Hi,
sorry, ich hatte mir die goldenen Regeln zwar angesehen, allerdings habe ich die andere Seite mit dem Hijackthis-Scan ünicht gesehen und da ich schon mal vor längerem in einem anderen Forum war, bin ich irgendwie davon ausgegangen, es würde hier auch erst mit Hijackthis und dann mit OTL etc. gescannt.
Na ja, jetzt habe ich die anderen Scans ja nachgeholt:
1.) Als ich defogger gestartet und "disable" geklickt habe, musste ich keinen Neustart machen, hat das was zu bedeuten?
2.) Hier nun meine Logs von OTL.exe: OTL.txt Code:
OTL logfile created on: 27.10.2011 09:17:10 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Patrick\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
15,91 Gb Total Physical Memory | 13,87 Gb Available Physical Memory | 87,21% Memory free
31,82 Gb Paging File | 29,68 Gb Available in Paging File | 93,29% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 107,26 Gb Total Space | 55,07 Gb Free Space | 51,34% Space Free | Partition Type: NTFS
Drive D: | 24,47 Gb Total Space | 19,24 Gb Free Space | 78,61% Space Free | Partition Type: NTFS
Drive E: | 147,62 Gb Total Space | 84,41 Gb Free Space | 57,18% Space Free | Partition Type: NTFS
Computer Name: MEIN-PC | User Name: Patrick | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011.10.27 09:12:22 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Patrick\Desktop\OTL.exe
PRC - [2011.10.27 09:06:33 | 000,050,477 | ---- | M] () -- C:\Users\Patrick\Desktop\Defogger.exe
PRC - [2011.08.22 17:07:32 | 000,354,416 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWOW64\vmnetdhcp.exe
PRC - [2011.08.22 17:07:18 | 000,103,536 | ---- | M] (VMware, Inc.) -- D:\Program Files (x86)\VMware\VMware VIX\vmware-tray.exe
PRC - [2011.08.22 17:06:56 | 000,432,752 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWOW64\vmnat.exe
PRC - [2011.08.22 15:28:42 | 000,079,872 | ---- | M] (VMware, Inc.) -- D:\Program Files (x86)\VMware\VMware VIX\vmware-authd.exe
PRC - [2011.04.30 00:32:54 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2011.04.30 00:32:50 | 000,284,440 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2011.04.28 05:03:30 | 000,073,728 | ---- | M] () -- D:\Program Files (x86)\Gomez\GomezPEER\bin\GomezPEER.exe
PRC - [2011.04.26 11:20:48 | 001,101,440 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe
PRC - [2011.04.24 23:15:02 | 000,202,296 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
PRC - [2011.04.13 15:15:22 | 001,116,800 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\VRMHelp.exe
PRC - [2011.03.23 15:08:12 | 001,426,048 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
PRC - [2011.01.17 15:38:20 | 000,702,592 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\pnSvc.exe
PRC - [2011.01.11 16:21:14 | 001,214,080 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
PRC - [2010.12.02 04:15:14 | 000,915,584 | R--- | M] () -- C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe
PRC - [2010.11.26 21:50:04 | 002,931,328 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
PRC - [2010.11.25 09:12:56 | 000,252,544 | R--- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\AsShellProcess.exe
PRC - [2010.11.24 06:35:56 | 000,135,168 | ---- | M] (Sun Microsystems, Inc.) -- D:\Program Files (x86)\Gomez\GomezPEER\jre\bin\java.exe
PRC - [2010.11.08 15:09:00 | 000,465,536 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
PRC - [2010.11.03 11:30:14 | 000,918,144 | R--- | M] () -- C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe
PRC - [2010.10.21 11:52:26 | 000,586,880 | R--- | M] () -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
PRC - [2010.09.24 21:29:32 | 001,115,776 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
PRC - [2009.10.26 13:16:00 | 000,223,464 | ---- | M] (DeviceVM, Inc.) -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe
PRC - [2009.10.26 13:15:56 | 000,375,000 | ---- | M] (DeviceVM, Inc.) -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe
========== Modules (No Company Name) ==========
MOD - [2011.10.27 09:06:33 | 000,050,477 | ---- | M] () -- C:\Users\Patrick\Desktop\Defogger.exe
MOD - [2011.10.23 19:03:08 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\33cecc66284ef59208b639ec72b0f565\IAStorCommon.ni.dll
MOD - [2011.10.20 20:22:51 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\d7a64c28cf0c90e6c48af4f7d6f9ed41\WindowsBase.ni.dll
MOD - [2011.10.20 20:22:26 | 012,433,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6e592e424a204aafeadbe22b6b31b9db\System.Windows.Forms.ni.dll
MOD - [2011.10.20 19:30:58 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\2d5bcbeb9475ef62189f605bcca1cec6\System.Configuration.ni.dll
MOD - [2011.10.20 19:30:53 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b2622080e047040fa044dd21a04ff10d\System.Runtime.Remoting.ni.dll
MOD - [2011.10.20 19:30:51 | 000,492,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\e8339b699235ebf2f904ccb8383de342\IAStorUtil.ni.dll
MOD - [2011.10.20 19:30:50 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\3b2cfd85528a27eb71dc41d8067359a1\System.Drawing.ni.dll
MOD - [2011.10.20 19:30:49 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\130ad4d9719e566ca933ac7158a04203\System.Xml.ni.dll
MOD - [2011.10.20 19:30:45 | 007,963,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\abab08afa60a6f06bdde0fcc9649c379\System.ni.dll
MOD - [2011.10.20 19:30:43 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll
MOD - [2011.06.16 19:05:26 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2011.04.28 05:03:30 | 000,073,728 | ---- | M] () -- D:\Program Files (x86)\Gomez\GomezPEER\bin\GomezPEER.exe
MOD - [2011.04.24 23:13:30 | 007,008,656 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtGui4.dll
MOD - [2011.04.24 23:13:28 | 000,192,912 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtSql4.dll
MOD - [2011.04.24 23:13:26 | 001,270,160 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtScript4.dll
MOD - [2011.04.24 23:13:26 | 000,758,160 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtNetwork4.dll
MOD - [2011.04.24 23:13:24 | 002,118,032 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtCore4.dll
MOD - [2011.04.24 23:13:24 | 002,089,360 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtDeclarative4.dll
MOD - [2011.04.20 19:56:28 | 000,025,088 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\imageformats\qgif4.dll
MOD - [2011.04.12 09:43:06 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll
MOD - [2011.04.07 17:33:18 | 001,607,168 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Sensor Graph\SensorGraph.dll
MOD - [2011.03.23 15:05:04 | 000,964,608 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\BarGadget.dll
MOD - [2011.03.04 10:33:44 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\HookKey32.dll
MOD - [2011.02.24 10:19:36 | 000,143,360 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\AssistFunc.dll
MOD - [2011.02.09 09:02:28 | 000,873,472 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\AI Charger+\AIChargerPlus.dll
MOD - [2011.01.19 21:23:40 | 001,655,296 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Bluetooth Go!\BluetoothGo.dll
MOD - [2011.01.13 16:47:34 | 000,881,152 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Sensor\Sensor.dll
MOD - [2011.01.07 16:39:36 | 001,246,208 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Settings\Settings.dll
MOD - [2011.01.06 10:38:48 | 001,027,072 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Probe_II\ProbeII.dll
MOD - [2010.12.01 12:33:32 | 001,244,672 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\MyLogo\MyLogo.dll
MOD - [2010.11.25 15:12:54 | 000,661,504 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\aaHMLib.dll
MOD - [2010.11.25 15:12:54 | 000,253,952 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\pngio.dll
MOD - [2010.11.25 15:12:54 | 000,208,896 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\ImageHelper.dll
MOD - [2010.11.25 15:12:54 | 000,086,016 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\AsNetlib.dll
MOD - [2010.11.24 06:35:58 | 000,010,240 | ---- | M] () -- D:\Program Files (x86)\Gomez\GomezPEER\jre\bin\SystemInfo.dll
MOD - [2010.10.15 17:40:30 | 001,031,680 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\ASUS Update\Update.dll
MOD - [2010.08.23 04:17:40 | 000,662,016 | R--- | M] () -- C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMLib.dll
MOD - [2010.08.06 18:13:48 | 000,886,272 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\TabGadget.dll
MOD - [2010.08.06 18:11:20 | 000,850,944 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Splitter\Splitter.dll
MOD - [2010.06.21 15:21:22 | 000,208,896 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\ImageHelper.dll
MOD - [2010.06.21 15:21:22 | 000,208,896 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\ImageHelper.dll
MOD - [2009.08.12 20:15:52 | 000,253,952 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\pngio.dll
MOD - [2009.06.27 10:11:12 | 000,503,202 | ---- | M] () -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\sqlite3.dll
MOD - [2009.05.21 10:14:14 | 000,253,952 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\pngio.dll
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2010.08.12 15:00:20 | 000,133,800 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\IPROSetMonitor.exe -- (Intel® PROSet Monitoring Service)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2007.03.16 01:24:18 | 000,566,704 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\lxbccoms.exe -- (lxbc_device)
SRV - [2011.08.22 17:07:32 | 000,354,416 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vmnetdhcp.exe -- (VMnetDHCP)
SRV - [2011.08.22 17:06:56 | 000,432,752 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vmnat.exe -- (VMware NAT Service)
SRV - [2011.08.22 16:34:52 | 011,837,440 | ---- | M] () [Auto | Stopped] -- D:\Program Files (x86)\VMware\VMware VIX\vmware-hostd.exe -- (VMwareHostd)
SRV - [2011.08.22 15:28:42 | 000,079,872 | ---- | M] (VMware, Inc.) [Auto | Running] -- D:\Program Files (x86)\VMware\VMware VIX\vmware-authd.exe -- (VMAuthdService)
SRV - [2011.08.21 23:11:28 | 000,846,448 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe -- (VMUSBArbService)
SRV - [2011.06.12 11:43:28 | 051,740,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- D:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2011.04.30 00:32:54 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R)
SRV - [2011.04.24 23:15:02 | 000,202,296 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe -- (AVP)
SRV - [2011.03.13 10:58:30 | 000,074,912 | ---- | M] (Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\adminservice.exe -- (AtherosSvc)
SRV - [2010.12.02 04:15:14 | 000,915,584 | R--- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe -- (asHmComSvc)
SRV - [2010.11.03 11:30:14 | 000,918,144 | R--- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe -- (asComSvc)
SRV - [2010.10.21 11:52:26 | 000,586,880 | R--- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe -- (AsSysCtrlService)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.10.26 13:16:00 | 000,223,464 | ---- | M] (DeviceVM, Inc.) [Auto | Running] -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe -- (BCUService)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2007.03.16 01:24:02 | 000,537,520 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysWow64\lxbccoms.exe -- (lxbc_device)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2011.10.20 14:49:54 | 000,615,728 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klif.sys -- (KLIF)
DRV:64bit: - [2011.10.20 11:15:23 | 000,105,744 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tmtdi.sys -- (tmtdi)
DRV:64bit: - [2011.08.22 17:07:58 | 000,062,064 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmx86.sys -- (vmx86)
DRV:64bit: - [2011.08.22 17:06:14 | 000,030,320 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetuserif.sys -- (VMnetuserif)
DRV:64bit: - [2011.08.22 15:12:26 | 000,045,680 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetbridge.sys -- (VMnetBridge)
DRV:64bit: - [2011.08.22 15:12:26 | 000,020,080 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vmnetadapter.sys -- (VMnetAdapter)
DRV:64bit: - [2011.08.21 23:11:26 | 000,039,024 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\hcmon.sys -- (hcmon)
DRV:64bit: - [2011.08.08 14:59:12 | 000,116,336 | ---- | M] (VMware, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vmci.sys -- (vmci)
DRV:64bit: - [2011.06.16 19:11:21 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.06.16 19:11:21 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.04.26 11:07:36 | 000,557,848 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011.04.15 05:08:26 | 012,228,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011.03.13 10:58:44 | 000,280,224 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2011.03.13 10:58:44 | 000,201,376 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2011.03.13 10:58:44 | 000,154,272 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2011.03.13 10:58:44 | 000,055,456 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2011.03.13 10:58:42 | 000,298,656 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2011.03.13 10:58:42 | 000,051,872 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AthDfu.sys -- (ATHDFU)
DRV:64bit: - [2011.03.13 10:58:42 | 000,036,000 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2011.03.13 10:58:42 | 000,028,832 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:64bit: - [2011.03.10 18:36:24 | 000,029,488 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klim6.sys -- (KLIM6)
DRV:64bit: - [2011.03.04 13:23:28 | 000,011,864 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kl2.sys -- (kl2)
DRV:64bit: - [2011.03.04 13:23:24 | 000,460,888 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\kl1.sys -- (KL1)
DRV:64bit: - [2010.12.08 18:17:40 | 000,369,640 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci)
DRV:64bit: - [2010.12.08 18:17:38 | 000,122,856 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3)
DRV:64bit: - [2010.11.21 05:24:43 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010.11.21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 05:23:48 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub)
DRV:64bit: - [2010.11.21 05:23:48 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:64bit: - [2010.11.21 05:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010.11.21 05:23:48 | 000,034,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010.11.08 14:57:58 | 000,014,464 | ---- | M] (ASUSTek Computer Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AiChargerPlus.sys -- (AiChargerPlus)
DRV:64bit: - [2010.10.19 16:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel(R)
DRV:64bit: - [2010.10.14 19:28:16 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel(R)
DRV:64bit: - [2010.09.21 08:34:18 | 000,313,520 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1c62x64.sys -- (e1cexpress) Intel(R)
DRV:64bit: - [2010.08.27 19:53:22 | 000,297,000 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mv91xx.sys -- (mv91xx)
DRV:64bit: - [2010.08.17 19:28:32 | 000,026,136 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ICCWDT.sys -- (ICCWDT) Intel(R) Watchdog Timer Driver (Intel(R) WDT)
DRV:64bit: - [2010.08.10 11:29:15 | 000,120,920 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\jraid.sys -- (JRAID)
DRV:64bit: - [2010.05.20 15:26:48 | 000,037,392 | ---- | M] (Paragon Software Group) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hotcore3.sys -- (hotcore3)
DRV:64bit: - [2009.11.02 20:27:10 | 000,022,544 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klmouflt.sys -- (klmouflt)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://mystart.incredimail.com/mb50?u=1036326497500915990
IE - HKLM\..\URLSearchHook: {990af1c2-5a27-4460-8149-ecc6bc122af3} - C:\Program Files (x86)\IncrediMail_MediaBar_Deutsch_2\prxtbIncr.dll (Conduit Ltd.)
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 8C 1B 49 82 2D 8F CC 01 [binary data]
IE - HKCU\..\URLSearchHook: {990af1c2-5a27-4460-8149-ecc6bc122af3} - C:\Program Files (x86)\IncrediMail_MediaBar_Deutsch_2\prxtbIncr.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll (DeviceVM, Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: D:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{38783831-6098-4faa-A9C9-1EE1E343F4D2}: C:\Program Files\Trend Micro\AMSP\Module\20002\7.0.1081\7.0.1081\firefoxextension
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{22C7F6C6-8D67-4534-92B5-529A0EC09405}: C:\Program Files\Trend Micro\AMSP\module\20004\FxExt\firefoxextension\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\virtualKeyboard@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru [2011.10.20 15:11:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\linkfilter@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\linkfilter@kaspersky.ru [2011.10.20 15:11:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\KavAntiBanner@Kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\KavAntiBanner@Kaspersky.ru [2011.10.20 15:11:10 | 000,000,000 | ---D | M]
[2011.10.26 09:21:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Patrick\AppData\Roaming\mozilla\Extensions
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\2.0.1313\6.8.1066\TmIEPlg.dll File not found
O2:64bit: - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\ievkbd.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.0.1081\7.0.1081\TmBpIe64.dll File not found
O2:64bit: - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\2.0.1313\6.8.1066\TmIEPlg32.dll File not found
O2 - BHO: (no name) - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - No CLSID value found.
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll (Kaspersky Lab ZAO)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O2 - BHO: (IncrediMail MediaBar Deutsch 2 Toolbar) - {990af1c2-5a27-4460-8149-ecc6bc122af3} - C:\Program Files (x86)\IncrediMail_MediaBar_Deutsch_2\prxtbIncr.dll (Conduit Ltd.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.0.1081\7.0.1081\TmBpIe32.dll File not found
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll (Kaspersky Lab ZAO)
O3 - HKLM\..\Toolbar: (IncrediMail MediaBar Deutsch 2 Toolbar) - {990af1c2-5a27-4460-8149-ecc6bc122af3} - C:\Program Files (x86)\IncrediMail_MediaBar_Deutsch_2\prxtbIncr.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Communications)
O4:64bit: - HKLM..\Run: [BCSSync] D:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [ASUS AiChargerPlus Execute] C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [ASUS ShellProcess Execute] C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\AsShellProcess.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [BCU] C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe (DeviceVM, Inc.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe ()
O4 - HKLM..\Run: [vmware-tray] D:\Program Files (x86)\VMware\VMware VIX\vmware-tray.exe (VMware, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: VerboseStatus = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetOpenWith = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: An OneNote s&enden - D:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8:64bit: - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ie_banner_deny.htm ()
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - D:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: An OneNote s&enden - D:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ie_banner_deny.htm ()
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - D:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\ievkbd.dll (Kaspersky Lab ZAO)
O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - Reg Error: Value error. File not found
O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - D:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll (Kaspersky Lab ZAO)
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O9 - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll (Kaspersky Lab ZAO)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000012 - C:\Windows\SysNative\vsocklib.dll (VMware, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000013 - C:\Windows\SysNative\vsocklib.dll (VMware, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\SysWOW64\vsocklib.dll (VMware, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\SysWOW64\vsocklib.dll (VMware, Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{233044BC-90A5-49EF-B902-097C1378EC6F}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.0.1081\7.0.1081\TmBpIe64.dll File not found
O18:64bit: - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\2.0.1313\6.8.1066\TmIEPlg.dll File not found
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\7.0.1081\7.0.1081\TmBpIe32.dll File not found
O18 - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\2.0.1313\6.8.1066\TmIEPlg32.dll File not found
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20:64bit: - Winlogon\Notify\klogon: DllName - (%SystemRoot%\System32\klogon.dll) - C:\Windows\SysNative\klogon.dll (Kaspersky Lab ZAO)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - D:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{f69df467-fa5d-11e0-80a6-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{f69df467-fa5d-11e0-80a6-806e6f6e6963}\Shell\AutoRun\command - "" = F:\.\Bin\ASSETUP.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
ActiveX:64bit: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {166B1BCA-3F9C-11CF-8075-444553540000} - Macromedia Shockwave Director 10.1
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 10.4
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Macromedia Shockwave Director 10.1
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2011.10.27 09:10:58 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Patrick\Desktop\OTL.exe
[2011.10.26 19:48:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit
[2011.10.26 19:48:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IncrediMail_MediaBar_Deutsch_2
[2011.10.26 19:48:48 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Local\Conduit
[2011.10.26 19:48:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IncrediMail
[2011.10.26 19:48:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IncrediMail
[2011.10.26 09:21:09 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Roaming\Mozilla
[2011.10.26 09:21:09 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Roaming\Gomez
[2011.10.26 09:12:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GomezPEER
[2011.10.26 09:10:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paradiesbar
[2011.10.26 07:27:14 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Local\IPaid
[2011.10.26 07:22:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IPaid-Surfbar
[2011.10.26 07:21:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\20Dollars2Surf
[2011.10.26 07:21:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\20Dollars2Surf
[2011.10.26 07:17:43 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Paidmail-Autobot
[2011.10.26 07:17:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paidmail-Autobot
[2011.10.26 06:45:41 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Roaming\Media Player Classic
[2011.10.25 18:59:40 | 000,062,064 | ---- | C] (VMware, Inc.) -- C:\Windows\SysNative\drivers\vmx86.sys
[2011.10.25 18:59:19 | 000,354,416 | ---- | C] (VMware, Inc.) -- C:\Windows\SysWow64\vmnetdhcp.exe
[2011.10.25 18:59:15 | 000,432,752 | ---- | C] (VMware, Inc.) -- C:\Windows\SysWow64\vmnat.exe
[2011.10.25 18:59:14 | 000,030,320 | ---- | C] (VMware, Inc.) -- C:\Windows\SysNative\drivers\vmnetuserif.sys
[2011.10.25 18:59:13 | 000,942,192 | ---- | C] (VMware, Inc.) -- C:\Windows\SysNative\vnetlib64.dll
[2011.10.25 18:59:11 | 000,039,024 | ---- | C] (VMware, Inc.) -- C:\Windows\SysNative\drivers\hcmon.sys
[2011.10.25 18:59:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware
[2011.10.25 18:58:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VMware
[2011.10.25 18:58:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\VMware
[2011.10.25 18:58:58 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Shared Virtual Machines
[2011.10.25 18:58:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\VMware
[2011.10.25 18:49:52 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Local\IM
[2011.10.25 18:49:52 | 000,000,000 | ---D | C] -- C:\ProgramData\IM
[2011.10.25 18:49:50 | 000,000,000 | ---D | C] -- C:\ProgramData\IncrediMail
[2011.10.25 18:15:03 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Roaming\VMware
[2011.10.25 17:50:28 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2011.10.25 17:48:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSECache
[2011.10.25 14:11:22 | 000,000,000 | ---D | C] -- C:\Program Files\Lexmark Z500-Z600 Series
[2011.10.25 14:10:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexmark Z500-Z600 Series
[2011.10.25 14:10:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lexmark Z500-Z600 Series
[2011.10.25 14:10:44 | 001,224,704 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbcserv.dll
[2011.10.25 14:10:44 | 000,995,328 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbcusb1.dll
[2011.10.25 14:10:44 | 000,696,320 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbchbn3.dll
[2011.10.25 14:10:44 | 000,684,032 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbccomc.dll
[2011.10.25 14:10:44 | 000,643,072 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbcpmui.dll
[2011.10.25 14:10:44 | 000,585,728 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbclmpm.dll
[2011.10.25 14:10:44 | 000,537,520 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbccoms.exe
[2011.10.25 14:10:44 | 000,421,888 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbccomm.dll
[2011.10.25 14:10:44 | 000,413,696 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbcinpa.dll
[2011.10.25 14:10:44 | 000,397,312 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbciesc.dll
[2011.10.25 14:10:44 | 000,385,968 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbcih.exe
[2011.10.25 14:10:44 | 000,381,872 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbccfg.exe
[2011.10.25 14:10:44 | 000,181,168 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbcppls.exe
[2011.10.25 14:10:44 | 000,163,840 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbcprox.dll
[2011.10.25 14:10:44 | 000,131,072 | ---- | C] (Lexmark ) -- C:\Windows\SysWow64\lxbcins.dll
[2011.10.25 14:10:44 | 000,094,208 | ---- | C] (Lexmark ) -- C:\Windows\SysWow64\lxbcinsr.dll
[2011.10.25 14:10:44 | 000,094,208 | ---- | C] ( ) -- C:\Windows\SysWow64\lxbcpplc.dll
[2011.10.25 14:10:24 | 001,418,240 | ---- | C] ( ) -- C:\Windows\SysNative\lxbcserv.dll
[2011.10.25 14:10:24 | 001,099,776 | ---- | C] ( ) -- C:\Windows\SysNative\lxbcusb1.dll
[2011.10.25 14:10:24 | 000,696,320 | ---- | C] ( ) -- C:\Windows\SysNative\lxbccomc.dll
[2011.10.25 14:10:24 | 000,660,480 | ---- | C] ( ) -- C:\Windows\SysNative\lxbchbn3.dll
[2011.10.25 14:10:24 | 000,566,704 | ---- | C] ( ) -- C:\Windows\SysNative\lxbccoms.exe
[2011.10.25 14:10:24 | 000,488,448 | ---- | C] ( ) -- C:\Windows\SysNative\lxbclmpm.dll
[2011.10.25 14:10:24 | 000,410,112 | ---- | C] ( ) -- C:\Windows\SysNative\lxbcpmui.dll
[2011.10.25 14:10:24 | 000,305,664 | ---- | C] ( ) -- C:\Windows\SysNative\LXBChcp.dll
[2011.10.25 14:10:24 | 000,249,856 | ---- | C] ( ) -- C:\Windows\SysNative\lxbccomm.dll
[2011.10.25 14:10:24 | 000,238,592 | ---- | C] ( ) -- C:\Windows\SysNative\lxbcinpa.dll
[2011.10.25 14:10:24 | 000,236,464 | ---- | C] ( ) -- C:\Windows\SysNative\lxbccfg.exe
[2011.10.25 14:10:24 | 000,233,392 | ---- | C] ( ) -- C:\Windows\SysNative\lxbcih.exe
[2011.10.25 14:10:24 | 000,226,816 | ---- | C] ( ) -- C:\Windows\SysNative\lxbciesc.dll
[2011.10.25 14:10:24 | 000,177,664 | ---- | C] (Lexmark ) -- C:\Windows\SysNative\lxbcins.dll
[2011.10.25 14:10:24 | 000,077,824 | ---- | C] (Lexmark ) -- C:\Windows\SysNative\lxbcinsr.dll
[2011.10.25 14:10:24 | 000,035,328 | ---- | C] ( ) -- C:\Windows\SysNative\lxbcprox.dll
[2011.10.25 14:10:24 | 000,010,752 | ---- | C] ( ) -- C:\Windows\SysNative\lxbcpplc.dll
[2011.10.25 13:51:02 | 000,000,000 | ---D | C] -- C:\drivers
[2011.10.25 09:29:01 | 000,000,000 | ---D | C] -- C:\Users\Patrick\Documents\Outlook-Dateien
[2011.10.25 08:44:50 | 000,000,000 | ---D | C] -- C:\Users\Patrick\Documents\Windows Mail in Windows 7 reanimieren
[2011.10.24 16:20:08 | 000,000,000 | ---D | C] -- C:\Users\Patrick\Documents\Warez
[2011.10.24 11:00:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImageShack Uploader
[2011.10.24 09:29:06 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2011.10.24 07:48:25 | 000,000,000 | ---D | C] -- C:\ProgramData\VMware
[2011.10.24 07:29:35 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2011.10.23 18:58:05 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2011.10.23 18:53:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
[2011.10.23 18:53:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2011.10.23 18:52:59 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2011.10.23 18:52:42 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Synchronization Services
[2011.10.23 18:52:31 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2011.10.23 18:52:31 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Sync Framework
[2011.10.23 18:52:31 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2011.10.23 18:51:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8
[2011.10.23 18:50:29 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Analysis Services
[2011.10.23 18:50:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services
[2011.10.23 18:50:26 | 000,000,000 | ---D | C] -- C:\Windows\SHELLNEW
[2011.10.23 18:50:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2011.10.23 18:50:19 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Local\Microsoft Help
[2011.10.23 18:50:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2011.10.23 17:35:10 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2011.10.23 17:34:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack x64
[2011.10.23 17:34:16 | 000,000,000 | ---D | C] -- C:\Program Files\K-Lite Codec Pack x64
[2011.10.23 17:34:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
[2011.10.23 17:34:04 | 000,237,568 | ---- | C] (www.helixcommunity.org) -- C:\Windows\SysWow64\yv12vfw.dll
[2011.10.23 17:34:04 | 000,151,552 | ---- | C] (fccHandler) -- C:\Windows\SysWow64\ac3acm.acm
[2011.10.23 17:34:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\K-Lite Codec Pack
[2011.10.23 17:28:18 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Adobe
[2011.10.23 16:16:35 | 000,000,000 | ---D | C] -- C:\ProgramData\redistpart
[2011.10.23 16:15:21 | 000,000,000 | ---D | C] -- C:\ProgramData\explauncher
[2011.10.23 16:15:19 | 000,000,000 | ---D | C] -- C:\ProgramData\launcher
[2011.10.23 16:01:51 | 000,037,392 | ---- | C] (Paragon Software Group) -- C:\Windows\SysNative\drivers\hotcore3.sys
[2011.10.23 16:01:50 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2011.10.23 16:01:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paragon Partition Manager™ 11 Professional
[2011.10.23 16:01:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Paragon Software
[2011.10.22 19:17:46 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2011.10.22 19:17:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2011.10.22 19:17:21 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2011.10.22 11:15:26 | 000,000,000 | ---D | C] -- C:\Users\Patrick\Documents\Loggin
[2011.10.22 10:18:07 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Local\MigWiz
[2011.10.22 09:35:45 | 000,000,000 | ---D | C] -- C:\ProgramData\GetRight
[2011.10.21 19:05:37 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Local\CrashDumps
[2011.10.21 19:04:28 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Roaming\GetRight Pro
[2011.10.21 19:04:28 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Roaming\GetRight
[2011.10.21 10:21:32 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Local\ElevatedDiagnostics
[2011.10.20 20:55:53 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Roaming\WinRAR
[2011.10.20 19:16:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2011.10.20 19:16:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2011.10.20 19:11:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2011.10.20 14:50:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security 2012
[2011.10.20 14:49:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2011.10.20 14:49:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kaspersky Lab
[2011.10.20 14:49:54 | 000,615,728 | ---- | C] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\klif.sys
[2011.10.20 14:37:10 | 000,000,000 | R--D | C] -- C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
[2011.10.20 14:11:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Zards software
[2011.10.20 14:11:13 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cleanse Uninstaller
[2011.10.20 14:11:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cleanse Uninstaller
[2011.10.20 11:48:48 | 000,105,744 | ---- | C] (Trend Micro Inc.) -- C:\Windows\SysNative\drivers\tmtdi.sys
[2011.10.20 11:48:26 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Roaming\Macromedia
[2011.10.20 11:48:23 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Roaming\Adobe
[2011.10.20 11:15:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2011.10.20 10:29:16 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Local\Trend Micro
[2011.10.20 10:27:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Trend Micro
[2011.10.20 09:46:46 | 000,000,000 | ---D | C] -- C:\ProgramData\ASUS OC Profiles
[2011.10.20 08:04:13 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2011.10.20 08:02:49 | 000,014,464 | ---- | C] (ASUSTek Computer Inc.) -- C:\Windows\SysNative\drivers\AiChargerPlus.sys
[2011.10.20 08:02:20 | 000,184,320 | ---- | C] (ASUSTeK) -- C:\Windows\SysWow64\drivers\UpdateHelper.dll
[2011.10.20 08:02:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
[2011.10.20 08:00:59 | 000,000,000 | ---D | C] -- C:\ProgramData\ASUS
[2011.10.20 08:00:52 | 000,028,672 | R--- | C] (ASUSTek Computer Inc.) -- C:\Windows\SysWow64\AsIO.dll
[2011.10.20 08:00:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ASUS
[2011.10.20 07:56:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2011.10.19 17:49:15 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller
[2011.10.19 17:43:47 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\DeviceVM
[2011.10.19 17:42:08 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Local\BMExplorer
[2011.10.19 17:42:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Atheros
[2011.10.19 17:36:06 | 000,000,000 | ---D | C] -- C:\Users\Patrick\Documents\Bluetooth Folder
[2011.10.19 17:35:59 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BT Program
[2011.10.19 17:35:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Atheros
[2011.10.19 17:35:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bluetooth Suite
[2011.10.19 17:35:48 | 000,016,896 | ---- | C] (ASUS) -- C:\Windows\AsTaskSched.dll
[2011.10.19 17:34:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Asmedia Technology
[2011.10.19 17:34:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ASM104xUSB3
[2011.10.19 17:29:16 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2011.10.19 17:23:39 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Marvell
[2011.10.19 17:23:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Marvell
[2011.10.19 17:23:05 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2011.10.19 17:20:41 | 000,000,000 | ---D | C] -- C:\RaidTool
[2011.10.19 17:20:37 | 000,000,000 | ---D | C] -- C:\Windows\RaidTool
[2011.10.19 17:15:17 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Intel
[2011.10.19 17:15:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intel
[2011.10.19 17:15:01 | 000,004,096 | ---- | C] ( ) -- C:\Windows\SysNative\IGFXDEVLib.dll
[2011.10.19 17:05:46 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
[2011.10.19 17:05:46 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2011.10.19 17:05:37 | 002,580,824 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib.dll
[2011.10.19 17:05:36 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2011.10.19 17:05:36 | 000,220,496 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysNative\SFNHK64.dll
[2011.10.19 17:05:36 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll
[2011.10.19 17:05:36 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll
[2011.10.19 17:05:36 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
[2011.10.19 17:05:36 | 000,081,232 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysNative\SFCOM64.dll
[2011.10.19 17:05:36 | 000,074,064 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysWow64\SFCOM.dll
[2011.10.19 17:05:35 | 000,078,160 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysNative\SFAPO64.dll
[2011.10.19 17:05:30 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll
[2011.10.19 17:05:30 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2011.10.19 17:05:30 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2011.10.19 17:05:30 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll
[2011.10.19 17:05:30 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll
[2011.10.19 17:05:30 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll
[2011.10.19 17:05:26 | 001,718,616 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEP64A.dll
[2011.10.19 17:05:26 | 000,421,720 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EED64A.dll
[2011.10.19 17:05:26 | 000,334,680 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxVolumeSDAPO.dll
[2011.10.19 17:05:26 | 000,127,832 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEL64A.dll
[2011.10.19 17:05:26 | 000,108,888 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEA64A.dll
[2011.10.19 17:05:26 | 000,074,584 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEG64A.dll
[2011.10.19 17:05:25 | 002,197,264 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ.dll
[2011.10.19 17:05:25 | 001,870,680 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek.dll
[2011.10.19 17:05:25 | 000,341,336 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO30.dll
[2011.10.19 17:05:24 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll
[2011.10.19 17:05:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intel Corporation
[2011.10.19 17:05:19 | 001,937,312 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2011.10.19 17:05:18 | 001,327,208 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2SpeakerDLL64.dll
[2011.10.19 17:05:18 | 000,491,112 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSSymmetryDLL64.dll
[2011.10.19 17:05:18 | 000,475,752 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSVoiceClarityDLL64.dll
[2011.10.19 17:05:17 | 001,179,752 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2HeadphoneDLL64.dll
[2011.10.19 17:05:17 | 001,111,656 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBoostDLL64.dll
[2011.10.19 17:05:17 | 000,504,936 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBassEnhancementDLL64.dll
[2011.10.19 17:05:17 | 000,317,032 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSNeoPCDLL64.dll
[2011.10.19 17:05:17 | 000,269,928 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLimiterDLL64.dll
[2011.10.19 17:05:17 | 000,266,856 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGainCompensatorDLL64.dll
[2011.10.19 17:05:17 | 000,126,056 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLFXAPO64.dll
[2011.10.19 17:05:17 | 000,125,544 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPO64.dll
[2011.10.19 17:05:17 | 000,125,032 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPONS64.dll
[2011.10.19 17:05:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek
[2011.10.19 17:05:10 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp
[2011.10.19 17:05:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2011.10.19 17:02:08 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Roaming\Intel Corporation
[2011.10.19 17:00:53 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
[2011.10.19 17:00:25 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2011.10.19 17:00:25 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Roaming\InstallShield
[2011.10.19 16:58:19 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2011.10.19 16:56:28 | 000,053,248 | R--- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\SysWow64\CSVer.dll
[2011.10.19 16:56:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel
[2011.10.19 16:56:00 | 000,000,000 | ---D | C] -- C:\Intel
[2011.10.19 16:54:26 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2011.10.19 16:41:46 | 000,000,000 | R--D | C] -- C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2011.10.19 16:41:46 | 000,000,000 | R--D | C] -- C:\Users\Patrick\Searches
[2011.10.19 16:41:46 | 000,000,000 | R--D | C] -- C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2011.10.19 16:41:38 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Roaming\Identities
[2011.10.19 16:41:36 | 000,000,000 | R--D | C] -- C:\Users\Patrick\Contacts
[2011.10.19 16:41:29 | 000,000,000 | --SD | C] -- C:\Users\Patrick\AppData\Roaming\Microsoft
[2011.10.19 16:41:29 | 000,000,000 | R--D | C] -- C:\Users\Patrick\Videos
[2011.10.19 16:41:29 | 000,000,000 | R--D | C] -- C:\Users\Patrick\Saved Games
[2011.10.19 16:41:29 | 000,000,000 | R--D | C] -- C:\Users\Patrick\Pictures
[2011.10.19 16:41:29 | 000,000,000 | R--D | C] -- C:\Users\Patrick\Music
[2011.10.19 16:41:29 | 000,000,000 | R--D | C] -- C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2011.10.19 16:41:29 | 000,000,000 | R--D | C] -- C:\Users\Patrick\Links
[2011.10.19 16:41:29 | 000,000,000 | R--D | C] -- C:\Users\Patrick\Favorites
[2011.10.19 16:41:29 | 000,000,000 | R--D | C] -- C:\Users\Patrick\Downloads
[2011.10.19 16:41:29 | 000,000,000 | R--D | C] -- C:\Users\Patrick\Documents
[2011.10.19 16:41:29 | 000,000,000 | R--D | C] -- C:\Users\Patrick\Desktop
[2011.10.19 16:41:29 | 000,000,000 | R--D | C] -- C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2011.10.19 16:41:29 | 000,000,000 | -HSD | C] -- C:\Users\Patrick\Vorlagen
[2011.10.19 16:41:29 | 000,000,000 | -HSD | C] -- C:\Users\Patrick\AppData\Local\Verlauf
[2011.10.19 16:41:29 | 000,000,000 | -HSD | C] -- C:\Users\Patrick\AppData\Local\Temporary Internet Files
[2011.10.19 16:41:29 | 000,000,000 | -HSD | C] -- C:\Users\Patrick\Startmenü
[2011.10.19 16:41:29 | 000,000,000 | -HSD | C] -- C:\Users\Patrick\SendTo
[2011.10.19 16:41:29 | 000,000,000 | -HSD | C] -- C:\Users\Patrick\Recent
[2011.10.19 16:41:29 | 000,000,000 | -HSD | C] -- C:\Users\Patrick\Netzwerkumgebung
[2011.10.19 16:41:29 | 000,000,000 | -HSD | C] -- C:\Users\Patrick\Lokale Einstellungen
[2011.10.19 16:41:29 | 000,000,000 | -HSD | C] -- C:\Users\Patrick\Documents\Eigene Videos
[2011.10.19 16:41:29 | 000,000,000 | -HSD | C] -- C:\Users\Patrick\Documents\Eigene Musik
[2011.10.19 16:41:29 | 000,000,000 | -HSD | C] -- C:\Users\Patrick\Eigene Dateien
[2011.10.19 16:41:29 | 000,000,000 | -HSD | C] -- C:\Users\Patrick\Documents\Eigene Bilder
[2011.10.19 16:41:29 | 000,000,000 | -HSD | C] -- C:\Users\Patrick\Druckumgebung
[2011.10.19 16:41:29 | 000,000,000 | -HSD | C] -- C:\Users\Patrick\Cookies
[2011.10.19 16:41:29 | 000,000,000 | -HSD | C] -- C:\Users\Patrick\AppData\Local\Anwendungsdaten
[2011.10.19 16:41:29 | 000,000,000 | -HSD | C] -- C:\Users\Patrick\Anwendungsdaten
[2011.10.19 16:41:29 | 000,000,000 | -H-D | C] -- C:\Users\Patrick\AppData
[2011.10.19 16:41:29 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Local\Temp
[2011.10.19 16:41:29 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Local\Microsoft
[2011.10.19 16:41:29 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Roaming\Media Center Programs
[2011.10.19 16:41:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RocketDock
[2011.10.19 16:41:25 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\ShellExt
[2011.10.19 16:41:25 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\ShellExt
[2011.10.19 16:41:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RocketDock
[2011.10.19 16:41:09 | 000,000,000 | -HSD | C] -- C:\Recovery
[2011.10.19 16:41:08 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen
[2011.10.19 16:41:08 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü
[2011.10.19 16:41:08 | 000,000,000 | -HSD | C] -- C:\Programme
[2011.10.19 16:41:08 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien
[2011.10.19 16:41:08 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten
[2011.10.19 16:41:08 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos
[2011.10.19 16:41:08 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik
[2011.10.19 16:41:08 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder
[2011.10.19 16:41:08 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen
[2011.10.19 16:41:08 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente
[2011.10.19 16:41:08 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten
[2011.10.19 16:41:06 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2011.10.19 16:23:53 | 000,000,000 | -HSD | C] -- C:\System Volume Information
========== Files - Modified Within 30 Days ==========
[2011.10.27 09:12:22 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Patrick\Desktop\OTL.exe
[2011.10.27 09:08:53 | 000,000,000 | ---- | M] () -- C:\Users\Patrick\defogger_reenable
[2011.10.27 09:06:33 | 000,050,477 | ---- | M] () -- C:\Users\Patrick\Desktop\Defogger.exe
[2011.10.27 08:59:46 | 000,021,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.10.27 08:59:46 | 000,021,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.10.27 08:56:52 | 001,546,252 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.10.27 08:56:52 | 000,671,534 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011.10.27 08:56:52 | 000,632,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.10.27 08:56:52 | 000,135,772 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011.10.27 08:56:52 | 000,111,996 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.10.27 08:52:16 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.10.27 08:52:13 | 4221,497,342 | -HS- | M] () -- C:\hiberfil.sys
[2011.10.26 09:12:27 | 000,000,936 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GomezPEER.lnk
[2011.10.26 07:21:17 | 000,001,021 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\20Dollars2Surf.lnk
[2011.10.25 18:59:09 | 001,565,688 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.10.25 14:17:24 | 000,000,220 | ---- | M] () -- C:\Windows\Lexstat.ini
[2011.10.25 14:12:34 | 000,005,187 | ---- | M] () -- C:\Windows\SysNative\LexFiles.ulf
[2011.10.25 06:28:53 | 000,002,249 | ---- | M] () -- C:\Users\Patrick\Documents\Fische überwintern.rtf
[2011.10.24 09:09:14 | 000,420,624 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011.10.24 07:48:35 | 000,001,024 | ---- | M] () -- C:\.rnd
[2011.10.24 07:21:59 | 000,000,162 | -H-- | M] () -- C:\Users\Patrick\Desktop\~$ues RTF-Dokument.rtf
[2011.10.23 16:57:20 | 000,005,690 | ---- | M] () -- C:\Users\Patrick\Desktop\Neues RTF-Dokument.rtf
[2011.10.20 15:11:10 | 000,152,233 | ---- | M] () -- C:\Windows\SysNative\drivers\klin.dat
[2011.10.20 15:11:09 | 000,107,177 | ---- | M] () -- C:\Windows\SysNative\drivers\klick.dat
[2011.10.20 15:03:16 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2011.10.20 15:03:16 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2011.10.20 14:54:32 | 000,017,408 | ---- | M] () -- C:\Users\Patrick\AppData\Local\WebpageIcons.db
[2011.10.20 14:49:54 | 000,615,728 | ---- | M] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\klif.sys
[2011.10.20 11:15:23 | 000,105,744 | ---- | M] (Trend Micro Inc.) -- C:\Windows\SysNative\drivers\tmtdi.sys
[2011.10.20 09:58:57 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2011.10.20 09:50:03 | 000,030,663 | ---- | M] () -- C:\Windows\Ascd_tmp.ini
[2011.10.20 08:04:18 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ICCWDT_01009.Wdf
[2011.10.19 17:37:10 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_btath_hcrp_01009.Wdf
[2011.10.19 17:36:07 | 000,246,804 | ---- | M] () -- C:\Windows\SysNative\drivers\AtherosBt.bin
[2011.10.19 17:35:48 | 000,016,896 | ---- | M] (ASUS) -- C:\Windows\AsTaskSched.dll
[2011.10.19 17:16:48 | 000,019,256 | ---- | M] () -- C:\Windows\SysNative\results.xml
[2011.10.19 16:52:24 | 000,001,769 | ---- | M] () -- C:\Windows\Language_trs.ini
[2011.10.19 16:26:53 | 000,161,548 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2011.10.19 16:26:53 | 000,161,548 | ---- | M] () -- C:\Windows\SysNative\license.rtf
========== Files Created - No Company Name ==========
[2011.10.27 09:08:53 | 000,000,000 | ---- | C] () -- C:\Users\Patrick\defogger_reenable
[2011.10.27 09:06:33 | 000,050,477 | ---- | C] () -- C:\Users\Patrick\Desktop\Defogger.exe
[2011.10.26 19:48:37 | 000,002,025 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IncrediMail.lnk
[2011.10.26 09:12:27 | 000,000,936 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GomezPEER.lnk
[2011.10.26 07:21:17 | 000,001,021 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\20Dollars2Surf.lnk
[2011.10.26 07:17:43 | 000,196,096 | ---- | C] () -- C:\Program Files (x86)\b1guninst100.exe
[2011.10.25 14:11:29 | 000,000,220 | ---- | C] () -- C:\Windows\Lexstat.ini
[2011.10.25 14:10:44 | 000,413,696 | ---- | C] () -- C:\Windows\SysWow64\lxbcutil.dll
[2011.10.25 14:10:44 | 000,274,432 | ---- | C] () -- C:\Windows\SysWow64\LXBCinst.dll
[2011.10.25 14:10:44 | 000,001,858 | ---- | C] () -- C:\Windows\SysWow64\lxbc.loc
[2011.10.25 14:10:24 | 000,567,808 | ---- | C] () -- C:\Windows\SysNative\lxbcutil.dll
[2011.10.25 14:10:24 | 000,194,048 | ---- | C] () -- C:\Windows\SysNative\LXBCinst.dll
[2011.10.25 14:10:24 | 000,005,187 | ---- | C] () -- C:\Windows\SysNative\LexFiles.ulf
[2011.10.25 14:10:24 | 000,001,858 | ---- | C] () -- C:\Windows\SysNative\lxbc.loc
[2011.10.25 07:36:33 | 000,001,302 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
[2011.10.25 06:28:53 | 000,002,249 | ---- | C] () -- C:\Users\Patrick\Documents\Fische überwintern.rtf
[2011.10.24 07:48:35 | 000,001,024 | ---- | C] () -- C:\.rnd
[2011.10.24 07:48:33 | 001,565,688 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.10.24 07:21:59 | 000,000,162 | -H-- | C] () -- C:\Users\Patrick\Desktop\~$ues RTF-Dokument.rtf
[2011.10.23 17:34:16 | 000,203,264 | ---- | C] () -- C:\Windows\SysNative\unrar.dll
[2011.10.23 17:34:16 | 000,083,968 | ---- | C] () -- C:\Windows\SysNative\ff_vfw.dll
[2011.10.23 17:34:05 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2011.10.23 17:34:05 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2011.10.23 17:34:04 | 000,644,608 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2011.10.23 17:34:04 | 000,243,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2011.10.23 17:34:04 | 000,073,216 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2011.10.20 16:16:56 | 000,005,690 | ---- | C] () -- C:\Users\Patrick\Desktop\Neues RTF-Dokument.rtf
[2011.10.20 15:03:16 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2011.10.20 15:03:16 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2011.10.20 14:54:32 | 000,017,408 | ---- | C] () -- C:\Users\Patrick\AppData\Local\WebpageIcons.db
[2011.10.20 14:50:14 | 000,152,233 | ---- | C] () -- C:\Windows\SysNative\drivers\klin.dat
[2011.10.20 14:50:14 | 000,107,177 | ---- | C] () -- C:\Windows\SysNative\drivers\klick.dat
[2011.10.20 09:58:57 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2011.10.20 08:04:18 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ICCWDT_01009.Wdf
[2011.10.20 08:00:52 | 000,013,440 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2011.10.20 08:00:44 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2011.10.19 17:43:49 | 000,001,238 | ---- | C] () -- C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Social Games.lnk
[2011.10.19 17:37:10 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_btath_hcrp_01009.Wdf
[2011.10.19 17:29:11 | 000,001,904 | ---- | C] () -- C:\Windows\SysNative\SetupBD.din
[2011.10.19 17:28:38 | 000,003,114 | ---- | C] () -- C:\Windows\SysNative\e1c62x64.din
[2011.10.19 17:16:48 | 000,019,256 | ---- | C] () -- C:\Windows\SysNative\results.xml
[2011.10.19 17:15:01 | 013,359,616 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2011.10.19 17:15:01 | 001,981,696 | ---- | C] () -- C:\Windows\SysNative\iglhxa64.cpa
[2011.10.19 17:15:01 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011.10.19 17:15:01 | 000,963,116 | ---- | C] () -- C:\Windows\SysNative\igkrng600.bin
[2011.10.19 17:15:01 | 000,218,304 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011.10.19 17:15:01 | 000,218,304 | ---- | C] () -- C:\Windows\SysNative\igfcg600m.bin
[2011.10.19 17:15:01 | 000,211,082 | ---- | C] () -- C:\Windows\SysNative\Gfxres.th-TH.resources
[2011.10.19 17:15:01 | 000,197,902 | ---- | C] () -- C:\Windows\SysNative\Gfxres.el-GR.resources
[2011.10.19 17:15:01 | 000,182,514 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ru-RU.resources
[2011.10.19 17:15:01 | 000,179,992 | ---- | C] () -- C:\Windows\SysNative\difx64.exe
[2011.10.19 17:15:01 | 000,156,057 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ar-SA.resources
[2011.10.19 17:15:01 | 000,152,994 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ja-JP.resources
[2011.10.19 17:15:01 | 000,148,846 | ---- | C] () -- C:\Windows\SysNative\Gfxres.he-IL.resources
[2011.10.19 17:15:01 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011.10.19 17:15:01 | 000,145,804 | ---- | C] () -- C:\Windows\SysNative\igcompkrng600.bin
[2011.10.19 17:15:01 | 000,140,077 | ---- | C] () -- C:\Windows\SysNative\Gfxres.it-IT.resources
[2011.10.19 17:15:01 | 000,138,572 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ko-KR.resources
[2011.10.19 17:15:01 | 000,137,705 | ---- | C] () -- C:\Windows\SysNative\Gfxres.de-DE.resources
[2011.10.19 17:15:01 | 000,137,506 | ---- | C] () -- C:\Windows\SysNative\Gfxres.es-ES.resources
[2011.10.19 17:15:01 | 000,136,449 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ro-RO.resources
[2011.10.19 17:15:01 | 000,135,519 | ---- | C] () -- C:\Windows\SysNative\Gfxres.fr-FR.resources
[2011.10.19 17:15:01 | 000,135,222 | ---- | C] () -- C:\Windows\SysNative\Gfxres.tr-TR.resources
[2011.10.19 17:15:01 | 000,134,686 | ---- | C] () -- C:\Windows\SysNative\Gfxres.pt-BR.resources
[2011.10.19 17:15:01 | 000,134,272 | ---- | C] () -- C:\Windows\SysNative\Gfxres.nl-NL.resources
[2011.10.19 17:15:01 | 000,134,238 | ---- | C] () -- C:\Windows\SysNative\Gfxres.hu-HU.resources
[2011.10.19 17:15:01 | 000,133,706 | ---- | C] () -- C:\Windows\SysNative\Gfxres.sv-SE.resources
[2011.10.19 17:15:01 | 000,133,548 | ---- | C] () -- C:\Windows\SysNative\Gfxres.pt-PT.resources
[2011.10.19 17:15:01 | 000,133,246 | ---- | C] () -- C:\Windows\SysNative\Gfxres.cs-CZ.resources
[2011.10.19 17:15:01 | 000,133,014 | ---- | C] () -- C:\Windows\SysNative\Gfxres.pl-PL.resources
[2011.10.19 17:15:01 | 000,132,752 | ---- | C] () -- C:\Windows\SysNative\Gfxres.fi-FI.resources
[2011.10.19 17:15:01 | 000,132,650 | ---- | C] () -- C:\Windows\SysNative\Gfxres.sk-SK.resources
[2011.10.19 17:15:01 | 000,131,705 | ---- | C] () -- C:\Windows\SysNative\Gfxres.hr-HR.resources
[2011.10.19 17:15:01 | 000,128,863 | ---- | C] () -- C:\Windows\SysNative\Gfxres.sl-SI.resources
[2011.10.19 17:15:01 | 000,128,667 | ---- | C] () -- C:\Windows\SysNative\Gfxres.nb-NO.resources
[2011.10.19 17:15:01 | 000,128,407 | ---- | C] () -- C:\Windows\SysNative\Gfxres.da-DK.resources
[2011.10.19 17:15:01 | 000,123,921 | ---- | C] () -- C:\Windows\SysNative\Gfxres.en-US.resources
[2011.10.19 17:15:01 | 000,117,522 | ---- | C] () -- C:\Windows\SysNative\Gfxres.zh-TW.resources
[2011.10.19 17:15:01 | 000,116,233 | ---- | C] () -- C:\Windows\SysNative\Gfxres.zh-CN.resources
[2011.10.19 17:15:01 | 000,094,208 | ---- | C] () -- C:\Windows\SysNative\IccLibDll_x64.dll
[2011.10.19 17:15:01 | 000,075,776 | ---- | C] () -- C:\Windows\SysNative\igdde64.dll
[2011.10.19 17:15:01 | 000,059,243 | ---- | C] () -- C:\Windows\SysNative\iglhxo64.vp
[2011.10.19 17:15:01 | 000,059,174 | ---- | C] () -- C:\Windows\SysNative\iglhxg64.vp
[2011.10.19 17:15:01 | 000,059,062 | ---- | C] () -- C:\Windows\SysNative\iglhxc64.vp
[2011.10.19 17:15:01 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2011.10.19 17:15:01 | 000,017,220 | ---- | C] () -- C:\Windows\SysNative\iglhxs64.vp
[2011.10.19 17:15:01 | 000,000,151 | ---- | C] () -- C:\Windows\SysNative\GfxUI.exe.config
[2011.10.19 17:09:23 | 000,008,192 | ---- | C] () -- C:\Windows\SysNative\drivers\IntelMEFWVer.dll
[2011.10.19 16:52:24 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2011.10.19 16:52:17 | 000,030,663 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2011.10.19 16:41:49 | 000,001,405 | ---- | C] () -- C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2011.10.19 16:41:47 | 000,001,439 | ---- | C] () -- C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011.10.19 16:26:44 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2011.10.19 16:23:53 | 4221,497,342 | -HS- | C] () -- C:\hiberfil.sys
[2010.08.03 07:21:24 | 000,014,464 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsUpIO.sys
[2009.07.14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2009.04.02 14:30:14 | 000,010,296 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS
[2008.01.04 07:34:42 | 000,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys
========== LOP Check ==========
[2011.10.21 19:04:28 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\GetRight
[2011.10.22 09:44:35 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\GetRight Pro
[2011.10.26 09:21:09 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\Gomez
[2009.07.14 07:08:49 | 000,012,474 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*. >
[2011.10.19 16:41:36 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2009.07.14 07:08:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2011.10.19 16:41:08 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2011.10.26 09:11:56 | 000,000,000 | ---D | M] -- C:\drivers
[2011.10.19 17:14:29 | 000,000,000 | ---D | M] -- C:\Intel
[2011.10.24 07:29:35 | 000,000,000 | RH-D | M] -- C:\MSOCache
[2011.10.25 14:11:22 | 000,000,000 | R--D | M] -- C:\Program Files
[2011.10.26 19:48:49 | 000,000,000 | R--D | M] -- C:\Program Files (x86)
[2011.10.27 09:08:32 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2011.10.19 16:41:08 | 000,000,000 | -HSD | M] -- C:\Programme
[2011.10.19 17:20:41 | 000,000,000 | ---D | M] -- C:\RaidTool
[2011.10.19 16:41:09 | 000,000,000 | -HSD | M] -- C:\Recovery
[2011.10.27 09:18:02 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2011.10.19 16:41:29 | 000,000,000 | R--D | M] -- C:\Users
[2011.10.25 14:11:29 | 000,000,000 | ---D | M] -- C:\Windows
< %PROGRAMFILES%\*.exe >
[2004.06.20 18:32:30 | 000,196,096 | ---- | M] () -- C:\Program Files (x86)\b1guninst100.exe
< %LOCALAPPDATA%\*.exe >
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.manifest /3 >
< MD5 for: EXPLORER.EXE >
[2011.06.16 19:09:17 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011.06.16 19:09:17 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.21 05:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011.06.18 01:30:10 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=5740B1555D51D56547043181789027A5 -- C:\Windows\explorer.exe
[2011.06.18 01:30:10 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=5740B1555D51D56547043181789027A5 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.06.18 01:35:27 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=88B413E78ADB75A062AB947C1BF6D49A -- C:\Windows\SysWOW64\explorer.exe
[2011.06.18 01:35:27 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=88B413E78ADB75A062AB947C1BF6D49A -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010.11.21 05:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
< MD5 for: REGEDIT.EXE >
[2009.07.14 03:39:29 | 000,427,008 | ---- | M] (Microsoft Corporation) MD5=2E2C937846A0B8789E5E91739284D17A -- C:\Windows\winsxs\amd64_microsoft-windows-registry-editor_31bf3856ad364e35_6.1.7600.16385_none_5023a70bf589ad3e\regedit.exe
[2009.07.14 03:39:29 | 000,427,008 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\regedit.exe
[2009.07.14 03:14:30 | 000,398,336 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\SysWOW64\regedit.exe
[2009.07.14 03:14:30 | 000,398,336 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\winsxs\wow64_microsoft-windows-registry-editor_31bf3856ad364e35_6.1.7600.16385_none_5a78515e29ea6f39\regedit.exe
< MD5 for: USERINIT.EXE >
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
< MD5 for: WININIT.EXE >
[2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe
[2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe
< MD5 for: WINLOGON.EXE >
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
< Schliesse bitte nun alle Programme. (Wichtig) >
< End of report >
Extra.txt
Da mein Beitrag zu lang mit beiden Logs ist, habe ich den 2. Log als zip-Archiv in den Anhang gepackt.
Schonmal Danke!
LG,
n3m0 |
