Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Kann einen Eintrag nicht fixen!

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 07.12.2010, 13:52   #1
Uweles
 
Kann einen Eintrag nicht fixen! - Standard

Kann einen Eintrag nicht fixen!



Hallo Ihr Guten!

Habe ein Logfile erstellt und gemerkt das ich folgenden Eintrag darin habe:

O1 - Hosts: # Copyright (c) 1993-2009 Microsoft Corp.

Den kann ich aber nicht fixen. Es wäre wirklich Klasse wenn mir einer weiterhelfen könnte!
Hier zur Sicherheit der ganze Log. Wie gesagt eigentlich müßte er soweit OK sein.

Danke für jeden der sich die Mühe macht zu helfen. Weiter so!


HiJackthis Logfile:
Code:
ATTFilter
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:35:18, on 07.12.2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v9.00 (9.00.7930.16406)
Boot mode: Normal
 
Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
e:\Program Files\Sandboxie\SbieSvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\taskhost.exe
e:\Program Files\Ashampoo\Ashampoo Magical Defrag\bin\aDefragService.exe
C:\Windows\system32\Dwm.exe
E:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE 10\avp.exe
C:\Windows\Explorer.EXE
E:\Program Files\OO Software\CleverCache\ooccctrl.exe
E:\Program Files\Process Lasso\ProcessLasso.exe
E:\Program Files\Process Lasso\ProcessGovernor.exe
E:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE 10\avp.exe
E:\Program Files\Visagesoft\eXPert PDF\vspdfprsrv.exe
E:\Program Files\Unlocker\UnlockerAssistant.exe
E:\Program Files\ThreatFire\TFTray.exe
E:\Program Files\Steganos Privacy Suite 11\SteganosHotKeyService.exe
E:\Program Files\Steganos Privacy Suite 11\fredirstarter.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
E:\Program Files\Ashampoo\Ashampoo Snap 3\ashsnap.exe
E:\Program Files\LOADSTREET\Perfect Tools für Vista\RAMTuner.exe
E:\Program Files\Steganos Privacy Suite 11\SteganosBrowserMonitor.exe
E:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
E:\Program Files\Ashampoo\Ashampoo Magical Defrag\bin\aDefragCtrl.exe
E:\Program Files\Translate Client\translateclient.exe
E:\Program Files\Browser-Anonymisierer\BrowserMaulkorb.exe
E:\Program Files\MOette\ExtClipbrd\ExtClip.exe
C:\Windows\system32\svchost.exe
e:\Program Files\Hotspot Shield\bin\openvpnas.exe
e:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
e:\Program Files\Hotspot Shield\bin\hsswd.exe
E:\Program Files\OO Software\CleverCache\ooccag.exe
C:\Users\Uwe Plesotzky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PNotes.exe
e:\Program Files\ThreatFire\TFService.exe
E:\Program Files\VMLite\VMLite Workstation\VMLiteService.exe
e:\Program Files\LOADSTREET\WinSpeedUp 3\CleanRAMService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
E:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\svchost.exe
e:\Program Files\Hotspot Shield\bin\HssTrayService.exe
C:\Windows\system32\conhost.exe
C:\Windows\System32\svchost.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe
C:\Program Files\Opera 11.00 beta\opera.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskhost.exe
E:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\Windows\System32\svchost.exe
C:\Users\Name\Desktop\HiJackThis204.exe
C:\Windows\system32\wbem\wmiprvse.exe
 
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O1 - Hosts: # Copyright (c) 1993-2009 Microsoft Corp.
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - e:\Program Files\Orbitdownloader\orbitcth.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - E:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE 10\ievkbd.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O2 - BHO: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - E:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE 10\klwtbbho.dll
O2 - BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - e:\Program Files\Hotspot Shield\HssIE\HssIE.dll
O3 - Toolbar: Copernic Agent - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - E:\Program Files\Copernic Agent\CopernicAgentExt.dll
O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - e:\Program Files\Orbitdownloader\GrabPro.dll
O3 - Toolbar: @C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll
O3 - Toolbar: Steganos Password Manager Toolbar - {9C65D12D-CF9D-454D-8049-61965D8C6FFF} - e:\Program Files\Steganos Privacy Suite 11\SPMIEToolbar.dll
O4 - HKLM\..\Run: [ooccctrl.exe] E:\Program Files\OO Software\CleverCache\ooccctrl.exe /tasktray
O4 - HKLM\..\Run: [ProcessLassoManagementConsole] e:\Program Files\Process Lasso\processlasso.exe
O4 - HKLM\..\Run: [ProcessGovernor] e:\Program Files\Process Lasso\processgovernor.exe
O4 - HKLM\..\Run: [AVP] "E:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE 10\avp.exe"
O4 - HKLM\..\Run: [vspdfprsrv.exe] E:\Program Files\Visagesoft\eXPert PDF\vspdfprsrv.exe --background
O4 - HKLM\..\Run: [UnlockerAssistant] "E:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [ThreatFire] e:\Program Files\ThreatFire\TFTray.exe
O4 - HKLM\..\Run: [SSS2009 HotKeys] "e:\Program Files\Steganos Privacy Suite 11\SteganosHotKeyService.exe"
O4 - HKLM\..\Run: [SSS2009 File Redirection Starter] "e:\Program Files\Steganos Privacy Suite 11\fredirstarter.exe"
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
O4 - HKCU\..\Run: [AshSnap] e:\Program Files\Ashampoo\Ashampoo Snap 3\ashsnap.exe
O4 - HKCU\..\Run: [RAM Tuner] "E:\Program Files\LOADSTREET\Perfect Tools für Vista\RAMTuner.exe" /start
O4 - HKCU\..\Run: [SSS2009 Browser Monitor] "e:\Program Files\Steganos Privacy Suite 11\SteganosBrowserMonitor.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETZWERKDIENST')
O4 - Startup: Browser-Anonymisierer.lnk = E:\Program Files\Browser-Anonymisierer\BrowserMaulkorb.exe
O4 - Startup: data
O4 - Startup: Extended Clipboard.lnk = E:\Program Files\MOette\ExtClipbrd\ExtClip.exe
O4 - Startup: notes.ini
O4 - Startup: PNotes.exe
O4 - Global Startup: Ashampoo Magical Defrag.lnk = E:\Program Files\Ashampoo\Ashampoo Magical Defrag\bin\aDefragCtrl.exe
O4 - Global Startup: Translate Client.lnk = E:\Program Files\Translate Client\translateclient.exe
O8 - Extra context menu item: &Download by Orbit - res://e:\Program Files\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://e:\Program Files\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: Do&wnload selected by Orbit - res://e:\Program Files\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://e:\Program Files\Orbitdownloader\orbitmxt.dll/202
O8 - Extra context menu item: Hinzufügen zu Anti-Banner - E:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE 10\ie_banner_deny.htm
O8 - Extra context menu item: Suchen mit Copernic Agent - E:\Program Files\Copernic Agent\Web\SearchExt.htm
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: Steganos Password Manager - {024538B9-3F39-49FF-9503-975F743210FA} - e:\Program Files\Steganos Privacy Suite 11\SPMIEToolbar.dll
O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - E:\PROGRA~1\Copernic Agent\COPERN~1.EXE
O9 - Extra 'Tools' menuitem: Starten von Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - E:\PROGRA~1\Copernic Agent\COPERN~1.EXE
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - E:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE 10\klwtbbho.dll
O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - E:\PROGRA~1\Copernic Agent\COPERN~1.EXE
O9 - Extra button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - E:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE 10\klwtbbho.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\PROGRA~2\AVP9\mzvkbd3.dll,C:\PROGRA~2\AVP9\kloehk.dll
O23 - Service: Ashampoo Defrag Service (AshampooDefragService) - - e:\Program Files\Ashampoo\Ashampoo Magical Defrag\bin\aDefragService.exe
O23 - Service: Kaspersky Security Suite CBE 10 (AVP) - Kaspersky Lab - E:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE 10\avp.exe
O23 - Service: Hotspot Shield Service (HotspotShieldService) - Unknown owner - e:\Program Files\Hotspot Shield\bin\openvpnas.exe
O23 - Service: Hotspot Shield Routing Service (HssSrv) - AnchorFree Inc. - e:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe
O23 - Service: Hotspot Shield Tray Service (HssTrayService) - Unknown owner - e:\Program Files\Hotspot Shield\bin\HssTrayService.EXE
O23 - Service: Hotspot Shield Monitoring Service (HssWd) - Unknown owner - e:\Program Files\Hotspot Shield\bin\hsswd.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: O&O CleverCache Agent (OOCleverCacheAgent) - O&O Software GmbH - E:\Program Files\OO Software\CleverCache\ooccag.exe
O23 - Service: Sandboxie Service (SbieSvc) - SANDBOXIE L.T.D - e:\Program Files\Sandboxie\SbieSvc.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - E:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: ThreatFire - PC Tools - e:\Program Files\ThreatFire\TFService.exe
O23 - Service: VMLiteService - VMLite, Inc. - E:\Program Files\VMLite\VMLite Workstation\VMLiteService.exe
O23 - Service: WinLube memory clean up scheduler (WLCleanRAM) - Script Soft eK - e:\Program Files\LOADSTREET\WinSpeedUp 3\CleanRAMService.exe
 
--
End of file - 13235 bytes
         
--- --- ---

Alt 07.12.2010, 14:23   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Kann einen Eintrag nicht fixen! - Standard

Kann einen Eintrag nicht fixen!



Hallo und

Vergiss Hijackthis! Das ist nicht mehr zeitgemäß!

Bitte routinemäßig einen Vollscan mit Malwarebytes machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!

Danach OTL:

Systemscan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Doppelklick auf die OTL.exe
  • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles hier in den Thread.
__________________

__________________

Alt 07.12.2010, 15:29   #3
Uweles
 
Kann einen Eintrag nicht fixen! - Standard

Kann einen Eintrag nicht fixen!



Vielen Dank erstmal für die mehr als schnelle Antwort!
Habe die beiden Dateien!! Data und notes.ini gefixt, und anschließend konnte ich diesen dubiosen Eintrag auch fixen???
Normalerweise müßte das System wieder sauber sein, aber ich habe trotzdem das Programm OTL runtergeladen und durchlaufen lassen. Hoffe es stimmt so der LOG, ist nämlich alles auf deutsch!
Es wäre nett wenn du trotzdem noch mal einen Blick auf das LOG werfen könntest!

Gruß Uwe


Hier das LOG:OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 07.12.2010 15:40:15 - Run 1
OTL by OldTimer - Version 3.2.17.3     Folder = C:\Users\Name\Desktop
 Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.7930.16406)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 46,00% Memory free
7,00 Gb Paging File | 6,00 Gb Available in Paging File | 83,00% Paging File free
Paging file location(s): [Binary data over 100 bytes]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 53,71 Gb Total Space | 37,20 Gb Free Space | 69,26% Space Free | Partition Type: NTFS
Drive D: | 153,38 Gb Total Space | 26,47 Gb Free Space | 17,26% Space Free | Partition Type: NTFS
Drive E: | 214,84 Gb Total Space | 97,36 Gb Free Space | 45,32% Space Free | Partition Type: NTFS
Drive F: | 197,19 Gb Total Space | 88,92 Gb Free Space | 45,09% Space Free | Partition Type: NTFS
Drive H: | 3,83 Gb Total Space | 0,01 Gb Free Space | 0,14% Space Free | Partition Type: exFAT
 
Computer Name: Name-PC | User Name:  | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Name\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Opera 11.00 beta\opera.exe (Opera Software)
PRC - C:\Programme\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor)
PRC - E:\Program Files\Translate Client\translateclient.exe (Alexey ILJIN)
PRC - e:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe (AnchorFree Inc.)
PRC - e:\Program Files\Hotspot Shield\bin\openvpntray.exe ()
PRC - e:\Program Files\Hotspot Shield\bin\openvpnas.exe ()
PRC - e:\Program Files\Hotspot Shield\bin\hsswd.exe ()
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corp.)
PRC - E:\Program Files\Browser-Anonymisierer\BrowserMaulkorb.exe (Alexander Miehlke Softwareentwicklung)
PRC - e:\Program Files\Sandboxie\SbieSvc.exe (SANDBOXIE L.T.D)
PRC - C:\Programme\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation)
PRC - E:\Program Files\Unlocker\UnlockerAssistant.exe ()
PRC - E:\Program Files\Steganos Privacy Suite 11\SteganosHotKeyService.exe (Steganos GmbH)
PRC - E:\Program Files\Steganos Privacy Suite 11\SteganosBrowserMonitor.exe (Steganos GmbH)
PRC - E:\Program Files\Steganos Privacy Suite 11\fredirstarter.exe (Steganos GmbH)
PRC - E:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE 10\avp.exe (Kaspersky Lab)
PRC - C:\Users\Name\AppData\Local\Temp\Rar$EX00.328\PNotes\PNotes.exe (Andrey Gruber)
PRC - E:\Program Files\Ashampoo\Ashampoo Snap 3\ashsnap.exe (ashampoo GmbH & Co. KG)
PRC - E:\Program Files\Process Lasso\ProcessLasso.exe (Bitsum Technologies)
PRC - E:\Program Files\Process Lasso\ProcessGovernor.exe (Bitsum Technologies)
PRC - E:\Program Files\ThreatFire\TFTray.exe (PC Tools)
PRC - e:\Program Files\ThreatFire\TFService.exe (PC Tools)
PRC - E:\Program Files\VMLite\VMLite Workstation\VMLiteService.exe (VMLite, Inc.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Windows\System32\sppsvc.exe (Microsoft Corporation)
PRC - E:\Program Files\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
PRC - e:\Program Files\LOADSTREET\WinSpeedUp 3\CleanRAMService.exe (Script Soft eK)
PRC - E:\Program Files\LOADSTREET\Perfect Tools für Vista\RAMTuner.exe (LOADSTREET.de)
PRC - E:\Program Files\MOette\ExtClipbrd\ExtClip.exe (M. Oette (www.oette.info))
PRC - E:\Program Files\OO Software\CleverCache\ooccctrl.exe (O&O Software GmbH)
PRC - E:\Program Files\OO Software\CleverCache\ooccag.exe (O&O Software GmbH)
PRC - E:\Program Files\Ashampoo\Ashampoo Magical Defrag\bin\aDefragCtrl.exe ( )
PRC - E:\Program Files\Visagesoft\eXPert PDF\vspdfprsrv.exe ()
PRC - e:\Program Files\Ashampoo\Ashampoo Magical Defrag\bin\aDefragService.exe ( )
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\Name\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation)
MOD - e:\Program Files\ThreatFire\TFWAH.dll (PC Tools)
MOD - C:\Windows\System32\sspicli.dll (Microsoft Corporation)
MOD - C:\Windows\System32\sechost.dll (Microsoft Corporation)
MOD - C:\Windows\System32\samcli.dll (Microsoft Corporation)
MOD - C:\Windows\System32\profapi.dll (Microsoft Corporation)
MOD - C:\Windows\System32\netutils.dll (Microsoft Corporation)
MOD - C:\Windows\System32\KernelBase.dll (Microsoft Corporation)
MOD - C:\Windows\System32\dwmapi.dll (Microsoft Corporation)
MOD - C:\Windows\System32\devobj.dll (Microsoft Corporation)
MOD - C:\Windows\System32\cryptbase.dll (Microsoft Corporation)
MOD - C:\Windows\System32\cfgmgr32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (HssSrv) -- e:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe (AnchorFree Inc.)
SRV - (HssTrayService) -- e:\Program Files\Hotspot Shield\bin\HssTrayService.exe ()
SRV - (HotspotShieldService) -- e:\Program Files\Hotspot Shield\bin\openvpnas.exe ()
SRV - (fsssvc) -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe (Microsoft Corporation)
SRV - (HssWd) -- e:\Program Files\Hotspot Shield\bin\hsswd.exe ()
SRV - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV - (SeaPort) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation)
SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation)
SRV - (SbieSvc) -- e:\Program Files\Sandboxie\SbieSvc.exe (SANDBOXIE L.T.D)
SRV - (AVP) -- E:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE 10\avp.exe (Kaspersky Lab)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (ThreatFire) -- e:\Program Files\ThreatFire\TFService.exe (PC Tools)
SRV - (VMLiteService) -- E:\Program Files\VMLite\VMLite Workstation\VMLiteService.exe (VMLite, Inc.)
SRV - (WwanSvc) -- C:\Windows\System32\wwansvc.dll (Microsoft Corporation)
SRV - (WbioSrvc) -- C:\Windows\System32\wbiosrvc.dll (Microsoft Corporation)
SRV - (Power) -- C:\Windows\System32\umpo.dll (Microsoft Corporation)
SRV - (Themes) -- C:\Windows\System32\themeservice.dll (Microsoft Corporation)
SRV - (sppuinotify) -- C:\Windows\System32\sppuinotify.dll (Microsoft Corporation)
SRV - (RpcEptMapper) -- C:\Windows\System32\RpcEpMap.dll (Microsoft Corporation)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (PNRPsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation)
SRV - (p2pimsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation)
SRV - (HomeGroupProvider) -- C:\Windows\System32\provsvc.dll (Microsoft Corporation)
SRV - (PNRPAutoReg) -- C:\Windows\System32\pnrpauto.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (HomeGroupListener) -- C:\Windows\System32\ListSvc.dll (Microsoft Corporation)
SRV - (Dhcp) -- C:\Windows\System32\dhcpcore.dll (Microsoft Corporation)
SRV - (defragsvc) -- C:\Windows\System32\defragsvc.dll (Microsoft Corporation)
SRV - (BDESVC) -- C:\Windows\System32\bdesvc.dll (Microsoft Corporation)
SRV - (AxInstSV) ActiveX-Installer (AxInstSV) -- C:\Windows\System32\AxInstSv.dll (Microsoft Corporation)
SRV - (AppIDSvc) -- C:\Windows\System32\appidsvc.dll (Microsoft Corporation)
SRV - (sppsvc) -- C:\Windows\System32\sppsvc.exe (Microsoft Corporation)
SRV - (SBSDWSCService) -- E:\Program Files\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
SRV - (WLCleanRAM) -- e:\Program Files\LOADSTREET\WinSpeedUp 3\CleanRAMService.exe (Script Soft eK)
SRV - (OOCleverCacheAgent) -- E:\Program Files\OO Software\CleverCache\ooccag.exe (O&O Software GmbH)
SRV - (AshampooDefragService) -- e:\Program Files\Ashampoo\Ashampoo Magical Defrag\bin\aDefragService.exe ( )
 
 
========== Driver Services (SafeList) ==========
 
DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys ()
DRV - (KLIF) -- C:\Windows\System32\drivers\klif.sys (Kaspersky Lab)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (fssfltr) -- C:\Windows\System32\drivers\fssfltr.sys (Microsoft Corporation)
DRV - (HssDrv) -- C:\Windows\System32\drivers\HssDrv.sys (AnchorFree Inc.)
DRV - (taphss) -- C:\Windows\System32\drivers\taphss.sys (AnchorFree Inc)
DRV - (NVNET) -- C:\Windows\System32\drivers\nvmf6232.sys (NVIDIA Corporation)
DRV - (SbieDrv) -- e:\Program Files\Sandboxie\SbieDrv.sys (SANDBOXIE L.T.D)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (SLEE_17_DRIVER) -- C:\Windows\System32\drivers\SleeN17.sys (Softwareentwicklung Remus - ArchiCrypt - )
DRV - (vmlitediskmp) -- C:\Windows\System32\drivers\vmlitediskmp.sys (VMLite, Inc.)
DRV - (KSecPkg) -- C:\Windows\System32\Drivers\ksecpkg.sys (Microsoft Corporation)
DRV - (vmlitedrv) -- C:\Windows\System32\drivers\vmlitedrv.sys (VMLite, Inc.)
DRV - (VBoxNetFlt) -- C:\Windows\System32\drivers\VBoxNetFlt.sys (VMLite, Inc.)
DRV - (VBoxNetAdp) -- C:\Windows\System32\drivers\VBoxNetAdp.sys (VMLite, Inc.)
DRV - (VBoxDrv) -- C:\Windows\System32\drivers\VBoxDrv.sys (VMLite, Inc.)
DRV - (TfSysMon) -- C:\Windows\system32\drivers\TfSysMon.sys (PC Tools)
DRV - (TfFsMon) -- C:\Windows\system32\drivers\TfFsMon.sys (PC Tools)
DRV - (TfNetMon) -- C:\Windows\System32\drivers\TfNetMon.sys (PC Tools)
DRV - (klbg) -- C:\Windows\system32\drivers\klbg.sys (Kaspersky Lab)
DRV - (klmouflt) -- C:\Windows\System32\drivers\klmouflt.sys (Kaspersky Lab)
DRV - (KLIM6) -- C:\Windows\System32\drivers\klim6.sys (Kaspersky Lab)
DRV - (kl1) -- C:\Windows\System32\drivers\kl1.sys (Kaspersky Lab)
DRV - (SynTP) -- C:\Windows\System32\drivers\SynTP.sys (Synaptics Incorporated)
DRV - (cmdide) -- C:\Windows\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.)
DRV - (adpahci) -- C:\Windows\system32\DRIVERS\adpahci.sys (Adaptec, Inc.)
DRV - (adp94xx) -- C:\Windows\system32\DRIVERS\adp94xx.sys (Adaptec, Inc.)
DRV - (amdsbs) -- C:\Windows\system32\DRIVERS\amdsbs.sys (AMD Technologies Inc.)
DRV - (adpu320) -- C:\Windows\system32\DRIVERS\adpu320.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\DRIVERS\arcsas.sys (Adaptec, Inc.)
DRV - (amdsata) -- C:\Windows\system32\DRIVERS\amdsata.sys (Advanced Micro Devices)
DRV - (arc) -- C:\Windows\system32\DRIVERS\arc.sys (Adaptec, Inc.)
DRV - (amdxata) -- C:\Windows\system32\DRIVERS\amdxata.sys (Advanced Micro Devices)
DRV - (aliide) -- C:\Windows\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.)
DRV - (nvstor) -- C:\Windows\system32\DRIVERS\nvstor.sys (NVIDIA Corporation)
DRV - (nvraid) -- C:\Windows\system32\DRIVERS\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) -- C:\Windows\system32\DRIVERS\nfrd960.sys (IBM Corporation)
DRV - (LSI_SAS) -- C:\Windows\system32\DRIVERS\lsi_sas.sys (LSI Corporation)
DRV - (iaStorV) -- C:\Windows\system32\DRIVERS\iaStorV.sys (Intel Corporation)
DRV - (MegaSR) -- C:\Windows\system32\DRIVERS\MegaSR.sys (LSI Corporation, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\DRIVERS\lsi_scsi.sys (LSI Corporation)
DRV - (LSI_FC) -- C:\Windows\system32\DRIVERS\lsi_fc.sys (LSI Corporation)
DRV - (LSI_SAS2) -- C:\Windows\system32\DRIVERS\lsi_sas2.sys (LSI Corporation)
DRV - (iirsp) -- C:\Windows\system32\DRIVERS\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (megasas) -- C:\Windows\system32\DRIVERS\megasas.sys (LSI Corporation)
DRV - (hwpolicy) -- C:\Windows\System32\drivers\hwpolicy.sys (Microsoft Corporation)
DRV - (elxstor) -- C:\Windows\system32\DRIVERS\elxstor.sys (Emulex)
DRV - (aic78xx) -- C:\Windows\system32\DRIVERS\djsvs.sys (Adaptec, Inc.)
DRV - (HpSAMD) -- C:\Windows\system32\DRIVERS\HpSAMD.sys (Hewlett-Packard Company)
DRV - (FsDepends) -- C:\Windows\System32\drivers\fsdepends.sys (Microsoft Corporation)
DRV - (vsmraid) -- C:\Windows\system32\DRIVERS\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (vhdmp) -- C:\Windows\system32\DRIVERS\vhdmp.sys (Microsoft Corporation)
DRV - (vdrvroot) -- C:\Windows\system32\DRIVERS\vdrvroot.sys (Microsoft Corporation)
DRV - (WIMMount) -- C:\Windows\System32\drivers\wimmount.sys (Microsoft Corporation)
DRV - (viaide) -- C:\Windows\system32\DRIVERS\viaide.sys (VIA Technologies, Inc.)
DRV - (ql2300) -- C:\Windows\system32\DRIVERS\ql2300.sys (QLogic Corporation)
DRV - (rdyboost) -- C:\Windows\System32\drivers\rdyboost.sys (Microsoft Corporation)
DRV - (ql40xx) -- C:\Windows\system32\DRIVERS\ql40xx.sys (QLogic Corporation)
DRV - (SiSRaid4) -- C:\Windows\system32\DRIVERS\sisraid4.sys (Silicon Integrated Systems)
DRV - (pcw) -- C:\Windows\System32\drivers\pcw.sys (Microsoft Corporation)
DRV - (SiSRaid2) -- C:\Windows\system32\DRIVERS\SiSRaid2.sys (Silicon Integrated Systems Corp.)
DRV - (stexstor) -- C:\Windows\system32\DRIVERS\stexstor.sys (Promise Technology)
DRV - (CNG) -- C:\Windows\System32\Drivers\cng.sys (Microsoft Corporation)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\System32\Drivers\Brserid.sys (Brother Industries Ltd.)
DRV - (rdpbus) -- C:\Windows\system32\DRIVERS\rdpbus.sys (Microsoft Corporation)
DRV - (RDPREFMP) -- C:\Windows\System32\drivers\RDPREFMP.sys (Microsoft Corporation)
DRV - (RasAgileVpn) WAN Miniport (IKEv2) -- C:\Windows\System32\drivers\agilevpn.sys (Microsoft Corporation)
DRV - (WfpLwf) -- C:\Windows\System32\drivers\wfplwf.sys (Microsoft Corporation)
DRV - (NdisCap) -- C:\Windows\System32\drivers\ndiscap.sys (Microsoft Corporation)
DRV - (vwifibus) -- C:\Windows\System32\drivers\vwifibus.sys (Microsoft Corporation)
DRV - (1394ohci) -- C:\Windows\system32\DRIVERS\1394ohci.sys (Microsoft Corporation)
DRV - (UmPass) -- C:\Windows\system32\DRIVERS\umpass.sys (Microsoft Corporation)
DRV - (mshidkmdf) -- C:\Windows\System32\drivers\mshidkmdf.sys (Microsoft Corporation)
DRV - (MTConfig) -- C:\Windows\system32\DRIVERS\MTConfig.sys (Microsoft Corporation)
DRV - (CompositeBus) -- C:\Windows\System32\drivers\CompositeBus.sys (Microsoft Corporation)
DRV - (AppID) -- C:\Windows\system32\drivers\appid.sys (Microsoft Corporation)
DRV - (scfilter) -- C:\Windows\System32\drivers\scfilter.sys (Microsoft Corporation)
DRV - (discache) -- C:\Windows\System32\drivers\discache.sys (Microsoft Corporation)
DRV - (AcpiPmi) -- C:\Windows\system32\DRIVERS\acpipmi.sys (Microsoft Corporation)
DRV - (AmdPPM) -- C:\Windows\system32\DRIVERS\amdppm.sys (Microsoft Corporation)
DRV - (hcw85cir) -- C:\Windows\system32\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (BrUsbMdm) -- C:\Windows\System32\Drivers\BrUsbMdm.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\System32\Drivers\BrUsbSer.sys (Brother Industries Ltd.)
DRV - (BrSerWdm) -- C:\Windows\System32\Drivers\BrSerWdm.sys (Brother Industries Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\DRIVERS\BrFiltLo.sys (Brother Industries, Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\DRIVERS\BrFiltUp.sys (Brother Industries, Ltd.)
DRV - (NVENETFD) -- C:\Windows\System32\drivers\nvm62x32.sys (NVIDIA Corporation)
DRV - (b57nd60x) -- C:\Windows\System32\drivers\b57nd60x.sys (Broadcom Corporation)
DRV - (ebdrv) -- C:\Windows\system32\DRIVERS\evbdx.sys (Broadcom Corporation)
DRV - (b06bdrv) -- C:\Windows\system32\DRIVERS\bxvbdx.sys (Broadcom Corporation)
DRV - (irsir) -- C:\Windows\System32\drivers\irsir.sys (Microsoft Corporation)
DRV - (AnyDVD) -- C:\Windows\System32\drivers\AnyDVD.sys (SlySoft, Inc.)
DRV - (ElbyCDIO) -- C:\Windows\System32\drivers\ElbyCDIO.sys (Elaborate Bytes AG)
DRV - (AVHybrid) -- C:\Windows\System32\drivers\AVHybrid.sys ()
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 00 F6 56 5F B6 93 CB 01  [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{09F060FA-566D-42D7-BF79-97AB30863433}: e:\Program Files\Steganos Privacy Suite 11\pfplugin [2010.12.06 10:58:48 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{00F0643E-B367-4779-B45D-7046EBA37A88}: e:\Program Files\Steganos Privacy Suite 11\spmplugin3 [2010.12.06 10:58:53 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Thunderbird\Extensions\\{eea12ec4-729d-4703-bc37-106ce9879ce2}: E:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE 10\THBExt [2010.10.14 17:32:22 | 000,000,000 | ---D | M]
 
[2010.12.04 14:50:48 | 000,000,000 | ---D | M] -- C:\Users\Uwe Plesotzky\AppData\Roaming\mozilla\Extensions
[2010.12.04 14:50:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Uwe Plesotzky\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
 
O1 HOSTS File: ([2010.12.07 15:09:43 | 000,426,732 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 www.google-analytics.com
O1 - Hosts: 127.0.0.1 google-analytics.com
O1 - Hosts: 127.0.0.1	www.007guard.com
O1 - Hosts: 127.0.0.1	007guard.com
O1 - Hosts: 127.0.0.1	008i.com
O1 - Hosts: 127.0.0.1	www.008k.com
O1 - Hosts: 127.0.0.1	008k.com
O1 - Hosts: 127.0.0.1	www.00hq.com
O1 - Hosts: 127.0.0.1	00hq.com
O1 - Hosts: 127.0.0.1	010402.com
O1 - Hosts: 127.0.0.1	www.032439.com
O1 - Hosts: 127.0.0.1	032439.com
O1 - Hosts: 127.0.0.1	www.0scan.com
O1 - Hosts: 127.0.0.1	0scan.com
O1 - Hosts: 127.0.0.1	1000gratisproben.com
O1 - Hosts: 127.0.0.1	www.1000gratisproben.com
O1 - Hosts: 127.0.0.1	1001namen.com
O1 - Hosts: 127.0.0.1	www.1001namen.com
O1 - Hosts: 127.0.0.1	100888290cs.com
O1 - Hosts: 127.0.0.1	www.100888290cs.com
O1 - Hosts: 127.0.0.1	www.100sexlinks.com
O1 - Hosts: 127.0.0.1	100sexlinks.com
O1 - Hosts: 127.0.0.1	10sek.com
O1 - Hosts: 127.0.0.1	www.10sek.com
O1 - Hosts: 127.0.0.1	www.1-2005-search.com
O1 - Hosts: 14695 more lines...
O2 - BHO: (Octh Class) - {000123B4-9B42-4900-B3F7-F4B073EFC214} - e:\Program Files\Orbitdownloader\orbitcth.dll (Orbitdownloader.com)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - E:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - E:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE 10\ievkbd.dll (Kaspersky Lab)
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Programme\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Windows Live Messenger Companion Helper) - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Programme\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Programme\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll (Microsoft Corporation)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - E:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE 10\klwtbbho.dll (Kaspersky Lab)
O2 - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - e:\Program Files\Hotspot Shield\HssIE\HssIE.dll (AnchorFree Inc.)
O3 - HKLM\..\Toolbar: (@C:\Program Files\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Programme\MSN Toolbar\Platform\6.3.2322.0\npwinext.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Steganos Password Manager Toolbar) - {9C65D12D-CF9D-454D-8049-61965D8C6FFF} - e:\Program Files\Steganos Privacy Suite 11\SPMIEToolbar.dll (Steganos GmbH)
O3 - HKLM\..\Toolbar: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - e:\Program Files\Orbitdownloader\GrabPro.dll ()
O3 - HKLM\..\Toolbar: (Copernic Agent) - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - E:\Program Files\Copernic Agent\CopernicAgentExt.dll (Copernic Technologies Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Copernic Agent) - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - E:\Program Files\Copernic Agent\CopernicAgentExt.dll (Copernic Technologies Inc.)
O4 - HKLM..\Run: [AVP] E:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE 10\avp.exe (Kaspersky Lab)
O4 - HKLM..\Run: [ooccctrl.exe] E:\Program Files\OO Software\CleverCache\ooccctrl.exe (O&O Software GmbH)
O4 - HKLM..\Run: [ProcessGovernor] e:\Program Files\Process Lasso\ProcessGovernor.exe (Bitsum Technologies)
O4 - HKLM..\Run: [ProcessLassoManagementConsole] e:\Program Files\Process Lasso\ProcessLasso.exe (Bitsum Technologies)
O4 - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SSS2009 File Redirection Starter] e:\Program Files\Steganos Privacy Suite 11\fredirstarter.exe (Steganos GmbH)
O4 - HKLM..\Run: [SSS2009 HotKeys] e:\Program Files\Steganos Privacy Suite 11\SteganosHotKeyService.exe (Steganos GmbH)
O4 - HKLM..\Run: [ThreatFire] e:\Program Files\ThreatFire\TFTray.exe (PC Tools)
O4 - HKLM..\Run: [UnlockerAssistant] E:\Program Files\Unlocker\UnlockerAssistant.exe ()
O4 - HKLM..\Run: [vspdfprsrv.exe] E:\Program Files\Visagesoft\eXPert PDF\vspdfprsrv.exe ()
O4 - HKCU..\Run: [AnyDVD] E:\Program Files\SlySoft\AnyDVD\AnyDVD.exe (SlySoft, Inc.)
O4 - HKCU..\Run: [AshSnap] e:\Program Files\Ashampoo\Ashampoo Snap 3\ashsnap.exe (ashampoo GmbH & Co. KG)
O4 - HKCU..\Run: [RAM Tuner] E:\Program Files\LOADSTREET\Perfect Tools für Vista\RAMTuner.exe (LOADSTREET.de)
O4 - HKCU..\Run: [SSS2009 Browser Monitor] e:\Program Files\Steganos Privacy Suite 11\SteganosBrowserMonitor.exe (Steganos GmbH)
O4 - Startup: C:\Users\Uwe Plesotzky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Browser-Anonymisierer.lnk = E:\Program Files\Browser-Anonymisierer\BrowserMaulkorb.exe (Alexander Miehlke Softwareentwicklung)
O4 - Startup: C:\Users\Uwe Plesotzky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Extended Clipboard.lnk = E:\Program Files\MOette\ExtClipbrd\ExtClip.exe (M. Oette (www.oette.info))
O4 - Startup: C:\Users\Uwe Plesotzky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PNotes.lnk = C:\Users\Uwe Plesotzky\AppData\Local\Temp\Rar$EX00.328\PNotes\PNotes.exe (Andrey Gruber)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetOpenWith = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoNetHood = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideClock = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoManageMyComputerVerb = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuPinnedList = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoUserNameInStartMenu = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartmenuLogoff = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartMenuSubFolders = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCommonGroups = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoPrinterTabs = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDeletePrinter = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoAddPrinter = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoPrinters = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoNetworkConnections = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFavoritesMenu = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetFolders = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeStartMenu = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFileMenu = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoShellSearchButton = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoToolbarCustomize = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsNetHood = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeAnimation = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeKeyboardNavigationIndicators = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoThemesTab = 0
O8 - Extra context menu item: &Download by Orbit - e:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: &Grab video by Orbit - e:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Do&wnload selected by Orbit - e:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Down&load all by Orbit - e:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)
O8 - Extra context menu item: Hinzufügen zu Anti-Banner - E:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE 10\ie_banner_deny.htm ()
O8 - Extra context menu item: Suchen mit Copernic Agent - E:\Program Files\Copernic Agent\Web\SearchExt.htm ()
O9 - Extra Button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Programme\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
O9 - Extra Button: Steganos Password Manager - {024538B9-3F39-49FF-9503-975F743210FA} - e:\Program Files\Steganos Privacy Suite 11\SPMIEToolbar.dll (Steganos GmbH)
O9 - Extra 'Tools' menuitem : Starten von Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - E:\Program Files\Copernic Agent\CopernicAgent.exe (Copernic Technologies Inc.)
O9 - Extra Button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - E:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE 10\klwtbbho.dll (Kaspersky Lab)
O9 - Extra Button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - E:\Program Files\Copernic Agent\CopernicAgent.exe (Copernic Technologies Inc.)
O9 - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - E:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE 10\klwtbbho.dll (Kaspersky Lab)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\copernicagent {A979B6BD-E40B-4A07-ABDD-A62C64A4EBF6} - E:\Program Files\Copernic Agent\CopernicAgentExt.dll (Copernic Technologies Inc.)
O18 - Protocol\Handler\copernicagentcache {AAC34CFD-274D-4A9D-B0DC-C74C05A67E1D} - E:\Program Files\Copernic Agent\CopernicAgentExt.dll (Copernic Technologies Inc.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Programme\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~2\AVP9\mzvkbd3.dll) - C:\ProgramData\AVP9\mzvkbd3.dll (Kaspersky Lab)
O20 - AppInit_DLLs: (C:\PROGRA~2\AVP9\kloehk.dll) - C:\ProgramData\AVP9\kloehk.dll (Kaspersky Lab)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - Winlogon\Notify\klogon: DllName - C:\Windows\system32\klogon.dll - C:\Windows\System32\klogon.dll (Kaspersky Lab)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - C:\Windows\System32\livessp.dll (Microsoft Corp.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.12.07 15:37:54 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Uwe Plesotzky\Desktop\OTL.exe
[2010.12.07 11:10:31 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\AppData\Roaming\Godlike
[2010.12.07 05:57:15 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\AppData\Local\{A68A6EDD-ADF1-493B-9AAC-F910EF87234A}
[2010.12.06 17:24:53 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\AppData\Local\{59650237-6325-4B77-9D70-5EFDDFA82A59}
[2010.12.06 12:20:34 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\AppData\Local\Microsoft Games
[2010.12.06 11:34:41 | 000,000,000 | ---D | C] -- C:\Programme\Synaptics
[2010.12.06 11:33:23 | 001,461,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WdfCoInstaller01009.dll
[2010.12.06 11:33:20 | 000,120,104 | ---- | C] (Synaptics Incorporated) -- C:\Windows\System32\SynTPCo4.dll
[2010.12.06 11:33:19 | 000,206,120 | ---- | C] (Synaptics Incorporated) -- C:\Windows\System32\SynCtrl.dll
[2010.12.06 11:33:17 | 000,169,256 | ---- | C] (Synaptics Incorporated) -- C:\Windows\System32\SynCOM.dll
[2010.12.06 11:33:17 | 000,161,064 | ---- | C] (Synaptics Incorporated) -- C:\Windows\System32\SynTPAPI.dll
[2010.12.06 11:33:16 | 000,228,784 | ---- | C] (Synaptics Incorporated) -- C:\Windows\System32\drivers\SynTP.sys
[2010.12.06 11:29:22 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft IntelliType Pro
[2010.12.06 11:05:47 | 000,000,000 | ---D | C] -- C:\Windows\System32\RTCOM
[2010.12.06 11:05:05 | 001,783,056 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesLib.dll
[2010.12.06 11:05:04 | 000,345,328 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSXT.dll
[2010.12.06 11:05:04 | 000,185,584 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSHD.dll
[2010.12.06 11:05:04 | 000,140,528 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSWOW.dll
[2010.12.06 11:05:03 | 000,173,296 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSHP360.dll
[2010.12.06 11:05:00 | 001,084,008 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RTSndMgr.cpl
[2010.12.06 11:04:59 | 003,317,800 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\drivers\RTKVHDA.sys
[2010.12.06 11:04:59 | 001,976,936 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkPgExt.dll
[2010.12.06 11:04:58 | 000,069,224 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkCoInst.dll
[2010.12.06 11:04:57 | 003,790,440 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkAPO.dll
[2010.12.06 11:04:57 | 000,469,608 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkApoApi.dll
[2010.12.06 11:04:56 | 000,359,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEP32A.dll
[2010.12.06 11:04:56 | 000,295,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DHT32.dll
[2010.12.06 11:04:56 | 000,295,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DAA32.dll
[2010.12.06 11:04:56 | 000,170,840 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEED32A.dll
[2010.12.06 11:04:56 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEL32A.dll
[2010.12.06 11:04:56 | 000,064,856 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEG32A.dll
[2010.12.06 11:04:55 | 000,739,416 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\System32\MBAPO32.dll
[2010.12.06 11:04:55 | 000,070,232 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\System32\MBWrp32.dll
[2010.12.06 11:04:55 | 000,053,848 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\System32\MBppld32.dll
[2010.12.06 11:04:55 | 000,050,776 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\System32\MBPPCn32.dll
[2010.12.06 11:04:54 | 001,938,704 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioEQ.dll
[2010.12.06 11:04:54 | 000,232,792 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO20.dll
[2010.12.06 11:04:54 | 000,132,368 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO.dll
[2010.12.06 11:04:49 | 001,558,944 | ---- | C] (Fortemedia Corporation) -- C:\Windows\System32\FMAPO.dll
[2010.12.06 11:04:47 | 000,175,200 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTACap.dll
[2010.12.06 11:04:47 | 000,096,160 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTARen.dll
[2010.12.06 11:04:47 | 000,000,000 | ---D | C] -- C:\Programme\Realtek
[2010.12.06 11:04:42 | 001,251,944 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll
[2010.12.06 10:58:33 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\AppData\Roaming\Steganos
[2010.12.06 10:37:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Publish Data
[2010.12.06 10:34:54 | 000,000,000 | ---D | C] -- C:\Windows\uninstall
[2010.12.06 10:33:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Licenses
[2010.12.06 10:31:07 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\AppData\Roaming\Engelmann Media
[2010.12.06 10:31:05 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\HDX4
[2010.12.06 10:22:55 | 000,000,000 | ---D | C] -- F:\Meine empfangenen Dateien
[2010.12.06 06:13:19 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\Tracing
[2010.12.06 05:23:29 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\AppData\Local\{D44C9E51-0253-453C-9705-368646AC9F66}
[2010.12.06 04:31:11 | 000,000,000 | ---D | C] -- F:\My Weblog Posts
[2010.12.06 03:28:42 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\AppData\Roaming\eXPert PDF Editor
[2010.12.05 17:22:58 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\AppData\Local\{CB819777-A33B-4CBA-9237-A45873E4FAEE}
[2010.12.05 17:22:37 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\AppData\Roaming\Windows Live Writer
[2010.12.05 17:22:37 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\AppData\Local\Windows Live Writer
[2010.12.05 17:15:42 | 000,000,000 | ---D | C] -- C:\Programme\Google
[2010.12.05 16:23:48 | 000,000,000 | ---D | C] -- C:\Windows\de
[2010.12.05 16:10:44 | 000,039,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\fssfltr.sys
[2010.12.05 16:10:44 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2010.12.05 15:52:05 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft SQL Server Compact Edition
[2010.12.05 15:44:15 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2010.12.05 15:41:56 | 000,000,000 | ---D | C] -- C:\Programme\Windows Live
[2010.12.05 15:40:23 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft
[2010.12.05 15:40:08 | 000,000,000 | ---D | C] -- C:\Programme\MSN Toolbar
[2010.12.05 15:39:34 | 000,000,000 | ---D | C] -- C:\Programme\Bing Bar Installer
[2010.12.05 15:39:18 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_5.dll
[2010.12.05 15:39:18 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_3.dll
[2010.12.05 15:39:17 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_42.dll
[2010.12.05 15:38:59 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_32.dll
[2010.12.05 15:32:28 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Silverlight
[2010.12.05 15:27:19 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\AppData\Local\Windows Live
[2010.12.05 15:27:15 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Windows Live
[2010.12.05 15:11:33 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\AppData\Local\WindowsUpdate
[2010.12.05 15:03:47 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2010.12.05 12:28:23 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2010.12.05 12:28:22 | 002,381,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010.12.05 12:28:20 | 001,448,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2010.12.05 12:27:08 | 000,758,784 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\cohelper.dll
[2010.12.05 12:19:15 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2010.12.05 12:18:43 | 000,000,000 | ---D | C] -- C:\Programme\NVIDIA Corporation
[2010.12.05 11:57:42 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft.NET
[2010.12.05 11:51:45 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ks.sys
[2010.12.05 11:45:16 | 000,365,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll
[2010.12.05 11:45:15 | 000,369,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll
[2010.12.05 11:45:13 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe
[2010.12.05 11:45:13 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe
[2010.12.05 11:45:12 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll
[2010.12.05 11:45:11 | 000,277,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe
[2010.12.05 11:45:11 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll
[2010.12.05 11:45:10 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe
[2010.12.05 11:44:37 | 000,641,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CPFilters.dll
[2010.12.05 11:44:33 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
[2010.12.05 11:44:32 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdri.dll
[2010.12.05 11:44:29 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
[2010.12.05 11:44:28 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2010.12.05 11:43:49 | 000,026,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Diskdump.sys
[2010.12.05 11:32:23 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\AppData\Roaming\PersBackup5
[2010.12.05 10:35:34 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\AppData\Roaming\Malwarebytes
[2010.12.05 10:35:16 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.12.05 10:35:13 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.12.05 10:08:39 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\AppData\Roaming\GrabPro
[2010.12.05 10:08:39 | 000,000,000 | ---D | C] -- C:\downloads
[2010.12.05 10:07:32 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\AppData\Roaming\Orbit
[2010.12.05 10:06:54 | 003,982,240 | ---- | C] (Adobe Systems, Inc.) -- C:\Windows\System32\Flash10d.ocx
[2010.12.05 10:05:06 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\AppData\Roaming\Tobit
[2010.12.05 10:03:19 | 000,000,000 | ---D | C] -- F:\Mediathek
[2010.12.05 10:03:11 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Tobit
[2010.12.05 09:56:43 | 000,000,000 | ---D | C] -- C:\ProgramData\RapidSolution
[2010.12.05 09:52:35 | 000,511,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\capicom.dll
[2010.12.05 09:49:21 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\AppData\Local\RapidSolution
[2010.12.05 09:42:28 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\AppData\Roaming\Notepad++
[2010.12.05 09:40:10 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Wise Installation Wizard
[2010.12.05 09:33:55 | 000,000,000 | ---D | C] -- F:\Podcast Studio
[2010.12.05 09:33:11 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\AppData\Roaming\Franzis
[2010.12.05 09:23:06 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\AppData\Roaming\GlarySoft
[2010.12.05 09:02:14 | 000,000,000 | ---D | C] -- C:\Programme\Windows Installer Clean Up
[2010.12.05 09:00:54 | 000,000,000 | ---D | C] -- C:\Programme\MSECACHE
[2010.12.05 08:28:13 | 000,962,560 | ---- | C] (East Wind Software) -- C:\Windows\System32\advdaudio.ocx
[2010.12.05 08:28:12 | 000,835,584 | ---- | C] (NCT) -- C:\Windows\System32\NCTAudioCDGrabber2.dll
[2010.12.05 08:28:12 | 000,634,880 | ---- | C] (Online Media Technologies Ltd.) -- C:\Windows\System32\NCTAudioEditor2.dll
[2010.12.05 08:28:12 | 000,348,160 | ---- | C] (NCT Company Ltd.) -- C:\Windows\System32\NCTWMAFile2.dll
[2010.12.05 08:28:11 | 000,522,752 | ---- | C] (Online Media Technologies Ltd.) -- C:\Windows\System32\NCTAudioTransform2.dll
[2010.12.05 08:28:11 | 000,479,232 | ---- | C] (NCT Company Ltd.) -- C:\Windows\System32\NCTAudioVisualization2.dll
[2010.12.05 08:28:11 | 000,467,968 | ---- | C] (Online Media Technologies Ltd.) -- C:\Windows\System32\NCTAudioRecord2.dll
[2010.12.05 08:28:11 | 000,467,456 | ---- | C] (Online Media Technologies Ltd.) -- C:\Windows\System32\NCTAudioPlayer2.dll
[2010.12.05 08:28:10 | 000,966,144 | ---- | C] (Online Media Technologies Ltd.) -- C:\Windows\System32\NCTAudioInformation2.dll
[2010.12.05 08:28:10 | 000,877,568 | ---- | C] (NCT Company Ltd.) -- C:\Windows\System32\NCTAudioFile2.dll
[2010.12.05 08:28:09 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcr70.dll
[2010.12.05 08:27:39 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\AppData\Roaming\concept design
[2010.12.05 08:25:50 | 000,000,000 | ---D | C] -- C:\Programme\Alcohol Soft
[2010.12.05 08:06:09 | 000,000,000 | ---D | C] -- C:\Hotspot Shield
[2010.12.05 08:05:01 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\AppData\Local\VMLite Workstation
[2010.12.05 07:49:58 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\VMLites
[2010.12.05 07:47:24 | 000,012,672 | ---- | C] (VMLite, Inc.) -- C:\Windows\System32\drivers\vmlitedrv.sys
[2010.12.05 07:47:23 | 000,123,160 | ---- | C] (VMLite, Inc.) -- C:\Windows\System32\drivers\VBoxDrv.sys
[2010.12.05 03:49:11 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe
[2010.12.05 03:49:11 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll
[2010.12.05 03:49:11 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll
[2010.12.05 03:44:26 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe
[2010.12.05 03:23:55 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\System32\iccvid.dll
[2010.12.05 03:23:54 | 000,197,632 | ---- | C] (Intel(R) Corporation) -- C:\Windows\System32\ir32_32.dll
[2010.12.05 03:23:46 | 002,614,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2010.12.05 03:23:21 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2010.12.05 03:22:35 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll
[2010.12.05 03:22:17 | 001,037,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsasrv.dll
[2010.12.05 03:22:16 | 000,133,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ksecpkg.sys
[2010.12.05 03:22:13 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtutils.dll
[2010.12.05 03:21:55 | 001,320,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnroll.dll
[2010.12.05 03:21:54 | 000,507,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winload.exe
[2010.12.05 03:21:53 | 000,442,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winresume.exe
[2010.12.05 03:21:46 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll
[2010.12.05 03:21:27 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL
[2010.12.05 03:21:20 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40.dll
[2010.12.05 03:21:19 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40u.dll
[2010.12.05 03:20:58 | 001,328,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll
[2010.12.05 03:20:57 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avifil32.dll
[2010.12.05 03:20:57 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll
[2010.12.05 03:20:53 | 003,955,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2010.12.05 03:20:53 | 003,899,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2010.12.05 03:20:34 | 002,327,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2010.12.05 03:19:38 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll
[2010.12.05 03:19:35 | 000,363,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\StructuredQuery.dll
[2010.12.05 03:19:00 | 000,293,888 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2010.12.05 03:19:00 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll
[2010.12.05 03:19:00 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2010.12.05 02:34:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2010.12.04 20:26:16 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\Documents
[2010.12.04 20:25:01 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2010.12.04 20:00:52 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\AppData\Roaming\CDZilla
[2010.12.04 19:35:48 | 000,000,000 | ---D | C] -- C:\ProgramData\SlySoft
[2010.12.04 19:03:34 | 000,000,000 | ---D | C] -- C:\ProgramData\VManager
[2010.12.04 19:03:26 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\AppData\Roaming\MindVisualizer
[2010.12.04 19:03:26 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\ISpell
[2010.12.04 18:52:24 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\AppData\Roaming\Ashampoo
[2010.12.04 18:04:45 | 000,091,408 | ---- | C] (INTERSOLV, Inc.) -- C:\Windows\System\LOTXT06.DLL
[2010.12.04 18:04:45 | 000,088,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System\ODBCCURS.DLL
[2010.12.04 18:04:45 | 000,086,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System\ODBCINST.DLL
[2010.12.04 18:04:45 | 000,021,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System\CTL3DV2.DLL
[2010.12.04 18:04:45 | 000,020,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System\CTL3D.DLL
[2010.12.04 18:04:43 | 000,202,400 | ---- | C] (INTERSOLV, Inc.) -- C:\Windows\System\LOFLT06.DLL
[2010.12.04 18:04:43 | 000,190,000 | ---- | C] (INTERSOLV, Inc.) -- C:\Windows\System\LODBF06.DLL
[2010.12.04 18:04:43 | 000,055,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System\ODBC.DLL
[2010.12.04 18:04:25 | 000,162,240 | ---- | C] (INTERSOLV, Inc.) -- C:\Windows\System\LOBAS06.DLL
[2010.12.04 18:04:25 | 000,148,592 | ---- | C] (INTERSOLV, Inc.) -- C:\Windows\System\LOUTL06.DLL
[2010.12.04 17:55:29 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2010.12.04 17:55:28 | 000,596,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2010.12.04 17:55:28 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010.12.04 17:55:28 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2010.12.04 17:55:27 | 000,719,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll
[2010.12.04 17:55:27 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2010.12.04 17:55:26 | 001,355,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2010.12.04 17:55:26 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2010.12.04 17:55:26 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2010.12.04 17:55:26 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2010.12.04 17:55:25 | 000,424,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll
[2010.12.04 17:55:25 | 000,109,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2010.12.04 17:55:25 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2010.12.04 17:55:25 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2010.12.04 17:55:24 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2010.12.04 17:55:23 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2010.12.04 17:55:23 | 000,166,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2010.12.04 17:55:23 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2010.12.04 17:55:23 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2010.12.04 17:55:23 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2010.12.04 17:55:23 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2010.12.04 17:55:22 | 003,695,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2010.12.04 17:55:22 | 000,460,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010.12.04 17:55:22 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2010.12.04 17:55:22 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2010.12.04 17:55:22 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2010.12.04 17:55:21 | 000,353,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2010.12.04 17:55:21 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2010.12.04 17:55:20 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2010.12.04 17:55:20 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2010.12.04 17:55:20 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2010.12.04 17:55:20 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2010.12.04 17:55:19 | 000,150,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2010.12.04 17:55:18 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010.12.04 17:55:18 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2010.12.04 17:55:17 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2010.12.04 17:53:55 | 003,181,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2010.12.04 17:53:55 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfreadwrite.dll
[2010.12.04 17:53:53 | 001,619,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVDECOD.DLL
[2010.12.04 17:52:01 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2010.12.04 17:51:59 | 001,172,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2010.12.04 17:51:59 | 000,804,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FntCache.dll
[2010.12.04 17:51:58 | 001,076,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2010.12.04 17:51:58 | 000,737,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2010.12.04 17:50:18 | 000,279,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2010.12.04 17:50:18 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll
[2010.12.04 17:48:00 | 001,495,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll
[2010.12.04 17:46:38 | 000,000,000 | ---D | C] -- C:\Programme\Feedback Tool
[2010.12.04 17:10:15 | 000,450,560 | ---- | C] (LogicNP Software (hxxp://www.ssware.com)) -- C:\Windows\System32\fldrvw90.ocx
[2010.12.04 17:10:15 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\AppData\Roaming\AllDup
[2010.12.04 17:10:13 | 001,000,992 | ---- | C] (Bennet-Tec Information Systems, Inc) -- C:\Windows\System32\TList8.ocx
[2010.12.04 17:10:11 | 002,344,880 | ---- | C] (Codejock Software) -- C:\Windows\System32\Codejock.CommandBars.v13.2.1.ocx
[2010.12.04 17:10:11 | 000,089,888 | ---- | C] (Michael Thummerer Software Design) -- C:\Windows\System32\mtFrame.ocx
[2010.12.04 17:10:11 | 000,044,736 | ---- | C] (Michael Thummerer Software Design) -- C:\Windows\System32\mtSubclass.dll
[2010.12.04 17:10:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2010.12.04 17:10:10 | 000,171,752 | ---- | C] (Michael Thummerer Software Design) -- C:\Windows\System32\mtRTF2.ocx
[2010.12.04 17:10:08 | 000,086,016 | ---- | C] (Michael Thummerer Software Design) -- C:\Windows\System32\mtSplitter.ocx
[2010.12.04 17:09:30 | 000,258,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drmclien.dll
[2010.12.04 17:07:36 | 000,391,168 | ---- | C] (Intel Corporation) -- C:\Windows\System32\i263_32.drv
[2010.12.04 17:07:36 | 000,143,872 | ---- | C] (Intel Corporation) -- C:\Windows\System32\iacenc.dll
[2010.12.04 17:07:36 | 000,027,648 | ---- | C] (Intel Corporation.) -- C:\Windows\System32\ir50_lcs.dll
[2010.12.04 17:06:57 | 000,305,152 | ---- | C] (InstallShield Software Corporation) -- C:\Windows\IsUninst.exe
[2010.12.04 17:04:26 | 000,038,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\LMRTREND.dll
[2010.12.04 17:04:24 | 000,140,800 | ---- | C] (The Duck Corporation) -- C:\Windows\System32\tm20dec.ax
[2010.12.04 17:04:20 | 000,182,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft3.dll
[2010.12.04 17:04:08 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\unam4ie.exe
[2010.12.04 17:03:36 | 001,088,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\danim.dll
[2010.12.04 17:03:36 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciqtz.drv
[2010.12.04 17:03:35 | 000,194,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qcut.dll
[2010.12.04 17:03:28 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\w95inf32.dll
[2010.12.04 17:03:28 | 000,002,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\w95inf16.dll
[2010.12.04 17:01:55 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\AppData\Roaming\Runscanner.net
[2010.12.04 17:01:48 | 001,581,056 | ---- | C] (Ligos Corporation) -- C:\Windows\System32\mplvw7.dll
[2010.12.04 17:01:47 | 001,122,304 | ---- | C] (Ligos Corporation) -- C:\Windows\System32\mplvpx.dll
[2010.12.04 17:01:46 | 001,552,384 | ---- | C] (Ligos Corporation) -- C:\Windows\System32\mplvm6.dll
[2010.12.04 17:01:45 | 001,650,688 | ---- | C] (Ligos Corporation) -- C:\Windows\System32\mplva6.dll
[2010.12.04 17:01:45 | 000,077,824 | ---- | C] (Ligos Corporation) -- C:\Windows\System32\mplaw7.dll
[2010.12.04 17:01:44 | 000,077,824 | ---- | C] (Ligos Corporation) -- C:\Windows\System32\mplaa6.dll
[2010.12.04 17:01:44 | 000,065,536 | ---- | C] (Ligos Corporation) -- C:\Windows\System32\mplapx.dll
[2010.12.04 17:01:44 | 000,065,536 | ---- | C] (Ligos Corporation) -- C:\Windows\System32\mplam6.dll
[2010.12.04 17:01:42 | 000,106,496 | ---- | C] (Ligos Corporation) -- C:\Windows\System32\lmpgspl.ax
[2010.12.04 17:01:42 | 000,094,208 | ---- | C] (Ligos Corporation) -- C:\Windows\System32\lmpgvd.ax
[2010.12.04 17:01:42 | 000,046,592 | ---- | C] (Ligos Corporation) -- C:\Windows\System32\lmpgad.ax
[2010.12.04 17:01:04 | 000,290,816 | ---- | C] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\Windows\System32\temp.001
[2010.12.04 17:01:02 | 000,024,576 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\TTIC32.dll
[2010.12.04 17:01:01 | 000,024,576 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\TTI32.dll
[2010.12.04 17:01:01 | 000,024,576 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\STRING32.dll
[2010.12.04 17:00:57 | 000,271,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\temp.000
[2010.12.04 17:00:56 | 000,057,344 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLTPO32.dll
[2010.12.04 17:00:55 | 000,155,648 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLRES32.dll
[2010.12.04 17:00:54 | 000,036,864 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLRD32.dll
[2010.12.04 17:00:52 | 000,061,440 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLPTL32.dll
[2010.12.04 17:00:49 | 000,053,248 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLPRJ32.dll
[2010.12.04 17:00:48 | 000,045,056 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLPRF32.dll
[2010.12.04 17:00:47 | 000,036,864 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLPNT32.dll
[2010.12.04 17:00:47 | 000,032,768 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLMSC32.dll
[2010.12.04 17:00:47 | 000,024,576 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLIX.dll
[2010.12.04 17:00:46 | 000,045,056 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLIO32.dll
[2010.12.04 17:00:46 | 000,028,672 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLISO32.dll
[2010.12.04 17:00:45 | 000,094,208 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLDRV32.dll
[2010.12.04 17:00:45 | 000,040,960 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLIMG32.dll
[2010.12.04 17:00:45 | 000,032,768 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLDIR32.dll
[2010.12.04 17:00:44 | 000,126,976 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLDEV32.dll
[2010.12.04 17:00:44 | 000,081,920 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLCPY32.dll
[2010.12.04 17:00:43 | 000,126,976 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLCDA32.dll
[2010.12.04 17:00:43 | 000,061,440 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLCDF32.dll
[2010.12.04 17:00:42 | 000,192,512 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLAV32.dll
[2010.12.04 17:00:42 | 000,039,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdrom.sys
[2010.12.04 16:31:53 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\AppData\Roaming\vlc
[2010.12.04 16:31:17 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\AppData\Roaming\DivX
[2010.12.04 16:29:54 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\AppData\Local\ashampoo
[2010.12.04 16:29:53 | 000,000,000 | ---D | C] -- C:\ProgramData\ashampoo
[2010.12.04 16:29:04 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\PX Storage Engine
[2010.12.04 16:23:36 | 000,272,896 | ---- | C] (Progressive Networks) -- C:\Windows\System32\pncrt.dll
[2010.12.04 16:22:22 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\DivX Shared
[2010.12.04 16:21:01 | 000,000,000 | ---D | C] -- C:\Programme\DivX
[2010.12.04 16:19:20 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX
[2010.12.04 16:14:36 | 000,059,664 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\TfSysMon.sys
[2010.12.04 16:14:35 | 000,033,552 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\TfNetMon.sys
[2010.12.04 16:14:32 | 000,051,984 | ---- | C] (PC Tools) -- C:\Windows\System32\drivers\TfFsMon.sys
[2010.12.04 16:14:22 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2010.12.04 16:12:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010.12.04 16:12:49 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Java
[2010.12.04 16:11:32 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2010.12.04 16:11:32 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2010.12.04 16:11:32 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2010.12.04 16:11:32 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2010.12.04 16:05:24 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RCHTXDE.DLL
[2010.12.04 16:05:18 | 000,125,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VB6DE.DLL
[2010.12.04 16:05:13 | 000,090,112 | ---- | C] (AvroSoft) -- C:\Windows\System32\asTrayIcon.dll
[2010.12.04 16:05:12 | 000,115,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSINET.OCX
[2010.12.04 16:05:01 | 001,081,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSCOMCTL.OCX
[2010.12.04 16:05:00 | 000,158,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSCMCDE.DLL
[2010.12.04 16:04:59 | 000,152,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\COMDLG32.OCX
[2010.12.04 16:04:57 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CMDLGDE.DLL
[2010.12.04 16:04:32 | 000,151,552 | ---- | C] (MAGIX AG) -- C:\Windows\System32\mgxoschk.dll
[2010.12.04 15:59:24 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\AppData\Roaming\LOADSTREET
[2010.12.04 15:57:34 | 000,000,000 | ---D | C] -- C:\ProgramData\eXPert PDF 4
[2010.12.04 15:53:23 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2010.12.04 15:52:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.12.04 15:37:59 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\AppData\Roaming\Copernic
[2010.12.04 15:37:45 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Copernic
[2010.12.04 15:34:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Win7codecs
[2010.12.04 15:31:42 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\AppData\Roaming\Uniblue
[2010.12.04 15:29:17 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\AppData\Roaming\Macromedia
[2010.12.04 15:29:16 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\AppData\Roaming\Adobe
[2010.12.04 15:28:35 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\AppData\Local\Google
[2010.12.04 15:27:31 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\AppData\Roaming\translateclient
[2010.12.04 15:13:20 | 000,000,000 | -H-D | C] -- C:\Programme\InstallShield Installation Information
[2010.12.04 15:10:51 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\InstallShield
[2010.12.04 15:07:39 | 000,000,000 | ---D | C] -- C:\IExp1.tmp
[2010.12.04 15:07:33 | 000,000,000 | ---D | C] -- C:\Windows\RegisteredPackages
[2010.12.04 15:07:33 | 000,000,000 | ---D | C] -- C:\IExp0.tmp
[2010.12.04 15:07:29 | 000,000,000 | ---D | C] -- C:\Programme\Windows Media Components
[2010.12.04 15:03:33 | 000,000,000 | ---D | C] -- C:\ProgramData\eXPert PDF Jobs
[2010.12.04 15:03:33 | 000,000,000 | ---D | C] -- C:\ProgramData\eXPert PDF
[2010.12.04 15:00:04 | 000,000,000 | -H-D | C] -- C:\ProgramData\AVP9
[2010.12.04 14:59:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2010.12.04 14:59:14 | 000,311,312 | ---- | C] (Kaspersky Lab) -- C:\Windows\System32\drivers\klif.sys
[2010.12.04 14:50:48 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\AppData\Roaming\Mozilla
[2010.12.04 14:50:47 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\AppData\Roaming\Thunderbird
[2010.12.04 14:50:47 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\AppData\Local\Thunderbird
[2010.12.04 14:46:16 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\AppData\Roaming\DualCoreTuner
[2010.12.04 14:45:52 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed
[2010.12.04 14:42:27 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\AppData\Roaming\AntiBrowserSpy 2009
[2010.12.04 14:42:23 | 000,222,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe
[2010.12.04 14:41:54 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\AppData\Local\Abelssoft
[2010.12.04 14:40:00 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\AppData\Roaming\TeraCopy
[2010.12.04 14:38:21 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\AppData\Roaming\ProcessLasso
[2010.12.04 14:31:13 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2010.12.04 14:30:37 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\AppData\Roaming\WinRAR
[2010.12.04 14:27:47 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\AppData\Roaming\Opera
[2010.12.04 14:27:47 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\AppData\Local\Opera
[2010.12.04 14:27:46 | 000,000,000 | ---D | C] -- C:\Programme\Opera 11.00 beta
[2010.12.04 14:19:24 | 000,000,000 | R--D | C] -- C:\Users\Uwe Plesotzky\Searches
[2010.12.04 14:19:15 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\AppData\Roaming\Identities
[2010.12.04 14:19:14 | 000,000,000 | R--D | C] -- C:\Users\Uwe Plesotzky\Contacts
[2010.12.04 14:19:09 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\AppData\Local\VirtualStore
[2010.12.04 14:19:08 | 000,000,000 | --SD | C] -- C:\Users\Uwe Plesotzky\AppData\Roaming\Microsoft
[2010.12.04 14:19:08 | 000,000,000 | R--D | C] -- C:\Users\Uwe Plesotzky\Videos
[2010.12.04 14:19:08 | 000,000,000 | R--D | C] -- C:\Users\Uwe Plesotzky\Saved Games
[2010.12.04 14:19:08 | 000,000,000 | R--D | C] -- C:\Users\Uwe Plesotzky\Links
[2010.12.04 14:19:08 | 000,000,000 | R--D | C] -- C:\Users\Uwe Plesotzky\Favorites
[2010.12.04 14:19:08 | 000,000,000 | R--D | C] -- C:\Users\Uwe Plesotzky\Downloads
[2010.12.04 14:19:08 | 000,000,000 | R--D | C] -- C:\Users\Uwe Plesotzky\Desktop
[2010.12.04 14:19:08 | 000,000,000 | -HSD | C] -- C:\Users\Uwe Plesotzky\Vorlagen
[2010.12.04 14:19:08 | 000,000,000 | -HSD | C] -- C:\Users\Uwe Plesotzky\AppData\Local\Verlauf
[2010.12.04 14:19:08 | 000,000,000 | -HSD | C] -- C:\Users\Uwe Plesotzky\AppData\Local\Temporary Internet Files
[2010.12.04 14:19:08 | 000,000,000 | -HSD | C] -- C:\Users\Uwe Plesotzky\Startmenü
[2010.12.04 14:19:08 | 000,000,000 | -HSD | C] -- C:\Users\Uwe Plesotzky\SendTo
[2010.12.04 14:19:08 | 000,000,000 | -HSD | C] -- C:\Users\Uwe Plesotzky\Recent
[2010.12.04 14:19:08 | 000,000,000 | -HSD | C] -- C:\Users\Uwe Plesotzky\Netzwerkumgebung
[2010.12.04 14:19:08 | 000,000,000 | -HSD | C] -- C:\Users\Uwe Plesotzky\Lokale Einstellungen
[2010.12.04 14:19:08 | 000,000,000 | -HSD | C] -- C:\Users\Uwe Plesotzky\Eigene Dateien
[2010.12.04 14:19:08 | 000,000,000 | -HSD | C] -- C:\Users\Uwe Plesotzky\Druckumgebung
[2010.12.04 14:19:08 | 000,000,000 | -HSD | C] -- C:\Users\Uwe Plesotzky\Cookies
[2010.12.04 14:19:08 | 000,000,000 | -HSD | C] -- C:\Users\Uwe Plesotzky\AppData\Local\Anwendungsdaten
[2010.12.04 14:19:08 | 000,000,000 | -HSD | C] -- C:\Users\Uwe Plesotzky\Anwendungsdaten
[2010.12.04 14:19:08 | 000,000,000 | -H-D | C] -- C:\Users\Uwe Plesotzky\AppData
[2010.12.04 14:19:08 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\AppData\Local\Temp
[2010.12.04 14:19:08 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\AppData\Local\Microsoft
[2010.12.04 14:19:08 | 000,000,000 | ---D | C] -- C:\Users\Uwe Plesotzky\AppData\Roaming\Media Center Programs
[2010.12.04 14:18:54 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen
[2010.12.04 14:18:54 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü
[2010.12.04 14:18:54 | 000,000,000 | -HSD | C] -- C:\Recovery
[2010.12.04 14:18:54 | 000,000,000 | -HSD | C] -- C:\Programme
[2010.12.04 14:18:54 | 000,000,000 | -HSD | C] -- C:\Programme\Gemeinsame Dateien
[2010.12.04 14:18:54 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten
[2010.12.04 14:18:54 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos
[2010.12.04 14:18:54 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik
[2010.12.04 14:18:54 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder
[2010.12.04 14:18:54 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen
[2010.12.04 14:18:54 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente
[2010.12.04 14:18:54 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten
[2010.12.04 14:13:54 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2010.12.04 14:11:28 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2010.12.04 14:11:14 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2010.12.04 14:10:35 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2010.12.04 14:10:22 | 000,000,000 | -HSD | C] -- C:\Boot
[2010.12.01 16:43:13 | 000,000,000 | ---D | C] -- F:\Fernsehen aufnehmen
[2010.12.01 16:18:11 | 000,000,000 | ---D | C] -- F:\StreamTransport
[2010.11.26 06:02:06 | 000,000,000 | ---D | C] -- F:\Transmiti
[2010.11.11 14:42:27 | 000,000,000 | ---D | C] -- F:\South Park
[2010.11.10 02:28:46 | 000,301,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\WLXPGSS.SCR
[2 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2010.12.07 15:41:30 | 000,014,608 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.12.07 15:41:30 | 000,014,608 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.12.07 15:38:24 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Uwe Plesotzky\Desktop\OTL.exe
[2010.12.07 15:35:03 | 000,001,150 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-834500898-1450233178-3407113301-1001UA.job
[2010.12.07 15:33:31 | 000,000,842 | ---- | M] () -- C:\Users\Uwe Plesotzky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Browser-Anonymisierer.lnk
[2010.12.07 15:32:55 | 000,000,330 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job
[2010.12.07 15:32:36 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.12.07 15:32:29 | 1408,737,280 | -HS- | M] () -- C:\hiberfil.sys
[2010.12.07 15:30:15 | 000,002,245 | ---- | M] () -- C:\Users\Uwe Plesotzky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PNotes.lnk
[2010.12.07 15:09:43 | 000,426,732 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2010.12.06 17:34:15 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-834500898-1450233178-3407113301-1001Core.job
[2010.12.06 11:39:09 | 000,357,216 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.12.06 11:35:46 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01009.Wdf
[2010.12.05 12:10:42 | 000,653,928 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010.12.05 12:10:42 | 000,615,810 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.12.05 12:10:42 | 000,129,800 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010.12.05 12:10:42 | 000,106,190 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.12.05 09:33:13 | 000,007,229 | ---- | M] () -- C:\Users\Uwe Plesotzky\AppData\Roaming\unins000.dat
[2010.12.05 09:32:45 | 000,712,710 | ---- | M] () -- C:\Users\Uwe Plesotzky\AppData\Roaming\unins000.exe
[2010.12.05 08:30:59 | 000,722,416 | ---- | M] () -- C:\Windows\System32\drivers\sptd.sys
[2010.12.05 07:38:22 | 000,009,728 | ---- | M] () -- C:\Windows\System32\BASSMOD.dll
[2010.12.05 07:32:35 | 000,000,040 | -HS- | M] () -- C:\ProgramData\.zreglib
[2010.12.05 07:09:16 | 000,000,197 | ---- | M] () -- C:\Windows\magix.ini
[2010.12.04 20:30:54 | 000,000,895 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.20101205-172127.backup
[2010.12.04 20:18:06 | 000,017,490 | ---- | M] () -- C:\Windows\System32\drivers\etc\services
[2010.12.04 20:18:05 | 000,000,094 | ---- | M] () -- C:\Users\Uwe Plesotzky\AppData\Roaming\sversion.ini
[2010.12.04 20:15:39 | 000,069,632 | ---- | M] () -- C:\Windows\uinst001.exe
[2010.12.04 20:13:29 | 000,000,791 | ---- | M] () -- C:\Users\Uwe Plesotzky\Uwe - Verknüpfung.lnk
[2010.12.04 20:00:04 | 000,000,100 | ---- | M] () -- C:\index.ini
[2010.12.04 18:04:57 | 000,001,104 | ---- | M] () -- C:\Windows\ODBCINST.INI
[2010.12.04 18:04:54 | 000,000,306 | ---- | M] () -- C:\Windows\lotus.ini
[2010.12.04 18:04:51 | 000,004,477 | ---- | M] () -- C:\Windows\ORG2.INI
[2010.12.04 18:04:51 | 000,000,087 | ---- | M] () -- C:\Windows\winhelp.ini
[2010.12.04 17:25:48 | 000,000,000 | ---- | M] () -- C:\Windows\homeDVD-Filme2.INI
[2010.12.04 17:07:42 | 000,005,767 | ---- | M] () -- C:\Windows\System32\CDUninst.isu
[2010.12.04 17:03:26 | 000,002,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\w95inf16.dll
[2010.12.04 17:03:25 | 000,004,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\w95inf32.dll
[2010.12.04 16:10:59 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2010.12.04 16:10:59 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2010.12.04 16:10:59 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2010.12.04 16:10:59 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2010.12.04 16:05:37 | 000,000,790 | ---- | M] () -- C:\Users\Uwe Plesotzky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Extended Clipboard.lnk
[2010.12.04 15:39:50 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2010.12.04 15:39:50 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2010.12.04 15:28:15 | 000,115,465 | ---- | M] () -- C:\Windows\System32\drivers\klin.dat
[2010.12.04 15:28:14 | 000,097,545 | ---- | M] () -- C:\Windows\System32\drivers\klick.dat
[2010.12.04 15:27:31 | 000,003,298 | ---- | M] () -- C:\Windows\System32\StyleVista.png
[2010.12.04 15:27:31 | 000,003,137 | ---- | M] () -- C:\Windows\System32\StyleVistaDown.png
[2010.12.04 15:26:42 | 000,000,927 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Translate Client.lnk
[2010.12.04 15:16:47 | 000,001,179 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Ashampoo Magical Defrag.lnk
[2010.12.04 14:59:14 | 000,311,312 | ---- | M] (Kaspersky Lab) -- C:\Windows\System32\drivers\klif.sys
[2010.12.04 14:14:51 | 000,052,953 | ---- | M] () -- C:\Windows\System32\license.rtf
[2010.12.04 14:13:01 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010.12.04 14:10:23 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
[2010.12.04 10:45:35 | 000,000,797 | ---- | M] () -- F:\VideoCacheView.cfg
[2010.12.03 15:44:28 | 000,031,708 | ---- | M] () -- C:\Users\Uwe Plesotzky\Desktop\Das verlorene Kompliment.pdf
[2010.12.02 15:31:44 | 000,301,491 | ---- | M] () -- C:\Users\Uwe Plesotzky\Desktop\Sparsamkeit für ein besseres Leben.pdf
[2010.11.30 17:06:02 | 003,317,800 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\System32\drivers\RTKVHDA.sys
[2010.11.29 17:42:18 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2010.11.29 17:42:06 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2010.11.24 14:24:40 | 003,790,440 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkAPO.dll
[2010.11.24 14:24:40 | 001,976,936 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkPgExt.dll
[2010.11.22 11:39:10 | 000,469,608 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkApoApi.dll
[2010.11.11 13:27:00 | 000,069,224 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkCoInst.dll
[2010.11.10 02:28:46 | 000,301,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\WLXPGSS.SCR
[2010.11.08 07:31:30 | 000,359,768 | ---- | M] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEP32A.dll
[2010.11.08 07:31:30 | 000,078,680 | ---- | M] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEL32A.dll
[2010.11.08 07:31:28 | 000,295,768 | ---- | M] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DHT32.dll
[2010.11.08 07:31:28 | 000,295,768 | ---- | M] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DAA32.dll
[2010.11.08 07:31:28 | 000,170,840 | ---- | M] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEED32A.dll
[2010.11.08 07:31:28 | 000,064,856 | ---- | M] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEG32A.dll
[2 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2010.12.07 15:30:15 | 000,002,245 | ---- | C] () -- C:\Users\Uwe Plesotzky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PNotes.lnk
[2010.12.06 18:29:57 | 000,301,491 | ---- | C] () -- C:\Users\Uwe Plesotzky\Desktop\Sparsamkeit für ein besseres Leben.pdf
[2010.12.06 18:29:43 | 000,031,708 | ---- | C] () -- C:\Users\Uwe Plesotzky\Desktop\Das verlorene Kompliment.pdf
[2010.12.06 11:35:46 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01009.Wdf
[2010.12.05 12:27:08 | 000,011,164 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin
[2010.12.05 10:03:10 | 000,554,496 | ---- | C] () -- C:\Windows\System32\dvmsg.dll
[2010.12.05 09:33:12 | 000,559,104 | ---- | C] () -- C:\Windows\System32\lame.exe
[2010.12.05 09:33:11 | 000,712,710 | ---- | C] () -- C:\Users\Uwe Plesotzky\AppData\Roaming\unins000.exe
[2010.12.05 09:33:11 | 000,007,229 | ---- | C] () -- C:\Users\Uwe Plesotzky\AppData\Roaming\unins000.dat
[2010.12.05 08:30:59 | 000,722,416 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2010.12.05 08:28:13 | 000,110,080 | ---- | C] () -- C:\Windows\System32\advd.dll
[2010.12.05 08:28:13 | 000,023,040 | ---- | C] () -- C:\Windows\System32\auth.dll
[2010.12.05 08:28:10 | 000,237,568 | ---- | C] () -- C:\Windows\System32\lame_enc.dll
[2010.12.05 07:38:22 | 000,009,728 | ---- | C] () -- C:\Windows\System32\BASSMOD.dll
[2010.12.04 20:14:06 | 000,000,094 | ---- | C] () -- C:\Users\Uwe Plesotzky\AppData\Roaming\sversion.ini
[2010.12.04 20:13:29 | 000,000,791 | ---- | C] () -- C:\Users\Uwe Plesotzky\Uwe - Verknüpfung.lnk
[2010.12.04 20:03:19 | 000,069,632 | ---- | C] () -- C:\Windows\uinst001.exe
[2010.12.04 20:00:04 | 000,000,100 | ---- | C] () -- C:\index.ini
[2010.12.04 19:35:39 | 000,000,040 | -HS- | C] () -- C:\ProgramData\.zreglib
[2010.12.04 18:04:51 | 000,001,104 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2010.12.04 18:04:51 | 000,000,306 | ---- | C] () -- C:\Windows\lotus.ini
[2010.12.04 18:04:51 | 000,000,087 | ---- | C] () -- C:\Windows\winhelp.ini
[2010.12.04 18:04:50 | 000,004,477 | ---- | C] () -- C:\Windows\ORG2.INI
[2010.12.04 18:04:49 | 000,000,628 | ---- | C] () -- C:\Windows\ODBC.INI
[2010.12.04 18:04:46 | 000,000,695 | ---- | C] () -- C:\Windows\System\QELO.LIC
[2010.12.04 18:04:43 | 000,146,544 | ---- | C] () -- C:\Windows\System\NWCALLS.DLL
[2010.12.04 18:04:43 | 000,006,496 | ---- | C] () -- C:\Windows\System\ODBCADM.EXE
[2010.12.04 17:55:20 | 000,072,533 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2010.12.04 17:29:01 | 000,001,150 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-834500898-1450233178-3407113301-1001UA.job
[2010.12.04 17:29:00 | 000,001,098 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-834500898-1450233178-3407113301-1001Core.job
[2010.12.04 17:25:48 | 000,000,000 | ---- | C] () -- C:\Windows\homeDVD-Filme2.INI
[2010.12.04 17:08:12 | 000,000,330 | ---- | C] () -- C:\Windows\tasks\GlaryInitialize.job
[2010.12.04 17:07:36 | 000,056,832 | ---- | C] () -- C:\Windows\System32\Iyvu9_32.dll
[2010.12.04 17:07:18 | 000,005,767 | ---- | C] () -- C:\Windows\System32\CDUninst.isu
[2010.12.04 17:03:37 | 000,010,240 | ---- | C] () -- C:\Windows\System32\vidx16.dll
[2010.12.04 17:03:37 | 000,005,672 | ---- | C] () -- C:\Windows\System32\quartz.vxd
[2010.12.04 17:01:40 | 000,019,968 | ---- | C] () -- C:\Windows\System32\cpuinf32.dll
[2010.12.04 16:05:37 | 000,000,790 | ---- | C] () -- C:\Users\Uwe Plesotzky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Extended Clipboard.lnk
[2010.12.04 16:05:13 | 000,000,197 | ---- | C] () -- C:\Windows\magix.ini
[2010.12.04 16:04:42 | 000,000,747 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2010.12.04 15:39:50 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2010.12.04 15:39:50 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2010.12.04 15:37:23 | 000,110,110 | ---- | C] () -- C:\Windows\CopernicAgentUninstall.exe
[2010.12.04 15:27:31 | 000,003,298 | ---- | C] () -- C:\Windows\System32\StyleVista.png
[2010.12.04 15:27:31 | 000,003,137 | ---- | C] () -- C:\Windows\System32\StyleVistaDown.png
[2010.12.04 15:26:42 | 000,000,927 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Translate Client.lnk
[2010.12.04 15:16:47 | 000,001,179 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Ashampoo Magical Defrag.lnk
[2010.12.04 15:03:39 | 000,014,336 | ---- | C] () -- C:\Windows\System32\vsmon1.dll
[2010.12.04 15:00:00 | 000,115,465 | ---- | C] () -- C:\Windows\System32\drivers\klin.dat
[2010.12.04 15:00:00 | 000,097,545 | ---- | C] () -- C:\Windows\System32\drivers\klick.dat
[2010.12.04 14:24:43 | 000,000,842 | ---- | C] () -- C:\Users\Uwe Plesotzky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Browser-Anonymisierer.lnk
[2010.12.04 14:13:01 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2010.12.04 14:11:14 | 1408,737,280 | -HS- | C] () -- C:\hiberfil.sys
[2010.12.04 14:10:23 | 000,008,192 | RHS- | C] () -- C:\BOOTSECT.BAK
[2010.12.04 14:10:22 | 000,383,562 | RHS- | C] () -- C:\bootmgr
[2010.07.15 07:46:56 | 000,286,720 | ---- | C] () -- C:\Windows\System32\EMRegSys.dll
[2009.07.14 00:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009.06.07 12:27:20 | 000,073,728 | ---- | C] () -- C:\Windows\System32\vbzlib1.dll
[2006.05.16 10:04:00 | 000,891,776 | ---- | C] () -- C:\Windows\System32\drivers\AVHybrid.sys
[2006.01.08 14:53:24 | 000,005,120 | ---- | C] () -- C:\Windows\System32\hash2.dll
[2005.12.06 10:45:44 | 000,003,072 | ---- | C] () -- C:\Windows\System32\34CoInstaller.dll

< End of report >
         
--- --- ---

OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 07.12.2010 15:40:16 - Run 1
OTL by OldTimer - Version 3.2.17.3     Folder = C:\Users\Name\Desktop
 Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.7930.16406)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 46,00% Memory free
7,00 Gb Paging File | 6,00 Gb Available in Paging File | 83,00% Paging File free
Paging file location(s): [Binary data over 100 bytes]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 53,71 Gb Total Space | 37,20 Gb Free Space | 69,26% Space Free | Partition Type: NTFS
Drive D: | 153,38 Gb Total Space | 26,47 Gb Free Space | 17,26% Space Free | Partition Type: NTFS
Drive E: | 214,84 Gb Total Space | 97,36 Gb Free Space | 45,32% Space Free | Partition Type: NTFS
Drive F: | 197,19 Gb Total Space | 88,92 Gb Free Space | 45,09% Space Free | Partition Type: NTFS
Drive H: | 3,83 Gb Total Space | 0,01 Gb Free Space | 0,14% Space Free | Partition Type: exFAT
 
Computer Name: Name | User Name: Name | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "e:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "e:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Unstopcp] -- "e:\Program Files\Roadkil.Net\UnstopCpy_5_2_Win2K_UP.exe" "%1" * (Roadkil.Net)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1
"" = 
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"e:\Program Files\Orbitdownloader\orbitdm.exe" = e:\Program Files\Orbitdownloader\orbitdm.exe:*:Enabled:Orbit -- (Orbitdownloader.com)
"e:\Program Files\Orbitdownloader\orbitnet.exe" = e:\Program Files\Orbitdownloader\orbitnet.exe:*:Enabled:Orbit -- (Orbitdownloader.com)
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{02602409-9189-4567-BC07-562605243B69}" = Windows Live Remote Client Resources
"{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}" = Messenger Companion
"{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = Bing Bar
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0FD60254-35B7-4915-862B-26847C9FE8DE}" = Tunebite
"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up
"{18AE8ACB-0419-45F6-9CF6-155E128A4BCE}_is1" = GD WinTools.net 8.1 Ultimate
"{19A4A990-5343-4FF7-B3B5-6F046C091EDF}" = Windows Live Remote Client
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}" = Windows Live Remote Service
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 22
"{2B4E24A0-A06F-488D-87D8-16738E5E1104}" = Windows Live Family Safety
"{30283233-3BE6-473D-A47C-ED964A2F78B4}_is1" = Inpaint 2.4.1
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3A65A74A-5B6E-451A-92D8-50F1182BBE9A}" = Windows Live Remote Service Resources
"{3B5FEE89-AB5A-4EA9-A3AB-40216ADE225B}" = MovieJack DVD 2
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{4281435C-AD1D-4C8A-B9C0-3961C08EF142}_is1" = GoogleClean
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{53480390-0EC4-429E-BBEE-78E19EEB03BD}" = O&O CleverCache
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{61AD15B2-50DB-4686-A739-14FE180D4429}" = Windows Live ID Sign-in Assistant
"{65C0025A-2CDE-43C5-82D0-C7A56EF0DB39}" = Bing Bar Platform
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6DB7AD00-F781-11DF-9EEF-001279CD8240}" = Google Earth
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7E1807A9-AA8B-4541-9D22-ADB579051031}" = Steganos Privacy Suite 11
"{82FEA187-116E-4CDA-A333-AB6ED22380C7}_is1" = Audio 180% 7
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90024193-9F13-4877-89D5-A1CDF0CBBF28}" = Feedback Tool
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{937C2799-B8DD-4519-96B2-4E2E84EF5B1E}" = Mein Foto-Puzzle
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{97A4D873-47B9-454A-A567-8AFF41C07155}" = Ontrack EasyRecovery DataRecovery
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9D8B0949-7C47-476F-9F06-F900D3B078EA}" = Kaspersky Security Suite CBE 10
"{A00F8237-F496-44D2-0001-E3CCF8CD58AE}" = Photomizer
"{A306FD29-7D3A-4287-91AC-9A0180931395}_is1" = Roadkil's Unstoppable Copier Version 5.2
"{A6E92CAB-9E63-46DC-8ABF-0CAFF7B7CD02}" = eXPert PDF 4
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{AF844339-2F8A-4593-81B3-9F4C54038C4E}" = Windows Live MIME IFilter
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{BBDE3689-D702-446B-995B-E5A4B7BF0795}" = VMLite Workstation
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}" = Microsoft Search Enhancement Pack
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D4CFC5F3-481C-40AA-9944-E7E4E732136C}" = Microsoft IntelliType Pro 8.0
"{DC527206-6118-45BB-AD28-D6854C509CD5}_is1" = Fälscherwerkstatt 4 1.0
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E55B3271-7CA8-4D0C-AE06-69A24856E996}_is1" = Uniblue SpeedUpMyPC
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F53D678E-238F-4A71-9742-08BB6774E9DC}" = Windows Live Family Safety
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F78B5B4F-075A-4C81-AA27-E707861EB5B7}_is1" = AntiBrowserSpy
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FA0BBB87-91A1-4BFD-9005-EB058BBA0E14}_is1" = StreamTransport version: 1.0.2.2171
"3554AA4B-9B0B-451a-A269-2B5F53982209_is1" = ThreatFire
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"AllDup_is1" = AllDup 3.2.14
"Ashampoo Burning Studio 2010 Advanced_is1" = Ashampoo Burning Studio 2010 Advanced
"Ashampoo Magical Defrag" = Ashampoo Magical Defrag
"Ashampoo Photo Commander 7_is1" = Ashampoo Photo Commander 7.60
"Ashampoo Slideshow Studio 2010_is1" = Ashampoo Slideshow Studio 2010
"Ashampoo Snap 3_is1" = Ashampoo Snap 3.40
"aTube Catcher" = aTube Catcher
"Browser-Anonymisierer_is1" = Browser-Anonymisierer 1.0
"CCleaner" = CCleaner
"Celtx (2.7)" = Celtx (2.7)
"Chilirec_0" = Chilirec 1.01
"Cleanse Uninstaller PC-Welt version " = Cleanse Uninstaller PC-Welt version  
"CodInstl" = Intel A/V Codecs V2.0
"Copernic Agent Basic" = Copernic Agent Basic
"DivX Setup.divx.com" = DivX-Setup
"Extended Clipboard_is1" = Extended Clipboard v. Extended Clipboard v. 1.4.24
"FMCODEC" = FM Screen Capture Codec (Remove Only)
"FormatFactory" = FormatFactory 2.50
"FreeCommander_is1" = FreeCommander 2009.02b
"Glary Utilities_is1" = Glary Utilities 2.30.0.1066
"Guardian Of Data_is1" = Guardian Of Data v2.1
"HotspotShield" = Hotspot Shield 1.52
"InstallShield_{97A4D873-47B9-454A-A567-8AFF41C07155}" = Ontrack EasyRecovery DataRecovery
"InstallWIX_{9D8B0949-7C47-476F-9F06-F900D3B078EA}" = Kaspersky Security Suite CBE 10
"KeyTweak" = KeyTweak - Keyboard Remapper (remove only)
"MAGIX Filme auf CD & DVD 2.0" = MAGIX Filme auf CD & DVD 2.0
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft Picture It!" = Microsoft Picture It! 99
"Mind Visualizer Deutsche Version_is1" = Mind Visualizer Deutsche Version
"Miro" = Miro
"MP3DirectCut" = MP3DirectCut 2.12
"Notepad++" = Notepad++
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"Opera 11.00.1111" = Opera 11.00 beta build 1111
"Orbit_is1" = Orbit Downloader
"Perfect Tools für Vista_is1" = Perfect Tools für Vista 1.00
"Personal Backup 5_is1" = Personal Backup 5.0
"ProcessLasso" = Process Lasso
"S.A.D. - DualCore Tuner_is1" = S.A.D. - DualCore Tuner
"Sandboxie" = Sandboxie 3.48
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TeraCopy_is1" = TeraCopy 2.12
"Translate Client" = Client for Google Translate
"Treiber-Studio" = Treiber-Studio 6.1.7.101 
"Unlocker" = Unlocker 1.9.0
"VLC media player" = VLC media player 1.1.5
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"WinGimp-2.0_is1" = GIMP 2.6.11
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"winspeedup3_is1" = WinSpeedUp 3.1
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"StarOffice 7" = StarOffice 7
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 05.12.2010 22:20:45 | Computer Name = Name | Source = Application Hang | ID = 1002
Description = Programm Explorer.EXE, Version 6.1.7600.16450 kann nicht mehr unter
 Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf 
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
 zu suchen.    Prozess-ID: 6f8    Startzeit: 01cb94eab5328a3c    Endzeit: 7715    Anwendungspfad:
 C:\Windows\Explorer.EXE    Berichts-ID: 65c5cd83-00df-11e0-9f8e-001966973347  
 
Error - 06.12.2010 01:51:14 | Computer Name = Name | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: openvpnas.exe, Version: 0.0.0.0, 
Zeitstempel: 0x4c9a9025  Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, 
Zeitstempel: 0x00000000  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00000000  ID des fehlerhaften
 Prozesses: 0xa98  Startzeit der fehlerhaften Anwendung: 0x01cb9509665b300c  Pfad der
 fehlerhaften Anwendung: e:\Program Files\Hotspot Shield\bin\openvpnas.exe  Pfad des
 fehlerhaften Moduls: unknown  Berichtskennung: d53c4815-00fc-11e0-884e-001966973347
 
Error - 06.12.2010 05:57:32 | Computer Name = Name | Source = VSS | ID = 8194
Description = 
 
Error - 06.12.2010 06:41:09 | Computer Name = Name | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: openvpnas.exe, Version: 0.0.0.0, 
Zeitstempel: 0x4c9a9025  Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, 
Zeitstempel: 0x00000000  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00000000  ID des fehlerhaften
 Prozesses: 0x924  Startzeit der fehlerhaften Anwendung: 0x01cb9531e24cd1d4  Pfad der
 fehlerhaften Anwendung: e:\Program Files\Hotspot Shield\bin\openvpnas.exe  Pfad des
 fehlerhaften Moduls: unknown  Berichtskennung: 5570adb4-0125-11e0-944d-001966973347
 
Error - 06.12.2010 15:11:51 | Computer Name = Name | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: opera.exe, Version: 11.0.1111.0, 
Zeitstempel: 0x4cea5059  Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, 
Zeitstempel: 0x00000000  Ausnahmecode: 0xc0000005  Fehleroffset: 0x5c135aa6  ID des fehlerhaften
 Prozesses: 0x151c  Startzeit der fehlerhaften Anwendung: 0x01cb9575fb35226c  Pfad der
 fehlerhaften Anwendung: C:\Program Files\Opera 11.00 beta\opera.exe  Pfad des fehlerhaften
 Moduls: unknown  Berichtskennung: ae0e523d-016c-11e0-944d-001966973347
 
Error - 06.12.2010 22:11:10 | Computer Name = Name | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: openvpnas.exe, Version: 0.0.0.0, 
Zeitstempel: 0x4c9a9025  Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, 
Zeitstempel: 0x00000000  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00000000  ID des fehlerhaften
 Prozesses: 0x9dc  Startzeit der fehlerhaften Anwendung: 0x01cb95b3ce9ac448  Pfad der
 fehlerhaften Anwendung: e:\Program Files\Hotspot Shield\bin\openvpnas.exe  Pfad des
 fehlerhaften Moduls: unknown  Berichtskennung: 41bbf183-01a7-11e0-a4c0-001966973347
 
Error - 07.12.2010 05:45:21 | Computer Name = Name | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: openvpnas.exe, Version: 0.0.0.0, 
Zeitstempel: 0x4c9a9025  Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, 
Zeitstempel: 0x00000000  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00000000  ID des fehlerhaften
 Prozesses: 0xae4  Startzeit der fehlerhaften Anwendung: 0x01cb95f33ec8ba88  Pfad der
 fehlerhaften Anwendung: e:\Program Files\Hotspot Shield\bin\openvpnas.exe  Pfad des
 fehlerhaften Moduls: unknown  Berichtskennung: b4697692-01e6-11e0-bf54-001966973347
 
Error - 07.12.2010 08:21:52 | Computer Name = Name | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: wlcomm.exe, Version: 15.4.3508.1109,
 Zeitstempel: 0x4cda5f30  Name des fehlerhaften Moduls: LiveNatTrav.dll_unloaded, 
Version: 0.0.0.0, Zeitstempel: 0x4cda709b  Ausnahmecode: 0xc0000005  Fehleroffset: 0x63cd645b
ID
 des fehlerhaften Prozesses: 0x17a8  Startzeit der fehlerhaften Anwendung: 0x01cb96073135c648
Pfad
 der fehlerhaften Anwendung: C:\Program Files\Windows Live\Contacts\wlcomm.exe  Pfad
 des fehlerhaften Moduls: LiveNatTrav.dll  Berichtskennung: 92572b4c-01fc-11e0-accd-001966973347
 
Error - 07.12.2010 08:37:08 | Computer Name = Name | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: openvpnas.exe, Version: 0.0.0.0, 
Zeitstempel: 0x4c9a9025  Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, 
Zeitstempel: 0x00000000  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00000000  ID des fehlerhaften
 Prozesses: 0x9c4  Startzeit der fehlerhaften Anwendung: 0x01cb960b407d171c  Pfad der
 fehlerhaften Anwendung: e:\Program Files\Hotspot Shield\bin\openvpnas.exe  Pfad des
 fehlerhaften Moduls: unknown  Berichtskennung: b42b3b60-01fe-11e0-926a-001966973347
 
Error - 07.12.2010 10:06:59 | Computer Name = Name | Source = Application Hang | ID = 1002
Description = Programm SpybotSD.exe, Version 1.6.2.46 kann nicht mehr unter Windows
 ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: 82c    Startzeit: 
01cb96132c4a8156    Endzeit: 218    Anwendungspfad: E:\Program Files\Spybot - Search & Destroy\SpybotSD.exe

Berichts-ID:
 3f657f0a-020b-11e0-9872-001966973347  
 
[ System Events ]
Error - 07.12.2010 08:36:34 | Computer Name = Name | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.
 
Error - 07.12.2010 08:37:13 | Computer Name = Name | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Hotspot Shield Service" wurde unerwartet beendet. Dies
 ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden
 durchgeführt: Neustart des Diensts.
 
Error - 07.12.2010 08:40:58 | Computer Name = Name | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 6
Description = Einige Funktionen zur Energieverwaltung im Leistungsstatus wurden 
im Prozessor aufgrund eines bekannten Firmwareproblems deaktiviert. Wenden Sie sich
 an den Computerhersteller, um aktualisierte Firmware zu erhalten.
 
Error - 07.12.2010 08:50:33 | Computer Name = Name | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 6
Description = Einige Funktionen zur Energieverwaltung im Leistungsstatus wurden 
im Prozessor aufgrund eines bekannten Firmwareproblems deaktiviert. Wenden Sie sich
 an den Computerhersteller, um aktualisierte Firmware zu erhalten.
 
Error - 07.12.2010 08:53:31 | Computer Name = Name | Source = WMPNetworkSvc | ID = 866300
Description = 
 
Error - 07.12.2010 09:12:23 | Computer Name = Name | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 6
Description = Einige Funktionen zur Energieverwaltung im Leistungsstatus wurden 
im Prozessor aufgrund eines bekannten Firmwareproblems deaktiviert. Wenden Sie sich
 an den Computerhersteller, um aktualisierte Firmware zu erhalten.
 
Error - 07.12.2010 10:09:45 | Computer Name = Name | Source = Microsoft-Windows-DNS-Client | ID = 1012
Description = Fehler beim Lesen der Datei für lokale Hosts.
 
Error - 07.12.2010 10:16:01 | Computer Name = Name | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 6
Description = Einige Funktionen zur Energieverwaltung im Leistungsstatus wurden 
im Prozessor aufgrund eines bekannten Firmwareproblems deaktiviert. Wenden Sie sich
 an den Computerhersteller, um aktualisierte Firmware zu erhalten.
 
Error - 07.12.2010 10:32:27 | Computer Name = Name | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 6
Description = Einige Funktionen zur Energieverwaltung im Leistungsstatus wurden 
im Prozessor aufgrund eines bekannten Firmwareproblems deaktiviert. Wenden Sie sich
 an den Computerhersteller, um aktualisierte Firmware zu erhalten.
 
Error - 07.12.2010 10:35:33 | Computer Name = Name | Source = WMPNetworkSvc | ID = 866300
Description = 
 
 
< End of report >
         
--- --- ---
__________________

Alt 08.12.2010, 08:04   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Kann einen Eintrag nicht fixen! - Standard

Kann einen Eintrag nicht fixen!



Zitat:
Data und notes.ini gefixt,
Was hast du wie genau gefixt?
Wo ist das Log von malwarebytes?
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 08.12.2010, 11:18   #5
Uweles
 
Kann einen Eintrag nicht fixen! - Standard

Kann einen Eintrag nicht fixen!



In meinem ersten Logfile von HiJack habe ich diese beiden Einträge gefixt. Anschließend konnte ich den anderen auch fixen.
Hatte leider nicht mehr die Zeit Malewarebytes durchlaufen zu lassen, und es läuft ja auch imnmer ziemlich lang wenn ich es starte!

LG Uwe


Alt 08.12.2010, 12:07   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Kann einen Eintrag nicht fixen! - Standard

Kann einen Eintrag nicht fixen!



Zitat:
Hatte leider nicht mehr die Zeit Malewarebytes durchlaufen zu lassen, und es läuft ja auch imnmer ziemlich lang wenn ich es starte!
Woher weißt du das? Weil du schonmal einen Vollscan gemacht hast?
Wenn ja: Wo ist das Log davon?
__________________
--> Kann einen Eintrag nicht fixen!

Alt 08.12.2010, 15:22   #7
Uweles
 
Kann einen Eintrag nicht fixen! - Standard

Kann einen Eintrag nicht fixen!



Habe schon öfters mal einen Vollscan gemacht, aber nie einen Log aufgehoben.
Werde es auch noch durchlaufen lassen!
Gruß Uwe

Alt 08.12.2010, 15:24   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Kann einen Eintrag nicht fixen! - Standard

Kann einen Eintrag nicht fixen!



Schau im Programm (malwarebytes) im Reiter Log-Dateien nach. Da werden alle Logs gespeichert.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 08.12.2010, 15:28   #9
Uweles
 
Kann einen Eintrag nicht fixen! - Standard

Kann einen Eintrag nicht fixen!



Danke, habe ich noch gar nie drauf geachtet. Hier also der letzte komplette Scan:


Malwarebytes' Anti-Malware 1.50
Malwarebytes

Datenbank Version: 5247

Windows 6.1.7600
Internet Explorer 9.0.7930.16406

05.12.2010 14:37:54
mbam-log-2010-12-05 (14-37-54).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|F:\|I:\|)
Durchsuchte Objekte: 56490
Laufzeit: 3 Stunde(n), 32 Minute(n), 45 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)

Alt 08.12.2010, 15:40   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Kann einen Eintrag nicht fixen! - Standard

Kann einen Eintrag nicht fixen!



Noch weitere Logs da? Bitte alle posten.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 08.12.2010, 15:41   #11
Uweles
 
Kann einen Eintrag nicht fixen! - Standard

Kann einen Eintrag nicht fixen!



Habe keine weiteren. Habe windows vor kurzem erst neu aufgesetzt!

Alt 08.12.2010, 15:45   #12
Uweles
 
Kann einen Eintrag nicht fixen! - Standard

Kann einen Eintrag nicht fixen!



Habe Windows erst kürzlich neu aufgesetzt!
Keine weiteren Logs da!

Alt 08.12.2010, 18:59   #13
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Kann einen Eintrag nicht fixen! - Standard

Kann einen Eintrag nicht fixen!



Da hättest auch mal eher erwähnen können. Dann gibt es auch gar keinen echten Anlass irgendwas fixen zu müssen! Und HijackThis kannst du für heutige Geschichten vergessen, denn das Tool ist fast Steinzeit!

Kannst du mir mal verraten was du jetzt schon mit dem IE9 willst? Der ist noch in der Betaphase. Wer rumspielen will und mit Fehlern leben kann ist das ok, aber ich würde den nicht aufspielen, sondern erst wenn der offiziell freigegeben wurde.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Antwort

Themen zu Kann einen Eintrag nicht fixen!
bho, desktop, downloader, expert pdf, explorer, hijack, hijackthis, hotspot, hotspot shield, internet, internet explorer, kaspersky, locker, logfile, microsoft, nvidia, opera, pdf, realtek, safer networking, security, sicherheit, software, start menu, starten, suche, system, tastatur, vista, windows, wmp



Ähnliche Themen: Kann einen Eintrag nicht fixen!


  1. taskmang.exe (file missing) - Ich kann es nicht mit HiJackThis fixen
    Log-Analyse und Auswertung - 06.11.2009 (1)
  2. Ich brauche hilfe, ich kann nicht Hijack File fixen
    Log-Analyse und Auswertung - 14.07.2009 (2)
  3. Eintrag in Hijackthis lässt sich nicht fixen
    Log-Analyse und Auswertung - 14.06.2009 (4)
  4. HJT kann bestimmte Files nicht fixen.
    Log-Analyse und Auswertung - 31.08.2008 (4)
  5. Kann in HJT nicht fixen.
    Log-Analyse und Auswertung - 25.04.2008 (7)
  6. awtqnkhe.dll - kann es nicht fixen
    Log-Analyse und Auswertung - 03.04.2008 (6)
  7. Kann HJT-Eintrag nicht fixen - "Security Toolbar 7.1"
    Log-Analyse und Auswertung - 24.10.2007 (22)
  8. Kann nicht fixen, bitte um Auswertung
    Log-Analyse und Auswertung - 29.07.2007 (1)
  9. R2 eintrag kann mit HJT nicht gelöscht werden
    Plagegeister aller Art und deren Bekämpfung - 02.06.2006 (8)
  10. Kann 2O15 - ProtocolDefaults:" nicht fixen!
    Log-Analyse und Auswertung - 10.02.2006 (2)
  11. Kann paar Sachen nicht fixen! weiß jemand rat???
    Log-Analyse und Auswertung - 13.12.2005 (4)
  12. Kann Eintrag nicht löschen...Hilfe
    Log-Analyse und Auswertung - 23.10.2005 (12)
  13. Kann Einträge nicht fixen
    Log-Analyse und Auswertung - 27.05.2005 (7)
  14. Eintrag mit HijachThis fixen ? Bitte Hilfe .
    Log-Analyse und Auswertung - 16.02.2005 (0)
  15. Kann Einträge nicht fixen!? :(
    Plagegeister aller Art und deren Bekämpfung - 03.01.2005 (3)
  16. Kann Trusted Zone Eintrag nicht 'Fix checken'
    Log-Analyse und Auswertung - 06.12.2004 (16)
  17. Hilfe! habe Log gepostet weiß jedoch nicht was ich fixen kann!
    Plagegeister aller Art und deren Bekämpfung - 30.06.2004 (0)

Zum Thema Kann einen Eintrag nicht fixen! - Hallo Ihr Guten! Habe ein Logfile erstellt und gemerkt das ich folgenden Eintrag darin habe: O1 - Hosts: # Copyright (c) 1993-2009 Microsoft Corp. Den kann ich aber nicht fixen. - Kann einen Eintrag nicht fixen!...
Archiv
Du betrachtest: Kann einen Eintrag nicht fixen! auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.