bka trojaner kann den abgesicherten modus nicht starten

OTL logfile created on: 2/15/2013 12:05:13 PM - Run 
OTLPE by OldTimer - Version 3.1.48.0     Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1,023.00 Mb Total Physical Memory | 777.00 Mb Available Physical Memory | 76.00% Memory free
907.00 Mb Paging File | 822.00 Mb Available in Paging File | 91.00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 113.76 Gb Total Space | 58.43 Gb Free Space | 51.37% Space Free | Partition Type: NTFS
Drive H: | 114.22 Gb Total Space | 76.84 Gb Free Space | 67.27% Space Free | Partition Type: FAT32
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet004
 
========== Win32 Services (SafeList) ==========
 
SRV - File not found [On_Demand] --  -- (G Data Tuner Service)
SRV - File not found [Auto] --  -- (Automatisches LiveUpdate - Scheduler)
SRV - [2013/02/08 09:02:03 | 000,251,248 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/12/14 10:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) [Auto] -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/12/14 10:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) [Auto] -- C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/08/11 10:43:06 | 000,055,184 | ---- | M] (Apple Inc.) [Auto] -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2012/06/15 21:24:19 | 000,138,272 | R--- | M] (Symantec Corporation) [Auto] -- C:\Programme\Norton Internet Security\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe -- (NIS)
SRV - [2008/04/13 21:22:23 | 000,105,472 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\p2pgasvc.dll -- (p2pgasvc)
SRV - [2008/04/13 21:22:12 | 000,036,864 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\iprip.dll -- (Iprip)
SRV - [2008/01/29 09:09:02 | 000,394,704 | ---- | M] (Symantec, Inc.) [On_Demand] -- C:\Programme\Gemeinsame Dateien\Symantec Shared\Support Controls\ssrc.exe -- (Symantec RemoteAssist)
SRV - [2006/12/14 10:00:00 | 000,544,768 | ---- | M] (Magix AG) [On_Demand] -- C:\Programme\Gemeinsame Dateien\MAGIX Shared\UPnPService\UPnPService.exe -- (UPnPService)
SRV - [2006/05/11 09:22:48 | 000,028,672 | ---- | M] (Acer Inc.) [Auto] -- C:\Acer\Empowering Technology\ePerformance\MemCheck.exe -- (AcerMemUsageCheckService)
SRV - [2006/02/17 08:26:32 | 000,073,728 | ---- | M] (Hewlett-Packard Company) [Auto] -- C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe -- (LightScribeService)
SRV - [2005/11/17 07:18:52 | 001,527,900 | ---- | M] (MAGIX®) [On_Demand] -- C:\MAGIX\Common\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
SRV - [2005/11/13 19:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand] -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2004/03/18 10:55:48 | 000,065,536 | ---- | M] (HP) [On_Demand] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
SRV - [2001/02/23 04:07:30 | 000,270,336 | ---- | M] (Microsoft Corporation) [Auto] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe -- (MDM)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand] --  -- (wanatw) WAN Miniport (ATW)
DRV - File not found [Kernel | On_Demand] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] --  -- (PDCOMP)
DRV - File not found [Kernel | System] --  -- (PCIDump)
DRV - File not found [Kernel | System] --  -- (lbrtfdc)
DRV - File not found [Kernel | System] --  -- (i2omgmt)
DRV - File not found [Kernel | System] --  -- (Changer)
DRV - File not found [Kernel | On_Demand] --  -- (BT4501G)
DRV - [2013/01/17 16:27:14 | 001,603,824 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\VirusDefs\20130214.016\NAVEX15.SYS -- (NAVEX15)
DRV - [2013/01/17 16:27:14 | 000,093,296 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\VirusDefs\20130214.016\NAVENG.SYS -- (NAVENG)
DRV - [2013/01/15 21:51:12 | 000,997,464 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\BASHDefs\20130208.001\BHDrvx86.sys -- (BHDrvx86)
DRV - [2012/12/14 10:49:28 | 000,021,104 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012/08/31 19:27:26 | 000,373,728 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\IPSDefs\20130208.004\IDSxpx86.sys -- (IDSxpx86)
DRV - [2012/08/10 07:17:13 | 000,376,480 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\Programme\Gemeinsame Dateien\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2012/07/05 21:17:57 | 000,574,112 | ---- | M] (Symantec Corporation) [File_System | On_Demand] -- C:\WINDOWS\System32\Drivers\NIS\1309010.00E\SRTSP.SYS -- (SRTSP)
DRV - [2012/07/05 21:17:57 | 000,032,928 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\NIS\1309010.00E\SRTSPX.SYS -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV - [2012/06/06 23:43:43 | 000,132,768 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\NIS\1309010.00E\ccSetx86.sys -- (ccSet_NIS)
DRV - [2012/05/21 20:37:12 | 000,924,320 | ---- | M] (Symantec Corporation) [File_System | Boot] -- C:\WINDOWS\system32\drivers\NIS\1309010.00E\symefa.sys -- (SymEFA)
DRV - [2012/04/17 21:13:32 | 000,388,216 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\WINDOWS\System32\Drivers\NIS\1309010.00E\SYMTDI.SYS -- (SYMTDI)
DRV - [2012/04/17 20:42:14 | 000,149,624 | ---- | M] (Symantec Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\NIS\1309010.00E\Ironx86.SYS -- (SymIRON)
DRV - [2012/03/24 09:41:51 | 000,141,944 | ---- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2011/11/23 13:23:20 | 000,044,024 | R--- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\SymIM.sys -- (SymIMMP)
DRV - [2011/11/23 13:23:20 | 000,044,024 | R--- | M] (Symantec Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\SymIM.sys -- (SymIM)
DRV - [2011/08/17 03:56:30 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2011/08/17 03:56:26 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2011/08/17 03:56:22 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2011/08/15 17:51:40 | 000,340,088 | R--- | M] (Symantec Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\NIS\1309010.00E\symds.sys -- (SymDS)
DRV - [2011/05/31 21:17:33 | 000,987,904 | R--- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\RTL8192cu.sys -- (RTL8192cu)
DRV - [2010/11/20 05:33:56 | 000,027,632 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\seehcri.sys -- (seehcri)
DRV - [2010/11/20 05:33:39 | 000,025,512 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ggsemc.sys -- (ggsemc)
DRV - [2010/11/20 05:33:39 | 000,013,224 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ggflt.sys -- (ggflt)
DRV - [2010/02/11 07:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)
DRV - [2009/12/07 09:41:32 | 000,594,048 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\RTL8192su.sys -- (RTL8192su)
DRV - [2008/04/24 12:27:59 | 000,021,248 | ---- | M] (AVIRA GmbH) [Kernel | System] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2007/07/07 07:07:19 | 000,110,304 | ---- | M] (Protect Software GmbH) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\ACEDRV09.sys -- (ACEDRV09)
DRV - [2007/04/23 09:54:50 | 000,100,488 | R--- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\s115mgmt.sys -- (s115mgmt) Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM)
DRV - [2007/04/23 09:54:50 | 000,098,568 | R--- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\s115obex.sys -- (s115obex)
DRV - [2007/04/23 09:54:48 | 000,108,680 | R--- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\s115mdm.sys -- (s115mdm)
DRV - [2007/04/23 09:54:48 | 000,015,112 | R--- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\s115mdfl.sys -- (s115mdfl)
DRV - [2007/04/23 09:54:46 | 000,083,208 | R--- | M] (MCCI Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\s115bus.sys -- (s115bus) Sony Ericsson Device 115 driver (WDM)
DRV - [2007/01/16 00:28:26 | 000,008,552 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | Auto] -- C:\WINDOWS\System32\drivers\asctrm.sys -- (ASCTRM)
DRV - [2006/08/02 11:07:50 | 001,681,920 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2006/07/10 02:53:00 | 000,244,864 | ---- | M] (Marvell) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2006/06/06 06:09:26 | 004,284,928 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2005/10/28 04:38:18 | 000,402,432 | ---- | M] (ZyDAS Technology Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ZD1211BU.sys -- (ZD1211BU(ZyDAS)) ZyDAS ZD1211B IEEE 802.11 b+g Wireless LAN Driver (USB)(ZyDAS)
DRV - [2005/10/04 08:38:24 | 000,280,064 | ---- | M] (ZyDAS Technology Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ZD1211U.sys -- (ZD1211U(ZyDAS)) ZyDAS ZD1211 IEEE 802.11b+g Wireless LAN Driver (USB)(ZyDAS)
DRV - [2005/01/13 08:46:16 | 000,069,632 | ---- | M] () [Kernel | On_Demand] -- C:\Acer\Empowering Technology\eRecovery\int15.sys -- (int15.sys)
DRV - [2004/10/25 06:40:58 | 000,017,664 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ZDPSp50.sys -- (ZDPSp50)
DRV - [2003/12/08 05:53:48 | 000,053,600 | ---- | M] (THOMSON) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\alcan5wn.sys -- (alcan5wn) SpeedTouch USB ADSL PPP Networking Driver (NDISWAN)
DRV - [2003/12/08 05:53:46 | 000,070,688 | ---- | M] (THOMSON) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\alcaudsl.sys -- (alcaudsl)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://de.rd.yahoo.com/customize/ycomp/defaults/sp/*hxxp://de.yahoo.com
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://global.acer.com
IE - HKU\Administrator_ON_C\Software\Microsoft\Internet Explorer\Search,CustomSearch = 
 
 
IE - HKU\Monika_und_Jürgen_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
IE - HKU\Monika_und_Jürgen_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKU\Monika_und_Jürgen_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Yahoo! Search
IE - HKU\Monika_und_Jürgen_ON_C\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
IE - HKU\Monika_und_Jürgen_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/webhp?hl=de
IE - HKU\Monika_und_Jürgen_ON_C\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKU\Monika_und_Jürgen_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKU\Monika_und_Jürgen_ON_C\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKU\Monika_und_Jürgen_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Monika_und_Jürgen_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKU\Monika_und_Jürgen_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = :
 
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Programme\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Programme\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_32: C:\WINDOWS\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Programme\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF - HKLM\Software\MozillaPlugins\@zylom.com/ZylomGamesPlayer: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\IPSFFPlgn\ [2012/03/24 12:58:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\coFFPlgn\ [2013/02/15 03:29:48 | 000,000,000 | ---D | M]
 
 
O1 HOSTS File: ([2004/08/10 14:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Programme\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Programme\Norton Internet Security\Norton Internet Security\Engine\19.9.1.14\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Programme\Norton Internet Security\Norton Internet Security\Engine\19.9.1.14\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (no name) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll (HiTRUST)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Programme\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Programme\Norton Internet Security\Norton Internet Security\Engine\19.9.1.14\coieplg.dll (Symantec Corporation)
O3 - HKU\Monika_und_Jürgen_ON_C\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll (HiTRUST)
O3 - HKU\Monika_und_Jürgen_ON_C\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Programme\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4 - HKLM..\Run: [AppleSyncNotifier] C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleSyncNotifier.exe (Apple Inc.)
O4 - HKLM..\Run: [APSDaemon] C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Programme\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKU\Monika_und_Jürgen_ON_C..\Run: [Performance Center]  File not found
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Acer Empowering Technology.lnk = C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe (Acer Inc.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Acer WLAN 11g USB Dongle.lnk = C:\Programme\Acer WLAN 11g USB Dongle\ZDWlan.exe (X-Micro Technology Corp.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Monika_und_Jürgen_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Monika_und_Jürgen_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: SpecifyDefaultButtons = 2
O7 - HKU\Monika_und_Jürgen_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Back = 1
O7 - HKU\Monika_und_Jürgen_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Forward = 1
O7 - HKU\Monika_und_Jürgen_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Stop = 1
O7 - HKU\Monika_und_Jürgen_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Refresh = 1
O7 - HKU\Monika_und_Jürgen_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Home = 1
O7 - HKU\Monika_und_Jürgen_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Search = 1
O7 - HKU\Monika_und_Jürgen_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_History = 1
O7 - HKU\Monika_und_Jürgen_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Favorites = 1
O7 - HKU\Monika_und_Jürgen_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Media = 1
O7 - HKU\Monika_und_Jürgen_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_MailNews = 1
O7 - HKU\Monika_und_Jürgen_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Print = 1
O7 - HKU\Monika_und_Jürgen_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Discussions = 1
O7 - HKU\Monika_und_Jürgen_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Edit = 1
O7 - HKU\Monika_und_Jürgen_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Folders = 2
O7 - HKU\Monika_und_Jürgen_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Fullscreen = 2
O7 - HKU\Monika_und_Jürgen_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Size = 2
O7 - HKU\Monika_und_Jürgen_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Cut = 2
O7 - HKU\Monika_und_Jürgen_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Copy = 2
O7 - HKU\Monika_und_Jürgen_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Paste = 2
O7 - HKU\Monika_und_Jürgen_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Encoding = 2
O7 - HKU\Monika_und_Jürgen_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Btn_Tools = 2
O7 - HKU\Monika_und_Jürgen_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWindowsUpdate = 0
O7 - HKU\Monika_und_Jürgen_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoToolbarCustomize = 0
O7 - HKU\Monika_und_Jürgen_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoBandCustomize = 0
O7 - HKU\Monika_und_Jürgen_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetIcon = 0
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr (Google Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} hxxp://www.new2.foto.com/ImageUploader5.cab (Image Uploader Control)
O16 - DPF: {6A344D34-5231-452A-8A57-D064AC9B7862} https://webdl.symantec.com/activex/symdlmgr.cab (Symantec Download Manager)
O16 - DPF: {6E718D87-6909-4FCE-92D4-EDCB2F725727} hxxp://www.navigram.com/engine/v906/Navigram.cab (Navigram Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {A9F8D9EC-3D0A-4A60-BD82-FBD64BAD370D} hxxp://h20264.www2.hp.com/ediags/dd/install/HPDriverDiagnosticsxp2k.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} hxxp://gamenextde.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab (Oberon Flash Game Host)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object)
O16 - DPF: Garmin Communicator Plug-In https://static.garmincdn.com/gcp/ie/2.9.2.0/GarminAxControl.CAB (Reg Error: Key error.)
O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Programme\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKU\Monika_und_Jürgen_ON_C Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKU\Monika_und_Jürgen_ON_C Winlogon: Shell - (C:\Dokumente und Einstellungen\Monika und Jürgen\Anwendungsdaten\skype.dat) - C:\Dokumente und Einstellungen\Monika und Jürgen\Anwendungsdaten\skype.dat ()
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\WgaLogon: DllName - Reg Error: Value error. - Reg Error: Value error. File not found
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: 
O24 - Desktop BackupWallPaper: 
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/15 07:53:12 | 000,000,050 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010/12/22 11:37:50 | 000,000,100 | ---- | M] () - H:\AUTORUN.INF -- [ FAT32 ]
O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013/02/10 03:51:24 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\Monika und Jürgen\Desktop\.picasaoriginals
[2013/02/03 05:06:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Adobe
[2007/01/16 00:31:06 | 000,016,384 | ---- | C] ( ) -- C:\WINDOWS\System32\ClearEvent.exe
[2007/01/16 00:30:37 | 000,053,248 | ---- | C] ( ) -- C:\WINDOWS\System32\Interop.Shell32.dll
[2007/01/16 00:30:37 | 000,049,152 | ---- | C] ( ) -- C:\WINDOWS\System32\SysMonitor.exe
[2006/08/15 17:57:33 | 000,357,768 | ---- | C] (Symantec Corporation) -- C:\Dokumente und Einstellungen\Monika und Jürgen\SymXPep2.dll
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[11 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Dokumente und Einstellungen\Monika und Jürgen\Desktop\*.tmp files -> C:\Dokumente und Einstellungen\Monika und Jürgen\Desktop\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013/02/15 10:01:00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013/02/15 09:43:07 | 000,001,090 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013/02/15 05:43:59 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013/02/15 05:43:15 | 1073,074,176 | -HS- | M] () -- C:\hiberfil.sys
[2013/02/15 05:41:23 | 000,410,288 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/02/15 03:32:28 | 000,694,699 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1309010.00E\Cat.DB
[2013/02/15 03:32:20 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2013/02/15 03:30:44 | 000,000,004 | ---- | M] () -- C:\Dokumente und Einstellungen\Monika und Jürgen\Anwendungsdaten\skype.ini
[2013/02/15 03:26:29 | 000,001,086 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013/02/15 01:32:22 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013/02/10 03:51:24 | 000,003,505 | ---- | M] () -- C:\Dokumente und Einstellungen\Monika und Jürgen\Desktop\mF15QWJ3y9k8Go_tyGy3GwQ.jpg
[2013/02/09 02:42:11 | 000,002,212 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Norton Internet Security.LNK
[2013/02/09 02:42:09 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Norton Internet Security
[2013/02/09 02:40:35 | 000,014,818 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1309010.00E\VT20130115.021
[2013/02/08 09:01:38 | 000,697,712 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013/02/08 09:01:38 | 000,074,096 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013/02/08 09:01:33 | 015,739,760 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerInstaller.exe
[2013/02/02 01:12:08 | 000,000,172 | ---- | M] () -- C:\WINDOWS\System32\drivers\NIS\1309010.00E\isolate.ini
[2013/01/27 06:20:42 | 000,008,134 | ---- | M] () -- C:\Dokumente und Einstellungen\Monika und Jürgen\Desktop\m8D2sFy5zOdw65t72n79_Gw.jpg
[2013/01/25 22:55:37 | 000,552,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\oleaut32.dll
[2013/01/25 13:15:32 | 000,000,760 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\ Malwarebytes Anti-Malware .lnk
[2013/01/25 13:15:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware
[2013/01/22 13:53:18 | 000,000,742 | ---- | M] () -- C:\Dokumente und Einstellungen\Monika und Jürgen\Desktop\Gemeinames Konto_2013.lnk
[2013/01/18 07:50:35 | 000,392,786 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2013/01/18 07:50:35 | 000,381,828 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013/01/18 07:50:35 | 000,064,604 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2013/01/18 07:50:35 | 000,053,572 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[11 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\Dokumente und Einstellungen\Monika und Jürgen\Desktop\*.tmp files -> C:\Dokumente und Einstellungen\Monika und Jürgen\Desktop\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013/02/15 10:32:42 | 000,000,004 | ---- | C] () -- C:\Dokumente und Einstellungen\Monika und Jürgen\Anwendungsdaten\skype.ini
[2013/02/10 03:51:24 | 000,003,505 | ---- | C] () -- C:\Dokumente und Einstellungen\Monika und Jürgen\Desktop\mF15QWJ3y9k8Go_tyGy3GwQ.jpg
[2013/01/27 06:25:45 | 000,008,134 | ---- | C] () -- C:\Dokumente und Einstellungen\Monika und Jürgen\Desktop\m8D2sFy5zOdw65t72n79_Gw.jpg
[2013/01/22 13:51:38 | 000,000,742 | ---- | C] () -- C:\Dokumente und Einstellungen\Monika und Jürgen\Desktop\Gemeinames Konto_2013.lnk
[2012/09/25 13:39:30 | 000,000,008 | RHS- | C] () -- C:\Dokumente und Einstellungen\Monika und Jürgen\ntuser.pol
[2012/07/26 01:26:05 | 000,451,072 | ---- | C] () -- C:\WINDOWS\System32\ISSRemoveSP.exe
[2012/02/17 18:12:40 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011/02/01 02:00:41 | 000,001,940 | ---- | C] () -- C:\Dokumente und Einstellungen\Monika und Jürgen\Lokale Einstellungen\Anwendungsdaten\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2011/02/01 01:55:35 | 000,001,940 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
[2010/12/26 09:31:01 | 000,000,000 | ---- | C] () -- C:\WINDOWS\mngui.INI
[2010/12/22 05:08:18 | 000,376,832 | ---- | C] () -- C:\WINDOWS\System32\AegisI5Installer.exe
[2010/12/19 07:43:55 | 000,105,712 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2010/12/06 14:41:32 | 000,000,172 | ---- | C] () -- C:\Dokumente und Einstellungen\Monika und Jürgen\Angelika_test_wiso.asx
[2010/11/03 13:57:03 | 000,126,174 | ---- | C] () -- C:\Dokumente und Einstellungen\Monika und Jürgen\ELBA-internet Umsatzliste_10-2010.mht
[2010/10/14 12:59:01 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\redmonnt.dll
[2010/10/14 12:59:01 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\unredmon.exe
[2010/08/26 15:15:18 | 000,191,717 | ---- | C] () -- C:\Dokumente und Einstellungen\Monika und Jürgen\Vilamendho_Gulet.pdf
[2010/08/01 16:40:34 | 000,280,672 | ---- | C] () -- C:\Dokumente und Einstellungen\Monika und Jürgen\Raiffeisenbank_Info_Auslandsüberweisung.pdf
[2010/04/17 03:48:38 | 000,002,951 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\Config.nt.bak
[2010/04/17 03:48:38 | 000,001,806 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\Autoexec.nt.bak
[2010/04/17 03:48:38 | 000,000,820 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\hosts.bak
[2010/03/24 14:03:23 | 000,000,355 | ---- | C] () -- C:\Dokumente und Einstellungen\Monika und Jürgen\Angelika_Huber_ist_Konditoren_Juniorweltmeisterin-5317.html.url
[2010/02/26 17:30:51 | 000,000,172 | ---- | C] () -- C:\Dokumente und Einstellungen\Monika und Jürgen\Konditoren WM 2010_sendung_hie.asx
[2009/09/02 13:11:54 | 000,322,386 | ---- | C] () -- C:\Dokumente und Einstellungen\Monika und Jürgen\566951_Grenzenlos_versichert_Ansicht.pdf
[2009/04/16 07:24:14 | 000,921,600 | ---- | C] () -- C:\WINDOWS\System32\vorbisenc.dll
[2009/04/16 07:24:14 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2009/04/16 07:24:14 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2009/04/16 07:24:14 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\Ogg.dll
[2008/12/28 06:10:40 | 000,000,035 | ---- | C] () -- C:\WINDOWS\brassi.dat
[2008/12/24 13:49:20 | 000,000,065 | ---- | C] () -- C:\WINDOWS\FISHUI.INI
[2008/11/24 13:30:20 | 000,000,000 | ---- | C] () -- C:\WINDOWS\hpqEmlSz.INI
[2008/11/22 06:02:43 | 000,000,214 | ---- | C] () -- C:\WINDOWS\HP_48BitScanUpdatePatch.ini
[2008/11/22 05:42:42 | 000,104,622 | ---- | C] () -- C:\WINDOWS\hpoins04.dat.temp
[2008/11/22 05:42:42 | 000,017,176 | ---- | C] () -- C:\WINDOWS\hpomdl04.dat.temp
[2008/11/16 07:37:42 | 000,000,188 | ---- | C] () -- C:\WINDOWS\System32\eDataSecurity.dat
[2008/11/16 07:02:49 | 000,000,707 | ---- | C] () -- C:\WINDOWS\System32\Autorun.ini
[2007/12/29 05:25:30 | 000,000,016 | -H-- | C] () -- C:\Dokumente und Einstellungen\Monika und Jürgen\Lokale Einstellungen\Anwendungsdaten\mxfilerelatedcache.mxc2
[2007/12/05 13:58:51 | 000,015,428 | ---- | C] () -- C:\Dokumente und Einstellungen\Monika und Jürgen\RefEdit.exd
[2007/12/04 03:40:24 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2007/10/29 13:03:46 | 000,000,016 | -H-- | C] () -- C:\Dokumente und Einstellungen\Monika und Jürgen\Anwendungsdaten\mxfilerelatedcache.mxc2
[2007/10/29 13:03:46 | 000,000,016 | -H-- | C] () -- C:\Dokumente und Einstellungen\LocalService\mxfilerelatedcache.mxc2
[2007/10/29 13:03:46 | 000,000,016 | -H-- | C] () -- C:\Dokumente und Einstellungen\Administrator\mxfilerelatedcache.mxc2
[2007/10/29 13:03:45 | 000,000,016 | -H-- | C] () -- C:\Programme\mxfilerelatedcache.mxc2
[2007/10/29 13:03:45 | 000,000,016 | -H-- | C] () -- C:\Dokumente und Einstellungen\NetworkService\mxfilerelatedcache.mxc2
[2007/10/29 13:03:41 | 000,000,016 | -H-- | C] () -- C:\Dokumente und Einstellungen\Monika und Jürgen\mxfilerelatedcache.mxc2
[2007/10/14 05:11:03 | 000,000,305 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\addr_file.html
[2007/10/10 13:28:09 | 000,284,160 | ---- | C] () -- C:\WINDOWS\unin0407.exe
[2007/07/28 04:00:26 | 000,000,348 | ---- | C] () -- C:\Dokumente und Einstellungen\Monika und Jürgen\Goya.ini
[2007/07/28 04:00:06 | 000,000,046 | ---- | C] () -- C:\WINDOWS\Goya.INI
[2007/05/27 04:56:08 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Videodeluxe.INI
[2007/05/27 04:52:13 | 000,006,642 | ---- | C] () -- C:\WINDOWS\mgxoschk.ini
[2007/05/20 05:54:00 | 000,000,116 | ---- | C] () -- C:\WINDOWS\Jcmkr32.INI
[2007/05/20 05:47:12 | 000,000,783 | ---- | C] () -- C:\WINDOWS\NTIWVEDT.INI
[2007/04/12 16:43:12 | 000,004,699 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2007/01/28 14:08:31 | 000,222,720 | ---- | C] () -- C:\Dokumente und Einstellungen\Monika und Jürgen\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/01/18 13:43:38 | 000,000,251 | ---- | C] () -- C:\Programme\wt3d.ini
[2007/01/17 14:01:21 | 000,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007/01/16 15:13:40 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\ImageItEncrypt.exe
[2007/01/16 01:44:56 | 000,005,606 | ---- | C] () -- C:\WINDOWS\System32\stci.dll
[2007/01/16 01:34:10 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2007/01/16 01:09:53 | 000,000,192 | ---- | C] () -- C:\Dokumente und Einstellungen\Monika und Jürgen\Anwendungsdaten\wklnhst.dat
[2007/01/16 00:37:15 | 000,000,045 | ---- | C] () -- C:\WINDOWS\comsummer.ini
[2007/01/16 00:30:37 | 000,331,776 | ---- | C] () -- C:\WINDOWS\System32\ScrollBarLib.dll
[2007/01/16 00:27:40 | 000,000,335 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2007/01/16 00:25:21 | 000,000,150 | ---- | C] () -- C:\Dokumente und Einstellungen\Monika und Jürgen\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2006/09/15 07:57:40 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2006/09/15 07:57:28 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2006/09/15 07:54:58 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\MWLPS.dll
[2006/09/15 07:53:54 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIBUN4.dll
[2006/09/15 07:52:44 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIMPEG2.dll
[2006/09/15 07:52:44 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIMP3.dll
[2006/09/15 07:52:44 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTIFCD3.dll
[2006/09/15 07:52:44 | 000,001,024 | RH-- | C] () -- C:\WINDOWS\System32\NTICDMK7.dll
[2006/09/15 07:40:10 | 000,392,786 | ---- | C] () -- C:\WINDOWS\System32\perfh007.dat
[2006/09/15 07:40:10 | 000,381,828 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2006/09/15 07:40:10 | 000,064,604 | ---- | C] () -- C:\WINDOWS\System32\perfc007.dat
[2006/09/15 07:40:10 | 000,053,572 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2006/09/15 07:39:42 | 000,000,146 | ---- | C] () -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2006/09/15 07:35:26 | 000,410,288 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2006/09/15 07:19:40 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2006/09/15 07:16:56 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2006/08/28 21:56:28 | 000,000,123 | ---- | C] () -- C:\WINDOWS\alaunch.ini
[2006/06/20 17:01:00 | 000,133,246 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2006/05/28 05:05:58 | 000,303,104 | ---- | C] () -- C:\WINDOWS\CreateLnk.exe
[2006/04/12 08:08:36 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\InstallCheck.dll
[2006/03/08 11:19:28 | 001,421,824 | ---- | C] () -- C:\WINDOWS\System32\UIVCL.dll
[2006/03/08 11:11:30 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\APISlice.dll
[2006/03/02 13:35:48 | 000,067,584 | ---- | C] () -- C:\WINDOWS\System32\HTCA_SelfExtract.bin
[2005/11/16 15:11:52 | 000,024,576 | RH-- | C] () -- C:\WINDOWS\System32\Kill1211.exe
[2005/11/10 05:27:42 | 000,003,218 | ---- | C] () -- C:\WINDOWS\System32\drivers\WINIO.sys
[2005/10/31 12:17:38 | 000,135,168 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2005/10/26 18:25:28 | 000,008,073 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2005/08/05 07:26:04 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005/07/15 10:48:00 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2005/07/12 07:44:42 | 000,015,872 | ---- | C] () -- C:\WINDOWS\System32\InsDrvZD64.DLL
[2005/04/03 13:44:04 | 000,000,258 | ---- | C] () -- C:\WINDOWS\Clearlnk.ini
[2004/12/17 11:14:44 | 000,013,952 | ---- | C] () -- C:\WINDOWS\System32\drivers\UBHelper.sys
[2004/08/10 14:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/10 14:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/10 14:00:00 | 000,269,480 | ---- | C] () -- C:\WINDOWS\System32\perfi007.dat
[2004/08/10 14:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/10 14:00:00 | 000,061,440 | ---- | C] () -- C:\Dokumente und Einstellungen\Monika und Jürgen\Anwendungsdaten\skype.dat
[2004/08/10 14:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/10 14:00:00 | 000,034,478 | ---- | C] () -- C:\WINDOWS\System32\perfd007.dat
[2004/08/10 14:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/10 14:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/10 14:00:00 | 000,003,776 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/10 14:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/10 14:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/03/23 09:38:00 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\InsDrvZD.dll
[2003/08/07 02:51:32 | 000,024,576 | -H-- | C] () -- C:\WINDOWS\System32\reboot.exe
[2003/03/14 05:24:00 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\ZyDelReg.exe
[2002/05/23 12:34:46 | 000,032,768 | ---- | C] () -- C:\WINDOWS\AMove.exe
[2001/12/26 08:12:30 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\multiplex_vcd.dll
[2001/09/03 15:46:38 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\Hmpg12.dll
[2001/08/26 17:04:08 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001/08/26 17:02:42 | 000,004,524 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001/07/30 08:33:56 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\HMPV2_ENC.dll
[2001/07/23 14:04:36 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\HMPV2_ENC_MMX.dll
 
========== LOP Check ==========
 
[2007/09/30 12:26:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Monika und Jürgen\Anwendungsdaten\ASCON Installer
[2013/01/25 11:50:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Monika und Jürgen\Anwendungsdaten\Canon
[2010/06/26 16:03:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Monika und Jürgen\Anwendungsdaten\Canon Easy-WebPrint EX
[2011/01/08 13:10:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Monika und Jürgen\Anwendungsdaten\DataCast
[2007/03/03 11:47:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Monika und Jürgen\Anwendungsdaten\FWU-USM
[2010/07/23 03:51:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Monika und Jürgen\Anwendungsdaten\GARMIN
[2007/07/28 04:01:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Monika und Jürgen\Anwendungsdaten\MAGIX
[2007/01/18 13:52:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Monika und Jürgen\Anwendungsdaten\Otto
[2007/04/27 02:23:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Monika und Jürgen\Anwendungsdaten\Pixela
[2010/06/12 15:54:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Monika und Jürgen\Anwendungsdaten\PlayFirst
[2010/10/14 12:42:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Monika und Jürgen\Anwendungsdaten\PriceGong
[2010/11/20 05:27:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Monika und Jürgen\Anwendungsdaten\Teleca
[2008/03/02 04:17:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Monika und Jürgen\Anwendungsdaten\Template
[2011/06/13 13:32:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Monika und Jürgen\Anwendungsdaten\Tific
[2009/07/05 07:43:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Monika und Jürgen\Anwendungsdaten\Zylom
[2012/12/27 10:53:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2010/01/17 05:27:24 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonBJ
[2011/05/04 14:15:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonIJ
[2010/10/14 12:24:42 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonIJEGV
[2011/06/12 06:51:15 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonIJMyPrinter
[2011/01/03 14:25:35 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonIJScan
[2010/10/14 13:02:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\FreePDF
[2010/05/22 02:01:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\G DATA
[2008/08/17 15:51:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\GameHouse
[2011/07/30 04:35:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MAGIX
[2007/05/20 05:35:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NtiDvdCopy
[2008/12/21 05:37:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PCSettings
[2009/02/26 15:01:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SpinTop Games
[2007/01/16 00:28:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Viewpoint
[2008/06/28 14:19:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Zylom
[2010/12/19 07:17:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
 
========== Purity Check ==========
 
 
< End of report >