Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Grauer Bildschirm nach Windowsstart

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 06.02.2013, 15:25   #1
knoden
 
Grauer Bildschirm nach Windowsstart - Standard

Grauer Bildschirm nach Windowsstart



Hallo,
Mein Problem ist, dass nach dem Systemstart sich nach wenigen Sekunden ein graues Fenster öffnet, das den kompletten Bildschirm ausfüllt und sich immer in den Vordergrund stellt.
Ich habe bisher 3 Mal den Strom gekappt und natürlich wieder das selbe Ergenis bekommen.
Wie soll ich vorgehen?
PS: Habe einen Zweit-PC ohne Brenner.

Danke im Voraus.

Alt 06.02.2013, 15:28   #2
markusg
/// Malware-holic
 
Grauer Bildschirm nach Windowsstart - Standard

Grauer Bildschirm nach Windowsstart



hi
dann evtl. bei nem Bekannten brennen:
Mit einem sauberen 2. Rechner eine OTLPE-CD erstellen und den infizierten Rechner dann von dieser CD booten:

Falls Du kein Brennprogramm installiert hast, lade dir bitte ISOBurner herunter. Das Programm wird Dir erlauben, OTLPE auf eine CD zu brennen und sie bootfähig zu machen. Du brauchst das Tool nur zu installieren, der Rest läuft automatisch => Wie brenne ich eine ISO Datei auf CD/DVD.


Lade OTLpe Download OTLPENet.exe von OldTimer herunter und speichere sie auf Deinem Desktop. Anmerkung: Die Datei ist ca. 120 MB groß und es wird bei langsamer Internet-Verbindung ein wenig dauern, bis Du sie runtergeladen hast.
  • Wenn der Download fertig ist, mache einen Doppelklick auf die Datei und beantworte die Frage "Do you want to burn the CD?" mit Yes.
  • Lege eine leere CD in Deinen Brenner.
  • ImgBurn (oder Dein Brennprogramm) wird das Archiv extrahieren und OTLPE Network auf die CD brennen.
  • Wenn der Brenn-Vorgang abgeschlossen ist, wirst Du eine Dialogbox sehen => "Operation successfully completed".
  • Du kannst nun die Fenster des Brennprogramms schließen.
Nun boote von der OTLPE CD. Hinweis: Wie boote ich von CD


Bebilderte Anleitung: OTLpe-Scan
  • Dein System sollte nach einigen Minuten den REATOGO-X-PE Desktop anzeigen.
  • Mache einen Doppelklick auf das OTLPE Icon.
  • Hinweis: Damit OTLPE auch das richtige installierte Windows scant, musst du den Windows-Ordner des auf der Platte installierten Windows auswählen, einfach nur C: auswählen gibt einen Fehler!
  • Wenn Du gefragt wirst "Do you wish to load the remote registry", dann wähle Yes.
  • Wenn Du gefragt wirst "Do you wish to load remote user profile(s) for scanning", dann wähle Yes.
  • Vergewissere Dich, dass die Box "Automatically Load All Remaining Users" gewählt ist und drücke OK.
  • OTLpe sollte nun starten.
  • Drücke Run Scan, um den Scan zu starten.
  • Wenn der Scan fertig ist, werden die Dateien C:\OTL.Txt und C:\Extras.Txt erstellt
  • Kopiere diese Datei auf Deinen USB-Stick, wenn Du keine Internetverbindung auf diesem System hast.
  • Bitte poste den Inhalt von C:\OTL.txt und Extras.txt.
__________________

__________________

Alt 09.02.2013, 20:20   #3
knoden
 
Grauer Bildschirm nach Windowsstart - Standard

Grauer Bildschirm nach Windowsstart



So, habe alles wie in der Anleitung gemacht.

hier die Log Dateien:OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 2/9/2013 8:04:35 PM - Run 
OTLPE by OldTimer - Version 3.1.48.0     Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 92.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 298.08 Gb Total Space | 19.27 Gb Free Space | 6.47% Space Free | Partition Type: NTFS
Drive D: | 14.44 Gb Total Space | 8.57 Gb Free Space | 59.36% Space Free | Partition Type: FAT32
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet003
 
========== Win32 Services (SafeList) ==========
 
SRV - File not found [Disabled] --  -- (WMPNetworkSvc)
SRV - File not found [On_Demand] --  -- (ServiceLayer)
SRV - File not found [Auto] --  -- (PowerManager)
SRV - File not found [On_Demand] --  -- (AppMgmt)
SRV - File not found [Disabled] --  -- (a2free)
SRV - [2012/11/08 12:44:46 | 000,161,768 | ---- | M] (Oracle Corporation) [Auto] -- C:\Programme\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2012/07/13 06:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/02/08 19:28:00 | 000,342,984 | ---- | M] () [Auto] -- C:\Programme\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Service.exe -- (ALDITALKVerbindungsassistent_Service)
SRV - [2011/12/26 07:46:42 | 000,375,872 | ---- | M] (Ralink Technology, Corp.) [Auto] -- C:\Programme\TP-LINK\TP-LINK Wireless Configuration Utility\Service\RaRegistry.exe -- (RalinkRegistryWriter)
SRV - [2011/03/16 03:42:06 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand] -- C:\Programme\Gemeinsame Dateien\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011/02/18 09:37:16 | 000,037,664 | ---- | M] (Apple Inc.) [Auto] -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/03/04 16:38:00 | 000,071,096 | ---- | M] () [Auto] -- C:\Programme\CDBurnerXP\NMSAccessU.exe -- (NMSAccess)
SRV - [2009/09/24 14:53:22 | 000,238,952 | ---- | M] (Teruten) [Auto] -- C:\WINDOWS\system32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2009/08/18 05:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2009/07/26 00:43:14 | 000,025,832 | ---- | M] (BioWare) [On_Demand] -- C:\Games\Dragon Age\bin_ship\daupdatersvc.service.exe -- (DAUpdaterSvc)
SRV - [2009/03/03 06:45:11 | 000,296,400 | ---- | M] () [Auto] -- C:\Programme\Verbindungsassistent\WTGService.exe -- (WTGService)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] --  -- (PDCOMP)
DRV - File not found [Kernel | System] --  -- (PCIDump)
DRV - File not found [Kernel | System] --  -- (lbrtfdc)
DRV - File not found [File_System | Boot] --  -- (Lbd)
DRV - File not found [Kernel | System] --  -- (i2omgmt)
DRV - File not found [Kernel | On_Demand] --  -- (FXDrv32)
DRV - File not found [Kernel | System] --  -- (Changer)
DRV - File not found [Kernel | On_Demand] --  -- (BTWUSB)
DRV - File not found [Kernel | On_Demand] --  -- (btwhid)
DRV - File not found [Kernel | On_Demand] --  -- (BTWDNDIS)
DRV - File not found [Kernel | On_Demand] --  -- (BTDriver)
DRV - File not found [Kernel | On_Demand] --  -- (btaudio)
DRV - File not found [Kernel | On_Demand] --  -- (bDMusicb)
DRV - [2012/02/14 07:07:52 | 001,139,040 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\rt2870.sys -- (rt2870)
DRV - [2012/02/08 19:28:01 | 000,101,760 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2011/12/26 07:46:48 | 000,019,072 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\Scutum50.sys -- (Scutum50)
DRV - [2010/10/12 17:05:51 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2010/04/27 18:57:28 | 000,066,632 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\WmXlCore.sys -- (WmXlCore)
DRV - [2010/04/27 18:57:28 | 000,015,048 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\WmVirHid.sys -- (WmVirHid)
DRV - [2010/04/27 18:57:22 | 000,022,856 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\WmBEnum.sys -- (WmBEnum)
DRV - [2010/04/27 16:01:26 | 000,037,704 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\WmFilter.sys -- (WmFilter)
DRV - [2010/04/19 13:29:20 | 000,018,432 | ---- | M] (Apple Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\netaapl.sys -- (Netaapl)
DRV - [2010/02/11 07:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)
DRV - [2010/02/03 08:56:56 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2009/11/12 07:48:56 | 000,007,168 | ---- | M] () [File_System | On_Demand] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2009/10/22 06:18:52 | 000,281,760 | ---- | M] () [Kernel | Auto] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2009/10/22 06:18:50 | 000,025,888 | ---- | M] () [Kernel | Auto] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2009/09/21 03:33:06 | 000,036,608 | ---- | M] () [Kernel | On_Demand] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2008/10/03 18:29:30 | 003,331,584 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2008/07/24 05:02:44 | 004,749,824 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008/04/29 04:31:00 | 000,143,328 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\RtHDMIV.sys -- (RTHDMIAzAudService)
DRV - [2008/03/16 17:19:58 | 000,175,104 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\k57xp32.sys -- (k57w2k) Broadcom NetLink (TM)
DRV - [2007/12/28 09:02:12 | 000,287,232 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wg111v3.sys -- (RTL8187B)
DRV - [2007/10/01 21:06:40 | 000,451,968 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\rt73.sys -- (RT73)
DRV - [2007/09/17 09:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007/07/03 10:58:20 | 000,106,792 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2007/07/03 10:57:24 | 000,011,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2007/07/03 10:54:24 | 000,080,552 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
DRV - [2007/03/27 11:19:36 | 010,252,544 | ---- | M] (Sonix Co. Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\snpstd3.sys -- (SNPSTD3) USB PC Camera (SNPSTD3)
DRV - [2006/04/05 19:00:00 | 000,264,704 | ---- | M] (AVM GmbH) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\fwlanusb.sys -- (FWLANUSB)
DRV - [2005/11/10 13:54:56 | 000,402,944 | R--- | M] (Belkin Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\BLKWGU.sys -- (BLKWGU(Belkin)) Belkin Wireless G USB Network Adapter(Belkin)
DRV - [2004/10/25 07:40:58 | 000,017,664 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ZDPSp50.sys -- (ZDPSp50)
DRV - [2001/08/17 07:51:32 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\irsir.sys -- (irsir)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\Knoden_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = Suche
IE - HKU\Knoden_ON_C\..\URLSearchHook: {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - Reg Error: Key error. File not found
IE - HKU\Knoden_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\Knoden_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local
IE - HKU\Knoden_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 212.23.97.9:8080
 
 
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:9.0.0.459
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..network.proxy.type: 0
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Programme\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0:  File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@zylom.com/ZylomGamesPlayer:  File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Programme\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Components: C:\Programme\Mozilla Firefox\components [2012/10/15 13:29:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2012/11/08 12:45:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 16.0.2\extensions\\Components: C:\Programme\Mozilla Thunderbird\components [2012/11/14 04:20:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 16.0.2\extensions\\Plugins: C:\Programme\Mozilla Thunderbird\plugins
 
[2009/03/07 13:15:24 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\mozilla\Extensions
[2013/01/16 05:55:38 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\mozilla\Firefox\Profiles\pu8pe171.default\extensions
[2010/05/06 09:37:50 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\mozilla\Firefox\Profiles\pu8pe171.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2010/01/06 10:46:17 | 000,000,000 | ---D | M] (DVDVideoSoft Toolbar) -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\mozilla\Firefox\Profiles\pu8pe171.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}
[2012/10/15 13:29:18 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2009/07/03 11:45:03 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- C:\Programme\Mozilla Firefox\extensions\linkfilter@kaspersky.ru
File not found (No name found) -- 
[2012/10/10 20:05:24 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll
[2012/10/10 21:10:32 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012/10/10 21:10:32 | 000,002,465 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml
[2012/10/10 21:10:32 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2012/10/10 21:10:32 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2012/10/10 21:10:32 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2012/10/10 21:10:32 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2006/02/28 07:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - No CLSID value found.
O3 - HKU\Knoden_ON_C\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [HydraVisionDesktopManager] C:\Programme\ATI Technologies\ATI HYDRAVISION\HydraDM.exe (ATI Technologies Inc.)
O4 - HKLM..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe ()
O4 - HKLM..\Run: [Start WingMan Profiler] C:\Programme\Logitech\Gaming Software\LWEMon.exe (Logitech Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [svñhîst]  File not found
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Launcher.lnk = C:\Programme\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Launcher.exe ()
O4 - Startup: C:\Dokumente und Einstellungen\Knoden\Startmenü\Programme\Autostart\OpenOffice.org 3.3.lnk = C:\Programme\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Knoden_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun =  [binary data]
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9 - Extra Button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Programme\ICQ7.4\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Programme\ICQ7.4\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} -  File not found
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -  File not found
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -  File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} hxxp://icq.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab (Oberon Flash Game Host)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: 
O24 - Desktop BackupWallPaper: 
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/02/07 22:25:09 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{4ed01a02-ade5-11df-af80-001fe262301e}\Shell - "" = AutoRun
O33 - MountPoints2\{4ed01a02-ade5-11df-af80-001fe262301e}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{4ed01a02-ade5-11df-af80-001fe262301e}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{4ed01a03-ade5-11df-af80-001fe262301e}\Shell - "" = AutoRun
O33 - MountPoints2\{4ed01a03-ade5-11df-af80-001fe262301e}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{4ed01a03-ade5-11df-af80-001fe262301e}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{584ea0ae-7009-11df-af5d-001fe262301e}\Shell - "" = AutoRun
O33 - MountPoints2\{584ea0ae-7009-11df-af5d-001fe262301e}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{584ea0ae-7009-11df-af5d-001fe262301e}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{584ea0b3-7009-11df-af5d-001fe262301e}\Shell - "" = AutoRun
O33 - MountPoints2\{584ea0b3-7009-11df-af5d-001fe262301e}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{584ea0b3-7009-11df-af5d-001fe262301e}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{5ff80ac2-f74c-11e0-b0e0-001fe262301e}\Shell - "" = AutoRun
O33 - MountPoints2\{5ff80ac2-f74c-11e0-b0e0-001fe262301e}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{5ff80ac2-f74c-11e0-b0e0-001fe262301e}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{5ff80ac5-f74c-11e0-b0e0-001fe262301e}\Shell - "" = AutoRun
O33 - MountPoints2\{5ff80ac5-f74c-11e0-b0e0-001fe262301e}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{5ff80ac5-f74c-11e0-b0e0-001fe262301e}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{d9b03e50-04ea-11df-aef5-001fe262301e}\Shell - "" = AutoRun
O33 - MountPoints2\{d9b03e50-04ea-11df-aef5-001fe262301e}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{d9b03e50-04ea-11df-aef5-001fe262301e}\Shell\AutoRun\command - "" = E:\pushinst.exe
O33 - MountPoints2\{ffb7adfa-5a3a-11e1-b17b-001fe262301e}\Shell - "" = AutoRun
O33 - MountPoints2\{ffb7adfa-5a3a-11e1-b17b-001fe262301e}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{ffb7adfa-5a3a-11e1-b17b-001fe262301e}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vektorgrafik-Rendering (VML)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML-Datenbindung für Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Erweitertes Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {8937FCB2-2FC6-4FC3-9FB5-DE2C92DB9C38} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {A0739DE2-571F-11D2-A031-0060977F760C} - InterActual PCFriendly ActiveX Control
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C3C986D6-06B1-43BF-90DD-BE30756C00DE} - RevokedRootsUpdate
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Taskplaner
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Macromedia Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
 
NetSvcs: AppMgmt -  File not found
NetSvcs: Ias -  File not found
NetSvcs: Iprip -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: WmdmPmSp -  File not found
 
MsConfig - Services: "TuneUp.ProgramStatisticsSvc"
MsConfig - Services: "TuneUp.Defrag"
MsConfig - Services: "WMPNetworkSvc"
MsConfig - Services: "TunngleService"
MsConfig - Services: "gupdate1c9da1fc6c11eda"
MsConfig - Services: "btwdins"
MsConfig - Services: "a2free"
MsConfig - StartUpFolder: C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Belkin Wireless USB Utility.lnk -  - File not found
MsConfig - StartUpFolder: C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^BTTray.lnk -  - File not found
MsConfig - StartUpFolder: C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^TP-LINK Wireless Configuration Utility.lnk - C:\Programme\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe - ()
MsConfig - StartUpFolder: C:^Dokumente und Einstellungen^Knoden^Startmenü^Programme^Autostart^OpenOffice.org 3.0.lnk - C:\Programme\OpenOffice.org 3\program\quickstart.exe - ()
MsConfig - StartUpReg: Adobe ARM - hkey= - key= - C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= -  File not found
MsConfig - StartUpReg: AppleSyncNotifier - hkey= - key= - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
MsConfig - StartUpReg: AutoStartNPSAgent - hkey= - key= - C:\Programme\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.)
MsConfig - StartUpReg: DAEMON Tools Lite - hkey= - key= - C:\Programme\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
MsConfig - StartUpReg: F5D7050v3 - hkey= - key= -  File not found
MsConfig - StartUpReg: ICQ - hkey= - key= - C:\Programme\ICQ7.4\ICQ.exe (ICQ, LLC.)
MsConfig - StartUpReg: iTunesHelper - hkey= - key= - C:\Programme\iTunes\iTunesHelper.exe (Apple Inc.)
MsConfig - StartUpReg: LogMeIn Hamachi Ui - hkey= - key= -  File not found
MsConfig - StartUpReg: NPSStartup - hkey= - key= -  File not found
MsConfig - StartUpReg: QuickTime Task - hkey= - key= -  File not found
MsConfig - StartUpReg: RGSC - hkey= - key= -  File not found
MsConfig - StartUpReg: Skype - hkey= - key= - C:\Programme\Skype\Phone\Skype.exe (Skype Technologies S.A.)
MsConfig - StartUpReg: StartCCC - hkey= - key= -  File not found
MsConfig - StartUpReg: Steam - hkey= - key= - C:\Programme\Steam\Steam.exe (Valve Corporation)
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 2
MsConfig - State: "startup" - 2
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013/01/17 05:11:50 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Knoden\Eigene Dateien\gegl-0.0
[2013/01/13 15:52:07 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\vlc
[2013/01/13 15:52:01 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\VideoLAN
[2009/09/11 11:41:50 | 000,061,440 | ---- | C] ( ) -- C:\WINDOWS\System32\csnpstd.dll
[2009/09/11 11:41:50 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnpstd.dll
[2009/09/11 11:41:50 | 000,036,864 | ---- | C] ( ) -- C:\WINDOWS\System32\vsnpstd.dll
[2007/03/12 04:41:52 | 000,061,440 | ---- | C] ( ) -- C:\WINDOWS\System32\vsnpstd3.dll
[2005/11/23 05:55:32 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\csnpstd3.dll
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013/02/06 07:42:52 | 000,001,086 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/02/06 07:42:40 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/02/06 07:42:39 | 000,056,728 | ---- | M] () -- C:\WINDOWS\System32\ativvaxx.cap
[2013/02/06 07:37:25 | 000,094,720 | RHS- | M] () -- C:\Dokumente und Einstellungen\Knoden\wgsdgsdgdsgsd.exe
[2013/02/06 07:17:00 | 000,001,090 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/02/06 04:48:37 | 000,448,898 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2013/02/06 04:48:37 | 000,432,784 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/02/06 04:48:37 | 000,080,338 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2013/02/06 04:48:37 | 000,067,740 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/02/06 04:44:32 | 000,002,422 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/02/05 10:18:13 | 000,019,411 | ---- | M] () -- C:\Dokumente und Einstellungen\Knoden\Desktop\kitas Augsburg.odt
[2013/02/04 18:54:04 | 000,010,516 | ---- | M] () -- C:\Dokumente und Einstellungen\Knoden\Desktop\Lernen DF3.odt
[2013/01/28 12:59:17 | 000,202,563 | ---- | M] () -- C:\Dokumente und Einstellungen\Knoden\Desktop\pc neu.JPG
[2013/01/23 16:28:25 | 000,019,456 | ---- | M] () -- C:\Dokumente und Einstellungen\Knoden\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/01/17 07:09:17 | 000,013,288 | ---- | M] () -- C:\Dokumente und Einstellungen\Knoden\Desktop\Reflexion Triple P.odt
[2013/01/17 05:12:22 | 000,000,871 | ---- | M] () -- C:\Dokumente und Einstellungen\Knoden\.recently-used.xbel
[2013/01/17 04:48:12 | 002,360,681 | ---- | M] () -- C:\Dokumente und Einstellungen\Knoden\Desktop\DSC00770.JPG
[2013/01/17 04:45:25 | 002,631,204 | ---- | M] () -- C:\Dokumente und Einstellungen\Knoden\Desktop\DSC00313.JPG
[2013/01/13 15:52:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\VideoLAN
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013/02/06 07:37:25 | 000,094,720 | RHS- | C] () -- C:\Dokumente und Einstellungen\Knoden\wgsdgsdgdsgsd.exe
[2013/02/05 04:48:30 | 000,019,411 | ---- | C] () -- C:\Dokumente und Einstellungen\Knoden\Desktop\kitas Augsburg.odt
[2013/02/04 11:20:44 | 000,010,516 | ---- | C] () -- C:\Dokumente und Einstellungen\Knoden\Desktop\Lernen DF3.odt
[2013/01/28 12:59:16 | 000,202,563 | ---- | C] () -- C:\Dokumente und Einstellungen\Knoden\Desktop\pc neu.JPG
[2013/01/17 05:12:22 | 000,000,871 | ---- | C] () -- C:\Dokumente und Einstellungen\Knoden\.recently-used.xbel
[2013/01/17 04:48:11 | 002,360,681 | ---- | C] () -- C:\Dokumente und Einstellungen\Knoden\Desktop\DSC00770.JPG
[2013/01/17 04:45:24 | 002,631,204 | ---- | C] () -- C:\Dokumente und Einstellungen\Knoden\Desktop\DSC00313.JPG
[2013/01/15 08:13:40 | 000,013,288 | ---- | C] () -- C:\Dokumente und Einstellungen\Knoden\Desktop\Reflexion Triple P.odt
[2012/10/15 06:40:40 | 000,001,191 | ---- | C] () -- C:\WINDOWS\System32\W32N55.INI
[2012/10/15 06:40:40 | 000,000,449 | ---- | C] () -- C:\WINDOWS\System32\DiagFunc.ini
[2012/10/15 06:40:39 | 000,480,608 | ---- | C] () -- C:\WINDOWS\System32\DiagFunc.dll
[2012/10/15 06:40:39 | 000,034,080 | ---- | C] () -- C:\WINDOWS\System32\CTAAEI.dll
[2012/10/15 06:40:20 | 000,014,051 | ---- | C] () -- C:\WINDOWS\System32\RaCoInst.dat
[2012/02/14 14:52:46 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/01/11 17:14:48 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2012/01/07 13:57:15 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PCFriend.INI
[2011/10/30 15:43:06 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\Knoden\Lokale Einstellungen\Anwendungsdaten\{076D03A8-0A21-47BE-AA86-C281F0006B60}
[2011/10/30 15:42:57 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\Knoden\Lokale Einstellungen\Anwendungsdaten\{0FB64222-080E-4962-BCA6-4682121633E6}
[2011/04/09 11:55:28 | 000,179,261 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2010/10/12 17:16:09 | 000,000,619 | ---- | C] () -- C:\WINDOWS\eReg.dat
[2010/09/09 13:06:14 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\Access.dat
[2010/06/04 17:19:57 | 000,040,960 | R--- | C] () -- C:\WINDOWS\System32\psfind.dll
[2010/05/12 17:42:44 | 001,441,268 | ---- | C] () -- C:\Programme\save.dat
[2010/05/12 17:41:39 | 000,020,274 | ---- | C] () -- C:\Programme\sbanleit3.jpg
[2010/05/12 17:41:39 | 000,017,637 | ---- | C] () -- C:\Programme\sbanleit2.jpg
[2010/05/12 17:41:39 | 000,016,099 | ---- | C] () -- C:\Programme\sbanleit5.jpg
[2010/05/12 17:41:39 | 000,015,673 | ---- | C] () -- C:\Programme\sbanleit1.jpg
[2010/05/12 17:41:39 | 000,011,434 | ---- | C] () -- C:\Programme\sbanleit4.jpg
[2010/05/12 17:41:39 | 000,005,988 | ---- | C] () -- C:\Programme\sbanleit6.jpg
[2010/04/09 12:27:27 | 000,000,085 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2010/04/09 12:12:10 | 000,002,951 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\Config.nt.bak
[2010/04/09 12:12:10 | 000,001,806 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\Autoexec.nt.bak
[2010/04/09 12:12:10 | 000,000,820 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\hosts.bak
[2010/03/01 12:30:00 | 000,017,168 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2010/01/19 06:33:36 | 000,097,312 | ---- | C] () -- C:\WINDOWS\System32\drivers\Fwusb1b.bin
[2010/01/15 09:15:16 | 000,063,485 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2010/01/14 15:51:39 | 000,000,068 | ---- | C] () -- C:\WINDOWS\ScrAntic.ini
[2009/11/29 09:17:28 | 000,000,000 | ---- | C] () -- C:\WINDOWS\syscheck.INI
[2009/11/17 09:02:55 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll
[2009/11/17 09:02:55 | 000,036,608 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys
[2009/11/17 09:02:48 | 000,002,528 | ---- | C] () -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\$_hpcst$.hpc
[2009/10/22 06:18:51 | 000,281,760 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2009/10/22 06:18:50 | 000,025,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2009/10/06 15:20:14 | 000,000,032 | ---- | C] () -- C:\WINDOWS\Menu.INI
[2009/09/11 11:41:52 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\dsnpstd.dll
[2009/09/11 11:41:52 | 000,015,541 | ---- | C] () -- C:\WINDOWS\snpstd.ini
[2009/09/11 11:41:51 | 000,302,720 | ---- | C] () -- C:\WINDOWS\System32\drivers\snpstd.sys
[2009/09/11 11:41:49 | 000,020,480 | ---- | C] () -- C:\WINDOWS\usnpstd.exe
[2009/09/01 11:00:44 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2009/06/05 17:19:01 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009/05/05 09:26:29 | 000,000,084 | ---- | C] () -- C:\WINDOWS\WSST_Screen_Saver.ini
[2009/05/04 06:08:30 | 000,001,065 | ---- | C] () -- C:\WINDOWS\winamp.ini
[2009/03/29 15:25:03 | 000,000,299 | ---- | C] () -- C:\WINDOWS\game.ini
[2009/03/09 15:02:08 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\AVSDVDPlayer.m3u
[2009/03/09 15:01:11 | 000,819,200 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009/03/09 15:01:11 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009/03/07 13:15:25 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009/03/07 13:15:13 | 000,019,456 | ---- | C] () -- C:\Dokumente und Einstellungen\Knoden\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/03/07 12:17:07 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2009/03/07 12:16:20 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2009/03/07 12:04:22 | 000,593,920 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2009/03/07 12:04:15 | 000,887,724 | R--- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2009/03/07 12:04:14 | 003,107,788 | R--- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2009/03/07 12:04:11 | 003,107,788 | R--- | C] () -- C:\WINDOWS\System32\ativvaxx.dat
[2009/03/07 12:04:11 | 000,176,918 | R--- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2009/03/07 11:57:17 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009/03/07 11:52:24 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009/03/07 11:43:16 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009/03/07 11:41:59 | 000,125,320 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/03/02 13:26:56 | 000,000,025 | ---- | C] () -- C:\WINDOWS\popcinfot.dat
[2009/02/04 13:26:02 | 000,000,023 | ---- | C] () -- C:\WINDOWS\BlendSettings.ini
[2008/10/07 02:13:30 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2008/10/07 02:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008/10/07 02:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2008/10/07 02:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2008/10/07 02:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008/10/07 02:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2008/10/07 02:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2008/10/07 02:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2008/10/07 02:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2008/10/07 02:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2008/10/03 15:48:00 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ATIODE.exe
[2008/09/29 15:22:28 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ATIODCLI.exe
[2008/05/04 11:39:34 | 000,002,560 | ---- | C] () -- C:\WINDOWS\System32\ViaClassCoInstaller.dll
[2007/10/25 11:26:10 | 000,007,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2006/09/19 02:07:28 | 000,827,392 | ---- | C] () -- C:\WINDOWS\vsnpstd3.exe
[2006/02/28 07:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2006/02/28 07:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2006/02/28 07:00:00 | 000,448,898 | ---- | C] () -- C:\WINDOWS\System32\perfh007.dat
[2006/02/28 07:00:00 | 000,432,784 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2006/02/28 07:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2006/02/28 07:00:00 | 000,269,480 | ---- | C] () -- C:\WINDOWS\System32\perfi007.dat
[2006/02/28 07:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2006/02/28 07:00:00 | 000,080,338 | ---- | C] () -- C:\WINDOWS\System32\perfc007.dat
[2006/02/28 07:00:00 | 000,067,740 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2006/02/28 07:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2006/02/28 07:00:00 | 000,034,478 | ---- | C] () -- C:\WINDOWS\System32\perfd007.dat
[2006/02/28 07:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2006/02/28 07:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2006/02/28 07:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2006/02/28 07:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2006/02/28 07:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2005/07/12 08:44:42 | 000,015,872 | ---- | C] () -- C:\WINDOWS\System32\InsDrvZD64.DLL
[2004/03/23 10:38:00 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\InsDrvZD.dll
[2004/02/27 09:36:18 | 000,015,498 | ---- | C] () -- C:\WINDOWS\snpstd3.ini
[2003/03/14 06:24:00 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\ZyDelReg.exe
[1998/10/10 19:07:38 | 000,088,576 | ---- | C] () -- C:\WINDOWS\System32\Iticheck.dll
 
========== LOP Check ==========
 
[2012/02/08 19:28:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\ALDITALKVerbindungsassistent
[2013/01/15 16:34:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\.minecraft
[2009/03/29 15:26:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\Activision
[2012/02/15 07:41:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\ALDITALKVerbindungsassistent
[2009/05/08 04:35:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\Ashampoo
[2010/09/07 17:03:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\Canneverbe Limited
[2010/10/12 17:10:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\DAEMON Tools Lite
[2011/08/29 07:26:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\DVDVideoSoft
[2011/06/28 17:38:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\DVDVideoSoftIEHelpers
[2010/03/27 08:20:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\Earth 2140
[2012/11/22 04:13:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\Fox Dgital Copy
[2011/03/06 11:38:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\gtk-2.0
[2011/04/11 10:10:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\ICQ
[2009/03/14 09:08:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\Leadertech
[2012/12/09 15:44:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\Leawo
[2009/03/11 16:48:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\OpenOffice.org
[2009/03/08 06:55:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\Opera
[2009/11/17 09:06:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\PC Suite
[2009/11/17 09:02:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\Samsung
[2009/05/12 15:41:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\TeamViewer
[2012/11/14 04:20:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\Thunderbird
[2012/12/09 15:44:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\tiger-k
[2012/10/15 08:12:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\TP-LINK
[2009/03/10 12:16:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\TuneUp Software
[2010/09/09 13:33:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\Tunngle
[2010/03/21 15:06:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\Ubisoft
[2012/02/09 11:57:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\Verbindungsassistent
[2010/01/16 09:51:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\Zylom
[2009/12/07 15:38:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\BioWare
[2010/09/07 17:03:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Canneverbe Limited
[2010/10/12 17:05:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DAEMON Tools Lite
[2010/04/09 12:53:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\G DATA
[2013/01/06 14:22:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\KONAMI
[2012/12/09 15:44:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Leawo
[2009/11/17 09:06:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PC Suite
[2009/12/16 03:54:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\POP3Profiles
[2009/03/02 13:21:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PopCap Games
[2012/10/15 06:40:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TP-LINK
[2011/06/26 05:38:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TrackMania
[2009/03/10 12:16:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TuneUp Software
[2010/09/09 13:05:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Tunngle
[2010/03/21 15:06:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Ubisoft
[2010/01/16 09:51:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Zylom
[2009/03/17 08:35:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[2011/02/22 11:03:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/03/10 12:15:12 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{55A29068-F2CE-456C-9148-C869879E2357}
[2009/09/20 15:29:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/04/14 07:12:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2013/01/07 09:39:00 | 000,000,458 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
 
< %SYSTEMDRIVE%\*. >
[2009/08/30 15:10:49 | 000,000,000 | ---D | M] -- C:\23ef2ab834e8ccfd874889c7
[2009/04/03 07:35:46 | 000,000,000 | ---D | M] -- C:\bilder mpark
[2009/03/07 11:59:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen
[2009/12/07 13:45:12 | 000,000,000 | ---D | M] -- C:\Games
[2012/01/07 13:55:37 | 000,000,000 | ---D | M] -- C:\Program Files
[2010/11/17 17:08:01 | 000,000,000 | ---D | M] -- C:\PROGRAMM
[2013/01/07 05:00:32 | 000,000,000 | R--D | M] -- C:\Programme
[2009/03/07 13:12:45 | 000,000,000 | -HSD | M] -- C:\RECYCLER
[2011/06/28 17:27:37 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2010/03/23 15:31:34 | 000,000,000 | ---D | M] -- C:\Ubisoft
[2013/01/15 03:45:41 | 000,000,000 | ---D | M] -- C:\WINDOWS
 
< %PROGRAMFILES%\*.exe >
 
Invalid Environment Variable: %LOCALAPPDATA%\*.exe
 
< %systemroot%\*. /mp /s >
 
 
< MD5 for: AGP440.SYS  >
[2006/02/28 07:00:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008/04/14 01:03:54 | 020,108,202 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008/04/14 01:03:54 | 020,108,202 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008/04/13 17:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 13:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\353532c428eb23a15c972081863622b7\agp440.sys
[2008/04/13 17:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
 
< MD5 for: ATAPI.SYS  >
[2006/02/28 07:00:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008/04/14 01:03:54 | 020,108,202 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008/04/14 01:03:54 | 020,108,202 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008/04/13 17:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 13:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\353532c428eb23a15c972081863622b7\atapi.sys
[2008/04/13 17:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2006/02/28 07:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
 
< MD5 for: EVENTLOG.DLL  >
[2008/04/14 00:52:12 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008/04/13 21:22:10 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\SoftwareDistribution\Download\353532c428eb23a15c972081863622b7\eventlog.dll
[2008/04/14 00:52:12 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\system32\eventlog.dll
[2006/02/28 07:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=B932C077D5A65B71B4512544AC404CB4 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
 
< MD5 for: EXPLORER.EXE  >
[2008/04/14 00:52:46 | 001,036,800 | ---- | M] (Microsoft Corporation) MD5=418045A93CD87A352098AB7DABE1B53E -- C:\WINDOWS\explorer.exe
 
< MD5 for: NETLOGON.DLL  >
[2008/04/14 00:52:20 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/13 21:22:19 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\SoftwareDistribution\Download\353532c428eb23a15c972081863622b7\netlogon.dll
[2008/04/14 00:52:20 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\system32\netlogon.dll
[2006/02/28 07:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=D27395EDCD3416AFD125A9370DCB585C -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
 
< MD5 for: SCECLI.DLL  >
[2008/04/14 00:52:24 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008/04/13 21:22:23 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\SoftwareDistribution\Download\353532c428eb23a15c972081863622b7\scecli.dll
[2008/04/14 00:52:24 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\system32\scecli.dll
[2006/02/28 07:00:00 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=64DC26B3CF7BCCAD431CE360A4C625D5 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
 
< MD5 for: USER32.DLL  >
[2006/02/28 07:00:00 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=56785FD5236D7B22CF471A6DA9DB46D8 -- C:\WINDOWS\$NtServicePackUninstall$\user32.dll
[2008/04/14 00:52:32 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\ServicePackFiles\i386\user32.dll
[2008/04/13 21:22:31 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\SoftwareDistribution\Download\353532c428eb23a15c972081863622b7\user32.dll
[2008/04/14 00:52:32 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\system32\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2008/04/14 00:53:04 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008/04/13 21:23:03 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\SoftwareDistribution\Download\353532c428eb23a15c972081863622b7\userinit.exe
[2008/04/14 00:53:04 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\system32\userinit.exe
[2006/02/28 07:00:00 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=D1E53DC57143F2584B1DD53B036C0633 -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2006/02/28 07:00:00 | 000,507,392 | ---- | M] (Microsoft Corporation) MD5=2B6A0BAF33A9918F09442D873848FF72 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008/04/14 00:53:06 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008/04/13 21:23:05 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\SoftwareDistribution\Download\353532c428eb23a15c972081863622b7\winlogon.exe
[2008/04/14 00:53:06 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\system32\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2006/02/28 07:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\dllcache\ws2ifsl.sys
[2006/02/28 07:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\drivers\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
[2009/03/07 12:41:18 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2009/03/07 12:41:17 | 000,638,976 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2009/03/07 12:41:17 | 000,454,656 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav
 
< %systemroot%\system32\*.dll /lockedfiles >
[2011/03/03 01:54:43 | 000,149,504 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\dnsapi.dll
[2012/11/01 07:17:52 | 011,111,424 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\ieframe.dll
[2012/11/01 07:17:52 | 002,000,384 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\iertutil.dll
[2008/04/14 00:52:20 | 000,280,064 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\mstask.dll
[2008/04/14 00:52:22 | 000,067,072 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\ntdsapi.dll
[2012/06/08 09:25:14 | 008,503,808 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\shell32.dll
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
 
Invalid Environment Variable: %USERPROFILE%\*.*
 
Invalid Environment Variable: %USERPROFILE%\Local Settings\Temp\*.exe
 
Invalid Environment Variable: %USERPROFILE%\Local Settings\Temp\*.dll
 
Invalid Environment Variable: %USERPROFILE%\Application Data\*.exe
 
< End of report >
         
--- --- ---
_____________________________________________________________________OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 2/9/2013 8:04:35 PM - Run 
OTLPE by OldTimer - Version 3.1.48.0     Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 92.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 298.08 Gb Total Space | 19.27 Gb Free Space | 6.47% Space Free | Partition Type: NTFS
Drive D: | 14.44 Gb Total Space | 8.57 Gb Free Space | 59.36% Space Free | Partition Type: FAT32
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet003
 
========== Win32 Services (SafeList) ==========
 
SRV - File not found [Disabled] --  -- (WMPNetworkSvc)
SRV - File not found [On_Demand] --  -- (ServiceLayer)
SRV - File not found [Auto] --  -- (PowerManager)
SRV - File not found [On_Demand] --  -- (AppMgmt)
SRV - File not found [Disabled] --  -- (a2free)
SRV - [2012/11/08 12:44:46 | 000,161,768 | ---- | M] (Oracle Corporation) [Auto] -- C:\Programme\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2012/07/13 06:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/02/08 19:28:00 | 000,342,984 | ---- | M] () [Auto] -- C:\Programme\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Service.exe -- (ALDITALKVerbindungsassistent_Service)
SRV - [2011/12/26 07:46:42 | 000,375,872 | ---- | M] (Ralink Technology, Corp.) [Auto] -- C:\Programme\TP-LINK\TP-LINK Wireless Configuration Utility\Service\RaRegistry.exe -- (RalinkRegistryWriter)
SRV - [2011/03/16 03:42:06 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand] -- C:\Programme\Gemeinsame Dateien\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011/02/18 09:37:16 | 000,037,664 | ---- | M] (Apple Inc.) [Auto] -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/03/04 16:38:00 | 000,071,096 | ---- | M] () [Auto] -- C:\Programme\CDBurnerXP\NMSAccessU.exe -- (NMSAccess)
SRV - [2009/09/24 14:53:22 | 000,238,952 | ---- | M] (Teruten) [Auto] -- C:\WINDOWS\system32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2009/08/18 05:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2009/07/26 00:43:14 | 000,025,832 | ---- | M] (BioWare) [On_Demand] -- C:\Games\Dragon Age\bin_ship\daupdatersvc.service.exe -- (DAUpdaterSvc)
SRV - [2009/03/03 06:45:11 | 000,296,400 | ---- | M] () [Auto] -- C:\Programme\Verbindungsassistent\WTGService.exe -- (WTGService)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] --  -- (PDCOMP)
DRV - File not found [Kernel | System] --  -- (PCIDump)
DRV - File not found [Kernel | System] --  -- (lbrtfdc)
DRV - File not found [File_System | Boot] --  -- (Lbd)
DRV - File not found [Kernel | System] --  -- (i2omgmt)
DRV - File not found [Kernel | On_Demand] --  -- (FXDrv32)
DRV - File not found [Kernel | System] --  -- (Changer)
DRV - File not found [Kernel | On_Demand] --  -- (BTWUSB)
DRV - File not found [Kernel | On_Demand] --  -- (btwhid)
DRV - File not found [Kernel | On_Demand] --  -- (BTWDNDIS)
DRV - File not found [Kernel | On_Demand] --  -- (BTDriver)
DRV - File not found [Kernel | On_Demand] --  -- (btaudio)
DRV - File not found [Kernel | On_Demand] --  -- (bDMusicb)
DRV - [2012/02/14 07:07:52 | 001,139,040 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\rt2870.sys -- (rt2870)
DRV - [2012/02/08 19:28:01 | 000,101,760 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2011/12/26 07:46:48 | 000,019,072 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\Scutum50.sys -- (Scutum50)
DRV - [2010/10/12 17:05:51 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2010/04/27 18:57:28 | 000,066,632 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\WmXlCore.sys -- (WmXlCore)
DRV - [2010/04/27 18:57:28 | 000,015,048 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\WmVirHid.sys -- (WmVirHid)
DRV - [2010/04/27 18:57:22 | 000,022,856 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\WmBEnum.sys -- (WmBEnum)
DRV - [2010/04/27 16:01:26 | 000,037,704 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\WmFilter.sys -- (WmFilter)
DRV - [2010/04/19 13:29:20 | 000,018,432 | ---- | M] (Apple Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\netaapl.sys -- (Netaapl)
DRV - [2010/02/11 07:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)
DRV - [2010/02/03 08:56:56 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2009/11/12 07:48:56 | 000,007,168 | ---- | M] () [File_System | On_Demand] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2009/10/22 06:18:52 | 000,281,760 | ---- | M] () [Kernel | Auto] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2009/10/22 06:18:50 | 000,025,888 | ---- | M] () [Kernel | Auto] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2009/09/21 03:33:06 | 000,036,608 | ---- | M] () [Kernel | On_Demand] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2008/10/03 18:29:30 | 003,331,584 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2008/07/24 05:02:44 | 004,749,824 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008/04/29 04:31:00 | 000,143,328 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\RtHDMIV.sys -- (RTHDMIAzAudService)
DRV - [2008/03/16 17:19:58 | 000,175,104 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\k57xp32.sys -- (k57w2k) Broadcom NetLink (TM)
DRV - [2007/12/28 09:02:12 | 000,287,232 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wg111v3.sys -- (RTL8187B)
DRV - [2007/10/01 21:06:40 | 000,451,968 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\rt73.sys -- (RT73)
DRV - [2007/09/17 09:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007/07/03 10:58:20 | 000,106,792 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2007/07/03 10:57:24 | 000,011,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2007/07/03 10:54:24 | 000,080,552 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
DRV - [2007/03/27 11:19:36 | 010,252,544 | ---- | M] (Sonix Co. Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\snpstd3.sys -- (SNPSTD3) USB PC Camera (SNPSTD3)
DRV - [2006/04/05 19:00:00 | 000,264,704 | ---- | M] (AVM GmbH) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\fwlanusb.sys -- (FWLANUSB)
DRV - [2005/11/10 13:54:56 | 000,402,944 | R--- | M] (Belkin Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\BLKWGU.sys -- (BLKWGU(Belkin)) Belkin Wireless G USB Network Adapter(Belkin)
DRV - [2004/10/25 07:40:58 | 000,017,664 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ZDPSp50.sys -- (ZDPSp50)
DRV - [2001/08/17 07:51:32 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\irsir.sys -- (irsir)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\Knoden_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = Suche
IE - HKU\Knoden_ON_C\..\URLSearchHook: {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - Reg Error: Key error. File not found
IE - HKU\Knoden_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\Knoden_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local
IE - HKU\Knoden_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 212.23.97.9:8080
 
 
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:9.0.0.459
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..network.proxy.type: 0
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Programme\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0:  File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@zylom.com/ZylomGamesPlayer:  File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Programme\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Components: C:\Programme\Mozilla Firefox\components [2012/10/15 13:29:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2012/11/08 12:45:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 16.0.2\extensions\\Components: C:\Programme\Mozilla Thunderbird\components [2012/11/14 04:20:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 16.0.2\extensions\\Plugins: C:\Programme\Mozilla Thunderbird\plugins
 
[2009/03/07 13:15:24 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\mozilla\Extensions
[2013/01/16 05:55:38 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\mozilla\Firefox\Profiles\pu8pe171.default\extensions
[2010/05/06 09:37:50 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\mozilla\Firefox\Profiles\pu8pe171.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2010/01/06 10:46:17 | 000,000,000 | ---D | M] (DVDVideoSoft Toolbar) -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\mozilla\Firefox\Profiles\pu8pe171.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}
[2012/10/15 13:29:18 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2009/07/03 11:45:03 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- C:\Programme\Mozilla Firefox\extensions\linkfilter@kaspersky.ru
File not found (No name found) -- 
[2012/10/10 20:05:24 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll
[2012/10/10 21:10:32 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012/10/10 21:10:32 | 000,002,465 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml
[2012/10/10 21:10:32 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2012/10/10 21:10:32 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2012/10/10 21:10:32 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2012/10/10 21:10:32 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2006/02/28 07:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - No CLSID value found.
O3 - HKU\Knoden_ON_C\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [HydraVisionDesktopManager] C:\Programme\ATI Technologies\ATI HYDRAVISION\HydraDM.exe (ATI Technologies Inc.)
O4 - HKLM..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe ()
O4 - HKLM..\Run: [Start WingMan Profiler] C:\Programme\Logitech\Gaming Software\LWEMon.exe (Logitech Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [svñhîst]  File not found
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Launcher.lnk = C:\Programme\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Launcher.exe ()
O4 - Startup: C:\Dokumente und Einstellungen\Knoden\Startmenü\Programme\Autostart\OpenOffice.org 3.3.lnk = C:\Programme\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Knoden_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun =  [binary data]
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9 - Extra Button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Programme\ICQ7.4\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Programme\ICQ7.4\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} -  File not found
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -  File not found
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -  File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} hxxp://icq.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab (Oberon Flash Game Host)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: 
O24 - Desktop BackupWallPaper: 
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/02/07 22:25:09 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{4ed01a02-ade5-11df-af80-001fe262301e}\Shell - "" = AutoRun
O33 - MountPoints2\{4ed01a02-ade5-11df-af80-001fe262301e}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{4ed01a02-ade5-11df-af80-001fe262301e}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{4ed01a03-ade5-11df-af80-001fe262301e}\Shell - "" = AutoRun
O33 - MountPoints2\{4ed01a03-ade5-11df-af80-001fe262301e}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{4ed01a03-ade5-11df-af80-001fe262301e}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{584ea0ae-7009-11df-af5d-001fe262301e}\Shell - "" = AutoRun
O33 - MountPoints2\{584ea0ae-7009-11df-af5d-001fe262301e}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{584ea0ae-7009-11df-af5d-001fe262301e}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{584ea0b3-7009-11df-af5d-001fe262301e}\Shell - "" = AutoRun
O33 - MountPoints2\{584ea0b3-7009-11df-af5d-001fe262301e}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{584ea0b3-7009-11df-af5d-001fe262301e}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{5ff80ac2-f74c-11e0-b0e0-001fe262301e}\Shell - "" = AutoRun
O33 - MountPoints2\{5ff80ac2-f74c-11e0-b0e0-001fe262301e}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{5ff80ac2-f74c-11e0-b0e0-001fe262301e}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{5ff80ac5-f74c-11e0-b0e0-001fe262301e}\Shell - "" = AutoRun
O33 - MountPoints2\{5ff80ac5-f74c-11e0-b0e0-001fe262301e}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{5ff80ac5-f74c-11e0-b0e0-001fe262301e}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{d9b03e50-04ea-11df-aef5-001fe262301e}\Shell - "" = AutoRun
O33 - MountPoints2\{d9b03e50-04ea-11df-aef5-001fe262301e}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{d9b03e50-04ea-11df-aef5-001fe262301e}\Shell\AutoRun\command - "" = E:\pushinst.exe
O33 - MountPoints2\{ffb7adfa-5a3a-11e1-b17b-001fe262301e}\Shell - "" = AutoRun
O33 - MountPoints2\{ffb7adfa-5a3a-11e1-b17b-001fe262301e}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{ffb7adfa-5a3a-11e1-b17b-001fe262301e}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vektorgrafik-Rendering (VML)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML-Datenbindung für Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Erweitertes Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {8937FCB2-2FC6-4FC3-9FB5-DE2C92DB9C38} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {A0739DE2-571F-11D2-A031-0060977F760C} - InterActual PCFriendly ActiveX Control
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C3C986D6-06B1-43BF-90DD-BE30756C00DE} - RevokedRootsUpdate
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Taskplaner
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Macromedia Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
 
NetSvcs: AppMgmt -  File not found
NetSvcs: Ias -  File not found
NetSvcs: Iprip -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: WmdmPmSp -  File not found
 
MsConfig - Services: "TuneUp.ProgramStatisticsSvc"
MsConfig - Services: "TuneUp.Defrag"
MsConfig - Services: "WMPNetworkSvc"
MsConfig - Services: "TunngleService"
MsConfig - Services: "gupdate1c9da1fc6c11eda"
MsConfig - Services: "btwdins"
MsConfig - Services: "a2free"
MsConfig - StartUpFolder: C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Belkin Wireless USB Utility.lnk -  - File not found
MsConfig - StartUpFolder: C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^BTTray.lnk -  - File not found
MsConfig - StartUpFolder: C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^TP-LINK Wireless Configuration Utility.lnk - C:\Programme\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe - ()
MsConfig - StartUpFolder: C:^Dokumente und Einstellungen^Knoden^Startmenü^Programme^Autostart^OpenOffice.org 3.0.lnk - C:\Programme\OpenOffice.org 3\program\quickstart.exe - ()
MsConfig - StartUpReg: Adobe ARM - hkey= - key= - C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= -  File not found
MsConfig - StartUpReg: AppleSyncNotifier - hkey= - key= - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
MsConfig - StartUpReg: AutoStartNPSAgent - hkey= - key= - C:\Programme\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.)
MsConfig - StartUpReg: DAEMON Tools Lite - hkey= - key= - C:\Programme\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
MsConfig - StartUpReg: F5D7050v3 - hkey= - key= -  File not found
MsConfig - StartUpReg: ICQ - hkey= - key= - C:\Programme\ICQ7.4\ICQ.exe (ICQ, LLC.)
MsConfig - StartUpReg: iTunesHelper - hkey= - key= - C:\Programme\iTunes\iTunesHelper.exe (Apple Inc.)
MsConfig - StartUpReg: LogMeIn Hamachi Ui - hkey= - key= -  File not found
MsConfig - StartUpReg: NPSStartup - hkey= - key= -  File not found
MsConfig - StartUpReg: QuickTime Task - hkey= - key= -  File not found
MsConfig - StartUpReg: RGSC - hkey= - key= -  File not found
MsConfig - StartUpReg: Skype - hkey= - key= - C:\Programme\Skype\Phone\Skype.exe (Skype Technologies S.A.)
MsConfig - StartUpReg: StartCCC - hkey= - key= -  File not found
MsConfig - StartUpReg: Steam - hkey= - key= - C:\Programme\Steam\Steam.exe (Valve Corporation)
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 2
MsConfig - State: "startup" - 2
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013/01/17 05:11:50 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Knoden\Eigene Dateien\gegl-0.0
[2013/01/13 15:52:07 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\vlc
[2013/01/13 15:52:01 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\VideoLAN
[2009/09/11 11:41:50 | 000,061,440 | ---- | C] ( ) -- C:\WINDOWS\System32\csnpstd.dll
[2009/09/11 11:41:50 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnpstd.dll
[2009/09/11 11:41:50 | 000,036,864 | ---- | C] ( ) -- C:\WINDOWS\System32\vsnpstd.dll
[2007/03/12 04:41:52 | 000,061,440 | ---- | C] ( ) -- C:\WINDOWS\System32\vsnpstd3.dll
[2005/11/23 05:55:32 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\csnpstd3.dll
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013/02/06 07:42:52 | 000,001,086 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/02/06 07:42:40 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/02/06 07:42:39 | 000,056,728 | ---- | M] () -- C:\WINDOWS\System32\ativvaxx.cap
[2013/02/06 07:37:25 | 000,094,720 | RHS- | M] () -- C:\Dokumente und Einstellungen\Knoden\wgsdgsdgdsgsd.exe
[2013/02/06 07:17:00 | 000,001,090 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/02/06 04:48:37 | 000,448,898 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2013/02/06 04:48:37 | 000,432,784 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/02/06 04:48:37 | 000,080,338 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2013/02/06 04:48:37 | 000,067,740 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/02/06 04:44:32 | 000,002,422 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/02/05 10:18:13 | 000,019,411 | ---- | M] () -- C:\Dokumente und Einstellungen\Knoden\Desktop\kitas Augsburg.odt
[2013/02/04 18:54:04 | 000,010,516 | ---- | M] () -- C:\Dokumente und Einstellungen\Knoden\Desktop\Lernen DF3.odt
[2013/01/28 12:59:17 | 000,202,563 | ---- | M] () -- C:\Dokumente und Einstellungen\Knoden\Desktop\pc neu.JPG
[2013/01/23 16:28:25 | 000,019,456 | ---- | M] () -- C:\Dokumente und Einstellungen\Knoden\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/01/17 07:09:17 | 000,013,288 | ---- | M] () -- C:\Dokumente und Einstellungen\Knoden\Desktop\Reflexion Triple P.odt
[2013/01/17 05:12:22 | 000,000,871 | ---- | M] () -- C:\Dokumente und Einstellungen\Knoden\.recently-used.xbel
[2013/01/17 04:48:12 | 002,360,681 | ---- | M] () -- C:\Dokumente und Einstellungen\Knoden\Desktop\DSC00770.JPG
[2013/01/17 04:45:25 | 002,631,204 | ---- | M] () -- C:\Dokumente und Einstellungen\Knoden\Desktop\DSC00313.JPG
[2013/01/13 15:52:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\VideoLAN
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013/02/06 07:37:25 | 000,094,720 | RHS- | C] () -- C:\Dokumente und Einstellungen\Knoden\wgsdgsdgdsgsd.exe
[2013/02/05 04:48:30 | 000,019,411 | ---- | C] () -- C:\Dokumente und Einstellungen\Knoden\Desktop\kitas Augsburg.odt
[2013/02/04 11:20:44 | 000,010,516 | ---- | C] () -- C:\Dokumente und Einstellungen\Knoden\Desktop\Lernen DF3.odt
[2013/01/28 12:59:16 | 000,202,563 | ---- | C] () -- C:\Dokumente und Einstellungen\Knoden\Desktop\pc neu.JPG
[2013/01/17 05:12:22 | 000,000,871 | ---- | C] () -- C:\Dokumente und Einstellungen\Knoden\.recently-used.xbel
[2013/01/17 04:48:11 | 002,360,681 | ---- | C] () -- C:\Dokumente und Einstellungen\Knoden\Desktop\DSC00770.JPG
[2013/01/17 04:45:24 | 002,631,204 | ---- | C] () -- C:\Dokumente und Einstellungen\Knoden\Desktop\DSC00313.JPG
[2013/01/15 08:13:40 | 000,013,288 | ---- | C] () -- C:\Dokumente und Einstellungen\Knoden\Desktop\Reflexion Triple P.odt
[2012/10/15 06:40:40 | 000,001,191 | ---- | C] () -- C:\WINDOWS\System32\W32N55.INI
[2012/10/15 06:40:40 | 000,000,449 | ---- | C] () -- C:\WINDOWS\System32\DiagFunc.ini
[2012/10/15 06:40:39 | 000,480,608 | ---- | C] () -- C:\WINDOWS\System32\DiagFunc.dll
[2012/10/15 06:40:39 | 000,034,080 | ---- | C] () -- C:\WINDOWS\System32\CTAAEI.dll
[2012/10/15 06:40:20 | 000,014,051 | ---- | C] () -- C:\WINDOWS\System32\RaCoInst.dat
[2012/02/14 14:52:46 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/01/11 17:14:48 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2012/01/07 13:57:15 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PCFriend.INI
[2011/10/30 15:43:06 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\Knoden\Lokale Einstellungen\Anwendungsdaten\{076D03A8-0A21-47BE-AA86-C281F0006B60}
[2011/10/30 15:42:57 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\Knoden\Lokale Einstellungen\Anwendungsdaten\{0FB64222-080E-4962-BCA6-4682121633E6}
[2011/04/09 11:55:28 | 000,179,261 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2010/10/12 17:16:09 | 000,000,619 | ---- | C] () -- C:\WINDOWS\eReg.dat
[2010/09/09 13:06:14 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\Access.dat
[2010/06/04 17:19:57 | 000,040,960 | R--- | C] () -- C:\WINDOWS\System32\psfind.dll
[2010/05/12 17:42:44 | 001,441,268 | ---- | C] () -- C:\Programme\save.dat
[2010/05/12 17:41:39 | 000,020,274 | ---- | C] () -- C:\Programme\sbanleit3.jpg
[2010/05/12 17:41:39 | 000,017,637 | ---- | C] () -- C:\Programme\sbanleit2.jpg
[2010/05/12 17:41:39 | 000,016,099 | ---- | C] () -- C:\Programme\sbanleit5.jpg
[2010/05/12 17:41:39 | 000,015,673 | ---- | C] () -- C:\Programme\sbanleit1.jpg
[2010/05/12 17:41:39 | 000,011,434 | ---- | C] () -- C:\Programme\sbanleit4.jpg
[2010/05/12 17:41:39 | 000,005,988 | ---- | C] () -- C:\Programme\sbanleit6.jpg
[2010/04/09 12:27:27 | 000,000,085 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2010/04/09 12:12:10 | 000,002,951 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\Config.nt.bak
[2010/04/09 12:12:10 | 000,001,806 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\Autoexec.nt.bak
[2010/04/09 12:12:10 | 000,000,820 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\hosts.bak
[2010/03/01 12:30:00 | 000,017,168 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2010/01/19 06:33:36 | 000,097,312 | ---- | C] () -- C:\WINDOWS\System32\drivers\Fwusb1b.bin
[2010/01/15 09:15:16 | 000,063,485 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2010/01/14 15:51:39 | 000,000,068 | ---- | C] () -- C:\WINDOWS\ScrAntic.ini
[2009/11/29 09:17:28 | 000,000,000 | ---- | C] () -- C:\WINDOWS\syscheck.INI
[2009/11/17 09:02:55 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll
[2009/11/17 09:02:55 | 000,036,608 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys
[2009/11/17 09:02:48 | 000,002,528 | ---- | C] () -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\$_hpcst$.hpc
[2009/10/22 06:18:51 | 000,281,760 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2009/10/22 06:18:50 | 000,025,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2009/10/06 15:20:14 | 000,000,032 | ---- | C] () -- C:\WINDOWS\Menu.INI
[2009/09/11 11:41:52 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\dsnpstd.dll
[2009/09/11 11:41:52 | 000,015,541 | ---- | C] () -- C:\WINDOWS\snpstd.ini
[2009/09/11 11:41:51 | 000,302,720 | ---- | C] () -- C:\WINDOWS\System32\drivers\snpstd.sys
[2009/09/11 11:41:49 | 000,020,480 | ---- | C] () -- C:\WINDOWS\usnpstd.exe
[2009/09/01 11:00:44 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2009/06/05 17:19:01 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009/05/05 09:26:29 | 000,000,084 | ---- | C] () -- C:\WINDOWS\WSST_Screen_Saver.ini
[2009/05/04 06:08:30 | 000,001,065 | ---- | C] () -- C:\WINDOWS\winamp.ini
[2009/03/29 15:25:03 | 000,000,299 | ---- | C] () -- C:\WINDOWS\game.ini
[2009/03/09 15:02:08 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\AVSDVDPlayer.m3u
[2009/03/09 15:01:11 | 000,819,200 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009/03/09 15:01:11 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009/03/07 13:15:25 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009/03/07 13:15:13 | 000,019,456 | ---- | C] () -- C:\Dokumente und Einstellungen\Knoden\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/03/07 12:17:07 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2009/03/07 12:16:20 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2009/03/07 12:04:22 | 000,593,920 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2009/03/07 12:04:15 | 000,887,724 | R--- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2009/03/07 12:04:14 | 003,107,788 | R--- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2009/03/07 12:04:11 | 003,107,788 | R--- | C] () -- C:\WINDOWS\System32\ativvaxx.dat
[2009/03/07 12:04:11 | 000,176,918 | R--- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2009/03/07 11:57:17 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009/03/07 11:52:24 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009/03/07 11:43:16 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009/03/07 11:41:59 | 000,125,320 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/03/02 13:26:56 | 000,000,025 | ---- | C] () -- C:\WINDOWS\popcinfot.dat
[2009/02/04 13:26:02 | 000,000,023 | ---- | C] () -- C:\WINDOWS\BlendSettings.ini
[2008/10/07 02:13:30 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2008/10/07 02:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008/10/07 02:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2008/10/07 02:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2008/10/07 02:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008/10/07 02:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2008/10/07 02:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2008/10/07 02:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2008/10/07 02:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2008/10/07 02:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2008/10/03 15:48:00 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ATIODE.exe
[2008/09/29 15:22:28 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ATIODCLI.exe
[2008/05/04 11:39:34 | 000,002,560 | ---- | C] () -- C:\WINDOWS\System32\ViaClassCoInstaller.dll
[2007/10/25 11:26:10 | 000,007,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2006/09/19 02:07:28 | 000,827,392 | ---- | C] () -- C:\WINDOWS\vsnpstd3.exe
[2006/02/28 07:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2006/02/28 07:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2006/02/28 07:00:00 | 000,448,898 | ---- | C] () -- C:\WINDOWS\System32\perfh007.dat
[2006/02/28 07:00:00 | 000,432,784 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2006/02/28 07:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2006/02/28 07:00:00 | 000,269,480 | ---- | C] () -- C:\WINDOWS\System32\perfi007.dat
[2006/02/28 07:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2006/02/28 07:00:00 | 000,080,338 | ---- | C] () -- C:\WINDOWS\System32\perfc007.dat
[2006/02/28 07:00:00 | 000,067,740 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2006/02/28 07:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2006/02/28 07:00:00 | 000,034,478 | ---- | C] () -- C:\WINDOWS\System32\perfd007.dat
[2006/02/28 07:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2006/02/28 07:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2006/02/28 07:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2006/02/28 07:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2006/02/28 07:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2005/07/12 08:44:42 | 000,015,872 | ---- | C] () -- C:\WINDOWS\System32\InsDrvZD64.DLL
[2004/03/23 10:38:00 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\InsDrvZD.dll
[2004/02/27 09:36:18 | 000,015,498 | ---- | C] () -- C:\WINDOWS\snpstd3.ini
[2003/03/14 06:24:00 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\ZyDelReg.exe
[1998/10/10 19:07:38 | 000,088,576 | ---- | C] () -- C:\WINDOWS\System32\Iticheck.dll
 
========== LOP Check ==========
 
[2012/02/08 19:28:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\ALDITALKVerbindungsassistent
[2013/01/15 16:34:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\.minecraft
[2009/03/29 15:26:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\Activision
[2012/02/15 07:41:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\ALDITALKVerbindungsassistent
[2009/05/08 04:35:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\Ashampoo
[2010/09/07 17:03:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\Canneverbe Limited
[2010/10/12 17:10:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\DAEMON Tools Lite
[2011/08/29 07:26:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\DVDVideoSoft
[2011/06/28 17:38:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\DVDVideoSoftIEHelpers
[2010/03/27 08:20:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\Earth 2140
[2012/11/22 04:13:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\Fox Dgital Copy
[2011/03/06 11:38:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\gtk-2.0
[2011/04/11 10:10:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\ICQ
[2009/03/14 09:08:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\Leadertech
[2012/12/09 15:44:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\Leawo
[2009/03/11 16:48:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\OpenOffice.org
[2009/03/08 06:55:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\Opera
[2009/11/17 09:06:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\PC Suite
[2009/11/17 09:02:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\Samsung
[2009/05/12 15:41:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\TeamViewer
[2012/11/14 04:20:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\Thunderbird
[2012/12/09 15:44:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\tiger-k
[2012/10/15 08:12:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\TP-LINK
[2009/03/10 12:16:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\TuneUp Software
[2010/09/09 13:33:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\Tunngle
[2010/03/21 15:06:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\Ubisoft
[2012/02/09 11:57:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\Verbindungsassistent
[2010/01/16 09:51:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\Zylom
[2009/12/07 15:38:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\BioWare
[2010/09/07 17:03:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Canneverbe Limited
[2010/10/12 17:05:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DAEMON Tools Lite
[2010/04/09 12:53:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\G DATA
[2013/01/06 14:22:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\KONAMI
[2012/12/09 15:44:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Leawo
[2009/11/17 09:06:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PC Suite
[2009/12/16 03:54:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\POP3Profiles
[2009/03/02 13:21:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PopCap Games
[2012/10/15 06:40:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TP-LINK
[2011/06/26 05:38:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TrackMania
[2009/03/10 12:16:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TuneUp Software
[2010/09/09 13:05:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Tunngle
[2010/03/21 15:06:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Ubisoft
[2010/01/16 09:51:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Zylom
[2009/03/17 08:35:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[2011/02/22 11:03:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/03/10 12:15:12 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{55A29068-F2CE-456C-9148-C869879E2357}
[2009/09/20 15:29:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/04/14 07:12:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2013/01/07 09:39:00 | 000,000,458 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
 
< %SYSTEMDRIVE%\*. >
[2009/08/30 15:10:49 | 000,000,000 | ---D | M] -- C:\23ef2ab834e8ccfd874889c7
[2009/04/03 07:35:46 | 000,000,000 | ---D | M] -- C:\bilder mpark
[2009/03/07 11:59:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen
[2009/12/07 13:45:12 | 000,000,000 | ---D | M] -- C:\Games
[2012/01/07 13:55:37 | 000,000,000 | ---D | M] -- C:\Program Files
[2010/11/17 17:08:01 | 000,000,000 | ---D | M] -- C:\PROGRAMM
[2013/01/07 05:00:32 | 000,000,000 | R--D | M] -- C:\Programme
[2009/03/07 13:12:45 | 000,000,000 | -HSD | M] -- C:\RECYCLER
[2011/06/28 17:27:37 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2010/03/23 15:31:34 | 000,000,000 | ---D | M] -- C:\Ubisoft
[2013/01/15 03:45:41 | 000,000,000 | ---D | M] -- C:\WINDOWS
 
< %PROGRAMFILES%\*.exe >
 
Invalid Environment Variable: %LOCALAPPDATA%\*.exe
 
< %systemroot%\*. /mp /s >
 
 
< MD5 for: AGP440.SYS  >
[2006/02/28 07:00:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008/04/14 01:03:54 | 020,108,202 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008/04/14 01:03:54 | 020,108,202 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008/04/13 17:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 13:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\353532c428eb23a15c972081863622b7\agp440.sys
[2008/04/13 17:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
 
< MD5 for: ATAPI.SYS  >
[2006/02/28 07:00:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008/04/14 01:03:54 | 020,108,202 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008/04/14 01:03:54 | 020,108,202 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008/04/13 17:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 13:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\353532c428eb23a15c972081863622b7\atapi.sys
[2008/04/13 17:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2006/02/28 07:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
 
< MD5 for: EVENTLOG.DLL  >
[2008/04/14 00:52:12 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008/04/13 21:22:10 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\SoftwareDistribution\Download\353532c428eb23a15c972081863622b7\eventlog.dll
[2008/04/14 00:52:12 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\system32\eventlog.dll
[2006/02/28 07:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=B932C077D5A65B71B4512544AC404CB4 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
 
< MD5 for: EXPLORER.EXE  >
[2008/04/14 00:52:46 | 001,036,800 | ---- | M] (Microsoft Corporation) MD5=418045A93CD87A352098AB7DABE1B53E -- C:\WINDOWS\explorer.exe
 
< MD5 for: NETLOGON.DLL  >
[2008/04/14 00:52:20 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/13 21:22:19 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\SoftwareDistribution\Download\353532c428eb23a15c972081863622b7\netlogon.dll
[2008/04/14 00:52:20 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\system32\netlogon.dll
[2006/02/28 07:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=D27395EDCD3416AFD125A9370DCB585C -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
 
< MD5 for: SCECLI.DLL  >
[2008/04/14 00:52:24 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008/04/13 21:22:23 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\SoftwareDistribution\Download\353532c428eb23a15c972081863622b7\scecli.dll
[2008/04/14 00:52:24 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\system32\scecli.dll
[2006/02/28 07:00:00 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=64DC26B3CF7BCCAD431CE360A4C625D5 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
 
< MD5 for: USER32.DLL  >
[2006/02/28 07:00:00 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=56785FD5236D7B22CF471A6DA9DB46D8 -- C:\WINDOWS\$NtServicePackUninstall$\user32.dll
[2008/04/14 00:52:32 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\ServicePackFiles\i386\user32.dll
[2008/04/13 21:22:31 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\SoftwareDistribution\Download\353532c428eb23a15c972081863622b7\user32.dll
[2008/04/14 00:52:32 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\system32\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2008/04/14 00:53:04 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008/04/13 21:23:03 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\SoftwareDistribution\Download\353532c428eb23a15c972081863622b7\userinit.exe
[2008/04/14 00:53:04 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\system32\userinit.exe
[2006/02/28 07:00:00 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=D1E53DC57143F2584B1DD53B036C0633 -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2006/02/28 07:00:00 | 000,507,392 | ---- | M] (Microsoft Corporation) MD5=2B6A0BAF33A9918F09442D873848FF72 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008/04/14 00:53:06 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008/04/13 21:23:05 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\SoftwareDistribution\Download\353532c428eb23a15c972081863622b7\winlogon.exe
[2008/04/14 00:53:06 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\system32\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2006/02/28 07:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\dllcache\ws2ifsl.sys
[2006/02/28 07:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\drivers\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
[2009/03/07 12:41:18 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2009/03/07 12:41:17 | 000,638,976 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2009/03/07 12:41:17 | 000,454,656 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav
 
< %systemroot%\system32\*.dll /lockedfiles >
[2011/03/03 01:54:43 | 000,149,504 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\dnsapi.dll
[2012/11/01 07:17:52 | 011,111,424 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\ieframe.dll
[2012/11/01 07:17:52 | 002,000,384 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\iertutil.dll
[2008/04/14 00:52:20 | 000,280,064 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\mstask.dll
[2008/04/14 00:52:22 | 000,067,072 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\ntdsapi.dll
[2012/06/08 09:25:14 | 008,503,808 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\shell32.dll
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
 
Invalid Environment Variable: %USERPROFILE%\*.*
 
Invalid Environment Variable: %USERPROFILE%\Local Settings\Temp\*.exe
 
Invalid Environment Variable: %USERPROFILE%\Local Settings\Temp\*.dll
 
Invalid Environment Variable: %USERPROFILE%\Application Data\*.exe
 
< End of report >
         
--- --- ---
__________________

Alt 09.02.2013, 20:40   #4
knoden
 
Grauer Bildschirm nach Windowsstart - Standard

Grauer Bildschirm nach Windowsstart



So, habe alles wie in der Anleitung gemacht.

hier die Log Dateien:OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 2/9/2013 8:04:35 PM - Run 
OTLPE by OldTimer - Version 3.1.48.0     Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 92.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 298.08 Gb Total Space | 19.27 Gb Free Space | 6.47% Space Free | Partition Type: NTFS
Drive D: | 14.44 Gb Total Space | 8.57 Gb Free Space | 59.36% Space Free | Partition Type: FAT32
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet003
 
========== Win32 Services (SafeList) ==========
 
SRV - File not found [Disabled] --  -- (WMPNetworkSvc)
SRV - File not found [On_Demand] --  -- (ServiceLayer)
SRV - File not found [Auto] --  -- (PowerManager)
SRV - File not found [On_Demand] --  -- (AppMgmt)
SRV - File not found [Disabled] --  -- (a2free)
SRV - [2012/11/08 12:44:46 | 000,161,768 | ---- | M] (Oracle Corporation) [Auto] -- C:\Programme\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2012/07/13 06:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/02/08 19:28:00 | 000,342,984 | ---- | M] () [Auto] -- C:\Programme\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Service.exe -- (ALDITALKVerbindungsassistent_Service)
SRV - [2011/12/26 07:46:42 | 000,375,872 | ---- | M] (Ralink Technology, Corp.) [Auto] -- C:\Programme\TP-LINK\TP-LINK Wireless Configuration Utility\Service\RaRegistry.exe -- (RalinkRegistryWriter)
SRV - [2011/03/16 03:42:06 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand] -- C:\Programme\Gemeinsame Dateien\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011/02/18 09:37:16 | 000,037,664 | ---- | M] (Apple Inc.) [Auto] -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/03/04 16:38:00 | 000,071,096 | ---- | M] () [Auto] -- C:\Programme\CDBurnerXP\NMSAccessU.exe -- (NMSAccess)
SRV - [2009/09/24 14:53:22 | 000,238,952 | ---- | M] (Teruten) [Auto] -- C:\WINDOWS\system32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2009/08/18 05:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2009/07/26 00:43:14 | 000,025,832 | ---- | M] (BioWare) [On_Demand] -- C:\Games\Dragon Age\bin_ship\daupdatersvc.service.exe -- (DAUpdaterSvc)
SRV - [2009/03/03 06:45:11 | 000,296,400 | ---- | M] () [Auto] -- C:\Programme\Verbindungsassistent\WTGService.exe -- (WTGService)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] --  -- (PDCOMP)
DRV - File not found [Kernel | System] --  -- (PCIDump)
DRV - File not found [Kernel | System] --  -- (lbrtfdc)
DRV - File not found [File_System | Boot] --  -- (Lbd)
DRV - File not found [Kernel | System] --  -- (i2omgmt)
DRV - File not found [Kernel | On_Demand] --  -- (FXDrv32)
DRV - File not found [Kernel | System] --  -- (Changer)
DRV - File not found [Kernel | On_Demand] --  -- (BTWUSB)
DRV - File not found [Kernel | On_Demand] --  -- (btwhid)
DRV - File not found [Kernel | On_Demand] --  -- (BTWDNDIS)
DRV - File not found [Kernel | On_Demand] --  -- (BTDriver)
DRV - File not found [Kernel | On_Demand] --  -- (btaudio)
DRV - File not found [Kernel | On_Demand] --  -- (bDMusicb)
DRV - [2012/02/14 07:07:52 | 001,139,040 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\rt2870.sys -- (rt2870)
DRV - [2012/02/08 19:28:01 | 000,101,760 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2011/12/26 07:46:48 | 000,019,072 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\Scutum50.sys -- (Scutum50)
DRV - [2010/10/12 17:05:51 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2010/04/27 18:57:28 | 000,066,632 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\WmXlCore.sys -- (WmXlCore)
DRV - [2010/04/27 18:57:28 | 000,015,048 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\WmVirHid.sys -- (WmVirHid)
DRV - [2010/04/27 18:57:22 | 000,022,856 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\WmBEnum.sys -- (WmBEnum)
DRV - [2010/04/27 16:01:26 | 000,037,704 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\WmFilter.sys -- (WmFilter)
DRV - [2010/04/19 13:29:20 | 000,018,432 | ---- | M] (Apple Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\netaapl.sys -- (Netaapl)
DRV - [2010/02/11 07:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)
DRV - [2010/02/03 08:56:56 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2009/11/12 07:48:56 | 000,007,168 | ---- | M] () [File_System | On_Demand] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2009/10/22 06:18:52 | 000,281,760 | ---- | M] () [Kernel | Auto] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2009/10/22 06:18:50 | 000,025,888 | ---- | M] () [Kernel | Auto] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2009/09/21 03:33:06 | 000,036,608 | ---- | M] () [Kernel | On_Demand] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2008/10/03 18:29:30 | 003,331,584 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2008/07/24 05:02:44 | 004,749,824 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008/04/29 04:31:00 | 000,143,328 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\RtHDMIV.sys -- (RTHDMIAzAudService)
DRV - [2008/03/16 17:19:58 | 000,175,104 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\k57xp32.sys -- (k57w2k) Broadcom NetLink (TM)
DRV - [2007/12/28 09:02:12 | 000,287,232 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wg111v3.sys -- (RTL8187B)
DRV - [2007/10/01 21:06:40 | 000,451,968 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\rt73.sys -- (RT73)
DRV - [2007/09/17 09:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007/07/03 10:58:20 | 000,106,792 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2007/07/03 10:57:24 | 000,011,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2007/07/03 10:54:24 | 000,080,552 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
DRV - [2007/03/27 11:19:36 | 010,252,544 | ---- | M] (Sonix Co. Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\snpstd3.sys -- (SNPSTD3) USB PC Camera (SNPSTD3)
DRV - [2006/04/05 19:00:00 | 000,264,704 | ---- | M] (AVM GmbH) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\fwlanusb.sys -- (FWLANUSB)
DRV - [2005/11/10 13:54:56 | 000,402,944 | R--- | M] (Belkin Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\BLKWGU.sys -- (BLKWGU(Belkin)) Belkin Wireless G USB Network Adapter(Belkin)
DRV - [2004/10/25 07:40:58 | 000,017,664 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ZDPSp50.sys -- (ZDPSp50)
DRV - [2001/08/17 07:51:32 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\irsir.sys -- (irsir)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\Knoden_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = Suche
IE - HKU\Knoden_ON_C\..\URLSearchHook: {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - Reg Error: Key error. File not found
IE - HKU\Knoden_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\Knoden_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local
IE - HKU\Knoden_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 212.23.97.9:8080
 
 
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:9.0.0.459
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..network.proxy.type: 0
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Programme\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0:  File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@zylom.com/ZylomGamesPlayer:  File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Programme\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Components: C:\Programme\Mozilla Firefox\components [2012/10/15 13:29:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2012/11/08 12:45:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 16.0.2\extensions\\Components: C:\Programme\Mozilla Thunderbird\components [2012/11/14 04:20:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 16.0.2\extensions\\Plugins: C:\Programme\Mozilla Thunderbird\plugins
 
[2009/03/07 13:15:24 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\mozilla\Extensions
[2013/01/16 05:55:38 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\mozilla\Firefox\Profiles\pu8pe171.default\extensions
[2010/05/06 09:37:50 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\mozilla\Firefox\Profiles\pu8pe171.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2010/01/06 10:46:17 | 000,000,000 | ---D | M] (DVDVideoSoft Toolbar) -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\mozilla\Firefox\Profiles\pu8pe171.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}
[2012/10/15 13:29:18 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2009/07/03 11:45:03 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- C:\Programme\Mozilla Firefox\extensions\linkfilter@kaspersky.ru
File not found (No name found) -- 
[2012/10/10 20:05:24 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll
[2012/10/10 21:10:32 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012/10/10 21:10:32 | 000,002,465 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml
[2012/10/10 21:10:32 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2012/10/10 21:10:32 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2012/10/10 21:10:32 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2012/10/10 21:10:32 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2006/02/28 07:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - No CLSID value found.
O3 - HKU\Knoden_ON_C\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [HydraVisionDesktopManager] C:\Programme\ATI Technologies\ATI HYDRAVISION\HydraDM.exe (ATI Technologies Inc.)
O4 - HKLM..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe ()
O4 - HKLM..\Run: [Start WingMan Profiler] C:\Programme\Logitech\Gaming Software\LWEMon.exe (Logitech Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [svñhîst]  File not found
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Launcher.lnk = C:\Programme\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Launcher.exe ()
O4 - Startup: C:\Dokumente und Einstellungen\Knoden\Startmenü\Programme\Autostart\OpenOffice.org 3.3.lnk = C:\Programme\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Knoden_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun =  [binary data]
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9 - Extra Button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Programme\ICQ7.4\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Programme\ICQ7.4\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} -  File not found
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -  File not found
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -  File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} hxxp://icq.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab (Oberon Flash Game Host)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: 
O24 - Desktop BackupWallPaper: 
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/02/07 22:25:09 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{4ed01a02-ade5-11df-af80-001fe262301e}\Shell - "" = AutoRun
O33 - MountPoints2\{4ed01a02-ade5-11df-af80-001fe262301e}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{4ed01a02-ade5-11df-af80-001fe262301e}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{4ed01a03-ade5-11df-af80-001fe262301e}\Shell - "" = AutoRun
O33 - MountPoints2\{4ed01a03-ade5-11df-af80-001fe262301e}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{4ed01a03-ade5-11df-af80-001fe262301e}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{584ea0ae-7009-11df-af5d-001fe262301e}\Shell - "" = AutoRun
O33 - MountPoints2\{584ea0ae-7009-11df-af5d-001fe262301e}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{584ea0ae-7009-11df-af5d-001fe262301e}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{584ea0b3-7009-11df-af5d-001fe262301e}\Shell - "" = AutoRun
O33 - MountPoints2\{584ea0b3-7009-11df-af5d-001fe262301e}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{584ea0b3-7009-11df-af5d-001fe262301e}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{5ff80ac2-f74c-11e0-b0e0-001fe262301e}\Shell - "" = AutoRun
O33 - MountPoints2\{5ff80ac2-f74c-11e0-b0e0-001fe262301e}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{5ff80ac2-f74c-11e0-b0e0-001fe262301e}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{5ff80ac5-f74c-11e0-b0e0-001fe262301e}\Shell - "" = AutoRun
O33 - MountPoints2\{5ff80ac5-f74c-11e0-b0e0-001fe262301e}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{5ff80ac5-f74c-11e0-b0e0-001fe262301e}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{d9b03e50-04ea-11df-aef5-001fe262301e}\Shell - "" = AutoRun
O33 - MountPoints2\{d9b03e50-04ea-11df-aef5-001fe262301e}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{d9b03e50-04ea-11df-aef5-001fe262301e}\Shell\AutoRun\command - "" = E:\pushinst.exe
O33 - MountPoints2\{ffb7adfa-5a3a-11e1-b17b-001fe262301e}\Shell - "" = AutoRun
O33 - MountPoints2\{ffb7adfa-5a3a-11e1-b17b-001fe262301e}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{ffb7adfa-5a3a-11e1-b17b-001fe262301e}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vektorgrafik-Rendering (VML)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML-Datenbindung für Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Erweitertes Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {8937FCB2-2FC6-4FC3-9FB5-DE2C92DB9C38} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {A0739DE2-571F-11D2-A031-0060977F760C} - InterActual PCFriendly ActiveX Control
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C3C986D6-06B1-43BF-90DD-BE30756C00DE} - RevokedRootsUpdate
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Taskplaner
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Macromedia Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
 
NetSvcs: AppMgmt -  File not found
NetSvcs: Ias -  File not found
NetSvcs: Iprip -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: WmdmPmSp -  File not found
 
MsConfig - Services: "TuneUp.ProgramStatisticsSvc"
MsConfig - Services: "TuneUp.Defrag"
MsConfig - Services: "WMPNetworkSvc"
MsConfig - Services: "TunngleService"
MsConfig - Services: "gupdate1c9da1fc6c11eda"
MsConfig - Services: "btwdins"
MsConfig - Services: "a2free"
MsConfig - StartUpFolder: C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Belkin Wireless USB Utility.lnk -  - File not found
MsConfig - StartUpFolder: C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^BTTray.lnk -  - File not found
MsConfig - StartUpFolder: C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^TP-LINK Wireless Configuration Utility.lnk - C:\Programme\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe - ()
MsConfig - StartUpFolder: C:^Dokumente und Einstellungen^Knoden^Startmenü^Programme^Autostart^OpenOffice.org 3.0.lnk - C:\Programme\OpenOffice.org 3\program\quickstart.exe - ()
MsConfig - StartUpReg: Adobe ARM - hkey= - key= - C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= -  File not found
MsConfig - StartUpReg: AppleSyncNotifier - hkey= - key= - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
MsConfig - StartUpReg: AutoStartNPSAgent - hkey= - key= - C:\Programme\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.)
MsConfig - StartUpReg: DAEMON Tools Lite - hkey= - key= - C:\Programme\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
MsConfig - StartUpReg: F5D7050v3 - hkey= - key= -  File not found
MsConfig - StartUpReg: ICQ - hkey= - key= - C:\Programme\ICQ7.4\ICQ.exe (ICQ, LLC.)
MsConfig - StartUpReg: iTunesHelper - hkey= - key= - C:\Programme\iTunes\iTunesHelper.exe (Apple Inc.)
MsConfig - StartUpReg: LogMeIn Hamachi Ui - hkey= - key= -  File not found
MsConfig - StartUpReg: NPSStartup - hkey= - key= -  File not found
MsConfig - StartUpReg: QuickTime Task - hkey= - key= -  File not found
MsConfig - StartUpReg: RGSC - hkey= - key= -  File not found
MsConfig - StartUpReg: Skype - hkey= - key= - C:\Programme\Skype\Phone\Skype.exe (Skype Technologies S.A.)
MsConfig - StartUpReg: StartCCC - hkey= - key= -  File not found
MsConfig - StartUpReg: Steam - hkey= - key= - C:\Programme\Steam\Steam.exe (Valve Corporation)
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 2
MsConfig - State: "startup" - 2
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013/01/17 05:11:50 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Knoden\Eigene Dateien\gegl-0.0
[2013/01/13 15:52:07 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\vlc
[2013/01/13 15:52:01 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\VideoLAN
[2009/09/11 11:41:50 | 000,061,440 | ---- | C] ( ) -- C:\WINDOWS\System32\csnpstd.dll
[2009/09/11 11:41:50 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnpstd.dll
[2009/09/11 11:41:50 | 000,036,864 | ---- | C] ( ) -- C:\WINDOWS\System32\vsnpstd.dll
[2007/03/12 04:41:52 | 000,061,440 | ---- | C] ( ) -- C:\WINDOWS\System32\vsnpstd3.dll
[2005/11/23 05:55:32 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\csnpstd3.dll
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013/02/06 07:42:52 | 000,001,086 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/02/06 07:42:40 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/02/06 07:42:39 | 000,056,728 | ---- | M] () -- C:\WINDOWS\System32\ativvaxx.cap
[2013/02/06 07:37:25 | 000,094,720 | RHS- | M] () -- C:\Dokumente und Einstellungen\Knoden\wgsdgsdgdsgsd.exe
[2013/02/06 07:17:00 | 000,001,090 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/02/06 04:48:37 | 000,448,898 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2013/02/06 04:48:37 | 000,432,784 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/02/06 04:48:37 | 000,080,338 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2013/02/06 04:48:37 | 000,067,740 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/02/06 04:44:32 | 000,002,422 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/02/05 10:18:13 | 000,019,411 | ---- | M] () -- C:\Dokumente und Einstellungen\Knoden\Desktop\kitas Augsburg.odt
[2013/02/04 18:54:04 | 000,010,516 | ---- | M] () -- C:\Dokumente und Einstellungen\Knoden\Desktop\Lernen DF3.odt
[2013/01/28 12:59:17 | 000,202,563 | ---- | M] () -- C:\Dokumente und Einstellungen\Knoden\Desktop\pc neu.JPG
[2013/01/23 16:28:25 | 000,019,456 | ---- | M] () -- C:\Dokumente und Einstellungen\Knoden\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/01/17 07:09:17 | 000,013,288 | ---- | M] () -- C:\Dokumente und Einstellungen\Knoden\Desktop\Reflexion Triple P.odt
[2013/01/17 05:12:22 | 000,000,871 | ---- | M] () -- C:\Dokumente und Einstellungen\Knoden\.recently-used.xbel
[2013/01/17 04:48:12 | 002,360,681 | ---- | M] () -- C:\Dokumente und Einstellungen\Knoden\Desktop\DSC00770.JPG
[2013/01/17 04:45:25 | 002,631,204 | ---- | M] () -- C:\Dokumente und Einstellungen\Knoden\Desktop\DSC00313.JPG
[2013/01/13 15:52:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\VideoLAN
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013/02/06 07:37:25 | 000,094,720 | RHS- | C] () -- C:\Dokumente und Einstellungen\Knoden\wgsdgsdgdsgsd.exe
[2013/02/05 04:48:30 | 000,019,411 | ---- | C] () -- C:\Dokumente und Einstellungen\Knoden\Desktop\kitas Augsburg.odt
[2013/02/04 11:20:44 | 000,010,516 | ---- | C] () -- C:\Dokumente und Einstellungen\Knoden\Desktop\Lernen DF3.odt
[2013/01/28 12:59:16 | 000,202,563 | ---- | C] () -- C:\Dokumente und Einstellungen\Knoden\Desktop\pc neu.JPG
[2013/01/17 05:12:22 | 000,000,871 | ---- | C] () -- C:\Dokumente und Einstellungen\Knoden\.recently-used.xbel
[2013/01/17 04:48:11 | 002,360,681 | ---- | C] () -- C:\Dokumente und Einstellungen\Knoden\Desktop\DSC00770.JPG
[2013/01/17 04:45:24 | 002,631,204 | ---- | C] () -- C:\Dokumente und Einstellungen\Knoden\Desktop\DSC00313.JPG
[2013/01/15 08:13:40 | 000,013,288 | ---- | C] () -- C:\Dokumente und Einstellungen\Knoden\Desktop\Reflexion Triple P.odt
[2012/10/15 06:40:40 | 000,001,191 | ---- | C] () -- C:\WINDOWS\System32\W32N55.INI
[2012/10/15 06:40:40 | 000,000,449 | ---- | C] () -- C:\WINDOWS\System32\DiagFunc.ini
[2012/10/15 06:40:39 | 000,480,608 | ---- | C] () -- C:\WINDOWS\System32\DiagFunc.dll
[2012/10/15 06:40:39 | 000,034,080 | ---- | C] () -- C:\WINDOWS\System32\CTAAEI.dll
[2012/10/15 06:40:20 | 000,014,051 | ---- | C] () -- C:\WINDOWS\System32\RaCoInst.dat
[2012/02/14 14:52:46 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/01/11 17:14:48 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2012/01/07 13:57:15 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PCFriend.INI
[2011/10/30 15:43:06 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\Knoden\Lokale Einstellungen\Anwendungsdaten\{076D03A8-0A21-47BE-AA86-C281F0006B60}
[2011/10/30 15:42:57 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\Knoden\Lokale Einstellungen\Anwendungsdaten\{0FB64222-080E-4962-BCA6-4682121633E6}
[2011/04/09 11:55:28 | 000,179,261 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2010/10/12 17:16:09 | 000,000,619 | ---- | C] () -- C:\WINDOWS\eReg.dat
[2010/09/09 13:06:14 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\Access.dat
[2010/06/04 17:19:57 | 000,040,960 | R--- | C] () -- C:\WINDOWS\System32\psfind.dll
[2010/05/12 17:42:44 | 001,441,268 | ---- | C] () -- C:\Programme\save.dat
[2010/05/12 17:41:39 | 000,020,274 | ---- | C] () -- C:\Programme\sbanleit3.jpg
[2010/05/12 17:41:39 | 000,017,637 | ---- | C] () -- C:\Programme\sbanleit2.jpg
[2010/05/12 17:41:39 | 000,016,099 | ---- | C] () -- C:\Programme\sbanleit5.jpg
[2010/05/12 17:41:39 | 000,015,673 | ---- | C] () -- C:\Programme\sbanleit1.jpg
[2010/05/12 17:41:39 | 000,011,434 | ---- | C] () -- C:\Programme\sbanleit4.jpg
[2010/05/12 17:41:39 | 000,005,988 | ---- | C] () -- C:\Programme\sbanleit6.jpg
[2010/04/09 12:27:27 | 000,000,085 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2010/04/09 12:12:10 | 000,002,951 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\Config.nt.bak
[2010/04/09 12:12:10 | 000,001,806 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\Autoexec.nt.bak
[2010/04/09 12:12:10 | 000,000,820 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\hosts.bak
[2010/03/01 12:30:00 | 000,017,168 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2010/01/19 06:33:36 | 000,097,312 | ---- | C] () -- C:\WINDOWS\System32\drivers\Fwusb1b.bin
[2010/01/15 09:15:16 | 000,063,485 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2010/01/14 15:51:39 | 000,000,068 | ---- | C] () -- C:\WINDOWS\ScrAntic.ini
[2009/11/29 09:17:28 | 000,000,000 | ---- | C] () -- C:\WINDOWS\syscheck.INI
[2009/11/17 09:02:55 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll
[2009/11/17 09:02:55 | 000,036,608 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys
[2009/11/17 09:02:48 | 000,002,528 | ---- | C] () -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\$_hpcst$.hpc
[2009/10/22 06:18:51 | 000,281,760 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2009/10/22 06:18:50 | 000,025,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2009/10/06 15:20:14 | 000,000,032 | ---- | C] () -- C:\WINDOWS\Menu.INI
[2009/09/11 11:41:52 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\dsnpstd.dll
[2009/09/11 11:41:52 | 000,015,541 | ---- | C] () -- C:\WINDOWS\snpstd.ini
[2009/09/11 11:41:51 | 000,302,720 | ---- | C] () -- C:\WINDOWS\System32\drivers\snpstd.sys
[2009/09/11 11:41:49 | 000,020,480 | ---- | C] () -- C:\WINDOWS\usnpstd.exe
[2009/09/01 11:00:44 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2009/06/05 17:19:01 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009/05/05 09:26:29 | 000,000,084 | ---- | C] () -- C:\WINDOWS\WSST_Screen_Saver.ini
[2009/05/04 06:08:30 | 000,001,065 | ---- | C] () -- C:\WINDOWS\winamp.ini
[2009/03/29 15:25:03 | 000,000,299 | ---- | C] () -- C:\WINDOWS\game.ini
[2009/03/09 15:02:08 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\AVSDVDPlayer.m3u
[2009/03/09 15:01:11 | 000,819,200 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009/03/09 15:01:11 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009/03/07 13:15:25 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009/03/07 13:15:13 | 000,019,456 | ---- | C] () -- C:\Dokumente und Einstellungen\Knoden\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/03/07 12:17:07 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2009/03/07 12:16:20 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2009/03/07 12:04:22 | 000,593,920 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2009/03/07 12:04:15 | 000,887,724 | R--- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2009/03/07 12:04:14 | 003,107,788 | R--- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2009/03/07 12:04:11 | 003,107,788 | R--- | C] () -- C:\WINDOWS\System32\ativvaxx.dat
[2009/03/07 12:04:11 | 000,176,918 | R--- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2009/03/07 11:57:17 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009/03/07 11:52:24 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009/03/07 11:43:16 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009/03/07 11:41:59 | 000,125,320 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/03/02 13:26:56 | 000,000,025 | ---- | C] () -- C:\WINDOWS\popcinfot.dat
[2009/02/04 13:26:02 | 000,000,023 | ---- | C] () -- C:\WINDOWS\BlendSettings.ini
[2008/10/07 02:13:30 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2008/10/07 02:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008/10/07 02:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2008/10/07 02:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2008/10/07 02:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008/10/07 02:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2008/10/07 02:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2008/10/07 02:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2008/10/07 02:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2008/10/07 02:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2008/10/03 15:48:00 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ATIODE.exe
[2008/09/29 15:22:28 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ATIODCLI.exe
[2008/05/04 11:39:34 | 000,002,560 | ---- | C] () -- C:\WINDOWS\System32\ViaClassCoInstaller.dll
[2007/10/25 11:26:10 | 000,007,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2006/09/19 02:07:28 | 000,827,392 | ---- | C] () -- C:\WINDOWS\vsnpstd3.exe
[2006/02/28 07:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2006/02/28 07:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2006/02/28 07:00:00 | 000,448,898 | ---- | C] () -- C:\WINDOWS\System32\perfh007.dat
[2006/02/28 07:00:00 | 000,432,784 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2006/02/28 07:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2006/02/28 07:00:00 | 000,269,480 | ---- | C] () -- C:\WINDOWS\System32\perfi007.dat
[2006/02/28 07:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2006/02/28 07:00:00 | 000,080,338 | ---- | C] () -- C:\WINDOWS\System32\perfc007.dat
[2006/02/28 07:00:00 | 000,067,740 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2006/02/28 07:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2006/02/28 07:00:00 | 000,034,478 | ---- | C] () -- C:\WINDOWS\System32\perfd007.dat
[2006/02/28 07:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2006/02/28 07:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2006/02/28 07:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2006/02/28 07:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2006/02/28 07:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2005/07/12 08:44:42 | 000,015,872 | ---- | C] () -- C:\WINDOWS\System32\InsDrvZD64.DLL
[2004/03/23 10:38:00 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\InsDrvZD.dll
[2004/02/27 09:36:18 | 000,015,498 | ---- | C] () -- C:\WINDOWS\snpstd3.ini
[2003/03/14 06:24:00 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\ZyDelReg.exe
[1998/10/10 19:07:38 | 000,088,576 | ---- | C] () -- C:\WINDOWS\System32\Iticheck.dll
 
========== LOP Check ==========
 
[2012/02/08 19:28:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\ALDITALKVerbindungsassistent
[2013/01/15 16:34:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\.minecraft
[2009/03/29 15:26:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\Activision
[2012/02/15 07:41:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\ALDITALKVerbindungsassistent
[2009/05/08 04:35:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\Ashampoo
[2010/09/07 17:03:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\Canneverbe Limited
[2010/10/12 17:10:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\DAEMON Tools Lite
[2011/08/29 07:26:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\DVDVideoSoft
[2011/06/28 17:38:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\DVDVideoSoftIEHelpers
[2010/03/27 08:20:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\Earth 2140
[2012/11/22 04:13:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\Fox Dgital Copy
[2011/03/06 11:38:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\gtk-2.0
[2011/04/11 10:10:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\ICQ
[2009/03/14 09:08:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\Leadertech
[2012/12/09 15:44:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\Leawo
[2009/03/11 16:48:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\OpenOffice.org
[2009/03/08 06:55:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\Opera
[2009/11/17 09:06:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\PC Suite
[2009/11/17 09:02:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\Samsung
[2009/05/12 15:41:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\TeamViewer
[2012/11/14 04:20:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\Thunderbird
[2012/12/09 15:44:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\tiger-k
[2012/10/15 08:12:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\TP-LINK
[2009/03/10 12:16:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\TuneUp Software
[2010/09/09 13:33:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\Tunngle
[2010/03/21 15:06:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\Ubisoft
[2012/02/09 11:57:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\Verbindungsassistent
[2010/01/16 09:51:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\Zylom
[2009/12/07 15:38:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\BioWare
[2010/09/07 17:03:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Canneverbe Limited
[2010/10/12 17:05:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DAEMON Tools Lite
[2010/04/09 12:53:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\G DATA
[2013/01/06 14:22:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\KONAMI
[2012/12/09 15:44:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Leawo
[2009/11/17 09:06:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PC Suite
[2009/12/16 03:54:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\POP3Profiles
[2009/03/02 13:21:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PopCap Games
[2012/10/15 06:40:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TP-LINK
[2011/06/26 05:38:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TrackMania
[2009/03/10 12:16:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TuneUp Software
[2010/09/09 13:05:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Tunngle
[2010/03/21 15:06:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Ubisoft
[2010/01/16 09:51:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Zylom
[2009/03/17 08:35:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[2011/02/22 11:03:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/03/10 12:15:12 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{55A29068-F2CE-456C-9148-C869879E2357}
[2009/09/20 15:29:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/04/14 07:12:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2013/01/07 09:39:00 | 000,000,458 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
 
< %SYSTEMDRIVE%\*. >
[2009/08/30 15:10:49 | 000,000,000 | ---D | M] -- C:\23ef2ab834e8ccfd874889c7
[2009/04/03 07:35:46 | 000,000,000 | ---D | M] -- C:\bilder mpark
[2009/03/07 11:59:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen
[2009/12/07 13:45:12 | 000,000,000 | ---D | M] -- C:\Games
[2012/01/07 13:55:37 | 000,000,000 | ---D | M] -- C:\Program Files
[2010/11/17 17:08:01 | 000,000,000 | ---D | M] -- C:\PROGRAMM
[2013/01/07 05:00:32 | 000,000,000 | R--D | M] -- C:\Programme
[2009/03/07 13:12:45 | 000,000,000 | -HSD | M] -- C:\RECYCLER
[2011/06/28 17:27:37 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2010/03/23 15:31:34 | 000,000,000 | ---D | M] -- C:\Ubisoft
[2013/01/15 03:45:41 | 000,000,000 | ---D | M] -- C:\WINDOWS
 
< %PROGRAMFILES%\*.exe >
 
Invalid Environment Variable: %LOCALAPPDATA%\*.exe
 
< %systemroot%\*. /mp /s >
 
 
< MD5 for: AGP440.SYS  >
[2006/02/28 07:00:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008/04/14 01:03:54 | 020,108,202 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008/04/14 01:03:54 | 020,108,202 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008/04/13 17:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 13:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\353532c428eb23a15c972081863622b7\agp440.sys
[2008/04/13 17:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
 
< MD5 for: ATAPI.SYS  >
[2006/02/28 07:00:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008/04/14 01:03:54 | 020,108,202 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008/04/14 01:03:54 | 020,108,202 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008/04/13 17:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 13:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\353532c428eb23a15c972081863622b7\atapi.sys
[2008/04/13 17:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2006/02/28 07:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
 
< MD5 for: EVENTLOG.DLL  >
[2008/04/14 00:52:12 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008/04/13 21:22:10 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\SoftwareDistribution\Download\353532c428eb23a15c972081863622b7\eventlog.dll
[2008/04/14 00:52:12 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\system32\eventlog.dll
[2006/02/28 07:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=B932C077D5A65B71B4512544AC404CB4 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
 
< MD5 for: EXPLORER.EXE  >
[2008/04/14 00:52:46 | 001,036,800 | ---- | M] (Microsoft Corporation) MD5=418045A93CD87A352098AB7DABE1B53E -- C:\WINDOWS\explorer.exe
 
< MD5 for: NETLOGON.DLL  >
[2008/04/14 00:52:20 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/13 21:22:19 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\SoftwareDistribution\Download\353532c428eb23a15c972081863622b7\netlogon.dll
[2008/04/14 00:52:20 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\system32\netlogon.dll
[2006/02/28 07:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=D27395EDCD3416AFD125A9370DCB585C -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
 
< MD5 for: SCECLI.DLL  >
[2008/04/14 00:52:24 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008/04/13 21:22:23 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\SoftwareDistribution\Download\353532c428eb23a15c972081863622b7\scecli.dll
[2008/04/14 00:52:24 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\system32\scecli.dll
[2006/02/28 07:00:00 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=64DC26B3CF7BCCAD431CE360A4C625D5 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
 
< MD5 for: USER32.DLL  >
[2006/02/28 07:00:00 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=56785FD5236D7B22CF471A6DA9DB46D8 -- C:\WINDOWS\$NtServicePackUninstall$\user32.dll
[2008/04/14 00:52:32 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\ServicePackFiles\i386\user32.dll
[2008/04/13 21:22:31 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\SoftwareDistribution\Download\353532c428eb23a15c972081863622b7\user32.dll
[2008/04/14 00:52:32 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\system32\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2008/04/14 00:53:04 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008/04/13 21:23:03 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\SoftwareDistribution\Download\353532c428eb23a15c972081863622b7\userinit.exe
[2008/04/14 00:53:04 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\system32\userinit.exe
[2006/02/28 07:00:00 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=D1E53DC57143F2584B1DD53B036C0633 -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2006/02/28 07:00:00 | 000,507,392 | ---- | M] (Microsoft Corporation) MD5=2B6A0BAF33A9918F09442D873848FF72 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008/04/14 00:53:06 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008/04/13 21:23:05 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\SoftwareDistribution\Download\353532c428eb23a15c972081863622b7\winlogon.exe
[2008/04/14 00:53:06 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\system32\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2006/02/28 07:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\dllcache\ws2ifsl.sys
[2006/02/28 07:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\drivers\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
[2009/03/07 12:41:18 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2009/03/07 12:41:17 | 000,638,976 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2009/03/07 12:41:17 | 000,454,656 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav
 
< %systemroot%\system32\*.dll /lockedfiles >
[2011/03/03 01:54:43 | 000,149,504 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\dnsapi.dll
[2012/11/01 07:17:52 | 011,111,424 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\ieframe.dll
[2012/11/01 07:17:52 | 002,000,384 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\iertutil.dll
[2008/04/14 00:52:20 | 000,280,064 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\mstask.dll
[2008/04/14 00:52:22 | 000,067,072 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\ntdsapi.dll
[2012/06/08 09:25:14 | 008,503,808 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\shell32.dll
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
 
Invalid Environment Variable: %USERPROFILE%\*.*
 
Invalid Environment Variable: %USERPROFILE%\Local Settings\Temp\*.exe
 
Invalid Environment Variable: %USERPROFILE%\Local Settings\Temp\*.dll
 
Invalid Environment Variable: %USERPROFILE%\Application Data\*.exe
 
< End of report >
         
--- --- ---

_____________________________________________________________________OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 2/9/2013 8:04:35 PM - Run 
OTLPE by OldTimer - Version 3.1.48.0     Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 92.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 298.08 Gb Total Space | 19.27 Gb Free Space | 6.47% Space Free | Partition Type: NTFS
Drive D: | 14.44 Gb Total Space | 8.57 Gb Free Space | 59.36% Space Free | Partition Type: FAT32
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet003
 
========== Win32 Services (SafeList) ==========
 
SRV - File not found [Disabled] --  -- (WMPNetworkSvc)
SRV - File not found [On_Demand] --  -- (ServiceLayer)
SRV - File not found [Auto] --  -- (PowerManager)
SRV - File not found [On_Demand] --  -- (AppMgmt)
SRV - File not found [Disabled] --  -- (a2free)
SRV - [2012/11/08 12:44:46 | 000,161,768 | ---- | M] (Oracle Corporation) [Auto] -- C:\Programme\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2012/07/13 06:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/02/08 19:28:00 | 000,342,984 | ---- | M] () [Auto] -- C:\Programme\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Service.exe -- (ALDITALKVerbindungsassistent_Service)
SRV - [2011/12/26 07:46:42 | 000,375,872 | ---- | M] (Ralink Technology, Corp.) [Auto] -- C:\Programme\TP-LINK\TP-LINK Wireless Configuration Utility\Service\RaRegistry.exe -- (RalinkRegistryWriter)
SRV - [2011/03/16 03:42:06 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand] -- C:\Programme\Gemeinsame Dateien\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011/02/18 09:37:16 | 000,037,664 | ---- | M] (Apple Inc.) [Auto] -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/03/04 16:38:00 | 000,071,096 | ---- | M] () [Auto] -- C:\Programme\CDBurnerXP\NMSAccessU.exe -- (NMSAccess)
SRV - [2009/09/24 14:53:22 | 000,238,952 | ---- | M] (Teruten) [Auto] -- C:\WINDOWS\system32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2009/08/18 05:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2009/07/26 00:43:14 | 000,025,832 | ---- | M] (BioWare) [On_Demand] -- C:\Games\Dragon Age\bin_ship\daupdatersvc.service.exe -- (DAUpdaterSvc)
SRV - [2009/03/03 06:45:11 | 000,296,400 | ---- | M] () [Auto] -- C:\Programme\Verbindungsassistent\WTGService.exe -- (WTGService)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] --  -- (PDCOMP)
DRV - File not found [Kernel | System] --  -- (PCIDump)
DRV - File not found [Kernel | System] --  -- (lbrtfdc)
DRV - File not found [File_System | Boot] --  -- (Lbd)
DRV - File not found [Kernel | System] --  -- (i2omgmt)
DRV - File not found [Kernel | On_Demand] --  -- (FXDrv32)
DRV - File not found [Kernel | System] --  -- (Changer)
DRV - File not found [Kernel | On_Demand] --  -- (BTWUSB)
DRV - File not found [Kernel | On_Demand] --  -- (btwhid)
DRV - File not found [Kernel | On_Demand] --  -- (BTWDNDIS)
DRV - File not found [Kernel | On_Demand] --  -- (BTDriver)
DRV - File not found [Kernel | On_Demand] --  -- (btaudio)
DRV - File not found [Kernel | On_Demand] --  -- (bDMusicb)
DRV - [2012/02/14 07:07:52 | 001,139,040 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\rt2870.sys -- (rt2870)
DRV - [2012/02/08 19:28:01 | 000,101,760 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2011/12/26 07:46:48 | 000,019,072 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\Scutum50.sys -- (Scutum50)
DRV - [2010/10/12 17:05:51 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2010/04/27 18:57:28 | 000,066,632 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\WmXlCore.sys -- (WmXlCore)
DRV - [2010/04/27 18:57:28 | 000,015,048 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\WmVirHid.sys -- (WmVirHid)
DRV - [2010/04/27 18:57:22 | 000,022,856 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\WmBEnum.sys -- (WmBEnum)
DRV - [2010/04/27 16:01:26 | 000,037,704 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\WmFilter.sys -- (WmFilter)
DRV - [2010/04/19 13:29:20 | 000,018,432 | ---- | M] (Apple Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\netaapl.sys -- (Netaapl)
DRV - [2010/02/11 07:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)
DRV - [2010/02/03 08:56:56 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\hamachi.sys -- (hamachi)
DRV - [2009/11/12 07:48:56 | 000,007,168 | ---- | M] () [File_System | On_Demand] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2009/10/22 06:18:52 | 000,281,760 | ---- | M] () [Kernel | Auto] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2009/10/22 06:18:50 | 000,025,888 | ---- | M] () [Kernel | Auto] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2009/09/21 03:33:06 | 000,036,608 | ---- | M] () [Kernel | On_Demand] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2008/10/03 18:29:30 | 003,331,584 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2008/07/24 05:02:44 | 004,749,824 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2008/04/29 04:31:00 | 000,143,328 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\RtHDMIV.sys -- (RTHDMIAzAudService)
DRV - [2008/03/16 17:19:58 | 000,175,104 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\k57xp32.sys -- (k57w2k) Broadcom NetLink (TM)
DRV - [2007/12/28 09:02:12 | 000,287,232 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wg111v3.sys -- (RTL8187B)
DRV - [2007/10/01 21:06:40 | 000,451,968 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\rt73.sys -- (RT73)
DRV - [2007/09/17 09:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007/07/03 10:58:20 | 000,106,792 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2007/07/03 10:57:24 | 000,011,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2007/07/03 10:54:24 | 000,080,552 | ---- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
DRV - [2007/03/27 11:19:36 | 010,252,544 | ---- | M] (Sonix Co. Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\snpstd3.sys -- (SNPSTD3) USB PC Camera (SNPSTD3)
DRV - [2006/04/05 19:00:00 | 000,264,704 | ---- | M] (AVM GmbH) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\fwlanusb.sys -- (FWLANUSB)
DRV - [2005/11/10 13:54:56 | 000,402,944 | R--- | M] (Belkin Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\BLKWGU.sys -- (BLKWGU(Belkin)) Belkin Wireless G USB Network Adapter(Belkin)
DRV - [2004/10/25 07:40:58 | 000,017,664 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ZDPSp50.sys -- (ZDPSp50)
DRV - [2001/08/17 07:51:32 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\irsir.sys -- (irsir)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\Knoden_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = Suche
IE - HKU\Knoden_ON_C\..\URLSearchHook: {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - Reg Error: Key error. File not found
IE - HKU\Knoden_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKU\Knoden_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local
IE - HKU\Knoden_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 212.23.97.9:8080
 
 
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledItems: linkfilter@kaspersky.ru:9.0.0.459
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..network.proxy.type: 0
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Programme\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0:  File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@zylom.com/ZylomGamesPlayer:  File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Programme\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Components: C:\Programme\Mozilla Firefox\components [2012/10/15 13:29:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2012/11/08 12:45:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 16.0.2\extensions\\Components: C:\Programme\Mozilla Thunderbird\components [2012/11/14 04:20:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 16.0.2\extensions\\Plugins: C:\Programme\Mozilla Thunderbird\plugins
 
[2009/03/07 13:15:24 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\mozilla\Extensions
[2013/01/16 05:55:38 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\mozilla\Firefox\Profiles\pu8pe171.default\extensions
[2010/05/06 09:37:50 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\mozilla\Firefox\Profiles\pu8pe171.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2010/01/06 10:46:17 | 000,000,000 | ---D | M] (DVDVideoSoft Toolbar) -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\mozilla\Firefox\Profiles\pu8pe171.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}
[2012/10/15 13:29:18 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2009/07/03 11:45:03 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- C:\Programme\Mozilla Firefox\extensions\linkfilter@kaspersky.ru
File not found (No name found) -- 
[2012/10/10 20:05:24 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll
[2012/10/10 21:10:32 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012/10/10 21:10:32 | 000,002,465 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml
[2012/10/10 21:10:32 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2012/10/10 21:10:32 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2012/10/10 21:10:32 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2012/10/10 21:10:32 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2006/02/28 07:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - No CLSID value found.
O3 - HKU\Knoden_ON_C\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [HydraVisionDesktopManager] C:\Programme\ATI Technologies\ATI HYDRAVISION\HydraDM.exe (ATI Technologies Inc.)
O4 - HKLM..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe ()
O4 - HKLM..\Run: [Start WingMan Profiler] C:\Programme\Logitech\Gaming Software\LWEMon.exe (Logitech Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [svñhîst]  File not found
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Launcher.lnk = C:\Programme\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Launcher.exe ()
O4 - Startup: C:\Dokumente und Einstellungen\Knoden\Startmenü\Programme\Autostart\OpenOffice.org 3.3.lnk = C:\Programme\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Knoden_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun =  [binary data]
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9 - Extra Button: ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Programme\ICQ7.4\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.4 - {73C6DCFB-B606-47F3-BDFA-9A4FBF931E37} - C:\Programme\ICQ7.4\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} -  File not found
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -  File not found
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -  File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} hxxp://icq.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab (Oberon Flash Game Host)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: 
O24 - Desktop BackupWallPaper: 
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/02/07 22:25:09 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{4ed01a02-ade5-11df-af80-001fe262301e}\Shell - "" = AutoRun
O33 - MountPoints2\{4ed01a02-ade5-11df-af80-001fe262301e}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{4ed01a02-ade5-11df-af80-001fe262301e}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{4ed01a03-ade5-11df-af80-001fe262301e}\Shell - "" = AutoRun
O33 - MountPoints2\{4ed01a03-ade5-11df-af80-001fe262301e}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{4ed01a03-ade5-11df-af80-001fe262301e}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{584ea0ae-7009-11df-af5d-001fe262301e}\Shell - "" = AutoRun
O33 - MountPoints2\{584ea0ae-7009-11df-af5d-001fe262301e}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{584ea0ae-7009-11df-af5d-001fe262301e}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{584ea0b3-7009-11df-af5d-001fe262301e}\Shell - "" = AutoRun
O33 - MountPoints2\{584ea0b3-7009-11df-af5d-001fe262301e}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{584ea0b3-7009-11df-af5d-001fe262301e}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{5ff80ac2-f74c-11e0-b0e0-001fe262301e}\Shell - "" = AutoRun
O33 - MountPoints2\{5ff80ac2-f74c-11e0-b0e0-001fe262301e}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{5ff80ac2-f74c-11e0-b0e0-001fe262301e}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{5ff80ac5-f74c-11e0-b0e0-001fe262301e}\Shell - "" = AutoRun
O33 - MountPoints2\{5ff80ac5-f74c-11e0-b0e0-001fe262301e}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{5ff80ac5-f74c-11e0-b0e0-001fe262301e}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{d9b03e50-04ea-11df-aef5-001fe262301e}\Shell - "" = AutoRun
O33 - MountPoints2\{d9b03e50-04ea-11df-aef5-001fe262301e}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{d9b03e50-04ea-11df-aef5-001fe262301e}\Shell\AutoRun\command - "" = E:\pushinst.exe
O33 - MountPoints2\{ffb7adfa-5a3a-11e1-b17b-001fe262301e}\Shell - "" = AutoRun
O33 - MountPoints2\{ffb7adfa-5a3a-11e1-b17b-001fe262301e}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{ffb7adfa-5a3a-11e1-b17b-001fe262301e}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vektorgrafik-Rendering (VML)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML-Datenbindung für Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Erweitertes Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {8937FCB2-2FC6-4FC3-9FB5-DE2C92DB9C38} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {A0739DE2-571F-11D2-A031-0060977F760C} - InterActual PCFriendly ActiveX Control
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C3C986D6-06B1-43BF-90DD-BE30756C00DE} - RevokedRootsUpdate
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Taskplaner
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Macromedia Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
 
NetSvcs: AppMgmt -  File not found
NetSvcs: Ias -  File not found
NetSvcs: Iprip -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: WmdmPmSp -  File not found
 
MsConfig - Services: "TuneUp.ProgramStatisticsSvc"
MsConfig - Services: "TuneUp.Defrag"
MsConfig - Services: "WMPNetworkSvc"
MsConfig - Services: "TunngleService"
MsConfig - Services: "gupdate1c9da1fc6c11eda"
MsConfig - Services: "btwdins"
MsConfig - Services: "a2free"
MsConfig - StartUpFolder: C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Belkin Wireless USB Utility.lnk -  - File not found
MsConfig - StartUpFolder: C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^BTTray.lnk -  - File not found
MsConfig - StartUpFolder: C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^TP-LINK Wireless Configuration Utility.lnk - C:\Programme\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe - ()
MsConfig - StartUpFolder: C:^Dokumente und Einstellungen^Knoden^Startmenü^Programme^Autostart^OpenOffice.org 3.0.lnk - C:\Programme\OpenOffice.org 3\program\quickstart.exe - ()
MsConfig - StartUpReg: Adobe ARM - hkey= - key= - C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= -  File not found
MsConfig - StartUpReg: AppleSyncNotifier - hkey= - key= - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe (Apple Inc.)
MsConfig - StartUpReg: AutoStartNPSAgent - hkey= - key= - C:\Programme\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.)
MsConfig - StartUpReg: DAEMON Tools Lite - hkey= - key= - C:\Programme\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
MsConfig - StartUpReg: F5D7050v3 - hkey= - key= -  File not found
MsConfig - StartUpReg: ICQ - hkey= - key= - C:\Programme\ICQ7.4\ICQ.exe (ICQ, LLC.)
MsConfig - StartUpReg: iTunesHelper - hkey= - key= - C:\Programme\iTunes\iTunesHelper.exe (Apple Inc.)
MsConfig - StartUpReg: LogMeIn Hamachi Ui - hkey= - key= -  File not found
MsConfig - StartUpReg: NPSStartup - hkey= - key= -  File not found
MsConfig - StartUpReg: QuickTime Task - hkey= - key= -  File not found
MsConfig - StartUpReg: RGSC - hkey= - key= -  File not found
MsConfig - StartUpReg: Skype - hkey= - key= - C:\Programme\Skype\Phone\Skype.exe (Skype Technologies S.A.)
MsConfig - StartUpReg: StartCCC - hkey= - key= -  File not found
MsConfig - StartUpReg: Steam - hkey= - key= - C:\Programme\Steam\Steam.exe (Valve Corporation)
MsConfig - State: "system.ini" - 0
MsConfig - State: "win.ini" - 0
MsConfig - State: "bootini" - 0
MsConfig - State: "services" - 2
MsConfig - State: "startup" - 2
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013/01/17 05:11:50 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Knoden\Eigene Dateien\gegl-0.0
[2013/01/13 15:52:07 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\vlc
[2013/01/13 15:52:01 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\VideoLAN
[2009/09/11 11:41:50 | 000,061,440 | ---- | C] ( ) -- C:\WINDOWS\System32\csnpstd.dll
[2009/09/11 11:41:50 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnpstd.dll
[2009/09/11 11:41:50 | 000,036,864 | ---- | C] ( ) -- C:\WINDOWS\System32\vsnpstd.dll
[2007/03/12 04:41:52 | 000,061,440 | ---- | C] ( ) -- C:\WINDOWS\System32\vsnpstd3.dll
[2005/11/23 05:55:32 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\csnpstd3.dll
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013/02/06 07:42:52 | 000,001,086 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/02/06 07:42:40 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/02/06 07:42:39 | 000,056,728 | ---- | M] () -- C:\WINDOWS\System32\ativvaxx.cap
[2013/02/06 07:37:25 | 000,094,720 | RHS- | M] () -- C:\Dokumente und Einstellungen\Knoden\wgsdgsdgdsgsd.exe
[2013/02/06 07:17:00 | 000,001,090 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/02/06 04:48:37 | 000,448,898 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2013/02/06 04:48:37 | 000,432,784 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/02/06 04:48:37 | 000,080,338 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2013/02/06 04:48:37 | 000,067,740 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013/02/06 04:44:32 | 000,002,422 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/02/05 10:18:13 | 000,019,411 | ---- | M] () -- C:\Dokumente und Einstellungen\Knoden\Desktop\kitas Augsburg.odt
[2013/02/04 18:54:04 | 000,010,516 | ---- | M] () -- C:\Dokumente und Einstellungen\Knoden\Desktop\Lernen DF3.odt
[2013/01/28 12:59:17 | 000,202,563 | ---- | M] () -- C:\Dokumente und Einstellungen\Knoden\Desktop\pc neu.JPG
[2013/01/23 16:28:25 | 000,019,456 | ---- | M] () -- C:\Dokumente und Einstellungen\Knoden\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/01/17 07:09:17 | 000,013,288 | ---- | M] () -- C:\Dokumente und Einstellungen\Knoden\Desktop\Reflexion Triple P.odt
[2013/01/17 05:12:22 | 000,000,871 | ---- | M] () -- C:\Dokumente und Einstellungen\Knoden\.recently-used.xbel
[2013/01/17 04:48:12 | 002,360,681 | ---- | M] () -- C:\Dokumente und Einstellungen\Knoden\Desktop\DSC00770.JPG
[2013/01/17 04:45:25 | 002,631,204 | ---- | M] () -- C:\Dokumente und Einstellungen\Knoden\Desktop\DSC00313.JPG
[2013/01/13 15:52:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\VideoLAN
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013/02/06 07:37:25 | 000,094,720 | RHS- | C] () -- C:\Dokumente und Einstellungen\Knoden\wgsdgsdgdsgsd.exe
[2013/02/05 04:48:30 | 000,019,411 | ---- | C] () -- C:\Dokumente und Einstellungen\Knoden\Desktop\kitas Augsburg.odt
[2013/02/04 11:20:44 | 000,010,516 | ---- | C] () -- C:\Dokumente und Einstellungen\Knoden\Desktop\Lernen DF3.odt
[2013/01/28 12:59:16 | 000,202,563 | ---- | C] () -- C:\Dokumente und Einstellungen\Knoden\Desktop\pc neu.JPG
[2013/01/17 05:12:22 | 000,000,871 | ---- | C] () -- C:\Dokumente und Einstellungen\Knoden\.recently-used.xbel
[2013/01/17 04:48:11 | 002,360,681 | ---- | C] () -- C:\Dokumente und Einstellungen\Knoden\Desktop\DSC00770.JPG
[2013/01/17 04:45:24 | 002,631,204 | ---- | C] () -- C:\Dokumente und Einstellungen\Knoden\Desktop\DSC00313.JPG
[2013/01/15 08:13:40 | 000,013,288 | ---- | C] () -- C:\Dokumente und Einstellungen\Knoden\Desktop\Reflexion Triple P.odt
[2012/10/15 06:40:40 | 000,001,191 | ---- | C] () -- C:\WINDOWS\System32\W32N55.INI
[2012/10/15 06:40:40 | 000,000,449 | ---- | C] () -- C:\WINDOWS\System32\DiagFunc.ini
[2012/10/15 06:40:39 | 000,480,608 | ---- | C] () -- C:\WINDOWS\System32\DiagFunc.dll
[2012/10/15 06:40:39 | 000,034,080 | ---- | C] () -- C:\WINDOWS\System32\CTAAEI.dll
[2012/10/15 06:40:20 | 000,014,051 | ---- | C] () -- C:\WINDOWS\System32\RaCoInst.dat
[2012/02/14 14:52:46 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012/01/11 17:14:48 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2012/01/07 13:57:15 | 000,000,000 | ---- | C] () -- C:\WINDOWS\PCFriend.INI
[2011/10/30 15:43:06 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\Knoden\Lokale Einstellungen\Anwendungsdaten\{076D03A8-0A21-47BE-AA86-C281F0006B60}
[2011/10/30 15:42:57 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\Knoden\Lokale Einstellungen\Anwendungsdaten\{0FB64222-080E-4962-BCA6-4682121633E6}
[2011/04/09 11:55:28 | 000,179,261 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat
[2010/10/12 17:16:09 | 000,000,619 | ---- | C] () -- C:\WINDOWS\eReg.dat
[2010/09/09 13:06:14 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\Access.dat
[2010/06/04 17:19:57 | 000,040,960 | R--- | C] () -- C:\WINDOWS\System32\psfind.dll
[2010/05/12 17:42:44 | 001,441,268 | ---- | C] () -- C:\Programme\save.dat
[2010/05/12 17:41:39 | 000,020,274 | ---- | C] () -- C:\Programme\sbanleit3.jpg
[2010/05/12 17:41:39 | 000,017,637 | ---- | C] () -- C:\Programme\sbanleit2.jpg
[2010/05/12 17:41:39 | 000,016,099 | ---- | C] () -- C:\Programme\sbanleit5.jpg
[2010/05/12 17:41:39 | 000,015,673 | ---- | C] () -- C:\Programme\sbanleit1.jpg
[2010/05/12 17:41:39 | 000,011,434 | ---- | C] () -- C:\Programme\sbanleit4.jpg
[2010/05/12 17:41:39 | 000,005,988 | ---- | C] () -- C:\Programme\sbanleit6.jpg
[2010/04/09 12:27:27 | 000,000,085 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2010/04/09 12:12:10 | 000,002,951 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\Config.nt.bak
[2010/04/09 12:12:10 | 000,001,806 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\Autoexec.nt.bak
[2010/04/09 12:12:10 | 000,000,820 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\hosts.bak
[2010/03/01 12:30:00 | 000,017,168 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2010/01/19 06:33:36 | 000,097,312 | ---- | C] () -- C:\WINDOWS\System32\drivers\Fwusb1b.bin
[2010/01/15 09:15:16 | 000,063,485 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2010/01/14 15:51:39 | 000,000,068 | ---- | C] () -- C:\WINDOWS\ScrAntic.ini
[2009/11/29 09:17:28 | 000,000,000 | ---- | C] () -- C:\WINDOWS\syscheck.INI
[2009/11/17 09:02:55 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll
[2009/11/17 09:02:55 | 000,036,608 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys
[2009/11/17 09:02:48 | 000,002,528 | ---- | C] () -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\$_hpcst$.hpc
[2009/10/22 06:18:51 | 000,281,760 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2009/10/22 06:18:50 | 000,025,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2009/10/06 15:20:14 | 000,000,032 | ---- | C] () -- C:\WINDOWS\Menu.INI
[2009/09/11 11:41:52 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\dsnpstd.dll
[2009/09/11 11:41:52 | 000,015,541 | ---- | C] () -- C:\WINDOWS\snpstd.ini
[2009/09/11 11:41:51 | 000,302,720 | ---- | C] () -- C:\WINDOWS\System32\drivers\snpstd.sys
[2009/09/11 11:41:49 | 000,020,480 | ---- | C] () -- C:\WINDOWS\usnpstd.exe
[2009/09/01 11:00:44 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2009/06/05 17:19:01 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2009/05/05 09:26:29 | 000,000,084 | ---- | C] () -- C:\WINDOWS\WSST_Screen_Saver.ini
[2009/05/04 06:08:30 | 000,001,065 | ---- | C] () -- C:\WINDOWS\winamp.ini
[2009/03/29 15:25:03 | 000,000,299 | ---- | C] () -- C:\WINDOWS\game.ini
[2009/03/09 15:02:08 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\AVSDVDPlayer.m3u
[2009/03/09 15:01:11 | 000,819,200 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009/03/09 15:01:11 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009/03/07 13:15:25 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2009/03/07 13:15:13 | 000,019,456 | ---- | C] () -- C:\Dokumente und Einstellungen\Knoden\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/03/07 12:17:07 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2009/03/07 12:16:20 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2009/03/07 12:04:22 | 000,593,920 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2009/03/07 12:04:15 | 000,887,724 | R--- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2009/03/07 12:04:14 | 003,107,788 | R--- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2009/03/07 12:04:11 | 003,107,788 | R--- | C] () -- C:\WINDOWS\System32\ativvaxx.dat
[2009/03/07 12:04:11 | 000,176,918 | R--- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2009/03/07 11:57:17 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009/03/07 11:52:24 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009/03/07 11:43:16 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009/03/07 11:41:59 | 000,125,320 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/03/02 13:26:56 | 000,000,025 | ---- | C] () -- C:\WINDOWS\popcinfot.dat
[2009/02/04 13:26:02 | 000,000,023 | ---- | C] () -- C:\WINDOWS\BlendSettings.ini
[2008/10/07 02:13:30 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll
[2008/10/07 02:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008/10/07 02:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2008/10/07 02:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2008/10/07 02:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008/10/07 02:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2008/10/07 02:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2008/10/07 02:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2008/10/07 02:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2008/10/07 02:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2008/10/03 15:48:00 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ATIODE.exe
[2008/09/29 15:22:28 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ATIODCLI.exe
[2008/05/04 11:39:34 | 000,002,560 | ---- | C] () -- C:\WINDOWS\System32\ViaClassCoInstaller.dll
[2007/10/25 11:26:10 | 000,007,168 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2006/09/19 02:07:28 | 000,827,392 | ---- | C] () -- C:\WINDOWS\vsnpstd3.exe
[2006/02/28 07:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2006/02/28 07:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2006/02/28 07:00:00 | 000,448,898 | ---- | C] () -- C:\WINDOWS\System32\perfh007.dat
[2006/02/28 07:00:00 | 000,432,784 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2006/02/28 07:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2006/02/28 07:00:00 | 000,269,480 | ---- | C] () -- C:\WINDOWS\System32\perfi007.dat
[2006/02/28 07:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2006/02/28 07:00:00 | 000,080,338 | ---- | C] () -- C:\WINDOWS\System32\perfc007.dat
[2006/02/28 07:00:00 | 000,067,740 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2006/02/28 07:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2006/02/28 07:00:00 | 000,034,478 | ---- | C] () -- C:\WINDOWS\System32\perfd007.dat
[2006/02/28 07:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2006/02/28 07:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2006/02/28 07:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2006/02/28 07:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2006/02/28 07:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2005/07/12 08:44:42 | 000,015,872 | ---- | C] () -- C:\WINDOWS\System32\InsDrvZD64.DLL
[2004/03/23 10:38:00 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\InsDrvZD.dll
[2004/02/27 09:36:18 | 000,015,498 | ---- | C] () -- C:\WINDOWS\snpstd3.ini
[2003/03/14 06:24:00 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\ZyDelReg.exe
[1998/10/10 19:07:38 | 000,088,576 | ---- | C] () -- C:\WINDOWS\System32\Iticheck.dll
 
========== LOP Check ==========
 
[2012/02/08 19:28:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\ALDITALKVerbindungsassistent
[2013/01/15 16:34:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\.minecraft
[2009/03/29 15:26:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\Activision
[2012/02/15 07:41:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\ALDITALKVerbindungsassistent
[2009/05/08 04:35:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\Ashampoo
[2010/09/07 17:03:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\Canneverbe Limited
[2010/10/12 17:10:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\DAEMON Tools Lite
[2011/08/29 07:26:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\DVDVideoSoft
[2011/06/28 17:38:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\DVDVideoSoftIEHelpers
[2010/03/27 08:20:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\Earth 2140
[2012/11/22 04:13:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\Fox Dgital Copy
[2011/03/06 11:38:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\gtk-2.0
[2011/04/11 10:10:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\ICQ
[2009/03/14 09:08:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\Leadertech
[2012/12/09 15:44:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\Leawo
[2009/03/11 16:48:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\OpenOffice.org
[2009/03/08 06:55:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\Opera
[2009/11/17 09:06:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\PC Suite
[2009/11/17 09:02:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\Samsung
[2009/05/12 15:41:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\TeamViewer
[2012/11/14 04:20:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\Thunderbird
[2012/12/09 15:44:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\tiger-k
[2012/10/15 08:12:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\TP-LINK
[2009/03/10 12:16:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\TuneUp Software
[2010/09/09 13:33:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\Tunngle
[2010/03/21 15:06:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\Ubisoft
[2012/02/09 11:57:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\Verbindungsassistent
[2010/01/16 09:51:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Knoden\Anwendungsdaten\Zylom
[2009/12/07 15:38:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\BioWare
[2010/09/07 17:03:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Canneverbe Limited
[2010/10/12 17:05:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DAEMON Tools Lite
[2010/04/09 12:53:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\G DATA
[2013/01/06 14:22:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\KONAMI
[2012/12/09 15:44:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Leawo
[2009/11/17 09:06:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PC Suite
[2009/12/16 03:54:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\POP3Profiles
[2009/03/02 13:21:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PopCap Games
[2012/10/15 06:40:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TP-LINK
[2011/06/26 05:38:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TrackMania
[2009/03/10 12:16:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TuneUp Software
[2010/09/09 13:05:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Tunngle
[2010/03/21 15:06:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Ubisoft
[2010/01/16 09:51:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Zylom
[2009/03/17 08:35:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
[2011/02/22 11:03:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/03/10 12:15:12 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{55A29068-F2CE-456C-9148-C869879E2357}
[2009/09/20 15:29:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/04/14 07:12:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2013/01/07 09:39:00 | 000,000,458 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
 
< %SYSTEMDRIVE%\*. >
[2009/08/30 15:10:49 | 000,000,000 | ---D | M] -- C:\23ef2ab834e8ccfd874889c7
[2009/04/03 07:35:46 | 000,000,000 | ---D | M] -- C:\bilder mpark
[2009/03/07 11:59:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen
[2009/12/07 13:45:12 | 000,000,000 | ---D | M] -- C:\Games
[2012/01/07 13:55:37 | 000,000,000 | ---D | M] -- C:\Program Files
[2010/11/17 17:08:01 | 000,000,000 | ---D | M] -- C:\PROGRAMM
[2013/01/07 05:00:32 | 000,000,000 | R--D | M] -- C:\Programme
[2009/03/07 13:12:45 | 000,000,000 | -HSD | M] -- C:\RECYCLER
[2011/06/28 17:27:37 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2010/03/23 15:31:34 | 000,000,000 | ---D | M] -- C:\Ubisoft
[2013/01/15 03:45:41 | 000,000,000 | ---D | M] -- C:\WINDOWS
 
< %PROGRAMFILES%\*.exe >
 
Invalid Environment Variable: %LOCALAPPDATA%\*.exe
 
< %systemroot%\*. /mp /s >
 
 
< MD5 for: AGP440.SYS  >
[2006/02/28 07:00:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2008/04/14 01:03:54 | 020,108,202 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2008/04/14 01:03:54 | 020,108,202 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008/04/13 17:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008/04/13 13:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\SoftwareDistribution\Download\353532c428eb23a15c972081863622b7\agp440.sys
[2008/04/13 17:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
 
< MD5 for: ATAPI.SYS  >
[2006/02/28 07:00:00 | 018,782,319 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2008/04/14 01:03:54 | 020,108,202 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2008/04/14 01:03:54 | 020,108,202 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008/04/13 17:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008/04/13 13:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\SoftwareDistribution\Download\353532c428eb23a15c972081863622b7\atapi.sys
[2008/04/13 17:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2006/02/28 07:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
 
< MD5 for: EVENTLOG.DLL  >
[2008/04/14 00:52:12 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008/04/13 21:22:10 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\SoftwareDistribution\Download\353532c428eb23a15c972081863622b7\eventlog.dll
[2008/04/14 00:52:12 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\system32\eventlog.dll
[2006/02/28 07:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=B932C077D5A65B71B4512544AC404CB4 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
 
< MD5 for: EXPLORER.EXE  >
[2008/04/14 00:52:46 | 001,036,800 | ---- | M] (Microsoft Corporation) MD5=418045A93CD87A352098AB7DABE1B53E -- C:\WINDOWS\explorer.exe
 
< MD5 for: NETLOGON.DLL  >
[2008/04/14 00:52:20 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008/04/13 21:22:19 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\SoftwareDistribution\Download\353532c428eb23a15c972081863622b7\netlogon.dll
[2008/04/14 00:52:20 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\system32\netlogon.dll
[2006/02/28 07:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=D27395EDCD3416AFD125A9370DCB585C -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
 
< MD5 for: SCECLI.DLL  >
[2008/04/14 00:52:24 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008/04/13 21:22:23 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\SoftwareDistribution\Download\353532c428eb23a15c972081863622b7\scecli.dll
[2008/04/14 00:52:24 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\system32\scecli.dll
[2006/02/28 07:00:00 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=64DC26B3CF7BCCAD431CE360A4C625D5 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
 
< MD5 for: USER32.DLL  >
[2006/02/28 07:00:00 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=56785FD5236D7B22CF471A6DA9DB46D8 -- C:\WINDOWS\$NtServicePackUninstall$\user32.dll
[2008/04/14 00:52:32 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\ServicePackFiles\i386\user32.dll
[2008/04/13 21:22:31 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\SoftwareDistribution\Download\353532c428eb23a15c972081863622b7\user32.dll
[2008/04/14 00:52:32 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\system32\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2008/04/14 00:53:04 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008/04/13 21:23:03 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\SoftwareDistribution\Download\353532c428eb23a15c972081863622b7\userinit.exe
[2008/04/14 00:53:04 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\system32\userinit.exe
[2006/02/28 07:00:00 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=D1E53DC57143F2584B1DD53B036C0633 -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2006/02/28 07:00:00 | 000,507,392 | ---- | M] (Microsoft Corporation) MD5=2B6A0BAF33A9918F09442D873848FF72 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008/04/14 00:53:06 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008/04/13 21:23:05 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\SoftwareDistribution\Download\353532c428eb23a15c972081863622b7\winlogon.exe
[2008/04/14 00:53:06 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\system32\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2006/02/28 07:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\dllcache\ws2ifsl.sys
[2006/02/28 07:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\drivers\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
[2009/03/07 12:41:18 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2009/03/07 12:41:17 | 000,638,976 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2009/03/07 12:41:17 | 000,454,656 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav
 
< %systemroot%\system32\*.dll /lockedfiles >
[2011/03/03 01:54:43 | 000,149,504 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\dnsapi.dll
[2012/11/01 07:17:52 | 011,111,424 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\ieframe.dll
[2012/11/01 07:17:52 | 002,000,384 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\iertutil.dll
[2008/04/14 00:52:20 | 000,280,064 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\mstask.dll
[2008/04/14 00:52:22 | 000,067,072 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\ntdsapi.dll
[2012/06/08 09:25:14 | 008,503,808 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\shell32.dll
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
 
Invalid Environment Variable: %USERPROFILE%\*.*
 
Invalid Environment Variable: %USERPROFILE%\Local Settings\Temp\*.exe
 
Invalid Environment Variable: %USERPROFILE%\Local Settings\Temp\*.dll
 
Invalid Environment Variable: %USERPROFILE%\Application Data\*.exe
 
< End of report >
         
--- --- ---

Alt 10.02.2013, 17:29   #5
markusg
/// Malware-holic
 
Grauer Bildschirm nach Windowsstart - Standard

Grauer Bildschirm nach Windowsstart



aloa,
auf deinem zweiten pc gehe auf start, programme zubehör editor, kopiere dort
rein:
Code:
ATTFilter
:OTL
[2013/02/06 07:37:25 | 000,094,720 | RHS- | M] () -- C:\Dokumente und Einstellungen\Knoden\wgsdgsdgdsgsd.exe
:Files
:Commands
[EMPTYFLASH] 
[emptytemp]
         


dieses speicherst du auf nem usb stick als fix.txt
nutze nun wieder OTLPENet.exe (starte also von der erstellten cd) und hake alles an, wie es bereits im post zu OTLPENet.exe beschrieben ist.
• Klicke nun bitte auf den Fix Button.
es sollte nun eine meldung ähnlich dieser: "load fix from file" erscheinen, lade also die fix.txt von deinem stick.
wenn dies nicht funktioniert, bitte den fix manuell eintragen.
dann klicke erneut den fix buton. pc startet evtl. neu. wenn ja, nimm die cd aus dem laufwerk, windows sollte nun normal starten und die otl.txt öffnen,
log posten bitte.

__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 10.02.2013, 20:05   #6
knoden
 
Grauer Bildschirm nach Windowsstart - Standard

Grauer Bildschirm nach Windowsstart



OK erledigt hier der Log:

========== OTL ==========
C:\Dokumente und Einstellungen\Knoden\wgsdgsdgdsgsd.exe moved successfully.
========== FILES ==========
========== COMMANDS ==========

[EMPTYFLASH]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 41 bytes

User: Knoden
->Temp folder emptied: 66175681 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 54753017 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 9227 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 226144 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 975689 bytes

Total Flash Files Cleaned = 117.00 mb


[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Knoden
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Opera cache emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2148906 bytes
%systemroot%\System32 .tmp files removed: 2951 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 18241857 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes

Total Files Cleaned = 19.00 mb


OTLPE by OldTimer - Version 3.1.48.0 log created on 02102013_200343

Alt 10.02.2013, 20:06   #7
markusg
/// Malware-holic
 
Grauer Bildschirm nach Windowsstart - Standard

Grauer Bildschirm nach Windowsstart



Aloa,
wenn der normale Modus funktioniert:
download tdss killer:
http://www.trojaner-board.de/82358-t...entfernen.html
Klicke auf Change parameters
• Setze die Haken bei Verify driver digital signatures und Detect TDLFS file system
• Klick auf OK und anschließend auf Start scan
- bei funden erst mal immer skip wählen, log posten
c: öffnen, tdsskiller-datum-version.txt öffnen, Inhalt posten
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 10.02.2013, 20:21   #8
knoden
 
Grauer Bildschirm nach Windowsstart - Standard

Grauer Bildschirm nach Windowsstart



Ein paar Haken hießen anders als in deiner Anleitung, darum hab ich alle vier gesetzt.

Hier der Log:

20:17:00.0562 2508 TDSS rootkit removing tool 2.7.34.0 May 2 2012 09:59:18
20:17:02.0562 2508 ============================================================
20:17:02.0562 2508 Current date / time: 2013/02/10 20:17:02.0562
20:17:02.0562 2508 SystemInfo:
20:17:02.0562 2508
20:17:02.0562 2508 OS Version: 5.1.2600 ServicePack: 3.0
20:17:02.0562 2508 Product type: Workstation
20:17:02.0562 2508 ComputerName: DENNIS
20:17:02.0562 2508 UserName: Knoden
20:17:02.0562 2508 Windows directory: C:\WINDOWS
20:17:02.0562 2508 System windows directory: C:\WINDOWS
20:17:02.0562 2508 Processor architecture: Intel x86
20:17:02.0562 2508 Number of processors: 4
20:17:02.0562 2508 Page size: 0x1000
20:17:02.0562 2508 Boot type: Normal boot
20:17:02.0562 2508 ============================================================
20:17:03.0859 2508 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
20:17:03.0859 2508 ============================================================
20:17:03.0859 2508 \Device\Harddisk0\DR0:
20:17:03.0859 2508 MBR partitions:
20:17:03.0859 2508 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x254297C1
20:17:03.0859 2508 ============================================================
20:17:03.0890 2508 C: <-> \Device\Harddisk0\DR0\Partition0
20:17:03.0921 2508 ============================================================
20:17:03.0921 2508 Initialize success
20:17:03.0921 2508 ============================================================
20:18:59.0125 0140 ============================================================
20:18:59.0125 0140 Scan started
20:18:59.0125 0140 Mode: Manual; SigCheck; TDLFS;
20:18:59.0125 0140 ============================================================
20:18:59.0343 0140 6to4 (d5a6658cbfbbf9a0f8827e83c9fde806) C:\WINDOWS\System32\6to4svc.dll
20:19:00.0093 0140 6to4 - ok
20:19:00.0125 0140 a2free - ok
20:19:00.0125 0140 Abiosdsk - ok
20:19:00.0125 0140 abp480n5 - ok
20:19:00.0171 0140 ACPI (ac407f1a62c3a300b4f2b5a9f1d55b2c) C:\WINDOWS\system32\DRIVERS\ACPI.sys
20:19:00.0703 0140 ACPI - ok
20:19:00.0734 0140 ACPIEC (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\drivers\ACPIEC.sys
20:19:00.0828 0140 ACPIEC - ok
20:19:00.0828 0140 adpu160m - ok
20:19:00.0859 0140 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
20:19:00.0937 0140 aec - ok
20:19:00.0984 0140 AegisP (30bb1bde595ca65fd5549462080d94e5) C:\WINDOWS\system32\DRIVERS\AegisP.sys
20:19:01.0000 0140 AegisP ( UnsignedFile.Multi.Generic ) - warning
20:19:01.0000 0140 AegisP - detected UnsignedFile.Multi.Generic (1)
20:19:01.0031 0140 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
20:19:01.0093 0140 AFD - ok
20:19:01.0093 0140 Aha154x - ok
20:19:01.0109 0140 aic78u2 - ok
20:19:01.0109 0140 aic78xx - ok
20:19:01.0265 0140 ALDITALKVerbindungsassistent_Service (73350b0f3a59c52118137ebde11c2a5d) C:\Programme\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Service.exe
20:19:01.0312 0140 ALDITALKVerbindungsassistent_Service - ok
20:19:01.0359 0140 Alerter (738d80cc01d7bc7584be917b7f544394) C:\WINDOWS\system32\alrsvc.dll
20:19:01.0453 0140 Alerter - ok
20:19:01.0500 0140 ALG (190cd73d4984f94d823f9444980513e5) C:\WINDOWS\System32\alg.exe
20:19:01.0578 0140 ALG - ok
20:19:01.0593 0140 AliIde - ok
20:19:01.0593 0140 amsint - ok
20:19:01.0703 0140 Apple Mobile Device (20f6f19fe9e753f2780dc2fa083ad597) C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:19:01.0703 0140 Apple Mobile Device - ok
20:19:01.0703 0140 AppMgmt - ok
20:19:01.0734 0140 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
20:19:01.0812 0140 Arp1394 - ok
20:19:01.0812 0140 asc - ok
20:19:01.0812 0140 asc3350p - ok
20:19:01.0828 0140 asc3550 - ok
20:19:01.0937 0140 aspnet_state (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
20:19:01.0968 0140 aspnet_state - ok
20:19:02.0000 0140 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
20:19:02.0078 0140 AsyncMac - ok
20:19:02.0093 0140 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
20:19:02.0171 0140 atapi - ok
20:19:02.0171 0140 Atdisk - ok
20:19:02.0250 0140 Ati HotKey Poller (fcfd6eef3c99df24edd3f975ebbc61b8) C:\WINDOWS\system32\Ati2evxx.exe
20:19:02.0328 0140 Ati HotKey Poller - ok
20:19:02.0375 0140 ATI Smart (c3cdcc8beef13d653312639926a6aa4c) C:\WINDOWS\system32\ati2sgag.exe
20:19:02.0421 0140 ATI Smart ( UnsignedFile.Multi.Generic ) - warning
20:19:02.0421 0140 ATI Smart - detected UnsignedFile.Multi.Generic (1)
20:19:02.0609 0140 ati2mtag (42a3badcac4e31b373821a05f945e69d) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
20:19:02.0750 0140 ati2mtag - ok
20:19:02.0921 0140 atksgt (f0d933b42cd0594048e4d5200ae9e417) C:\WINDOWS\system32\DRIVERS\atksgt.sys
20:19:18.0171 0140 atksgt - ok
20:19:18.0203 0140 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
20:19:18.0281 0140 Atmarpc - ok
20:19:18.0312 0140 AudioSrv (58ed0d5452df7be732193e7999c6b9a4) C:\WINDOWS\System32\audiosrv.dll
20:19:18.0406 0140 AudioSrv - ok
20:19:18.0453 0140 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
20:19:18.0546 0140 audstub - ok
20:19:18.0718 0140 bDMusicb - ok
20:19:18.0765 0140 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
20:19:18.0859 0140 Beep - ok
20:19:18.0906 0140 BITS (d6f603772a789bb3228f310d650b8bd1) C:\WINDOWS\system32\qmgr.dll
20:19:19.0171 0140 BITS - ok
20:19:19.0203 0140 BLKWGU(Belkin) (ed910b63a75863a89aab65f2763d5b71) C:\WINDOWS\system32\DRIVERS\BLKWGU.sys
20:19:19.0250 0140 BLKWGU(Belkin) - ok
20:19:19.0390 0140 Bonjour Service (f2060a34c8a75bc24a9222eb4f8c07bd) C:\Programme\Bonjour\mDNSResponder.exe
20:19:19.0421 0140 Bonjour Service - ok
20:19:19.0484 0140 Browser (b71549f23736adf83a571061c47777fd) C:\WINDOWS\System32\browser.dll
20:19:19.0562 0140 Browser - ok
20:19:19.0562 0140 btaudio - ok
20:19:19.0562 0140 BTDriver - ok
20:19:19.0578 0140 BTWDNDIS - ok
20:19:19.0578 0140 btwhid - ok
20:19:19.0578 0140 BTWUSB - ok
20:19:19.0609 0140 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
20:19:19.0703 0140 cbidf2k - ok
20:19:19.0718 0140 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
20:19:19.0812 0140 CCDECODE - ok
20:19:19.0812 0140 cd20xrnt - ok
20:19:19.0828 0140 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
20:19:19.0906 0140 Cdaudio - ok
20:19:19.0968 0140 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
20:19:20.0046 0140 Cdfs - ok
20:19:20.0093 0140 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
20:19:20.0171 0140 Cdrom - ok
20:19:20.0171 0140 Changer - ok
20:19:20.0234 0140 CiSvc (28e3040d1f1ca2008cd6b29dfebc9a5e) C:\WINDOWS\system32\cisvc.exe
20:19:20.0328 0140 CiSvc - ok
20:19:20.0375 0140 ClipSrv (778a30ed3c134eb7e406afc407e9997d) C:\WINDOWS\system32\clipsrv.exe
20:19:20.0468 0140 ClipSrv - ok
20:19:20.0562 0140 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:19:20.0625 0140 clr_optimization_v2.0.50727_32 - ok
20:19:20.0640 0140 CmdIde - ok
20:19:20.0640 0140 COMSysApp - ok
20:19:20.0640 0140 Cpqarray - ok
20:19:20.0687 0140 CryptSvc (611f824e5c703a5a899f84c5f1699e4d) C:\WINDOWS\System32\cryptsvc.dll
20:19:20.0796 0140 CryptSvc - ok
20:19:20.0796 0140 dac2w2k - ok
20:19:20.0796 0140 dac960nt - ok
20:19:20.0890 0140 DAUpdaterSvc (80861969541971176e005d2c09dae851) C:\Games\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe
20:19:20.0890 0140 DAUpdaterSvc - ok
20:19:20.0968 0140 DcomLaunch (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll
20:19:21.0093 0140 DcomLaunch - ok
20:19:21.0171 0140 Dhcp (c29a1c9b75ba38fa37f8c44405dec360) C:\WINDOWS\System32\dhcpcsvc.dll
20:19:21.0250 0140 Dhcp - ok
20:19:21.0265 0140 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
20:19:21.0328 0140 Disk - ok
20:19:21.0328 0140 dmadmin - ok
20:19:21.0406 0140 dmboot (0dcfc8395a99fecbb1ef771cec7fe4ea) C:\WINDOWS\system32\drivers\dmboot.sys
20:19:21.0515 0140 dmboot - ok
20:19:21.0546 0140 dmio (53720ab12b48719d00e327da470a619a) C:\WINDOWS\system32\drivers\dmio.sys
20:19:21.0640 0140 dmio - ok
20:19:21.0671 0140 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
20:19:21.0765 0140 dmload - ok
20:19:21.0796 0140 dmserver (25c83ffbba13b554eb6d59a9b2e2ee78) C:\WINDOWS\System32\dmserver.dll
20:19:21.0875 0140 dmserver - ok
20:19:21.0906 0140 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
20:19:21.0984 0140 DMusic - ok
20:19:22.0000 0140 Dnscache (407f3227ac618fd1ca54b335b083de07) C:\WINDOWS\System32\dnsrslvr.dll
20:19:22.0156 0140 Dnscache - ok
20:19:22.0203 0140 Dot3svc (676e36c4ff5bcea1900f44182b9723e6) C:\WINDOWS\System32\dot3svc.dll
20:19:22.0265 0140 Dot3svc - ok
20:19:22.0281 0140 dpti2o - ok
20:19:22.0312 0140 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
20:19:22.0390 0140 drmkaud - ok
20:19:22.0421 0140 EapHost (4e4f2fddab0a0736d7671134dcce91fb) C:\WINDOWS\System32\eapsvc.dll
20:19:22.0515 0140 EapHost - ok
20:19:22.0562 0140 EAPPkt (c47e7c5e7410c7de98f7219e3008c23d) C:\WINDOWS\system32\DRIVERS\EAPPkt.sys
20:19:22.0578 0140 EAPPkt ( UnsignedFile.Multi.Generic ) - warning
20:19:22.0578 0140 EAPPkt - detected UnsignedFile.Multi.Generic (1)
20:19:22.0625 0140 ERSvc (877c18558d70587aa7823a1a308ac96b) C:\WINDOWS\System32\ersvc.dll
20:19:22.0703 0140 ERSvc - ok
20:19:22.0750 0140 Eventlog (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
20:19:22.0796 0140 Eventlog - ok
20:19:22.0843 0140 EventSystem (af4f6b5739d18ca7972ab53e091cbc74) C:\WINDOWS\system32\es.dll
20:19:22.0890 0140 EventSystem - ok
20:19:22.0921 0140 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
20:19:23.0000 0140 Fastfat - ok
20:19:23.0046 0140 FastUserSwitchingCompatibility (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
20:19:23.0125 0140 FastUserSwitchingCompatibility - ok
20:19:23.0187 0140 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\DRIVERS\fdc.sys
20:19:23.0250 0140 Fdc - ok
20:19:23.0265 0140 Fips (b0678a548587c5f1967b0d70bacad6c1) C:\WINDOWS\system32\drivers\Fips.sys
20:19:23.0359 0140 Fips - ok
20:19:23.0375 0140 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\DRIVERS\flpydisk.sys
20:19:23.0437 0140 Flpydisk - ok
20:19:23.0500 0140 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
20:19:23.0578 0140 FltMgr - ok
20:19:23.0781 0140 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
20:19:23.0781 0140 FontCache3.0.0.0 - ok
20:19:23.0843 0140 FsUsbExDisk (790a4ca68f44be35967b3df61f3e4675) C:\WINDOWS\system32\FsUsbExDisk.SYS
20:19:23.0859 0140 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - warning
20:19:23.0859 0140 FsUsbExDisk - detected UnsignedFile.Multi.Generic (1)
20:19:23.0875 0140 FsUsbExService (b49dbf7225389ec602c1b7b76c541ec2) C:\WINDOWS\system32\FsUsbExService.Exe
20:19:23.0875 0140 FsUsbExService - ok
20:19:23.0890 0140 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
20:19:23.0984 0140 Fs_Rec - ok
20:19:24.0000 0140 Ftdisk (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
20:19:24.0078 0140 Ftdisk - ok
20:19:24.0140 0140 FWLANUSB (b45f1df1cce34e2af422f0ed78cd70ef) C:\WINDOWS\system32\DRIVERS\fwlanusb.sys
20:19:24.0187 0140 FWLANUSB - ok
20:19:24.0187 0140 FXDrv32 - ok
20:19:24.0234 0140 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\drivers\GEARAspiWDM.sys
20:19:24.0234 0140 GEARAspiWDM - ok
20:19:24.0296 0140 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
20:19:24.0359 0140 Gpc - ok
20:19:24.0500 0140 gupdate1c9da1fc6c11eda (626a24ed1228580b9518c01930936df9) C:\Programme\Google\Update\GoogleUpdate.exe
20:19:24.0515 0140 gupdate1c9da1fc6c11eda - ok
20:19:24.0515 0140 gupdatem (626a24ed1228580b9518c01930936df9) C:\Programme\Google\Update\GoogleUpdate.exe
20:19:24.0531 0140 gupdatem - ok
20:19:24.0578 0140 hamachi (833051c6c6c42117191935f734cfbd97) C:\WINDOWS\system32\DRIVERS\hamachi.sys
20:19:24.0625 0140 hamachi - ok
20:19:24.0625 0140 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
20:19:24.0703 0140 HDAudBus - ok
20:19:24.0796 0140 helpsvc (cb66bf85bf599befd6c6a57c2e20357f) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
20:19:24.0875 0140 helpsvc - ok
20:19:24.0906 0140 HidServ (b35da85e60c0103f2e4104532da2f12b) C:\WINDOWS\System32\hidserv.dll
20:19:25.0000 0140 HidServ - ok
20:19:25.0015 0140 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
20:19:25.0109 0140 hidusb - ok
20:19:25.0140 0140 hkmsvc (ed29f14101523a6e0e808107405d452c) C:\WINDOWS\System32\kmsvc.dll
20:19:25.0203 0140 hkmsvc - ok
20:19:25.0203 0140 hpn - ok
20:19:25.0265 0140 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
20:19:25.0296 0140 HTTP - ok
20:19:25.0359 0140 HTTPFilter (9e4adb854cebcfb81a4b36718feecd16) C:\WINDOWS\System32\w3ssl.dll
20:19:25.0437 0140 HTTPFilter - ok
20:19:25.0484 0140 hwdatacard (1720966d9c7ea5e2d78b6db92d2f9171) C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys
20:19:25.0531 0140 hwdatacard - ok
20:19:25.0531 0140 i2omgmt - ok
20:19:25.0546 0140 i2omp - ok
20:19:25.0578 0140 i8042prt (e283b97cfbeb86c1d86baed5f7846a92) C:\WINDOWS\system32\drivers\i8042prt.sys
20:19:25.0656 0140 i8042prt - ok
20:19:25.0750 0140 idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:19:25.0796 0140 idsvc - ok
20:19:25.0812 0140 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
20:19:25.0906 0140 Imapi - ok
20:19:25.0953 0140 ImapiService (d4b413aa210c21e46aedd2ba5b68d38e) C:\WINDOWS\system32\imapi.exe
20:19:26.0031 0140 ImapiService - ok
20:19:26.0031 0140 ini910u - ok
20:19:26.0281 0140 IntcAzAudAddService (4aaa8312732655f93a254d1fa695eb79) C:\WINDOWS\system32\drivers\RtkHDAud.sys
20:19:26.0531 0140 IntcAzAudAddService - ok
20:19:26.0640 0140 IntelIde - ok
20:19:26.0671 0140 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
20:19:26.0734 0140 Ip6Fw - ok
20:19:26.0781 0140 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
20:19:26.0875 0140 IpFilterDriver - ok
20:19:26.0906 0140 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
20:19:27.0000 0140 IpInIp - ok
20:19:27.0015 0140 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
20:19:27.0093 0140 IpNat - ok
20:19:27.0234 0140 iPod Service (e51bd095b2fdf56b17ee010bb794d6ed) C:\Programme\iPod\bin\iPodService.exe
20:19:27.0296 0140 iPod Service - ok
20:19:27.0328 0140 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
20:19:27.0421 0140 IPSec - ok
20:19:27.0437 0140 irda (aca5e7b54409f9cb5eed97ed0c81120e) C:\WINDOWS\system32\DRIVERS\irda.sys
20:19:27.0515 0140 irda - ok
20:19:27.0546 0140 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
20:19:27.0609 0140 IRENUM - ok
20:19:27.0671 0140 Irmon (2efe1db1ec58a26b0c14bfda122e246f) C:\WINDOWS\System32\irmon.dll
20:19:27.0750 0140 Irmon - ok
20:19:27.0796 0140 irsir (0501f0b9ab08425f8c0eacbdcc04aa32) C:\WINDOWS\system32\DRIVERS\irsir.sys
20:19:27.0843 0140 irsir - ok
20:19:27.0859 0140 isapnp (6dfb88f64135c525433e87648bda30de) C:\WINDOWS\system32\DRIVERS\isapnp.sys
20:19:27.0953 0140 isapnp - ok
20:19:28.0109 0140 JavaQuickStarterService (b591e761161d1ef547d76ef236eaa6a5) C:\Programme\Java\jre7\bin\jqs.exe
20:19:28.0125 0140 JavaQuickStarterService - ok
20:19:28.0187 0140 k57w2k (8353d24d87c597377d8628d9a7f148c3) C:\WINDOWS\system32\DRIVERS\k57xp32.sys
20:19:28.0218 0140 k57w2k - ok
20:19:28.0250 0140 Kbdclass (1704d8c4c8807b889e43c649b478a452) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
20:19:28.0312 0140 Kbdclass - ok
20:19:28.0328 0140 kbdhid (b6d6c117d771c98130497265f26d1882) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
20:19:28.0390 0140 kbdhid - ok
20:19:28.0406 0140 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
20:19:28.0468 0140 kmixer - ok
20:19:28.0484 0140 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
20:19:28.0625 0140 KSecDD - ok
20:19:28.0671 0140 lanmanserver (2bbdcb79900990f0716dfcb714e72de7) C:\WINDOWS\System32\srvsvc.dll
20:19:28.0718 0140 lanmanserver - ok
20:19:28.0781 0140 lanmanworkstation (1869b14b06b44b44af70548e1ea3303f) C:\WINDOWS\System32\wkssvc.dll
20:19:28.0859 0140 lanmanworkstation - ok
20:19:28.0859 0140 Lbd - ok
20:19:28.0859 0140 lbrtfdc - ok
20:19:28.0890 0140 lirsgt (f8a7212d0864ef5e9185fb95e6623f4d) C:\WINDOWS\system32\DRIVERS\lirsgt.sys
20:19:28.0906 0140 lirsgt - ok
20:19:28.0937 0140 LmHosts (636714b7d43c8d0c80449123fd266920) C:\WINDOWS\System32\lmhsvc.dll
20:19:29.0015 0140 LmHosts - ok
20:19:29.0046 0140 Messenger (b7550a7107281d170ce85524b1488c98) C:\WINDOWS\System32\msgsvc.dll
20:19:29.0140 0140 Messenger - ok
20:19:29.0171 0140 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
20:19:29.0265 0140 mnmdd - ok
20:19:29.0312 0140 mnmsrvc (c2f1d365fd96791b037ee504868065d3) C:\WINDOWS\system32\mnmsrvc.exe
20:19:29.0390 0140 mnmsrvc - ok
20:19:29.0406 0140 Modem (6fb74ebd4ec57a6f1781de3852cc3362) C:\WINDOWS\system32\drivers\Modem.sys
20:19:29.0468 0140 Modem - ok
20:19:29.0484 0140 Mouclass (b24ce8005deab254c0251e15cb71d802) C:\WINDOWS\system32\DRIVERS\mouclass.sys
20:19:29.0546 0140 Mouclass - ok
20:19:29.0578 0140 mouhid (66a6f73c74e1791464160a7065ce711a) C:\WINDOWS\system32\DRIVERS\mouhid.sys
20:19:29.0656 0140 mouhid - ok
20:19:29.0656 0140 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
20:19:29.0750 0140 MountMgr - ok
20:19:29.0750 0140 mraid35x - ok
20:19:29.0781 0140 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
20:19:29.0859 0140 MRxDAV - ok
20:19:29.0921 0140 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
20:19:29.0968 0140 MRxSmb - ok
20:19:29.0984 0140 MSDTC (35a031af38c55f92d28aa03ee9f12cc9) C:\WINDOWS\system32\msdtc.exe
20:19:30.0046 0140 MSDTC - ok
20:19:30.0062 0140 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
20:19:30.0156 0140 Msfs - ok
20:19:30.0156 0140 MSIServer - ok
20:19:30.0187 0140 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
20:19:30.0250 0140 MSKSSRV - ok
20:19:30.0265 0140 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
20:19:30.0328 0140 MSPCLOCK - ok
20:19:30.0328 0140 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
20:19:30.0421 0140 MSPQM - ok
20:19:30.0453 0140 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
20:19:30.0515 0140 mssmbios - ok
20:19:30.0562 0140 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
20:19:30.0625 0140 MSTEE - ok
20:19:30.0625 0140 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
20:19:30.0671 0140 Mup - ok
20:19:30.0718 0140 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
20:19:30.0796 0140 NABTSFEC - ok
20:19:30.0859 0140 napagent (46bb15ae2ac7d025d6d2567b876817bd) C:\WINDOWS\System32\qagentrt.dll
20:19:30.0968 0140 napagent - ok
20:19:30.0968 0140 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
20:19:31.0046 0140 NDIS - ok
20:19:31.0093 0140 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
20:19:31.0156 0140 NdisIP - ok
20:19:31.0187 0140 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
20:19:31.0234 0140 NdisTapi - ok
20:19:31.0250 0140 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
20:19:31.0328 0140 Ndisuio - ok
20:19:31.0343 0140 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
20:19:31.0406 0140 NdisWan - ok
20:19:31.0437 0140 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
20:19:31.0500 0140 NDProxy - ok
20:19:31.0531 0140 Netaapl (7afd0e39ab15cb355487b7cc19f4e2c5) C:\WINDOWS\system32\DRIVERS\netaapl.sys
20:19:31.0562 0140 Netaapl - ok
20:19:31.0562 0140 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
20:19:31.0671 0140 NetBIOS - ok
20:19:31.0703 0140 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
20:19:31.0765 0140 NetBT - ok
20:19:31.0812 0140 NetDDE (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
20:19:31.0906 0140 NetDDE - ok
20:19:31.0906 0140 NetDDEdsdm (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
20:19:31.0968 0140 NetDDEdsdm - ok
20:19:32.0015 0140 Netlogon (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
20:19:32.0093 0140 Netlogon - ok
20:19:32.0156 0140 Netman (e6d88f1f6745bf00b57e7855a2ab696c) C:\WINDOWS\System32\netman.dll
20:19:32.0234 0140 Netman - ok
20:19:32.0453 0140 NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:19:32.0468 0140 NetTcpPortSharing - ok
20:19:32.0515 0140 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
20:19:32.0578 0140 NIC1394 - ok
20:19:32.0640 0140 Nla (f1b67b6b0751ae0e6e964b02821206a3) C:\WINDOWS\System32\mswsock.dll
20:19:32.0687 0140 Nla - ok
20:19:32.0843 0140 NMSAccess (7aea4df1ca68fd45dd4bbe1f0243ce7f) C:\Programme\CDBurnerXP\NMSAccessU.exe
20:19:32.0843 0140 NMSAccess - ok
20:19:32.0890 0140 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
20:19:32.0968 0140 Npfs - ok
20:19:32.0984 0140 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
20:19:33.0109 0140 Ntfs - ok
20:19:33.0109 0140 NtLmSsp (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
20:19:33.0171 0140 NtLmSsp - ok
20:19:33.0234 0140 NtmsSvc (56af4064996fa5bac9c449b1514b4770) C:\WINDOWS\system32\ntmssvc.dll
20:19:33.0343 0140 NtmsSvc - ok
20:19:33.0390 0140 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
20:19:33.0468 0140 Null - ok
20:19:33.0500 0140 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
20:19:33.0609 0140 NwlnkFlt - ok
20:19:33.0625 0140 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
20:19:33.0703 0140 NwlnkFwd - ok
20:19:33.0703 0140 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
20:19:33.0796 0140 ohci1394 - ok
20:19:33.0843 0140 Parport (f84785660305b9b903fb3bca8ba29837) C:\WINDOWS\system32\drivers\Parport.sys
20:19:33.0921 0140 Parport - ok
20:19:33.0937 0140 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
20:19:34.0000 0140 PartMgr - ok
20:19:34.0031 0140 ParVdm (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINDOWS\system32\drivers\ParVdm.sys
20:19:34.0125 0140 ParVdm - ok
20:19:34.0156 0140 pccsmcfd (175cc28dcf819f78caa3fbd44ad9e52a) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
20:19:34.0171 0140 pccsmcfd - ok
20:19:34.0187 0140 PCI (387e8dedc343aa2d1efbc30580273acd) C:\WINDOWS\system32\DRIVERS\pci.sys
20:19:34.0281 0140 PCI - ok
20:19:34.0281 0140 PCIDump - ok
20:19:34.0281 0140 PCIIde (59ba86d9a61cbcf4df8e598c331f5b82) C:\WINDOWS\system32\DRIVERS\pciide.sys
20:19:34.0390 0140 PCIIde - ok
20:19:34.0437 0140 Pcmcia (a2a966b77d61847d61a3051df87c8c97) C:\WINDOWS\system32\drivers\Pcmcia.sys
20:19:34.0531 0140 Pcmcia - ok
20:19:34.0531 0140 PDCOMP - ok
20:19:34.0531 0140 PDFRAME - ok
20:19:34.0546 0140 PDRELI - ok
20:19:34.0546 0140 PDRFRAME - ok
20:19:34.0546 0140 perc2 - ok
20:19:34.0546 0140 perc2hib - ok
20:19:34.0593 0140 PlugPlay (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
20:19:34.0625 0140 PlugPlay - ok
20:19:34.0625 0140 PolicyAgent (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
20:19:34.0687 0140 PolicyAgent - ok
20:19:34.0687 0140 PowerManager - ok
20:19:34.0750 0140 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
20:19:34.0812 0140 PptpMiniport - ok
20:19:34.0812 0140 Processor (2cb55427c58679f49ad600fccba76360) C:\WINDOWS\system32\DRIVERS\processr.sys
20:19:34.0906 0140 Processor - ok
20:19:34.0906 0140 ProtectedStorage (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
20:19:34.0968 0140 ProtectedStorage - ok
20:19:34.0968 0140 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
20:19:35.0046 0140 PSched - ok
20:19:35.0062 0140 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
20:19:35.0171 0140 Ptilink - ok
20:19:35.0203 0140 PxHelp20 (d86b4a68565e444d76457f14172c875a) C:\WINDOWS\system32\Drivers\PxHelp20.sys
20:19:35.0218 0140 PxHelp20 - ok
20:19:35.0218 0140 ql1080 - ok
20:19:35.0218 0140 Ql10wnt - ok
20:19:35.0218 0140 ql12160 - ok
20:19:35.0234 0140 ql1240 - ok
20:19:35.0234 0140 ql1280 - ok
20:19:35.0390 0140 RalinkRegistryWriter (f502a4b72524d21c5ca7183e61fb522e) C:\Programme\TP-LINK\TP-LINK Wireless Configuration Utility\Service\RaRegistry.exe
20:19:35.0421 0140 RalinkRegistryWriter - ok
20:19:35.0484 0140 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
20:19:35.0562 0140 RasAcd - ok
20:19:35.0609 0140 RasAuto (f5ba6caccdb66c8f048e867563203246) C:\WINDOWS\System32\rasauto.dll
20:19:35.0687 0140 RasAuto - ok
20:19:35.0734 0140 Rasirda (0207d26ddf796a193ccd9f83047bb5fc) C:\WINDOWS\system32\DRIVERS\rasirda.sys
20:19:35.0765 0140 Rasirda - ok
20:19:35.0765 0140 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
20:19:35.0828 0140 Rasl2tp - ok
20:19:35.0890 0140 RasMan (f9a7b66ea345726edb5862a46b1eccd5) C:\WINDOWS\System32\rasmans.dll
20:19:35.0968 0140 RasMan - ok
20:19:35.0984 0140 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
20:19:36.0046 0140 RasPppoe - ok
20:19:36.0062 0140 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
20:19:36.0140 0140 Raspti - ok
20:19:36.0203 0140 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
20:19:36.0265 0140 Rdbss - ok
20:19:36.0265 0140 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
20:19:36.0343 0140 RDPCDD - ok
20:19:36.0390 0140 RDPWD (43af5212bd8fb5ba6eed9754358bd8f7) C:\WINDOWS\system32\drivers\RDPWD.sys
20:19:36.0437 0140 RDPWD - ok
20:19:36.0500 0140 RDSessMgr (263af18af0f3db99f574c95f284ccec9) C:\WINDOWS\system32\sessmgr.exe
20:19:36.0578 0140 RDSessMgr - ok
20:19:36.0609 0140 redbook (ed761d453856f795a7fe056e42c36365) C:\WINDOWS\system32\DRIVERS\redbook.sys
20:19:36.0671 0140 redbook - ok
20:19:36.0718 0140 RemoteAccess (0e97ec96d6942ceec2d188cc2eb69a01) C:\WINDOWS\System32\mprdim.dll
20:19:36.0812 0140 RemoteAccess - ok
20:19:36.0812 0140 RpcLocator (2a02e21867497df20b8fc95631395169) C:\WINDOWS\system32\locator.exe
20:19:36.0875 0140 RpcLocator - ok
20:19:36.0921 0140 RpcSs (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll
20:19:36.0953 0140 RpcSs - ok
20:19:36.0984 0140 RSVP (4bdd71b4b521521499dfd14735c4f398) C:\WINDOWS\system32\rsvp.exe
20:19:37.0062 0140 RSVP - ok
20:19:37.0140 0140 rt2870 (0a7293edc2537652a4914018a7589f14) C:\WINDOWS\system32\DRIVERS\rt2870.sys
20:19:37.0187 0140 rt2870 - ok
20:19:37.0234 0140 RT73 (4f153709d0691c6de8c9a4c5e813907c) C:\WINDOWS\system32\DRIVERS\rt73.sys
20:19:37.0281 0140 RT73 ( UnsignedFile.Multi.Generic ) - warning
20:19:37.0281 0140 RT73 - detected UnsignedFile.Multi.Generic (1)
20:19:37.0343 0140 RTHDMIAzAudService (39c5c2fbf652c9f8c194873d5c8a1f58) C:\WINDOWS\system32\drivers\RtHDMIV.sys
20:19:37.0359 0140 RTHDMIAzAudService - ok
20:19:37.0421 0140 RTL8187B (60aecd4284317784111716bb88342f46) C:\WINDOWS\system32\DRIVERS\wg111v3.sys
20:19:37.0484 0140 RTL8187B - ok
20:19:37.0500 0140 SamSs (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
20:19:37.0578 0140 SamSs - ok
20:19:37.0578 0140 SCardSvr (dcec079fad95d36c8dd5cb6d779dfe32) C:\WINDOWS\System32\SCardSvr.exe
20:19:37.0640 0140 SCardSvr - ok
20:19:37.0687 0140 Schedule (a050194a44d7fa8d7186ed2f4e8367ae) C:\WINDOWS\system32\schedsvc.dll
20:19:37.0765 0140 Schedule - ok
20:19:37.0812 0140 Scutum50 (f34c06d1c706a6d9433570b087a18b02) C:\WINDOWS\system32\Drivers\Scutum50.sys
20:19:37.0843 0140 Scutum50 ( UnsignedFile.Multi.Generic ) - warning
20:19:37.0843 0140 Scutum50 - detected UnsignedFile.Multi.Generic (1)
20:19:37.0890 0140 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
20:19:37.0953 0140 Secdrv - ok
20:19:37.0984 0140 seclogon (bee4cfd1d48c23b44cf4b974b0b79b2b) C:\WINDOWS\System32\seclogon.dll
20:19:38.0078 0140 seclogon - ok
20:19:38.0109 0140 SENS (2aac9b6ed9eddffb721d6452e34d67e3) C:\WINDOWS\system32\sens.dll
20:19:38.0171 0140 SENS - ok
20:19:38.0171 0140 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
20:19:38.0250 0140 serenum - ok
20:19:38.0281 0140 Serial (cf24eb4f0412c82bcd1f4f35a025e31d) C:\WINDOWS\system32\DRIVERS\serial.sys
20:19:38.0359 0140 Serial - ok
20:19:38.0468 0140 ServiceLayer - ok
20:19:38.0515 0140 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
20:19:38.0593 0140 Sfloppy - ok
20:19:38.0640 0140 SharedAccess (cad058d5f8b889a87ca3eb3cf624dcef) C:\WINDOWS\System32\ipnathlp.dll
20:19:38.0765 0140 SharedAccess - ok
20:19:38.0828 0140 ShellHWDetection (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
20:19:38.0843 0140 ShellHWDetection - ok
20:19:38.0843 0140 Simbad - ok
20:19:38.0875 0140 SkypeUpdate (f07af60b152221472fbdb2fecec4896d) C:\Programme\Skype\Updater\Updater.exe
20:19:38.0890 0140 SkypeUpdate - ok
20:19:38.0921 0140 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
20:19:38.0984 0140 SLIP - ok
20:19:39.0421 0140 SNPSTD3 (11bb0e11d42cc3a43d741d9b30839be1) C:\WINDOWS\system32\DRIVERS\snpstd3.sys
20:19:39.0921 0140 SNPSTD3 - ok
20:19:40.0031 0140 Sparrow - ok
20:19:40.0046 0140 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
20:19:40.0125 0140 splitter - ok
20:19:40.0140 0140 Spooler (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
20:19:40.0171 0140 Spooler - ok
20:19:40.0265 0140 sptd (cdddec541bc3c96f91ecb48759673505) C:\WINDOWS\system32\Drivers\sptd.sys
20:19:40.0265 0140 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: cdddec541bc3c96f91ecb48759673505
20:19:40.0265 0140 sptd ( LockedFile.Multi.Generic ) - warning
20:19:40.0265 0140 sptd - detected LockedFile.Multi.Generic (1)
20:19:40.0265 0140 sr (50fa898f8c032796d3b1b9951bb5a90f) C:\WINDOWS\system32\DRIVERS\sr.sys
20:19:40.0328 0140 sr - ok
20:19:40.0390 0140 srservice (fe77a85495065f3ad59c5c65b6c54182) C:\WINDOWS\system32\srsvc.dll
20:19:40.0468 0140 srservice - ok
20:19:40.0500 0140 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
20:19:40.0562 0140 Srv - ok
20:19:40.0593 0140 sscdbus (d6870895fe46a464a19141440eb6cc1e) C:\WINDOWS\system32\DRIVERS\sscdbus.sys
20:19:40.0671 0140 sscdbus - ok
20:19:40.0687 0140 sscdmdfl (0fe167362e4689b716cdc8d93adedda8) C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys
20:19:40.0781 0140 sscdmdfl - ok
20:19:40.0796 0140 sscdmdm (55a15707e32b6709242ad127e62ca55a) C:\WINDOWS\system32\DRIVERS\sscdmdm.sys
20:19:40.0828 0140 sscdmdm - ok
20:19:40.0890 0140 SSDPSRV (4df5b05dfaec29e13e1ed6f6ee12c500) C:\WINDOWS\System32\ssdpsrv.dll
20:19:40.0968 0140 SSDPSRV - ok
20:19:41.0000 0140 StarOpen (f92254b0bcfcd10caac7bccc7cb7f467) C:\WINDOWS\system32\drivers\StarOpen.sys
20:19:41.0031 0140 StarOpen ( UnsignedFile.Multi.Generic ) - warning
20:19:41.0031 0140 StarOpen - detected UnsignedFile.Multi.Generic (1)
20:19:41.0109 0140 Steam Client Service - ok
20:19:41.0171 0140 stisvc (bc2c5985611c5356b24aeb370953ded9) C:\WINDOWS\system32\wiaservc.dll
20:19:41.0281 0140 stisvc - ok
20:19:41.0312 0140 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
20:19:41.0390 0140 streamip - ok
20:19:41.0437 0140 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
20:19:41.0515 0140 swenum - ok
20:19:41.0546 0140 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
20:19:41.0625 0140 swmidi - ok
20:19:41.0625 0140 SwPrv - ok
20:19:41.0625 0140 symc810 - ok
20:19:41.0640 0140 symc8xx - ok
20:19:41.0640 0140 sym_hi - ok
20:19:41.0640 0140 sym_u3 - ok
20:19:41.0687 0140 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
20:19:41.0765 0140 sysaudio - ok
20:19:41.0781 0140 SysmonLog (2903fffa2523926d6219428040dce6b9) C:\WINDOWS\system32\smlogsvc.exe
20:19:41.0843 0140 SysmonLog - ok
20:19:41.0921 0140 TapiSrv (05903cac4b98908d55ea5774775b382e) C:\WINDOWS\System32\tapisrv.dll
20:19:41.0984 0140 TapiSrv - ok
20:19:42.0062 0140 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
20:19:42.0125 0140 Tcpip - ok
20:19:42.0187 0140 Tcpip6 (4e53bbcc4be37d7a4bd6ef1098c89ff7) C:\WINDOWS\system32\DRIVERS\tcpip6.sys
20:19:42.0218 0140 Tcpip6 - ok
20:19:42.0250 0140 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
20:19:42.0312 0140 TDPIPE - ok
20:19:42.0328 0140 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
20:19:42.0421 0140 TDTCP - ok
20:19:42.0437 0140 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
20:19:42.0500 0140 TermDD - ok
20:19:42.0546 0140 TermService (b7de02c863d8f5a005a7bf375375a6a4) C:\WINDOWS\System32\termsrv.dll
20:19:42.0625 0140 TermService - ok
20:19:42.0671 0140 Themes (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
20:19:42.0671 0140 Themes - ok
20:19:42.0687 0140 TosIde - ok
20:19:42.0687 0140 TrkWks (626504572b175867f30f3215c04b3e2f) C:\WINDOWS\system32\trkwks.dll
20:19:42.0765 0140 TrkWks - ok
20:19:42.0828 0140 tunmp (8f861eda21c05857eb8197300a92501c) C:\WINDOWS\system32\DRIVERS\tunmp.sys
20:19:42.0890 0140 tunmp - ok
20:19:42.0906 0140 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
20:19:42.0968 0140 Udfs - ok
20:19:42.0968 0140 ultra - ok
20:19:43.0000 0140 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
20:19:43.0093 0140 Update - ok
20:19:43.0140 0140 upnphost (1dfd8975d8c89214b98d9387c1125b49) C:\WINDOWS\System32\upnphost.dll
20:19:43.0218 0140 upnphost - ok
20:19:43.0218 0140 UPS (9b11e6118958e63e1fef129466e2bda7) C:\WINDOWS\System32\ups.exe
20:19:43.0296 0140 UPS - ok
20:19:43.0343 0140 USBAAPL (d4fb6ecc60a428564ba8768b0e23c0fc) C:\WINDOWS\system32\Drivers\usbaapl.sys
20:19:43.0406 0140 USBAAPL - ok
20:19:43.0437 0140 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
20:19:43.0531 0140 usbccgp - ok
20:19:43.0562 0140 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
20:19:43.0625 0140 usbehci - ok
20:19:43.0625 0140 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
20:19:43.0718 0140 usbhub - ok
20:19:43.0734 0140 usbohci (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
20:19:43.0796 0140 usbohci - ok
20:19:43.0812 0140 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
20:19:43.0906 0140 usbscan - ok
20:19:43.0921 0140 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
20:19:44.0000 0140 USBSTOR - ok
20:19:44.0000 0140 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
20:19:44.0078 0140 VgaSave - ok
20:19:44.0078 0140 ViaIde - ok
20:19:44.0078 0140 VolSnap (a5a712f4e880874a477af790b5186e1d) C:\WINDOWS\system32\drivers\VolSnap.sys
20:19:44.0140 0140 VolSnap - ok
20:19:44.0203 0140 VSS (68f106273be29e7b7ef8266977268e78) C:\WINDOWS\System32\vssvc.exe
20:19:44.0296 0140 VSS - ok
20:19:44.0328 0140 W32Time (7b353059e665f8b7ad2bbeaef597cf45) C:\WINDOWS\system32\w32time.dll
20:19:44.0421 0140 W32Time - ok
20:19:44.0421 0140 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
20:19:44.0500 0140 Wanarp - ok
20:19:44.0546 0140 Wdf01000 (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\Drivers\wdf01000.sys
20:19:44.0593 0140 Wdf01000 - ok
20:19:44.0593 0140 WDICA - ok
20:19:44.0625 0140 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
20:19:44.0703 0140 wdmaud - ok
20:19:44.0734 0140 WebClient (81727c9873e3905a2ffc1ebd07265002) C:\WINDOWS\System32\webclnt.dll
20:19:44.0796 0140 WebClient - ok
20:19:44.0906 0140 winmgmt (6f3f3973d97714cc5f906a19fe883729) C:\WINDOWS\system32\wbem\WMIsvc.dll
20:19:44.0984 0140 winmgmt - ok
20:19:45.0156 0140 wlidsvc (5144ae67d60ec653f97ddf3feed29e77) C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:19:45.0265 0140 wlidsvc - ok
20:19:45.0437 0140 WmBEnum (5d410936831f7fb58eff941eac3f6d3d) C:\WINDOWS\system32\drivers\WmBEnum.sys
20:19:45.0453 0140 WmBEnum - ok
20:19:45.0500 0140 WmdmPmSN (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
20:19:45.0578 0140 WmdmPmSN - ok
20:19:45.0593 0140 WmFilter (7a13cfde92956ca61a0927d766c5ad4f) C:\WINDOWS\system32\drivers\WmFilter.sys
20:19:45.0609 0140 WmFilter - ok
20:19:45.0640 0140 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
20:19:45.0703 0140 WmiAcpi - ok
20:19:45.0750 0140 WmiApSrv (93908111ba57a6e60ec2fa2de202105c) C:\WINDOWS\system32\wbem\wmiapsrv.exe
20:19:45.0828 0140 WmiApSrv - ok
20:19:45.0859 0140 WMPNetworkSvc - ok
20:19:45.0875 0140 WmVirHid (6f04646bc690f8bbfc344be32a60796d) C:\WINDOWS\system32\drivers\WmVirHid.sys
20:19:45.0890 0140 WmVirHid - ok
20:19:45.0890 0140 WmXlCore (1d6ca43d562333f4dfb40bcef2453f3a) C:\WINDOWS\system32\drivers\WmXlCore.sys
20:19:45.0921 0140 WmXlCore - ok
20:19:45.0937 0140 WpdUsb (cf4def1bf66f06964dc0d91844239104) C:\WINDOWS\system32\DRIVERS\wpdusb.sys
20:19:45.0953 0140 WpdUsb - ok
20:19:46.0000 0140 wscsvc (300b3e84faf1a5c1f791c159ba28035d) C:\WINDOWS\system32\wscsvc.dll
20:19:46.0062 0140 wscsvc - ok
20:19:46.0093 0140 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
20:19:46.0187 0140 WSTCODEC - ok
20:19:46.0312 0140 WTGService (d7e88349be0f01e4d8d776adb1f325bf) C:\Programme\Verbindungsassistent\WTGService.exe
20:19:46.0328 0140 WTGService - ok
20:19:46.0375 0140 wuauserv (7b4fe05202aa6bf9f4dfd0e6a0d8a085) C:\WINDOWS\system32\wuauserv.dll
20:19:46.0484 0140 wuauserv - ok
20:19:46.0531 0140 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
20:19:46.0593 0140 WudfPf - ok
20:19:46.0625 0140 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
20:19:46.0640 0140 WudfRd - ok
20:19:46.0687 0140 WudfSvc (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
20:19:46.0718 0140 WudfSvc - ok
20:19:46.0781 0140 WZCSVC (c4f109c005f6725162d2d12ca751e4a7) C:\WINDOWS\System32\wzcsvc.dll
20:19:46.0875 0140 WZCSVC - ok
20:19:46.0890 0140 xmlprov (0ada34871a2e1cd2caafed1237a47750) C:\WINDOWS\System32\xmlprov.dll
20:19:47.0046 0140 xmlprov - ok
20:19:47.0062 0140 ZDPSp50 (00ae175b903d45ed4a62384d3315dc2a) C:\WINDOWS\system32\Drivers\ZDPSp50.sys
20:19:47.0093 0140 ZDPSp50 ( UnsignedFile.Multi.Generic ) - warning
20:19:47.0093 0140 ZDPSp50 - detected UnsignedFile.Multi.Generic (1)
20:19:47.0125 0140 MBR (0x1B8) (72b8ce41af0de751c946802b3ed844b4) \Device\Harddisk0\DR0
20:19:47.0343 0140 \Device\Harddisk0\DR0 - ok
20:19:47.0343 0140 Boot (0x1200) (a7bcecb78623ec80af130fa3381de7c8) \Device\Harddisk0\DR0\Partition0
20:19:47.0343 0140 \Device\Harddisk0\DR0\Partition0 - ok
20:19:47.0343 0140 ============================================================
20:19:47.0343 0140 Scan finished
20:19:47.0343 0140 ============================================================
20:19:47.0468 0508 Detected object count: 9
20:19:47.0468 0508 Actual detected object count: 9
20:20:24.0656 0508 AegisP ( UnsignedFile.Multi.Generic ) - skipped by user
20:20:24.0656 0508 AegisP ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:20:24.0656 0508 ATI Smart ( UnsignedFile.Multi.Generic ) - skipped by user
20:20:24.0656 0508 ATI Smart ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:20:24.0656 0508 EAPPkt ( UnsignedFile.Multi.Generic ) - skipped by user
20:20:24.0656 0508 EAPPkt ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:20:24.0656 0508 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - skipped by user
20:20:24.0656 0508 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:20:24.0656 0508 RT73 ( UnsignedFile.Multi.Generic ) - skipped by user
20:20:24.0656 0508 RT73 ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:20:24.0656 0508 Scutum50 ( UnsignedFile.Multi.Generic ) - skipped by user
20:20:24.0656 0508 Scutum50 ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:20:24.0656 0508 sptd ( LockedFile.Multi.Generic ) - skipped by user
20:20:24.0656 0508 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
20:20:24.0656 0508 StarOpen ( UnsignedFile.Multi.Generic ) - skipped by user
20:20:24.0656 0508 StarOpen ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:20:24.0656 0508 ZDPSp50 ( UnsignedFile.Multi.Generic ) - skipped by user
20:20:24.0656 0508 ZDPSp50 ( UnsignedFile.Multi.Generic ) - User select action: Skip

Alt 10.02.2013, 20:38   #9
markusg
/// Malware-holic
 
Grauer Bildschirm nach Windowsstart - Standard

Grauer Bildschirm nach Windowsstart



passt.
Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 10.02.2013, 21:00   #10
knoden
 
Grauer Bildschirm nach Windowsstart - Standard

Grauer Bildschirm nach Windowsstart



Ok hab ich gemacht, aber während dem scan ist windows abgestürzt, blauer Bildschirm mit ner Fehlermeldung. Neu hochgefahren, aber keine .txt von Combofix gefunden.

Alt 10.02.2013, 21:04   #11
markusg
/// Malware-holic
 
Grauer Bildschirm nach Windowsstart - Standard

Grauer Bildschirm nach Windowsstart



starte neu, drücke f8 wähle abgesicherter modus, melde dich in deinem Konto an, versuche Combofix erneut, starte neu, poste bitte den Bericht
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 10.02.2013, 21:35   #12
knoden
 
Grauer Bildschirm nach Windowsstart - Standard

Grauer Bildschirm nach Windowsstart



Da gibt es mehrere Möglichkeiten im abgesicherten Modus:

Microsoft Windows Recovery Console

do not select [Debugger aktiviert]

Microsoft Windows XP Home Edition

...aber bei letzte Option kommt wieder der blaue Bildschirm und der PC startet neu.

Zitat:
Zitat von knoden Beitrag anzeigen
Da gibt es mehrere Möglichkeiten im abgesicherten Modus:

Microsoft Windows Recovery Console

do not select [Debugger aktiviert]

Microsoft Windows XP Home Edition

...aber bei letzter Option kommt wieder der blaue Bildschirm und der PC startet neu.
Soll ichs im Normalen Modus nochmal versuchen?

Alt 11.02.2013, 12:51   #13
markusg
/// Malware-holic
 
Grauer Bildschirm nach Windowsstart - Standard

Grauer Bildschirm nach Windowsstart



nein.
malwarebytes:
Downloade Dir bitte Malwarebytes
  • Installiere
    das Programm in den vorgegebenen Pfad.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Starte Malwarebytes, klicke auf Aktualisierung --> Suche
    nach Aktualisierung
  • Wenn das Update beendet wurde, aktiviere vollständiger Scan durchführen und drücke auf Scannen.
  • Wenn der Scan beendet
    ist, klicke auf Ergebnisse anzeigen.
  • Versichere Dich, dass alle Funde markiert sind und drücke Entferne Auswahl.
  • Poste
    das Logfile, welches sich in Notepad öffnet, hier in den Thread.
  • Nachträglich kannst du den Bericht unter "Log Dateien" finden.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 13.02.2013, 15:39   #14
knoden
 
Grauer Bildschirm nach Windowsstart - Standard

Grauer Bildschirm nach Windowsstart



Hat ohne Probleme geklappt.


Malwarebytes Anti-Malware 1.70.0.1100
Malwarebytes : Free Anti-Malware download

Datenbank Version: v2013.02.13.05

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Knoden :: *** [Administrator]

13.02.2013 13:40:02
mbam-log-2013-02-13 (13-40-02).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 392943
Laufzeit: 1 Stunde(n), 42 Minute(n), 9 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|svñhîst (Trojan.Agent) -> Daten: %USERPROFILE%\wgsdgsdgdsgsd.exe -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 2
C:\Dokumente und Einstellungen\Knoden\Lokale Einstellungen\Anwendungsdaten\Sun\Java\Deployment\cache\6.0\24\60701698-2cdccae7 (Trojan.Ransom.ED) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\_OTL\MovedFiles\02102013_200343\C_Dokumente und Einstellungen\Knoden\wgsdgsdgdsgsd.exe (Trojan.Ransom.ED) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)

Alt 13.02.2013, 18:03   #15
markusg
/// Malware-holic
 
Grauer Bildschirm nach Windowsstart - Standard

Grauer Bildschirm nach Windowsstart



hi
lade den CCleaner standard:
CCleaner - Download - Filepony
falls der CCleaner
bereits instaliert, überspringen.
öffnen, Tools (extras),uninstall Llist, als txt speichern. öffnen.
hinter, jedes von dir benötigte programm, schreibe notwendig.
hinter, jedes, von dir nicht benötigte, unnötig.
hinter, dir unbekannte, unbekannt.
liste posten.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Antwort

Themen zu Grauer Bildschirm nach Windowsstart
bildschirm, fenster, grauer, grauer bildschirm, komplette, kompletten, natürlich, problem, sekunden, strom, systems, systemstart, vordergrund, vorgehen, wenige, wenigen, windowsstart, öffnet




Ähnliche Themen: Grauer Bildschirm nach Windowsstart


  1. Win 8.1 grauer Bildschirm nach Bios update
    Alles rund um Windows - 10.11.2014 (5)
  2. Grauer Bildschirm nach Zahlungsaufforderung!
    Plagegeister aller Art und deren Bekämpfung - 16.01.2014 (3)
  3. Weißer Bildschirm nach Windowsstart
    Plagegeister aller Art und deren Bekämpfung - 31.05.2013 (31)
  4. Weißer Bildschirm nach dem normalen Windowsstart und auch im abgesicherten Modus
    Log-Analyse und Auswertung - 30.05.2013 (23)
  5. Grauer Bildschirm nach Windowsstart
    Log-Analyse und Auswertung - 23.04.2013 (14)
  6. Bildschirm weis nach windowsstart
    Log-Analyse und Auswertung - 18.04.2013 (4)
  7. Wieder mal der weiße Bildschirm nach Windowsstart
    Plagegeister aller Art und deren Bekämpfung - 15.04.2013 (5)
  8. Grauer Bildschirm nach Windows XP Start
    Plagegeister aller Art und deren Bekämpfung - 22.02.2013 (14)
  9. Nach Laptop start grauer Bildschirm Windows 8
    Plagegeister aller Art und deren Bekämpfung - 30.01.2013 (1)
  10. weisser Bildschirm nach Windowsstart
    Plagegeister aller Art und deren Bekämpfung - 14.01.2013 (4)
  11. Grauer Bildschirm nach Start mit Windows Vista
    Plagegeister aller Art und deren Bekämpfung - 10.01.2013 (41)
  12. grauer Bildschirm nach Anmeldung, Windows XP
    Log-Analyse und Auswertung - 01.01.2013 (13)
  13. Weißer Bildschirm nach Windowsstart
    Plagegeister aller Art und deren Bekämpfung - 20.12.2012 (24)
  14. grauer bildschirm nach systemstart bei wondows 7
    Plagegeister aller Art und deren Bekämpfung - 05.12.2012 (1)
  15. Virus(Trojaner)-weißer Bildschirm nach Windowsstart
    Plagegeister aller Art und deren Bekämpfung - 14.10.2012 (11)
  16. (2x) Trojaner: Grauer Bildschirm nach dem Anmelden...
    Mülltonne - 24.06.2012 (1)
  17. Grauer Bildschirm nach dem Anmelden...Meldung: Nach Problemlösung im Internet suchen
    Log-Analyse und Auswertung - 22.06.2012 (1)

Zum Thema Grauer Bildschirm nach Windowsstart - Hallo, Mein Problem ist, dass nach dem Systemstart sich nach wenigen Sekunden ein graues Fenster öffnet, das den kompletten Bildschirm ausfüllt und sich immer in den Vordergrund stellt. Ich habe - Grauer Bildschirm nach Windowsstart...
Archiv
Du betrachtest: Grauer Bildschirm nach Windowsstart auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.