Window 7 32Bit, Weißer Bildschirm nach Systemstart.

dsdsd · 24.05.2013, 16:26

Moin, mich hats nun auch erwischt!

Nachdem ich Windows starten möchte, kommt ein weißer Bildschirm und das wars.
Windows starten mit Eingabeaufforderung nicht möglich, egal ob mit oder ohne Netzwerk Laptop fährt danach wieder herrunter.

Eigenversuch, OTLPE gedownloadet, auf infiziertem Laptop gestartet und durchgelaufen
Jedoch leider ohne erfolg Bildschirm bleibt danach Weiß. Hier sind die Logfiles

Extras:

Code:

ATTFilter

OTL Extras logfile created on: 5/24/2013 5:04:09 PM - Run 
OTLPE by OldTimer - Version 3.1.48.0     Folder = X:\Programs\OTLPE
64bit-Windows 7 Home Premium Service Pack 1 (Version = 6.1.7601) - Type = System
Internet Explorer (Version = 9.10.9200.16521)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 88.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 96.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = D: | %SystemRoot% = D:\Windows | %ProgramFiles% = D:\Program Files (x86)
Drive C: | 100.00 Mb Total Space | 74.37 Mb Free Space | 74.37% Space Free | Partition Type: NTFS
Drive D: | 286.27 Gb Total Space | 92.15 Gb Free Space | 32.19% Space Free | Partition Type: NTFS
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 90 Days
Using ControlSet: ControlSet001
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- D:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- D:\Windows\System32\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- D:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- D:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1" File not found
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1" = MPC-HC 1.6.2.4902 (64-bit)
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"CNXT_MODEM_HDA_HSF" = HDAUDIO Soft Data Fax Modem with SmartCP
"Connectify" = Connectify Hotspot
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"NVIDIA Drivers" = NVIDIA Drivers
"SynTPDeinstKey" = Synaptics Pointing Device Driver
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1" = MPC-HC 1.6.2.4902 (64-bit)
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"CNXT_MODEM_HDA_HSF" = HDAUDIO Soft Data Fax Modem with SmartCP
"Connectify" = Connectify Hotspot
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"NVIDIA Drivers" = NVIDIA Drivers
"SynTPDeinstKey" = Synaptics Pointing Device Driver
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\Maike_ON_D\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{79A765E1-C399-405B-85AF-466F52E918B0}" = Avira SearchFree Toolbar plus Web Protection Updater
 
< End of report >

OTL:

Code:

ATTFilter

OTL logfile created on: 5/24/2013 5:04:09 PM - Run 
OTLPE by OldTimer - Version 3.1.48.0     Folder = X:\Programs\OTLPE
64bit-Windows 7 Home Premium Service Pack 1 (Version = 6.1.7601) - Type = System
Internet Explorer (Version = 9.10.9200.16521)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 88.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 96.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = D: | %SystemRoot% = D:\Windows | %ProgramFiles% = D:\Program Files (x86)
Drive C: | 100.00 Mb Total Space | 74.37 Mb Free Space | 74.37% Space Free | Partition Type: NTFS
Drive D: | 286.27 Gb Total Space | 92.15 Gb Free Space | 32.19% Space Free | Partition Type: NTFS
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 90 Days
Using ControlSet: ControlSet001
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2009/08/05 16:30:58 | 000,844,320 | ---- | M] (Acer Incorporated) [Auto] -- D:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand] -- D:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/03 21:47:12 | 000,240,160 | ---- | M] (Acer) [Auto] -- D:\Program Files\Acer\Acer Updater\UpdaterService.exe -- (Updater Service)
SRV - [2013/04/02 05:08:36 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- D:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2013/04/02 05:07:28 | 000,565,472 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- D:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE -- (AntiVirWebService)
SRV - [2013/04/02 05:07:13 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- D:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2013/03/22 17:00:46 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- D:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/03/09 17:03:21 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand] -- D:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/12/01 08:53:25 | 000,358,528 | ---- | M] () [Auto] -- D:\Program Files (x86)\ALDITALKVerbindungsassistent\ALDITALKVerbindungsassistent_Service.exe -- (ALDITALKVerbindungsassistent_Service)
SRV - [2012/11/09 15:30:12 | 000,065,536 | ---- | M] () [Auto] -- D:\Program Files (x86)\Connectify\ConnectifyService.exe -- (Connectify)
SRV - [2012/07/27 16:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto] -- D:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2010/03/18 05:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto] -- D:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009/08/20 20:25:50 | 000,062,720 | ---- | M] (NewTech Infosystems, Inc.) [Auto] -- D:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2009/08/07 05:18:54 | 000,311,592 | ---- | M] () [Auto] -- D:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe -- (MWLService)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled] -- D:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/06/10 17:15:04 | 000,436,736 | ---- | M] (Conexant Systems, Inc.) [Auto] -- D:\Windows\SysWOW64\XAudio64.dll -- (HsfXAudioService)
SRV - [2009/06/04 22:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto] -- D:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2009/06/04 09:04:50 | 001,150,496 | ---- | M] (Acer Incorporated) [Auto] -- D:\Program Files (x86)\Acer\Registration\GregHSRW.exe -- (Greg_Service)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2013/04/02 05:09:42 | 000,130,016 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System] -- D:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2013/04/02 05:09:42 | 000,100,712 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto] -- D:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2013/04/02 05:09:42 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System] -- D:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2013/01/02 17:23:55 | 000,031,344 | ---- | M] (Connectify) [Kernel | System] -- D:\Windows\System32\drivers\cnnctfy2.sys -- (cnnctfy2)
DRV:64bit: - [2012/12/14 21:42:44 | 000,335,288 | ---- | M] (Protect Software GmbH) [Kernel | Auto] -- D:\Windows\System32\drivers\acedrv11.sys -- (acedrv11)
DRV:64bit: - [2012/06/30 07:24:56 | 000,138,752 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\ewusbnet.sys -- (ewusbnet)
DRV:64bit: - [2012/06/30 07:24:56 | 000,121,600 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV:64bit: - [2012/06/30 07:24:56 | 000,117,248 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV:64bit: - [2012/01/27 14:20:35 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System] -- D:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2010/11/20 07:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2009/11/23 12:38:00 | 000,016,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\LGVirHid.sys -- (LGVirHid)
DRV:64bit: - [2009/11/23 12:37:50 | 000,022,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\LGBusEnum.sys -- (LGBusEnum)
DRV:64bit: - [2009/09/15 14:40:42 | 006,952,960 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\NETw5s64.sys -- (NETw5s64) Intel(R)
DRV:64bit: - [2009/07/21 02:13:12 | 000,006,656 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand] -- D:\Windows\System32\drivers\hidshim.sys -- (hidshim)
DRV:64bit: - [2009/07/21 02:13:10 | 000,025,088 | ---- | M] (Nuvoton Technology Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\nuvotonhidgeneric.sys -- (nuvotonhidgeneric)
DRV:64bit: - [2009/06/19 22:09:57 | 000,054,272 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\L1E62x64.sys -- (L1E) NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20)
DRV:64bit: - [2009/06/10 17:15:04 | 000,010,240 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto] -- D:\Windows\System32\drivers\XAudio64.sys -- (XAudio)
DRV:64bit: - [2009/06/10 17:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009/06/10 17:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009/06/10 17:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009/06/10 17:01:06 | 001,146,880 | ---- | M] (LSI Corp) [Kernel | On_Demand] -- D:\Windows\System32\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2009/06/10 16:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand] -- D:\Windows\System32\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 16:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/06/10 16:34:38 | 001,311,232 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009/06/10 16:34:36 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\k57nd60a.sys -- (k57nd60a) Broadcom NetLink (TM)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- D:\Windows\system32\DRIVERS\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- D:\Windows\system32\DRIVERS\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/04 20:46:50 | 000,216,064 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2009/06/02 23:15:30 | 000,060,464 | ---- | M] (Egis Technology Inc.) [Kernel | System] -- D:\Windows\System32\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV:64bit: - [2009/06/02 23:15:30 | 000,022,576 | ---- | M] (Egis Technology Inc.) [File_System | System] -- D:\Windows\System32\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
DRV:64bit: - [2009/06/02 23:15:30 | 000,020,016 | ---- | M] (Egis Technology Inc.) [Kernel | System] -- D:\Windows\System32\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
DRV:64bit: - [2009/05/14 12:51:40 | 005,435,904 | ---- | M] (Intel Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\NETw5v64.sys -- (netw5v64) Intel(R)
DRV:64bit: - [2009/05/01 14:13:34 | 000,081,440 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- D:\Windows\System32\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2009/02/13 02:24:56 | 001,485,824 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\CAX_DPV.sys -- (HSF_DPV)
DRV:64bit: - [2009/02/13 02:20:56 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\CAXHWAZL.sys -- (CAXHWAZL)
DRV:64bit: - [2009/02/13 02:19:34 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand] -- D:\Windows\System32\drivers\CAX_CNXT.sys -- (winachsf)
DRV - [2012/08/14 20:56:24 | 000,138,752 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand] -- D:\Windows\SysWOW64\drivers\ewusbnet.sys -- (ewusbnet)
DRV - [2012/08/14 20:56:24 | 000,121,600 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand] -- D:\Windows\SysWOW64\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2012/08/14 20:56:24 | 000,117,248 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand] -- D:\Windows\SysWOW64\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
IE - HKU\Maike_ON_D\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_8735&r=27361209l226l03c8z1m5t58i1y45n
IE - HKU\Maike_ON_D\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.avira.com/?l=dis&o=APN10395&gct=hp&dc=EU&locale=de_DE
IE - HKU\Maike_ON_D\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - Reg Error: Key error. File not found
IE - HKU\Maike_ON_D\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: D:\Windows\System32\Macromed\Flash\NPSWF64_11_6_602_180.dll ()
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: D:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer: D:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin: D:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: D:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: D:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8064.0206: D:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@protectdisc.com/NPPDLicenseHelper: D:\Program Files (x86)\ProtectDisc\License Helper\NPPDLicenseHelper.dll ()
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3: D:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9: D:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.5: D:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\Adobe Reader: D:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/03/09 17:03:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2008/02/22 11:24:06 | 000,095,832 | ---- | M] ()
 
[2013/03/09 17:03:19 | 000,000,000 | ---D | M] (No name found) -- D:\Program Files (x86)\Mozilla Firefox\extensions
[2013/03/09 17:03:19 | 000,000,000 | ---D | M] (G Data BankGuard) -- D:\Program Files (x86)\Mozilla Firefox\extensions\{906305f7-aafc-45e9-8bbd-941950a84dad}
[2013/03/09 17:03:21 | 000,263,064 | ---- | M] (Mozilla Foundation) -- D:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/11/20 03:13:26 | 000,001,392 | ---- | M] () -- D:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012/11/20 03:13:26 | 000,002,465 | ---- | M] () -- D:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/11/20 03:13:26 | 000,001,153 | ---- | M] () -- D:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012/11/20 03:13:26 | 000,006,805 | ---- | M] () -- D:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2011/11/08 16:56:44 | 000,002,520 | ---- | M] () -- D:\Program Files (x86)\mozilla firefox\searchplugins\SearchResults.xml
[2012/11/20 03:13:26 | 000,001,178 | ---- | M] () -- D:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012/11/20 03:13:26 | 000,001,105 | ---- | M] () -- D:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - D:\Windows\System32\drivers\etc\hosts
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (no name) - {BA3295CF-17ED-4F49-9E95-D999A0ADBFDC} - No CLSID value found.
O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - D:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - D:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\Maike_ON_D\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4:64bit: - HKLM..\Run: [Acer ePower Management] D:\Program Files\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)
O4:64bit: - HKLM..\Run: [IAAnotif] D:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [mwlDaemon] D:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (Egis Technology Inc.)
O4:64bit: - HKLM..\Run: [NvCplDaemon] D:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [PLFSetI] D:\Windows\PLFSetI.exe ()
O4:64bit: - HKLM..\Run: [RtHDVCpl] D:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [ApnUpdater] D:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [ArcadeDeluxeAgent] D:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [ArcSoft Connection Service] D:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [avgnt] D:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [BackupManagerTray] D:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)
O4 - HKLM..\Run: [EgisTecLiveUpdate] D:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [LManager] D:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [Nikon Message Center 2] D:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe (Nikon Corporation)
O4 - HKLM..\Run: [PlayMovie] D:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.)
O4 - HKU\LocalService_ON_D..\Run: [Sidebar] D:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\Maike_ON_D..\Run: [Connectify] D:\Program Files (x86)\Connectify\Connectify.exe (Connectify)
O4 - HKU\Maike_ON_D..\Run: [DAEMON Tools Lite] D:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\NetworkService_ON_D..\Run: [Sidebar] D:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\LocalService_ON_D..\RunOnce: [mctadmin]  File not found
O4 - HKU\NetworkService_ON_D..\RunOnce: [mctadmin]  File not found
O4 - Startup: Error locating startup folders.
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000001 - D:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000002 - D:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000003 - D:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000004 - D:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000005 - D:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000006 - D:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000007 - D:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000008 - D:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000019 - D:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - D:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - D:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - D:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - D:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - D:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - D:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - D:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - D:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - D:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O13:64bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15:64bit: - Maike_ON_D\..Trusted Domains: fritz.box ([]* in Local intranet)
O15:64bit: - Maike_ON_D\..Trusted Ranges: Range1 ([*] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O18:64bit: - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - D:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - D:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - D:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKU\Maike_ON_D Winlogon: Shell - (explorer.exe) - D:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKU\Maike_ON_D Winlogon: Shell - (C:\Users\Maike\AppData\Roaming\skype.dat) - D:\Users\Maike\AppData\Roaming\skype.dat ()
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
64bit: O35 - HKLM\..comfile [open] -- "%1" %* File not found
64bit: O35 - HKLM\..exefile [open] -- "%1" %* File not found
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 90 Days ==========
 
[2013/04/02 05:10:00 | 000,130,016 | ---- | C] (Avira Operations GmbH & Co. KG) -- D:\Windows\System32\drivers\avipbb.sys
[2013/04/02 05:10:00 | 000,100,712 | ---- | C] (Avira Operations GmbH & Co. KG) -- D:\Windows\System32\drivers\avgntflt.sys
[2013/04/02 05:10:00 | 000,028,600 | ---- | C] (Avira Operations GmbH & Co. KG) -- D:\Windows\System32\drivers\avkmgr.sys
[2013/03/31 03:52:21 | 000,000,000 | ---D | C] -- D:\Users\Maike\Desktop\kamera
[2013/03/25 12:45:30 | 000,000,000 | ---D | C] -- D:\Users\Maike\AppData\Roaming\Avira
[2013/03/25 12:40:04 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2013/03/25 12:39:43 | 000,000,000 | ---D | C] -- D:\ProgramData\Avira
[2013/03/25 12:39:43 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Avira
[2013/03/23 22:02:12 | 000,000,000 | ---D | C] -- D:\Users\Maike\Desktop\balkon
[2013/03/22 22:06:35 | 001,054,720 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\MsSpellCheckingFacility.exe
[2013/03/22 22:06:35 | 000,226,304 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\elshyph.dll
[2013/03/22 22:06:35 | 000,185,344 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\elshyph.dll
[2013/03/22 22:06:35 | 000,158,720 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\msls31.dll
[2013/03/22 22:06:35 | 000,071,680 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013/03/22 22:06:34 | 000,719,360 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\mshtmlmedia.dll
[2013/03/22 22:06:34 | 000,690,688 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\jscript.dll
[2013/03/22 22:06:34 | 000,493,056 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\msfeeds.dll
[2013/03/22 22:06:34 | 000,163,840 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\msrating.dll
[2013/03/22 22:06:34 | 000,150,528 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\iexpress.exe
[2013/03/22 22:06:34 | 000,138,752 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\wextract.exe
[2013/03/22 22:06:34 | 000,137,216 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\ieUnatt.exe
[2013/03/22 22:06:34 | 000,125,440 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\occache.dll
[2013/03/22 22:06:34 | 000,117,248 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\iepeers.dll
[2013/03/22 22:06:34 | 000,110,592 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\IEAdvpack.dll
[2013/03/22 22:06:34 | 000,082,432 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\inseng.dll
[2013/03/22 22:06:34 | 000,079,872 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\mshtmled.dll
[2013/03/22 22:06:34 | 000,057,344 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\pngfilt.dll
[2013/03/22 22:06:34 | 000,038,400 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\imgutil.dll
[2013/03/22 22:06:34 | 000,011,776 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\msfeedssync.exe
[2013/03/22 22:06:33 | 002,877,440 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\jscript9.dll
[2013/03/22 22:06:33 | 001,400,416 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\ieapfltr.dat
[2013/03/22 22:06:33 | 000,629,248 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\ieapfltr.dll
[2013/03/22 22:06:33 | 000,391,680 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\ieui.dll
[2013/03/22 22:06:33 | 000,361,984 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\html.iec
[2013/03/22 22:06:33 | 000,357,888 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\dxtmsft.dll
[2013/03/22 22:06:33 | 000,232,960 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\url.dll
[2013/03/22 22:06:33 | 000,226,816 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\dxtrans.dll
[2013/03/22 22:06:33 | 000,109,056 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\iesysprep.dll
[2013/03/22 22:06:33 | 000,073,728 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\SetIEInstalledDate.exe
[2013/03/22 22:06:33 | 000,061,952 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\tdc.ocx
[2013/03/22 22:06:33 | 000,048,640 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\mshtmler.dll
[2013/03/22 22:06:32 | 001,441,280 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\inetcpl.cpl
[2013/03/22 22:06:32 | 001,400,416 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ieapfltr.dat
[2013/03/22 22:06:32 | 000,905,728 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\mshtmlmedia.dll
[2013/03/22 22:06:32 | 000,762,368 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ieapfltr.dll
[2013/03/22 22:06:32 | 000,452,096 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\dxtmsft.dll
[2013/03/22 22:06:32 | 000,441,856 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\html.iec
[2013/03/22 22:06:32 | 000,281,600 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\dxtrans.dll
[2013/03/22 22:06:32 | 000,235,008 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\url.dll
[2013/03/22 22:06:32 | 000,216,064 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\msls31.dll
[2013/03/22 22:06:32 | 000,197,120 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\msrating.dll
[2013/03/22 22:06:32 | 000,089,600 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\RegisterIEPKEYs.exe
[2013/03/22 22:06:32 | 000,081,408 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\icardie.dll
[2013/03/22 22:06:32 | 000,069,120 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\icardie.dll
[2013/03/22 22:06:32 | 000,067,072 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\iesetup.dll
[2013/03/22 22:06:32 | 000,061,440 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\iesetup.dll
[2013/03/22 22:06:32 | 000,051,712 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ie4uinit.exe
[2013/03/22 22:06:32 | 000,039,936 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\iernonce.dll
[2013/03/22 22:06:32 | 000,033,280 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\iernonce.dll
[2013/03/22 22:06:32 | 000,023,040 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\licmgr10.dll
[2013/03/22 22:06:31 | 001,509,376 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\inetcpl.cpl
[2013/03/22 22:06:31 | 000,603,136 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\msfeeds.dll
[2013/03/22 22:06:31 | 000,599,552 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\vbscript.dll
[2013/03/22 22:06:31 | 000,173,568 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ieUnatt.exe
[2013/03/22 22:06:31 | 000,167,424 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\iexpress.exe
[2013/03/22 22:06:31 | 000,144,896 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\wextract.exe
[2013/03/22 22:06:31 | 000,102,912 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\inseng.dll
[2013/03/22 22:06:31 | 000,097,280 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\mshtmled.dll
[2013/03/22 22:06:31 | 000,027,648 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\licmgr10.dll
[2013/03/22 22:06:30 | 003,958,784 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\jscript9.dll
[2013/03/22 22:06:30 | 000,855,552 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\jscript.dll
[2013/03/22 22:06:30 | 000,526,848 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\ieui.dll
[2013/03/22 22:06:30 | 000,149,504 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\occache.dll
[2013/03/22 22:06:30 | 000,136,704 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\iesysprep.dll
[2013/03/22 22:06:30 | 000,136,192 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\iepeers.dll
[2013/03/22 22:06:30 | 000,135,680 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\IEAdvpack.dll
[2013/03/22 22:06:30 | 000,092,160 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\SetIEInstalledDate.exe
[2013/03/22 22:06:30 | 000,077,312 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\tdc.ocx
[2013/03/22 22:06:30 | 000,062,976 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\pngfilt.dll
[2013/03/22 22:06:30 | 000,051,200 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\imgutil.dll
[2013/03/22 22:06:30 | 000,048,640 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\mshtmler.dll
[2013/03/22 22:06:30 | 000,013,824 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\mshta.exe
[2013/03/22 22:06:30 | 000,012,800 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\msfeedssync.exe
[2013/03/22 22:05:25 | 003,928,064 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d2d1.dll
[2013/03/22 22:05:25 | 002,776,576 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\msmpeg2vdec.dll
[2013/03/22 22:05:25 | 002,565,120 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3d10warp.dll
[2013/03/22 22:05:25 | 002,284,544 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\msmpeg2vdec.dll
[2013/03/22 22:05:25 | 001,682,432 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\XpsPrint.dll
[2013/03/22 22:05:25 | 001,504,768 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\d3d11.dll
[2013/03/22 22:05:25 | 001,247,744 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\DWrite.dll
[2013/03/22 22:05:25 | 001,158,144 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\XpsPrint.dll
[2013/03/22 22:05:25 | 000,522,752 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\XpsGdiConverter.dll
[2013/03/22 22:05:25 | 000,465,920 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\WMPhoto.dll
[2013/03/22 22:05:25 | 000,417,792 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\WMPhoto.dll
[2013/03/22 22:05:25 | 000,364,544 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\XpsGdiConverter.dll
[2013/03/22 22:05:25 | 000,363,008 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\dxgi.dll
[2013/03/22 22:05:25 | 000,220,160 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\d3d10core.dll
[2013/03/22 22:05:25 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013/03/22 22:05:25 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013/03/22 22:05:25 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013/03/22 22:05:25 | 000,009,728 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013/03/22 22:05:25 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013/03/22 22:05:25 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013/03/22 22:05:25 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013/03/22 22:05:25 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013/03/22 22:05:25 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
[2013/03/22 22:05:25 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
[2013/03/22 22:05:25 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013/03/22 22:05:25 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013/03/22 22:05:25 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
[2013/03/22 22:05:25 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
[2013/03/22 22:05:25 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013/03/22 22:05:25 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013/03/22 22:05:25 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013/03/22 22:05:25 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013/03/22 22:05:24 | 003,419,136 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\d2d1.dll
[2013/03/22 22:05:24 | 001,988,096 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\d3d10warp.dll
[2013/03/22 22:05:24 | 001,887,232 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3d11.dll
[2013/03/22 22:05:24 | 001,643,520 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\DWrite.dll
[2013/03/22 22:05:24 | 001,424,384 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\WindowsCodecs.dll
[2013/03/22 22:05:24 | 001,238,528 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3d10.dll
[2013/03/22 22:05:24 | 001,080,832 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\d3d10.dll
[2013/03/22 22:05:24 | 000,648,192 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3d10level9.dll
[2013/03/22 22:05:24 | 000,604,160 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\d3d10level9.dll
[2013/03/22 22:05:24 | 000,333,312 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3d10_1core.dll
[2013/03/22 22:05:24 | 000,296,960 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3d10core.dll
[2013/03/22 22:05:24 | 000,293,376 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\dxgi.dll
[2013/03/22 22:05:24 | 000,249,856 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\d3d10_1core.dll
[2013/03/22 22:05:24 | 000,245,248 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\WindowsCodecsExt.dll
[2013/03/22 22:05:24 | 000,221,184 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\UIAnimation.dll
[2013/03/22 22:05:24 | 000,207,872 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\WindowsCodecsExt.dll
[2013/03/22 22:05:24 | 000,194,560 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\d3d10_1.dll
[2013/03/22 22:05:24 | 000,187,392 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\UIAnimation.dll
[2013/03/22 22:05:24 | 000,161,792 | ---- | C] (Microsoft Corporation) -- D:\Windows\SysWow64\d3d10_1.dll
[2013/03/22 22:02:49 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2013/03/22 22:01:33 | 000,000,000 | ---D | C] -- D:\Program Files\Microsoft Silverlight
[2013/03/22 22:01:33 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Microsoft Silverlight
[2013/03/22 14:35:57 | 000,019,968 | ---- | C] (Microsoft Corporation) -- D:\Windows\System32\drivers\usb8023.sys
[2013/03/15 14:31:51 | 000,000,000 | ---D | C] -- D:\Windows\Minidump
[2013/03/09 18:07:05 | 000,000,000 | ---D | C] -- D:\Users\Maike\Desktop\Playjist
[2013/03/09 17:03:19 | 000,000,000 | ---D | C] -- D:\Program Files (x86)\Mozilla Firefox
[2009/08/22 04:44:20 | 000,036,136 | ---- | C] (Oberon Media) -- D:\ProgramData\FullRemove.exe
 
========== Files - Modified Within 90 Days ==========
 
[2013/05/24 08:35:34 | 000,067,584 | --S- | M] () -- D:\Windows\bootstat.dat
[2013/05/24 08:35:18 | 000,000,004 | ---- | M] () -- D:\Users\Maike\AppData\Roaming\skype.ini
[2013/05/24 08:33:54 | 000,001,106 | ---- | M] () -- D:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/05/24 08:33:23 | 3217,235,968 | -HS- | M] () -- D:\hiberfil.sys
[2013/05/24 08:29:10 | 000,001,110 | ---- | M] () -- D:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/05/24 08:22:33 | 000,017,376 | -H-- | M] () -- D:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/05/24 08:22:33 | 000,017,376 | -H-- | M] () -- D:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/05/24 08:19:12 | 000,648,704 | ---- | M] () -- D:\Windows\System32\perfh007.dat
[2013/05/24 08:19:12 | 000,611,332 | ---- | M] () -- D:\Windows\System32\perfh009.dat
[2013/05/24 08:19:12 | 000,128,930 | ---- | M] () -- D:\Windows\System32\perfc007.dat
[2013/05/24 08:19:12 | 000,105,512 | ---- | M] () -- D:\Windows\System32\perfc009.dat
[2013/05/11 19:56:00 | 000,000,884 | ---- | M] () -- D:\Windows\tasks\Adobe Flash Player Updater.job
[2013/04/30 19:19:46 | 3109,847,020 | ---- | M] () -- D:\Users\Maike\Desktop\DSCN1451.MOV
[2013/04/06 14:30:29 | 052,568,285 | ---- | M] () -- D:\Users\Maike\Desktop\DEDON_Collections_2013_cm.pdf
[2013/04/02 05:09:42 | 000,130,016 | ---- | M] (Avira Operations GmbH & Co. KG) -- D:\Windows\System32\drivers\avipbb.sys
[2013/04/02 05:09:42 | 000,100,712 | ---- | M] (Avira Operations GmbH & Co. KG) -- D:\Windows\System32\drivers\avgntflt.sys
[2013/04/02 05:09:42 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) -- D:\Windows\System32\drivers\avkmgr.sys
[2013/03/25 12:40:04 | 000,001,998 | ---- | M] () -- D:\Users\Public\Desktop\Avira Control Center.lnk
[2013/03/25 12:40:04 | 000,000,000 | ---D | M] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2013/03/22 22:06:35 | 001,054,720 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\MsSpellCheckingFacility.exe
[2013/03/22 22:06:35 | 000,226,304 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\elshyph.dll
[2013/03/22 22:06:35 | 000,185,344 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\elshyph.dll
[2013/03/22 22:06:35 | 000,158,720 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\msls31.dll
[2013/03/22 22:06:35 | 000,071,680 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013/03/22 22:06:34 | 000,719,360 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\mshtmlmedia.dll
[2013/03/22 22:06:34 | 000,690,688 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\jscript.dll
[2013/03/22 22:06:34 | 000,493,056 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\msfeeds.dll
[2013/03/22 22:06:34 | 000,163,840 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\msrating.dll
[2013/03/22 22:06:34 | 000,150,528 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\iexpress.exe
[2013/03/22 22:06:34 | 000,138,752 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\wextract.exe
[2013/03/22 22:06:34 | 000,137,216 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\ieUnatt.exe
[2013/03/22 22:06:34 | 000,125,440 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\occache.dll
[2013/03/22 22:06:34 | 000,117,248 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\iepeers.dll
[2013/03/22 22:06:34 | 000,110,592 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\IEAdvpack.dll
[2013/03/22 22:06:34 | 000,082,432 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\inseng.dll
[2013/03/22 22:06:34 | 000,079,872 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\mshtmled.dll
[2013/03/22 22:06:34 | 000,057,344 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\pngfilt.dll
[2013/03/22 22:06:34 | 000,038,400 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\imgutil.dll
[2013/03/22 22:06:34 | 000,011,776 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\msfeedssync.exe
[2013/03/22 22:06:33 | 002,877,440 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\jscript9.dll
[2013/03/22 22:06:33 | 001,400,416 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\ieapfltr.dat
[2013/03/22 22:06:33 | 000,629,248 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\ieapfltr.dll
[2013/03/22 22:06:33 | 000,391,680 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\ieui.dll
[2013/03/22 22:06:33 | 000,361,984 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\html.iec
[2013/03/22 22:06:33 | 000,357,888 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\dxtmsft.dll
[2013/03/22 22:06:33 | 000,232,960 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\url.dll
[2013/03/22 22:06:33 | 000,226,816 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\dxtrans.dll
[2013/03/22 22:06:33 | 000,109,056 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\iesysprep.dll
[2013/03/22 22:06:33 | 000,073,728 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\SetIEInstalledDate.exe
[2013/03/22 22:06:33 | 000,061,952 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\tdc.ocx
[2013/03/22 22:06:33 | 000,048,640 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\mshtmler.dll
[2013/03/22 22:06:32 | 001,441,280 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\inetcpl.cpl
[2013/03/22 22:06:32 | 001,400,416 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\ieapfltr.dat
[2013/03/22 22:06:32 | 000,905,728 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\mshtmlmedia.dll
[2013/03/22 22:06:32 | 000,762,368 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\ieapfltr.dll
[2013/03/22 22:06:32 | 000,452,096 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\dxtmsft.dll
[2013/03/22 22:06:32 | 000,441,856 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\html.iec
[2013/03/22 22:06:32 | 000,281,600 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\dxtrans.dll
[2013/03/22 22:06:32 | 000,235,008 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\url.dll
[2013/03/22 22:06:32 | 000,216,064 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\msls31.dll
[2013/03/22 22:06:32 | 000,197,120 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\msrating.dll
[2013/03/22 22:06:32 | 000,089,600 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\RegisterIEPKEYs.exe
[2013/03/22 22:06:32 | 000,081,408 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\icardie.dll
[2013/03/22 22:06:32 | 000,069,120 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\icardie.dll
[2013/03/22 22:06:32 | 000,067,072 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\iesetup.dll
[2013/03/22 22:06:32 | 000,061,440 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\iesetup.dll
[2013/03/22 22:06:32 | 000,051,712 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\ie4uinit.exe
[2013/03/22 22:06:32 | 000,039,936 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\iernonce.dll
[2013/03/22 22:06:32 | 000,033,280 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\iernonce.dll
[2013/03/22 22:06:32 | 000,025,185 | ---- | M] () -- D:\Windows\SysWow64\ieuinit.inf
[2013/03/22 22:06:32 | 000,025,185 | ---- | M] () -- D:\Windows\System32\ieuinit.inf
[2013/03/22 22:06:32 | 000,023,040 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\licmgr10.dll
[2013/03/22 22:06:31 | 001,509,376 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\inetcpl.cpl
[2013/03/22 22:06:31 | 000,603,136 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\msfeeds.dll
[2013/03/22 22:06:31 | 000,599,552 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\vbscript.dll
[2013/03/22 22:06:31 | 000,173,568 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\ieUnatt.exe
[2013/03/22 22:06:31 | 000,167,424 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\iexpress.exe
[2013/03/22 22:06:31 | 000,144,896 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\wextract.exe
[2013/03/22 22:06:31 | 000,102,912 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\inseng.dll
[2013/03/22 22:06:31 | 000,097,280 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\mshtmled.dll
[2013/03/22 22:06:31 | 000,027,648 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\licmgr10.dll
[2013/03/22 22:06:30 | 003,958,784 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\jscript9.dll
[2013/03/22 22:06:30 | 000,855,552 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\jscript.dll
[2013/03/22 22:06:30 | 000,526,848 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\ieui.dll
[2013/03/22 22:06:30 | 000,149,504 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\occache.dll
[2013/03/22 22:06:30 | 000,136,704 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\iesysprep.dll
[2013/03/22 22:06:30 | 000,136,192 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\iepeers.dll
[2013/03/22 22:06:30 | 000,135,680 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\IEAdvpack.dll
[2013/03/22 22:06:30 | 000,092,160 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\SetIEInstalledDate.exe
[2013/03/22 22:06:30 | 000,077,312 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\tdc.ocx
[2013/03/22 22:06:30 | 000,062,976 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\pngfilt.dll
[2013/03/22 22:06:30 | 000,051,200 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\imgutil.dll
[2013/03/22 22:06:30 | 000,048,640 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\mshtmler.dll
[2013/03/22 22:06:30 | 000,013,824 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\mshta.exe
[2013/03/22 22:06:30 | 000,012,800 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\msfeedssync.exe
[2013/03/22 22:05:25 | 003,928,064 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\d2d1.dll
[2013/03/22 22:05:25 | 002,776,576 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\msmpeg2vdec.dll
[2013/03/22 22:05:25 | 002,565,120 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\d3d10warp.dll
[2013/03/22 22:05:25 | 002,284,544 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\msmpeg2vdec.dll
[2013/03/22 22:05:25 | 001,682,432 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\XpsPrint.dll
[2013/03/22 22:05:25 | 001,504,768 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\d3d11.dll
[2013/03/22 22:05:25 | 001,247,744 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\DWrite.dll
[2013/03/22 22:05:25 | 001,158,144 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\XpsPrint.dll
[2013/03/22 22:05:25 | 000,522,752 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\XpsGdiConverter.dll
[2013/03/22 22:05:25 | 000,465,920 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\WMPhoto.dll
[2013/03/22 22:05:25 | 000,417,792 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\WMPhoto.dll
[2013/03/22 22:05:25 | 000,364,544 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\XpsGdiConverter.dll
[2013/03/22 22:05:25 | 000,363,008 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\dxgi.dll
[2013/03/22 22:05:25 | 000,220,160 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\d3d10core.dll
[2013/03/22 22:05:25 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013/03/22 22:05:25 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
[2013/03/22 22:05:25 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013/03/22 22:05:25 | 000,009,728 | -H-- | M] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
[2013/03/22 22:05:25 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013/03/22 22:05:25 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
[2013/03/22 22:05:25 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013/03/22 22:05:25 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
[2013/03/22 22:05:25 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
[2013/03/22 22:05:25 | 000,004,096 | -H-- | M] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
[2013/03/22 22:05:25 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013/03/22 22:05:25 | 000,003,584 | -H-- | M] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
[2013/03/22 22:05:25 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
[2013/03/22 22:05:25 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
[2013/03/22 22:05:25 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013/03/22 22:05:25 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
[2013/03/22 22:05:25 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013/03/22 22:05:25 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- D:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
[2013/03/22 22:05:24 | 003,419,136 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\d2d1.dll
[2013/03/22 22:05:24 | 001,988,096 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\d3d10warp.dll
[2013/03/22 22:05:24 | 001,887,232 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\d3d11.dll
[2013/03/22 22:05:24 | 001,643,520 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\DWrite.dll
[2013/03/22 22:05:24 | 001,424,384 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\WindowsCodecs.dll
[2013/03/22 22:05:24 | 001,238,528 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\d3d10.dll
[2013/03/22 22:05:24 | 001,080,832 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\d3d10.dll
[2013/03/22 22:05:24 | 000,648,192 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\d3d10level9.dll
[2013/03/22 22:05:24 | 000,604,160 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\d3d10level9.dll
[2013/03/22 22:05:24 | 000,333,312 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\d3d10_1core.dll
[2013/03/22 22:05:24 | 000,296,960 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\d3d10core.dll
[2013/03/22 22:05:24 | 000,293,376 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\dxgi.dll
[2013/03/22 22:05:24 | 000,249,856 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\d3d10_1core.dll
[2013/03/22 22:05:24 | 000,245,248 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\WindowsCodecsExt.dll
[2013/03/22 22:05:24 | 000,221,184 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\UIAnimation.dll
[2013/03/22 22:05:24 | 000,207,872 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\WindowsCodecsExt.dll
[2013/03/22 22:05:24 | 000,194,560 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\d3d10_1.dll
[2013/03/22 22:05:24 | 000,187,392 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\UIAnimation.dll
[2013/03/22 22:05:24 | 000,161,792 | ---- | M] (Microsoft Corporation) -- D:\Windows\SysWow64\d3d10_1.dll
[2013/03/22 22:02:49 | 000,000,000 | ---D | M] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2013/03/22 17:00:45 | 000,693,976 | ---- | M] (Adobe Systems Incorporated) -- D:\Windows\SysWow64\FlashPlayerApp.exe
[2013/03/22 17:00:45 | 000,073,432 | ---- | M] (Adobe Systems Incorporated) -- D:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013/03/22 16:43:44 | 000,113,756 | ---- | M] () -- D:\Users\Maike\Desktop\2013-03-22_214338.jpg
[2013/03/15 14:31:47 | 434,573,008 | ---- | M] () -- D:\Windows\MEMORY.DMP
 
========== Files Created - No Company Name ==========
 
[2013/04/06 18:09:33 | 000,000,004 | ---- | C] () -- D:\Users\Maike\AppData\Roaming\skype.ini
[2013/04/06 14:30:28 | 052,568,285 | ---- | C] () -- D:\Users\Maike\Desktop\DEDON_Collections_2013_cm.pdf
[2013/03/31 03:21:37 | 3109,847,020 | ---- | C] () -- D:\Users\Maike\Desktop\DSCN1451.MOV
[2013/03/25 12:40:04 | 000,001,998 | ---- | C] () -- D:\Users\Public\Desktop\Avira Control Center.lnk
[2013/03/22 22:06:32 | 000,025,185 | ---- | C] () -- D:\Windows\SysWow64\ieuinit.inf
[2013/03/22 22:06:32 | 000,025,185 | ---- | C] () -- D:\Windows\System32\ieuinit.inf
[2013/03/22 16:43:44 | 000,113,756 | ---- | C] () -- D:\Users\Maike\Desktop\2013-03-22_214338.jpg
[2013/03/15 14:31:47 | 434,573,008 | ---- | C] () -- D:\Windows\MEMORY.DMP
[2012/01/11 09:11:48 | 000,071,680 | ---- | C] () -- D:\Users\Maike\AppData\Roaming\skype.dat
[2011/12/23 18:10:38 | 000,000,533 | ---- | C] () -- D:\Windows\eReg.dat
[2011/11/08 16:56:41 | 000,484,352 | ---- | C] () -- D:\Windows\SysWow64\lame_enc.dll
[2011/09/12 12:36:55 | 000,000,000 | ---- | C] () -- D:\Windows\ViewNX2.INI
[2011/09/12 11:33:42 | 000,000,268 | RH-- | C] () -- D:\ProgramData\Images
[2011/09/12 11:33:42 | 000,000,268 | RH-- | C] () -- D:\Users\Maike\AppData\Roaming\Icons
[2011/09/12 11:33:42 | 000,000,020 | -H-- | C] () -- D:\ProgramData\PKP_DLev.DAT
[2011/09/12 11:33:41 | 000,000,268 | RH-- | C] () -- D:\ProgramData\Image Units
[2011/09/12 11:33:41 | 000,000,268 | RH-- | C] () -- D:\ProgramData\Image Manipulation
[2011/09/12 11:33:41 | 000,000,268 | RH-- | C] () -- D:\Users\Maike\AppData\Roaming\Hybrid Synthesizers
[2011/09/12 11:33:41 | 000,000,268 | RH-- | C] () -- D:\Users\Maike\AppData\Roaming\Hybrid Morph
[2011/09/12 11:33:41 | 000,000,020 | -H-- | C] () -- D:\ProgramData\PKP_DLet.DAT
[2011/09/12 11:33:41 | 000,000,020 | -H-- | C] () -- D:\ProgramData\PKP_DLes.DAT
[2011/06/18 15:06:32 | 000,419,749 | ---- | C] () -- D:\Windows\SysWow64\sig.bin
[2011/06/17 16:39:28 | 000,252,928 | ---- | C] () -- D:\Windows\SysWow64\DShowRdpFilter.dll
[2011/06/15 13:14:42 | 000,018,676 | ---- | C] () -- D:\Users\Maike\AppData\Roaming\UserTile.png
[2011/06/11 07:00:52 | 000,000,000 | ---- | C] () -- D:\Windows\nsreg.dat
[2009/10/28 08:44:14 | 000,001,766 | ---- | C] () -- D:\Windows\WPatchProgress.ini
[2009/10/28 00:38:31 | 000,000,033 | ---- | C] () -- D:\Windows\LaunApp.ini
[2009/10/28 00:21:14 | 000,626,688 | ---- | C] () -- D:\Windows\Image.dll
[2009/10/28 00:21:14 | 000,200,704 | ---- | C] () -- D:\Windows\PLFSetI.exe
[2009/10/28 00:21:14 | 000,020,480 | ---- | C] () -- D:\Windows\USB_VIDEO_REG.exe
[2009/10/28 00:21:14 | 000,000,323 | ---- | C] () -- D:\Windows\PidList.ini
[2009/08/22 02:01:23 | 000,872,448 | ---- | C] () -- D:\Windows\iconv.dll
[2009/08/22 02:01:23 | 000,743,424 | ---- | C] () -- D:\Windows\libxml2.dll
[2009/08/22 02:01:21 | 000,000,193 | ---- | C] () -- D:\Windows\Prelaunch.ini
[2009/08/22 02:01:21 | 000,000,168 | ---- | C] () -- D:\Windows\WisLangCode.ini
[2009/08/22 02:01:21 | 000,000,147 | ---- | C] () -- D:\Windows\WisPriority.ini
[2009/07/14 01:38:36 | 000,067,584 | --S- | C] () -- D:\Windows\bootstat.dat
[2009/07/13 22:35:51 | 000,000,741 | ---- | C] () -- D:\Windows\SysWow64\NOISE.DAT
[2009/07/13 22:34:42 | 000,215,943 | ---- | C] () -- D:\Windows\SysWow64\dssec.dat
[2009/07/13 20:10:29 | 000,043,131 | ---- | C] () -- D:\Windows\mib.bin
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- D:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 18:25:04 | 000,197,632 | ---- | C] () -- D:\Windows\SysWow64\ir32_32.dll
[2009/07/13 17:59:36 | 000,982,196 | ---- | C] () -- D:\Windows\SysWow64\igkrng500.bin
[2009/07/13 17:59:36 | 000,139,824 | ---- | C] () -- D:\Windows\SysWow64\igfcg500.bin
[2009/07/13 17:59:36 | 000,097,448 | ---- | C] () -- D:\Windows\SysWow64\igfcg500m.bin
[2009/07/13 17:59:35 | 000,417,344 | ---- | C] () -- D:\Windows\SysWow64\igcompkrng500.bin
[2009/07/13 17:03:59 | 000,364,544 | ---- | C] () -- D:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 17:26:10 | 000,673,088 | ---- | C] () -- D:\Windows\SysWow64\mlang.dat
[2008/10/07 04:13:30 | 000,197,912 | ---- | C] () -- D:\Windows\SysWow64\physxcudart_20.dll
[2008/10/07 04:13:22 | 000,058,648 | ---- | C] () -- D:\Windows\SysWow64\AgCPanelTraditionalChinese.dll
[2008/10/07 04:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\SysWow64\AgCPanelSwedish.dll
[2008/10/07 04:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\SysWow64\AgCPanelSpanish.dll
[2008/10/07 04:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll
[2008/10/07 04:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\SysWow64\AgCPanelPortugese.dll
[2008/10/07 04:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\SysWow64\AgCPanelKorean.dll
[2008/10/07 04:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\SysWow64\AgCPanelJapanese.dll
[2008/10/07 04:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\SysWow64\AgCPanelGerman.dll
[2008/10/07 04:13:20 | 000,058,648 | ---- | C] () -- D:\Windows\SysWow64\AgCPanelFrench.dll
 
========== LOP Check ==========
 
[2009/08/22 01:41:17 | 000,000,000 | ---D | M] -- D:\ProgramData\Acer
[2009/12/25 09:55:07 | 000,000,000 | -HSD | M] -- D:\ProgramData\Anwendungsdaten
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- D:\ProgramData\Application Data
[2012/02/18 03:57:23 | 000,000,000 | ---D | M] -- D:\ProgramData\AVAST Software
[2009/08/22 04:56:16 | 000,000,000 | ---D | M] -- D:\ProgramData\BackupManager
[2011/11/11 16:43:55 | 000,000,000 | ---D | M] -- D:\ProgramData\boost_interprocess
[2013/01/02 17:26:49 | 000,000,000 | ---D | M] -- D:\ProgramData\Connectify
[2012/01/27 14:19:44 | 000,000,000 | ---D | M] -- D:\ProgramData\DAEMON Tools Lite
[2012/12/14 21:44:58 | 000,000,000 | ---D | M] -- D:\ProgramData\DATA BECKER Downloads
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- D:\ProgramData\Desktop
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- D:\ProgramData\Documents
[2009/12/25 09:55:07 | 000,000,000 | -HSD | M] -- D:\ProgramData\Dokumente
[2009/10/28 00:21:26 | 000,000,000 | ---D | M] -- D:\ProgramData\EgisTec
[2010/01/06 13:23:08 | 000,000,000 | ---D | M] -- D:\ProgramData\Electronic Arts
[2011/09/12 11:33:42 | 000,000,000 | ---D | M] -- D:\ProgramData\EnterNHelp
[2009/08/22 06:30:37 | 000,000,000 | ---D | M] -- D:\ProgramData\eSobi
[2009/12/25 09:55:07 | 000,000,000 | -HSD | M] -- D:\ProgramData\Favoriten
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- D:\ProgramData\Favorites
[2011/10/07 14:40:57 | 000,000,000 | ---D | M] -- D:\ProgramData\G Data
[2011/09/12 16:01:58 | 000,000,000 | ---D | M] -- D:\ProgramData\Nikon
[2009/10/28 00:28:58 | 000,000,000 | ---D | M] -- D:\ProgramData\OEM
[2010/01/20 07:48:41 | 000,000,000 | ---D | M] -- D:\ProgramData\Partner
[2010/12/26 04:38:12 | 000,000,000 | ---D | M] -- D:\ProgramData\PC Drivers HeadQuarters
[2010/05/21 12:52:42 | 000,000,000 | ---D | M] -- D:\ProgramData\Sony Online Entertainment
[2011/09/12 11:33:41 | 000,000,000 | ---D | M] -- D:\ProgramData\Sound Effects
[2011/09/12 11:33:41 | 000,000,000 | ---D | M] -- D:\ProgramData\Speech Enhancer
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- D:\ProgramData\Start Menu
[2009/12/25 09:55:07 | 000,000,000 | -HSD | M] -- D:\ProgramData\Startmenü
[2011/09/12 11:33:42 | 000,000,000 | ---D | M] -- D:\ProgramData\Stingers
[2010/06/01 09:17:36 | 000,000,000 | ---D | M] -- D:\ProgramData\Temp
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- D:\ProgramData\Templates
[2010/12/26 04:38:26 | 000,000,000 | ---D | M] -- D:\ProgramData\UAB
[2011/09/12 11:33:42 | 000,000,000 | ---D | M] -- D:\ProgramData\Ultima_T15
[2009/12/25 09:55:07 | 000,000,000 | -HSD | M] -- D:\ProgramData\Vorlagen
[2013/04/17 12:34:25 | 000,032,640 | ---- | M] () -- D:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 138 bytes -> D:\ProgramData\Temp:5D7E5A8F
< End of report >

t'john · 24.05.2013, 16:29

Die Bereinigung besteht aus mehreren Schritten, die ausgefuehrt werden muessen.
Diese Nacheinander abarbeiten und die 3 Logs, die dabei erstellt werden bitte in deine naechste Antwort einfuegen.

Sollte der OTL-FIX nicht richig durchgelaufen sein. Fahre nicht fort, sondern melde dies bitte.

1. Schritt

Fixen mit OTLpe

Starte den infizierten Rechner mit der OTLpe-CD und öffne OTLpe.
Kopiere nun den folgenden Inhalt aus der Codebox in die Textbox.
Wichtig: Falls du deinen Benutzernamen im Log unkenntlich gemacht hast (z.B. durch ***), dann mach das hier wieder rückgängig.

Code:

ATTFilter

:OTL

O4 - HKLM..\Run: [ApnUpdater] D:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask) 
O20 - HKU\Maike_ON_D Winlogon: Shell - (C:\Users\Maike\AppData\Roaming\skype.dat) - D:\Users\Maike\AppData\Roaming\skype.dat () 
[2009/08/22 04:44:20 | 000,036,136 | ---- | C] (Oberon Media) -- D:\ProgramData\FullRemove.exe 
[2013/05/24 08:35:18 | 000,000,004 | ---- | M] () -- D:\Users\Maike\AppData\Roaming\skype.ini 
@Alternate Data Stream - 138 bytes -> D:\ProgramData\Temp:5D7E5A8F 
[2012/01/11 09:11:48 | 000,071,680 | ---- | C] () -- D:\Users\Maike\AppData\Roaming\skype.dat 
[2011/11/11 16:43:55 | 000,000,000 | ---D | M] -- D:\ProgramData\boost_interprocess 

:Files 

ipconfig /flushdns /c
:Commands
[emptytemp]

Klicke jetzt auf den Fix Button.
Starte danach neu und versuche wieder in den normalen Modus von Windows zu booten.
Nach dem Neustart findest du ein Textdokument auf deinem Desktop.
(Auch zu finden unter C:\OTL\MovedFiles\<time_date.log>)
Kopiere nun dessen Inhalt hier in deinen Thread.

Normal neustarten,

2. Schritt
Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

danach:

3. Schritt
Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

dsdsd · 24.05.2013, 19:43

OTLPE Fix:

Code:

ATTFilter

========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\\ApnUpdater deleted successfully.
D:\Program Files (x86)\Ask.com\Updater\Updater.exe moved successfully.
Registry value HKEY_USERS\Maike_ON_D\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell:C:\Users\Maike\AppData\Roaming\skype.dat deleted successfully.
D:\Users\Maike\AppData\Roaming\skype.dat moved successfully.
D:\ProgramData\FullRemove.exe moved successfully.
D:\Users\Maike\AppData\Roaming\skype.ini moved successfully.
ADS D:\ProgramData\Temp:5D7E5A8F deleted successfully.
File D:\Users\Maike\AppData\Roaming\skype.dat not found.
D:\ProgramData\boost_interprocess\DA2D9BE74A9ECC01 folder moved successfully.
D:\ProgramData\boost_interprocess\BE5FB8C5B1A0CC01 folder moved successfully.
D:\ProgramData\boost_interprocess folder moved successfully.
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
An internal error occurred: The system cannot find the file specified.
 
Please contact Microsoft Product Support Services for further help.
Additional information: Unable to open registry key for tcpip.
D:\cmd.bat deleted successfully.
D:\cmd.txt deleted successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 41620 bytes
 
User: Default User
 
User: Maike
->Temp folder emptied: 1347983100 bytes
->Temporary Internet Files folder emptied: 142653934 bytes
->Java cache emptied: 36436 bytes
->FireFox cache emptied: 66778873 bytes
->Google Chrome cache emptied: 30574929 bytes
->Flash cache emptied: 44143 bytes
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 340902663 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128838 bytes
 
Total Files Cleaned = 1,840.00 mb
 
 
OTLPE by OldTimer - Version 3.1.48.0 log created on 05242013_193716

MBAM LOG:

Code:

ATTFilter

 Malwarebytes Anti-Malware  (Test) 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.05.24.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16521
Maike :: OLLI-LAPTOP [Administrator]

Schutz: Aktiviert

24.05.2013 20:41:13
MBAM-log-2013-05-24 (21-57-56).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 353353
Laufzeit: 1 Stunde(n), 15 Minute(n), 18 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 1
HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon|shell (Trojan.Agent.RNS) -> Daten: explorer.exe,C:\Users\Maike\AppData\Roaming\skype.dat -> Keine Aktion durchgeführt.

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 3
C:\Users\Public\Documents\CATIA_V5\CATIAV5R17\CATIAV5R17_01\Crack\V5R17GA.exe (Trojan.Bancos) -> Keine Aktion durchgeführt.
C:\Users\Public\Documents\Office 2010 Professional Plus\mini-KMS Activator v1.1 Office 2010 VL\mini-KMS Activator v1.1 Office 2010 VL.ex_ (Riskware.Crk) -> Keine Aktion durchgeführt.
C:\_OTL\MovedFiles\05242013_193716\D_Users\Maike\AppData\Roaming\skype.dat (Malware.Packer.EGX1) -> Keine Aktion durchgeführt.

(Ende)

ADWCleaner Log:

Code:

ATTFilter

# AdwCleaner v2.301 - Datei am 24/05/2013 um 22:35:37 erstellt
# Aktualisiert am 16/05/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : Maike - OLLI-LAPTOP
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Maike\Downloads\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****


***** [Registrierungsdatenbank] *****


***** [Internet Browser] *****

-\\ Internet Explorer v10.0.9200.16521

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v21.0 (de)

Datei : C:\Users\Maike\AppData\Roaming\Mozilla\Firefox\Profiles\rh926v76.default\prefs.js

[OK] Die Datei ist sauber.

-\\ Google Chrome v [Version kann nicht ermittelt werden]

Datei : C:\Users\Maike\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

*************************

AdwCleaner[R1].txt - [1090 octets] - [24/05/2013 22:35:12]
AdwCleaner[S1].txt - [8412 octets] - [24/05/2013 22:30:37]
AdwCleaner[S2].txt - [1024 octets] - [24/05/2013 22:35:37]

########## EOF - C:\AdwCleaner[S2].txt - [1084 octets] ##########

t'john · 25.05.2013, 13:35

Zitat:

Trojan.Bancos

C:\Users\Public\Documents\CATIA_V5\CATIAV5R17\CATIAV5R17_01\Crack\V5R17GA.exe

Riskware.Crk

C:\Users\Public\Documents\Office 2010 Professional Plus\mini-KMS Activator v1.1 Office 2010 VL\mini-KMS Activator v1.1 Office 2010 VL.ex_

Die Benutzung von Cracks und Keygens verstoesst gegen unseren Kodex.

Schon mal darueber nachgedacht, warum es Cracks gibt?
Mit Cracks & Co installiert man sich Hintertueren auf dem Rechner.
Kriminelle nutzen solche Rechner als Botnetz fuer ihre Machenschaften. Dein System ist als nicht vertrauenswuerdig einzustufen und du solltest keine sensiblen Sachen wie Homebanking an dem PC betreiben.

Anleitungen zum Neuaufsetzen (bebildert) > Windows 7 neu aufsetzen > Vista > XP

1. Datenrettung:

deaktiviere Autorun: http://www.trojaner-board.de/83238-a...sschalten.html
dann sichere Daten auf nen externen datenträger: http://www.trojaner-board.de/82533-d...ted-magic.html
Bilder, Dokumente, Musik Videos (persönliches) http://www.trojaner-board.de/71715-k...iendungen.html

2. Formatieren, Windows neu instalieren:

nutzt du eine Windows CD: http://www.trojaner-board.de/51262-a...sicherung.html
recovery cd oder recovery partition.
falls dies ein fertig pc ist, nenne hersteller + typ.
Keine Windows 7 DVD? http://www.trojaner-board.de/100776-...-download.html

3. PC absichern: http://www.trojaner-board.de/96344-a...-rechners.html
ich werde außerdem noch weitere punkte dazu posten.
4. alle Passwörter ändern!
5. nach PC Absicherung, die gesicherten Daten prüfen und falls sauber: zurückspielen.

Window 7 32Bit, Weißer Bildschirm nach Systemstart.

Plagegeister aller Art und deren Bekämpfung: Window 7 32Bit, Weißer Bildschirm nach Systemstart.