Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: W32.Blaster

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 02.02.2014, 13:01   #1
dongle
 
W32.Blaster - Standard

W32.Blaster



Hallo, jetzt hat es auch mich erwischt.
Einer meiner Windows XP Rechner ist infiziert und fährt mit der Fehlermeldung NT-Autorität System nach 60 Sekunden wieder runter. Ich habe schon einiges hier gelesen bevor ich hier nun schreibe. Ich habe das Problem das ich den Befehl shutdown-a nicht eingeben kann da zum einem die Taskleiste verschwindet und der Rechner einfriert, die Maus ist ohne Funktion.
Auch wenn ich den Taskmanager öffne und über Neuer Task dann den Befehl eingebe, in dem Moment wenn die Meldung erscheint ist sämtliches Gerät zur Eingabe nutzlos, ohne funktion. Vor erscheinen der Meldung den Befehl bestätigen bringt nix....
Im abgesichertem Modus (mit und ohne Netzwekrtreibes, sowie alle anderen Punkte) führten auch nicht zum Erfolg. Immer das gleiche, der PC friert ein.
Ich habe auch schon mit einer Knoppix CD versucht dem Plagegeist zu Leibe zu rücken aber bis jetzt ohne Erfolg. Momentan lasse ich dort grade noch Stinger laufen in der Hoffnung das es etwas bringt. Auch hat es nichts gbracht die Platte an irgendein anderen PC zu hängen und scannen zu lassen, es wurde nichts gefunden was auf den Plagegeist hinweist.
Ist es möglich ihn anders zu entfernen bzw. manuell mit einem anderem PC ?

Update.
Jetzt bin ich wenigstens soweit gekommen das ich den Befehl zum stoppen des Countdown eingeben kann. Aber...., ich kann kein Internet aufrufen und kaum irgendein Programm/Tool installieren so das ich etwas gegen den W32 tun könnte. Das einzige was läuft ist das Tool von Symantec...

Alt 02.02.2014, 13:12   #2
schrauber
/// the machine
/// TB-Ausbilder
 

W32.Blaster - Standard

W32.Blaster



Hi,
geht einer der Safe Modes?


Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 02.02.2014, 15:05   #3
dongle
 
W32.Blaster - Standard

W32.Blaster



Wie gesagt komme ich zum einem nicht ins Internet, zum anderem, selbst wenn ich mit einem anderem PC entsprechende Programme runterlade, auf CD brenne (da USB warum auch immer nicht funktioniert) und dann versuche dort auszuführen, auch das kopieren auf's Desktop funktioniert nicht, passiert nichts. Das einzige Tool was läuft ist das von Symantec. Aber ob das was bringt wage ich zu bezweifeln.
Auch muss ich dabei ständig am PC sitzen da die Meldung NT-Autorität System ständig wieder aufploppt, ca alle zwei Minuten und ich dann immer wieder "shutdown -a" eingeben muss damit wenigstens das Fix Tool von Symantec durchlaufen kann...
Von daher wäre es mir ganz angenehm wenn ich etwas erreichen kann in dem ich bestimmte Schlüssel, Werte in der Registry lösche. Wenn ja, welche Suchkriterien muss ich anwenden um zu einem entsprechenden Suchergebnis zu kommen.
__________________

Alt 03.02.2014, 13:54   #4
schrauber
/// the machine
/// TB-Ausbilder
 

W32.Blaster - Standard

W32.Blaster



Dann gehen wir ganz von aussen ran:

Falls Du kein Brennprogramm installiert hast, lade
dir bitte ISOBurner herunter.
Das Programm wird Dir erlauben, OTLPE auf eine CD zu brennen und sie bootfähig zu machen.
Du brauchst das Tool nur zu installieren, der Rest läuft automatisch => Wie brenne ich eine ISO Datei auf CD/DVD.
  • Lade OTLPENet.exe von OldTimer herunter und speichere sie auf Deinem Desktop.
    Anmerkung: Die Datei ist ca. 120 MB groß und es wird bei langsamer Internet-Verbindung ein wenig dauern, bis Du sie runtergeladen hast.
  • Wenn der Download fertig ist, mache einen Doppelklick auf die Datei und beantworte die Frage "Do you want to burn the CD?" mit Yes.
  • Lege eine leere CD in Deinen Brenner.
  • ImgBurn (oder Dein Brennprogramm) wird das Archiv extrahieren und OTLPE Network auf die CD brennen.
  • Wenn der Brenn-Vorgang abgeschlossen ist, wirst Du eine Dialogbox sehen => "Operation successfully completed".
  • Du kannst nun die Fenster des Brennprogramms schließen.
Nun boote von mit der OTLPE CD.
Hinweis: Wie boote ich von CD
  • Dein System sollte nach einigen Minuten den REATOGO-X-PE Desktop anzeigen.
  • Mache einen Doppelklick auf das OTLPE Icon.
  • Wenn Du gefragt wirst "Do you wish to load the remote registry", dann wähle Yes.
  • Wenn Du gefragt wirst "Do you wish to load remote user profile(s) for scanning", dann wähle Yes.
  • Vergewissere Dich, dass die Box "Automatically Load All Remaining Users" gewählt ist und drücke OK.
  • OTLpe sollte nun starten.
  • Drücke Run Scan, um den Scan zu starten.
  • Wenn der Scan fertig ist, werden die Dateien C:\OTL.Txt und C:\Extras.Txt erstellt
  • Kopiere diese Datei auf Deinen USB-Stick, wenn Du keine Internetverbindung auf diesem System hast.
  • Bitte poste den Inhalt von C:\OTL.Txt und Extras.Txt.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 08.02.2014, 14:55   #5
dongle
 
W32.Blaster - Standard

W32.Blaster



hier die otlp.txt
OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 2/8/2014 2:46:18 PM - Run 
OTLPE by OldTimer - Version 3.1.48.0     Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 89.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 97.65 Gb Total Space | 18.03 Gb Free Space | 18.47% Space Free | Partition Type: NTFS
Drive D: | 172.79 Gb Total Space | 69.09 Gb Free Space | 39.99% Space Free | Partition Type: NTFS
Drive E: | 195.31 Gb Total Space | 98.98 Gb Free Space | 50.68% Space Free | Partition Type: NTFS
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet004
 
========== Win32 Services (All) ==========
 
SRV - [2013/12/17 06:20:20 | 000,440,376 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2013/12/17 06:18:28 | 001,011,768 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- C:\Programme\Avira\AntiVir Desktop\AVWEBGRD.EXE -- (AntiVirWebService)
SRV - [2013/12/17 06:18:17 | 000,896,056 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- C:\Programme\Avira\AntiVir Desktop\avmailc.exe -- (AntiVirMailService)
SRV - [2013/12/17 06:18:05 | 001,012,280 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- C:\Programme\Avira\AntiVir Desktop\avfwsvc.exe -- (AntiVirFirewallService)
SRV - [2013/12/12 07:18:16 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/11/12 05:54:09 | 000,440,376 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2013/10/30 04:45:38 | 000,036,152 | ---- | M] (TuneUp Software) [Auto] -- C:\WINDOWS\system32\uxtuneup.dll -- (UxTuneUp)
SRV - [2013/10/08 01:48:23 | 000,182,696 | ---- | M] (Oracle Corporation) [Auto] -- C:\Programme\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2013/07/19 23:35:48 | 000,754,856 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2013/07/05 21:41:23 | 004,569,856 | ---- | M] () [Auto] -- C:\programme\gemeinsame dateien\akamai/netsession_win_8fa3539.dll -- (Akamai)
SRV - [2012/09/17 22:46:19 | 000,090,640 | ---- | M] (CyberLink Corp.) [Disabled] -- C:\Programme\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe -- (CLHNServiceForPowerDVD12)
SRV - [2012/08/30 10:08:11 | 000,194,032 | ---- | M] (Google) [On_Demand] -- C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc)
SRV - [2012/08/01 09:07:16 | 000,724,888 | ---- | M] (Nokia) [On_Demand] -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2012/07/06 08:59:07 | 000,078,336 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\browser.dll -- (Browser)
SRV - [2011/11/25 09:32:36 | 000,687,400 | ---- | M] (Nero AG) [Auto] -- C:\Programme\Nero\Update\NASvc.exe -- (NAUpdate)
SRV - [2011/07/19 23:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2010/10/28 02:10:40 | 000,189,776 | ---- | M] (DATA BECKER GmbH & Co KG) [Auto] -- C:\Programme\Gemeinsame Dateien\DATA BECKER Shared\DBService.exe -- (DBService)
SRV - [2010/08/27 00:57:36 | 000,099,840 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\srvsvc.dll -- (LanmanServer)
SRV - [2010/08/17 08:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\spoolsv.exe -- (Spooler)
SRV - [2010/03/18 06:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/01 22:36:13 | 000,135,664 | ---- | M] (Google Inc.) [On_Demand] -- C:\Programme\Google\Update\GoogleUpdate.exe -- (gupdatem) Google Update-Dienst (gupdatem)
SRV - [2010/02/01 22:36:13 | 000,135,664 | ---- | M] (Google Inc.) [Auto] -- C:\Programme\Google\Update\GoogleUpdate.exe -- (gupdate) Google Update Service (gupdate)
SRV - [2009/08/27 11:09:10 | 001,253,376 | ---- | M] (MAGIX AG) [Disabled] -- C:\Programme\Gemeinsame Dateien\MAGIX Services\Database\bin\FABS.exe -- (Fabs)
SRV - [2009/08/21 08:24:02 | 000,070,336 | ---- | M] () [Disabled] -- C:\Programme\Haufe\iDesk\iDeskService\iDeskService.exe -- (HRService)
SRV - [2009/07/27 18:16:05 | 000,135,680 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\shsvcs.dll -- (Themes)
SRV - [2009/07/27 18:16:05 | 000,135,680 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\shsvcs.dll -- (ShellHWDetection)
SRV - [2009/07/27 18:16:05 | 000,135,680 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\shsvcs.dll -- (FastUserSwitchingCompatibility)
SRV - [2009/07/14 21:08:26 | 000,602,112 | ---- | M] (ATI Technologies Inc.) [Auto] -- C:\WINDOWS\system32\ati2evxx.exe -- (Ati HotKey Poller)
SRV - [2009/07/14 15:05:00 | 000,593,920 | ---- | M] () [Auto] -- C:\WINDOWS\system32\ati2sgag.exe -- (ATI Smart)
SRV - [2009/07/13 12:16:22 | 000,064,512 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\WINDOWS\system32\WudfSvc.dll -- (WudfSvc)
SRV - [2009/06/10 01:14:21 | 000,132,096 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\wkssvc.dll -- (LanmanWorkstation)
SRV - [2009/04/20 12:17:26 | 000,045,568 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\dnsrslvr.dll -- (Dnscache)
SRV - [2009/02/09 06:21:35 | 000,111,104 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\services.exe -- (PlugPlay)
SRV - [2009/02/09 06:21:35 | 000,111,104 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\services.exe -- (Eventlog)
SRV - [2009/02/09 05:51:45 | 000,401,408 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\rpcss.dll -- (RpcSs) Remoteprozeduraufruf (RPC)
SRV - [2009/02/09 05:51:45 | 000,401,408 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\rpcss.dll -- (DcomLaunch)
SRV - [2009/02/09 05:51:44 | 000,678,400 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\advapi32.dll -- (Wmi)
SRV - [2008/12/18 06:05:40 | 000,191,008 | ---- | M] () [Auto] -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe -- (nSvcIp)
SRV - [2008/08/07 05:10:02 | 003,276,800 | ---- | M] (MAGIX®) [Disabled] -- C:\Programme\Gemeinsame Dateien\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
SRV - [2008/07/29 15:10:04 | 000,046,104 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0)
SRV - [2008/07/29 13:24:50 | 000,881,664 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc)
SRV - [2008/07/29 13:16:38 | 000,132,096 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing)
SRV - [2008/07/25 05:17:02 | 000,069,632 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/07/25 05:16:40 | 000,034,312 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state)
SRV - [2008/07/09 09:03:48 | 000,102,400 | ---- | M] (PacketVideo) [Disabled] -- C:\Programme\Nokia\Nokia Home Media Server\Media Server\TwonkyMedia.exe -- (TwonkyMedia)
SRV - [2008/07/07 15:26:58 | 000,253,952 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\es.dll -- (EventSystem)
SRV - [2008/06/20 11:02:46 | 000,247,296 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\mswsock.dll -- (Nla) NLA (Network Location Awareness)
SRV - [2008/05/26 16:18:44 | 000,439,808 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\WINDOWS\System32\SearchIndexer.exe -- (WSearch)
SRV - [2008/05/18 18:57:42 | 000,095,744 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\System32\msiexec.exe -- (MSIServer)
SRV - [2008/04/14 01:52:12 | 000,021,504 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\hidserv.dll -- (HidServ)
SRV - [2008/04/14 01:03:54 | 000,483,840 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\WINDOWS\system32\wzcsvc.dll -- (WZCSVC)
SRV - [2008/04/14 00:53:08 | 000,126,464 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\wbem\wmiapsrv.exe -- (WmiApSrv)
SRV - [2008/04/14 00:53:06 | 000,292,864 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\vssvc.exe -- (VSS)
SRV - [2008/04/14 00:53:04 | 000,075,264 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\WINDOWS\system32\tlntsvr.exe -- (TlntSvr)
SRV - [2008/04/14 00:53:04 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\ups.exe -- (UPS)
SRV - [2008/04/14 00:53:02 | 000,143,360 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\sessmgr.exe -- (RDSessMgr)
SRV - [2008/04/14 00:53:02 | 000,094,208 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\smlogsvc.exe -- (SysmonLog)
SRV - [2008/04/14 00:53:00 | 000,099,840 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\scardsvr.exe -- (SCardSvr)
SRV - [2008/04/14 00:52:56 | 000,114,176 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\WINDOWS\system32\netdde.exe -- (NetDDEdsdm)
SRV - [2008/04/14 00:52:56 | 000,114,176 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\WINDOWS\system32\netdde.exe -- (NetDDE)
SRV - [2008/04/14 00:52:54 | 000,032,768 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\mnmsrvc.exe -- (mnmsrvc)
SRV - [2008/04/14 00:52:54 | 000,006,144 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\msdtc.exe -- (MSDTC)
SRV - [2008/04/14 00:52:52 | 000,075,264 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\locator.exe -- (RpcLocator)
SRV - [2008/04/14 00:52:52 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\lsass.exe -- (SamSs)
SRV - [2008/04/14 00:52:52 | 000,013,312 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\lsass.exe -- (ProtectedStorage)
SRV - [2008/04/14 00:52:52 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\lsass.exe -- (PolicyAgent)
SRV - [2008/04/14 00:52:52 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\lsass.exe -- (NtLmSsp)
SRV - [2008/04/14 00:52:52 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\lsass.exe -- (Netlogon)
SRV - [2008/04/14 00:52:50 | 000,150,528 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\imapi.exe -- (ImapiService)
SRV - [2008/04/14 00:52:44 | 000,225,280 | ---- | M] (Microsoft Corp., Veritas Software) [On_Demand] -- C:\WINDOWS\System32\dmadmin.exe -- (dmadmin)
SRV - [2008/04/14 00:52:44 | 000,005,120 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\System32\dllhost.exe -- (SwPrv)
SRV - [2008/04/14 00:52:44 | 000,005,120 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\System32\dllhost.exe -- (COMSysApp)
SRV - [2008/04/14 00:52:40 | 000,033,280 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\WINDOWS\system32\clipsrv.exe -- (ClipSrv)
SRV - [2008/04/14 00:52:40 | 000,005,632 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\cisvc.exe -- (CiSvc)
SRV - [2008/04/14 00:52:36 | 000,044,544 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\alg.exe -- (ALG)
SRV - [2008/04/14 00:52:34 | 000,334,336 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\wiaservc.dll -- (stisvc) Windows-Bilderfassung (WIA)
SRV - [2008/04/14 00:52:34 | 000,145,408 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\wbem\wmisvc.dll -- (winmgmt)
SRV - [2008/04/14 00:52:34 | 000,129,024 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\WINDOWS\system32\xmlprov.dll -- (xmlprov)
SRV - [2008/04/14 00:52:34 | 000,080,896 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\WINDOWS\system32\wscsvc.dll -- (wscsvc)
SRV - [2008/04/14 00:52:34 | 000,068,096 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\webclnt.dll -- (WebClient)
SRV - [2008/04/14 00:52:34 | 000,006,656 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\wuauserv.dll -- (wuauserv)
SRV - [2008/04/14 00:52:32 | 000,297,472 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\termsrv.dll -- (TermService)
SRV - [2008/04/14 00:52:32 | 000,249,856 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\tapisrv.dll -- (TapiSrv)
SRV - [2008/04/14 00:52:32 | 000,186,880 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\upnphost.dll -- (upnphost)
SRV - [2008/04/14 00:52:32 | 000,177,152 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\w32time.dll -- (W32Time)
SRV - [2008/04/14 00:52:32 | 000,171,520 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\srsvc.dll -- (srservice)
SRV - [2008/04/14 00:52:32 | 000,090,112 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\trkwks.dll -- (TrkWks) Überwachung verteilter Verknüpfungen (Client)
SRV - [2008/04/14 00:52:32 | 000,071,680 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\ssdpsrv.dll -- (SSDPSRV)
SRV - [2008/04/14 00:52:32 | 000,015,872 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\w3ssl.dll -- (HTTPFilter)
SRV - [2008/04/14 00:52:26 | 000,039,424 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\sens.dll -- (SENS)
SRV - [2008/04/14 00:52:26 | 000,018,944 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\seclogon.dll -- (seclogon)
SRV - [2008/04/14 00:52:24 | 000,409,088 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\qmgr.dll -- (BITS)
SRV - [2008/04/14 00:52:24 | 000,294,400 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\qagentrt.dll -- (napagent) NAP-Agent (Network Access Protection)
SRV - [2008/04/14 00:52:24 | 000,193,536 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\schedsvc.dll -- (Schedule)
SRV - [2008/04/14 00:52:24 | 000,186,368 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\rasmans.dll -- (RasMan)
SRV - [2008/04/14 00:52:24 | 000,088,576 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\rasauto.dll -- (RasAuto)
SRV - [2008/04/14 00:52:24 | 000,059,904 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\WINDOWS\system32\regsvc.dll -- (RemoteRegistry)
SRV - [2008/04/14 00:52:24 | 000,038,400 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll -- (helpsvc)
SRV - [2008/04/14 00:52:22 | 000,438,272 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\ntmssvc.dll -- (NtmsSvc)
SRV - [2008/04/14 00:52:20 | 000,198,144 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\netman.dll -- (Netman)
SRV - [2008/04/14 00:52:18 | 000,033,792 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\WINDOWS\system32\msgsvc.dll -- (Messenger)
SRV - [2008/04/14 00:52:16 | 000,053,248 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\WINDOWS\system32\mprdim.dll -- (RemoteAccess)
SRV - [2008/04/14 00:52:14 | 000,334,336 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\ipnathlp.dll -- (SharedAccess)
SRV - [2008/04/14 00:52:14 | 000,061,440 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\kmsvc.dll -- (hkmsvc)
SRV - [2008/04/14 00:52:14 | 000,013,824 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\lmhsvc.dll -- (LmHosts)
SRV - [2008/04/14 00:52:12 | 000,023,040 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\ersvc.dll -- (ERSvc)
SRV - [2008/04/14 00:52:10 | 000,133,120 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\dot3svc.dll -- (Dot3svc) Automatische Konfiguration (verkabelt)
SRV - [2008/04/14 00:52:10 | 000,127,488 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\dhcpcsvc.dll -- (Dhcp)
SRV - [2008/04/14 00:52:10 | 000,062,464 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\cryptsvc.dll -- (CryptSvc)
SRV - [2008/04/14 00:52:10 | 000,033,792 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\eapsvc.dll -- (EapHost)
SRV - [2008/04/14 00:52:10 | 000,024,064 | ---- | M] (Microsoft Corp.) [Auto] -- C:\WINDOWS\system32\dmserver.dll -- (dmserver)
SRV - [2008/04/14 00:52:08 | 000,175,616 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\appmgmts.dll -- (AppMgmt)
SRV - [2008/04/14 00:52:08 | 000,042,496 | ---- | M] (Microsoft Corporation) [Auto] -- C:\WINDOWS\system32\audiosrv.dll -- (AudioSrv)
SRV - [2008/04/14 00:52:08 | 000,017,408 | ---- | M] (Microsoft Corporation) [Disabled] -- C:\WINDOWS\system32\alrsvc.dll -- (Alerter)
SRV - [2007/12/05 05:25:58 | 000,364,192 | ---- | M] () [Disabled] -- C:\WINDOWS\System32\atwtusb.exe -- (WTService)
SRV - [2006/11/03 03:56:28 | 000,920,576 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Programme\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc)
SRV - [2006/10/26 08:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2006/10/18 15:47:16 | 000,027,136 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\mspmsnsv.dll -- (WmdmPmSN)
SRV - [2005/04/03 17:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand] -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2003/04/02 07:00:00 | 000,132,608 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\WINDOWS\system32\rsvp.exe -- (RSVP)
 
 
========== Driver Services (All) ==========
 
DRV - File not found [Kernel | On_Demand] --  -- (WDICA)
DRV - File not found [Kernel | Disabled] --  -- (ViaIde)
DRV - File not found [Kernel | On_Demand] --  -- (VcommMgr)
DRV - File not found [Kernel | On_Demand] --  -- (VComm)
DRV - File not found [Kernel | Disabled] --  -- (ultra)
DRV - File not found [Kernel | Disabled] --  -- (TosIde)
DRV - File not found [Kernel | Disabled] --  -- (symc8xx)
DRV - File not found [Kernel | Disabled] --  -- (symc810)
DRV - File not found [Kernel | Disabled] --  -- (sym_u3)
DRV - File not found [Kernel | Disabled] --  -- (sym_hi)
DRV - File not found [Kernel | Disabled] --  -- (Sparrow)
DRV - File not found [Kernel | Disabled] --  -- (Simbad)
DRV - File not found [Kernel | Disabled] --  -- (ql1280)
DRV - File not found [Kernel | Disabled] --  -- (ql1240)
DRV - File not found [Kernel | Disabled] --  -- (ql12160)
DRV - File not found [Kernel | Disabled] --  -- (Ql10wnt)
DRV - File not found [Kernel | Disabled] --  -- (ql1080)
DRV - File not found [Kernel | Disabled] --  -- (perc2hib)
DRV - File not found [Kernel | Disabled] --  -- (perc2)
DRV - File not found [Kernel | On_Demand] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] --  -- (PDCOMP)
DRV - File not found [Kernel | System] --  -- (PCIDump)
DRV - File not found [Kernel | Disabled] --  -- (mraid35x)
DRV - File not found [Kernel | System] --  -- (lbrtfdc)
DRV - File not found [Kernel | Disabled] --  -- (IntelIde)
DRV - File not found [Kernel | Disabled] --  -- (ini910u)
DRV - File not found [Kernel | System] --  -- (InCDRm)
DRV - File not found [Kernel | System] --  -- (InCDPass)
DRV - File not found [File_System | Disabled] --  -- (InCDFs)
DRV - File not found [Kernel | Disabled] --  -- (i2omp)
DRV - File not found [Kernel | System] --  -- (i2omgmt)
DRV - File not found [Kernel | Disabled] --  -- (hpn)
DRV - File not found [Kernel | Disabled] --  -- (dpti2o)
DRV - File not found [Kernel | Disabled] --  -- (dac960nt)
DRV - File not found [Kernel | Disabled] --  -- (dac2w2k)
DRV - File not found [Kernel | Disabled] --  -- (Cpqarray)
DRV - File not found [Kernel | Disabled] --  -- (CmdIde)
DRV - File not found [Kernel | System] --  -- (Changer)
DRV - File not found [Kernel | Disabled] --  -- (cd20xrnt)
DRV - File not found [Kernel | Boot] --  -- (BTHidMgr)
DRV - File not found [Kernel | Boot] --  -- (BTHidEnum)
DRV - File not found [Kernel | On_Demand] --  -- (Btcsrusb)
DRV - File not found [Kernel | On_Demand] --  -- (BT)
DRV - File not found [Kernel | On_Demand] --  -- (BlueletSCOAudio)
DRV - File not found [Kernel | On_Demand] --  -- (BlueletAudio)
DRV - File not found [Kernel | Disabled] --  -- (Atdisk)
DRV - File not found [Kernel | Disabled] --  -- (asc3550)
DRV - File not found [Kernel | Disabled] --  -- (asc3350p)
DRV - File not found [Kernel | Disabled] --  -- (asc)
DRV - File not found [Kernel | Disabled] --  -- (amsint)
DRV - File not found [Kernel | Disabled] --  -- (AliIde)
DRV - File not found [Kernel | Disabled] --  -- (aic78xx)
DRV - File not found [Kernel | Disabled] --  -- (aic78u2)
DRV - File not found [Kernel | Disabled] --  -- (Aha154x)
DRV - File not found [Kernel | Disabled] --  -- (adpu160m)
DRV - File not found [Kernel | Disabled] --  -- (abp480n5)
DRV - File not found [Kernel | Disabled] --  -- (Abiosdsk)
DRV - [2013/12/17 06:20:27 | 000,135,648 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2013/12/17 06:20:27 | 000,090,400 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2013/10/07 06:42:02 | 000,037,352 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System] -- C:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2013/08/28 19:56:06 | 000,026,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbser.sys -- (usbser)
DRV - [2013/08/08 19:55:07 | 000,032,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbccgp.sys -- (usbccgp)
DRV - [2013/07/16 19:58:03 | 000,060,160 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbaudio.sys -- (usbaudio) USB-Audiotreiber (WDM)
DRV - [2013/07/02 20:59:02 | 000,014,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbscan.sys -- (usbscan)
DRV - [2013/02/28 04:47:57 | 000,113,024 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\WINDOWS\system32\drivers\avfwot.sys -- (avfwot)
DRV - [2013/02/28 04:47:57 | 000,092,448 | ---- | M] (Avira GmbH) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\avfwim.sys -- (avfwim)
DRV - [2012/08/27 08:50:24 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2012/07/04 09:05:05 | 000,139,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\rdpwd.sys -- (RDPWD)
DRV - [2012/06/27 08:18:52 | 000,019,072 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2012/06/20 04:35:49 | 000,121,208 | ---- | M] (Cyberlink Corp.) [Kernel | Auto] -- C:\Programme\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12.sys -- (ntk_PowerDVD12)
DRV - [2012/03/01 09:40:30 | 000,452,016 | ---- | M] (Paragon) [Kernel | System] -- C:\WINDOWS\system32\drivers\Uim_IM.sys -- (Uim_IM)
DRV - [2012/03/01 09:40:30 | 000,275,504 | ---- | M] (Paragon) [Kernel | System] -- C:\WINDOWS\system32\drivers\Uim_Vim.sys -- (Uim_Vim)
DRV - [2012/03/01 09:40:30 | 000,081,200 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | System] -- C:\WINDOWS\system32\drivers\UimBus.sys -- (UimBus)
DRV - [2012/01/09 10:28:20 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2012/01/09 10:28:20 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2012/01/09 10:28:20 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2012/01/09 10:28:20 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2011/12/01 04:40:16 | 000,056,496 | ---- | M] (Nero AG) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\NBVol.sys -- (NBVol)
DRV - [2011/12/01 04:40:16 | 000,012,464 | ---- | M] (Nero AG) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\NBVolUp.sys -- (NBVolUp)
DRV - [2011/10/17 20:43:42 | 000,181,432 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ssudmdm.sys -- (ssudmdm) SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.)
DRV - [2011/10/17 20:43:42 | 000,078,136 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ssudbus.sys -- (dg_ssudbus) SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.)
DRV - [2011/10/17 12:40:22 | 000,100,368 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\AtihdXP3.sys -- (AtiHDAudioService)
DRV - [2011/08/17 08:49:54 | 000,138,496 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\afd.sys -- (AFD)
DRV - [2011/07/15 08:29:31 | 000,456,320 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\system32\drivers\mrxsmb.sys -- (MRxSmb)
DRV - [2011/07/08 09:02:00 | 000,010,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ndistapi.sys -- (NdisTapi)
DRV - [2011/04/21 08:37:43 | 000,105,472 | ---- | M] (Microsoft Corporation) [File_System | Boot] -- C:\WINDOWS\System32\drivers\mup.sys -- (Mup)
DRV - [2011/02/17 08:18:03 | 000,357,888 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\WINDOWS\system32\drivers\srv.sys -- (Srv)
DRV - [2010/11/02 10:17:02 | 000,040,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\ndproxy.sys -- (NDProxy)
DRV - [2010/02/24 05:22:10 | 000,185,472 | ---- | M] (Protect Software GmbH) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\acedrv11.sys -- (acedrv11)
DRV - [2009/11/28 16:13:03 | 000,076,800 | ---- | M] () [Kernel | System] -- C:\WINDOWS\system32\drivers\SSHDRV84.sys -- (SSHDRV84)
DRV - [2009/10/20 11:20:16 | 000,265,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\http.sys -- (HTTP)
DRV - [2009/10/15 09:51:48 | 000,018,688 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\vtcdrv.sys -- (vtcdrv)
DRV - [2009/07/14 23:20:10 | 004,407,808 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2009/07/14 03:35:16 | 000,444,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wdf01000.sys -- (Wdf01000)
DRV - [2009/07/13 10:50:46 | 000,132,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\WudfRd.sys -- (WudfRd)
DRV - [2009/07/13 10:50:18 | 000,091,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\WudfPf.sys -- (WudfPf)
DRV - [2009/06/24 06:18:41 | 000,092,928 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\ksecdd.sys -- (KSecDD)
DRV - [2009/06/02 08:26:28 | 000,099,856 | ---- | M] (ATI Research Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2009/03/18 06:02:23 | 000,030,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbehci.sys -- (usbehci)
DRV - [2008/10/09 09:42:42 | 000,017,408 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\KMWDFILTER.sys -- (KMWDFILTER)
DRV - [2008/08/24 20:22:40 | 000,014,208 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2008/08/01 04:36:26 | 000,022,016 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2008/08/01 04:36:20 | 000,054,784 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2008/06/20 06:51:12 | 000,361,600 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\tcpip.sys -- (Tcpip)
DRV - [2008/04/14 01:53:28 | 000,040,840 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\termdd.sys -- (TermDD)
DRV - [2008/04/14 01:28:38 | 000,014,720 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\kbdhid.sys -- (kbdhid)
DRV - [2008/04/14 01:22:52 | 000,057,728 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\redbook.sys -- (redbook)
DRV - [2008/04/14 01:03:54 | 000,080,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\parport.sys -- (Parport)
DRV - [2008/04/14 01:03:54 | 000,061,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nic1394.sys -- (NIC1394)
DRV - [2008/04/14 01:03:54 | 000,060,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\arp1394.sys -- (Arp1394)
DRV - [2008/04/14 01:03:54 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\processr.sys -- (Processor)
DRV - [2008/04/14 01:03:54 | 000,030,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\modem.sys -- (Modem)
DRV - [2008/04/14 01:03:54 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\mouclass.sys -- (Mouclass)
DRV - [2008/04/14 01:03:54 | 000,015,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mssmbios.sys -- (mssmbios)
DRV - [2008/04/14 01:03:54 | 000,014,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ndisuio.sys -- (Ndisuio)
DRV - [2008/04/14 01:03:54 | 000,004,352 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\swenum.sys -- (swenum)
DRV - [2008/04/14 00:53:28 | 000,021,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\tdtcp.sys -- (TDTCP)
DRV - [2008/04/14 00:53:28 | 000,012,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\System32\drivers\tdpipe.sys -- (TDPIPE)
DRV - [2008/04/14 00:32:34 | 000,073,472 | ---- | M] (Microsoft Corporation) [File_System | Boot] -- C:\WINDOWS\system32\drivers\sr.sys -- (sr)
DRV - [2008/04/14 00:32:18 | 000,120,576 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\drivers\pcmcia.sys -- (Pcmcia)
DRV - [2008/04/14 00:32:14 | 000,068,224 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\pci.sys -- (PCI)
DRV - [2008/04/14 00:28:38 | 000,025,216 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\kbdclass.sys -- (Kbdclass)
DRV - [2008/04/14 00:28:20 | 000,154,112 | ---- | M] (Microsoft Corp., Veritas Software) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\dmio.sys -- (dmio)
DRV - [2008/04/14 00:28:14 | 000,800,384 | ---- | M] (Microsoft Corp., Veritas Software) [Kernel | Disabled] -- C:\WINDOWS\system32\drivers\dmboot.sys -- (dmboot)
DRV - [2008/04/14 00:28:04 | 000,037,632 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\isapnp.sys -- (isapnp)
DRV - [2008/04/14 00:25:36 | 000,052,992 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\i8042prt.sys -- (i8042prt)
DRV - [2008/04/14 00:25:00 | 000,065,536 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\serial.sys -- (Serial)
DRV - [2008/04/14 00:22:52 | 000,044,672 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\fips.sys -- (Fips)
DRV - [2008/04/14 00:22:04 | 000,053,760 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\volsnap.sys -- (VolSnap)
DRV - [2008/04/14 00:19:04 | 000,188,800 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\acpi.sys -- (ACPI)
DRV - [2008/04/13 18:47:20 | 000,083,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wdmaud.sys -- (wdmaud)
DRV - [2008/04/13 18:45:56 | 000,060,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\sysaudio.sys -- (sysaudio)
DRV - [2008/04/13 18:17:38 | 000,025,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbprint.sys -- (usbprint)
DRV - [2008/04/13 18:16:20 | 000,061,696 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\ohci1394.sys -- (ohci1394)
DRV - [2008/04/13 18:15:40 | 000,026,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\USBSTOR.SYS -- (USBSTOR)
DRV - [2008/04/13 18:15:36 | 000,020,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbuhci.sys -- (usbuhci)
DRV - [2008/04/13 18:15:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2008/04/13 18:15:28 | 000,010,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\hidusb.sys -- (HidUsb)
DRV - [2008/04/13 18:15:14 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\drmkaud.sys -- (drmkaud)
DRV - [2008/04/13 18:15:10 | 000,172,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\kmixer.sys -- (kmixer)
DRV - [2008/04/13 18:15:10 | 000,056,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\swmidi.sys -- (swmidi)
DRV - [2008/04/13 18:15:08 | 000,006,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\splitter.sys -- (splitter)
DRV - [2008/04/13 18:15:02 | 000,052,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\DMusic.sys -- (DMusic)
DRV - [2008/04/13 18:09:54 | 000,007,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\MSKSSRV.sys -- (MSKSSRV)
DRV - [2008/04/13 18:09:52 | 000,005,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\MSPCLOCK.sys -- (MSPCLOCK)
DRV - [2008/04/13 18:09:52 | 000,004,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\MSPQM.sys -- (MSPQM)
DRV - [2008/04/13 18:06:40 | 000,008,832 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\wmiacpi.sys -- (WmiAcpi)
DRV - [2008/04/13 18:02:52 | 000,196,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\rdpdr.sys -- (rdpdr)
DRV - [2008/04/13 17:58:40 | 000,175,744 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\system32\drivers\rdbss.sys -- (Rdbss)
DRV - [2008/04/13 17:51:02 | 000,162,816 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\netbt.sys -- (NetBT)
DRV - [2008/04/13 17:50:44 | 000,091,520 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ndiswan.sys -- (NdisWan)
DRV - [2008/04/13 17:50:38 | 000,182,656 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\ndis.sys -- (NDIS)
DRV - [2008/04/13 17:49:50 | 000,048,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\raspptp.sys -- (PptpMiniport) WAN-Miniport (PPTP)
DRV - [2008/04/13 17:49:44 | 000,075,264 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\ipsec.sys -- (IPSec)
DRV - [2008/04/13 17:49:44 | 000,051,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\rasl2tp.sys -- (Rasl2tp) WAN-Miniport (L2TP)
DRV - [2008/04/13 17:45:54 | 000,574,976 | ---- | M] (Microsoft Corporation) [File_System | Disabled] -- C:\WINDOWS\System32\drivers\ntfs.sys -- (Ntfs)
DRV - [2008/04/13 17:44:30 | 000,143,744 | ---- | M] (Microsoft Corporation) [File_System | Disabled] -- C:\WINDOWS\System32\drivers\fastfat.sys -- (Fastfat)
DRV - [2008/04/13 17:44:22 | 000,063,744 | ---- | M] (Microsoft Corporation) [File_System | Disabled] -- C:\WINDOWS\System32\drivers\cdfs.sys -- (Cdfs)
DRV - [2008/04/13 17:27:34 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\raspppoe.sys -- (RasPppoe)
DRV - [2008/04/13 17:27:28 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\asyncmac.sys -- (AsyncMac)
DRV - [2008/04/13 17:27:22 | 000,034,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wanarp.sys -- (Wanarp)
DRV - [2008/04/13 17:27:16 | 000,152,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ipnat.sys -- (IpNat)
DRV - [2008/04/13 17:27:08 | 000,020,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ipinip.sys -- (IpInIp)
DRV - [2008/04/13 17:26:40 | 000,069,120 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\psched.sys -- (PSched)
DRV - [2008/04/13 17:26:34 | 000,035,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\msgpc.sys -- (Gpc)
DRV - [2008/04/13 17:26:04 | 000,034,688 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\system32\drivers\netbios.sys -- (NetBIOS)
DRV - [2008/04/13 17:24:30 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\irenum.sys -- (IRENUM)
DRV - [2008/04/13 17:23:36 | 000,036,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ip6fw.sys -- (Ip6Fw)
DRV - [2008/04/13 17:21:26 | 000,059,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\atmarpc.sys -- (Atmarpc)
DRV - [2008/04/13 17:15:38 | 000,059,520 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbhub.sys -- (usbhub)
DRV - [2008/04/13 17:15:36 | 000,017,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\usbohci.sys -- (usbohci)
DRV - [2008/04/13 17:14:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\vga.sys -- (VgaSave)
DRV - [2008/04/13 17:11:00 | 000,042,112 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\imapi.sys -- (Imapi)
DRV - [2008/04/13 17:10:50 | 000,019,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\partmgr.sys -- (PartMgr)
DRV - [2008/04/13 17:10:50 | 000,011,392 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\sfloppy.sys -- (Sfloppy)
DRV - [2008/04/13 17:10:48 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\cdrom.sys -- (Cdrom)
DRV - [2008/04/13 17:10:48 | 000,036,352 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\disk.sys -- (Disk)
DRV - [2008/04/13 17:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\atapi.sys -- (atapi)
DRV - [2008/04/13 17:10:26 | 000,027,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\fdc.sys -- (Fdc)
DRV - [2008/04/13 17:10:26 | 000,020,480 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\flpydisk.sys -- (Flpydisk)
DRV - [2008/04/13 17:10:14 | 000,015,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\serenum.sys -- (serenum)
DRV - [2008/04/13 17:09:48 | 000,384,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\update.sys -- (Update)
DRV - [2008/04/13 17:09:48 | 000,042,368 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\System32\drivers\mountmgr.sys -- (MountMgr)
DRV - [2008/04/13 17:03:00 | 000,129,792 | ---- | M] (Microsoft Corporation) [File_System | Boot] -- C:\WINDOWS\system32\drivers\fltMgr.sys -- (FltMgr)
DRV - [2008/04/13 17:02:46 | 000,180,608 | ---- | M] (Microsoft Corporation) [File_System | On_Demand] -- C:\WINDOWS\system32\drivers\mrxdav.sys -- (MRxDAV)
DRV - [2008/04/13 17:02:40 | 000,030,848 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\System32\drivers\npfs.sys -- (Npfs)
DRV - [2008/04/13 17:02:40 | 000,019,072 | ---- | M] (Microsoft Corporation) [File_System | System] -- C:\WINDOWS\System32\drivers\msfs.sys -- (Msfs)
DRV - [2008/04/13 17:02:38 | 000,066,048 | ---- | M] (Microsoft Corporation) [File_System | Disabled] -- C:\WINDOWS\System32\drivers\udfs.sys -- (Udfs)
DRV - [2008/04/13 16:09:24 | 000,142,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\aec.sys -- (aec)
DRV - [2008/04/13 15:09:16 | 000,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\secdrv.sys -- (Secdrv)
DRV - [2008/04/13 15:06:06 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2007/07/27 05:46:06 | 000,251,680 | ---- | M] (Protect Software GmbH) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\acehlp10.sys -- (acehlp10)
DRV - [2007/07/27 03:13:08 | 000,330,144 | ---- | M] (Protect Software GmbH) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\ACEDRV10.sys -- (acedrv10)
DRV - [2007/04/18 02:59:40 | 000,098,600 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand] -- C:\WINDOWS\system32\COMMONFX.DLL -- (COMMONFX.DLL)
DRV - [2007/04/16 15:46:00 | 000,033,792 | ---- | M] (Advanced Micro Devices) [Kernel | System] -- C:\WINDOWS\system32\drivers\AmdPPM.sys -- (AmdPPM)
DRV - [2007/04/12 02:10:26 | 000,164,608 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\system32\CT20XUT.DLL -- (CT20XUT.DLL)
DRV - [2007/04/12 02:10:26 | 000,066,816 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\system32\CTHWIUT.DLL -- (CTHWIUT.DLL)
DRV - [2007/04/12 02:10:24 | 001,317,632 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\system32\CTEXFIFX.DLL -- (CTEXFIFX.DLL)
DRV - [2007/04/12 02:10:22 | 000,323,328 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand] -- C:\WINDOWS\system32\CTEDSPSY.DLL -- (CTEDSPSY.DLL)
DRV - [2007/04/12 02:10:22 | 000,128,768 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand] -- C:\WINDOWS\system32\CTEDSPIO.DLL -- (CTEDSPIO.DLL)
DRV - [2007/04/12 02:10:20 | 000,280,320 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand] -- C:\WINDOWS\system32\CTEDSPFX.DLL -- (CTEDSPFX.DLL)
DRV - [2007/04/12 02:10:20 | 000,094,976 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand] -- C:\WINDOWS\system32\CTERFXFX.DLL -- (CTERFXFX.DLL)
DRV - [2007/04/12 02:10:18 | 000,168,192 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand] -- C:\WINDOWS\system32\CTEAPSFX.DLL -- (CTEAPSFX.DLL)
DRV - [2007/04/12 02:10:16 | 000,560,384 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand] -- C:\WINDOWS\system32\CTSBLFX.DLL -- (CTSBLFX.DLL)
DRV - [2007/04/12 02:10:16 | 000,546,048 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand] -- C:\WINDOWS\system32\CTAUDFX.DLL -- (CTAUDFX.DLL)
DRV - [2007/04/10 00:00:24 | 000,157,480 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV - [2007/04/09 23:59:04 | 000,126,760 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ctoss2k.sys -- (ossrv)
DRV - [2007/04/09 22:32:06 | 000,189,736 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\haP17v2k.sys -- (hap17v2k)
DRV - [2007/04/09 22:31:18 | 000,163,112 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\haP16v2k.sys -- (hap16v2k)
DRV - [2007/04/09 22:29:10 | 000,797,992 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ha10kx2k.sys -- (ha10kx2k)
DRV - [2007/04/09 22:28:36 | 000,092,968 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\emupia2k.sys -- (emupia)
DRV - [2007/04/09 22:25:46 | 000,014,632 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ctprxy2k.sys -- (ctprxy2k)
DRV - [2007/04/09 22:21:06 | 000,347,128 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ctdvda2k.sys -- (ctdvda2k)
DRV - [2007/04/09 22:20:38 | 000,520,488 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ctaud2k.sys -- (ctaud2k) Creative Audio Driver (WDM)
DRV - [2007/04/09 22:19:30 | 000,511,272 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ctac32k.sys -- (ctac32k)
DRV - [2006/10/18 14:00:00 | 000,038,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\wpdusb.sys -- (WpdUsb)
DRV - [2004/07/07 00:28:52 | 000,322,784 | ---- | M] (ESI) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\gigapAG.sys -- (ESI_GigaportAG)
DRV - [2004/07/07 00:27:54 | 000,023,360 | ---- | M] (usb-audio.de) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\pgusbmm3.sys -- (pgusbmme)
DRV - [2003/12/22 00:52:30 | 000,014,938 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ProdDrvr.sys -- (Prodikeys)
DRV - [2003/04/02 07:00:00 | 000,126,336 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\ftdisk.sys -- (Ftdisk)
DRV - [2003/04/02 07:00:00 | 000,032,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ipfltdrv.sys -- (IpFilterDriver)
DRV - [2003/04/02 07:00:00 | 000,032,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nwlnkfwd.sys -- (NwlnkFwd)
DRV - [2003/04/02 07:00:00 | 000,018,688 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\cdaudio.sys -- (Cdaudio)
DRV - [2003/04/02 07:00:00 | 000,017,792 | ---- | M] (Parallel Technologies, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ptilink.sys -- (Ptilink)
DRV - [2003/04/02 07:00:00 | 000,016,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\raspti.sys -- (Raspti) Parallelanschluss (direkt)
DRV - [2003/04/02 07:00:00 | 000,013,952 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\drivers\cbidf2k.sys -- (cbidf2k)
DRV - [2003/04/02 07:00:00 | 000,012,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nwlnkflt.sys -- (NwlnkFlt)
DRV - [2003/04/02 07:00:00 | 000,012,160 | ---- | M] (Microsoft Corporation) [Kernel | Disabled] -- C:\WINDOWS\System32\drivers\acpiec.sys -- (ACPIEC)
DRV - [2003/04/02 07:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\ws2ifsl.sys -- (WS2IFSL)
DRV - [2003/04/02 07:00:00 | 000,008,832 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\rasacd.sys -- (RasAcd)
DRV - [2003/04/02 07:00:00 | 000,007,936 | ---- | M] (Microsoft Corporation) [Recognizer | System] -- C:\WINDOWS\System32\drivers\fs_rec.sys -- (Fs_Rec)
DRV - [2003/04/02 07:00:00 | 000,007,040 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\WINDOWS\System32\drivers\parvdm.sys -- (ParVdm)
DRV - [2003/04/02 07:00:00 | 000,005,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\rootmdm.sys -- (ROOTMODEM)
DRV - [2003/04/02 07:00:00 | 000,005,888 | ---- | M] (Microsoft Corp., Veritas Software.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\dmload.sys -- (dmload)
DRV - [2003/04/02 07:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\system32\drivers\rdpcdd.sys -- (RDPCDD)
DRV - [2003/04/02 07:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\mnmdd.sys -- (mnmdd)
DRV - [2003/04/02 07:00:00 | 000,004,224 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\beep.sys -- (Beep)
DRV - [2003/04/02 07:00:00 | 000,003,328 | ---- | M] (Microsoft Corporation) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\pciide.sys -- (PCIIde)
DRV - [2003/04/02 07:00:00 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | System] -- C:\WINDOWS\System32\drivers\null.sys -- (Null)
DRV - [2003/04/02 07:00:00 | 000,002,864 | ---- | M] (Microsoft Corporation) [Adapter | On_Demand] -- C:\WINDOWS\System32\winsock.dll -- (Winsock)
DRV - [2003/03/04 23:19:28 | 000,015,840 | R--- | M] (Creative Technology Ltd.) [Kernel | Auto] -- C:\WINDOWS\system32\PfModNT.sys -- (PfModNT)
DRV - [2002/04/17 14:27:02 | 000,011,264 | ---- | M] (VOB Computersysteme GmbH) [Kernel | System] -- C:\WINDOWS\System32\drivers\asapi.sys -- (Asapi)
DRV - [2001/08/17 22:22:44 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mouhid.sys -- (mouhid)
DRV - [2001/08/17 07:59:44 | 000,003,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\audstub.sys -- (audstub)
DRV - [2001/04/08 20:03:56 | 000,017,784 | ---- | M] (Syncrosoft Hard- und Software GmbH) [Kernel | Auto] -- C:\WINDOWS\System32\drivers\NSynas32.sys -- (Nsynas32)
DRV - [1999/06/29 20:49:10 | 000,023,200 | ---- | M] () [Kernel | Auto] -- C:\WINDOWS\System32\drivers\ppsio2.sys -- (ppsio2)
 
 
========== Standard Registry (All) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =  [binary data]
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
IE - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = hxxp://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm
IE - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
IE - HKLM\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKLM\..\URLSearchHook: {FE69C007-C452-4d3e-86D2-1730DF8BC871} - C:\Programme\SimilarSites\SimilarSites.dll (SimilarSites)
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
 
IE - HKU\Administrator_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
IE - HKU\Meinke_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://de.msn.com/
IE - HKU\Meinke_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
IE - HKU\Meinke_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.bing.com/ [binary data]
IE - HKU\Meinke_ON_C\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKU\Meinke_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKU\Meinke_ON_C\Software\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\Meinke_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.t-online.de/
IE - HKU\Meinke_ON_C\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKU\Meinke_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKU\Meinke_ON_C\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKU\Meinke_ON_C\..\URLSearchHook: {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - C:\Programme\DVDVideoSoftTB_DE\prxtbDVDV.dll (Conduit Ltd.)
IE - HKU\Meinke_ON_C\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.)
IE - HKU\Meinke_ON_C\..\URLSearchHook: {c9508125-4747-4733-b048-e4b82dc9716d} - C:\Programme\PHPNukeDE\prxtbPHP2.dll (Conduit Ltd.)
IE - HKU\Meinke_ON_C\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation)
IE - HKU\Meinke_ON_C\..\URLSearchHook: {FE69C007-C452-4d3e-86D2-1730DF8BC871} - C:\Programme\SimilarSites\SimilarSites.dll (SimilarSites)
IE - HKU\Meinke_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Programme\Java\jre7\bin\dtplugin\npdeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Programme\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Programme\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Dokumente und Einstellungen\Meinke\Anwendungsdaten\Move Networks\plugins\071803000001\npqmp071803000001.dll (Move Networks)
FF - HKLM\Software\MozillaPlugins\@Nero.com/KM: C:\Programme\Gemeinsame Dateien\Nero\BrowserPlugin\npBrowserPlugin.dll (Nero AG)
FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Programme\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.0.282: C:\Programme\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.6.14: C:\Programme\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.0: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.0: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.0: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.6.14: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.6.14: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.0.282: C:\Programme\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/11/27 15:01:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{34712C68-7391-4c47-94F3-8F88D49AD632}: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2012/12/25 07:16:07 | 000,000,000 | ---D | M]
 
[2012/08/21 07:05:22 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
 
O1 HOSTS File: ([2003/04/02 07:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (DVDVideoSoftTB DE Toolbar) - {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - C:\Programme\DVDVideoSoftTB_DE\prxtbDVDV.dll (Conduit Ltd.)
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.)
O2 - BHO: (DealPly) - {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} - C:\Programme\DealPly\DealPlyIE.dll (DealPly Technologies Ltd)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
O2 - BHO: (PHPNukeDE Toolbar) - {c9508125-4747-4733-b048-e4b82dc9716d} - C:\Programme\PHPNukeDE\prxtbPHP2.dll (Conduit Ltd.)
O2 - BHO: (MSN Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Programme\MSN\Toolbar\3.0.1203.0\msneshellx.dll (Microsoft Corp.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Softonic Helper Object) - {E87806B5-E908-45FD-AF5E-957D83E58E68} - C:\Programme\Softonic\Softonic\1.6.7.4\bh\Softonic.dll (Softonic.com)
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB DE Toolbar) - {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - C:\Programme\DVDVideoSoftTB_DE\prxtbDVDV.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (MSN Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Programme\MSN\Toolbar\3.0.1203.0\msneshellx.dll (Microsoft Corp.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Softonic Toolbar) - {5018CFD2-804D-4C99-9F81-25EAEA2769DE} - C:\Programme\Softonic\Softonic\1.6.7.4\SoftonicTlbr.dll (Softonic.com)
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (PHPNukeDE Toolbar) - {c9508125-4747-4733-b048-e4b82dc9716d} - C:\Programme\PHPNukeDE\prxtbPHP2.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (SimilarSites) - {FE69C007-C452-4d3e-86D2-1730DF8BC871} - C:\Programme\SimilarSites\SimilarSites.dll (SimilarSites)
O3 - HKU\Administrator_ON_C\..\Toolbar\ShellBrowser: (&Adresse) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKU\Meinke_ON_C\..\Toolbar\ShellBrowser: (&Adresse) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKU\Meinke_ON_C\..\Toolbar\WebBrowser: (DVDVideoSoftTB DE Toolbar) - {0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF} - C:\Programme\DVDVideoSoftTB_DE\prxtbDVDV.dll (Conduit Ltd.)
O3 - HKU\Meinke_ON_C\..\Toolbar\WebBrowser: (&Adresse) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O3 - HKU\Meinke_ON_C\..\Toolbar\WebBrowser: (&Links) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O3 - HKU\Meinke_ON_C\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\Meinke_ON_C\..\Toolbar\WebBrowser: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Programme\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKU\Meinke_ON_C\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Programme\DVDVideoSoftTB\prxtbDVD0.dll (Conduit Ltd.)
O3 - HKU\Meinke_ON_C\..\Toolbar\WebBrowser: (PHPNukeDE Toolbar) - {C9508125-4747-4733-B048-E4B82DC9716D} - C:\Programme\PHPNukeDE\prxtbPHP2.dll (Conduit Ltd.)
O4 - HKLM..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe (Microsoft Corporation)
O4 - HKU\.DEFAULT..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKU\LocalService_ON_C..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKU\Meinke_ON_C..\Run: [NokiaSuite.exe] C:\Programme\Nokia\Nokia Suite\NokiaSuite.exe (Nokia)
O4 - HKU\NetworkService_ON_C..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (Microsoft Corporation)
O4 - HKU\Administrator_ON_C..\RunOnce: [NeroHomeFirstStart] C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroScoutOptions.exe (Nero AG)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Administrator_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Meinke_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: SimilarSites - {807DF5E0-4EF7-48a8-A405-239F3E29FFA9} - C:\Programme\SimilarSites\SimilarSites.dll (SimilarSites)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\system32\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\system32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\system32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\system32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\system32\rsvpsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\WINDOWS\system32\nvLsp.dll (NVIDIA)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} hxxp://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab (Microsoft Office Template and Media Control)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab (QuickTime Plugin Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1345347428328 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab (Java Plug-in 10.45.2)
O16 - DPF: {CAFEEFAC-0017-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab (Java Plug-in 1.7.0_07)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab (Java Plug-in 10.45.2)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {DB28CF23-0083-40B5-BF63-69925D672385} hxxp://www.nero.com/doc/NeroVersionChecker.cab (CNeroSerialChecker Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UIHost - (C:\WINDOWS\system32\logonui.exe) - C:\WINDOWS\system32\logonui.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation)
O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation)
O20 - Winlogon\Notify\dimsntfy: DllName - %SystemRoot%\System32\dimsntfy.dll - C:\WINDOWS\system32\dimsntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation)
O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O20 - Winlogon\Notify\WgaLogon: DllName - WgaLogon.dll - C:\WINDOWS\System32\WgaLogon.dll (Microsoft Corporation)
O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation)
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll (Microsoft Corporation)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
O27 - HKLM IFEO\nokiasuite.exe: Debugger - "C:\Programme\TuneUp Utilities 2014\TUAutoReactivator32.exe" (TuneUp Software)
O27 - HKLM IFEO\pdvdlaunchpolicy.exe: Debugger - "C:\Programme\TuneUp Utilities 2014\TUAutoReactivator32.exe" (TuneUp Software)
O27 - HKLM IFEO\powerdvd12.exe: Debugger - "C:\Programme\TuneUp Utilities 2014\TUAutoReactivator32.exe" (TuneUp Software)
O27 - HKLM IFEO\realconverter.exe: Debugger - "C:\Programme\TuneUp Utilities 2014\TUAutoReactivator32.exe" (TuneUp Software)
O27 - HKLM IFEO\realplay.exe: Debugger - "C:\Programme\TuneUp Utilities 2014\TUAutoReactivator32.exe" (TuneUp Software)
O27 - HKLM IFEO\realtrimmer.exe: Debugger - "C:\Programme\TuneUp Utilities 2014\TUAutoReactivator32.exe" (TuneUp Software)
O27 - HKLM IFEO\rnxproc.exe: Debugger - "C:\Programme\TuneUp Utilities 2014\TUAutoReactivator32.exe" (TuneUp Software)
O27 - HKLM IFEO\softwareupdate.exe: Debugger - "C:\Programme\TuneUp Utilities 2014\TUAutoReactivator32.exe" (TuneUp Software)
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Programme\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/11/24 06:46:30 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 06:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk /r \??\L:) -  File not found
O34 - HKLM BootExecute: (autocheck autochk /r \??\K:) -  File not found
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/02/08 08:31:52 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\Estsoft
[2014/02/03 05:29:31 | 000,000,000 | ---D | C] -- C:\Programme\stinger
[2014/02/03 05:29:05 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Meinke\Anwendungsdaten\ParetoLogic
[2014/02/03 05:29:05 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Meinke\Anwendungsdaten\DriverCure
[2014/02/02 11:14:45 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\ParetoLogic
[2014/02/02 11:14:44 | 000,000,000 | ---D | C] -- C:\Programme\ParetoLogic
[2014/02/02 11:14:44 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ParetoLogic
[2014/02/02 11:13:19 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Meinke\Recent
[2014/02/02 06:24:06 | 000,000,000 | ---D | C] -- C:\Programme\CCleaner
[2014/02/02 06:22:24 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Meinke\Lokale Einstellungen\Anwendungsdaten\Abelssoft
[2014/02/02 06:21:31 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\MyKeyFinder
[2014/02/02 06:21:29 | 000,000,000 | ---D | C] -- C:\Programme\MyKeyFinder
[2014/02/02 05:23:55 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Lokale Einstellungen\Anwendungsdaten\ATI
[2014/02/02 05:23:55 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Administrator\Anwendungsdaten\ATI
[2014/02/02 05:23:05 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\Administrator\Eigene Dateien
[2014/02/02 05:20:53 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\HiJackThis204.exe
[2014/02/02 03:35:36 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC
[2014/01/14 01:19:02 | 000,000,000 | -HSD | C] -- C:\found.000
[2009/11/25 06:13:08 | 000,010,240 | ---- | C] ( ) -- C:\WINDOWS\System32\killapps.exe
[2009/11/25 06:12:58 | 000,034,816 | ---- | C] ( ) -- C:\WINDOWS\System32\a3d.dll
[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2014/02/08 14:15:47 | 007,001,811 | ---- | M] () -- C:\CPU_XP64_XP(1.3.2_2007_AUG).zip
[2014/02/08 08:34:29 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014/02/08 05:36:22 | 000,000,389 | -HS- | M] () -- C:\boot.ini
[2014/02/08 05:03:14 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2014/02/03 05:30:38 | 000,001,814 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Architekt Pro.lnk
[2014/02/03 05:30:38 | 000,000,893 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Erste Schritte.lnk
[2014/02/03 05:29:08 | 000,000,406 | ---- | M] () -- C:\WINDOWS\tasks\ParetoLogic Registration3.job
[2014/02/02 10:44:18 | 000,193,536 | ---- | M] () -- C:\Dokumente und Einstellungen\Meinke\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2014/02/02 06:21:31 | 000,001,562 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\MyKeyFinder.lnk
[2014/02/02 06:21:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\MyKeyFinder
[2014/02/02 05:20:53 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\HiJackThis204.exe
[2014/02/01 18:09:57 | 000,000,048 | ---- | M] () -- C:\.directory
[2014/02/01 08:31:21 | 001,059,584 | ---- | M] () -- C:\W32.Blaster.Worm-Removal-Tool-Setup.exe
[2014/01/19 20:41:28 | 000,001,790 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Web Easy Professional 9.lnk
[5 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2014/02/08 14:15:47 | 007,001,811 | ---- | C] () -- C:\CPU_XP64_XP(1.3.2_2007_AUG).zip
[2014/02/03 05:29:08 | 000,000,406 | ---- | C] () -- C:\WINDOWS\tasks\ParetoLogic Registration3.job
[2014/02/02 06:21:31 | 000,001,562 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\MyKeyFinder.lnk
[2014/02/01 18:09:57 | 000,000,048 | ---- | C] () -- C:\.directory
[2014/02/01 08:51:16 | 001,059,584 | ---- | C] () -- C:\W32.Blaster.Worm-Removal-Tool-Setup.exe
[2013/11/21 01:45:04 | 000,717,944 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\FontCache3.0.0.0.dat
[2013/08/09 02:38:52 | 002,645,888 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013/02/28 07:23:25 | 000,001,830 | ---- | C] () -- C:\Dokumente und Einstellungen\Meinke\.recently-used.xbel
[2012/09/25 07:44:26 | 000,000,038 | ---- | C] () -- C:\WINDOWS\AviSplitter.INI
[2012/09/18 05:33:14 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Sci-Fi
[2012/09/18 05:27:09 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Sampler Files
[2012/08/18 07:46:19 | 001,386,186 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-S-1-5-21-1060284298-484763869-682003330-1003-0.dat
[2012/08/17 23:27:14 | 000,603,138 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-System.dat
[2012/08/02 07:04:11 | 000,000,118 | ---- | C] () -- C:\WINDOWS\lgcenter.ini
[2012/06/23 10:48:14 | 000,000,028 | ---- | C] () -- C:\WINDOWS\Robota.INI
[2012/05/16 03:53:23 | 000,002,804 | ---- | C] () -- C:\WINDOWS\FWDN_V7_0.INI
[2012/05/16 03:53:23 | 000,000,807 | ---- | C] () -- C:\WINDOWS\FWDN_V7_CFG.ini
[2012/02/24 06:06:33 | 000,284,160 | ---- | C] () -- C:\WINDOWS\unin0407.exe
[2012/02/16 11:32:15 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011/10/04 12:18:38 | 000,005,000 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\surkpqid.bdr
[2011/10/04 09:54:14 | 000,000,655 | ---- | C] () -- C:\WINDOWS\BeatBox.INI
[2011/04/03 10:02:41 | 000,054,272 | ---- | C] () -- C:\WINDOWS\System32\KERNELH2.DLL
[2011/04/03 10:02:19 | 000,228,351 | ---- | C] () -- C:\WINDOWS\LOOP.exe
[2011/03/19 09:16:15 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\nnr.dll
[2010/12/25 06:21:20 | 000,003,651 | ---- | C] () -- C:\WINDOWS\DBCDLFMT.INI
[2010/10/25 20:44:21 | 000,000,571 | ---- | C] () -- C:\WINDOWS\System32\FeMakro.ini
[2010/10/25 20:44:21 | 000,000,497 | ---- | C] () -- C:\WINDOWS\System32\FeAnim.ini
[2010/09/28 21:09:33 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\Cpuinf32.dll
[2010/05/11 06:07:00 | 000,000,025 | ---- | C] () -- C:\WINDOWS\WebEasy.INI
[2010/04/03 11:50:49 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ViewNX.INI
[2010/04/03 11:34:25 | 000,000,000 | -H-- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PKP_DLdw.DAT
[2010/04/03 11:34:25 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\Meinke\Anwendungsdaten\Screen Saver
[2010/04/03 11:30:41 | 000,000,000 | -H-- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PKP_DLdu.DAT
[2010/04/03 11:30:41 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\Meinke\Anwendungsdaten\Sampler Instruments
[2010/03/27 10:30:00 | 000,002,516 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2010/01/12 22:02:17 | 000,000,071 | ---- | C] () -- C:\WINDOWS\Pex.INI
[2010/01/06 09:53:21 | 000,002,528 | ---- | C] () -- C:\Dokumente und Einstellungen\Meinke\Anwendungsdaten\$_hpcst$.hpc
[2009/12/23 10:33:26 | 000,364,192 | ---- | C] () -- C:\WINDOWS\System32\atwtusb.exe
[2009/12/23 10:33:25 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\InstallService.exe
[2009/12/23 10:33:24 | 001,969,824 | ---- | C] () -- C:\WINDOWS\System32\WTMKM.exe
[2009/12/23 10:33:23 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\ATWTINK.DLL
[2009/12/23 10:33:23 | 000,102,048 | ---- | C] () -- C:\WINDOWS\RmTablet.exe
[2009/12/23 10:33:21 | 000,019,137 | ---- | C] () -- C:\WINDOWS\System32\Photoshop Elements.ini
[2009/12/23 10:33:21 | 000,014,448 | ---- | C] () -- C:\WINDOWS\System32\PhotoImpact XL SE.ini
[2009/12/23 10:33:21 | 000,008,798 | ---- | C] () -- C:\WINDOWS\System32\Vista.ini
[2009/12/23 10:33:21 | 000,008,467 | ---- | C] () -- C:\WINDOWS\System32\XP_2000.ini
[2009/12/23 10:33:21 | 000,006,989 | ---- | C] () -- C:\WINDOWS\aiptbl.ini
[2009/12/23 10:33:21 | 000,000,619 | ---- | C] () -- C:\WINDOWS\System32\MKProfile.ini
[2009/12/10 07:01:18 | 000,000,030 | ---- | C] () -- C:\WINDOWS\Iedit_.INI
[2009/11/28 16:13:03 | 000,076,800 | ---- | C] () -- C:\WINDOWS\System32\drivers\SSHDRV84.sys
[2009/11/28 12:28:42 | 000,114,816 | ---- | C] () -- C:\WINDOWS\System32\MSMT4232.DLL
[2009/11/28 12:18:21 | 000,000,089 | ---- | C] () -- C:\Dokumente und Einstellungen\Meinke\default.pls
[2009/11/28 12:15:38 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009/11/28 12:05:50 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\IWUninstall.exe
[2009/11/26 23:31:18 | 000,006,984 | ---- | C] () -- C:\WINDOWS\CDPLAYER.INI
[2009/11/26 22:42:44 | 000,193,536 | ---- | C] () -- C:\Dokumente und Einstellungen\Meinke\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/11/25 08:54:16 | 000,000,474 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2009/11/25 08:30:47 | 000,000,155 | ---- | C] () -- C:\WINDOWS\MusicStudio.INI
[2009/11/25 08:18:34 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\mgxasio2.dll
[2009/11/25 08:10:14 | 000,120,200 | ---- | C] () -- C:\WINDOWS\System32\DLLDEV32i.dll
[2009/11/25 08:08:53 | 000,006,768 | ---- | C] () -- C:\WINDOWS\mgxoschk.ini
[2009/11/25 07:16:36 | 000,000,024 | ---- | C] () -- C:\WINDOWS\System32\DVCStateBkp-{00000000-00000000-00000008-00001102-00000004-00511102}.dat
[2009/11/25 07:16:36 | 000,000,024 | ---- | C] () -- C:\WINDOWS\System32\DVCState-{00000000-00000000-00000008-00001102-00000004-00511102}.dat
[2009/11/25 06:28:50 | 000,061,440 | ---- | C] () -- C:\WINDOWS\System32\gl.dll
[2009/11/25 06:28:50 | 000,006,138 | ---- | C] () -- C:\WINDOWS\System32\e1.ini
[2009/11/25 06:13:34 | 000,000,075 | ---- | C] () -- C:\WINDOWS\SBWIN.INI
[2009/11/25 06:13:10 | 000,313,207 | ---- | C] () -- C:\WINDOWS\System32\ctstatic.dat
[2009/11/25 06:13:09 | 000,325,821 | ---- | C] () -- C:\WINDOWS\System32\ctdlang.dat
[2009/11/25 06:13:09 | 000,149,838 | ---- | C] () -- C:\WINDOWS\System32\ctbas2w.dat
[2009/11/25 06:13:09 | 000,111,223 | ---- | C] () -- C:\WINDOWS\System32\CTBASICW.DAT
[2009/11/25 06:13:09 | 000,053,932 | ---- | C] () -- C:\WINDOWS\System32\ctdaught.dat
[2009/11/25 06:13:08 | 000,176,128 | ---- | C] () -- C:\WINDOWS\PSCONV.EXE
[2009/11/25 06:13:08 | 000,048,128 | ---- | C] () -- C:\WINDOWS\System32\regplib.exe
[2009/11/25 06:13:08 | 000,000,307 | ---- | C] () -- C:\WINDOWS\System32\kill.ini
[2009/11/25 06:12:53 | 000,000,054 | ---- | C] () -- C:\WINDOWS\System32\ctzapxx.ini
[2009/11/25 06:12:50 | 001,048,576 | ---- | C] () -- C:\WINDOWS\System32\sfman.dat
[2009/11/25 06:12:49 | 000,024,992 | ---- | C] () -- C:\WINDOWS\Ctres.dll
[2009/11/25 06:12:49 | 000,000,231 | ---- | C] () -- C:\WINDOWS\ac3api.ini
[2009/11/25 05:50:58 | 000,023,200 | ---- | C] () -- C:\WINDOWS\System32\drivers\ppsio2.sys
[2009/11/24 07:41:31 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2009/11/24 07:30:59 | 000,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2009/11/24 07:27:17 | 000,593,920 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2009/11/24 07:27:05 | 000,887,724 | R--- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2009/11/24 07:27:05 | 000,197,655 | R--- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2009/11/24 07:27:05 | 000,000,003 | R--- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2009/11/24 07:24:43 | 000,003,948 | R--- | C] () -- C:\WINDOWS\System32\drivers\nvphy.bin
[2009/11/24 07:23:53 | 000,004,995 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2009/11/24 07:23:50 | 000,010,288 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2009/11/24 06:47:54 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2009/11/24 06:44:10 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009/11/24 06:39:08 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009/02/18 12:55:20 | 000,294,912 | ---- | C] () -- C:\WINDOWS\System32\ATIODE.exe
[2009/02/03 15:52:02 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ATIODCLI.exe
[2008/05/26 16:23:36 | 000,016,834 | ---- | C] () -- C:\WINDOWS\System32\gthrctr.ini
[2008/05/26 16:23:34 | 000,024,188 | ---- | C] () -- C:\WINDOWS\System32\idxcntrs.ini
[2008/05/26 16:23:32 | 000,016,568 | ---- | C] () -- C:\WINDOWS\System32\gsrvctr.ini
[2008/05/26 15:59:42 | 000,018,904 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschematrivial.bin
[2008/05/26 15:59:40 | 000,106,605 | ---- | C] () -- C:\WINDOWS\System32\structuredqueryschema.bin
[2008/04/14 01:06:26 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2007/07/03 09:44:10 | 000,064,000 | ---- | C] () -- C:\WINDOWS\System32\ALZALZ.BIN
[2007/07/03 09:44:10 | 000,044,544 | ---- | C] () -- C:\WINDOWS\System32\ALZZip.BIN
[2007/04/12 02:10:28 | 000,105,728 | ---- | C] () -- C:\WINDOWS\System32\APOMgrH.dll
[2007/04/09 06:55:14 | 000,097,785 | ---- | C] () -- C:\WINDOWS\System32\instwdm.ini
[2007/04/09 06:33:50 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CTBurst.dll
[2007/04/09 06:32:32 | 000,037,888 | ---- | C] () -- C:\WINDOWS\System32\psconv.exe
[2007/04/09 06:24:30 | 000,046,273 | ---- | C] () -- C:\WINDOWS\System32\ctdnlstr.dat
[2007/04/09 06:19:44 | 000,274,587 | ---- | C] () -- C:\WINDOWS\System32\ctsbas2w.dat
[2007/04/09 06:19:36 | 000,241,084 | ---- | C] () -- C:\WINDOWS\System32\CTSBASW.DAT
[2007/04/09 06:19:18 | 000,005,120 | ---- | C] () -- C:\WINDOWS\System32\enlocstr.exe
[2006/12/31 00:57:08 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2005/06/16 04:17:16 | 000,071,680 | ---- | C] () -- C:\WINDOWS\System32\ctmmactl.dll
[2003/04/02 07:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2003/04/02 07:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2003/04/02 07:00:00 | 000,621,190 | ---- | C] () -- C:\WINDOWS\System32\perfh007.dat
[2003/04/02 07:00:00 | 000,561,204 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2003/04/02 07:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2003/04/02 07:00:00 | 000,269,480 | ---- | C] () -- C:\WINDOWS\System32\perfi007.dat
[2003/04/02 07:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2003/04/02 07:00:00 | 000,145,228 | ---- | C] () -- C:\WINDOWS\System32\perfc007.dat
[2003/04/02 07:00:00 | 000,112,304 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2003/04/02 07:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2003/04/02 07:00:00 | 000,034,478 | ---- | C] () -- C:\WINDOWS\System32\perfd007.dat
[2003/04/02 07:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2003/04/02 07:00:00 | 000,004,461 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2003/04/02 07:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[1997/05/12 17:00:00 | 001,664,272 | ---- | C] () -- C:\WINDOWS\System32\MSO97V.DLL
[1997/05/12 17:00:00 | 000,022,016 | ---- | C] () -- C:\WINDOWS\System32\DOCOBJ.DLL
[1997/05/12 17:00:00 | 000,016,384 | ---- | C] () -- C:\WINDOWS\System32\MSORFS.DLL
[1997/05/12 17:00:00 | 000,012,288 | ---- | C] () -- C:\WINDOWS\System32\HLINKPRX.DLL
 
========== LOP Check ==========
 
[2013/09/10 23:29:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\TuneUp Software
[2012/12/03 16:49:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Meinke\Anwendungsdaten\Avanquest
[2012/08/21 07:05:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Meinke\Anwendungsdaten\Babylon
[2010/07/01 06:32:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Meinke\Anwendungsdaten\BitZipper
[2009/11/28 12:44:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Meinke\Anwendungsdaten\CD-LabelPrint
[2011/02/21 21:54:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Meinke\Anwendungsdaten\CSS-WarFinder
[2014/02/03 05:29:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Meinke\Anwendungsdaten\DriverCure
[2013/01/12 10:45:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Meinke\Anwendungsdaten\DVDVideoSoft
[2012/08/04 11:39:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Meinke\Anwendungsdaten\DVDVideoSoftIEHelpers
[2013/07/15 05:30:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Meinke\Anwendungsdaten\ElevatedDiagnostics
[2013/03/10 06:56:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Meinke\Anwendungsdaten\EurekaLog
[2013/11/29 04:30:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Meinke\Anwendungsdaten\FileZilla
[2012/07/24 03:39:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Meinke\Anwendungsdaten\FreeFLVConverter
[2013/08/08 07:48:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Meinke\Anwendungsdaten\FreeVideoConverter
[2010/07/12 07:42:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Meinke\Anwendungsdaten\FRITZ!
[2010/04/02 01:56:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Meinke\Anwendungsdaten\Haufe
[2010/02/06 16:42:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Meinke\Anwendungsdaten\inkscape
[2010/10/25 20:52:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Meinke\Anwendungsdaten\InterTrust
[2010/04/02 01:51:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Meinke\Anwendungsdaten\Lexware
[2009/11/25 07:44:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Meinke\Anwendungsdaten\LogoMaker
[2012/12/19 06:14:09 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Meinke\Anwendungsdaten\MAGIX
[2011/10/04 12:18:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Meinke\Anwendungsdaten\MOVAVI
[2011/10/04 12:29:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Meinke\Anwendungsdaten\Movavi Video Editor 6 SE
[2011/04/22 18:30:33 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Meinke\Anwendungsdaten\mresreg
[2009/11/25 08:40:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Meinke\Anwendungsdaten\NetMedia Providers
[2010/04/03 11:49:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Meinke\Anwendungsdaten\Nikon
[2012/03/16 14:17:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Meinke\Anwendungsdaten\Nokia
[2009/12/22 07:48:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Meinke\Anwendungsdaten\Nokia Ovi Suite
[2012/01/30 18:50:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Meinke\Anwendungsdaten\Nokia Suite
[2010/04/07 03:59:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Meinke\Anwendungsdaten\Nseries
[2012/10/15 06:43:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Meinke\Anwendungsdaten\OpenCandy
[2014/02/03 05:29:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Meinke\Anwendungsdaten\ParetoLogic
[2010/11/27 10:41:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Meinke\Anwendungsdaten\PC Suite
[2010/10/25 20:44:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Meinke\Anwendungsdaten\pdfMachine
[2013/01/16 05:45:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Meinke\Anwendungsdaten\PriceGong
[2011/07/03 03:00:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Meinke\Anwendungsdaten\ProtectDisc
[2009/11/25 08:40:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Meinke\Anwendungsdaten\Publish Providers
[2012/12/20 05:06:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Meinke\Anwendungsdaten\SimilarSites
[2011/03/20 07:59:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Meinke\Anwendungsdaten\Smart PDF Converter
[2012/11/12 05:36:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Meinke\Anwendungsdaten\SmartTools
[2012/12/20 05:05:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Meinke\Anwendungsdaten\Softonic
[2009/11/25 08:49:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Meinke\Anwendungsdaten\Sony
[2010/10/05 07:54:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Meinke\Anwendungsdaten\Steinberg
[2011/11/30 21:05:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Meinke\Anwendungsdaten\TomTom
[2013/09/08 14:27:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Meinke\Anwendungsdaten\TuneUp Software
[2011/01/25 09:37:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Meinke\Anwendungsdaten\Ulead Systems
[2011/01/18 02:08:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Meinke\Anwendungsdaten\Weaverslave
[2009/11/25 06:50:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Meinke\Anwendungsdaten\Windows Desktop Search
[2010/01/07 02:42:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Meinke\Anwendungsdaten\Windows Search
[2012/07/24 03:56:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Meinke\Anwendungsdaten\Xilisoft
[2012/02/17 04:41:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Meinke\Anwendungsdaten\XnView
[2013/11/22 00:43:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avanquest
[2012/12/03 16:49:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avanquest Software
[2012/08/21 07:05:12 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Babylon
[2012/09/18 04:55:33 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Bluetooth
[2010/04/02 01:48:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\BTrieve
[2012/12/03 16:49:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\BVRP Software
[2009/11/25 05:34:35 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonBJ
[2013/09/05 08:13:28 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonIJEGV
[2009/11/28 12:44:45 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonIJMyPrinter
[2009/11/28 12:48:00 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CanonIJSolutionMenu
[2012/02/23 06:46:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\cFos
[2011/12/15 09:59:45 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Common Files
[2011/07/03 02:56:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DATA BECKER
[2011/09/10 00:25:09 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DATA BECKER Downloads
[2012/08/31 12:15:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\deletepart
[2013/12/25 03:16:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DriverGenius
[2010/04/03 11:34:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\EnterNHelp
[2012/08/31 12:15:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\explauncher
[2012/08/31 12:18:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\formatpart
[2011/01/17 07:08:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Gallerymanager
[2010/04/02 01:47:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Haufe
[2011/04/22 18:22:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\IM
[2011/04/22 18:21:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\IncrediMail
[2012/02/23 06:44:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Installations
[2012/09/13 17:44:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\InstallBrainService
[2013/08/08 18:53:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\install_clap
[2012/08/31 12:15:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\launcher
[2010/04/02 01:52:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Lexware
[2012/09/18 04:58:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MAGIX
[2012/08/21 05:43:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Native Instruments
[2012/07/18 02:04:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Nokia
[2010/11/27 11:00:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NokiaInstallerCache
[2009/12/22 07:09:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NokiaMusic
[2010/11/27 11:04:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\OviInstallerCache
[2014/02/02 11:14:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ParetoLogic
[2012/08/07 05:49:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PC Drivers HeadQuarters
[2011/02/10 05:03:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PC Suite
[2012/12/20 05:19:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PDVD
[2011/04/22 18:22:23 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Photo Notifier and Animation Creator
[2012/08/31 12:17:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\restore
[2012/12/20 05:06:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SimilarSites
[2009/12/23 10:33:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Tablet
[2012/12/20 05:17:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP
[2011/11/30 21:16:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TomTom
[2013/09/08 14:25:33 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TuneUp Software
[2011/01/25 09:37:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Ulead Systems
[2010/04/03 11:34:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Ultima_T15
[2010/03/26 08:59:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\WinZip
[2012/08/31 12:17:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\wipe
[2012/09/18 04:37:54 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
[2012/09/18 04:37:54 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{32364CEA-7855-4A3C-B674-53D8E9B97936}
[2013/01/23 07:10:14 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
[2012/12/03 16:48:58 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{C78336EC-F2EB-4640-99A4-DFE96581B90B}
[2012/09/18 04:37:54 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
[2013/09/08 14:31:49 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
[2014/02/03 05:29:08 | 000,000,406 | ---- | M] () -- C:\WINDOWS\Tasks\ParetoLogic Registration3.job
 
========== Purity Check ==========
 
 
 
========== Files - Unicode (All) ==========
[2013/10/04 04:26:11 | 099,176,917 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\핳鏈厤6
[2013/10/04 04:26:11 | 099,176,917 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\핳鏈厤6
[2013/10/03 02:42:22 | 098,878,632 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\낖㣪厤6
[2013/10/03 02:42:22 | 098,878,632 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\낖㣪厤6
[2013/10/01 05:26:11 | 098,609,238 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\륄厤6
[2013/10/01 05:26:11 | 098,609,238 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\륄厤6
[2013/09/30 18:40:49 | 098,602,865 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\껔�厤6
[2013/09/30 18:40:49 | 098,602,865 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\껔�厤6
[2013/09/29 07:07:47 | 098,462,899 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\썧闲厤6
[2013/09/29 07:07:47 | 098,462,899 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\썧闲厤6
[2013/09/27 02:02:12 | 098,009,570 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\㠹껏厤6
[2013/09/27 02:02:12 | 098,009,570 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\㠹껏厤6
[2013/09/25 03:55:49 | 097,673,008 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\턟탾厤6
[2013/09/25 03:55:49 | 097,673,008 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\턟탾厤6
[2013/09/22 18:45:46 | 098,597,466 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\筅퀷厤6
[2013/09/22 18:45:46 | 098,597,466 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\筅퀷厤6
[2013/09/19 08:13:17 | 098,378,485 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\颚㻄厤6
[2013/09/19 04:13:24 | 098,378,485 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\颚㻄厤6
[2013/09/18 04:28:20 | 098,123,923 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\䈫⺞厤6
[2013/09/18 04:28:20 | 098,123,923 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\䈫⺞厤6
[2013/09/11 23:55:46 | 097,238,077 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\䬒厤6
[2013/09/11 23:55:46 | 097,238,077 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\䬒厤6
[2013/09/10 23:29:52 | 097,063,418 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\俛瑡厤6
[2013/09/10 23:29:52 | 097,063,418 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\俛瑡厤6
[2013/09/09 00:43:58 | 096,592,724 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\氐厤6
[2013/09/09 00:43:58 | 096,592,724 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\氐厤6
[2013/09/08 13:57:26 | 096,566,691 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\곗厤6
[2013/09/08 13:57:26 | 096,566,691 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\곗厤6
[2013/09/05 14:31:34 | 096,185,213 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\㸄፼厤6
[2013/09/05 14:31:34 | 096,185,213 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\㸄፼厤6
[2013/09/05 12:31:41 | 096,185,213 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\鯈옽厤6
[2013/09/05 08:31:32 | 096,185,213 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\鯈옽厤6
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 186 bytes -> C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:C3AE45C9
< End of report >
         
--- --- ---


Geändert von dongle (08.02.2014 um 15:01 Uhr)

Alt 08.02.2014, 15:02   #6
dongle
 
W32.Blaster - Standard

W32.Blaster



Und die Extras,txt
OTL EXTRAS Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 2/8/2014 2:46:18 PM - Run 
OTLPE by OldTimer - Version 3.1.48.0     Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 89.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 98.00% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 97.65 Gb Total Space | 18.03 Gb Free Space | 18.47% Space Free | Partition Type: NTFS
Drive D: | 172.79 Gb Total Space | 69.09 Gb Free Space | 39.99% Space Free | Partition Type: NTFS
Drive E: | 195.31 Gb Total Space | 98.98 Gb Free Space | 50.68% Space Free | Partition Type: NTFS
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet004
 
========== Extra Registry (All) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- C:\WINDOWS\hh.exe (Microsoft Corporation)
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\WINDOWS\System32\winhlp32.exe (Microsoft Corporation)
.hta [@ = htafile] -- C:\WINDOWS\System32\mshta.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Programme\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.inf [@ = inffile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.ini [@ = inifile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\WINDOWS\System32\rundll32.exe (Microsoft Corporation)
.js [@ = JSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.reg [@ = regfile] -- C:\WINDOWS\regedit.exe (Microsoft Corporation)
.txt [@ = txtfile] -- C:\WINDOWS\System32\NOTEPAD.EXE (Microsoft Corporation)
.vbe [@ = VBEFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.vbs [@ = VBSFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
.wsh [@ = WSHFile] -- C:\WINDOWS\System32\WScript.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
batfile [open] -- "%1" %*
batfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
chm.file [open] -- "C:\WINDOWS\hh.exe" %1 (Microsoft Corporation)
cmdfile [edit] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %*
cmdfile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- winhlp32.exe %1 (Microsoft Corporation)
hlpfile [open] -- %SystemRoot%\System32\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- C:\WINDOWS\system32\mshta.exe "%1" %* (Microsoft Corporation)
htmlfile [edit] -- "C:\Programme\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Programme\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Programme\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Programme\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
http [open] -- "C:\Programme\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Programme\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
inffile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inffile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
inifile [open] -- %SystemRoot%\System32\NOTEPAD.EXE %1 (Microsoft Corporation)
inifile [print] -- %SystemRoot%\System32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
jsefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
jsefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
jsefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [edit] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
regfile [open] -- "regedit.exe" "%1" (Microsoft Corporation)
regfile [merge] -- Reg Error: Key error.
regfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- %SystemRoot%\system32\NOTEPAD.EXE %1 (Microsoft Corporation)
txtfile [print] -- %SystemRoot%\system32\NOTEPAD.EXE /p %1 (Microsoft Corporation)
txtfile [printto] -- %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" (Microsoft Corporation)
vbefile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
vbefile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbefile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
vbsfile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
vbsfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
vbsfile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
wsffile [edit] -- %SystemRoot%\System32\Notepad.exe %1 (Microsoft Corporation)
wsffile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
wsffile [print] -- %SystemRoot%\System32\Notepad.exe /p %1 (Microsoft Corporation)
wshfile [open] -- %SystemRoot%\System32\WScript.exe "%1" %* (Microsoft Corporation)
Unknown [openas] -- C:\Programme\ParetoLogic\PCHA\noapp.exe %1 (ParetoLogic)
Directory [!ezcddaxa] -- C:\Programme\Easy CD-DA Extractor 8\convert.exe "%1" ()
Directory [!ezcddaxb] -- C:\Programme\Easy CD-DA Extractor 8\burn.exe "%1@ ()
Directory [AddToPlaylistVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Betrachten mit XnView] -- "C:\Programme\XnView\xnview.exe" "%1" (XnView, hxxp://www.xnview.com)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Programme\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Programme\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 1
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 1
"AntiVirusOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\Sr]
"Start" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\SrService]
"Start" = 2
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Programme\CyberLink\PowerDVD12\PowerDVD12.exe" = C:\Programme\CyberLink\PowerDVD12\PowerDVD12.exe:*:Enabled:CyberLink PowerDVD12 -- (CyberLink Corp.)
"C:\Programme\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe" = C:\Programme\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe:*:Enabled:CyberLink PowerDVD 12 DMREngine -- (CyberLink)
"C:\Programme\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe" = C:\Programme\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe:*:Enabled:CyberLink PowerDVD 12 Media Server Service -- (CyberLink)
"C:\Programme\CyberLink\PowerDVD12\PowerDVD12Agent.exe" = C:\Programme\CyberLink\PowerDVD12\PowerDVD12Agent.exe:*:Enabled:CyberLink PowerDVD12 Agent -- (CyberLink Corp.)
"C:\Programme\CyberLink\PowerDVD12\PowerDVD12ML.exe" = C:\Programme\CyberLink\PowerDVD12\PowerDVD12ML.exe:*:Enabled:CyberLink PowerDVD12 Moovie Live -- (CyberLink Corp.)
 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Programme\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Programme\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Programme\Microsoft Office\Office12\GROOVE.EXE" = C:\Programme\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove -- (Microsoft Corporation)
"C:\Programme\Microsoft Office\Office12\ONENOTE.EXE" = C:\Programme\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote -- (Microsoft Corporation)
"C:\Programme\Nokia\Nokia Home Media Server\Media Server\twonkymedia.exe" = C:\Programme\Nokia\Nokia Home Media Server\Media Server\twonkymedia.exe:*:Enabled:TwonkyMedia -- (PacketVideo)
"C:\Programme\Nokia\Nokia Home Media Server\Media Server\twonkymediaserver.exe" = C:\Programme\Nokia\Nokia Home Media Server\Media Server\twonkymediaserver.exe:*:Enabled:TwonkyMediaServer -- ()
"E:\fsetup.exe" = E:\fsetup.exe:*:Enabled:AVM FSetup Application
"C:\Programme\IVT Corporation\BlueSoleil\BlueSoleil_.exe" = C:\Programme\IVT Corporation\BlueSoleil\BlueSoleil_.exe:*:Enabled:BlueSoleil -- (IVT Corporation.)
"C:\Programme\ESTsoft\ALFTP\ALFTP.exe" = C:\Programme\ESTsoft\ALFTP\ALFTP.exe:*:Enabled:ALFTP -- (ESTsoft Corp.)
"C:\Dokumente und Einstellungen\Meinke\Lokale Einstellungen\Anwendungsdaten\Akamai\netsession_win.exe" = C:\Dokumente und Einstellungen\Meinke\Lokale Einstellungen\Anwendungsdaten\Akamai\netsession_win.exe:*:Enabled:Akamai NetSession Interface -- (Akamai Technologies, Inc)
"C:\WINDOWS\system32\msiexec.exe" = C:\WINDOWS\system32\msiexec.exe:*:Enabled:UpdateManagerSetup -- (Microsoft Corporation)
"C:\Programme\CyberLink\PowerDVD12\PowerDVD12.exe" = C:\Programme\CyberLink\PowerDVD12\PowerDVD12.exe:*:Enabled:CyberLink PowerDVD12 -- (CyberLink Corp.)
"C:\Programme\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe" = C:\Programme\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe:*:Enabled:CyberLink PowerDVD 12 DMREngine -- (CyberLink)
"C:\Programme\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe" = C:\Programme\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe:*:Enabled:CyberLink PowerDVD 12 Media Server Service -- (CyberLink)
"C:\Programme\CyberLink\PowerDVD12\PowerDVD12Agent.exe" = C:\Programme\CyberLink\PowerDVD12\PowerDVD12Agent.exe:*:Enabled:CyberLink PowerDVD12 Agent -- (CyberLink Corp.)
"C:\Programme\CyberLink\PowerDVD12\PowerDVD12ML.exe" = C:\Programme\CyberLink\PowerDVD12\PowerDVD12ML.exe:*:Enabled:CyberLink PowerDVD12 Moovie Live -- (CyberLink Corp.)
"C:\Programme\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe" = C:\Programme\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe:*:Enabled:Nero Blu-ray Player -- (Nero AG)
"C:\Programme\Nero\KM\KwikMedia.exe" = C:\Programme\Nero\KM\KwikMedia.exe:*:Enabled:Nero Kwik Media -- (Nero AG)
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{01E9B2FF-DAF4-4529-9CC9-2101625517C7}" = nero.prerequisites.msi
"{025C3792-E9C6-432A-92C1-661F99D021CA}" = Ulead Photo Explorer 8.6
"{0320AB41-0926-4218-A8A6-68AC84E6BB93}" = Nero Recode 11
"{034DCAF9-96E7-4936-9A07-712F80B5181E}" = Nero RescueAgent 11
"{052A1E34-A54B-458C-A4E3-24C3E054754A}" = Nero Kwik Media
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{05C6B128-1B40-4495-9CB9-090B368BFA0A}" = Nero Video Samples
"{06B06D3B-C133-B15E-AF47-F7FE7F48DE49}" = CCC Help Turkish
"{0713D1F9-DD77-42C1-8C7D-54D479E2E743}" = Nero SoundTrax 11
"{0A5ECD3B-191A-67C7-A04D-D4900C9501E5}" = Catalyst Control Center Graphics Previews Common
"{0A88ADDA-E297-4AB8-9540-016230895F62}" = MSN Toolbar
"{0B8565BA-BAD5-4732-B122-5FD78EFC50A9}" = Native Instruments Service Center
"{0D7A4289-99CF-4B8D-B812-86BE50A54552}" = Nero Video 11
"{0EABFEF6-6D10-4C12-8667-3029C481D355}" = Nokia Photos
"{11083C7A-D0D6-4DA4-8C3A-74B8389EC07B}" = ATI Catalyst Registration
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4600_series" = Canon iP4600 series Printer Driver
"{12640463-09D4-467A-B4C3-3F8B13A01D22}" = Druckstudio Geldgeschenke
"{150D88F1-40AF-4678-A39D-BCE2332F34E5}" = Nero Abstract Themes
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1B6F5E51-575E-4693-BCA2-7543570D076D}" = Nero Kwik Themes Basic
"{1E71806D-587E-3DF8-0BA0-6010E3B4F071}" = CCC Help Swedish
"{1F16820E-D0E7-4636-939E-45CBFEFB06E1}" = Nero Kwik Media Help (CHM)
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{22856BC3-F893-4CBF-95F2-E1F63CD2B1AB}" = Nero Video Transitions 1
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{237CD223-1B9D-47E8-A76C-E478B83CCEA2}" = File Uploader
"{2432E589-6256-4513-B0BF-EFA8E325D5F0}" = Nero SharedVideoCodecs
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 45
"{26CC62F3-F66B-4F41-9679-421FCE3F03ED}" = ccc-core-static
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{29258311-EA49-11DE-967C-005056C00008}" = Paragon Festplatten Manager™ 12 Suite Demo
"{29E2C1C6-D76A-41D3-980F-6E346AA9A6A8}" = Nero Cliparts
"{29F67D84-3A70-456E-806A-52301B02070B}" = Nero Effects Basic
"{2DCD52EE-1AE1-4128-9819-A79F7D09B6B3}" = MAGIX Foto Designer 7
"{3113E537-41F6-8C1B-109A-38C76DE69271}" = Catalyst Control Center Localization All
"{34EB6245-C8D0-4D8A-B8D8-EEBFF7A91485}" = Firebird SQL Server - MAGIX Edition
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{37E5CADC-C146-F72B-EEFE-ABB1C5DC7D98}" = CCC Help Spanish
"{390757AA-8830-43DC-AEE0-4E5B6F8439EB}" = Nero SoundTrax 11 Help (CHM)
"{3B10321A-80CC-4B55-B9A1-A1D69F74A052}" = DruckStudio Karten
"{3B69A712-4CBC-40B1-AE55-0203075FD093}" = Nokia Suite
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3CBF3EBB-235D-4c29-A68B-2BB1F428586E}" = ParetoLogic PC Health Advisor
"{3CEA4CA8-CDD4-451C-B673-E8F17BE01B15}" = Ulead COOL 360 1.0
"{3EC4020D-3D75-ABCD-9BF1-E4D911D4CDED}" = Catalyst Control Center Graphics Full New
"{3F7A9E82-5A85-4119-A8A5-7D840A0F76DC}" = Photo Notifier and Animation Creator
"{45D4F727-43B5-49CD-B474-B9866A8F4FB8}" = Nokia Map Loader
"{4781569D-5404-1F26-4B2B-6DF444441031}" = Nero 7 Premium
"{4918D7C5-9025-B706-DEF2-5E29AB5EAFEA}" = Catalyst Control Center Graphics Light
"{49FC50FC-F965-40D9-89B4-CBFF80941031}" = Windows Movie Maker 2.0
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}" = Google Earth Plug-in
"{4C007A32-9570-725E-4C9A-70BB36785835}" = CCC Help Norwegian
"{4D25D881-7183-462F-95C8-990CA1944E0B}" = Nero PiP Effects 1
"{4D5CB2B2-DD58-D8B0-FC08-58A2DC897C23}" = CCC Help English
"{4E457212-AD7F-1747-9D9F-76BA98D44CC2}" = CCC Help Portuguese
"{504D84ED-AE75-4F85-A68B-BB3D4CB3E169}" = Nero Holiday and Sports Themes
"{50D25574-2C48-4AEC-8FFC-32AEAD2EAEFF}" = Nokia Ovi Player
"{516CB854-B95B-42AB-7887-9CFC24784A42}" = CCC Help Czech
"{51865D9D-8F63-46F2-87AB-9E72F93B618C}" = Welcome App (Start-up experience)
"{53408AC4-2698-A35E-B41C-571BD549E212}" = Catalyst Control Center Core Implementation
"{53F3256D-DB6A-0E06-7874-A60D87B6AE5C}" = CCC Help Chinese Traditional
"{53F7746A-96AA-49A5-86B8-59989680DAC5}" = Nero Burning ROM 11 Help (CHM)
"{54181758-4650-4C30-BE0B-CD687D25B080}" = DruckStudio Visitenkarten
"{55408879-D7FF-01C2-DAC4-4146E1439304}" = CCC Help Polish
"{55C2143E-FBA5-442F-9AFA-726FF068F39D}" = Nero CoverDesigner 11 Help (CHM)
"{56FDB311-6511-11DE-832F-0050560400B1}" = Haufe iDesk-Browser
"{57F80ECF-E27C-4EEE-AB58-E971BACE2639}" = Nero Recode 11 Help (CHM)
"{58B2C07A-CD58-CC42-2DF3-8F433EEF339B}" = CCC Help Finnish
"{59CB3794-BA8C-4DF5-8C3A-C3E3B184C35B}" = Etikettendruckerei 5
"{5B4FA5EA-8C08-4B6D-AAF4-003A1AB8FFBA}" = CCC Help Russian
"{5D4C60AA-84E6-4E1A-8A68-69970D387BE1}" = TuneUp Utilities Language Pack (de-DE)
"{5DA6F06A-B389-407B-BF8C-1548767914D8}" = ATI Problem Report Wizard
"{64CFBF47-0149-4E4C-A348-3701FE7597F1}" = Sony ACID Music Studio 7.0
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{6AB2427E-A18F-4809-9A12-29F5EBABBB3A}" = Nero BackItUp 11 Help (CHM)
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{70B31335-50EE-4834-8431-27412CDE62BD}" = Nokia_Multimedia_Common_Components_2_5
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7390478C-8581-415E-92E9-2997D9306B81}" = PC Connectivity Solution
"{7644618A-76C0-41B0-ABA2-34E3A548D96A}" = DruckStudio Urkunden
"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77555CD4-FBF8-415E-B5D0-39CB79497E0A}" = MAGIX Speed burnR (MSI)
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{784B383D-1498-77AA-6085-A9EF197193D0}" = CCC Help Italian
"{78A1F747-520C-E068-ED99-08E7C4F75E2A}" = ccc-core-preinstall
"{79AE776D-FA42-4040-B5F3-F317500D0FCD}" = ATI AVIVO Codecs
"{79B3E8EE-35F2-4CCD-82D9-4A57F408E449}" = Nero 11 Platinum
"{7AA8BEEE-1A70-44D4-B57E-FFECC31500B6}" = Web Easy Professional
"{7ACDDDDC-3304-404A-A7F8-9F63E9201C3B}" = DruckStudio Poster Drucker
"{7ADF2649-60B6-443C-9D7A-5BE5657A2A77}" = 999 dumme Sprüche
"{7BD7A4BF-EA64-4BFE-A9D3-3FDC9B6EFC23}" = Nero Football (Soccer) Themes
"{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
"{7EE873AF-46BB-4B5D-BA6F-CFE4B0566E22}" = TuneUp Utilities Language Pack (de-DE)
"{8014FACB-1D1D-48C2-94AA-E29EE2E6B9CE}" = Nero WaveEditor 11
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83AA2913-C123-4146-85BD-AD8F93971D39}" = BabylonObjectInstaller
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{87441A59-5E64-4096-A170-14EFE67200C3}" = Picture Control Utility
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0010-0407-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders  (German) 12
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{910FC2D0-4BBF-08B1-DED9-96615AC9C33A}" = ccc-utility
"{94E827D5-5861-4B97-B8F8-CDB59777493D}" = Architekt Pro
"{955BF340-C379-4375-AA2F-F3BCB2A498AB}" = Nero Family and Events Themes
"{96AFFF85-9DBE-BE4A-326E-6F12535D2AA8}" = CCC Help Chinese Standard
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9F368FA7-2B3C-8207-A31F-0BEF463F4B6E}" = AMD Catalyst Install Manager
"{A2FE691E-3F8E-4E30-AA7D-FF17AC77EA87}" = Nero Blu-ray Player
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A57025CC-5F2E-4D01-B387-06DB10500D43}" = Nokia Connectivity Cable Driver
"{A7A0BF2E-31CC-49E3-9913-52C503EB969D}" = Nero Audio Pack 1
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A93944F2-D2D4-4750-BFE7-9A288FEAF2CF}" = Apple Application Support
"{A9AD487E-9E66-4214-A0B4-93981A12A2FE}" = MAGIX Foto Manager 10
"{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}" = RealNetworks - Microsoft Visual C++ 2010 Runtime
"{AB2BBC64-8AC8-4E66-BBF3-E22D5EACEECA}" = Nero BackItUp 11
"{ABC88553-8770-4B97-B43E-5A90647A5B63}" = Nero ControlCenter
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.05) - Deutsch
"{ACE49D50-19CD-44A6-B192-46F985283B26}" = Nero PiP Effects Basic
"{ADD461BD-0409-186A-8056-C1F51B782EDA}" = CCC Help Greek
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{AF7EBCA4-9FAF-4DC8-8D09-67854BB84D34}" = RealDownloader
"{B1846721-A8E6-46C7-83B6-0DCF7ADB4267}" = Nero Burning ROM 11
"{B3471105-8237-6DC4-C8EF-DD4E71344398}" = CCC Help Dutch
"{B46BEA36-0B71-4A4E-AE41-87241643FA0A}" = CyberLink PowerDVD 12
"{B9F8DBD5-EFAF-F5FB-B862-33D4FFC6354C}" = Catalyst Control Center HydraVision Full
"{BCF93617-DD69-74B7-FBDC-0B0AEFAE7D43}" = CCC Help Thai
"{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}" = Nero Core Components
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C2C284D2-6BD7-3B34-B0C5-B2CAED168DF7}" = Microsoft .NET Framework 3.0 Service Pack 2 Language Pack - DEU
"{C3006EEA-E54F-4CF4-A966-F7BB9FBD7EB8}_is1" = CSS-WarFinder
"{C314CE45-3392-3B73-B4E1-139CD41CA933}" = Microsoft .NET Framework 2.0 Service Pack 2 Language Pack - DEU
"{C3F26EAD-0B20-445F-9D64-CD470928EB2B}" = Movavi Video Editor 6 SE
"{C4C6DF25-0E59-46EE-B24B-DF8749D8FF3A}" = Nero Image Samples
"{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser
"{C73DEA9D-EC4A-445F-86E3-A70F512A07A2}" = PrintProfi CD-Label
"{C8550C86-A712-4219-AD4C-038C9FD1D149}" = Ulead PhotoImpact 11
"{C8616041-2802-4DE2-B3BD-6285AAD65C2A}" = Nikon RAW Codec
"{C994C746-C6D0-4EBA-B09E-DF7B18381B69}" = Nero ControlCenter Help (CHM)
"{CE026CFE-73FE-4FED-9D5F-2C8D4DB512B0}" = TuneUp Utilities Language Pack (de-DE)
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE675FBD-75C3-45F1-B6AF-8D250861D536}" = Nero Disc Menus 3
"{CFCF9764-6D75-2EAD-D274-45278E48167C}" = CCC Help Japanese
"{D01CE99A-8802-483C-A79F-298B691EB432}" = Nero RescueAgent 11 Help (CHM)
"{D2CBEFA4-F2D3-4E97-A171-8BFD6A31A5EC}" = Nero Express 11 Help (CHM)
"{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}" = Nikon Message Center
"{D353C323-5E95-4873-9825-9FEC1C8A3794}" = Nokia Download!
"{D3D79A61-3E3A-7D3D-F094-2614CE007D9F}" = CCC Help Korean
"{D3E434C7-8542-5C5C-FE02-1090E7A1C04A}" = Catalyst Control Center Graphics Full Existing
"{D9D93D74-107D-4BD3-87D0-AABCF7C98BD5}" = Catalyst Control Center - Branding
"{DAC63ECB-4571-435F-9B19-51F54BC88109}" = Nokia Home Media Server
"{E082E042-E7B9-45C6-9E2A-8D52DC0925E8}" = DruckStudio CD-Label
"{E10AAE4A-98B8-420A-BD93-E0520C23D624}" = Nero Express 11
"{E17BCB76-9924-4BD5-B6D6-50D3407B4E74}" = Nero Disc Menus Basic
"{E30DFCDA-9CB6-B062-A0DB-B48D295D6545}" = CCC Help Hungarian
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9-Reihe
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{E77FF215-69B6-475A-82D7-27E3FDF7D252}" = MAGIX Video Pro X3 Download-Version
"{EA14702F-74A1-7A7B-032C-98DEA06F01BE}" = CCC Help German
"{EA594E28-547D-4FB5-AED8-3628EFB1474D}" = TuneUp Utilities 2014 (de-DE)
"{EB5AE940-8E5D-11DE-992A-005056B12123}" = Haufe iDesk-Service
"{EB8DED20-A887-4A9C-BB5A-F3E7523DFB44}" = Nero WaveEditor 11 Help (CHM)
"{EEBF1676-AF87-4266-93D8-0C14A34C4217}" = Nero Disc Menus 1
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}" = Update Manager
"{F4423F03-A62C-57C2-BF6E-6AC06D27E094}" = CCC Help French
"{F4811919-F252-4B25-9AB2-8859A85810B5}" = TuneUp Utilities Language Pack (de-DE)
"{F8EF9B71-53E7-41F5-8E54-47B4C979CB38}" = Nero Backup Drivers
"{F9D0A12A-1641-A4DB-4649-F7AB1F3A0F59}" = CCC Help Danish
"{FAC3C37E-EDAB-4F3A-A173-A7C70CC88F09}" = Nero Video 11 Help (CHM)
"{FCCDE84B-0154-459E-A8F2-C6B3FA5C1881}" = HydraVision
"{FE81E6B5-652B-40E7-B3B2-7171C6F297DA}" = Nero Disc Menus 2
"{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}" = TuneUp Utilities 2014
"{FF44BCE5-5A18-4051-85F0-BC172D7B4695}" = Nero CoverDesigner 11
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382" = Windows-Treiberpaket - Nokia pccsmcfd “LegacyDriver”  (05/31/2012 7.1.2.0)
"42 Bit Scanner" = 42 Bit Scanner
"Adobe Acrobat 5.0" = Adobe Acrobat 5.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe SVG Viewer" = Adobe SVG Viewer 3.0
"Akamai" = Akamai NetSession Interface Service
"ALFTP_is1" = ALFTP
"ALSee_is1" = ALSee
"ALZip_is1" = ALZip
"ASAPI Update" = ASAPI Update
"ASIO4ALL" = ASIO4ALL
"ATI Display Driver" = ATI Display Driver
"Avira AntiVir Desktop" = Avira Internet Security
"BitZipper_is1" = BitZipper 2010
"Canon iP4600 series Benutzerregistrierung" = Canon iP4600 series Benutzerregistrierung
"CanonMyPrinter" = Canon Utilities My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"Clean 4.0" = Clean 4.0
"conduitEngine" = Conduit Engine 
"DATA BECKER - CD-Druckerei" = DATA BECKER - CD-Druckerei
"DATA BECKER Premium Cliparts DVD" = DATA BECKER Premium Cliparts DVD
"DealPly" = DealPly
"Driver Genius Professional Edition_is1" = Driver Genius Professional Edition
"DVDVideoSoftTB Toolbar" = DVDVideoSoftTB Toolbar
"DVDVideoSoftTB_DE Toolbar" = DVDVideoSoftTB DE Toolbar
"Easy CD-DA Extractor 8.2.2" = Easy CD-DA Extractor 8.2.2
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FileZilla Client" = FileZilla Client 3.7.3
"FL Studio 8" = FL Studio 8
"FormatFactory" = FormatFactory 2.60
"Free Studio_is1" = Free Studio version 5.6.3.706
"Free Video Converter_is1" = Free Video Converter V 3.2
"Free Video to MP3 Converter_is1" = Free Video to MP3 Converter version 5.0.18.1005
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.34.1015
"Gallerymanager" = Gallerymanager 2.0
"Google Chrome" = Google Chrome
"ie8" = Windows Internet Explorer 8
"IL Download Manager" = IL Download Manager
"Inkscape" = Inkscape 0.47
"InstallShield_{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
"InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}" = CyberLink PowerDVD 12
"IrfanView" = IrfanView (remove only)
"LogoMaker_is1" = LogoMaker 3.0
"MAGIX PC Visit D" = MAGIX PC Visit
"MAGIX_MSI_Foto_Manager_10" = MAGIX Foto Manager 10
"MAGIX_MSI_FotoDesigner7_silver" = MAGIX Foto Designer 7
"MAGIX_MSI_Videodeluxe17_pro" = MAGIX Video Pro X3 Download-Version
"MediaNavigation.CDLabelPrint" = CD-LabelPrint
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MyKeyFinder_is1" = MyKeyFinder
"Native Instruments Traktor DJ Studio 2.5.2" = Native Instruments Traktor DJ Studio 2.5.2
"News Publisher_is1" = News Publisher
"Nokia Suite" = Nokia Suite
"NVIDIA Drivers" = NVIDIA Drivers
"PCDJdex_is1" = PCDJ DEX 2 2.2.4.0
"Photo Notifier and Animation Creator" = Photo Notifier and Animation Creator
"PHPNukeDE Toolbar" = PHPNukeDE Toolbar
"PrimaScan 2400U" = PrimaScan 2400U
"Print Artist" = Sierra Print Artist
"Prodikeys" = Creative Prodikeys DM
"ProtectDisc Driver 10" = ProtectDisc Helper Driver 10
"ProtectDisc Driver 11" = ProtectDisc Driver, Version 11
"RealPlayer 16.0" = RealPlayer
"Rmtablet" = Pen Pad Driver with Macro Key Manager
"Samplitude Music Studio 2008 D" = Samplitude Music Studio 2008 14.0.0.0 (D)
"Sierra-Hilfsprogramme" = Sierra-Hilfsprogramme
"SimilarSites" = SimilarSites
"SmartToolsDateiListerv2.51" = SmartTools Publishing • Access DateiLister
"SmartToolsJahreskalenderv4.01" = SmartTools Publishing • Excel Jahreskalender
"Softonic" = Softonic toolbar  on IE
"Sound Blaster Audigy" = Sound Blaster Audigy
"Steinberg WaveLab 5.01b" = Steinberg WaveLab 5.01b
"Syncrosoft's License Control" = Syncrosofts Lizenz Kontrolle
"TuneUp Utilities" = TuneUp Utilities 2014
"TuneUp Utilities 2014" = TuneUp Utilities 2014
"TwonkyvisionUPnPTwonkyMedia" = TwonkyMedia
"Viewer97" = Microsoft Word Viewer 97
"VLC media player" = VLC media player 1.1.7
"Wdf01007" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"Web-Formular-Designer_is1" = DATA BECKER Web-Formular-Designer
"Windows Media Encoder 9" = Windows Media Encoder 9-Reihe
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"XnView_is1" = XnView 1.97.8
"XPSEPSCLP" = XML Paper Specification Shared Components Language Pack 1.0
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Protect Disc License Helper" = Protect Disc License Helper 1.0.125 (IE)
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\Meinke_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
"Move Media Player" = Move Media Player
"Protect Disc License Helper" = Protect Disc License Helper 1.0.125 (IE)
 
< End of report >
         
--- --- ---

Alt 09.02.2014, 09:18   #7
schrauber
/// the machine
/// TB-Ausbilder
 

W32.Blaster - Standard

W32.Blaster



Nix auffälliges. Windows CD zur Hand?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 09.02.2014, 09:56   #8
dongle
 
W32.Blaster - Standard

W32.Blaster



Habe ich hier.

Alt 10.02.2014, 08:11   #9
schrauber
/// the machine
/// TB-Ausbilder
 

W32.Blaster - Standard

W32.Blaster



Reparaturinstallation Windows XP - grafische Anleitung ...

Mach bitte mal ne Reparaturinstallation.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 12.02.2014, 11:04   #10
dongle
 
W32.Blaster - Standard

W32.Blaster



Hallo,
ersteinmal Danke für deine Bemühungen !
Leider komme ich trotz original Windows XP CD nicht zur beschriebenen Reparaturkonsole. Gibt es vielleicht noch eine weitere Möglichkeit ?
Hilft eventuell wenn ich mir von jemanden anderen eine CD leihe oder muss es explizit die selbe CD sein mit der das System installiert wurde ?

Alt 12.02.2014, 22:08   #11
dongle
 
W32.Blaster - Frage

W32.Blaster



ch konnte nun die R-Konrole starten. Nun ist ein neues Problem aufgetaucht. Windows bleibt am Ladebalken hängen. Gleiches passiert bei sämtlich anderen Optionen, abgesicherter Modus etc..
Habe auch noch chkdsk /p/r durchlaufen lassen. Dort wurde zwar etwas angezeigt und beseitigt aber auch das brachte windows nicht zum starten.
Die Windows CD die ich nutzte hatte SP 2, installiert war SP 3. Liegt dort vielleicht das jetzige Problem ?

Alt 13.02.2014, 21:47   #12
schrauber
/// the machine
/// TB-Ausbilder
 

W32.Blaster - Standard

W32.Blaster



Ja, es muss schon die gleiche sein.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu W32.Blaster
anderen, eingabe, entfernen, fehlermeldung, friert, hinweis, hängen, infiziert, maus, modus, neuer, nichts, platte, problem, rechner, scan, scannen, sekunden, stinger, system, tan, taskleiste, taskmanager, windows, windows xp



Ähnliche Themen: W32.Blaster


  1. Coupon Blaster entfernen
    Anleitungen, FAQs & Links - 14.05.2014 (2)
  2. entfernen W32 blaster worm
    Log-Analyse und Auswertung - 16.09.2013 (36)
  3. w32/blaster.worm
    Plagegeister aller Art und deren Bekämpfung - 22.06.2013 (35)
  4. W32.Blaster.Worm
    Plagegeister aller Art und deren Bekämpfung - 30.04.2013 (3)
  5. W32/blaster.worm ?
    Plagegeister aller Art und deren Bekämpfung - 01.05.2012 (2)
  6. Wurm W32/blaster.worm
    Plagegeister aller Art und deren Bekämpfung - 14.07.2011 (5)
  7. Aktiven Blaster, Smitfraud C & Co.
    Log-Analyse und Auswertung - 15.10.2005 (5)
  8. Blaster?
    Log-Analyse und Auswertung - 07.05.2005 (11)
  9. blaster
    Plagegeister aller Art und deren Bekämpfung - 30.10.2004 (13)
  10. blaster nervt
    Plagegeister aller Art und deren Bekämpfung - 03.05.2004 (29)
  11. w32 blaster.k.worm - bei Norton
    Plagegeister aller Art und deren Bekämpfung - 19.02.2004 (3)
  12. Blaster???
    Plagegeister aller Art und deren Bekämpfung - 06.02.2004 (11)
  13. neuer blaster???
    Plagegeister aller Art und deren Bekämpfung - 30.01.2004 (62)
  14. Neue Blaster Variante?
    Plagegeister aller Art und deren Bekämpfung - 02.09.2003 (4)
  15. Fragen zu Blaster
    Plagegeister aller Art und deren Bekämpfung - 15.08.2003 (16)
  16. W32.Blaster und WIN98
    Plagegeister aller Art und deren Bekämpfung - 13.08.2003 (5)
  17. W.32 blaster worm
    Plagegeister aller Art und deren Bekämpfung - 12.08.2003 (9)

Zum Thema W32.Blaster - Hallo, jetzt hat es auch mich erwischt. Einer meiner Windows XP Rechner ist infiziert und fährt mit der Fehlermeldung NT-Autorität System nach 60 Sekunden wieder runter. Ich habe schon einiges - W32.Blaster...
Archiv
Du betrachtest: W32.Blaster auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.