roaming\loadtbs (PUP.LoadTubes) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\zr7driver\AppData\Roaming\loadtbs\chrome@loadtubes.com (PUP.LoadTubes) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\zr7driver\AppData\Roaming\loadtbs\html (PUP.LoadTubes) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateien: 23
C:\Users\zr7driver\AppData\Roaming\loadtbs\ytdl.exe (PUP.LoadTubes) -> Keine Aktion durchgeführt.
C:\Program Files\Mozilla Firefox\plugins\npmieze.dll (PUP.LoadTubes) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\zr7driver\Handy\WinMob\Programme\CruiseController\CruiseController_wm.exe (Backdoor.MSIL.PGen) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\zr7driver\Handy\WinMob\Programme\Just-a-Clock\Just-a-Clock_wm.exe (Backdoor.MSIL.PGen) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\zr7driver\Handy\WinMob\Programme\SpeedoPhone\SpeedoPhone.exe (Backdoor.MSIL.PGen) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Externe Festplatte 1\Software\No23Player.exe (Malware.Packer.as) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\zr7driver\AppData\Roaming\loadtbs\keyHash.txt (PUP.LoadTubes) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\zr7driver\AppData\Roaming\loadtbs\config.txt (PUP.LoadTubes) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\zr7driver\AppData\Roaming\loadtbs\domHash.txt (PUP.LoadTubes) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\zr7driver\AppData\Roaming\loadtbs\evHash.txt (PUP.LoadTubes) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\zr7driver\AppData\Roaming\loadtbs\license.txt (PUP.LoadTubes) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\zr7driver\AppData\Roaming\loadtbs\uninstall.exe (PUP.LoadTubes) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\zr7driver\AppData\Roaming\loadtbs\updateHash.txt (PUP.LoadTubes) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\zr7driver\AppData\Roaming\loadtbs\CHROME@LOADTUBES.COM\background.html (PUP.LoadTubes) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\zr7driver\AppData\Roaming\loadtbs\CHROME@LOADTUBES.COM\background.js (PUP.LoadTubes) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\zr7driver\AppData\Roaming\loadtbs\CHROME@LOADTUBES.COM\download.js (PUP.LoadTubes) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\zr7driver\AppData\Roaming\loadtbs\CHROME@LOADTUBES.COM\fire.js (PUP.LoadTubes) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\zr7driver\AppData\Roaming\loadtbs\CHROME@LOADTUBES.COM\manifest.json (PUP.LoadTubes) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\zr7driver\AppData\Roaming\loadtbs\html\dimensions.ini (PUP.LoadTubes) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\zr7driver\AppData\Roaming\loadtbs\html\install.html (PUP.LoadTubes) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\zr7driver\AppData\Roaming\loadtbs\html\license.txt (PUP.LoadTubes) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\zr7driver\AppData\Roaming\loadtbs\html\uninstall.html (PUP.LoadTubes) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\zr7driver\AppData\Roaming\loadtbs\html\uninstallComplete.html (PUP.LoadTubes) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)
Und es geht trotzdem weiter.x.

Malwarebytes Anti-Malware 1.65.0.1400
Malwarebytes : Free Anti-Malware download

Datenbank Version: v2012.10.06.06

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
zr7driver :: ZR7DRIVER-PC [Administrator]

07.10.2012 09:49:48
mbam-log-2012-10-07 (09-49-48).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 224734
Laufzeit: 10 Minute(n), 26 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
         

Geändert von cosinus (09.10.2012 um 14:49 Uhr) Grund: CODE-Tags korrigiert

Alt 07.10.2012, 20:57   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
In jedem Textfeld erscheinen ständig unendlich viele *x* - Standard

In jedem Textfeld erscheinen ständig unendlich viele *x*




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset



Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
ATTFilter
 hier steht das Log
         
__________________

__________________

Alt 09.10.2012, 07:54   #3
zr7driver
 
In jedem Textfeld erscheinen ständig unendlich viele *x* - Standard

In jedem Textfeld erscheinen ständig unendlich viele *x*



Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=4876077f741c2840b6849238d9e58032
# end=stopped
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-10-08 07:53:42
# local_time=2012-10-08 09:53:42 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1792 16777215 100 0 226516 226516 0 0
# compatibility_mode=5893 16776574 100 94 279768 101313399 0 0
# compatibility_mode=8192 67108863 100 0 122 122 0 0
# scanned=11286
# found=1
# cleaned=1
# scan_time=614
C:\ART\SOC\Root\unlockroot23.exe	a variant of Win32/Packed.VProtect.C application (cleaned by deleting - quarantined)	00000000000000000000000000000000	C
ESETSmartInstaller@High as downloader log:
all ok
esets_scanner_update returned -1 esets_gle=53251
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=4876077f741c2840b6849238d9e58032
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-10-09 02:54:43
# local_time=2012-10-09 04:54:43 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.0.6000 NT 
# compatibility_mode=1792 16777215 100 0 227336 227336 0 0
# compatibility_mode=5893 16776574 100 94 280588 101314219 0 0
# compatibility_mode=8192 67108863 100 0 942 942 0 0
# scanned=374558
# found=8
# cleaned=0
# scan_time=68254
C:\Externe Festplatte 1\Eigene Dateien\Software\registrybooster.exe	a variant of Win32/RegistryBooster application (unable to clean)	00000000000000000000000000000000	I
C:\Externe Festplatte 1\Software\jdprof2009.exe	a variant of MSIL/Packed.PvLogNetProtector.B application (unable to clean)	00000000000000000000000000000000	I
C:\Externe Festplatte 1\Software\wgo-winload.exe	a variant of MSIL/Packed.PvLogNetProtector.B application (unable to clean)	00000000000000000000000000000000	I
C:\Program Files\Glary Utilities\v9gls.exe	probably a variant of Win32/ELEX application (unable to clean)	00000000000000000000000000000000	I
C:\Program Files\WebSite X5 v9 - Smart\imRegister.exe	a variant of MSIL/Packed.CryptoObfuscator.I application (unable to clean)	00000000000000000000000000000000	I
C:\Users\zr7driver\Downloads\Babylon8_setup.exe	a variant of Win32/Toolbar.Babylon application (unable to clean)	00000000000000000000000000000000	I
C:\Users\zr7driver\Downloads\gusetup.exe	probably a variant of Win32/ELEX application (unable to clean)	00000000000000000000000000000000	I
C:\Users\zr7driver\Downloads\wsx5_sm.exe	a variant of MSIL/Packed.CryptoObfuscator.I application (unable to clean)	00000000000000000000000000000000	I
         
__________________

Geändert von cosinus (09.10.2012 um 14:49 Uhr) Grund: CODE-Tags korrigiert

Alt 09.10.2012, 14:50   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
In jedem Textfeld erscheinen ständig unendlich viele *x* - Standard

In jedem Textfeld erscheinen ständig unendlich viele *x*



adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen
  • Schließe alle offenen Programme und Browser.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Löschen.
  • Bestätige jeweils mit Ok.
  • Dein Rechner wird neu gestartet. Nach dem Neustart öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[Sx].txt. (x=fortlaufende Nummer)
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 09.10.2012, 17:53   #5
zr7driver
 
In jedem Textfeld erscheinen ständig unendlich viele *x* - Standard

In jedem Textfeld erscheinen ständig unendlich viele *x*



Code:
ATTFilter
# AdwCleaner v2.003 - Datei am 10/09/2012 um 18:44:35 erstellt
# Aktualisiert am 23/09/2012 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (32 bits)
# Benutzer : zr7driver - ZR7DRIVER-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\zr7driver\Desktop\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Datei Gelöscht : C:\Users\zr7driver\AppData\Roaming\Mozilla\Firefox\Profiles\fdux24z8.Ralf\searchplugins\Askcom.xml
Ordner Gelöscht : C:\Program Files\Ask.com
Ordner Gelöscht : C:\Users\ZR7DRI~1\AppData\Local\Temp\AskSearch
Ordner Gelöscht : C:\Users\zr7driver\AppData\Local\APN
Ordner Gelöscht : C:\Users\zr7driver\AppData\LocalLow\AskToolbar
Ordner Gelöscht : C:\Users\zr7driver\AppData\Roaming\Mozilla\Firefox\Profiles\fdux24z8.Ralf\extensions\toolbar@ask.com
Ordner Gelöscht : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKCU\Software\APN
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\AskToolbar
Schlüssel Gelöscht : HKCU\Software\Ask.com
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\incredibar.com
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\incredibar.com
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Schlüssel Gelöscht : HKLM\Software\APN
Schlüssel Gelöscht : HKLM\Software\AskToolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\incredibar.com
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\incredibar.com
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v15.0 (de)

Profilname : default 
Datei : C:\Users\zr7driver\AppData\Roaming\Mozilla\Firefox\Profiles\9wn4tm8l.default\prefs.js

Gelöscht : user_pref("browser.search.selectedEngine", "Ask.com");
Gelöscht : user_pref("browser.search.order.1", "Ask.com");
Gelöscht : user_pref("browser.search.defaultengine", "Ask.com");
Gelöscht : user_pref("browser.search.defaultenginename", "Ask.com");
Gelöscht : user_pref("keyword.URL", "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=AVR-4&o=APN10261&loc[...]
Gelöscht : user_pref("extensions.asktb.ff-original-keyword-url", "");

Profilname : Ralf [Profil par défaut]
Datei : C:\Users\zr7driver\AppData\Roaming\Mozilla\Firefox\Profiles\fdux24z8.Ralf\prefs.js

Gelöscht : user_pref("browser.search.defaultengine", "Ask.com");
Gelöscht : user_pref("browser.search.defaultenginename", "Ask.com");
Gelöscht : user_pref("browser.search.order.1", "Ask.com");
Gelöscht : user_pref("browser.search.selectedEngine", "Ask.com");
Gelöscht : user_pref("extensions.asktb.InstallDir", "C:\\Program Files\\Ask.com\\");
Gelöscht : user_pref("extensions.asktb.apn_dbr", "ff_15.0");
Gelöscht : user_pref("extensions.asktb.autofill-text-highlight-enabled", true);
Gelöscht : user_pref("extensions.asktb.cbid", "^AGS");
Gelöscht : user_pref("extensions.asktb.config-updated", false);
Gelöscht : user_pref("extensions.asktb.cr-o", "APN10261");
Gelöscht : user_pref("extensions.asktb.crumb", "2012.10.07+12.10.15-toolbar012iad-DE-QXVnc2J1cmcsR2VybWFueQ%3D%[...]
Gelöscht : user_pref("extensions.asktb.default-channel-url-mask", "hxxp://avira-int.ask.com/web?q={query}&qsrc=[...]
Gelöscht : user_pref("extensions.asktb.domain", "avira-int.ask.com");
Gelöscht : user_pref("extensions.asktb.domainName", "avira-int.ask.com");
Gelöscht : user_pref("extensions.asktb.dtid", "^YYYYYY^YY^DE");
Gelöscht : user_pref("extensions.asktb.ff-original-keyword-url", "hxxp://www.google.com/search?ie=UTF-8&oe=UTF-[...]
Gelöscht : user_pref("extensions.asktb.fresh-install", false);
Gelöscht : user_pref("extensions.asktb.guid", "b270a8c8-c838-4580-968b-86c69f2550a3");
Gelöscht : user_pref("extensions.asktb.hxxp-header-whitelist-hosts", "[\"static-dev.en.dev.ask.com\", \"ask.com[...]
Gelöscht : user_pref("extensions.asktb.if", "first");
Gelöscht : user_pref("extensions.asktb.l", "dis");
Gelöscht : user_pref("extensions.asktb.last-config-req", "1349747776354");
Gelöscht : user_pref("extensions.asktb.locale", "de_DE");
Gelöscht : user_pref("extensions.asktb.localePref", true);
Gelöscht : user_pref("extensions.asktb.location", "Augsburg,Germany");
Gelöscht : user_pref("extensions.asktb.o", "APN10261");
Gelöscht : user_pref("extensions.asktb.overlay-reloaded-using-restart", true);
Gelöscht : user_pref("extensions.asktb.qsrc", "2871");
Gelöscht : user_pref("extensions.asktb.r", "2");
Gelöscht : user_pref("extensions.asktb.sa", "YES");
Gelöscht : user_pref("extensions.asktb.saguid", "74ACD6B1-898A-4431-99F3-0D200D08CED2");
Gelöscht : user_pref("extensions.asktb.search-suggestions-enabled", true);
Gelöscht : user_pref("extensions.asktb.silent-upgrade-from-pre-newtabs-build", false);
Gelöscht : user_pref("extensions.asktb.socialmini-first", true);
Gelöscht : user_pref("extensions.asktb.socialmini-interval", "1200000");
Gelöscht : user_pref("extensions.asktb.socialmini-max-char-ticker", "33");
Gelöscht : user_pref("extensions.asktb.socialmini-max-items", "30");
Gelöscht : user_pref("extensions.asktb.socialmini-native-on", true);
Gelöscht : user_pref("extensions.asktb.socialmini-speed", "5000");
Gelöscht : user_pref("extensions.asktb.themeid", "");
Gelöscht : user_pref("extensions.asktb.timeinstalled", "07.10.2012 21:11:26");
Gelöscht : user_pref("extensions.asktb.to", "");
Gelöscht : user_pref("extensions.asktb.v", "3.15.5.100015");
Gelöscht : user_pref("extensions.asktb.version", "5.15.5.26921");
Gelöscht : user_pref("extensions.enabledAddons", "eQuakeAlert@vaxghost.addons.mozilla.org:7.0.0,finder@meinguts[...]
Gelöscht : user_pref("keyword.URL", "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=AVR-4&o=APN10261&loc[...]

-\\ Google Chrome v [Version kann nicht ermittelt werden]

Datei : C:\Users\zr7driver\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

*************************

AdwCleaner[R1].txt - [121599 octets] - [07/10/2012 10:05:51]
AdwCleaner[S1].txt - [121024 octets] - [07/10/2012 10:09:34]
AdwCleaner[R2].txt - [1484 octets] - [07/10/2012 10:23:22]
AdwCleaner[S2].txt - [1417 octets] - [07/10/2012 10:23:48]
AdwCleaner[R3].txt - [8798 octets] - [09/10/2012 18:43:38]
AdwCleaner[S3].txt - [8602 octets] - [09/10/2012 18:44:35]

########## EOF - C:\AdwCleaner[S3].txt - [8662 octets] ##########
         


Geändert von cosinus (09.10.2012 um 19:04 Uhr) Grund: CODE-Tags

Alt 09.10.2012, 19:03   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
In jedem Textfeld erscheinen ständig unendlich viele *x* - Standard

In jedem Textfeld erscheinen ständig unendlich viele *x*



Die Logs bitte in CODE-Tags

Bitte mal den aktuellen adwCleaner runterladen, also die alte adwcleaner löschen und neu runterladen

adwCleaner - Toolbars und ungewollte Start-/Suchseiten aufspüren

Downloade Dir bitte AdwCleaner auf deinen Desktop.

Falls der adwCleaner schon mal in der runtergeladen wurde, bitte die alte adwcleaner.exe löschen und neu runterladen!!
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Suche.
  • Nach Ende des Suchlaufs öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[Rx].txt. (x=fortlaufende Nummer)
__________________
--> In jedem Textfeld erscheinen ständig unendlich viele *x*

Alt 09.10.2012, 19:33   #7
zr7driver
 
In jedem Textfeld erscheinen ständig unendlich viele *x* - Standard

In jedem Textfeld erscheinen ständig unendlich viele *x*



Code:
ATTFilter
# AdwCleaner v2.004 - Datei am 09/10/2012 um 20:32:39 erstellt
# Aktualisiert am 06/10/2012 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (32 bits)
# Benutzer : zr7driver - ZR7DRIVER-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\zr7driver\Desktop\adwcleaner.exe
# Option [Suche]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Ordner Gefunden : C:\Program Files\Mozilla Firefox\Extensions\ffxtlbr@babylon.com

***** [Registrierungsdatenbank] *****

Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\NCTAudioCDGrabber2.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Scheduled Update for Ask Toolbar
Schlüssel Gefunden : HKU\S-1-5-21-2688999502-884777346-3256751407-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v15.0 (de)

Profilname : default 
Datei : C:\Users\zr7driver\AppData\Roaming\Mozilla\Firefox\Profiles\9wn4tm8l.default\prefs.js

[OK] Die Datei ist sauber.

Profilname : Ralf [Profil par défaut]
Datei : C:\Users\zr7driver\AppData\Roaming\Mozilla\Firefox\Profiles\fdux24z8.Ralf\prefs.js

[OK] Die Datei ist sauber.

-\\ Google Chrome v [Version kann nicht ermittelt werden]

Datei : C:\Users\zr7driver\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

*************************

AdwCleaner[R1].txt - [121599 octets] - [07/10/2012 10:05:51]
AdwCleaner[S1].txt - [121024 octets] - [07/10/2012 10:09:34]
AdwCleaner[R2].txt - [1484 octets] - [07/10/2012 10:23:22]
AdwCleaner[S2].txt - [1417 octets] - [07/10/2012 10:23:48]
AdwCleaner[R3].txt - [8798 octets] - [09/10/2012 18:43:38]
AdwCleaner[S3].txt - [8731 octets] - [09/10/2012 18:44:35]
AdwCleaner[R4].txt - [1724 octets] - [09/10/2012 19:21:59]
AdwCleaner[R5].txt - [2293 octets] - [09/10/2012 20:32:39]

########## EOF - C:\AdwCleaner[R5].txt - [2353 octets] ##########
         

Geändert von zr7driver (09.10.2012 um 19:49 Uhr)

Alt 09.10.2012, 19:59   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
In jedem Textfeld erscheinen ständig unendlich viele *x* - Standard

In jedem Textfeld erscheinen ständig unendlich viele *x*



adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen
  • Schließe alle offenen Programme und Browser.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Löschen.
  • Bestätige jeweils mit Ok.
  • Dein Rechner wird neu gestartet. Nach dem Neustart öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[Sx].txt. (x=fortlaufende Nummer)
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 09.10.2012, 20:53   #9
zr7driver
 
In jedem Textfeld erscheinen ständig unendlich viele *x* - Standard

In jedem Textfeld erscheinen ständig unendlich viele *x*



Code:
ATTFilter
# AdwCleaner v2.004 - Datei am 09/10/2012 um 21:43:39 erstellt
# Aktualisiert am 06/10/2012 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (32 bits)
# Benutzer : zr7driver - ZR7DRIVER-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\zr7driver\Desktop\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Ordner Gelöscht : C:\Program Files\Mozilla Firefox\Extensions\ffxtlbr@babylon.com

***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\NCTAudioCDGrabber2.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v15.0 (de)

Profilname : default 
Datei : C:\Users\zr7driver\AppData\Roaming\Mozilla\Firefox\Profiles\9wn4tm8l.default\prefs.js

[OK] Die Datei ist sauber.

Profilname : Ralf [Profil par défaut]
Datei : C:\Users\zr7driver\AppData\Roaming\Mozilla\Firefox\Profiles\fdux24z8.Ralf\prefs.js

[OK] Die Datei ist sauber.

-\\ Google Chrome v [Version kann nicht ermittelt werden]

Datei : C:\Users\zr7driver\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

*************************

AdwCleaner[R1].txt - [121599 octets] - [07/10/2012 10:05:51]
AdwCleaner[S1].txt - [121024 octets] - [07/10/2012 10:09:34]
AdwCleaner[R2].txt - [1484 octets] - [07/10/2012 10:23:22]
AdwCleaner[S2].txt - [1417 octets] - [07/10/2012 10:23:48]
AdwCleaner[R3].txt - [8798 octets] - [09/10/2012 18:43:38]
AdwCleaner[S3].txt - [8731 octets] - [09/10/2012 18:44:35]
AdwCleaner[R4].txt - [1724 octets] - [09/10/2012 19:21:59]
AdwCleaner[R5].txt - [2422 octets] - [09/10/2012 20:32:39]
AdwCleaner[R6].txt - [2482 octets] - [09/10/2012 21:43:21]
AdwCleaner[S4].txt - [2125 octets] - [09/10/2012 21:43:39]

########## EOF - C:\AdwCleaner[S4].txt - [2185 octets] ##########
         

Alt 10.10.2012, 10:22   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
In jedem Textfeld erscheinen ständig unendlich viele *x* - Standard

In jedem Textfeld erscheinen ständig unendlich viele *x*



Hätte da mal zwei Fragen bevor es weiter geht (wir sind noch nicht fertig!)

1.) Geht der normale Modus von Windows (wieder) uneingeschränkt?
2.) Vermisst du irgendwas im Startmenü? Sind da leere Ordner unter alle Programme oder ist alles vorhanden?
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 10.10.2012, 10:50   #11
zr7driver
 
In jedem Textfeld erscheinen ständig unendlich viele *x* - Standard

In jedem Textfeld erscheinen ständig unendlich viele *x*



Habe heute Nacht nochmals Kaspersky Rettungs CD laufen lassen und heute früh ging der PC wieder ganz normal! Ich vermisse auch nichts! Hoffe das war's jetzt?! Danke schon mal für alles!!

Alt 10.10.2012, 13:16   #12
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
In jedem Textfeld erscheinen ständig unendlich viele *x* - Standard

In jedem Textfeld erscheinen ständig unendlich viele *x*



Mach bitte ein neues OTL-Log. Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
ATTFilter
 hier steht das Log
         
CustomScan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop. Falls schon vorhanden, bitte die ältere vorhandene Datei durch die neu heruntergeladene Datei ersetzen, damit du auch wirklich mit einer aktuellen Version von OTL arbeitest.
  • Starte bitte die OTL.exe.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Setze oben mittig den Haken bei Scanne alle Benutzer
  • Kopiere nun den kompletten Inhalt aus der untenstehenden Codebox in die Textbox von OTL - wenn OTL auf deutsch ist wird sie mit beschriftet
Code:
ATTFilter
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT
         
  • Schliesse bitte nun alle Programme. (Wichtig)
  • Klicke nun bitte auf den Quick Scan Button.
  • Klick auf .
  • Kopiere nun den Inhalt aus OTL.txt hier in Deinen Thread
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 10.10.2012, 19:50   #13
zr7driver
 
In jedem Textfeld erscheinen ständig unendlich viele *x* - Standard

In jedem Textfeld erscheinen ständig unendlich viele *x*



Code:
ATTFilter
OTL logfile created on: 10.10.2012 20:00:53 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\zr7driver\Desktop
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,25 Gb Total Physical Memory | 2,08 Gb Available Physical Memory | 64,01% Memory free
6,50 Gb Paging File | 4,71 Gb Available in Paging File | 72,45% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 910,41 Gb Total Space | 584,22 Gb Free Space | 64,17% Space Free | Partition Type: NTFS
Drive D: | 20,00 Gb Total Space | 10,36 Gb Free Space | 51,80% Space Free | Partition Type: NTFS
 
Computer Name: ZR7DRIVER-PC | User Name: zr7driver | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.10.10 19:57:07 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\zr7driver\Desktop\OTL.exe
PRC - [2012.09.25 11:00:45 | 000,084,256 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2012.09.25 10:54:05 | 000,554,784 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe
PRC - [2012.09.25 10:52:56 | 000,108,320 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.09.25 10:52:48 | 000,386,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.09.24 17:24:20 | 001,161,768 | ---- | M] (WiseCleaner.com) -- C:\Programme\Wise\Wise Care 365\WiseTray.exe
PRC - [2012.09.19 19:20:40 | 000,079,136 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2012.09.18 01:07:45 | 000,212,432 | ---- | M] (Google Inc.) -- C:\Programme\Google\Update\1.3.21.123\GoogleCrashHandler.exe
PRC - [2012.08.31 02:52:22 | 000,021,432 | ---- | M] () -- C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
PRC - [2012.08.31 02:52:12 | 000,964,024 | ---- | M] (Samsung) -- C:\Programme\Samsung\Kies\Kies.exe
PRC - [2012.08.21 11:12:26 | 004,282,728 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastUI.exe
PRC - [2012.08.21 11:12:25 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe
PRC - [2012.08.13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.07.25 04:08:10 | 026,909,544 | ---- | M] (Dropbox, Inc.) -- C:\Users\zr7driver\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2012.07.17 22:31:18 | 000,776,088 | ---- | M] () -- C:\Programme\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
PRC - [2012.07.17 22:31:18 | 000,116,632 | ---- | M] () -- C:\Programme\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
PRC - [2012.07.02 16:02:28 | 004,473,728 | ---- | M] (IObit) -- C:\Programme\IObit\IObit Malware Fighter\IMF.exe
PRC - [2012.03.23 14:25:24 | 000,087,040 | ---- | M] () -- C:\Programme\HTC\Internet Pass-Through\PassThruSvr.exe
PRC - [2012.02.29 16:56:07 | 001,564,368 | ---- | M] () -- C:\Programme\Guard-ICQ\GuardICQ.exe
PRC - [2012.01.23 06:43:08 | 000,092,592 | ---- | M] (TomTom) -- C:\Programme\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2012.01.09 20:17:44 | 000,821,592 | ---- | M] (IObit) -- C:\Programme\IObit\IObit Malware Fighter\IMFsrv.exe
PRC - [2011.09.02 16:06:38 | 000,065,657 | ---- | M] (Motorola) -- C:\Programme\Motorola\MotForwardDaemon\ForwardDaemon.exe
PRC - [2011.05.24 11:33:30 | 001,840,128 | ---- | M] (MAGIX AG) -- C:\Programme\Common Files\MAGIX Services\Database\bin\FABS.exe
PRC - [2011.03.10 20:57:04 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft\BingBar\SeaPort.EXE
PRC - [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2011.02.24 19:07:06 | 000,470,120 | ---- | M] () -- C:\Programme\Acronis\DriveMonitor\adm_tray.exe
PRC - [2011.02.12 07:43:02 | 000,660,576 | ---- | M] (Acronis) -- C:\Programme\Common Files\Acronis\Schedule2\schedul2.exe
PRC - [2011.02.12 07:40:50 | 000,365,632 | ---- | M] (Acronis) -- C:\Programme\Common Files\Acronis\Schedule2\schedhlp.exe
PRC - [2011.01.07 22:06:12 | 000,803,432 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\Display\NvXDSync.exe
PRC - [2011.01.05 12:31:34 | 000,399,416 | ---- | M] (Secunia) -- C:\Programme\Secunia\PSI\sua.exe
PRC - [2011.01.05 12:31:32 | 000,988,216 | ---- | M] (Secunia) -- C:\Programme\Secunia\PSI\psia.exe
PRC - [2010.11.20 14:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2010.11.20 14:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010.11.20 14:17:41 | 001,174,016 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Sidebar\sidebar.exe
PRC - [2010.11.05 17:11:52 | 000,081,920 | R--- | M] (Nero AG) -- C:\Programme\Motorola Media Link\NServiceEntry.exe
PRC - [2010.04.05 21:55:01 | 000,116,104 | ---- | M] () -- C:\Programme\Canon\IJPLM\ijplmsvc.exe
PRC - [2010.04.02 11:18:54 | 001,185,112 | ---- | M] (CANON INC.) -- C:\Programme\Canon\Solution Menu EX\CNSEMAIN.EXE
PRC - [2010.03.25 03:50:00 | 002,516,296 | ---- | M] (CANON INC.) -- C:\Programme\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2009.12.24 12:17:20 | 000,100,152 | ---- | M] (MICRO-STAR INT'L,.LTD.) -- C:\Programme\msi\OSD hot keys\WMI_Hook_Service.exe
PRC - [2009.08.18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
PRC - [2009.08.18 11:29:22 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
PRC - [2009.07.28 16:07:42 | 000,073,528 | ---- | M] (AVM Berlin) -- C:\Programme\FRITZ!DSL\IGDCTRL.EXE
PRC - [2009.07.27 11:38:46 | 000,987,960 | ---- | M] (AVM Berlin) -- C:\Programme\FRITZ!DSL\FritzDsl.exe
PRC - [2009.07.23 14:13:10 | 000,066,824 | ---- | M] (Raxco Software, Inc.) -- C:\Programme\Raxco\PerfectDisk10\PDAgentS1.exe
PRC - [2009.07.23 14:13:08 | 000,931,080 | ---- | M] (Raxco Software, Inc.) -- C:\Programme\Raxco\PerfectDisk10\PDAgent.exe
PRC - [2009.07.20 11:01:00 | 000,760,120 | ---- | M] (AVM Berlin) -- C:\Programme\FRITZ!DSL\StCenter.exe
PRC - [2009.07.14 03:14:21 | 000,294,400 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\ink\InputPersonalization.exe
PRC - [2009.06.03 21:59:02 | 000,103,720 | ---- | M] (CyberLink) -- C:\Programme\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2009.04.09 12:45:26 | 001,061,688 | ---- | M] (AVM Berlin) -- C:\Programme\FRITZ!DSL\FwebProt.exe
PRC - [2009.01.26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Programme\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2008.11.09 22:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Programme\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008.10.24 16:35:44 | 000,128,296 | ---- | M] () -- C:\Programme\AAVUpdateManager\aavus.exe
PRC - [2008.06.13 14:24:02 | 000,081,920 | ---- | M] (Firebird Project) -- C:\Programme\Firebird\Firebird_2_1\bin\fbguard.exe
PRC - [2008.06.13 14:22:50 | 002,723,840 | ---- | M] (Firebird Project) -- C:\Programme\Firebird\Firebird_2_1\bin\fbserver.exe
PRC - [2007.12.27 15:39:30 | 000,166,520 | ---- | M] () -- C:\Programme\IVT Corporation\BlueSoleil\BTNtService.exe
PRC - [2007.12.27 15:39:20 | 000,051,816 | ---- | M] () -- C:\Programme\IVT Corporation\BlueSoleil\StartSkysolSvc.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.10.10 03:47:16 | 000,115,137 | ---- | M] () -- C:\Users\zr7driver\AppData\Local\Temp\fbe2808e-2380-4f14-a1fa-3fa9c3a364e8\CliSecureRT.dll
MOD - [2012.09.15 18:54:57 | 015,399,936 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Theme\002b4b1af5f8145bf6b6afe21d4f1db2\Kies.Theme.ni.dll
MOD - [2012.09.15 18:54:56 | 000,608,256 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DevicePodcast\de1a504d1535e5005fbae8f6a4d97ce5\DevicePodcast.ni.dll
MOD - [2012.09.15 18:54:54 | 000,290,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceVideo\ee12ab3bf308cbe22f373afbddf0be6b\DeviceVideo.ni.dll
MOD - [2012.09.15 18:54:52 | 000,367,104 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DevicePhoto\e5e58a020638d28d3740195f1d0738da\DevicePhoto.ni.dll
MOD - [2012.09.15 18:54:51 | 000,299,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceMusic\0377dd6ed6a5e92a0b8d6eb7d0b64f79\DeviceMusic.ni.dll
MOD - [2012.09.15 18:54:50 | 000,461,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\VideoManager\23e80240003377b6412081a4523943fe\VideoManager.ni.dll
MOD - [2012.09.15 18:54:48 | 002,778,112 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PodcastService\23fd65cd04b03d19931758d7472e38a4\PodcastService.ni.dll
MOD - [2012.09.15 18:54:45 | 001,143,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Podcaster\65018f5e3da23293d642168f7b132d40\Podcaster.ni.dll
MOD - [2012.09.15 18:54:42 | 000,607,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PhotoManager\e96a4bd6a51ec7762f15f9bc64c6c33a\PhotoManager.ni.dll
MOD - [2012.09.15 18:54:16 | 000,033,792 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\deb1e04d94f18bc88afabf744c5d87aa\Kies.Common.DeviceServiceLib.FirmwareUpdate.FirmwareUpdateAgentHelper.ni.dll
MOD - [2012.09.15 18:54:14 | 005,677,568 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceHost\64d3040868aba797c48f608f5361e5bc\DeviceHost.ni.dll
MOD - [2012.09.15 18:53:59 | 001,843,712 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Phonebook\1bedf64dbdd091ac8dceee7cbfd84a88\Phonebook.ni.dll
MOD - [2012.09.15 18:53:50 | 001,008,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CPKTMusicPlugin\f73c846c21b32d8e446f08fe7bf0b75a\CPKTMusicPlugin.ni.dll
MOD - [2012.09.15 18:53:47 | 000,964,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\MusicManager\dc5b622e73080b69c1c63606f283b795\MusicManager.ni.dll
MOD - [2012.09.15 18:53:41 | 000,320,512 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\EBookManager\e5c8f9e08db50fb625c029361147f47e\EBookManager.ni.dll
MOD - [2012.09.15 18:53:39 | 000,391,168 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\BATPlugin\ed8a6670f7dbe1ae78aa091a0935fb87\BATPlugin.ni.dll
MOD - [2012.09.15 18:53:38 | 000,031,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\AllShareController\c209d4b3c25507564757710f6d4a4570\AllShareController.ni.dll
MOD - [2012.09.15 18:53:37 | 000,507,392 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.MediaDB\25823a7264f74e67158031f485c0bb23\Kies.Common.MediaDB.ni.dll
MOD - [2012.09.15 18:53:37 | 000,029,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.StoreMa#\d9eca4746981ac218c1dbe0c131ce108\Kies.Common.StoreManager.ni.dll
MOD - [2012.09.15 18:53:35 | 000,232,960 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\ASF_cSharpAPI\81bb58061bcd2a4c3bf4136abe041d20\ASF_cSharpAPI.ni.dll
MOD - [2012.09.15 18:53:35 | 000,064,000 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.AllShare\065aa3ca107d7b3d679a5f408e535239\Kies.Common.AllShare.ni.dll
MOD - [2012.09.15 18:53:34 | 000,278,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\1f13cee7982e84f07cff152618950b20\Kies.Common.DeviceServiceLib.FirmwareUpdate.Common.ni.dll
MOD - [2012.09.15 18:53:32 | 000,189,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\57b7389241c36caa1d2132d68eddedda\Kies.Common.DeviceServiceLib.FirmwareUpdate.Downloader.ni.dll
MOD - [2012.09.15 18:53:32 | 000,174,592 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.DevFileServ#\170b754ba9dcd78ee0b06a32af4a7c1f\Interop.DevFileServiceLib.ni.dll
MOD - [2012.09.15 18:53:31 | 000,565,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\4b033da616a5e8e2b9ebe95342e9cf0d\Kies.Common.DeviceServiceLib.FileService.ni.dll
MOD - [2012.09.15 18:53:29 | 000,566,784 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\bf6e9c84dd994fef46819ed3bd9fa934\Kies.Common.DeviceServiceLib.DeviceDataService.ni.dll
MOD - [2012.09.15 18:53:26 | 000,184,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\e1837e9c63789850168d0bb76826128d\Kies.Common.DeviceServiceLib.Interface.ni.dll
MOD - [2012.09.15 18:53:25 | 000,902,656 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\4f549b26003474662ef7e2f3be9e3dd3\Kies.Common.DeviceServiceLib.DeviceManagement.ni.dll
MOD - [2012.09.15 18:53:23 | 001,025,536 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\60c16bc46e86b9a852e71968dc63d9c7\Kies.Common.DeviceService.ni.dll
MOD - [2012.09.15 18:53:20 | 000,052,224 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.MP3FileInfo#\c99811c6a988ca6c2104a5b45acbddbb\Interop.MP3FileInfoCOMLib.ni.dll
MOD - [2012.09.15 18:53:20 | 000,030,720 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.PRPLAYERCOR#\25dc31b1903a3689788caf51d3d93f97\Interop.PRPLAYERCORELib.ni.dll
MOD - [2012.09.15 18:53:19 | 002,188,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.Multime#\923e655c1069f7faa553275eb2e6763c\Kies.Common.Multimedia.ni.dll
MOD - [2012.09.15 18:53:15 | 000,183,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.MainUI\4603ed01ff960f6d861f798e826c9442\Kies.Common.MainUI.ni.dll
MOD - [2012.09.15 18:53:13 | 000,067,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DBManag#\dcc3307fb870292826318142cf4fa8aa\Kies.Common.DBManager.ni.dll
MOD - [2012.09.15 18:53:12 | 000,201,728 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.Util\b0cec9954e5583399b377b65a469a74c\Kies.Common.Util.ni.dll
MOD - [2012.09.15 18:53:11 | 001,437,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Locale\c4f56538bb1d5921690a486bf052e30b\Kies.Locale.ni.dll
MOD - [2012.09.15 18:53:10 | 000,078,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.MVVM\afa8de1e7aabde98f9a5fec1abdb9a05\Kies.MVVM.ni.dll
MOD - [2012.09.15 18:53:09 | 001,728,512 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.UI\7a0eb5bc5decef8dc1ef9dd3bca3b4d4\Kies.UI.ni.dll
MOD - [2012.09.15 18:53:06 | 000,119,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\GongSolutions.Wpf.D#\3f6f79987f17c00edce423932abd1cf2\GongSolutions.Wpf.DragDrop.ni.dll
MOD - [2012.09.15 18:53:04 | 001,185,280 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Interface\0a26df964bb433ab607743b20c7704f7\Kies.Interface.ni.dll
MOD - [2012.09.15 18:53:02 | 001,674,240 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies\41f4faf4ff2ba56c26252d6069ceff76\Kies.ni.exe
MOD - [2012.08.31 02:52:22 | 000,021,432 | ---- | M] () -- C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
MOD - [2012.07.17 22:31:18 | 000,776,088 | ---- | M] () -- C:\Programme\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
MOD - [2012.06.13 09:05:50 | 000,221,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\26e0457a9776a0e9f23e3986686d90a5\System.ServiceProcess.ni.dll
MOD - [2012.06.13 05:36:30 | 013,198,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\00a4922fbf869a79c043b665035516b6\System.Windows.Forms.ni.dll
MOD - [2012.06.13 05:26:03 | 018,019,840 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\d239f585ee55f833dbe21e897e1265ac\PresentationFramework.ni.dll
MOD - [2012.06.13 05:25:46 | 011,522,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\b7de318e9fd1ef519ca6c1f3b5dba8e0\PresentationCore.ni.dll
MOD - [2012.06.13 05:25:32 | 003,881,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\a6e37a05b8d0cedbc5c3ea266ae3fc31\WindowsBase.ni.dll
MOD - [2012.06.13 05:25:27 | 001,666,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\4230ed1c7990e4ee8352baf67a2a85fa\System.Drawing.ni.dll
MOD - [2012.06.03 09:36:31 | 000,032,256 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.OGGFileInfo#\cbeefee33636e0d0be226cf11e180ba3\Interop.OGGFileInfoCOMLib.ni.dll
MOD - [2012.06.03 09:36:30 | 000,171,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.P3MPINTERFA#\b0b31095249cec5ef5c0407fa6b7fc22\Interop.P3MPINTERFACECTRLLib.ni.dll
MOD - [2012.06.03 09:36:22 | 000,395,776 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CabLib\6265ffca46eab52d5f798847b5ea908c\CabLib.ni.dll
MOD - [2012.06.03 09:36:21 | 000,530,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\ICSharpCode.SharpZi#\2d7161baa59dd2c1c39f4a192d760e7d\ICSharpCode.SharpZipLib.ni.dll
MOD - [2012.06.03 09:36:20 | 000,052,224 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.DeviceSearc#\9a6bad5be6518d4a975893676a49a82c\Interop.DeviceSearchLib.ni.dll
MOD - [2012.05.09 10:26:42 | 001,218,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\d0e1cdaff8f9055187f8e7b52c060dff\System.Management.ni.dll
MOD - [2012.05.09 10:21:00 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\63bc6e391de5014965039e100ce1e9d5\System.Runtime.Remoting.ni.dll
MOD - [2012.05.09 10:20:41 | 001,782,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\b68bee05c7e518172982cc92059c3315\System.Xaml.ni.dll
MOD - [2012.05.09 10:12:43 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\608d29d7cc89f3a9a195c91354561915\PresentationFramework.Aero.ni.dll
MOD - [2012.05.09 10:08:26 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\a84262e1224189f93e10cd3c403a9527\System.Configuration.ni.dll
MOD - [2012.05.09 10:08:13 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\9abe44a0f82070ead5f1256683a4d25a\System.Xml.ni.dll
MOD - [2012.05.09 10:07:42 | 007,069,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\09bd2126bba2ab4f29ed52afde1470d7\System.Core.ni.dll
MOD - [2012.05.09 10:07:30 | 009,092,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\a6be120e49f895ef6b00e9918402395b\System.ni.dll
MOD - [2012.05.09 10:07:19 | 014,414,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\c1af4ec9a36f671617a8ecaec00373f4\mscorlib.ni.dll
MOD - [2012.02.17 20:55:35 | 000,166,912 | ---- | M] () -- C:\Programme\WinRAR\RarExt.dll
MOD - [2011.02.24 19:07:06 | 000,470,120 | ---- | M] () -- C:\Programme\Acronis\DriveMonitor\adm_tray.exe
MOD - [2011.02.24 18:39:44 | 000,012,128 | ---- | M] () -- C:\Programme\Common Files\Acronis\DriveMonitor\Common\icudt38.dll
MOD - [2009.06.03 21:59:14 | 000,013,096 | ---- | M] () -- C:\Programme\CyberLink\Power2Go\CLMLSvcPS.dll
MOD - [2009.06.03 21:59:02 | 000,619,816 | ---- | M] () -- C:\Programme\CyberLink\Power2Go\CLMediaLibrary.dll
MOD - [2009.02.04 12:08:06 | 000,207,872 | ---- | M] () -- C:\Programme\FRITZ!DSL\C90dll.dll
 
 
========== Services (SafeList) ==========
 
SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SBSDWSCService)
SRV - [2012.10.09 11:34:18 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.09.25 11:00:45 | 000,084,256 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.09.25 10:54:05 | 000,554,784 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe -- (AntiVirWebService)
SRV - [2012.09.25 10:52:56 | 000,108,320 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.09.07 18:31:50 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.08.21 11:12:25 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Programme\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012.08.13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.07.17 22:31:18 | 000,116,632 | ---- | M] () [Auto | Running] -- C:\Programme\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe -- (Motorola Device Manager)
SRV - [2012.07.17 15:25:28 | 000,580,648 | ---- | M] (WiseCleaner.com) [Auto | Stopped] -- C:\Programme\Wise\Wise Care 365\BootTime.exe -- (WiseBootAssistant)
SRV - [2012.07.03 13:19:28 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.03.23 14:25:24 | 000,087,040 | ---- | M] () [Auto | Running] -- C:\Programme\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service)
SRV - [2012.02.29 16:56:07 | 001,564,368 | ---- | M] () [Auto | Running] -- C:\Programme\Guard-ICQ\GuardICQ.exe -- (Guard.Mail.ru)
SRV - [2012.01.23 06:43:08 | 000,092,592 | ---- | M] (TomTom) [Auto | Running] -- C:\Programme\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2012.01.18 14:38:28 | 000,155,320 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Programme\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion)
SRV - [2012.01.09 20:17:44 | 000,821,592 | ---- | M] (IObit) [Auto | Running] -- C:\Programme\IObit\IObit Malware Fighter\IMFsrv.exe -- (IMFservice)
SRV - [2011.09.02 16:06:38 | 000,065,657 | ---- | M] (Motorola) [Auto | Running] -- C:\Programme\Motorola\MotForwardDaemon\ForwardDaemon.exe -- (PST Service)
SRV - [2011.05.26 14:34:34 | 000,191,752 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Programme\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011.05.24 11:33:30 | 001,840,128 | ---- | M] (MAGIX AG) [Auto | Running] -- C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs)
SRV - [2011.04.26 14:54:12 | 002,702,848 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Programme\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
SRV - [2011.03.21 13:21:24 | 000,632,832 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2011.03.10 20:57:04 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2011.02.12 07:43:02 | 000,660,576 | ---- | M] (Acronis) [Auto | Running] -- C:\Programme\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2011.01.05 12:31:34 | 000,399,416 | ---- | M] (Secunia) [Auto | Running] -- C:\Programme\Secunia\PSI\sua.exe -- (Secunia Update Agent)
SRV - [2011.01.05 12:31:32 | 000,988,216 | ---- | M] (Secunia) [Auto | Running] -- C:\Programme\Secunia\PSI\psia.exe -- (Secunia PSI Agent)
SRV - [2010.11.20 14:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2010.11.05 17:11:52 | 000,081,920 | R--- | M] (Nero AG) [Auto | Running] -- C:\Programme\Motorola Media Link\NServiceEntry.exe -- (DeviceMonitorService)
SRV - [2010.04.28 07:44:02 | 000,704,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
SRV - [2010.04.05 21:55:01 | 000,116,104 | ---- | M] () [Auto | Running] -- C:\Programme\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2009.12.24 12:17:20 | 000,100,152 | ---- | M] (MICRO-STAR INT'L,.LTD.) [Auto | Running] -- C:\Programme\msi\OSD hot keys\WMI_Hook_Service.exe -- (WMI_Hook_Service)
SRV - [2009.08.24 22:16:36 | 000,406,016 | ---- | M] (mst software GmbH, Germany) [On_Demand | Stopped] -- C:\Programme\Ashampoo\Ashampoo WinOptimizer 2012\DfSdkS.exe -- (DfSdkS)
SRV - [2009.08.18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2009.08.10 15:58:28 | 000,093,848 | ---- | M] (SiSoftware) [On_Demand | Stopped] -- C:\Programme\SiSoftware\SiSoftware Sandra Lite 2011b\RpcAgentSrv.exe -- (SandraAgentSrv)
SRV - [2009.07.28 16:07:42 | 000,073,528 | ---- | M] (AVM Berlin) [Auto | Running] -- C:\Programme\FRITZ!DSL\IGDCTRL.EXE -- (IGDCTRL)
SRV - [2009.07.23 14:13:12 | 001,033,480 | ---- | M] (Raxco Software, Inc.) [On_Demand | Stopped] -- C:\Programme\Raxco\PerfectDisk10\PDEngine.exe -- (PDEngine)
SRV - [2009.07.23 14:13:08 | 000,931,080 | ---- | M] (Raxco Software, Inc.) [Auto | Running] -- C:\Programme\Raxco\PerfectDisk10\PDAgent.exe -- (PDAgent)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008.11.09 22:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Programme\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008.10.24 16:35:44 | 000,128,296 | ---- | M] () [Auto | Running] -- C:\Programme\AAVUpdateManager\aavus.exe -- (AAV UpdateService)
SRV - [2008.06.13 14:24:02 | 000,081,920 | ---- | M] (Firebird Project) [Auto | Running] -- C:\Programme\Firebird\Firebird_2_1\bin\fbguard.exe -- (FirebirdGuardianDefaultInstance)
SRV - [2008.06.13 14:22:50 | 002,723,840 | ---- | M] (Firebird Project) [On_Demand | Running] -- C:\Programme\Firebird\Firebird_2_1\bin\fbserver.exe -- (FirebirdServerDefaultInstance)
SRV - [2007.12.27 15:39:30 | 000,166,520 | ---- | M] () [Auto | Running] -- C:\Programme\IVT Corporation\BlueSoleil\BTNtService.exe -- (BlueSoleil Hid Service)
SRV - [2007.12.27 15:39:20 | 000,051,816 | ---- | M] () [Auto | Running] -- C:\Programme\IVT Corporation\BlueSoleil\StartSkysolSvc.exe -- (Start BT in service)
SRV - [2007.05.31 09:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007.05.31 09:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2003.07.28 12:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbmodem.sys -- (USBModem)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbdiag.sys -- (UsbDiag)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbbus.sys -- (usbbus)
DRV - File not found [Kernel | System | Stopped] -- C:\Windows\system32\drivers\SBREdrv.sys -- (SBRE)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\motodrv.sys -- (MotDev)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\motoandroid.sys -- (motandroidusb)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\ZR7DRI~1\AppData\Local\Temp\mfe_rr.sys -- (MFE_RR)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\C10F.tmp -- (MEMSWEEP2)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgbtbus.sys -- (lgbusenum)
DRV - File not found [File_System | Boot | Stopped] -- system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2012.10.01 17:14:23 | 000,134,184 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2012.09.24 09:58:11 | 000,036,552 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2012.09.13 10:58:17 | 000,083,792 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2012.08.28 19:41:29 | 000,025,200 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggsemc.sys -- (ggsemc)
DRV - [2012.08.28 19:41:29 | 000,012,400 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggflt.sys -- (ggflt)
DRV - [2012.08.27 15:50:24 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2012.08.21 11:13:15 | 000,729,752 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012.08.21 11:13:15 | 000,355,632 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012.08.21 11:13:15 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012.08.21 11:13:14 | 000,058,680 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2012.08.21 11:13:14 | 000,044,784 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2012.08.21 11:13:13 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012.07.31 12:42:48 | 000,181,344 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudserd.sys -- (ssudserd)
DRV - [2012.07.31 12:42:48 | 000,181,344 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudmdm.sys -- (ssudmdm)
DRV - [2012.07.31 12:42:48 | 000,083,168 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudbus.sys -- (dg_ssudbus)
DRV - [2012.07.05 13:53:38 | 000,019,832 | ---- | M] (IObit.com) [Kernel | On_Demand | Running] -- C:\Programme\IObit\IObit Malware Fighter\Drivers\win7_x86\UrlFilter.sys -- (UrlFilter)
DRV - [2012.07.05 13:53:36 | 000,030,640 | ---- | M] (IObit.com) [Kernel | On_Demand | Running] -- C:\Programme\IObit\IObit Malware Fighter\Drivers\win7_x86\RegFilter.sys -- (RegFilter)
DRV - [2012.06.11 11:56:32 | 000,020,864 | ---- | M] (Motorola Mobility Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motccgp.sys -- (motccgp)
DRV - [2012.06.08 16:09:10 | 000,023,808 | ---- | M] (Motorola Mobility Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Motousbnet.sys -- (Motousbnet)
DRV - [2012.06.08 16:08:52 | 000,006,656 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motswch.sys -- (MotoSwitchService)
DRV - [2012.06.08 16:08:26 | 000,024,576 | ---- | M] (Motorola Mobility Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motmodem.sys -- (motmodem)
DRV - [2012.03.07 03:11:00 | 000,025,856 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandnetadb.sys -- (andnetadb)
DRV - [2012.03.02 16:02:00 | 000,025,088 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandmodem.sys -- (ANDModem)
DRV - [2012.03.02 16:02:00 | 000,020,736 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lganddiag.sys -- (AndDiag)
DRV - [2012.03.02 16:02:00 | 000,020,096 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandgps.sys -- (AndGps)
DRV - [2012.03.02 16:02:00 | 000,014,336 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandbus.sys -- (Andbus)
DRV - [2012.02.07 17:46:02 | 000,024,328 | ---- | M] (CPUID) [Kernel | On_Demand | Stopped] -- C:\Programme\CPUID\PC Wizard 2012\pcwiz_x32.sys -- (cpuz135)
DRV - [2012.01.25 14:57:46 | 000,008,448 | ---- | M] (Motorola Mobility Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motccgpfl.sys -- (motccgpfl)
DRV - [2012.01.05 18:07:20 | 000,020,336 | ---- | M] (IObit) [File_System | On_Demand | Running] -- C:\Programme\IObit\IObit Malware Fighter\Drivers\win7_x86\FileMonitor.sys -- (FileMonitor)
DRV - [2011.11.08 13:59:04 | 000,011,008 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motusbdevice.sys -- (motusbdevice)
DRV - [2011.01.08 05:27:00 | 010,467,656 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2010.12.13 05:59:14 | 000,036,360 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\blueletaudio.sys -- (BlueletAudio)
DRV - [2010.12.13 05:45:42 | 000,036,616 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btcusb.sys -- (Btcsrusb)
DRV - [2010.12.12 21:40:51 | 000,032,392 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VcommMgr.sys -- (VcommMgr)
DRV - [2010.12.12 21:34:13 | 000,014,856 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VComm.sys -- (VComm)
DRV - [2010.12.02 15:13:30 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2010.12.02 15:13:28 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2010.12.02 15:13:26 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2010.12.02 15:13:22 | 000,018,304 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2010.12.01 11:51:53 | 000,110,304 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\ACEDRV09.sys -- (ACEDRV09)
DRV - [2010.11.20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.11.20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WINUSB)
DRV - [2010.09.01 10:30:58 | 000,015,544 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\psi_mf.sys -- (PSI)
DRV - [2010.06.23 10:24:56 | 000,023,040 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\htcnprot.sys -- (htcnprot)
DRV - [2010.04.01 10:13:38 | 001,009,184 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rtl8192se.sys -- (rtl8192se)
DRV - [2010.03.12 18:22:18 | 000,081,920 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ser2pl.sys -- (Ser2pl)
DRV - [2009.12.22 14:43:16 | 001,558,368 | ---- | M] (NXP Semiconductors Germany GmbH) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NxpCap.sys -- (NxpCap)
DRV - [2009.10.29 12:20:40 | 000,010,360 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hidkmdf.sys -- (hidkmdf)
DRV - [2009.10.29 12:20:38 | 000,022,392 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NW1950.sys -- (NW1950)
DRV - [2009.10.26 17:54:26 | 000,025,088 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ANDROIDUSB.sys -- (HTCAND32)
DRV - [2009.08.08 00:46:56 | 000,023,112 | ---- | M] (SiSoftware) [Kernel | On_Demand | Stopped] -- C:\Programme\SiSoftware\SiSoftware Sandra Lite 2011b\WNt500x86\sandra.sys -- (SANDRA)
DRV - [2009.06.30 17:32:54 | 000,212,000 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\nvstor32.sys -- (nvstor32)
DRV - [2009.06.29 00:36:36 | 000,017,920 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2009.06.08 10:00:56 | 000,071,696 | ---- | M] (Raxco Software, Inc.) [File_System | Auto | Running] -- C:\Windows\System32\drivers\DefragFs.sys -- (DefragFS)
DRV - [2009.06.05 01:47:48 | 000,024,608 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\nvamacpi.sys -- (nvamacpi)
DRV - [2009.01.29 18:11:20 | 000,006,016 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motfilt.sys -- (BTCFilterService)
DRV - [2008.08.26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007.06.24 21:56:40 | 000,027,656 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\BlueletSCOAudio.sys -- (BlueletSCOAudio)
DRV - [2007.03.05 20:59:04 | 000,018,320 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btnetdrv.sys -- (BT)
DRV - [2007.03.05 20:56:18 | 000,035,600 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\BtHidMgr.sys -- (BTHidMgr)
DRV - [2007.03.05 20:55:12 | 000,020,880 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\VBTEnum.sys -- (BTHidEnum)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\URLSearchHook:  - No CLSID value found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope = 
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\..\SearchScopes\{095C1A85-7264-4B56-BB5A-783E8E888AB2}: "URL" = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=302398&p={searchTerms}
IE - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\..\SearchScopes\{0A5C582A-2E0F-45B4-A278-5CC42B563211}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=kw&q={searchTerms}&locale=&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^YY^DE&apn_uid=b270a8c8-c838-4580-968b-86c69f2550a3&apn_sauid=74ACD6B1-898A-4431-99F3-0D200D08CED2
IE - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
IE - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\..\SearchScopes\{D73A46A4-5C66-4286-8399-9A51DF36E0A0}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=MEDTDF&pc=MAMD&src=IE-SearchBox
IE - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1166636.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi:  File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=4.0: C:\Program Files\Virtual Earth 3D\ [2011.06.18 18:41:42 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00: C:\Program Files\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.2.72: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.2.72: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.2.72: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.2.72: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.2.72: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: C:\Program Files\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.3: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1: C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll (Yahoo! Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2011.05.22 21:16:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012.02.28 18:48:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Program Files\AVG\AVG2012\Firefox\DoNotTrack\ [2012.05.01 15:59:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012.08.27 14:18:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.07 18:31:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.07 18:31:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.07 18:31:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.07 18:31:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.07 18:31:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.07 18:31:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.07 18:31:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.07 18:31:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.07 18:31:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.07 18:31:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.07 18:31:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.07 18:31:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.07 18:31:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 15.0.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.06.21 05:20:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2011.05.22 21:16:30 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.07 18:31:51 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.07 18:31:51 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.07 18:31:51 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.07 18:31:51 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
 
[2012.10.09 21:43:40 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.09.07 18:31:39 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.09.07 18:31:51 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010.12.09 12:47:06 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2007.03.10 01:16:44 | 000,189,496 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\mozilla firefox\plugins\npyaxmpb.dll
[2012.06.01 18:33:00 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.08.30 19:24:08 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.06.01 18:33:00 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.06.01 18:33:00 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.06.01 18:33:00 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.06.01 18:33:00 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.92\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.92\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.92\pdf.dll
CHR - plugin: Skype Click to Call (Enabled) = C:\Users\zr7driver\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.2.0.10687_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Windows Genuine Advantage (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npLegitCheckPlugin.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit)  (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit)  (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: Yahoo! activeX Plug-in Bridge (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll
CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility (Enabled) = C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Java Deployment Toolkit 7.0.70.10 (Enabled) = C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll
CHR - plugin: Java(TM) Platform SE 7 U7 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: Media Go Detector (Enabled) = C:\Program Files\Sony\Media Go\npmediago.dll
CHR - plugin: PlayStation(R)Network Downloader Check Plug-in (Enabled) = C:\Program Files\Sony\PLAYSTATION Network Downloader\nppsndl.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: RealNetworks(tm) Chrome Background Extension Plug-In (32-bit)  (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw_1166636.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - Extension: avast! WebRep = C:\Users\zr7driver\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1466_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\zr7driver\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: Skype Click to Call = C:\Users\zr7driver\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.2.0.10687_0\
 
O1 HOSTS File: ([2012.05.04 08:56:10 | 000,442,850 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1	www.007guard.com
O1 - Hosts: 127.0.0.1	007guard.com
O1 - Hosts: 127.0.0.1	008i.com
O1 - Hosts: 127.0.0.1	www.008k.com
O1 - Hosts: 127.0.0.1	008k.com
O1 - Hosts: 127.0.0.1	www.00hq.com
O1 - Hosts: 127.0.0.1	00hq.com
O1 - Hosts: 127.0.0.1	010402.com
O1 - Hosts: 127.0.0.1	www.032439.com
O1 - Hosts: 127.0.0.1	032439.com
O1 - Hosts: 127.0.0.1	www.0scan.com
O1 - Hosts: 127.0.0.1	0scan.com
O1 - Hosts: 127.0.0.1	1000gratisproben.com
O1 - Hosts: 127.0.0.1	www.1000gratisproben.com
O1 - Hosts: 127.0.0.1	1001namen.com
O1 - Hosts: 127.0.0.1	www.1001namen.com
O1 - Hosts: 127.0.0.1	www.100888290cs.com
O1 - Hosts: 127.0.0.1	100888290cs.com
O1 - Hosts: 127.0.0.1	100sexlinks.com
O1 - Hosts: 127.0.0.1	www.100sexlinks.com
O1 - Hosts: 127.0.0.1	www.10sek.com
O1 - Hosts: 127.0.0.1	10sek.com
O1 - Hosts: 127.0.0.1	1-2005-search.com
O1 - Hosts: 127.0.0.1	www.1-2005-search.com
O1 - Hosts: 127.0.0.1	www.123fporn.info
O1 - Hosts: 15214 more lines...
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Programme\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Programme\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Windows Live ID-Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (WOT Helper) - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Programme\WOT\WOT.dll ()
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (WOT) - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Programme\WOT\WOT.dll ()
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Programme\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\..\Toolbar\WebBrowser: (WOT) - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Programme\WOT\WOT.dll ()
O3 - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Programme\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
O4 - HKLM..\Run: [adm_tray.exe] C:\Programme\Acronis\DriveMonitor\adm_tray.exe ()
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [IObit Malware Fighter] C:\Program Files\IObit\IObit Malware Fighter\IMF.exe (IObit)
O4 - HKLM..\Run: [LexwareInfoService] C:\Program Files\Common Files\Lexware\Update Manager\LxUpdateManager.exe (Haufe-Lexware GmbH & Co. KG)
O4 - HKLM..\Run: [mumservice] C:\Programme\Motorola\Software Update\mumservice.exe (Motorola)
O4 - HKU\.DEFAULT..\Run: [FRITZ!protect] FwebProt.exe File not found
O4 - HKU\S-1-5-18..\Run: [FRITZ!protect] FwebProt.exe File not found
O4 - HKU\S-1-5-21-2688999502-884777346-3256751407-1001..\Run: [KiesPDLR] C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O4 - HKU\S-1-5-21-2688999502-884777346-3256751407-1001..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe (Samsung)
O4 - HKU\S-1-5-21-2688999502-884777346-3256751407-1001..\Run: [Sony PC Companion] C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe (Sony)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk =  File not found
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk =  File not found
O4 - Startup: C:\Users\zr7driver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\zr7driver\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\zr7driver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FRITZ!DSL Internet.lnk = C:\Programme\FRITZ!DSL\FritzDsl.exe (AVM Berlin)
O4 - Startup: C:\Users\zr7driver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FRITZ!DSL Protect.lnk = C:\Programme\FRITZ!DSL\FwebProt.exe (AVM Berlin)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoPropertiesMyComputer = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFileAssociate = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogoff = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispScrSavPage = 0
O7 - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 221
O7 - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found
O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - Reg Error: Key error. File not found
O9 - Extra Button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Programme\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Programme\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files\FRITZ!DSL\\sarah.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\FRITZ!DSL\sarah.dll (AVM Berlin)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\FRITZ!DSL\sarah.dll (AVM Berlin)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\FRITZ!DSL\sarah.dll (AVM Berlin)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000058 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000059 - C:\Program Files\FRITZ!DSL\sarah.dll (AVM Berlin)
O13 - gopher Prefix: missing
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {1E3F1348-4370-4BBE-A67A-CC7ED824CA85} hxxp://download.microsoft.com/download/7/4/9/749b0dc5-2175-4d5b-a6dd-9c4bc923683e/Selfhelpcontrol.cab (Microsoft Genuine Advantage Self Support Tool)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 10.7.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3752C415-0AD3-4D70-88DD-5C627777D71D}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{70461503-9E7A-42FB-9CFC-1852690458B5}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8BBE4987-A903-408A-A660-FD8F19F10960}: DhcpNameServer = 192.168.42.129
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\wot {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Programme\WOT\WOT.dll ()
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{13769a4b-bcd5-11df-a9f6-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{13769a4b-bcd5-11df-a9f6-806e6f6e6963}\Shell\AutoRun\command - "" = E:\LxSetup.exe
O33 - MountPoints2\{30442c83-27ba-11e1-9df3-001583096ec8}\Shell - "" = AutoRun
O33 - MountPoints2\{30442c83-27ba-11e1-9df3-001583096ec8}\Shell\AutoRun\command - "" = G:\setup.exe -a
O33 - MountPoints2\{50e93006-11bf-11e0-b121-001583096ec8}\Shell - "" = AutoRun
O33 - MountPoints2\{d20cf144-c87b-11df-ad11-001583096ec8}\Shell - "" = AutoRun
O34 - HKLM BootExecute: (pdboot.exe)
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^PHOTOfunSTUDIO 5.2 HD Edition.lnk - C:\Programme\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe - (Panasonic Corporation)
MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Secunia PSI Tray.lnk - C:\Programme\Secunia\PSI\psi_tray.exe - (Secunia)
MsConfig - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: AndroidSync - hkey= - key= - C:\Program Files\Android-Sync\AndroidSync.exe (hxxp://www.android-sync.com)
MsConfig - StartUpReg: B2C_AGENT - hkey= - key= - C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe (LG Electronics)
MsConfig - StartUpReg: Badoo Desktop - hkey= - key= - C:\ProgramData\Badoo\Badoo Desktop\1.2.22.828\Badoo.Desktop.exe (Badoo)
MsConfig - StartUpReg: Guard.Mail.ru.gui - hkey= - key= - C:\Program Files\Guard-ICQ\GuardICQ.exe ()
MsConfig - StartUpReg: HTC Sync Loader - hkey= - key= - C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe ()
MsConfig - StartUpReg: KiesAirMessage - hkey= - key= -  File not found
MsConfig - StartUpReg: KiesHelper - hkey= - key= -  File not found
MsConfig - StartUpReg: KiesPDLR - hkey= - key= - C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
MsConfig - StartUpReg: KiesTrayAgent - hkey= - key= - C:\Programme\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
MsConfig - StartUpReg: Messenger (Yahoo!) - hkey= - key= - C:\Programme\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
MsConfig - StartUpReg: Miranda Fusion - hkey= - key= - C:\Programme\MirandaFusion\fusiontools\mfstart.exe (Miranda Fusion Team)
MsConfig - StartUpReg: mumservice - hkey= - key= - C:\Programme\Motorola\Software Update\mumservice.exe (Motorola)
MsConfig - StartUpReg: NokiaMServer - hkey= - key= - C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
MsConfig - StartUpReg: NokiaOviSuite2 - hkey= - key= - C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe (Nokia)
MsConfig - StartUpReg: TkBellExe - hkey= - key= - c:\program files\real\realplayer\Update\realsched.exe (RealNetworks, Inc.)
MsConfig - StartUpReg: TomTomHOME.exe - hkey= - key= - C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
MsConfig - StartUpReg: WinampAgent - hkey= - key= - C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.)
MsConfig - State: "startup" - 2
 
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: IMFservice - C:\Programme\IObit\IObit Malware Fighter\IMFsrv.exe (IObit)
SafeBootMin: NTDS -  File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS -  File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
ActiveX: {0291E591-EA41-4c82-8106-3DC6CE7F7664} - Reg Error: Value error.
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {166B1BCA-3F9C-11CF-8075-444553540000} - Macromedia Shockwave Director 10.1
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 10.4
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Macromedia Shockwave Director 10.1
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} - Reg Error: Value error.
ActiveX: {347B0667-C7ED-429B-BDE3-CC8D3BACAA31} - Reg Error: Value error.
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Webordner
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - DOTNETFRAMEWORKS
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - Reg Error: Value error.
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.10.10 19:57:00 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\zr7driver\Desktop\OTL.exe
[2012.10.08 09:41:26 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012.10.07 21:11:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2012.10.07 01:11:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.10.07 01:11:15 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.10.07 01:11:15 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.10.05 18:48:20 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2012.10.05 18:48:15 | 000,134,184 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avipbb.sys
[2012.10.05 18:48:15 | 000,083,792 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avgntflt.sys
[2012.10.05 18:48:15 | 000,036,552 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avkmgr.sys
[2012.10.05 18:48:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2012.10.05 18:48:12 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2012.09.29 16:15:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steuer 2010
[2012.09.29 16:15:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexware
[2012.09.29 16:14:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Lexware
[2012.09.29 16:14:21 | 000,000,000 | ---D | C] -- C:\Program Files\Lexware
[2012.09.29 16:11:05 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Lexware
[2012.09.29 16:11:04 | 000,000,000 | ---D | C] -- C:\Users\zr7driver\AppData\Local\Lexware
[2012.09.28 21:41:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Care 365
[2012.09.28 21:41:02 | 000,000,000 | ---D | C] -- C:\Program Files\Wise
[2012.09.21 10:58:54 | 000,000,000 | ---D | C] -- C:\Users\zr7driver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Urlaubsplaner 2013
[2012.09.15 16:55:23 | 000,181,344 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\System32\drivers\ssudserd.sys
[2012.09.15 16:55:23 | 000,181,344 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\System32\drivers\ssudmdm.sys
[2012.09.15 16:55:22 | 000,083,168 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\System32\drivers\ssudbus.sys
[2012.09.14 12:11:42 | 000,000,000 | ---D | C] -- C:\Users\zr7driver\Documents\Steuerfälle
[2012.09.14 12:11:42 | 000,000,000 | ---D | C] -- C:\Users\zr7driver\AppData\Local\AAV
[2012.09.14 12:03:03 | 000,000,000 | ---D | C] -- C:\Program Files\AAVUpdateManager
[2012.09.14 12:02:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steuer-Sparer 2012
[2012.09.14 11:59:38 | 000,000,000 | ---D | C] -- C:\Program Files\Steuer-Sparer 2012
[2012.09.14 11:58:32 | 000,000,000 | ---D | C] -- C:\ProgramData\AAV
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
         

Alt 10.10.2012, 19:55   #14
zr7driver
 
In jedem Textfeld erscheinen ständig unendlich viele *x* - Standard

In jedem Textfeld erscheinen ständig unendlich viele *x*



Code:
ATTFilter
OTL logfile created on: 10.10.2012 20:00:53 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\zr7driver\Desktop
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,25 Gb Total Physical Memory | 2,08 Gb Available Physical Memory | 64,01% Memory free
6,50 Gb Paging File | 4,71 Gb Available in Paging File | 72,45% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 910,41 Gb Total Space | 584,22 Gb Free Space | 64,17% Space Free | Partition Type: NTFS
Drive D: | 20,00 Gb Total Space | 10,36 Gb Free Space | 51,80% Space Free | Partition Type: NTFS
 
Computer Name: ZR7DRIVER-PC | User Name: zr7driver | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.10.10 19:57:07 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\zr7driver\Desktop\OTL.exe
PRC - [2012.09.25 11:00:45 | 000,084,256 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2012.09.25 10:54:05 | 000,554,784 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe
PRC - [2012.09.25 10:52:56 | 000,108,320 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.09.25 10:52:48 | 000,386,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.09.24 17:24:20 | 001,161,768 | ---- | M] (WiseCleaner.com) -- C:\Programme\Wise\Wise Care 365\WiseTray.exe
PRC - [2012.09.19 19:20:40 | 000,079,136 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2012.09.18 01:07:45 | 000,212,432 | ---- | M] (Google Inc.) -- C:\Programme\Google\Update\1.3.21.123\GoogleCrashHandler.exe
PRC - [2012.08.31 02:52:22 | 000,021,432 | ---- | M] () -- C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
PRC - [2012.08.31 02:52:12 | 000,964,024 | ---- | M] (Samsung) -- C:\Programme\Samsung\Kies\Kies.exe
PRC - [2012.08.21 11:12:26 | 004,282,728 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastUI.exe
PRC - [2012.08.21 11:12:25 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe
PRC - [2012.08.13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.07.25 04:08:10 | 026,909,544 | ---- | M] (Dropbox, Inc.) -- C:\Users\zr7driver\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2012.07.17 22:31:18 | 000,776,088 | ---- | M] () -- C:\Programme\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
PRC - [2012.07.17 22:31:18 | 000,116,632 | ---- | M] () -- C:\Programme\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
PRC - [2012.07.02 16:02:28 | 004,473,728 | ---- | M] (IObit) -- C:\Programme\IObit\IObit Malware Fighter\IMF.exe
PRC - [2012.03.23 14:25:24 | 000,087,040 | ---- | M] () -- C:\Programme\HTC\Internet Pass-Through\PassThruSvr.exe
PRC - [2012.02.29 16:56:07 | 001,564,368 | ---- | M] () -- C:\Programme\Guard-ICQ\GuardICQ.exe
PRC - [2012.01.23 06:43:08 | 000,092,592 | ---- | M] (TomTom) -- C:\Programme\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2012.01.09 20:17:44 | 000,821,592 | ---- | M] (IObit) -- C:\Programme\IObit\IObit Malware Fighter\IMFsrv.exe
PRC - [2011.09.02 16:06:38 | 000,065,657 | ---- | M] (Motorola) -- C:\Programme\Motorola\MotForwardDaemon\ForwardDaemon.exe
PRC - [2011.05.24 11:33:30 | 001,840,128 | ---- | M] (MAGIX AG) -- C:\Programme\Common Files\MAGIX Services\Database\bin\FABS.exe
PRC - [2011.03.10 20:57:04 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft\BingBar\SeaPort.EXE
PRC - [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2011.02.24 19:07:06 | 000,470,120 | ---- | M] () -- C:\Programme\Acronis\DriveMonitor\adm_tray.exe
PRC - [2011.02.12 07:43:02 | 000,660,576 | ---- | M] (Acronis) -- C:\Programme\Common Files\Acronis\Schedule2\schedul2.exe
PRC - [2011.02.12 07:40:50 | 000,365,632 | ---- | M] (Acronis) -- C:\Programme\Common Files\Acronis\Schedule2\schedhlp.exe
PRC - [2011.01.07 22:06:12 | 000,803,432 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\Display\NvXDSync.exe
PRC - [2011.01.05 12:31:34 | 000,399,416 | ---- | M] (Secunia) -- C:\Programme\Secunia\PSI\sua.exe
PRC - [2011.01.05 12:31:32 | 000,988,216 | ---- | M] (Secunia) -- C:\Programme\Secunia\PSI\psia.exe
PRC - [2010.11.20 14:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2010.11.20 14:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010.11.20 14:17:41 | 001,174,016 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Sidebar\sidebar.exe
PRC - [2010.11.05 17:11:52 | 000,081,920 | R--- | M] (Nero AG) -- C:\Programme\Motorola Media Link\NServiceEntry.exe
PRC - [2010.04.05 21:55:01 | 000,116,104 | ---- | M] () -- C:\Programme\Canon\IJPLM\ijplmsvc.exe
PRC - [2010.04.02 11:18:54 | 001,185,112 | ---- | M] (CANON INC.) -- C:\Programme\Canon\Solution Menu EX\CNSEMAIN.EXE
PRC - [2010.03.25 03:50:00 | 002,516,296 | ---- | M] (CANON INC.) -- C:\Programme\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2009.12.24 12:17:20 | 000,100,152 | ---- | M] (MICRO-STAR INT'L,.LTD.) -- C:\Programme\msi\OSD hot keys\WMI_Hook_Service.exe
PRC - [2009.08.18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
PRC - [2009.08.18 11:29:22 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
PRC - [2009.07.28 16:07:42 | 000,073,528 | ---- | M] (AVM Berlin) -- C:\Programme\FRITZ!DSL\IGDCTRL.EXE
PRC - [2009.07.27 11:38:46 | 000,987,960 | ---- | M] (AVM Berlin) -- C:\Programme\FRITZ!DSL\FritzDsl.exe
PRC - [2009.07.23 14:13:10 | 000,066,824 | ---- | M] (Raxco Software, Inc.) -- C:\Programme\Raxco\PerfectDisk10\PDAgentS1.exe
PRC - [2009.07.23 14:13:08 | 000,931,080 | ---- | M] (Raxco Software, Inc.) -- C:\Programme\Raxco\PerfectDisk10\PDAgent.exe
PRC - [2009.07.20 11:01:00 | 000,760,120 | ---- | M] (AVM Berlin) -- C:\Programme\FRITZ!DSL\StCenter.exe
PRC - [2009.07.14 03:14:21 | 000,294,400 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\ink\InputPersonalization.exe
PRC - [2009.06.03 21:59:02 | 000,103,720 | ---- | M] (CyberLink) -- C:\Programme\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2009.04.09 12:45:26 | 001,061,688 | ---- | M] (AVM Berlin) -- C:\Programme\FRITZ!DSL\FwebProt.exe
PRC - [2009.01.26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Programme\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2008.11.09 22:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Programme\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008.10.24 16:35:44 | 000,128,296 | ---- | M] () -- C:\Programme\AAVUpdateManager\aavus.exe
PRC - [2008.06.13 14:24:02 | 000,081,920 | ---- | M] (Firebird Project) -- C:\Programme\Firebird\Firebird_2_1\bin\fbguard.exe
PRC - [2008.06.13 14:22:50 | 002,723,840 | ---- | M] (Firebird Project) -- C:\Programme\Firebird\Firebird_2_1\bin\fbserver.exe
PRC - [2007.12.27 15:39:30 | 000,166,520 | ---- | M] () -- C:\Programme\IVT Corporation\BlueSoleil\BTNtService.exe
PRC - [2007.12.27 15:39:20 | 000,051,816 | ---- | M] () -- C:\Programme\IVT Corporation\BlueSoleil\StartSkysolSvc.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.10.10 03:47:16 | 000,115,137 | ---- | M] () -- C:\Users\zr7driver\AppData\Local\Temp\fbe2808e-2380-4f14-a1fa-3fa9c3a364e8\CliSecureRT.dll
MOD - [2012.09.15 18:54:57 | 015,399,936 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Theme\002b4b1af5f8145bf6b6afe21d4f1db2\Kies.Theme.ni.dll
MOD - [2012.09.15 18:54:56 | 000,608,256 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DevicePodcast\de1a504d1535e5005fbae8f6a4d97ce5\DevicePodcast.ni.dll
MOD - [2012.09.15 18:54:54 | 000,290,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceVideo\ee12ab3bf308cbe22f373afbddf0be6b\DeviceVideo.ni.dll
MOD - [2012.09.15 18:54:52 | 000,367,104 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DevicePhoto\e5e58a020638d28d3740195f1d0738da\DevicePhoto.ni.dll
MOD - [2012.09.15 18:54:51 | 000,299,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceMusic\0377dd6ed6a5e92a0b8d6eb7d0b64f79\DeviceMusic.ni.dll
MOD - [2012.09.15 18:54:50 | 000,461,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\VideoManager\23e80240003377b6412081a4523943fe\VideoManager.ni.dll
MOD - [2012.09.15 18:54:48 | 002,778,112 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PodcastService\23fd65cd04b03d19931758d7472e38a4\PodcastService.ni.dll
MOD - [2012.09.15 18:54:45 | 001,143,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Podcaster\65018f5e3da23293d642168f7b132d40\Podcaster.ni.dll
MOD - [2012.09.15 18:54:42 | 000,607,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PhotoManager\e96a4bd6a51ec7762f15f9bc64c6c33a\PhotoManager.ni.dll
MOD - [2012.09.15 18:54:16 | 000,033,792 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\deb1e04d94f18bc88afabf744c5d87aa\Kies.Common.DeviceServiceLib.FirmwareUpdate.FirmwareUpdateAgentHelper.ni.dll
MOD - [2012.09.15 18:54:14 | 005,677,568 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceHost\64d3040868aba797c48f608f5361e5bc\DeviceHost.ni.dll
MOD - [2012.09.15 18:53:59 | 001,843,712 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Phonebook\1bedf64dbdd091ac8dceee7cbfd84a88\Phonebook.ni.dll
MOD - [2012.09.15 18:53:50 | 001,008,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CPKTMusicPlugin\f73c846c21b32d8e446f08fe7bf0b75a\CPKTMusicPlugin.ni.dll
MOD - [2012.09.15 18:53:47 | 000,964,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\MusicManager\dc5b622e73080b69c1c63606f283b795\MusicManager.ni.dll
MOD - [2012.09.15 18:53:41 | 000,320,512 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\EBookManager\e5c8f9e08db50fb625c029361147f47e\EBookManager.ni.dll
MOD - [2012.09.15 18:53:39 | 000,391,168 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\BATPlugin\ed8a6670f7dbe1ae78aa091a0935fb87\BATPlugin.ni.dll
MOD - [2012.09.15 18:53:38 | 000,031,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\AllShareController\c209d4b3c25507564757710f6d4a4570\AllShareController.ni.dll
MOD - [2012.09.15 18:53:37 | 000,507,392 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.MediaDB\25823a7264f74e67158031f485c0bb23\Kies.Common.MediaDB.ni.dll
MOD - [2012.09.15 18:53:37 | 000,029,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.StoreMa#\d9eca4746981ac218c1dbe0c131ce108\Kies.Common.StoreManager.ni.dll
MOD - [2012.09.15 18:53:35 | 000,232,960 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\ASF_cSharpAPI\81bb58061bcd2a4c3bf4136abe041d20\ASF_cSharpAPI.ni.dll
MOD - [2012.09.15 18:53:35 | 000,064,000 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.AllShare\065aa3ca107d7b3d679a5f408e535239\Kies.Common.AllShare.ni.dll
MOD - [2012.09.15 18:53:34 | 000,278,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\1f13cee7982e84f07cff152618950b20\Kies.Common.DeviceServiceLib.FirmwareUpdate.Common.ni.dll
MOD - [2012.09.15 18:53:32 | 000,189,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\57b7389241c36caa1d2132d68eddedda\Kies.Common.DeviceServiceLib.FirmwareUpdate.Downloader.ni.dll
MOD - [2012.09.15 18:53:32 | 000,174,592 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.DevFileServ#\170b754ba9dcd78ee0b06a32af4a7c1f\Interop.DevFileServiceLib.ni.dll
MOD - [2012.09.15 18:53:31 | 000,565,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\4b033da616a5e8e2b9ebe95342e9cf0d\Kies.Common.DeviceServiceLib.FileService.ni.dll
MOD - [2012.09.15 18:53:29 | 000,566,784 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\bf6e9c84dd994fef46819ed3bd9fa934\Kies.Common.DeviceServiceLib.DeviceDataService.ni.dll
MOD - [2012.09.15 18:53:26 | 000,184,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\e1837e9c63789850168d0bb76826128d\Kies.Common.DeviceServiceLib.Interface.ni.dll
MOD - [2012.09.15 18:53:25 | 000,902,656 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\4f549b26003474662ef7e2f3be9e3dd3\Kies.Common.DeviceServiceLib.DeviceManagement.ni.dll
MOD - [2012.09.15 18:53:23 | 001,025,536 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\60c16bc46e86b9a852e71968dc63d9c7\Kies.Common.DeviceService.ni.dll
MOD - [2012.09.15 18:53:20 | 000,052,224 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.MP3FileInfo#\c99811c6a988ca6c2104a5b45acbddbb\Interop.MP3FileInfoCOMLib.ni.dll
MOD - [2012.09.15 18:53:20 | 000,030,720 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.PRPLAYERCOR#\25dc31b1903a3689788caf51d3d93f97\Interop.PRPLAYERCORELib.ni.dll
MOD - [2012.09.15 18:53:19 | 002,188,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.Multime#\923e655c1069f7faa553275eb2e6763c\Kies.Common.Multimedia.ni.dll
MOD - [2012.09.15 18:53:15 | 000,183,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.MainUI\4603ed01ff960f6d861f798e826c9442\Kies.Common.MainUI.ni.dll
MOD - [2012.09.15 18:53:13 | 000,067,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DBManag#\dcc3307fb870292826318142cf4fa8aa\Kies.Common.DBManager.ni.dll
MOD - [2012.09.15 18:53:12 | 000,201,728 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.Util\b0cec9954e5583399b377b65a469a74c\Kies.Common.Util.ni.dll
MOD - [2012.09.15 18:53:11 | 001,437,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Locale\c4f56538bb1d5921690a486bf052e30b\Kies.Locale.ni.dll
MOD - [2012.09.15 18:53:10 | 000,078,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.MVVM\afa8de1e7aabde98f9a5fec1abdb9a05\Kies.MVVM.ni.dll
MOD - [2012.09.15 18:53:09 | 001,728,512 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.UI\7a0eb5bc5decef8dc1ef9dd3bca3b4d4\Kies.UI.ni.dll
MOD - [2012.09.15 18:53:06 | 000,119,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\GongSolutions.Wpf.D#\3f6f79987f17c00edce423932abd1cf2\GongSolutions.Wpf.DragDrop.ni.dll
MOD - [2012.09.15 18:53:04 | 001,185,280 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Interface\0a26df964bb433ab607743b20c7704f7\Kies.Interface.ni.dll
MOD - [2012.09.15 18:53:02 | 001,674,240 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies\41f4faf4ff2ba56c26252d6069ceff76\Kies.ni.exe
MOD - [2012.08.31 02:52:22 | 000,021,432 | ---- | M] () -- C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
MOD - [2012.07.17 22:31:18 | 000,776,088 | ---- | M] () -- C:\Programme\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
MOD - [2012.06.13 09:05:50 | 000,221,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\26e0457a9776a0e9f23e3986686d90a5\System.ServiceProcess.ni.dll
MOD - [2012.06.13 05:36:30 | 013,198,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\00a4922fbf869a79c043b665035516b6\System.Windows.Forms.ni.dll
MOD - [2012.06.13 05:26:03 | 018,019,840 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\d239f585ee55f833dbe21e897e1265ac\PresentationFramework.ni.dll
MOD - [2012.06.13 05:25:46 | 011,522,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\b7de318e9fd1ef519ca6c1f3b5dba8e0\PresentationCore.ni.dll
MOD - [2012.06.13 05:25:32 | 003,881,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\a6e37a05b8d0cedbc5c3ea266ae3fc31\WindowsBase.ni.dll
MOD - [2012.06.13 05:25:27 | 001,666,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\4230ed1c7990e4ee8352baf67a2a85fa\System.Drawing.ni.dll
MOD - [2012.06.03 09:36:31 | 000,032,256 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.OGGFileInfo#\cbeefee33636e0d0be226cf11e180ba3\Interop.OGGFileInfoCOMLib.ni.dll
MOD - [2012.06.03 09:36:30 | 000,171,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.P3MPINTERFA#\b0b31095249cec5ef5c0407fa6b7fc22\Interop.P3MPINTERFACECTRLLib.ni.dll
MOD - [2012.06.03 09:36:22 | 000,395,776 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CabLib\6265ffca46eab52d5f798847b5ea908c\CabLib.ni.dll
MOD - [2012.06.03 09:36:21 | 000,530,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\ICSharpCode.SharpZi#\2d7161baa59dd2c1c39f4a192d760e7d\ICSharpCode.SharpZipLib.ni.dll
MOD - [2012.06.03 09:36:20 | 000,052,224 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.DeviceSearc#\9a6bad5be6518d4a975893676a49a82c\Interop.DeviceSearchLib.ni.dll
MOD - [2012.05.09 10:26:42 | 001,218,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\d0e1cdaff8f9055187f8e7b52c060dff\System.Management.ni.dll
MOD - [2012.05.09 10:21:00 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\63bc6e391de5014965039e100ce1e9d5\System.Runtime.Remoting.ni.dll
MOD - [2012.05.09 10:20:41 | 001,782,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\b68bee05c7e518172982cc92059c3315\System.Xaml.ni.dll
MOD - [2012.05.09 10:12:43 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\608d29d7cc89f3a9a195c91354561915\PresentationFramework.Aero.ni.dll
MOD - [2012.05.09 10:08:26 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\a84262e1224189f93e10cd3c403a9527\System.Configuration.ni.dll
MOD - [2012.05.09 10:08:13 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\9abe44a0f82070ead5f1256683a4d25a\System.Xml.ni.dll
MOD - [2012.05.09 10:07:42 | 007,069,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\09bd2126bba2ab4f29ed52afde1470d7\System.Core.ni.dll
MOD - [2012.05.09 10:07:30 | 009,092,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\a6be120e49f895ef6b00e9918402395b\System.ni.dll
MOD - [2012.05.09 10:07:19 | 014,414,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\c1af4ec9a36f671617a8ecaec00373f4\mscorlib.ni.dll
MOD - [2012.02.17 20:55:35 | 000,166,912 | ---- | M] () -- C:\Programme\WinRAR\RarExt.dll
MOD - [2011.02.24 19:07:06 | 000,470,120 | ---- | M] () -- C:\Programme\Acronis\DriveMonitor\adm_tray.exe
MOD - [2011.02.24 18:39:44 | 000,012,128 | ---- | M] () -- C:\Programme\Common Files\Acronis\DriveMonitor\Common\icudt38.dll
MOD - [2009.06.03 21:59:14 | 000,013,096 | ---- | M] () -- C:\Programme\CyberLink\Power2Go\CLMLSvcPS.dll
MOD - [2009.06.03 21:59:02 | 000,619,816 | ---- | M] () -- C:\Programme\CyberLink\Power2Go\CLMediaLibrary.dll
MOD - [2009.02.04 12:08:06 | 000,207,872 | ---- | M] () -- C:\Programme\FRITZ!DSL\C90dll.dll
 
 
========== Services (SafeList) ==========
 
SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SBSDWSCService)
SRV - [2012.10.09 11:34:18 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.09.25 11:00:45 | 000,084,256 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.09.25 10:54:05 | 000,554,784 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe -- (AntiVirWebService)
SRV - [2012.09.25 10:52:56 | 000,108,320 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.09.07 18:31:50 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.08.21 11:12:25 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Programme\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012.08.13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.07.17 22:31:18 | 000,116,632 | ---- | M] () [Auto | Running] -- C:\Programme\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe -- (Motorola Device Manager)
SRV - [2012.07.17 15:25:28 | 000,580,648 | ---- | M] (WiseCleaner.com) [Auto | Stopped] -- C:\Programme\Wise\Wise Care 365\BootTime.exe -- (WiseBootAssistant)
SRV - [2012.07.03 13:19:28 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.03.23 14:25:24 | 000,087,040 | ---- | M] () [Auto | Running] -- C:\Programme\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service)
SRV - [2012.02.29 16:56:07 | 001,564,368 | ---- | M] () [Auto | Running] -- C:\Programme\Guard-ICQ\GuardICQ.exe -- (Guard.Mail.ru)
SRV - [2012.01.23 06:43:08 | 000,092,592 | ---- | M] (TomTom) [Auto | Running] -- C:\Programme\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2012.01.18 14:38:28 | 000,155,320 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Programme\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion)
SRV - [2012.01.09 20:17:44 | 000,821,592 | ---- | M] (IObit) [Auto | Running] -- C:\Programme\IObit\IObit Malware Fighter\IMFsrv.exe -- (IMFservice)
SRV - [2011.09.02 16:06:38 | 000,065,657 | ---- | M] (Motorola) [Auto | Running] -- C:\Programme\Motorola\MotForwardDaemon\ForwardDaemon.exe -- (PST Service)
SRV - [2011.05.26 14:34:34 | 000,191,752 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Programme\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011.05.24 11:33:30 | 001,840,128 | ---- | M] (MAGIX AG) [Auto | Running] -- C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs)
SRV - [2011.04.26 14:54:12 | 002,702,848 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Programme\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
SRV - [2011.03.21 13:21:24 | 000,632,832 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2011.03.10 20:57:04 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2011.02.12 07:43:02 | 000,660,576 | ---- | M] (Acronis) [Auto | Running] -- C:\Programme\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2011.01.05 12:31:34 | 000,399,416 | ---- | M] (Secunia) [Auto | Running] -- C:\Programme\Secunia\PSI\sua.exe -- (Secunia Update Agent)
SRV - [2011.01.05 12:31:32 | 000,988,216 | ---- | M] (Secunia) [Auto | Running] -- C:\Programme\Secunia\PSI\psia.exe -- (Secunia PSI Agent)
SRV - [2010.11.20 14:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2010.11.05 17:11:52 | 000,081,920 | R--- | M] (Nero AG) [Auto | Running] -- C:\Programme\Motorola Media Link\NServiceEntry.exe -- (DeviceMonitorService)
SRV - [2010.04.28 07:44:02 | 000,704,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
SRV - [2010.04.05 21:55:01 | 000,116,104 | ---- | M] () [Auto | Running] -- C:\Programme\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2009.12.24 12:17:20 | 000,100,152 | ---- | M] (MICRO-STAR INT'L,.LTD.) [Auto | Running] -- C:\Programme\msi\OSD hot keys\WMI_Hook_Service.exe -- (WMI_Hook_Service)
SRV - [2009.08.24 22:16:36 | 000,406,016 | ---- | M] (mst software GmbH, Germany) [On_Demand | Stopped] -- C:\Programme\Ashampoo\Ashampoo WinOptimizer 2012\DfSdkS.exe -- (DfSdkS)
SRV - [2009.08.18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2009.08.10 15:58:28 | 000,093,848 | ---- | M] (SiSoftware) [On_Demand | Stopped] -- C:\Programme\SiSoftware\SiSoftware Sandra Lite 2011b\RpcAgentSrv.exe -- (SandraAgentSrv)
SRV - [2009.07.28 16:07:42 | 000,073,528 | ---- | M] (AVM Berlin) [Auto | Running] -- C:\Programme\FRITZ!DSL\IGDCTRL.EXE -- (IGDCTRL)
SRV - [2009.07.23 14:13:12 | 001,033,480 | ---- | M] (Raxco Software, Inc.) [On_Demand | Stopped] -- C:\Programme\Raxco\PerfectDisk10\PDEngine.exe -- (PDEngine)
SRV - [2009.07.23 14:13:08 | 000,931,080 | ---- | M] (Raxco Software, Inc.) [Auto | Running] -- C:\Programme\Raxco\PerfectDisk10\PDAgent.exe -- (PDAgent)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008.11.09 22:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Programme\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008.10.24 16:35:44 | 000,128,296 | ---- | M] () [Auto | Running] -- C:\Programme\AAVUpdateManager\aavus.exe -- (AAV UpdateService)
SRV - [2008.06.13 14:24:02 | 000,081,920 | ---- | M] (Firebird Project) [Auto | Running] -- C:\Programme\Firebird\Firebird_2_1\bin\fbguard.exe -- (FirebirdGuardianDefaultInstance)
SRV - [2008.06.13 14:22:50 | 002,723,840 | ---- | M] (Firebird Project) [On_Demand | Running] -- C:\Programme\Firebird\Firebird_2_1\bin\fbserver.exe -- (FirebirdServerDefaultInstance)
SRV - [2007.12.27 15:39:30 | 000,166,520 | ---- | M] () [Auto | Running] -- C:\Programme\IVT Corporation\BlueSoleil\BTNtService.exe -- (BlueSoleil Hid Service)
SRV - [2007.12.27 15:39:20 | 000,051,816 | ---- | M] () [Auto | Running] -- C:\Programme\IVT Corporation\BlueSoleil\StartSkysolSvc.exe -- (Start BT in service)
SRV - [2007.05.31 09:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007.05.31 09:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2003.07.28 12:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbmodem.sys -- (USBModem)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbdiag.sys -- (UsbDiag)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbbus.sys -- (usbbus)
DRV - File not found [Kernel | System | Stopped] -- C:\Windows\system32\drivers\SBREdrv.sys -- (SBRE)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\motodrv.sys -- (MotDev)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\motoandroid.sys -- (motandroidusb)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\ZR7DRI~1\AppData\Local\Temp\mfe_rr.sys -- (MFE_RR)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\C10F.tmp -- (MEMSWEEP2)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgbtbus.sys -- (lgbusenum)
DRV - File not found [File_System | Boot | Stopped] -- system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2012.10.01 17:14:23 | 000,134,184 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2012.09.24 09:58:11 | 000,036,552 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2012.09.13 10:58:17 | 000,083,792 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2012.08.28 19:41:29 | 000,025,200 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggsemc.sys -- (ggsemc)
DRV - [2012.08.28 19:41:29 | 000,012,400 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggflt.sys -- (ggflt)
DRV - [2012.08.27 15:50:24 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2012.08.21 11:13:15 | 000,729,752 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012.08.21 11:13:15 | 000,355,632 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012.08.21 11:13:15 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012.08.21 11:13:14 | 000,058,680 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2012.08.21 11:13:14 | 000,044,784 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2012.08.21 11:13:13 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012.07.31 12:42:48 | 000,181,344 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudserd.sys -- (ssudserd)
DRV - [2012.07.31 12:42:48 | 000,181,344 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudmdm.sys -- (ssudmdm)
DRV - [2012.07.31 12:42:48 | 000,083,168 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudbus.sys -- (dg_ssudbus)
DRV - [2012.07.05 13:53:38 | 000,019,832 | ---- | M] (IObit.com) [Kernel | On_Demand | Running] -- C:\Programme\IObit\IObit Malware Fighter\Drivers\win7_x86\UrlFilter.sys -- (UrlFilter)
DRV - [2012.07.05 13:53:36 | 000,030,640 | ---- | M] (IObit.com) [Kernel | On_Demand | Running] -- C:\Programme\IObit\IObit Malware Fighter\Drivers\win7_x86\RegFilter.sys -- (RegFilter)
DRV - [2012.06.11 11:56:32 | 000,020,864 | ---- | M] (Motorola Mobility Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motccgp.sys -- (motccgp)
DRV - [2012.06.08 16:09:10 | 000,023,808 | ---- | M] (Motorola Mobility Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Motousbnet.sys -- (Motousbnet)
DRV - [2012.06.08 16:08:52 | 000,006,656 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motswch.sys -- (MotoSwitchService)
DRV - [2012.06.08 16:08:26 | 000,024,576 | ---- | M] (Motorola Mobility Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motmodem.sys -- (motmodem)
DRV - [2012.03.07 03:11:00 | 000,025,856 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandnetadb.sys -- (andnetadb)
DRV - [2012.03.02 16:02:00 | 000,025,088 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandmodem.sys -- (ANDModem)
DRV - [2012.03.02 16:02:00 | 000,020,736 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lganddiag.sys -- (AndDiag)
DRV - [2012.03.02 16:02:00 | 000,020,096 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandgps.sys -- (AndGps)
DRV - [2012.03.02 16:02:00 | 000,014,336 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandbus.sys -- (Andbus)
DRV - [2012.02.07 17:46:02 | 000,024,328 | ---- | M] (CPUID) [Kernel | On_Demand | Stopped] -- C:\Programme\CPUID\PC Wizard 2012\pcwiz_x32.sys -- (cpuz135)
DRV - [2012.01.25 14:57:46 | 000,008,448 | ---- | M] (Motorola Mobility Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motccgpfl.sys -- (motccgpfl)
DRV - [2012.01.05 18:07:20 | 000,020,336 | ---- | M] (IObit) [File_System | On_Demand | Running] -- C:\Programme\IObit\IObit Malware Fighter\Drivers\win7_x86\FileMonitor.sys -- (FileMonitor)
DRV - [2011.11.08 13:59:04 | 000,011,008 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motusbdevice.sys -- (motusbdevice)
DRV - [2011.01.08 05:27:00 | 010,467,656 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2010.12.13 05:59:14 | 000,036,360 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\blueletaudio.sys -- (BlueletAudio)
DRV - [2010.12.13 05:45:42 | 000,036,616 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btcusb.sys -- (Btcsrusb)
DRV - [2010.12.12 21:40:51 | 000,032,392 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VcommMgr.sys -- (VcommMgr)
DRV - [2010.12.12 21:34:13 | 000,014,856 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VComm.sys -- (VComm)
DRV - [2010.12.02 15:13:30 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2010.12.02 15:13:28 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2010.12.02 15:13:26 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2010.12.02 15:13:22 | 000,018,304 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2010.12.01 11:51:53 | 000,110,304 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\ACEDRV09.sys -- (ACEDRV09)
DRV - [2010.11.20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.11.20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WINUSB)
DRV - [2010.09.01 10:30:58 | 000,015,544 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\psi_mf.sys -- (PSI)
DRV - [2010.06.23 10:24:56 | 000,023,040 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\htcnprot.sys -- (htcnprot)
DRV - [2010.04.01 10:13:38 | 001,009,184 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rtl8192se.sys -- (rtl8192se)
DRV - [2010.03.12 18:22:18 | 000,081,920 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ser2pl.sys -- (Ser2pl)
DRV - [2009.12.22 14:43:16 | 001,558,368 | ---- | M] (NXP Semiconductors Germany GmbH) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NxpCap.sys -- (NxpCap)
DRV - [2009.10.29 12:20:40 | 000,010,360 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hidkmdf.sys -- (hidkmdf)
DRV - [2009.10.29 12:20:38 | 000,022,392 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NW1950.sys -- (NW1950)
DRV - [2009.10.26 17:54:26 | 000,025,088 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ANDROIDUSB.sys -- (HTCAND32)
DRV - [2009.08.08 00:46:56 | 000,023,112 | ---- | M] (SiSoftware) [Kernel | On_Demand | Stopped] -- C:\Programme\SiSoftware\SiSoftware Sandra Lite 2011b\WNt500x86\sandra.sys -- (SANDRA)
DRV - [2009.06.30 17:32:54 | 000,212,000 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\nvstor32.sys -- (nvstor32)
DRV - [2009.06.29 00:36:36 | 000,017,920 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2009.06.08 10:00:56 | 000,071,696 | ---- | M] (Raxco Software, Inc.) [File_System | Auto | Running] -- C:\Windows\System32\drivers\DefragFs.sys -- (DefragFS)
DRV - [2009.06.05 01:47:48 | 000,024,608 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\nvamacpi.sys -- (nvamacpi)
DRV - [2009.01.29 18:11:20 | 000,006,016 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motfilt.sys -- (BTCFilterService)
DRV - [2008.08.26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007.06.24 21:56:40 | 000,027,656 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\BlueletSCOAudio.sys -- (BlueletSCOAudio)
DRV - [2007.03.05 20:59:04 | 000,018,320 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btnetdrv.sys -- (BT)
DRV - [2007.03.05 20:56:18 | 000,035,600 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\BtHidMgr.sys -- (BTHidMgr)
DRV - [2007.03.05 20:55:12 | 000,020,880 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\VBTEnum.sys -- (BTHidEnum)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\URLSearchHook:  - No CLSID value found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope = 
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\..\SearchScopes\{095C1A85-7264-4B56-BB5A-783E8E888AB2}: "URL" = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=302398&p={searchTerms}
IE - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\..\SearchScopes\{0A5C582A-2E0F-45B4-A278-5CC42B563211}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=kw&q={searchTerms}&locale=&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^YY^DE&apn_uid=b270a8c8-c838-4580-968b-86c69f2550a3&apn_sauid=74ACD6B1-898A-4431-99F3-0D200D08CED2
IE - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
IE - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\..\SearchScopes\{D73A46A4-5C66-4286-8399-9A51DF36E0A0}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=MEDTDF&pc=MAMD&src=IE-SearchBox
IE - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1166636.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi:  File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=4.0: C:\Program Files\Virtual Earth 3D\ [2011.06.18 18:41:42 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00: C:\Program Files\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.2.72: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.2.72: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.2.72: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.2.72: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.2.72: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: C:\Program Files\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.3: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1: C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll (Yahoo! Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2011.05.22 21:16:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012.02.28 18:48:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Program Files\AVG\AVG2012\Firefox\DoNotTrack\ [2012.05.01 15:59:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012.08.27 14:18:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.07 18:31:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.07 18:31:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.07 18:31:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.07 18:31:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.07 18:31:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.07 18:31:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.07 18:31:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.07 18:31:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.07 18:31:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.07 18:31:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.07 18:31:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.07 18:31:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.07 18:31:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 15.0.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.06.21 05:20:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2011.05.22 21:16:30 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.07 18:31:51 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.07 18:31:51 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.07 18:31:51 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.07 18:31:51 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
 
[2012.10.09 21:43:40 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.09.07 18:31:39 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.09.07 18:31:51 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010.12.09 12:47:06 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2007.03.10 01:16:44 | 000,189,496 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\mozilla firefox\plugins\npyaxmpb.dll
[2012.06.01 18:33:00 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.08.30 19:24:08 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.06.01 18:33:00 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.06.01 18:33:00 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.06.01 18:33:00 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.06.01 18:33:00 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.92\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.92\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.92\pdf.dll
CHR - plugin: Skype Click to Call (Enabled) = C:\Users\zr7driver\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.2.0.10687_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Windows Genuine Advantage (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npLegitCheckPlugin.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit)  (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit)  (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: Yahoo! activeX Plug-in Bridge (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll
CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility (Enabled) = C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Java Deployment Toolkit 7.0.70.10 (Enabled) = C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll
CHR - plugin: Java(TM) Platform SE 7 U7 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: Media Go Detector (Enabled) = C:\Program Files\Sony\Media Go\npmediago.dll
CHR - plugin: PlayStation(R)Network Downloader Check Plug-in (Enabled) = C:\Program Files\Sony\PLAYSTATION Network Downloader\nppsndl.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: RealNetworks(tm) Chrome Background Extension Plug-In (32-bit)  (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw_1166636.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - Extension: avast! WebRep = C:\Users\zr7driver\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1466_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\zr7driver\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: Skype Click to Call = C:\Users\zr7driver\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.2.0.10687_0\
 
O1 HOSTS File: ([2012.05.04 08:56:10 | 000,442,850 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1	www.007guard.com
O1 - Hosts: 127.0.0.1	007guard.com
O1 - Hosts: 127.0.0.1	008i.com
O1 - Hosts: 127.0.0.1	www.008k.com
O1 - Hosts: 127.0.0.1	008k.com
O1 - Hosts: 127.0.0.1	www.00hq.com
O1 - Hosts: 127.0.0.1	00hq.com
O1 - Hosts: 127.0.0.1	010402.com
O1 - Hosts: 127.0.0.1	www.032439.com
O1 - Hosts: 127.0.0.1	032439.com
O1 - Hosts: 127.0.0.1	www.0scan.com
O1 - Hosts: 127.0.0.1	0scan.com
O1 - Hosts: 127.0.0.1	1000gratisproben.com
O1 - Hosts: 127.0.0.1	www.1000gratisproben.com
O1 - Hosts: 127.0.0.1	1001namen.com
O1 - Hosts: 127.0.0.1	www.1001namen.com
O1 - Hosts: 127.0.0.1	www.100888290cs.com
O1 - Hosts: 127.0.0.1	100888290cs.com
O1 - Hosts: 127.0.0.1	100sexlinks.com
O1 - Hosts: 127.0.0.1	www.100sexlinks.com
O1 - Hosts: 127.0.0.1	www.10sek.com
O1 - Hosts: 127.0.0.1	10sek.com
O1 - Hosts: 127.0.0.1	1-2005-search.com
O1 - Hosts: 127.0.0.1	www.1-2005-search.com
O1 - Hosts: 127.0.0.1	www.123fporn.info
O1 - Hosts: 15214 more lines...
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Programme\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Programme\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Windows Live ID-Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (WOT Helper) - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Programme\WOT\WOT.dll ()
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (WOT) - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Programme\WOT\WOT.dll ()
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Programme\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\..\Toolbar\WebBrowser: (WOT) - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Programme\WOT\WOT.dll ()
O3 - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Programme\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
O4 - HKLM..\Run: [adm_tray.exe] C:\Programme\Acronis\DriveMonitor\adm_tray.exe ()
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [IObit Malware Fighter] C:\Program Files\IObit\IObit Malware Fighter\IMF.exe (IObit)
O4 - HKLM..\Run: [LexwareInfoService] C:\Program Files\Common Files\Lexware\Update Manager\LxUpdateManager.exe (Haufe-Lexware GmbH & Co. KG)
O4 - HKLM..\Run: [mumservice] C:\Programme\Motorola\Software Update\mumservice.exe (Motorola)
O4 - HKU\.DEFAULT..\Run: [FRITZ!protect] FwebProt.exe File not found
O4 - HKU\S-1-5-18..\Run: [FRITZ!protect] FwebProt.exe File not found
O4 - HKU\S-1-5-21-2688999502-884777346-3256751407-1001..\Run: [KiesPDLR] C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O4 - HKU\S-1-5-21-2688999502-884777346-3256751407-1001..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe (Samsung)
O4 - HKU\S-1-5-21-2688999502-884777346-3256751407-1001..\Run: [Sony PC Companion] C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe (Sony)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk =  File not found
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk =  File not found
O4 - Startup: C:\Users\zr7driver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\zr7driver\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\zr7driver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FRITZ!DSL Internet.lnk = C:\Programme\FRITZ!DSL\FritzDsl.exe (AVM Berlin)
O4 - Startup: C:\Users\zr7driver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FRITZ!DSL Protect.lnk = C:\Programme\FRITZ!DSL\FwebProt.exe (AVM Berlin)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoPropertiesMyComputer = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFileAssociate = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogoff = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispScrSavPage = 0
O7 - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 221
O7 - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found
O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - Reg Error: Key error. File not found
O9 - Extra Button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Programme\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Programme\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files\FRITZ!DSL\\sarah.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\FRITZ!DSL\sarah.dll (AVM Berlin)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\FRITZ!DSL\sarah.dll (AVM Berlin)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\FRITZ!DSL\sarah.dll (AVM Berlin)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000058 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000059 - C:\Program Files\FRITZ!DSL\sarah.dll (AVM Berlin)
O13 - gopher Prefix: missing
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {1E3F1348-4370-4BBE-A67A-CC7ED824CA85} hxxp://download.microsoft.com/download/7/4/9/749b0dc5-2175-4d5b-a6dd-9c4bc923683e/Selfhelpcontrol.cab (Microsoft Genuine Advantage Self Support Tool)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 10.7.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3752C415-0AD3-4D70-88DD-5C627777D71D}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{70461503-9E7A-42FB-9CFC-1852690458B5}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8BBE4987-A903-408A-A660-FD8F19F10960}: DhcpNameServer = 192.168.42.129
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\wot {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Programme\WOT\WOT.dll ()
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{13769a4b-bcd5-11df-a9f6-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{13769a4b-bcd5-11df-a9f6-806e6f6e6963}\Shell\AutoRun\command - "" = E:\LxSetup.exe
O33 - MountPoints2\{30442c83-27ba-11e1-9df3-001583096ec8}\Shell - "" = AutoRun
O33 - MountPoints2\{30442c83-27ba-11e1-9df3-001583096ec8}\Shell\AutoRun\command - "" = G:\setup.exe -a
O33 - MountPoints2\{50e93006-11bf-11e0-b121-001583096ec8}\Shell - "" = AutoRun
O33 - MountPoints2\{d20cf144-c87b-11df-ad11-001583096ec8}\Shell - "" = AutoRun
O34 - HKLM BootExecute: (pdboot.exe)
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^PHOTOfunSTUDIO 5.2 HD Edition.lnk - C:\Programme\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe - (Panasonic Corporation)
MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Secunia PSI Tray.lnk - C:\Programme\Secunia\PSI\psi_tray.exe - (Secunia)
MsConfig - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: AndroidSync - hkey= - key= - C:\Program Files\Android-Sync\AndroidSync.exe (hxxp://www.android-sync.com)
MsConfig - StartUpReg: B2C_AGENT - hkey= - key= - C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe (LG Electronics)
MsConfig - StartUpReg: Badoo Desktop - hkey= - key= - C:\ProgramData\Badoo\Badoo Desktop\1.2.22.828\Badoo.Desktop.exe (Badoo)
MsConfig - StartUpReg: Guard.Mail.ru.gui - hkey= - key= - C:\Program Files\Guard-ICQ\GuardICQ.exe ()
MsConfig - StartUpReg: HTC Sync Loader - hkey= - key= - C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe ()
MsConfig - StartUpReg: KiesAirMessage - hkey= - key= -  File not found
MsConfig - StartUpReg: KiesHelper - hkey= - key= -  File not found
MsConfig - StartUpReg: KiesPDLR - hkey= - key= - C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
MsConfig - StartUpReg: KiesTrayAgent - hkey= - key= - C:\Programme\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
MsConfig - StartUpReg: Messenger (Yahoo!) - hkey= - key= - C:\Programme\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
MsConfig - StartUpReg: Miranda Fusion - hkey= - key= - C:\Programme\MirandaFusion\fusiontools\mfstart.exe (Miranda Fusion Team)
MsConfig - StartUpReg: mumservice - hkey= - key= - C:\Programme\Motorola\Software Update\mumservice.exe (Motorola)
MsConfig - StartUpReg: NokiaMServer - hkey= - key= - C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
MsConfig - StartUpReg: NokiaOviSuite2 - hkey= - key= - C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe (Nokia)
MsConfig - StartUpReg: TkBellExe - hkey= - key= - c:\program files\real\realplayer\Update\realsched.exe (RealNetworks, Inc.)
MsConfig - StartUpReg: TomTomHOME.exe - hkey= - key= - C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
MsConfig - StartUpReg: WinampAgent - hkey= - key= - C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.)
MsConfig - State: "startup" - 2
 
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: IMFservice - C:\Programme\IObit\IObit Malware Fighter\IMFsrv.exe (IObit)
SafeBootMin: NTDS -  File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS -  File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
ActiveX: {0291E591-EA41-4c82-8106-3DC6CE7F7664} - Reg Error: Value error.
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {166B1BCA-3F9C-11CF-8075-444553540000} - Macromedia Shockwave Director 10.1
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 10.4
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Macromedia Shockwave Director 10.1
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} - Reg Error: Value error.
ActiveX: {347B0667-C7ED-429B-BDE3-CC8D3BACAA31} - Reg Error: Value error.
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Webordner
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - DOTNETFRAMEWORKS
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - Reg Error: Value error.
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.10.10 19:57:00 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\zr7driver\Desktop\OTL.exe
[2012.10.08 09:41:26 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012.10.07 21:11:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2012.10.07 01:11:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.10.07 01:11:15 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.10.07 01:11:15 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.10.05 18:48:20 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2012.10.05 18:48:15 | 000,134,184 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avipbb.sys
[2012.10.05 18:48:15 | 000,083,792 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avgntflt.sys
[2012.10.05 18:48:15 | 000,036,552 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avkmgr.sys
[2012.10.05 18:48:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2012.10.05 18:48:12 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2012.09.29 16:15:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steuer 2010
[2012.09.29 16:15:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexware
[2012.09.29 16:14:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Lexware
[2012.09.29 16:14:21 | 000,000,000 | ---D | C] -- C:\Program Files\Lexware
[2012.09.29 16:11:05 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Lexware
[2012.09.29 16:11:04 | 000,000,000 | ---D | C] -- C:\Users\zr7driver\AppData\Local\Lexware
[2012.09.28 21:41:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Care 365
[2012.09.28 21:41:02 | 000,000,000 | ---D | C] -- C:\Program Files\Wise
[2012.09.21 10:58:54 | 000,000,000 | ---D | C] -- C:\Users\zr7driver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Urlaubsplaner 2013
[2012.09.15 16:55:23 | 000,181,344 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\System32\drivers\ssudserd.sys
[2012.09.15 16:55:23 | 000,181,344 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\System32\drivers\ssudmdm.sys
[2012.09.15 16:55:22 | 000,083,168 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\System32\drivers\ssudbus.sys
[2012.09.14 12:11:42 | 000,000,000 | ---D | C] -- C:\Users\zr7driver\Documents\Steuerfälle
[2012.09.14 12:11:42 | 000,000,000 | ---D | C] -- C:\Users\zr7driver\AppData\Local\AAV
[2012.09.14 12:03:03 | 000,000,000 | ---D | C] -- C:\Program Files\AAVUpdateManager
[2012.09.14 12:02:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steuer-Sparer 2012
[2012.09.14 11:59:38 | 000,000,000 | ---D | C] -- C:\Program Files\Steuer-Sparer 2012
[2012.09.14 11:58:32 | 000,000,000 | ---D | C] -- C:\ProgramData\AAV
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
         

Alt 10.10.2012, 20:01   #15
zr7driver
 
In jedem Textfeld erscheinen ständig unendlich viele *x* - Standard

In jedem Textfeld erscheinen ständig unendlich viele *x*



Code:
ATTFilter
========== Files - Modified Within 30 Days ==========
 
[2012.10.10 19:57:07 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\zr7driver\Desktop\OTL.exe
[2012.10.10 19:49:41 | 000,009,888 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.10.10 19:49:40 | 000,009,888 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.10.10 19:49:11 | 000,707,706 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.10.10 19:49:11 | 000,661,302 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.10.10 19:49:11 | 000,153,192 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.10.10 19:49:11 | 000,125,388 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.10.10 19:41:04 | 000,001,100 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.10.10 19:40:22 | 000,000,322 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job
[2012.10.10 19:40:21 | 000,000,406 | ---- | M] () -- C:\Windows\tasks\Wise Care 365.job
[2012.10.10 19:40:09 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.10.10 19:39:54 | 2616,643,584 | -HS- | M] () -- C:\hiberfil.sys
[2012.10.10 11:33:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.10.10 11:12:00 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.10.10 10:34:00 | 000,000,944 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2688999502-884777346-3256751407-1001UA.job
[2012.10.09 20:32:20 | 000,538,327 | ---- | M] () -- C:\Users\zr7driver\Desktop\adwcleaner.exe
[2012.10.09 15:15:36 | 000,002,326 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012.10.08 22:34:00 | 000,000,922 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2688999502-884777346-3256751407-1001Core.job
[2012.10.07 21:11:37 | 000,002,022 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2012.10.07 01:11:17 | 000,001,089 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.10.01 17:14:23 | 000,134,184 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avipbb.sys
[2012.09.29 16:25:19 | 000,002,739 | ---- | M] () -- C:\Users\Public\Desktop\Steuer 2010.lnk
[2012.09.28 21:41:07 | 000,001,124 | ---- | M] () -- C:\Users\Public\Desktop\Wise Care 365.lnk
[2012.09.27 21:12:55 | 000,010,495 | ---- | M] () -- C:\Users\zr7driver\WaltherR_elster_2048.pfx
[2012.09.24 09:58:11 | 000,036,552 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avkmgr.sys
[2012.09.21 10:58:54 | 000,001,094 | ---- | M] () -- C:\Users\zr7driver\Desktop\Urlaubsplaner 2013 (Version 2.13) - Deutschland.lnk
[2012.09.18 10:15:17 | 000,000,969 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.09.14 12:09:37 | 000,001,900 | ---- | M] () -- C:\Users\Public\Desktop\Steuer-Sparer 2012.lnk
[2012.09.13 10:58:17 | 000,083,792 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avgntflt.sys
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.10.07 10:04:28 | 000,538,327 | ---- | C] () -- C:\Users\zr7driver\Desktop\adwcleaner.exe
[2012.10.07 01:11:17 | 000,001,089 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.10.05 18:50:12 | 000,002,022 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2012.09.29 16:15:52 | 000,002,739 | ---- | C] () -- C:\Users\Public\Desktop\Steuer 2010.lnk
[2012.09.28 22:24:17 | 000,000,406 | ---- | C] () -- C:\Windows\tasks\Wise Care 365.job
[2012.09.28 21:41:07 | 000,001,124 | ---- | C] () -- C:\Users\Public\Desktop\Wise Care 365.lnk
[2012.09.27 21:12:39 | 000,010,495 | ---- | C] () -- C:\Users\zr7driver\WaltherR_elster_2048.pfx
[2012.09.21 10:58:54 | 000,001,094 | ---- | C] () -- C:\Users\zr7driver\Desktop\Urlaubsplaner 2013 (Version 2.13) - Deutschland.lnk
[2012.09.14 12:02:28 | 000,001,900 | ---- | C] () -- C:\Users\Public\Desktop\Steuer-Sparer 2012.lnk
[2012.07.29 10:59:44 | 000,000,017 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\resmon.resmoncfg
[2012.06.17 13:31:23 | 000,001,124 | ---- | C] () -- C:\Users\zr7driver\Unterammergau_2012.itn
[2012.06.17 13:29:59 | 000,023,945 | ---- | C] () -- C:\Users\zr7driver\Unterammergau_2012.kml
[2012.04.09 20:19:46 | 000,002,773 | ---- | C] () -- \ZR7DRIVER-PC.rtf
[2012.03.30 20:40:37 | 000,338,432 | ---- | C] () -- C:\Windows\System32\sqlite36_engine.dll
[2012.03.15 12:19:31 | 002,950,336 | ---- | C] () -- C:\Users\zr7driver\Kony2012_digital_kit.zip
[2012.02.01 05:41:45 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{4A4B9D26-AA08-4479-8413-EC94C1495FEA}
[2012.01.31 19:15:44 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2012.01.31 19:15:42 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2012.01.31 19:15:42 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2012.01.31 19:15:42 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2012.01.31 19:15:42 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
[2012.01.13 20:08:12 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{3ADCD066-1845-4420-813A-0152E185A562}
[2011.12.30 10:50:01 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{0766FBBE-1B10-4D18-B8FD-7921451DF9C6}
[2011.12.26 13:04:07 | 000,451,072 | ---- | C] () -- C:\Windows\System32\ISSRemoveSP.exe
[2011.12.25 23:49:46 | 000,110,080 | ---- | C] () -- C:\Windows\System32\advd.dll
[2011.12.25 23:49:46 | 000,023,040 | ---- | C] () -- C:\Windows\System32\auth.dll
[2011.12.25 23:49:44 | 000,559,104 | ---- | C] () -- C:\Windows\System32\lame.exe
[2011.12.25 23:49:44 | 000,237,568 | ---- | C] () -- C:\Windows\System32\lame_enc.dll
[2011.12.23 10:50:00 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{1C4F85BF-C25C-40D8-9072-C915C7610CF0}
[2011.12.23 10:02:20 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{DC88FA66-C4A7-4165-B3C1-62F961889D2F}
[2011.12.23 05:42:16 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{753738CE-CC9E-43C5-A535-266989FB1EB0}
[2011.12.22 21:15:10 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{56518DCC-6EA3-475B-8402-DCD2DBC03511}
[2011.12.22 10:50:00 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{CEC58609-76D2-4EA6-9531-7C3AA9E59D4E}
[2011.12.22 09:58:41 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{75C3B094-F8E5-49A6-B3F7-6EE5EC9B06A9}
[2011.12.13 10:50:01 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{36A7198A-B63C-4ED1-8E79-D6E1A01847BA}
[2011.12.13 10:04:48 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{43A6C6E7-5102-4D08-B831-D9FF396BBB74}
[2011.12.12 10:50:02 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{E93FDF79-0B6E-40E7-ACBB-3E68917B158A}
[2011.12.08 10:08:03 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{A4AFC9A3-D672-44ED-982A-467C3938BFE7}
[2011.12.07 09:54:52 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{E9BBF441-1A49-47C7-A653-236B5B3BBFA1}
[2011.12.04 07:22:12 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{AE7A2FF6-BC86-4981-A1CC-55430DF54232}
[2011.12.02 10:04:51 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{5CE40A7C-C86D-4574-AA9B-81AF3B3984FF}
[2011.12.01 21:19:21 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{A67ACE38-ADEE-449A-86E7-909D2DBA9B23}
[2011.12.01 10:06:14 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{A795E345-7B05-4BC3-80F5-8E145C4EDBA5}
[2011.11.30 21:01:54 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{46D14579-E7ED-4468-A4A1-010E6903B9D6}
[2011.11.29 10:50:01 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{15BAC503-F22F-4409-A44E-3EF0670584FA}
[2011.11.29 10:03:41 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{759C9C24-C460-4D61-9460-1EBF1E7E2F7F}
[2011.11.29 05:39:30 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{4D4D9BF3-9AC9-4895-9352-F90DC35855A6}
[2011.11.25 19:49:49 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{A36FD9B9-77B7-4AA3-88CD-916BA7ED3164}
[2011.11.23 19:32:37 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{0BF97707-9995-4474-AA26-C1B7A09F2755}
[2011.11.20 12:36:06 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{9A3933A9-ABB4-4DD1-BDF9-EE9E60064BA0}
[2011.11.14 11:03:11 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{D09CB122-FADC-444C-8947-C71A91EABD81}
[2011.11.14 10:50:03 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{60914264-77B5-4DF5-97B5-7C0FF0508A66}
[2011.10.10 11:33:41 | 000,000,097 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\fusioncache.dat
[2011.06.17 00:36:07 | 005,406,987 | ---- | C] () -- \RUU_signed.nbh
[2011.06.17 00:36:07 | 001,481,928 | ---- | C] () -- \task29.exe
[2011.06.17 00:36:07 | 001,449,160 | ---- | C] () -- \RUUResource.dll
[2011.06.17 00:36:07 | 000,213,864 | ---- | C] () -- \ModelID.fig
[2011.06.17 00:36:07 | 000,175,304 | ---- | C] () -- \rapitool.exe
[2011.06.17 00:36:07 | 000,141,368 | ---- | C] () -- \ErrorUSB.fig
[2011.06.17 00:36:07 | 000,095,552 | ---- | C] () -- \ErrorBattery.fig
[2011.06.17 00:36:07 | 000,013,512 | ---- | C] () -- \RUUGetInfo.exe
[2011.06.17 00:36:07 | 000,008,904 | ---- | C] () -- \EnterBootloader.exe
[2011.06.17 00:36:07 | 000,000,013 | ---- | C] () -- \ROMUpdateUtility.cfg
[2011.06.10 06:34:52 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2011.06.03 22:46:09 | 000,000,518 | ---- | C] () -- C:\Windows\wininit.ini
[2011.04.27 10:40:07 | 000,000,064 | ---- | C] () -- C:\Windows\System32\rp_stats.dat
[2011.04.27 10:40:07 | 000,000,044 | ---- | C] () -- C:\Windows\System32\rp_rules.dat
[2011.01.21 23:30:49 | 000,000,102 | ---- | C] () -- \qehjlhawlh
[2011.01.18 20:57:44 | 000,000,862 | ---- | C] () -- C:\Users\zr7driver\.recently-used.xbel
[2011.01.08 12:02:39 | 000,001,117 | ---- | C] () -- C:\Users\zr7driver\Dokumente - Verknüpfung.lnk
[2011.01.04 21:05:23 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll
[2010.12.26 00:18:10 | 000,000,064 | ---- | C] () -- C:\ProgramData\sandra.ldb
[2010.12.26 00:14:22 | 010,960,896 | ---- | C] () -- C:\ProgramData\sandra.mda
[2010.11.16 21:01:57 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
[2010.11.16 21:01:56 | 000,111,932 | ---- | C] () -- C:\Windows\System32\EPPICPrinterDB.dat
[2010.11.16 21:01:56 | 000,031,053 | ---- | C] () -- C:\Windows\System32\EPPICPattern131.dat
[2010.11.16 21:01:56 | 000,027,417 | ---- | C] () -- C:\Windows\System32\EPPICPattern121.dat
[2010.11.16 21:01:56 | 000,026,154 | ---- | C] () -- C:\Windows\System32\EPPICPattern1.dat
[2010.11.16 21:01:56 | 000,024,903 | ---- | C] () -- C:\Windows\System32\EPPICPattern3.dat
[2010.11.16 21:01:56 | 000,021,390 | ---- | C] () -- C:\Windows\System32\EPPICPattern5.dat
[2010.11.16 21:01:56 | 000,020,148 | ---- | C] () -- C:\Windows\System32\EPPICPattern2.dat
[2010.11.16 21:01:56 | 000,011,811 | ---- | C] () -- C:\Windows\System32\EPPICPattern4.dat
[2010.11.16 21:01:56 | 000,004,943 | ---- | C] () -- C:\Windows\System32\EPPICPattern6.dat
[2010.11.16 21:01:56 | 000,001,146 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_DU.dat
[2010.11.16 21:01:56 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_PT.dat
[2010.11.16 21:01:56 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_BP.dat
[2010.11.16 21:01:56 | 000,001,136 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_ES.dat
[2010.11.16 21:01:56 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_FR.dat
[2010.11.16 21:01:56 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_CF.dat
[2010.11.16 21:01:56 | 000,001,120 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_IT.dat
[2010.11.16 21:01:56 | 000,001,107 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_GE.dat
[2010.11.16 21:01:56 | 000,001,104 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_EN.dat
[2010.10.28 13:24:13 | 000,015,873 | ---- | C] () -- C:\Windows\System32\Inetde.dll
[2010.10.03 22:23:13 | 001,140,638 | ---- | C] () -- C:\Users\zr7driver\Backup LG GT540 Optimus 03.10.2010.mpb
[2010.10.02 22:02:25 | 000,000,360 | -H-- | C] () -- \IPH.PH
[2010.09.24 13:26:13 | 000,050,688 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.09.12 11:27:22 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.09.10 14:15:23 | 2616,643,584 | -HS- | C] () -- \hiberfil.sys
[2010.02.15 15:31:27 | 000,000,000 | RHS- | C] () -- \MSDOS.SYS
[2010.02.15 15:31:27 | 000,000,000 | RHS- | C] () -- \IO.SYS
[2009.07.14 04:04:04 | 000,000,024 | ---- | C] () -- \autoexec.bat
[2009.07.14 04:04:04 | 000,000,010 | ---- | C] () -- \config.sys
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2010.09.10 14:23:37 | 000,000,000 | -H-D | M] -- C:\Users\Administrator\AppData
[2012.09.14 12:05:54 | 000,000,000 | ---D | M] -- C:\Users\All Users\AAV
[2012.06.21 22:54:33 | 000,000,000 | ---D | M] -- C:\Users\All Users\Acronis
[2010.10.02 22:02:57 | 000,000,000 | ---D | M] -- C:\Users\All Users\AIM
[2010.09.10 14:33:24 | 000,000,000 | ---D | M] -- C:\Users\All Users\ALDI Sued Foto Service
[2010.02.15 19:14:06 | 000,000,000 | ---D | M] -- C:\Users\All Users\Aldi Sued Fotoservice
[2010.09.10 14:23:35 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Anwendungsdaten
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Application Data
[2010.02.04 10:24:04 | 000,000,000 | ---D | M] -- C:\Users\All Users\Applications
[2010.10.01 09:50:45 | 000,000,000 | ---D | M] -- C:\Users\All Users\ashampoo
[2010.10.28 14:22:41 | 000,000,000 | ---D | M] -- C:\Users\All Users\Avanquest
[2011.12.13 12:33:25 | 000,000,000 | ---D | M] -- C:\Users\All Users\AVAST Software
[2011.01.21 23:14:26 | 000,000,000 | ---D | M] -- C:\Users\All Users\Avery
[2012.05.01 17:04:55 | 000,000,000 | ---D | M] -- C:\Users\All Users\AVG2012
[2011.03.20 19:35:07 | 000,000,000 | ---D | M] -- C:\Users\All Users\Badoo
[2011.11.13 13:13:35 | 000,000,000 | ---D | M] -- C:\Users\All Users\BlueStacks
[2010.09.11 13:32:20 | 000,000,000 | ---D | M] -- C:\Users\All Users\Bluetooth
[2010.09.10 14:38:52 | 000,000,000 | ---D | M] -- C:\Users\All Users\BullGuard
[2011.01.21 23:25:01 | 000,000,000 | ---D | M] -- C:\Users\All Users\CAM Development
[2012.07.06 11:12:42 | 000,000,000 | ---D | M] -- C:\Users\All Users\Canneverbe Limited
[2010.12.21 18:54:57 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CanonBJ
[2010.12.21 19:18:51 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CanonEPP
[2011.01.06 12:49:01 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CanonIJEGV
[2010.12.21 19:20:52 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CanonIJEPPEX
[2010.12.21 19:18:51 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CanonIJEPPEX2
[2010.12.21 18:59:24 | 000,000,000 | ---D | M] -- C:\Users\All Users\CanonIJMSetup
[2010.12.21 19:18:50 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CanonIJMyPrinter
[2012.10.01 04:30:00 | 000,000,000 | ---D | M] -- C:\Users\All Users\CanonIJPLM
[2010.12.21 19:18:54 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CanonIJSolutionMenuEX
[2010.12.21 18:57:38 | 000,000,000 | ---D | M] -- C:\Users\All Users\CanonIJWSpt
[2011.12.13 12:28:15 | 000,000,000 | ---D | M] -- C:\Users\All Users\CheckPoint
[2012.04.06 22:36:51 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Common Files
[2011.05.27 20:42:55 | 000,000,000 | ---D | M] -- C:\Users\All Users\Das Fussball Studio
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Desktop
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Documents
[2010.09.10 14:23:35 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Dokumente
[2010.09.24 15:06:46 | 000,000,000 | ---D | M] -- C:\Users\All Users\Electronic Arts
[2010.09.10 14:23:35 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Favoriten
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Favorites
[2012.05.30 15:31:55 | 000,000,000 | ---D | M] -- C:\Users\All Users\GFI Software
[2011.09.02 19:02:18 | 000,000,000 | ---D | M] -- C:\Users\All Users\ICQ
[2011.02.03 11:43:08 | 000,000,000 | ---D | M] -- C:\Users\All Users\Installations
[2010.09.14 20:54:50 | 000,000,000 | ---D | M] -- C:\Users\All Users\ISDNWatch
[2011.09.18 13:50:27 | 000,000,000 | ---D | M] -- C:\Users\All Users\Kaspersky SDK
[2012.09.29 16:20:15 | 000,000,000 | ---D | M] -- C:\Users\All Users\Lexware
[2012.08.06 17:35:58 | 000,000,000 | ---D | M] -- C:\Users\All Users\LGMOBILEAX
[2011.12.26 00:31:42 | 000,000,000 | ---D | M] -- C:\Users\All Users\MAGIX
[2010.10.01 09:34:33 | 000,000,000 | ---D | M] -- C:\Users\All Users\Magix Shared
[2012.07.04 11:21:23 | 000,000,000 | ---D | M] -- C:\Users\All Users\Motorola
[2011.02.03 11:45:44 | 000,000,000 | ---D | M] -- C:\Users\All Users\Nokia
[2011.05.22 21:27:49 | 000,000,000 | ---D | M] -- C:\Users\All Users\NokiaAccount
[2011.02.03 11:35:56 | 000,000,000 | ---D | M] -- C:\Users\All Users\NokiaInstallerCache
[2010.10.28 09:33:37 | 000,000,000 | ---D | M] -- C:\Users\All Users\OO Software
[2010.11.17 23:21:04 | 000,000,000 | ---D | M] -- C:\Users\All Users\Panasonic
[2011.02.03 20:58:50 | 000,000,000 | ---D | M] -- C:\Users\All Users\PC Suite
[2010.10.28 14:56:56 | 000,000,000 | ---D | M] -- C:\Users\All Users\PimeroUpdater
[2011.09.25 19:24:16 | 000,000,000 | ---D | M] -- C:\Users\All Users\RapidSolution
[2012.06.03 09:31:13 | 000,000,000 | ---D | M] -- C:\Users\All Users\Samsung
[2010.09.14 09:30:30 | 000,000,000 | ---D | M] -- C:\Users\All Users\ScanSoft
[2010.10.28 14:56:56 | 000,000,000 | ---D | M] -- C:\Users\All Users\soft-evolution
[2012.08.17 13:24:08 | 000,000,000 | ---D | M] -- C:\Users\All Users\Sony
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Start Menu
[2010.09.10 14:23:35 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Startmenü
[2010.09.24 14:39:57 | 000,000,000 | ---D | M] -- C:\Users\All Users\T-Online
[2012.06.05 16:48:09 | 000,000,000 | ---D | M] -- C:\Users\All Users\Temp
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Templates
[2010.12.18 13:26:06 | 000,000,000 | ---D | M] -- C:\Users\All Users\TomTom
[2010.12.12 21:06:36 | 000,000,000 | ---D | M] -- C:\Users\All Users\Uniblue
[2010.09.10 14:23:35 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Vorlagen
[2010.09.10 14:23:35 | 000,000,000 | -HSD | M] -- C:\Users\Default\Anwendungsdaten
[2009.07.14 04:37:05 | 000,000,000 | -H-D | M] -- C:\Users\Default\AppData
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\Default\Application Data
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\Default\Cookies
[2009.07.14 04:04:25 | 000,000,000 | R--D | M] -- C:\Users\Default\Desktop
[2010.09.10 14:23:35 | 000,000,000 | R--D | M] -- C:\Users\Default\Documents
[2009.07.14 04:04:25 | 000,000,000 | R--D | M] -- C:\Users\Default\Downloads
[2010.09.10 14:23:35 | 000,000,000 | -HSD | M] -- C:\Users\Default\Druckumgebung
[2010.09.10 14:23:35 | 000,000,000 | -HSD | M] -- C:\Users\Default\Eigene Dateien
[2010.02.15 14:08:00 | 000,000,000 | R--D | M] -- C:\Users\Default\Favorites
[2009.07.14 04:04:25 | 000,000,000 | R--D | M] -- C:\Users\Default\Links
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\Default\Local Settings
[2010.09.10 14:23:35 | 000,000,000 | -HSD | M] -- C:\Users\Default\Lokale Einstellungen
[2009.07.14 04:04:25 | 000,000,000 | R--D | M] -- C:\Users\Default\Music
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\Default\My Documents
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\Default\NetHood
[2010.09.10 14:23:35 | 000,000,000 | -HSD | M] -- C:\Users\Default\Netzwerkumgebung
[2009.07.14 04:04:25 | 000,000,000 | R--D | M] -- C:\Users\Default\Pictures
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\Default\PrintHood
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\Default\Recent
[2009.07.14 04:04:25 | 000,000,000 | ---D | M] -- C:\Users\Default\Saved Games
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\Default\SendTo
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\Default\Start Menu
[2010.09.10 14:23:35 | 000,000,000 | -HSD | M] -- C:\Users\Default\Startmenü
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\Default\Templates
[2009.07.14 04:04:25 | 000,000,000 | R--D | M] -- C:\Users\Default\Videos
[2010.09.10 14:23:35 | 000,000,000 | -HSD | M] -- C:\Users\Default\Vorlagen
[2012.10.07 21:11:37 | 000,000,000 | RH-D | M] -- C:\Users\Public\Desktop
[2012.05.01 18:01:42 | 000,000,000 | R--D | M] -- C:\Users\Public\Documents
[2009.07.14 06:41:57 | 000,000,000 | R--D | M] -- C:\Users\Public\Downloads
[2009.07.14 04:04:25 | 000,000,000 | RH-D | M] -- C:\Users\Public\Favorites
[2010.09.10 14:23:36 | 000,000,000 | RH-D | M] -- C:\Users\Public\Libraries
[2009.07.14 06:41:57 | 000,000,000 | R--D | M] -- C:\Users\Public\Music
[2010.11.28 10:51:32 | 000,000,000 | R--D | M] -- C:\Users\Public\Pictures
[2010.09.11 11:34:19 | 000,000,000 | R--D | M] -- C:\Users\Public\Recorded TV
[2012.08.21 14:05:30 | 000,000,000 | R--D | M] -- C:\Users\Public\Videos
[2011.01.18 21:04:39 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\.gimp-2.6
[2012.08.16 14:37:17 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\.hgt
[2011.05.29 10:38:53 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\.jordan
[2012.08.11 19:06:48 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\.swt
[2011.01.18 20:57:41 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\.thumbnails
[2010.09.10 14:23:51 | 000,000,000 | -HSD | M] -- C:\Users\zr7driver\Anwendungsdaten
[2010.09.10 14:23:51 | 000,000,000 | -H-D | M] -- C:\Users\zr7driver\AppData
[2010.09.11 13:57:02 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\Application Data
[2012.07.12 18:50:21 | 000,000,000 | R--D | M] -- C:\Users\zr7driver\Contacts
[2010.09.10 14:23:51 | 000,000,000 | -HSD | M] -- C:\Users\zr7driver\Cookies
[2012.10.10 19:57:03 | 000,000,000 | R--D | M] -- C:\Users\zr7driver\Desktop
[2012.09.29 16:08:53 | 000,000,000 | R--D | M] -- C:\Users\zr7driver\Documents
[2012.10.09 18:56:03 | 000,000,000 | R--D | M] -- C:\Users\zr7driver\Downloads
[2012.10.10 19:41:56 | 000,000,000 | R--D | M] -- C:\Users\zr7driver\Dropbox
[2010.09.10 14:23:51 | 000,000,000 | -HSD | M] -- C:\Users\zr7driver\Druckumgebung
[2010.09.10 14:23:51 | 000,000,000 | -HSD | M] -- C:\Users\zr7driver\Eigene Dateien
[2012.08.11 19:12:29 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\Eigene Routen
[2012.07.28 18:43:44 | 000,000,000 | R--D | M] -- C:\Users\zr7driver\Favorites
[2012.03.05 14:54:22 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\Handy
[2012.08.26 18:19:27 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\IGO
[2012.08.03 21:41:35 | 000,000,000 | R--D | M] -- C:\Users\zr7driver\Links
[2010.09.10 14:23:51 | 000,000,000 | -HSD | M] -- C:\Users\zr7driver\Lokale Einstellungen
[2012.10.09 09:02:41 | 000,000,000 | R--D | M] -- C:\Users\zr7driver\Music
[2010.09.10 14:23:51 | 000,000,000 | -HSD | M] -- C:\Users\zr7driver\Netzwerkumgebung
[2012.06.17 13:28:52 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\Neuer Ordner
[2012.06.17 13:29:08 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\Neuer Ordner (2)
[2012.06.17 13:29:52 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\Neuer Ordner (3)
[2012.10.02 19:47:04 | 000,000,000 | R--D | M] -- C:\Users\zr7driver\Pictures
[2012.08.20 17:46:18 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\Podcasts
[2010.09.10 14:23:51 | 000,000,000 | -HSD | M] -- C:\Users\zr7driver\Recent
[2012.07.12 18:50:22 | 000,000,000 | R--D | M] -- C:\Users\zr7driver\Saved Games
[2012.10.07 20:39:51 | 000,000,000 | R--D | M] -- C:\Users\zr7driver\Searches
[2010.09.10 14:23:51 | 000,000,000 | -HSD | M] -- C:\Users\zr7driver\SendTo
[2010.09.10 14:23:51 | 000,000,000 | -HSD | M] -- C:\Users\zr7driver\Startmenü
[2010.12.26 00:01:52 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\Tracing
[2012.09.30 13:51:29 | 000,000,000 | R--D | M] -- C:\Users\zr7driver\Videos
[2010.09.10 14:23:51 | 000,000,000 | -HSD | M] -- C:\Users\zr7driver\Vorlagen
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2010.10.28 14:18:49 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\A-Z Technology
[2010.10.02 22:04:10 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\acccore
[2012.05.30 09:44:14 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Ad-Aware Antivirus
[2011.06.13 19:49:33 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Adobe
[2010.12.16 21:21:27 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\ALK Technologies
[2011.09.09 13:46:44 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Amazon
[2011.10.29 09:06:40 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Apple Computer
[2012.05.26 21:04:40 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Ashampoo
[2012.08.11 11:42:43 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Audacity
[2011.01.26 15:58:44 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Avery
[2012.05.01 16:29:09 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\AVG2012
[2012.10.05 18:56:32 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Avira
[2010.12.04 14:50:24 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\BOM
[2012.07.06 11:12:41 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Canneverbe Limited
[2012.01.23 06:15:42 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Canon
[2010.12.21 19:26:56 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\CD-LabelPrint
[2011.06.04 13:50:55 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\CheckPoint
[2010.09.19 14:50:38 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Chilirec
[2011.09.02 19:03:03 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\COMPUTERBILD-Abzockschutz
[2012.06.03 00:15:44 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\concept design
[2012.06.21 20:11:09 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\convert
[2010.11.27 12:27:16 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Cool Record Edit Pro
[2010.11.19 12:08:31 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Corel
[2010.11.13 22:23:11 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\CyberLink
[2012.10.10 19:41:59 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Dropbox
[2010.09.11 21:55:53 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.10.23 11:56:56 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\FastStone
[2010.10.23 18:03:47 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\FinalTorrent
[2010.11.05 10:08:17 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Fixit-E28F99E6-6133-4824-AECC-4D2FB1701F0B
[2010.12.12 20:59:56 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\foobar2000
[2011.12.25 23:51:12 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Franzis
[2010.11.27 11:25:32 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Free Sound Recorder 2010
[2010.10.28 11:45:39 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\FreeCommander
[2012.10.10 12:09:45 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\FRITZ!
[2010.09.14 20:54:50 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\FRITZ!fax für FRITZ!Box
[2012.06.03 20:12:55 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Geek Uninstaller
[2012.08.23 18:51:08 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\GeoSetter
[2011.01.21 23:12:47 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\GetRightToGo
[2010.09.24 14:52:19 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\GlarySoft
[2011.01.18 20:57:44 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\gtk-2.0
[2012.07.18 09:51:28 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\HTC
[2011.06.13 19:56:38 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1
[2012.05.29 16:30:38 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\ICQ
[2010.09.10 14:24:11 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Identities
[2010.11.16 21:01:55 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\InstallShield
[2012.07.28 18:43:35 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\IObit
[2012.07.12 11:53:07 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\IrfanView
[2012.06.05 16:42:29 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\iSpy
[2012.09.29 16:19:37 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Lexware
[2010.09.13 11:15:13 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\LG Electronics
[2010.09.10 14:47:37 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Macromedia
[2011.12.26 15:19:54 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\MAGIX
[2012.04.06 22:14:51 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Malwarebytes
[2010.10.28 14:25:13 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Marine Aquarium 3
[2009.07.14 10:56:41 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Media Center Programs
[2012.04.09 20:31:48 | 000,000,000 | --SD | M] -- C:\Users\zr7driver\AppData\Roaming\Microsoft
[2011.06.04 09:41:15 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Miranda
[2011.05.01 19:40:34 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Miranda Fusion
[2011.12.16 20:49:54 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\motorola
[2012.07.04 10:14:43 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Motorola Mobility
[2010.09.12 23:24:34 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Mozilla
[2012.06.10 17:56:08 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\MyPhoneExplorer
[2011.10.23 12:38:31 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\NCH Software
[2010.09.24 15:28:50 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Need for Speed World
[2012.10.10 20:14:45 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\NetSpeedMonitor
[2011.02.03 11:47:02 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Nokia
[2011.02.03 11:47:05 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Nokia Ovi Suite
[2010.09.20 10:01:58 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\OpenOffice.org
[2011.06.14 18:11:07 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Outlook
[2011.04.03 16:48:53 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\PC Suite
[2012.07.29 11:28:54 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\QuickScan
[2012.06.03 00:18:52 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Real
[2012.06.03 00:19:00 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\RealNetworks
[2011.01.06 14:37:49 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Recolored
[2012.06.03 09:29:45 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Samsung
[2010.12.13 18:44:15 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\ScanSoft
[2012.10.07 14:09:28 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Skype
[2012.04.09 20:31:38 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\skypePM
[2010.10.28 14:56:56 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\soft-evolution
[2012.09.17 10:23:30 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\SoftMaker
[2012.08.18 20:34:51 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Sony
[2010.10.29 01:45:32 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\streamripper
[2012.06.03 09:41:32 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Temp
[2010.09.20 09:33:23 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Template
[2010.09.12 23:24:33 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Thunderbird
[2010.12.18 13:25:50 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\TomTom
[2010.12.12 21:19:08 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Uniblue
[2012.09.26 09:24:10 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\vlc
[2012.01.08 00:12:50 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Weather Pulse
[2012.02.24 14:52:39 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\WeatherWatcherLive
[2010.12.26 00:01:52 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Winamp
[2010.10.23 19:53:19 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\WinRAR
[2012.10.10 19:43:04 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Wise Care 365
[2012.09.10 14:08:58 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Yahoo!
 
< %APPDATA%\*.exe /s >
[2011.12.25 23:48:53 | 000,709,568 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\unins000.exe
[2009.08.10 04:15:00 | 000,563,056 | ---- | M] (Avery Dennison Corporation. Envel Informationssysteme GmbH.) -- C:\Users\zr7driver\AppData\Roaming\Avery\Avery Wizard 3.1\AZWizard.exe
[2012.06.21 20:13:57 | 012,697,088 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\convert\convert.exe
[2012.07.25 04:08:10 | 026,909,544 | ---- | M] (Dropbox, Inc.) -- C:\Users\zr7driver\AppData\Roaming\Dropbox\bin\Dropbox.exe
[2012.07.25 04:08:14 | 000,874,424 | ---- | M] (Dropbox, Inc.) -- C:\Users\zr7driver\AppData\Roaming\Dropbox\bin\DropboxUpdateHelper.exe
[2012.07.25 04:08:20 | 000,181,784 | ---- | M] (Dropbox, Inc.) -- C:\Users\zr7driver\AppData\Roaming\Dropbox\bin\Uninstall.exe
[2012.08.18 07:23:58 | 004,907,207 | ---- | M] (Phil Harvey) -- C:\Users\zr7driver\AppData\Roaming\GeoSetter\tools\exiftool(-k).exe
[2010.09.13 12:10:23 | 000,053,248 | R--- | M] (Acresso Software Inc.) -- C:\Users\zr7driver\AppData\Roaming\Microsoft\Installer\{3E8DE1A6-B365-4FF6-B917-2892A34990E8}\ARPPRODUCTICON.exe
[2011.10.01 17:52:52 | 000,137,750 | R--- | M] () -- C:\Users\zr7driver\AppData\Roaming\Microsoft\Installer\{5D5509EA-B85A-411E-AB75-59069A411876}\_6199747583AC94FD011270.exe
[2011.10.01 17:52:52 | 000,137,750 | R--- | M] () -- C:\Users\zr7driver\AppData\Roaming\Microsoft\Installer\{5D5509EA-B85A-411E-AB75-59069A411876}\_7A9B8CB6BE7902E1058674.exe
[2011.10.01 17:52:52 | 000,137,750 | R--- | M] () -- C:\Users\zr7driver\AppData\Roaming\Microsoft\Installer\{5D5509EA-B85A-411E-AB75-59069A411876}\_853F67D554F05449430E7E.exe
[2011.10.01 17:52:52 | 000,010,134 | R--- | M] () -- C:\Users\zr7driver\AppData\Roaming\Microsoft\Installer\{5D5509EA-B85A-411E-AB75-59069A411876}\_9E1C27574C0C6A1F98F273.exe
[2011.01.26 15:58:48 | 000,010,134 | R--- | M] () -- C:\Users\zr7driver\AppData\Roaming\Microsoft\Installer\{77077FFF-8831-470F-9627-E86F06A50CCD}\ARPPRODUCTICON.exe
[2012.04.15 21:34:06 | 000,675,840 | ---- | M] (Maximilian Stangel) -- C:\Users\zr7driver\AppData\Roaming\Microsoft\Windows\Templates\BLT11-12_206.exe
[2011.01.16 11:17:32 | 000,510,120 | ---- | M] (RealNetworks, Inc.) -- C:\Users\zr7driver\AppData\Roaming\Real\Update\setup3.13\setup.exe
[2012.05.30 15:27:54 | 000,315,544 | ---- | M] (RealNetworks, Inc.) -- C:\Users\zr7driver\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\9.11\rnupgagent.exe
[2012.05.30 18:29:03 | 027,381,184 | ---- | M] (RealNetworks, Inc.) -- C:\Users\zr7driver\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\9.11\stub_data\RealPlayer.exe
[2012.05.30 18:28:15 | 000,692,480 | ---- | M] (RealNetworks, Inc.) -- C:\Users\zr7driver\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\9.11\stub_exe\RealPlayer.exe
[2012.05.30 03:17:52 | 000,958,392 | ---- | M] (Samsung) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\Kies.exe
[2012.05.30 03:17:54 | 000,278,968 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\KiesDriverInstaller.exe
[2012.05.23 18:51:18 | 000,318,976 | ---- | M] (Samsung) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\KiesLogger.exe
[2012.05.30 03:17:54 | 003,521,464 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\KiesTrayAgent.exe
[2012.05.23 18:50:32 | 000,180,224 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\DeviceModules\ConnectionManager.exe
[2012.05.23 18:50:32 | 000,321,024 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\DeviceModules\DeviceDataService.exe
[2012.05.30 02:49:14 | 000,721,920 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\DeviceModules\DeviceManager.exe
[2012.05.30 03:18:02 | 000,067,512 | ---- | M] (Samsung) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\DeviceModules\Kies_Tutorial.exe
[2012.05.23 18:50:18 | 000,106,960 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\FirmwareUpdate\AgentInstaller.exe
[2012.05.23 18:50:18 | 000,101,328 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\FirmwareUpdate\AgentUpdate.exe
[2012.05.30 03:18:04 | 000,183,736 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\FirmwareUpdate\BinaryLoaderMgr.exe
[2012.05.30 03:18:06 | 000,021,432 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\FirmwareUpdate\KiesPDLR.exe
[2012.05.30 03:18:08 | 003,570,352 | ---- | M] (Freeware) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\MediaModules\MyFreeCodecPack.exe
[2012.05.23 18:50:02 | 000,221,184 | ---- | M] (ENJsoft corp.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\TransModules\SelfMV.exe
[2012.05.23 18:50:04 | 000,061,440 | ---- | M] (ENJsoft corp.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\TransModules\SelfMV2.exe
[2012.05.30 03:18:10 | 000,371,128 | ---- | M] (ml) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\Updater\Kies.Update.exe
[2012.05.23 18:49:28 | 024,162,120 | ---- | M] (SAMSUNG Electronics Co., Ltd.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\USB Driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe
[2012.08.31 02:52:12 | 000,964,024 | ---- | M] (Samsung) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\Kies.exe
[2012.08.28 03:06:22 | 000,291,840 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\KiesAgent.exe
[2012.08.31 02:52:14 | 000,278,968 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\KiesDriverInstaller.exe
[2012.08.28 03:06:22 | 000,320,512 | ---- | M] (Samsung) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\KiesLogger.exe
[2012.08.31 02:52:14 | 003,524,536 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\KiesTrayAgent.exe
[2012.08.28 03:05:28 | 000,182,784 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\ConnectionManager.exe
[2012.08.28 03:05:28 | 000,322,048 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\DeviceDataService.exe
[2012.08.28 03:05:32 | 000,717,312 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\DeviceManager.exe
[2012.08.31 02:52:18 | 000,067,512 | ---- | M] (Samsung) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\Kies_Tutorial.exe
[2012.08.28 03:05:28 | 000,057,344 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\RegisterCOM.exe
[2012.08.28 03:05:14 | 000,106,960 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\FirmwareUpdate\AgentInstaller.exe
[2012.08.28 03:05:14 | 000,101,328 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\FirmwareUpdate\AgentUpdate.exe
[2012.08.31 02:52:20 | 000,183,736 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\FirmwareUpdate\BinaryLoaderMgr.exe
[2012.08.31 02:52:22 | 000,021,432 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\FirmwareUpdate\KiesPDLR.exe
[2012.08.31 02:52:24 | 003,765,256 | ---- | M] (Freeware) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\MediaModules\MyFreeCodecPack.exe
[2012.08.28 03:05:02 | 000,262,144 | ---- | M] (ENJsoft corp.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\TransModules\SelfMV.exe
[2012.08.28 03:05:02 | 000,090,112 | ---- | M] (ENJsoft corp.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\TransModules\SelfMV2.exe
[2012.08.31 02:52:26 | 000,593,848 | ---- | M] (ml) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\Updater\Kies.Update.exe
[2012.08.28 03:04:28 | 024,177,352 | ---- | M] (SAMSUNG Electronics Co., Ltd.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\USB Driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe
[2012.05.30 03:18:10 | 000,371,128 | ---- | M] (ml) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Temp\Kies.Update.exe
[2012.08.31 02:52:26 | 000,593,848 | ---- | M] (ml) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Updater\Kies.Update.exe
[2012.02.26 12:57:16 | 005,070,960 | ---- | M] (Uniblue Systems Ltd                                         ) -- C:\Users\zr7driver\AppData\Roaming\Uniblue\SystemTweaker\_temp\ub.exe
 
< %SYSTEMDRIVE%\*.exe >
[2010.03.10 18:51:36 | 000,008,904 | ---- | M] (HTC) -- C:\EnterBootloader.exe
[2010.03.10 18:51:36 | 000,175,304 | ---- | M] (HTC) -- C:\rapitool.exe
[2010.03.10 18:51:36 | 000,013,512 | ---- | M] () -- C:\RUUGetInfo.exe
[2010.03.10 18:54:08 | 001,481,928 | ---- | M] (HTC) -- C:\task29.exe
 
< MD5 for: AGP440.SYS  >
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
 
< MD5 for: EVENTLOG.DLL  >
[2010.07.06 12:53:22 | 000,043,520 | ---- | M] (Panasonic Corporation) MD5=536BD91DA54844945AF4971D877692D4 -- C:\Program Files\Panasonic\PHOTOfunSTUDIO 5.2 HD\Core\EventLog\EventLog.dll
[2008.06.06 15:03:52 | 000,007,216 | ---- | M] () MD5=C2A279A458A06DE2C83D842AA042B5A8 -- C:\Program Files\CyberLink\PowerDirector\EventLog.dll
 
< MD5 for: IASTORV.SYS  >
[2011.03.11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\drivers\iaStorV.sys
[2011.03.11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_b0daddb9e6380745\iaStorV.sys
[2011.03.11 07:43:55 | 000,332,160 | ---- | M] (Intel Corporation) MD5=71F1A494FEDF4B33C02C4A6A28D6D9E9 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_aef580fde910b4b0\iaStorV.sys
[2011.03.11 07:28:00 | 000,332,160 | ---- | M] (Intel Corporation) MD5=778D0E6D7D9EBA0C403BADBAAD41DB20 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_b152a892ff64119f\iaStorV.sys
[2009.07.14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys
[2010.11.20 14:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_668286aa35d55928\iaStorV.sys
[2010.11.20 14:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_b118bc63e60a139a\iaStorV.sys
[2011.03.11 07:52:21 | 000,332,160 | ---- | M] (Intel Corporation) MD5=B9039A34C2F8769490DCC494E2402445 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_afae2d45020c148b\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\System32\netlogon.dll
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_ffbf212e963c0162\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2011.03.11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\drivers\nvstor.sys
[2011.03.11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_3ba44e691d6eb11d\nvstor.sys
[2011.03.11 07:44:01 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4520B63899E867F354EE012D34E11536 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_39bef1ad20475e88\nvstor.sys
[2011.03.11 07:28:10 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=66D468654A58594F5F3BA63D5AD5B1AF -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_3c1c1942369abb77\nvstor.sys
[2011.03.11 07:52:25 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=8A7583A3B58D3EEB28BB26626526BC91 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_3a779df43942be63\nvstor.sys
[2010.11.20 14:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.20 14:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvstor.sys
[2009.07.14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys
 
< MD5 for: NVSTOR32.SYS  >
[2009.06.30 17:32:54 | 000,212,000 | ---- | M] (NVIDIA Corporation) MD5=032EF66DD96692AD3A9D36160F467F67 -- C:\Medion\Chipset\Win7Vista32_new_15.46\Win7Vista32\International\IDE\Win7\sata_ide\nvstor32.sys
[2009.06.30 17:32:54 | 000,212,000 | ---- | M] (NVIDIA Corporation) MD5=032EF66DD96692AD3A9D36160F467F67 -- C:\Medion\Chipset\Win7Vista32_new_15.46\Win7Vista32\International\IDE\WinVista\sata_ide\nvstor32.sys
[2009.06.30 17:32:54 | 000,212,000 | ---- | M] (NVIDIA Corporation) MD5=032EF66DD96692AD3A9D36160F467F67 -- C:\Windows\System32\drivers\nvstor32.sys
[2009.06.30 17:32:54 | 000,212,000 | ---- | M] (NVIDIA Corporation) MD5=032EF66DD96692AD3A9D36160F467F67 -- C:\Windows\System32\DriverStore\FileRepository\nvstor32.inf_x86_neutral_68640c3c72cad0af\nvstor32.sys
[2009.06.30 17:33:08 | 000,212,000 | ---- | M] (NVIDIA Corporation) MD5=3A1A03FF72DF7114B35AE0FD6781464D -- C:\Medion\Chipset\Win7Vista32_new_15.46\Win7Vista32\International\IDE\Win7\sataraid\nvstor32.sys
[2009.06.30 17:33:08 | 000,212,000 | ---- | M] (NVIDIA Corporation) MD5=3A1A03FF72DF7114B35AE0FD6781464D -- C:\Medion\Chipset\Win7Vista32_new_15.46\Win7Vista32\International\IDE\WinVista\sataraid\nvstor32.sys
 
< MD5 for: SCECLI.DLL  >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll
 
< MD5 for: USER32.DLL  >
[2009.07.14 03:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=34B7E222E81FAFA885F0C5F2CFA56861 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_cd0ec264ceb014a3\user32.dll
[2010.11.20 14:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\System32\user32.dll
[2010.11.20 14:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_cf3fd62ccb9e983d\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
 
< MD5 for: WININIT.EXE  >
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\System32\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe
 
< MD5 for: WINLOGON.EXE  >
[2009.10.28 08:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009.10.28 07:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2012.09.07 17:04:42 | 000,218,696 | ---- | M] () MD5=4E0D8C9F83B7FD82393F7D8CCC27E7AE -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2010.11.20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010.11.20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009.07.14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2009.07.14 01:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2009.07.14 01:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_4f5cf6f829213bb2\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
[2011.05.01 16:21:48 | 000,353,792 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\dxtmsft.dll
[2011.05.01 16:21:48 | 000,223,232 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\dxtrans.dll
[2009.07.14 03:15:21 | 000,462,848 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\FirewallAPI.dll
 
<           >
[2009.07.14 06:53:46 | 000,032,632 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009.07.14 06:53:47 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2010.09.12 21:18:04 | 000,001,100 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2010.09.12 21:18:05 | 000,001,104 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2010.09.24 14:31:09 | 000,000,322 | ---- | C] () -- C:\Windows\Tasks\GlaryInitialize.job
[2012.03.07 14:21:41 | 000,000,922 | ---- | C] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2688999502-884777346-3256751407-1001Core.job
[2012.03.07 14:21:43 | 000,000,944 | ---- | C] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2688999502-884777346-3256751407-1001UA.job
[2012.03.30 04:45:50 | 000,000,884 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2012.09.28 22:24:17 | 000,000,406 | ---- | C] () -- C:\Windows\Tasks\Wise Care 365.job

< End of report >
         
Code:
ATTFilter
========== Files - Modified Within 30 Days ==========
 
[2012.10.10 19:57:07 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\zr7driver\Desktop\OTL.exe
[2012.10.10 19:49:41 | 000,009,888 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.10.10 19:49:40 | 000,009,888 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.10.10 19:49:11 | 000,707,706 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.10.10 19:49:11 | 000,661,302 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.10.10 19:49:11 | 000,153,192 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.10.10 19:49:11 | 000,125,388 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.10.10 19:41:04 | 000,001,100 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.10.10 19:40:22 | 000,000,322 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job
[2012.10.10 19:40:21 | 000,000,406 | ---- | M] () -- C:\Windows\tasks\Wise Care 365.job
[2012.10.10 19:40:09 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.10.10 19:39:54 | 2616,643,584 | -HS- | M] () -- C:\hiberfil.sys
[2012.10.10 11:33:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.10.10 11:12:00 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.10.10 10:34:00 | 000,000,944 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2688999502-884777346-3256751407-1001UA.job
[2012.10.09 20:32:20 | 000,538,327 | ---- | M] () -- C:\Users\zr7driver\Desktop\adwcleaner.exe
[2012.10.09 15:15:36 | 000,002,326 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012.10.08 22:34:00 | 000,000,922 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2688999502-884777346-3256751407-1001Core.job
[2012.10.07 21:11:37 | 000,002,022 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2012.10.07 01:11:17 | 000,001,089 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.10.01 17:14:23 | 000,134,184 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avipbb.sys
[2012.09.29 16:25:19 | 000,002,739 | ---- | M] () -- C:\Users\Public\Desktop\Steuer 2010.lnk
[2012.09.28 21:41:07 | 000,001,124 | ---- | M] () -- C:\Users\Public\Desktop\Wise Care 365.lnk
[2012.09.27 21:12:55 | 000,010,495 | ---- | M] () -- C:\Users\zr7driver\WaltherR_elster_2048.pfx
[2012.09.24 09:58:11 | 000,036,552 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avkmgr.sys
[2012.09.21 10:58:54 | 000,001,094 | ---- | M] () -- C:\Users\zr7driver\Desktop\Urlaubsplaner 2013 (Version 2.13) - Deutschland.lnk
[2012.09.18 10:15:17 | 000,000,969 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.09.14 12:09:37 | 000,001,900 | ---- | M] () -- C:\Users\Public\Desktop\Steuer-Sparer 2012.lnk
[2012.09.13 10:58:17 | 000,083,792 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avgntflt.sys
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.10.07 10:04:28 | 000,538,327 | ---- | C] () -- C:\Users\zr7driver\Desktop\adwcleaner.exe
[2012.10.07 01:11:17 | 000,001,089 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.10.05 18:50:12 | 000,002,022 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2012.09.29 16:15:52 | 000,002,739 | ---- | C] () -- C:\Users\Public\Desktop\Steuer 2010.lnk
[2012.09.28 22:24:17 | 000,000,406 | ---- | C] () -- C:\Windows\tasks\Wise Care 365.job
[2012.09.28 21:41:07 | 000,001,124 | ---- | C] () -- C:\Users\Public\Desktop\Wise Care 365.lnk
[2012.09.27 21:12:39 | 000,010,495 | ---- | C] () -- C:\Users\zr7driver\WaltherR_elster_2048.pfx
[2012.09.21 10:58:54 | 000,001,094 | ---- | C] () -- C:\Users\zr7driver\Desktop\Urlaubsplaner 2013 (Version 2.13) - Deutschland.lnk
[2012.09.14 12:02:28 | 000,001,900 | ---- | C] () -- C:\Users\Public\Desktop\Steuer-Sparer 2012.lnk
[2012.07.29 10:59:44 | 000,000,017 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\resmon.resmoncfg
[2012.06.17 13:31:23 | 000,001,124 | ---- | C] () -- C:\Users\zr7driver\Unterammergau_2012.itn
[2012.06.17 13:29:59 | 000,023,945 | ---- | C] () -- C:\Users\zr7driver\Unterammergau_2012.kml
[2012.04.09 20:19:46 | 000,002,773 | ---- | C] () -- \ZR7DRIVER-PC.rtf
[2012.03.30 20:40:37 | 000,338,432 | ---- | C] () -- C:\Windows\System32\sqlite36_engine.dll
[2012.03.15 12:19:31 | 002,950,336 | ---- | C] () -- C:\Users\zr7driver\Kony2012_digital_kit.zip
[2012.02.01 05:41:45 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{4A4B9D26-AA08-4479-8413-EC94C1495FEA}
[2012.01.31 19:15:44 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2012.01.31 19:15:42 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2012.01.31 19:15:42 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2012.01.31 19:15:42 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2012.01.31 19:15:42 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
[2012.01.13 20:08:12 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{3ADCD066-1845-4420-813A-0152E185A562}
[2011.12.30 10:50:01 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{0766FBBE-1B10-4D18-B8FD-7921451DF9C6}
[2011.12.26 13:04:07 | 000,451,072 | ---- | C] () -- C:\Windows\System32\ISSRemoveSP.exe
[2011.12.25 23:49:46 | 000,110,080 | ---- | C] () -- C:\Windows\System32\advd.dll
[2011.12.25 23:49:46 | 000,023,040 | ---- | C] () -- C:\Windows\System32\auth.dll
[2011.12.25 23:49:44 | 000,559,104 | ---- | C] () -- C:\Windows\System32\lame.exe
[2011.12.25 23:49:44 | 000,237,568 | ---- | C] () -- C:\Windows\System32\lame_enc.dll
[2011.12.23 10:50:00 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{1C4F85BF-C25C-40D8-9072-C915C7610CF0}
[2011.12.23 10:02:20 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{DC88FA66-C4A7-4165-B3C1-62F961889D2F}
[2011.12.23 05:42:16 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{753738CE-CC9E-43C5-A535-266989FB1EB0}
[2011.12.22 21:15:10 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{56518DCC-6EA3-475B-8402-DCD2DBC03511}
[2011.12.22 10:50:00 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{CEC58609-76D2-4EA6-9531-7C3AA9E59D4E}
[2011.12.22 09:58:41 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{75C3B094-F8E5-49A6-B3F7-6EE5EC9B06A9}
[2011.12.13 10:50:01 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{36A7198A-B63C-4ED1-8E79-D6E1A01847BA}
[2011.12.13 10:04:48 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{43A6C6E7-5102-4D08-B831-D9FF396BBB74}
[2011.12.12 10:50:02 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{E93FDF79-0B6E-40E7-ACBB-3E68917B158A}
[2011.12.08 10:08:03 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{A4AFC9A3-D672-44ED-982A-467C3938BFE7}
[2011.12.07 09:54:52 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{E9BBF441-1A49-47C7-A653-236B5B3BBFA1}
[2011.12.04 07:22:12 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{AE7A2FF6-BC86-4981-A1CC-55430DF54232}
[2011.12.02 10:04:51 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{5CE40A7C-C86D-4574-AA9B-81AF3B3984FF}
[2011.12.01 21:19:21 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{A67ACE38-ADEE-449A-86E7-909D2DBA9B23}
[2011.12.01 10:06:14 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{A795E345-7B05-4BC3-80F5-8E145C4EDBA5}
[2011.11.30 21:01:54 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{46D14579-E7ED-4468-A4A1-010E6903B9D6}
[2011.11.29 10:50:01 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{15BAC503-F22F-4409-A44E-3EF0670584FA}
[2011.11.29 10:03:41 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{759C9C24-C460-4D61-9460-1EBF1E7E2F7F}
[2011.11.29 05:39:30 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{4D4D9BF3-9AC9-4895-9352-F90DC35855A6}
[2011.11.25 19:49:49 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{A36FD9B9-77B7-4AA3-88CD-916BA7ED3164}
[2011.11.23 19:32:37 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{0BF97707-9995-4474-AA26-C1B7A09F2755}
[2011.11.20 12:36:06 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{9A3933A9-ABB4-4DD1-BDF9-EE9E60064BA0}
[2011.11.14 11:03:11 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{D09CB122-FADC-444C-8947-C71A91EABD81}
[2011.11.14 10:50:03 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{60914264-77B5-4DF5-97B5-7C0FF0508A66}
[2011.10.10 11:33:41 | 000,000,097 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\fusioncache.dat
[2011.06.17 00:36:07 | 005,406,987 | ---- | C] () -- \RUU_signed.nbh
[2011.06.17 00:36:07 | 001,481,928 | ---- | C] () -- \task29.exe
[2011.06.17 00:36:07 | 001,449,160 | ---- | C] () -- \RUUResource.dll
[2011.06.17 00:36:07 | 000,213,864 | ---- | C] () -- \ModelID.fig
[2011.06.17 00:36:07 | 000,175,304 | ---- | C] () -- \rapitool.exe
[2011.06.17 00:36:07 | 000,141,368 | ---- | C] () -- \ErrorUSB.fig
[2011.06.17 00:36:07 | 000,095,552 | ---- | C] () -- \ErrorBattery.fig
[2011.06.17 00:36:07 | 000,013,512 | ---- | C] () -- \RUUGetInfo.exe
[2011.06.17 00:36:07 | 000,008,904 | ---- | C] () -- \EnterBootloader.exe
[2011.06.17 00:36:07 | 000,000,013 | ---- | C] () -- \ROMUpdateUtility.cfg
[2011.06.10 06:34:52 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2011.06.03 22:46:09 | 000,000,518 | ---- | C] () -- C:\Windows\wininit.ini
[2011.04.27 10:40:07 | 000,000,064 | ---- | C] () -- C:\Windows\System32\rp_stats.dat
[2011.04.27 10:40:07 | 000,000,044 | ---- | C] () -- C:\Windows\System32\rp_rules.dat
[2011.01.21 23:30:49 | 000,000,102 | ---- | C] () -- \qehjlhawlh
[2011.01.18 20:57:44 | 000,000,862 | ---- | C] () -- C:\Users\zr7driver\.recently-used.xbel
[2011.01.08 12:02:39 | 000,001,117 | ---- | C] () -- C:\Users\zr7driver\Dokumente - Verknüpfung.lnk
[2011.01.04 21:05:23 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll
[2010.12.26 00:18:10 | 000,000,064 | ---- | C] () -- C:\ProgramData\sandra.ldb
[2010.12.26 00:14:22 | 010,960,896 | ---- | C] () -- C:\ProgramData\sandra.mda
[2010.11.16 21:01:57 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
[2010.11.16 21:01:56 | 000,111,932 | ---- | C] () -- C:\Windows\System32\EPPICPrinterDB.dat
[2010.11.16 21:01:56 | 000,031,053 | ---- | C] () -- C:\Windows\System32\EPPICPattern131.dat
[2010.11.16 21:01:56 | 000,027,417 | ---- | C] () -- C:\Windows\System32\EPPICPattern121.dat
[2010.11.16 21:01:56 | 000,026,154 | ---- | C] () -- C:\Windows\System32\EPPICPattern1.dat
[2010.11.16 21:01:56 | 000,024,903 | ---- | C] () -- C:\Windows\System32\EPPICPattern3.dat
[2010.11.16 21:01:56 | 000,021,390 | ---- | C] () -- C:\Windows\System32\EPPICPattern5.dat
[2010.11.16 21:01:56 | 000,020,148 | ---- | C] () -- C:\Windows\System32\EPPICPattern2.dat
[2010.11.16 21:01:56 | 000,011,811 | ---- | C] () -- C:\Windows\System32\EPPICPattern4.dat
[2010.11.16 21:01:56 | 000,004,943 | ---- | C] () -- C:\Windows\System32\EPPICPattern6.dat
[2010.11.16 21:01:56 | 000,001,146 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_DU.dat
[2010.11.16 21:01:56 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_PT.dat
[2010.11.16 21:01:56 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_BP.dat
[2010.11.16 21:01:56 | 000,001,136 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_ES.dat
[2010.11.16 21:01:56 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_FR.dat
[2010.11.16 21:01:56 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_CF.dat
[2010.11.16 21:01:56 | 000,001,120 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_IT.dat
[2010.11.16 21:01:56 | 000,001,107 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_GE.dat
[2010.11.16 21:01:56 | 000,001,104 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_EN.dat
[2010.10.28 13:24:13 | 000,015,873 | ---- | C] () -- C:\Windows\System32\Inetde.dll
[2010.10.03 22:23:13 | 001,140,638 | ---- | C] () -- C:\Users\zr7driver\Backup LG GT540 Optimus 03.10.2010.mpb
[2010.10.02 22:02:25 | 000,000,360 | -H-- | C] () -- \IPH.PH
[2010.09.24 13:26:13 | 000,050,688 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.09.12 11:27:22 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.09.10 14:15:23 | 2616,643,584 | -HS- | C] () -- \hiberfil.sys
[2010.02.15 15:31:27 | 000,000,000 | RHS- | C] () -- \MSDOS.SYS
[2010.02.15 15:31:27 | 000,000,000 | RHS- | C] () -- \IO.SYS
[2009.07.14 04:04:04 | 000,000,024 | ---- | C] () -- \autoexec.bat
[2009.07.14 04:04:04 | 000,000,010 | ---- | C] () -- \config.sys
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2010.09.10 14:23:37 | 000,000,000 | -H-D | M] -- C:\Users\Administrator\AppData
[2012.09.14 12:05:54 | 000,000,000 | ---D | M] -- C:\Users\All Users\AAV
[2012.06.21 22:54:33 | 000,000,000 | ---D | M] -- C:\Users\All Users\Acronis
[2010.10.02 22:02:57 | 000,000,000 | ---D | M] -- C:\Users\All Users\AIM
[2010.09.10 14:33:24 | 000,000,000 | ---D | M] -- C:\Users\All Users\ALDI Sued Foto Service
[2010.02.15 19:14:06 | 000,000,000 | ---D | M] -- C:\Users\All Users\Aldi Sued Fotoservice
[2010.09.10 14:23:35 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Anwendungsdaten
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Application Data
[2010.02.04 10:24:04 | 000,000,000 | ---D | M] -- C:\Users\All Users\Applications
[2010.10.01 09:50:45 | 000,000,000 | ---D | M] -- C:\Users\All Users\ashampoo
[2010.10.28 14:22:41 | 000,000,000 | ---D | M] -- C:\Users\All Users\Avanquest
[2011.12.13 12:33:25 | 000,000,000 | ---D | M] -- C:\Users\All Users\AVAST Software
[2011.01.21 23:14:26 | 000,000,000 | ---D | M] -- C:\Users\All Users\Avery
[2012.05.01 17:04:55 | 000,000,000 | ---D | M] -- C:\Users\All Users\AVG2012
[2011.03.20 19:35:07 | 000,000,000 | ---D | M] -- C:\Users\All Users\Badoo
[2011.11.13 13:13:35 | 000,000,000 | ---D | M] -- C:\Users\All Users\BlueStacks
[2010.09.11 13:32:20 | 000,000,000 | ---D | M] -- C:\Users\All Users\Bluetooth
[2010.09.10 14:38:52 | 000,000,000 | ---D | M] -- C:\Users\All Users\BullGuard
[2011.01.21 23:25:01 | 000,000,000 | ---D | M] -- C:\Users\All Users\CAM Development
[2012.07.06 11:12:42 | 000,000,000 | ---D | M] -- C:\Users\All Users\Canneverbe Limited
[2010.12.21 18:54:57 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CanonBJ
[2010.12.21 19:18:51 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CanonEPP
[2011.01.06 12:49:01 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CanonIJEGV
[2010.12.21 19:20:52 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CanonIJEPPEX
[2010.12.21 19:18:51 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CanonIJEPPEX2
[2010.12.21 18:59:24 | 000,000,000 | ---D | M] -- C:\Users\All Users\CanonIJMSetup
[2010.12.21 19:18:50 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CanonIJMyPrinter
[2012.10.01 04:30:00 | 000,000,000 | ---D | M] -- C:\Users\All Users\CanonIJPLM
[2010.12.21 19:18:54 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CanonIJSolutionMenuEX
[2010.12.21 18:57:38 | 000,000,000 | ---D | M] -- C:\Users\All Users\CanonIJWSpt
[2011.12.13 12:28:15 | 000,000,000 | ---D | M] -- C:\Users\All Users\CheckPoint
[2012.04.06 22:36:51 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Common Files
[2011.05.27 20:42:55 | 000,000,000 | ---D | M] -- C:\Users\All Users\Das Fussball Studio
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Desktop
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Documents
[2010.09.10 14:23:35 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Dokumente
[2010.09.24 15:06:46 | 000,000,000 | ---D | M] -- C:\Users\All Users\Electronic Arts
[2010.09.10 14:23:35 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Favoriten
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Favorites
[2012.05.30 15:31:55 | 000,000,000 | ---D | M] -- C:\Users\All Users\GFI Software
[2011.09.02 19:02:18 | 000,000,000 | ---D | M] -- C:\Users\All Users\ICQ
[2011.02.03 11:43:08 | 000,000,000 | ---D | M] -- C:\Users\All Users\Installations
[2010.09.14 20:54:50 | 000,000,000 | ---D | M] -- C:\Users\All Users\ISDNWatch
[2011.09.18 13:50:27 | 000,000,000 | ---D | M] -- C:\Users\All Users\Kaspersky SDK
[2012.09.29 16:20:15 | 000,000,000 | ---D | M] -- C:\Users\All Users\Lexware
[2012.08.06 17:35:58 | 000,000,000 | ---D | M] -- C:\Users\All Users\LGMOBILEAX
[2011.12.26 00:31:42 | 000,000,000 | ---D | M] -- C:\Users\All Users\MAGIX
[2010.10.01 09:34:33 | 000,000,000 | ---D | M] -- C:\Users\All Users\Magix Shared
[2012.07.04 11:21:23 | 000,000,000 | ---D | M] -- C:\Users\All Users\Motorola
[2011.02.03 11:45:44 | 000,000,000 | ---D | M] -- C:\Users\All Users\Nokia
[2011.05.22 21:27:49 | 000,000,000 | ---D | M] -- C:\Users\All Users\NokiaAccount
[2011.02.03 11:35:56 | 000,000,000 | ---D | M] -- C:\Users\All Users\NokiaInstallerCache
[2010.10.28 09:33:37 | 000,000,000 | ---D | M] -- C:\Users\All Users\OO Software
[2010.11.17 23:21:04 | 000,000,000 | ---D | M] -- C:\Users\All Users\Panasonic
[2011.02.03 20:58:50 | 000,000,000 | ---D | M] -- C:\Users\All Users\PC Suite
[2010.10.28 14:56:56 | 000,000,000 | ---D | M] -- C:\Users\All Users\PimeroUpdater
[2011.09.25 19:24:16 | 000,000,000 | ---D | M] -- C:\Users\All Users\RapidSolution
[2012.06.03 09:31:13 | 000,000,000 | ---D | M] -- C:\Users\All Users\Samsung
[2010.09.14 09:30:30 | 000,000,000 | ---D | M] -- C:\Users\All Users\ScanSoft
[2010.10.28 14:56:56 | 000,000,000 | ---D | M] -- C:\Users\All Users\soft-evolution
[2012.08.17 13:24:08 | 000,000,000 | ---D | M] -- C:\Users\All Users\Sony
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Start Menu
[2010.09.10 14:23:35 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Startmenü
[2010.09.24 14:39:57 | 000,000,000 | ---D | M] -- C:\Users\All Users\T-Online
[2012.06.05 16:48:09 | 000,000,000 | ---D | M] -- C:\Users\All Users\Temp
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Templates
[2010.12.18 13:26:06 | 000,000,000 | ---D | M] -- C:\Users\All Users\TomTom
[2010.12.12 21:06:36 | 000,000,000 | ---D | M] -- C:\Users\All Users\Uniblue
[2010.09.10 14:23:35 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Vorlagen
[2010.09.10 14:23:35 | 000,000,000 | -HSD | M] -- C:\Users\Default\Anwendungsdaten
[2009.07.14 04:37:05 | 000,000,000 | -H-D | M] -- C:\Users\Default\AppData
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\Default\Application Data
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\Default\Cookies
[2009.07.14 04:04:25 | 000,000,000 | R--D | M] -- C:\Users\Default\Desktop
[2010.09.10 14:23:35 | 000,000,000 | R--D | M] -- C:\Users\Default\Documents
[2009.07.14 04:04:25 | 000,000,000 | R--D | M] -- C:\Users\Default\Downloads
[2010.09.10 14:23:35 | 000,000,000 | -HSD | M] -- C:\Users\Default\Druckumgebung
[2010.09.10 14:23:35 | 000,000,000 | -HSD | M] -- C:\Users\Default\Eigene Dateien
[2010.02.15 14:08:00 | 000,000,000 | R--D | M] -- C:\Users\Default\Favorites
[2009.07.14 04:04:25 | 000,000,000 | R--D | M] -- C:\Users\Default\Links
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\Default\Local Settings
[2010.09.10 14:23:35 | 000,000,000 | -HSD | M] -- C:\Users\Default\Lokale Einstellungen
[2009.07.14 04:04:25 | 000,000,000 | R--D | M] -- C:\Users\Default\Music
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\Default\My Documents
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\Default\NetHood
[2010.09.10 14:23:35 | 000,000,000 | -HSD | M] -- C:\Users\Default\Netzwerkumgebung
[2009.07.14 04:04:25 | 000,000,000 | R--D | M] -- C:\Users\Default\Pictures
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\Default\PrintHood
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\Default\Recent
[2009.07.14 04:04:25 | 000,000,000 | ---D | M] -- C:\Users\Default\Saved Games
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\Default\SendTo
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\Default\Start Menu
[2010.09.10 14:23:35 | 000,000,000 | -HSD | M] -- C:\Users\Default\Startmenü
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\Default\Templates
[2009.07.14 04:04:25 | 000,000,000 | R--D | M] -- C:\Users\Default\Videos
[2010.09.10 14:23:35 | 000,000,000 | -HSD | M] -- C:\Users\Default\Vorlagen
[2012.10.07 21:11:37 | 000,000,000 | RH-D | M] -- C:\Users\Public\Desktop
[2012.05.01 18:01:42 | 000,000,000 | R--D | M] -- C:\Users\Public\Documents
[2009.07.14 06:41:57 | 000,000,000 | R--D | M] -- C:\Users\Public\Downloads
[2009.07.14 04:04:25 | 000,000,000 | RH-D | M] -- C:\Users\Public\Favorites
[2010.09.10 14:23:36 | 000,000,000 | RH-D | M] -- C:\Users\Public\Libraries
[2009.07.14 06:41:57 | 000,000,000 | R--D | M] -- C:\Users\Public\Music
[2010.11.28 10:51:32 | 000,000,000 | R--D | M] -- C:\Users\Public\Pictures
[2010.09.11 11:34:19 | 000,000,000 | R--D | M] -- C:\Users\Public\Recorded TV
[2012.08.21 14:05:30 | 000,000,000 | R--D | M] -- C:\Users\Public\Videos
[2011.01.18 21:04:39 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\.gimp-2.6
[2012.08.16 14:37:17 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\.hgt
[2011.05.29 10:38:53 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\.jordan
[2012.08.11 19:06:48 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\.swt
[2011.01.18 20:57:41 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\.thumbnails
[2010.09.10 14:23:51 | 000,000,000 | -HSD | M] -- C:\Users\zr7driver\Anwendungsdaten
[2010.09.10 14:23:51 | 000,000,000 | -H-D | M] -- C:\Users\zr7driver\AppData
[2010.09.11 13:57:02 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\Application Data
[2012.07.12 18:50:21 | 000,000,000 | R--D | M] -- C:\Users\zr7driver\Contacts
[2010.09.10 14:23:51 | 000,000,000 | -HSD | M] -- C:\Users\zr7driver\Cookies
[2012.10.10 19:57:03 | 000,000,000 | R--D | M] -- C:\Users\zr7driver\Desktop
[2012.09.29 16:08:53 | 000,000,000 | R--D | M] -- C:\Users\zr7driver\Documents
[2012.10.09 18:56:03 | 000,000,000 | R--D | M] -- C:\Users\zr7driver\Downloads
[2012.10.10 19:41:56 | 000,000,000 | R--D | M] -- C:\Users\zr7driver\Dropbox
[2010.09.10 14:23:51 | 000,000,000 | -HSD | M] -- C:\Users\zr7driver\Druckumgebung
[2010.09.10 14:23:51 | 000,000,000 | -HSD | M] -- C:\Users\zr7driver\Eigene Dateien
[2012.08.11 19:12:29 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\Eigene Routen
[2012.07.28 18:43:44 | 000,000,000 | R--D | M] -- C:\Users\zr7driver\Favorites
[2012.03.05 14:54:22 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\Handy
[2012.08.26 18:19:27 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\IGO
[2012.08.03 21:41:35 | 000,000,000 | R--D | M] -- C:\Users\zr7driver\Links
[2010.09.10 14:23:51 | 000,000,000 | -HSD | M] -- C:\Users\zr7driver\Lokale Einstellungen
[2012.10.09 09:02:41 | 000,000,000 | R--D | M] -- C:\Users\zr7driver\Music
[2010.09.10 14:23:51 | 000,000,000 | -HSD | M] -- C:\Users\zr7driver\Netzwerkumgebung
[2012.06.17 13:28:52 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\Neuer Ordner
[2012.06.17 13:29:08 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\Neuer Ordner (2)
[2012.06.17 13:29:52 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\Neuer Ordner (3)
[2012.10.02 19:47:04 | 000,000,000 | R--D | M] -- C:\Users\zr7driver\Pictures
[2012.08.20 17:46:18 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\Podcasts
[2010.09.10 14:23:51 | 000,000,000 | -HSD | M] -- C:\Users\zr7driver\Recent
[2012.07.12 18:50:22 | 000,000,000 | R--D | M] -- C:\Users\zr7driver\Saved Games
[2012.10.07 20:39:51 | 000,000,000 | R--D | M] -- C:\Users\zr7driver\Searches
[2010.09.10 14:23:51 | 000,000,000 | -HSD | M] -- C:\Users\zr7driver\SendTo
[2010.09.10 14:23:51 | 000,000,000 | -HSD | M] -- C:\Users\zr7driver\Startmenü
[2010.12.26 00:01:52 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\Tracing
[2012.09.30 13:51:29 | 000,000,000 | R--D | M] -- C:\Users\zr7driver\Videos
[2010.09.10 14:23:51 | 000,000,000 | -HSD | M] -- C:\Users\zr7driver\Vorlagen
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2010.10.28 14:18:49 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\A-Z Technology
[2010.10.02 22:04:10 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\acccore
[2012.05.30 09:44:14 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Ad-Aware Antivirus
[2011.06.13 19:49:33 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Adobe
[2010.12.16 21:21:27 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\ALK Technologies
[2011.09.09 13:46:44 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Amazon
[2011.10.29 09:06:40 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Apple Computer
[2012.05.26 21:04:40 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Ashampoo
[2012.08.11 11:42:43 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Audacity
[2011.01.26 15:58:44 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Avery
[2012.05.01 16:29:09 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\AVG2012
[2012.10.05 18:56:32 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Avira
[2010.12.04 14:50:24 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\BOM
[2012.07.06 11:12:41 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Canneverbe Limited
[2012.01.23 06:15:42 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Canon
[2010.12.21 19:26:56 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\CD-LabelPrint
[2011.06.04 13:50:55 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\CheckPoint
[2010.09.19 14:50:38 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Chilirec
[2011.09.02 19:03:03 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\COMPUTERBILD-Abzockschutz
[2012.06.03 00:15:44 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\concept design
[2012.06.21 20:11:09 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\convert
[2010.11.27 12:27:16 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Cool Record Edit Pro
[2010.11.19 12:08:31 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Corel
[2010.11.13 22:23:11 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\CyberLink
[2012.10.10 19:41:59 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Dropbox
[2010.09.11 21:55:53 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.10.23 11:56:56 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\FastStone
[2010.10.23 18:03:47 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\FinalTorrent
[2010.11.05 10:08:17 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Fixit-E28F99E6-6133-4824-AECC-4D2FB1701F0B
[2010.12.12 20:59:56 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\foobar2000
[2011.12.25 23:51:12 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Franzis
[2010.11.27 11:25:32 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Free Sound Recorder 2010
[2010.10.28 11:45:39 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\FreeCommander
[2012.10.10 12:09:45 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\FRITZ!
[2010.09.14 20:54:50 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\FRITZ!fax für FRITZ!Box
[2012.06.03 20:12:55 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Geek Uninstaller
[2012.08.23 18:51:08 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\GeoSetter
[2011.01.21 23:12:47 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\GetRightToGo
[2010.09.24 14:52:19 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\GlarySoft
[2011.01.18 20:57:44 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\gtk-2.0
[2012.07.18 09:51:28 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\HTC
[2011.06.13 19:56:38 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1
[2012.05.29 16:30:38 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\ICQ
[2010.09.10 14:24:11 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Identities
[2010.11.16 21:01:55 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\InstallShield
[2012.07.28 18:43:35 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\IObit
[2012.07.12 11:53:07 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\IrfanView
[2012.06.05 16:42:29 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\iSpy
[2012.09.29 16:19:37 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Lexware
[2010.09.13 11:15:13 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\LG Electronics
[2010.09.10 14:47:37 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Macromedia
[2011.12.26 15:19:54 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\MAGIX
[2012.04.06 22:14:51 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Malwarebytes
[2010.10.28 14:25:13 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Marine Aquarium 3
[2009.07.14 10:56:41 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Media Center Programs
[2012.04.09 20:31:48 | 000,000,000 | --SD | M] -- C:\Users\zr7driver\AppData\Roaming\Microsoft
[2011.06.04 09:41:15 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Miranda
[2011.05.01 19:40:34 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Miranda Fusion
[2011.12.16 20:49:54 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\motorola
[2012.07.04 10:14:43 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Motorola Mobility
[2010.09.12 23:24:34 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Mozilla
[2012.06.10 17:56:08 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\MyPhoneExplorer
[2011.10.23 12:38:31 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\NCH Software
[2010.09.24 15:28:50 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Need for Speed World
[2012.10.10 20:14:45 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\NetSpeedMonitor
[2011.02.03 11:47:02 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Nokia
[2011.02.03 11:47:05 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Nokia Ovi Suite
[2010.09.20 10:01:58 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\OpenOffice.org
[2011.06.14 18:11:07 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Outlook
[2011.04.03 16:48:53 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\PC Suite
[2012.07.29 11:28:54 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\QuickScan
[2012.06.03 00:18:52 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Real
[2012.06.03 00:19:00 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\RealNetworks
[2011.01.06 14:37:49 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Recolored
[2012.06.03 09:29:45 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Samsung
[2010.12.13 18:44:15 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\ScanSoft
[2012.10.07 14:09:28 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Skype
[2012.04.09 20:31:38 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\skypePM
[2010.10.28 14:56:56 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\soft-evolution
[2012.09.17 10:23:30 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\SoftMaker
[2012.08.18 20:34:51 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Sony
[2010.10.29 01:45:32 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\streamripper
[2012.06.03 09:41:32 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Temp
[2010.09.20 09:33:23 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Template
[2010.09.12 23:24:33 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Thunderbird
[2010.12.18 13:25:50 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\TomTom
[2010.12.12 21:19:08 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Uniblue
[2012.09.26 09:24:10 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\vlc
[2012.01.08 00:12:50 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Weather Pulse
[2012.02.24 14:52:39 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\WeatherWatcherLive
[2010.12.26 00:01:52 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Winamp
[2010.10.23 19:53:19 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\WinRAR
[2012.10.10 19:43:04 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Wise Care 365
[2012.09.10 14:08:58 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Yahoo!
 
< %APPDATA%\*.exe /s >
[2011.12.25 23:48:53 | 000,709,568 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\unins000.exe
[2009.08.10 04:15:00 | 000,563,056 | ---- | M] (Avery Dennison Corporation. Envel Informationssysteme GmbH.) -- C:\Users\zr7driver\AppData\Roaming\Avery\Avery Wizard 3.1\AZWizard.exe
[2012.06.21 20:13:57 | 012,697,088 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\convert\convert.exe
[2012.07.25 04:08:10 | 026,909,544 | ---- | M] (Dropbox, Inc.) -- C:\Users\zr7driver\AppData\Roaming\Dropbox\bin\Dropbox.exe
[2012.07.25 04:08:14 | 000,874,424 | ---- | M] (Dropbox, Inc.) -- C:\Users\zr7driver\AppData\Roaming\Dropbox\bin\DropboxUpdateHelper.exe
[2012.07.25 04:08:20 | 000,181,784 | ---- | M] (Dropbox, Inc.) -- C:\Users\zr7driver\AppData\Roaming\Dropbox\bin\Uninstall.exe
[2012.08.18 07:23:58 | 004,907,207 | ---- | M] (Phil Harvey) -- C:\Users\zr7driver\AppData\Roaming\GeoSetter\tools\exiftool(-k).exe
[2010.09.13 12:10:23 | 000,053,248 | R--- | M] (Acresso Software Inc.) -- C:\Users\zr7driver\AppData\Roaming\Microsoft\Installer\{3E8DE1A6-B365-4FF6-B917-2892A34990E8}\ARPPRODUCTICON.exe
[2011.10.01 17:52:52 | 000,137,750 | R--- | M] () -- C:\Users\zr7driver\AppData\Roaming\Microsoft\Installer\{5D5509EA-B85A-411E-AB75-59069A411876}\_6199747583AC94FD011270.exe
[2011.10.01 17:52:52 | 000,137,750 | R--- | M] () -- C:\Users\zr7driver\AppData\Roaming\Microsoft\Installer\{5D5509EA-B85A-411E-AB75-59069A411876}\_7A9B8CB6BE7902E1058674.exe
[2011.10.01 17:52:52 | 000,137,750 | R--- | M] () -- C:\Users\zr7driver\AppData\Roaming\Microsoft\Installer\{5D5509EA-B85A-411E-AB75-59069A411876}\_853F67D554F05449430E7E.exe
[2011.10.01 17:52:52 | 000,010,134 | R--- | M] () -- C:\Users\zr7driver\AppData\Roaming\Microsoft\Installer\{5D5509EA-B85A-411E-AB75-59069A411876}\_9E1C27574C0C6A1F98F273.exe
[2011.01.26 15:58:48 | 000,010,134 | R--- | M] () -- C:\Users\zr7driver\AppData\Roaming\Microsoft\Installer\{77077FFF-8831-470F-9627-E86F06A50CCD}\ARPPRODUCTICON.exe
[2012.04.15 21:34:06 | 000,675,840 | ---- | M] (Maximilian Stangel) -- C:\Users\zr7driver\AppData\Roaming\Microsoft\Windows\Templates\BLT11-12_206.exe
[2011.01.16 11:17:32 | 000,510,120 | ---- | M] (RealNetworks, Inc.) -- C:\Users\zr7driver\AppData\Roaming\Real\Update\setup3.13\setup.exe
[2012.05.30 15:27:54 | 000,315,544 | ---- | M] (RealNetworks, Inc.) -- C:\Users\zr7driver\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\9.11\rnupgagent.exe
[2012.05.30 18:29:03 | 027,381,184 | ---- | M] (RealNetworks, Inc.) -- C:\Users\zr7driver\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\9.11\stub_data\RealPlayer.exe
[2012.05.30 18:28:15 | 000,692,480 | ---- | M] (RealNetworks, Inc.) -- C:\Users\zr7driver\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\9.11\stub_exe\RealPlayer.exe
[2012.05.30 03:17:52 | 000,958,392 | ---- | M] (Samsung) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\Kies.exe
[2012.05.30 03:17:54 | 000,278,968 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\KiesDriverInstaller.exe
[2012.05.23 18:51:18 | 000,318,976 | ---- | M] (Samsung) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\KiesLogger.exe
[2012.05.30 03:17:54 | 003,521,464 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\KiesTrayAgent.exe
[2012.05.23 18:50:32 | 000,180,224 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\DeviceModules\ConnectionManager.exe
[2012.05.23 18:50:32 | 000,321,024 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\DeviceModules\DeviceDataService.exe
[2012.05.30 02:49:14 | 000,721,920 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\DeviceModules\DeviceManager.exe
[2012.05.30 03:18:02 | 000,067,512 | ---- | M] (Samsung) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\DeviceModules\Kies_Tutorial.exe
[2012.05.23 18:50:18 | 000,106,960 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\FirmwareUpdate\AgentInstaller.exe
[2012.05.23 18:50:18 | 000,101,328 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\FirmwareUpdate\AgentUpdate.exe
[2012.05.30 03:18:04 | 000,183,736 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\FirmwareUpdate\BinaryLoaderMgr.exe
[2012.05.30 03:18:06 | 000,021,432 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\FirmwareUpdate\KiesPDLR.exe
[2012.05.30 03:18:08 | 003,570,352 | ---- | M] (Freeware) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\MediaModules\MyFreeCodecPack.exe
[2012.05.23 18:50:02 | 000,221,184 | ---- | M] (ENJsoft corp.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\TransModules\SelfMV.exe
[2012.05.23 18:50:04 | 000,061,440 | ---- | M] (ENJsoft corp.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\TransModules\SelfMV2.exe
[2012.05.30 03:18:10 | 000,371,128 | ---- | M] (ml) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\Updater\Kies.Update.exe
[2012.05.23 18:49:28 | 024,162,120 | ---- | M] (SAMSUNG Electronics Co., Ltd.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\USB Driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe
[2012.08.31 02:52:12 | 000,964,024 | ---- | M] (Samsung) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\Kies.exe
[2012.08.28 03:06:22 | 000,291,840 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\KiesAgent.exe
[2012.08.31 02:52:14 | 000,278,968 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\KiesDriverInstaller.exe
[2012.08.28 03:06:22 | 000,320,512 | ---- | M] (Samsung) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\KiesLogger.exe
[2012.08.31 02:52:14 | 003,524,536 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\KiesTrayAgent.exe
[2012.08.28 03:05:28 | 000,182,784 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\ConnectionManager.exe
[2012.08.28 03:05:28 | 000,322,048 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\DeviceDataService.exe
[2012.08.28 03:05:32 | 000,717,312 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\DeviceManager.exe
[2012.08.31 02:52:18 | 000,067,512 | ---- | M] (Samsung) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\Kies_Tutorial.exe
[2012.08.28 03:05:28 | 000,057,344 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\RegisterCOM.exe
[2012.08.28 03:05:14 | 000,106,960 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\FirmwareUpdate\AgentInstaller.exe
[2012.08.28 03:05:14 | 000,101,328 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\FirmwareUpdate\AgentUpdate.exe
[2012.08.31 02:52:20 | 000,183,736 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\FirmwareUpdate\BinaryLoaderMgr.exe
[2012.08.31 02:52:22 | 000,021,432 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\FirmwareUpdate\KiesPDLR.exe
[2012.08.31 02:52:24 | 003,765,256 | ---- | M] (Freeware) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\MediaModules\MyFreeCodecPack.exe
[2012.08.28 03:05:02 | 000,262,144 | ---- | M] (ENJsoft corp.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\TransModules\SelfMV.exe
[2012.08.28 03:05:02 | 000,090,112 | ---- | M] (ENJsoft corp.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\TransModules\SelfMV2.exe
[2012.08.31 02:52:26 | 000,593,848 | ---- | M] (ml) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\Updater\Kies.Update.exe
[2012.08.28 03:04:28 | 024,177,352 | ---- | M] (SAMSUNG Electronics Co., Ltd.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\USB Driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe
[2012.05.30 03:18:10 | 000,371,128 | ---- | M] (ml) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Temp\Kies.Update.exe
[2012.08.31 02:52:26 | 000,593,848 | ---- | M] (ml) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Updater\Kies.Update.exe
[2012.02.26 12:57:16 | 005,070,960 | ---- | M] (Uniblue Systems Ltd                                         ) -- C:\Users\zr7driver\AppData\Roaming\Uniblue\SystemTweaker\_temp\ub.exe
 
< %SYSTEMDRIVE%\*.exe >
[2010.03.10 18:51:36 | 000,008,904 | ---- | M] (HTC) -- C:\EnterBootloader.exe
[2010.03.10 18:51:36 | 000,175,304 | ---- | M] (HTC) -- C:\rapitool.exe
[2010.03.10 18:51:36 | 000,013,512 | ---- | M] () -- C:\RUUGetInfo.exe
[2010.03.10 18:54:08 | 001,481,928 | ---- | M] (HTC) -- C:\task29.exe
 
< MD5 for: AGP440.SYS  >
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
 
< MD5 for: EVENTLOG.DLL  >
[2010.07.06 12:53:22 | 000,043,520 | ---- | M] (Panasonic Corporation) MD5=536BD91DA54844945AF4971D877692D4 -- C:\Program Files\Panasonic\PHOTOfunSTUDIO 5.2 HD\Core\EventLog\EventLog.dll
[2008.06.06 15:03:52 | 000,007,216 | ---- | M] () MD5=C2A279A458A06DE2C83D842AA042B5A8 -- C:\Program Files\CyberLink\PowerDirector\EventLog.dll
 
< MD5 for: IASTORV.SYS  >
[2011.03.11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\drivers\iaStorV.sys
[2011.03.11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_b0daddb9e6380745\iaStorV.sys
[2011.03.11 07:43:55 | 000,332,160 | ---- | M] (Intel Corporation) MD5=71F1A494FEDF4B33C02C4A6A28D6D9E9 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_aef580fde910b4b0\iaStorV.sys
[2011.03.11 07:28:00 | 000,332,160 | ---- | M] (Intel Corporation) MD5=778D0E6D7D9EBA0C403BADBAAD41DB20 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_b152a892ff64119f\iaStorV.sys
[2009.07.14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys
[2010.11.20 14:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_668286aa35d55928\iaStorV.sys
[2010.11.20 14:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_b118bc63e60a139a\iaStorV.sys
[2011.03.11 07:52:21 | 000,332,160 | ---- | M] (Intel Corporation) MD5=B9039A34C2F8769490DCC494E2402445 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_afae2d45020c148b\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\System32\netlogon.dll
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_ffbf212e963c0162\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2011.03.11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\drivers\nvstor.sys
[2011.03.11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_3ba44e691d6eb11d\nvstor.sys
[2011.03.11 07:44:01 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4520B63899E867F354EE012D34E11536 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_39bef1ad20475e88\nvstor.sys
[2011.03.11 07:28:10 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=66D468654A58594F5F3BA63D5AD5B1AF -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_3c1c1942369abb77\nvstor.sys
[2011.03.11 07:52:25 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=8A7583A3B58D3EEB28BB26626526BC91 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_3a779df43942be63\nvstor.sys
[2010.11.20 14:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.20 14:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvstor.sys
[2009.07.14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys
 
< MD5 for: NVSTOR32.SYS  >
[2009.06.30 17:32:54 | 000,212,000 | ---- | M] (NVIDIA Corporation) MD5=032EF66DD96692AD3A9D36160F467F67 -- C:\Medion\Chipset\Win7Vista32_new_15.46\Win7Vista32\International\IDE\Win7\sata_ide\nvstor32.sys
[2009.06.30 17:32:54 | 000,212,000 | ---- | M] (NVIDIA Corporation) MD5=032EF66DD96692AD3A9D36160F467F67 -- C:\Medion\Chipset\Win7Vista32_new_15.46\Win7Vista32\International\IDE\WinVista\sata_ide\nvstor32.sys
[2009.06.30 17:32:54 | 000,212,000 | ---- | M] (NVIDIA Corporation) MD5=032EF66DD96692AD3A9D36160F467F67 -- C:\Windows\System32\drivers\nvstor32.sys
[2009.06.30 17:32:54 | 000,212,000 | ---- | M] (NVIDIA Corporation) MD5=032EF66DD96692AD3A9D36160F467F67 -- C:\Windows\System32\DriverStore\FileRepository\nvstor32.inf_x86_neutral_68640c3c72cad0af\nvstor32.sys
[2009.06.30 17:33:08 | 000,212,000 | ---- | M] (NVIDIA Corporation) MD5=3A1A03FF72DF7114B35AE0FD6781464D -- C:\Medion\Chipset\Win7Vista32_new_15.46\Win7Vista32\International\IDE\Win7\sataraid\nvstor32.sys
[2009.06.30 17:33:08 | 000,212,000 | ---- | M] (NVIDIA Corporation) MD5=3A1A03FF72DF7114B35AE0FD6781464D -- C:\Medion\Chipset\Win7Vista32_new_15.46\Win7Vista32\International\IDE\WinVista\sataraid\nvstor32.sys
 
< MD5 for: SCECLI.DLL  >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll
 
< MD5 for: USER32.DLL  >
[2009.07.14 03:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=34B7E222E81FAFA885F0C5F2CFA56861 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_cd0ec264ceb014a3\user32.dll
[2010.11.20 14:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\System32\user32.dll
[2010.11.20 14:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_cf3fd62ccb9e983d\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
 
< MD5 for: WININIT.EXE  >
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\System32\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe
 
< MD5 for: WINLOGON.EXE  >
[2009.10.28 08:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009.10.28 07:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2012.09.07 17:04:42 | 000,218,696 | ---- | M] () MD5=4E0D8C9F83B7FD82393F7D8CCC27E7AE -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2010.11.20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010.11.20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009.07.14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2009.07.14 01:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2009.07.14 01:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_4f5cf6f829213bb2\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
[2011.05.01 16:21:48 | 000,353,792 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\dxtmsft.dll
[2011.05.01 16:21:48 | 000,223,232 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\dxtrans.dll
[2009.07.14 03:15:21 | 000,462,848 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\FirewallAPI.dll
 
<           >
[2009.07.14 06:53:46 | 000,032,632 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009.07.14 06:53:47 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2010.09.12 21:18:04 | 000,001,100 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2010.09.12 21:18:05 | 000,001,104 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2010.09.24 14:31:09 | 000,000,322 | ---- | C] () -- C:\Windows\Tasks\GlaryInitialize.job
[2012.03.07 14:21:41 | 000,000,922 | ---- | C] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2688999502-884777346-3256751407-1001Core.job
[2012.03.07 14:21:43 | 000,000,944 | ---- | C] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2688999502-884777346-3256751407-1001UA.job
[2012.03.30 04:45:50 | 000,000,884 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2012.09.28 22:24:17 | 000,000,406 | ---- | C] () -- C:\Windows\Tasks\Wise Care 365.job

< End of report >
         

Antwort

Themen zu In jedem Textfeld erscheinen ständig unendlich viele *x*
adresse, adressen, avast, avira, backdoor.msil.pgen, erscheine, erscheinen, ersetzt, install.exe, inter, interne, internetadresse, kaspersky, laptop, loadtbs-3.0, malware.packer.as, online, tagen, unendlich



Ähnliche Themen: In jedem Textfeld erscheinen ständig unendlich viele *x*


  1. Win 10 erstellt unendlich Ordner
    Log-Analyse und Auswertung - 05.08.2015 (5)
  2. System ist seit einiger Zeit unendlich langsam, Trojaner?
    Plagegeister aller Art und deren Bekämpfung - 08.04.2015 (9)
  3. Windows 8.1 Malware B findet viele Enträge, Rechner langsam, Maus wechselt ständig in Sanduhr
    Log-Analyse und Auswertung - 03.03.2015 (9)
  4. Bei jedem Click ständig popups!
    Plagegeister aller Art und deren Bekämpfung - 30.05.2014 (1)
  5. Windows Vista stürzt ab und ist unendlich langsam
    Plagegeister aller Art und deren Bekämpfung - 24.03.2014 (16)
  6. Ständig unaufgeforderte Werbefenster Pop-Ups erscheinen beim Surfen
    Log-Analyse und Auswertung - 07.01.2014 (11)
  7. Windows fährt hoch, läd dann aber unendlich lang
    Plagegeister aller Art und deren Bekämpfung - 09.07.2013 (1)
  8. Unendlich viele Mails mit Betreff 'Mail delivery failed:...' und im Subject My Dirty Hobby.de
    Plagegeister aller Art und deren Bekämpfung - 11.04.2013 (7)
  9. service.exe stellt ständig sehr viele Verbindungen mit dem Internet her
    Plagegeister aller Art und deren Bekämpfung - 04.09.2012 (1)
  10. Hatte eine smitfraud Variante auf einem Rechner und viele viele andere malware
    Log-Analyse und Auswertung - 06.01.2011 (0)
  11. Internet mach unendlich viele fenster auf.
    Alles rund um Windows - 17.11.2010 (1)
  12. Firefix startet unendlich Fenster beim Starten
    Plagegeister aller Art und deren Bekämpfung - 08.12.2009 (4)
  13. Google leite auf windowsclick weiter, Pc unendlich langsam
    Plagegeister aller Art und deren Bekämpfung - 22.03.2009 (8)
  14. "Programm muss beendet werden"+Unendlich viele Spybot Meldungen!
    Log-Analyse und Auswertung - 02.03.2008 (2)
  15. pc strartet nicht , öädt nur unendlich
    Alles rund um Windows - 17.10.2007 (3)
  16. viren namens gpxjpvty.dll,ie öffnet unendlich tabs...
    Log-Analyse und Auswertung - 01.03.2007 (2)

Zum Thema In jedem Textfeld erscheinen ständig unendlich viele *x* - Seit ein paar Tagen erscheinen in jedem Textfeld unendlich viele *x*! Egal ob online oder nicht. Manchmal sind sogar ganze Internetadressen durch *x* ersetzt! Alle Rettungsversuche sind bis jetzt gescheitert. - In jedem Textfeld erscheinen ständig unendlich viele *x*...
Archiv
Du betrachtest: In jedem Textfeld erscheinen ständig unendlich viele *x* auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.