| DalaiYama | 24.12.2012 18:38 |
Firewall (XP) wird deaktivert und System ist langsam - OTL Log
Hier noch das Logfile von OTL. Falls noch andere Logs benötigt werden bitte ich um Nennung der jeweiligen Software bzw der Schritte die zu tun sind. Code:
OTL logfile created on: 24.12.2012 15:17:58 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = L:\
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,25 Gb Total Physical Memory | 2,46 Gb Available Physical Memory | 75,72% Memory free
7,85 Gb Paging File | 7,08 Gb Available in Paging File | 90,14% Paging File free
Paging file location(s): H:\pagefile.sys 4875 4875 [binary data]
%SystemDrive% = H: | %SystemRoot% = H:\WINDOWS | %ProgramFiles% = H:\Programme
Drive H: | 75,13 Gb Total Space | 29,67 Gb Free Space | 39,50% Space Free | Partition Type: NTFS
Drive I: | 390,63 Gb Total Space | 145,20 Gb Free Space | 37,17% Space Free | Partition Type: NTFS
Drive L: | 232,88 Gb Total Space | 121,28 Gb Free Space | 52,08% Space Free | Partition Type: NTFS
Computer Name: ***-8F66B4EFD | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012.12.24 14:14:06 | 000,602,112 | ---- | M] (OldTimer Tools) -- L:\OTL.exe
PRC - [2012.12.24 13:11:32 | 001,667,072 | ---- | M] (WinLab) -- H:\Programme\CGI\CGIcfg32.exe
PRC - [2012.11.23 18:44:16 | 006,663,840 | ---- | M] (SlySoft, Inc.) -- H:\Programme\SlySoft\AnyDVD\AnyDVDtray.exe
PRC - [2012.11.06 19:00:32 | 003,143,800 | ---- | M] (AVG Technologies CZ, s.r.o.) -- H:\Programme\AVG\AVG2013\avgui.exe
PRC - [2012.11.06 19:00:04 | 005,814,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- H:\Programme\AVG\AVG2013\avgidsagent.exe
PRC - [2012.10.30 04:59:56 | 000,726,648 | ---- | M] (AVG Technologies CZ, s.r.o.) -- H:\Programme\AVG\AVG2013\avgrsx.exe
PRC - [2012.10.22 13:05:08 | 000,196,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- H:\Programme\AVG\AVG2013\avgwdsvc.exe
PRC - [2012.10.22 13:04:32 | 001,116,792 | ---- | M] (AVG Technologies CZ, s.r.o.) -- H:\Programme\AVG\AVG2013\avgnsx.exe
PRC - [2012.10.22 13:03:52 | 000,796,792 | ---- | M] (AVG Technologies CZ, s.r.o.) -- H:\Programme\AVG\AVG2013\avgemcx.exe
PRC - [2012.10.22 13:03:46 | 000,440,440 | ---- | M] (AVG Technologies CZ, s.r.o.) -- H:\Programme\AVG\AVG2013\avgcsrvx.exe
PRC - [2012.09.29 19:54:26 | 000,766,536 | ---- | M] (Malwarebytes Corporation) -- H:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012.09.29 19:54:26 | 000,676,936 | ---- | M] (Malwarebytes Corporation) -- H:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.09.29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) -- H:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012.09.28 19:18:10 | 000,309,688 | ---- | M] (Samsung Electronics Co., Ltd.) -- H:\Programme\Samsung\Kies\KiesTrayAgent.exe
PRC - [2012.09.24 23:12:59 | 000,161,768 | ---- | M] (Oracle Corporation) -- H:\Programme\Java\jre7\bin\jqs.exe
PRC - [2012.08.28 23:05:14 | 001,134,592 | ---- | M] (Zhorn Software) -- H:\Programme\Stickies\stickies.exe
PRC - [2012.07.03 08:04:54 | 000,252,848 | ---- | M] (Sun Microsystems, Inc.) -- H:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
PRC - [2009.12.23 22:34:20 | 000,370,688 | ---- | M] (StarWind Software) -- H:\Programme\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
PRC - [2009.03.12 19:43:30 | 000,102,400 | ---- | M] (Samsung Electronics Co., Ltd.) -- H:\Programme\Samsung\Samsung New PC Studio\NPSAgent.exe
PRC - [2009.03.12 09:31:56 | 000,233,472 | ---- | M] (Teruten) -- H:\WINDOWS\system32\FsUsbExService.Exe
PRC - [2008.04.14 03:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) -- H:\WINDOWS\explorer.exe
PRC - [2007.07.20 00:40:48 | 000,137,752 | ---- | M] (Logitech Inc.) -- H:\Programme\Gemeinsame Dateien\logishrd\LVMVFM\LVPrcSrv.exe
PRC - [2007.07.20 00:38:54 | 000,186,904 | ---- | M] (Logitech Inc.) -- H:\Programme\Gemeinsame Dateien\logishrd\LVCOMSER\LVComSer.exe
========== Modules (No Company Name) ==========
MOD - [2012.11.15 00:30:55 | 011,817,472 | ---- | M] () -- h:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\b809681da85a58046cb39f268b6697ad\System.Web.ni.dll
MOD - [2012.11.15 00:30:17 | 000,998,400 | ---- | M] () -- H:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Management\d8ca3b9fefcda19eeecd55c239f504ba\System.Management.ni.dll
MOD - [2012.11.15 00:29:17 | 001,712,128 | ---- | M] () -- h:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\38a190d849769ca2a9b174bd7253913c\Microsoft.VisualBasic.ni.dll
MOD - [2012.11.15 00:28:11 | 000,971,264 | ---- | M] () -- h:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\41cac4885974d07de06f0b4fec9883f0\System.Configuration.ni.dll
MOD - [2012.11.15 00:28:07 | 000,025,600 | ---- | M] () -- H:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\b5af2249e2d550f2752176a75c7a7656\Accessibility.ni.dll
MOD - [2012.11.14 23:40:43 | 005,450,752 | ---- | M] () -- H:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\d35b50eb6bb7b1bfb6592419d9feba47\System.Xml.ni.dll
MOD - [2012.11.14 23:40:34 | 012,433,920 | ---- | M] () -- H:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6585a5fcaaa1b49b9a1bd9ca5c5c306e\System.Windows.Forms.ni.dll
MOD - [2012.11.14 23:40:13 | 001,592,320 | ---- | M] () -- H:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\da4bcb702feb770ce40cf1371b0c4d02\System.Drawing.ni.dll
MOD - [2012.11.14 23:38:11 | 007,977,472 | ---- | M] () -- H:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\90ad0c96693527ae685ff40019bb33b0\System.ni.dll
MOD - [2012.11.14 23:37:56 | 011,492,352 | ---- | M] () -- H:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\3add69b075f3da012fb97ce00cd795c0\mscorlib.ni.dll
MOD - [2012.11.14 23:35:52 | 000,303,104 | ---- | M] () -- H:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2012.08.28 23:05:14 | 000,049,152 | ---- | M] () -- H:\Programme\Stickies\shook70.dll
MOD - [2012.07.27 21:51:38 | 000,301,056 | ---- | M] () -- H:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.DEU
MOD - [2012.07.03 22:55:30 | 000,270,336 | ---- | M] () -- H:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
MOD - [2010.03.16 11:22:12 | 000,014,848 | ---- | M] () -- H:\Programme\ATI Technologies\ATI.ACE\Core-Static\AxInterop.WBOCXLib.dll
MOD - [2009.05.14 23:14:54 | 000,315,392 | ---- | M] () -- H:\WINDOWS\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2009.05.14 23:14:53 | 000,212,992 | ---- | M] () -- H:\WINDOWS\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll
MOD - [2009.05.14 23:14:50 | 000,434,176 | ---- | M] () -- H:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll
MOD - [2007.07.20 00:39:16 | 000,068,120 | ---- | M] () -- H:\Programme\Gemeinsame Dateien\logishrd\LVCOMSER\LVCSPS.dll
========== Services (SafeList) ==========
SRV - [2012.12.16 21:37:13 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- H:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.11.21 12:43:01 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- H:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.11.09 11:21:24 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- H:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.11.06 19:00:04 | 005,814,392 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- H:\Programme\AVG\AVG2013\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2012.10.22 13:05:08 | 000,196,664 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- H:\Programme\AVG\AVG2013\avgwdsvc.exe -- (avgwd)
SRV - [2012.09.29 19:54:26 | 000,676,936 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- H:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.09.29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- H:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012.09.24 23:12:59 | 000,161,768 | ---- | M] (Oracle Corporation) [Auto | Running] -- H:\Programme\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2012.01.05 16:42:34 | 000,075,624 | ---- | M] (Alcohol Soft Development Team) [Auto | Stopped] -- H:\Programme\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe -- (AxAutoMntSrv)
SRV - [2011.07.20 04:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- H:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2011.07.03 21:07:13 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- H:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010.06.25 18:07:20 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- H:\Programme\WinPcap\rpcapd.exe -- (rpcapd)
SRV - [2009.12.23 22:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Auto | Running] -- H:\Programme\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
SRV - [2009.03.12 09:31:56 | 000,233,472 | ---- | M] (Teruten) [Auto | Running] -- H:\WINDOWS\system32\FsUsbExService.Exe -- (FsUsbExService)
SRV - [2008.06.24 15:05:56 | 000,537,896 | ---- | M] (Nero AG) [On_Demand | Stopped] -- H:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexingService.exe -- (NMIndexingService)
SRV - [2008.04.07 09:17:30 | 000,430,592 | ---- | M] (Nokia.) [On_Demand | Stopped] -- H:\Programme\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2007.07.20 00:42:30 | 000,141,848 | ---- | M] (Logitech Inc.) [Disabled | Stopped] -- H:\Programme\Gemeinsame Dateien\logishrd\SrvLnch\SrvLnch.exe -- (LVSrvLauncher)
SRV - [2007.07.20 00:40:48 | 000,137,752 | ---- | M] (Logitech Inc.) [Auto | Running] -- H:\Programme\Gemeinsame Dateien\logishrd\LVMVFM\LVPrcSrv.exe -- (LVPrcSrv)
SRV - [2007.07.20 00:38:54 | 000,186,904 | ---- | M] (Logitech Inc.) [Auto | Running] -- H:\Programme\Gemeinsame Dateien\logishrd\LVCOMSER\LVComSer.exe -- (LVCOMSer)
SRV - [2006.10.26 13:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- H:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- H:\ULTRASTAR\Ultrastar_Deluxe_v1.0.1a\Ultrastar Deluxe v1.0.1a\zlportio.sys -- (zlportio)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Stopped] -- G:\CDriver.sys -- (MSICDSetup)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- G:\INSTALL\GMSIPCI.SYS -- (GMSIPCI)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (ap6hmshj)
DRV - File not found [Kernel | On_Demand | Running] -- H:\DOKUME~1\***\LOKALE~1\Temp\ALSysIO.sys -- (ALSysIO)
DRV - [2012.10.22 13:02:46 | 000,179,936 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | System | Running] -- H:\WINDOWS\system32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2012.10.15 03:48:52 | 000,055,776 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- H:\WINDOWS\system32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2012.10.05 03:32:50 | 000,093,536 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- H:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2012.10.02 02:30:38 | 000,159,712 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- H:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2012.09.29 19:54:26 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- H:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012.09.21 02:46:06 | 000,164,832 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- H:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2012.09.21 02:46:00 | 000,177,376 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Running] -- H:\WINDOWS\system32\drivers\avglogx.sys -- (Avglogx)
DRV - [2012.09.21 02:45:54 | 000,019,936 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | System | Running] -- H:\WINDOWS\system32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2012.09.14 02:05:20 | 000,035,552 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- H:\WINDOWS\system32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2012.09.10 13:05:40 | 000,477,240 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- H:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2012.08.26 13:56:17 | 000,121,248 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- H:\WINDOWS\system32\drivers\AnyDVD.sys -- (AnyDVD)
DRV - [2012.06.19 15:54:20 | 006,141,584 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- H:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2012.05.14 07:12:12 | 000,103,040 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- H:\WINDOWS\system32\drivers\AtihdXP3.sys -- (AtiHDAudioService)
DRV - [2012.04.23 10:00:00 | 002,067,936 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- H:\WINDOWS\system32\drivers\athw.sys -- (AR5416)
DRV - [2011.03.18 17:08:54 | 000,025,240 | ---- | M] (Almico Software) [Kernel | Boot | Running] -- H:\WINDOWS\system32\speedfan.sys -- (speedfan)
DRV - [2011.01.27 00:34:30 | 006,406,656 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- H:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2010.06.25 18:07:14 | 000,035,088 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- H:\WINDOWS\system32\drivers\npf.sys -- (NPF)
DRV - [2010.05.06 12:57:24 | 000,156,800 | ---- | M] (© Guillemot R&D, 2010. All rights reserved.) [Kernel | On_Demand | Stopped] -- H:\WINDOWS\system32\drivers\HDJMidi.sys -- (HDJMidi)
DRV - [2010.05.06 12:57:20 | 000,135,936 | ---- | M] (© Guillemot R&D, 2010. All rights reserved.) [Kernel | On_Demand | Stopped] -- H:\WINDOWS\system32\drivers\HDJBulk.sys -- (Bulk)
DRV - [2010.05.06 12:57:16 | 000,186,752 | ---- | M] (© Guillemot R&D, 2010. All rights reserved.) [Kernel | On_Demand | Stopped] -- H:\WINDOWS\system32\drivers\HDJAsioK.sys -- (HDJAsioK)
DRV - [2009.12.15 22:19:37 | 000,217,536 | ---- | M] (TrueCrypt Foundation) [Kernel | System | Running] -- H:\WINDOWS\system32\drivers\truecrypt.sys -- (truecrypt)
DRV - [2009.11.18 06:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- H:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2009.11.18 06:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- H:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2009.03.27 13:33:42 | 000,130,816 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- H:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2009.03.16 22:19:44 | 000,058,208 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- H:\WINDOWS\system32\drivers\wsimd.sys -- (WSIMD)
DRV - [2009.03.05 09:14:50 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- H:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2008.07.03 02:38:14 | 000,089,600 | ---- | M] (ATI Research Inc.) [Kernel | On_Demand | Stopped] -- H:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2008.02.27 12:49:00 | 000,003,840 | ---- | M] () [Kernel | System | Running] -- H:\WINDOWS\system32\drivers\BANTExt.sys -- (BANTExt)
DRV - [2007.10.12 02:40:12 | 000,009,096 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- H:\WINDOWS\system32\drivers\amdide.sys -- (amdide)
DRV - [2007.09.17 15:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- H:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007.07.20 00:39:50 | 002,142,488 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- H:\WINDOWS\system32\drivers\LVMVdrv.sys -- (LVMVDrv)
DRV - [2007.07.20 00:37:56 | 002,109,592 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- H:\WINDOWS\system32\drivers\Lvckap.sys -- (LVcKap)
DRV - [2007.07.19 01:44:22 | 003,599,000 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- H:\WINDOWS\system32\drivers\lvuvc.sys -- (LVUVC)
DRV - [2007.07.19 01:44:22 | 000,022,296 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- H:\WINDOWS\system32\drivers\lvuvcflt.sys -- (FilterService)
DRV - [2007.07.19 01:44:00 | 000,041,752 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- H:\WINDOWS\system32\drivers\LVUSBSta.sys -- (LVUSBSta)
DRV - [2007.07.19 01:42:28 | 001,920,920 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- H:\WINDOWS\system32\drivers\lvpopflt.sys -- (lvpopflt)
DRV - [2007.07.18 17:42:42 | 000,025,624 | ---- | M] () [Kernel | On_Demand | Running] -- H:\WINDOWS\system32\drivers\LVPr2Mon.sys -- (LVPr2Mon)
DRV - [2007.06.29 13:47:34 | 000,034,304 | ---- | M] (AMD, Inc.) [Kernel | On_Demand | Running] -- H:\WINDOWS\system32\drivers\AmdLLD.sys -- (AmdLLD)
DRV - [2006.07.01 22:30:28 | 000,043,520 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- H:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2005.09.23 23:18:32 | 000,171,520 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Stopped] -- H:\WINDOWS\system32\drivers\MarvinBus.sys -- (MarvinBus)
DRV - [2002.07.17 09:05:10 | 000,016,512 | ---- | M] (Adaptec) [Kernel | On_Demand | Stopped] -- H:\WINDOWS\system32\drivers\ASPI32.SYS -- (ASPI)
DRV - [1996.04.03 20:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- H:\WINDOWS\system32\giveio.sys -- (giveio)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.arcor.de
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.arcor.de
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = hxxp://www.arcor.de
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.arcor.de
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.arcor.de
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.arcor.de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.arcor.de
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "https://www.facebook.com/"
FF - prefs.js..extensions.enabledAddons: personas@christopher.beard:1.6.2
FF - prefs.js..extensions.enabledAddons: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.9.12
FF - prefs.js..extensions.enabledAddons: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.6.2
FF - prefs.js..extensions.enabledAddons: firejump@firejump.net:1.0.2.5
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.3
FF - prefs.js..extensions.enabledItems: {1E73965B-8B48-48be-9C8D-68B920ABC1C4}:12.0.0.1912
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.7
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..keyword.URL: "hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q="
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: H:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: H:\WINDOWS\system32\Adobe\Director\np32dsw_1166636.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: File not found
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: H:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: H:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: H:\Programme\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: H:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=8: H:\Programme\Google\Update\1.2.145.5\npGoogleOneClick8.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.4: H:\Programme\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: H:\Programme\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: H:\Programme\Mozilla Firefox\components [2012.12.17 14:26:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: H:\Programme\Mozilla Firefox\plugins [2012.12.17 14:26:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0\extensions\\Components: H:\Programme\Mozilla Thunderbird\components [2012.11.21 12:43:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0\extensions\\Plugins: H:\Programme\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\firejump@firejump.net: H:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\46wxg61l.default\extensions\firejump@firejump.net [2012.09.05 07:02:31 | 000,000,000 | ---D | M]
[2009.05.12 15:12:15 | 000,000,000 | ---D | M] (No name found) -- H:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Extensions
[2012.11.23 21:39:43 | 000,000,000 | ---D | M] (No name found) -- H:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\46wxg61l.default\extensions
[2009.08.29 13:46:37 | 000,000,000 | ---D | M] (No name found) -- H:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\46wxg61l.default\extensions\{24d1fe20-76df-11de-8a39-0800200c9a66}
[2012.11.21 23:52:45 | 000,000,000 | ---D | M] (DownloadHelper) -- H:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\46wxg61l.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2009.09.22 14:54:42 | 000,000,000 | ---D | M] (DownThemAll!) -- H:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\46wxg61l.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}(2)
[2012.09.05 07:02:31 | 000,000,000 | ---D | M] (FireJump) -- H:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\46wxg61l.default\extensions\firejump@firejump.net
[2012.08.04 16:35:00 | 000,330,316 | ---- | M] () (No name found) -- H:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\46wxg61l.default\extensions\personas@christopher.beard.xpi
[2012.11.22 22:47:18 | 000,530,519 | ---- | M] () (No name found) -- H:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\46wxg61l.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2012.11.23 21:39:43 | 000,804,627 | ---- | M] () (No name found) -- H:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\46wxg61l.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2010.01.30 02:18:28 | 000,001,223 | ---- | M] () -- H:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\46wxg61l.default\searchplugins\scroogle-de.xml
[2010.01.30 02:18:28 | 000,001,936 | ---- | M] () -- H:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\46wxg61l.default\searchplugins\youtube-deutschland.xml
[2012.10.26 22:58:30 | 000,000,000 | ---D | M] (No name found) -- H:\Programme\Mozilla Firefox\extensions
[2012.10.26 22:58:38 | 000,261,600 | ---- | M] (Mozilla Foundation) -- H:\Programme\mozilla firefox\components\browsercomps.dll
[2010.01.13 23:46:00 | 000,063,488 | ---- | M] (Nullsoft, Inc.) -- H:\Programme\mozilla firefox\plugins\npwachk.dll
[2012.07.14 01:45:08 | 000,001,392 | ---- | M] () -- H:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.08.29 08:40:29 | 000,002,465 | ---- | M] () -- H:\Programme\mozilla firefox\searchplugins\bing.xml
[2012.07.14 01:45:08 | 000,001,153 | ---- | M] () -- H:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2012.07.14 01:45:08 | 000,006,805 | ---- | M] () -- H:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.07.14 01:45:08 | 000,001,178 | ---- | M] () -- H:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.07.14 01:45:07 | 000,001,105 | ---- | M] () -- H:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2006.02.28 13:00:00 | 000,000,820 | ---- | M]) - H:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - H:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - H:\Programme\AVG\AVG2012\avgssie.dll File not found
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - H:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - H:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - H:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (VMLoadHBO Class) - {C17C7688-31D1-46D7-8C9B-5D253E4F5D5E} - H:\Dokumente und Einstellungen\***\Anwendungsdaten\VMLoad\addin\VMLoad.dll (TODO: <Company name>)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - H:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [AVG_UI] H:\Programme\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [CGIcfg32] H:\Programme\CGI\CGIcfg32.exe (WinLab)
O4 - HKLM..\Run: [NPSStartup] File not found
O4 - HKLM..\Run: [StartCCC] H:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] H:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKCU..\Run: [AlcoholAutomount] H:\Programme\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe (Alcohol Soft Development Team)
O4 - HKCU..\Run: [AnyDVD] H:\Programme\SlySoft\AnyDVD\AnyDVDtray.exe (SlySoft, Inc.)
O4 - HKCU..\Run: [Core Temp] H:\Programme\Core Temp\Core Temp.exe ()
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] H:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: H:\Dokumente und Einstellungen\***\Startmenü\Programme\Autostart\Stickies.lnk = H:\Programme\Stickies\stickies.exe (Zhorn Software)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 181
O9 - Extra Button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - H:\Programme\ICQ7M\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - H:\Programme\ICQ7M\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - H:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1344099880625 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - H:\Programme\Belarc\Advisor\System\BAVoilaX.dll (Belarc, Inc.)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - H:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - H:\Programme\AVG\AVG2012\avgpp.dll File not found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - H:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - H:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - H:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - H:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - H:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - H:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (H:\WINDOWS\system32\userinit.exe) - H:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - H:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper:
O24 - Desktop BackupWallPaper:
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (H:\PROGRA~1\AVG\AVG2013\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2012.12.24 14:23:29 | 000,000,000 | ---D | C] -- H:\Dokumente und Einstellungen\***\Anwendungsdaten\Malwarebytes
[2012.12.24 14:23:19 | 000,000,000 | ---D | C] -- H:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware
[2012.12.24 14:23:18 | 000,000,000 | ---D | C] -- H:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2012.12.24 14:23:16 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- H:\WINDOWS\System32\drivers\mbam.sys
[2012.12.24 14:23:16 | 000,000,000 | ---D | C] -- H:\Programme\Malwarebytes' Anti-Malware
[2012.12.24 14:21:59 | 000,266,360 | ---- | C] (Microsoft Corporation) -- H:\WINDOWS\System32\TweakUI.exe
[2012.12.24 14:21:59 | 000,000,000 | ---D | C] -- H:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Powertoys for Windows XP
[2012.12.24 14:01:16 | 000,000,000 | -H-D | C] -- H:\WINDOWS\System32\GroupPolicy
[2012.12.24 13:13:34 | 000,000,000 | ---D | C] -- H:\Programme\CGI
[2012.12.24 13:11:31 | 001,667,072 | ---- | C] (WinLab) -- H:\Dokumente und Einstellungen\***\Anwendungsdaten\CGIcfg32.exe
[2012.12.24 13:11:16 | 000,000,000 | ---D | C] -- H:\Programme\Dr. Hardware 2013
[2012.12.17 22:39:03 | 000,000,000 | ---D | C] -- H:\Programme\Core Temp
[2012.12.17 22:39:03 | 000,000,000 | ---D | C] -- H:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Core Temp
[2012.12.15 23:12:14 | 000,000,000 | ---D | C] -- H:\Dokumente und Einstellungen\***\Desktop\***
[2012.12.14 19:23:40 | 000,000,000 | ---D | C] -- H:\Programme\SlySoft
[2012.12.14 19:23:40 | 000,000,000 | ---D | C] -- H:\Dokumente und Einstellungen\All Users\Startmenü\Programme\SlySoft
[2012.12.14 19:23:40 | 000,000,000 | ---D | C] -- H:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SlySoft
[2012.12.14 15:07:17 | 000,000,000 | ---D | C] -- H:\Programme\SpeedFan
[2012.12.14 15:07:17 | 000,000,000 | ---D | C] -- H:\Dokumente und Einstellungen\***\Startmenü\Programme\SpeedFan
[2012.12.14 13:59:10 | 000,000,000 | ---D | C] -- H:\Dokumente und Einstellungen\All Users\Startmenü\Programme\AVG
[2012.12.13 11:24:27 | 000,000,000 | ---D | C] -- H:\Dokumente und Einstellungen\***\Eigene Dateien\NPS
[2012.12.09 15:55:25 | 000,000,000 | ---D | C] -- H:\Programme\Gemeinsame Dateien\Skype
[2012.12.09 15:55:25 | 000,000,000 | ---D | C] -- H:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Skype
[2012.12.08 13:47:25 | 000,000,000 | ---D | C] -- H:\Dokumente und Einstellungen\***\Anwendungsdaten\XnView
[2012.12.08 13:47:06 | 000,000,000 | ---D | C] -- H:\Dokumente und Einstellungen\All Users\Startmenü\Programme\XnView
[2012.12.08 13:46:59 | 000,000,000 | ---D | C] -- H:\Programme\XnView
[2012.12.03 20:22:27 | 000,000,000 | ---D | C] -- H:\Dokumente und Einstellungen\***\Desktop\Nicht verwendete Desktopverknüpfungen
[2012.11.30 12:41:56 | 000,000,000 | ---D | C] -- H:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PC Suite
[2012.11.30 12:41:52 | 000,000,000 | ---D | C] -- H:\Dokumente und Einstellungen\***\Anwendungsdaten\PC Suite
[2012.11.30 12:39:17 | 000,090,624 | ---- | C] (Nokia) -- H:\WINDOWS\System32\nmwcdcls.dll
[2012.11.30 12:39:12 | 000,021,632 | ---- | C] (Nokia) -- H:\WINDOWS\System32\drivers\pccsmcfd.sys
[2012.11.30 12:38:33 | 000,000,000 | ---D | C] -- H:\WINDOWS\System32\Samsung_USB_Drivers
[2012.11.30 12:38:32 | 000,000,000 | ---D | C] -- H:\Programme\DIFX
[2012.11.30 12:38:22 | 000,233,472 | ---- | C] (Teruten) -- H:\WINDOWS\System32\FsUsbExService.Exe
[2012.11.30 12:38:20 | 000,000,000 | ---D | C] -- H:\Dokumente und Einstellungen\***\Eigene Dateien\My NPS Files
[2012.11.30 12:37:31 | 000,000,000 | ---D | C] -- H:\Dokumente und Einstellungen\***\Anwendungsdaten\Samsung
[2012.11.30 12:37:14 | 000,000,000 | ---D | C] -- H:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Samsung New PC Studio
[2012.11.30 12:37:10 | 000,000,000 | ---D | C] -- H:\Programme\PC Connectivity Solution
[5 H:\WINDOWS\System32\*.tmp files -> H:\WINDOWS\System32\*.tmp -> ]
[5 H:\WINDOWS\*.tmp files -> H:\WINDOWS\*.tmp -> ]
[1 H:\*.tmp files -> H:\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012.12.24 15:01:15 | 000,000,884 | ---- | M] () -- H:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012.12.24 14:23:20 | 000,000,756 | ---- | M] () -- H:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012.12.24 13:58:40 | 000,000,040 | -HS- | M] () -- H:\Dokumente und Einstellungen\All Users\Anwendungsdaten\.zreglib
[2012.12.24 13:58:30 | 000,002,422 | ---- | M] () -- H:\WINDOWS\System32\wpa.dbl
[2012.12.24 13:58:10 | 000,002,048 | --S- | M] () -- H:\WINDOWS\bootstat.dat
[2012.12.24 13:57:56 | 000,000,000 | ---- | M] () -- H:\WINDOWS\System32\drivers\lvuvc.hs
[2012.12.24 13:49:39 | 000,000,069 | ---- | M] () -- H:\WINDOWS\NeroDigital.ini
[2012.12.24 13:11:32 | 001,667,072 | ---- | M] (WinLab) -- H:\Dokumente und Einstellungen\***\Anwendungsdaten\CGIcfg32.exe
[2012.12.24 04:16:24 | 000,372,872 | ---- | M] () -- H:\WINDOWS\System32\FNTCACHE.DAT
[2012.12.19 02:02:11 | 000,000,350 | ---- | M] () -- H:\Dokumente und Einstellungen\***\Desktop\Verknüpfung (2) mit HÖRBÜCHER.lnk
[2012.12.17 11:09:31 | 000,000,350 | ---- | M] () -- H:\Dokumente und Einstellungen\***\Desktop\Verknüpfung mit Downloads.lnk
[2012.12.16 21:38:29 | 000,242,176 | ---- | M] () -- H:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.12.16 21:37:13 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- H:\WINDOWS\System32\FlashPlayerApp.exe
[2012.12.16 21:37:13 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- H:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012.12.16 13:23:59 | 000,290,560 | ---- | M] (Adobe Systems Incorporated) -- H:\WINDOWS\System32\dllcache\atmfd.dll
[2012.12.16 13:23:59 | 000,290,560 | ---- | M] (Adobe Systems Incorporated) -- H:\WINDOWS\System32\atmfd.dll
[2012.12.15 12:58:43 | 000,001,393 | ---- | M] () -- H:\WINDOWS\imsins.BAK
[2012.12.14 19:23:44 | 000,000,726 | ---- | M] () -- H:\Dokumente und Einstellungen\All Users\Desktop\AnyDVD.lnk
[2012.12.14 15:07:18 | 000,000,654 | ---- | M] () -- H:\Dokumente und Einstellungen\***\Desktop\SpeedFan.lnk
[2012.12.14 15:07:16 | 000,000,045 | ---- | M] () -- H:\WINDOWS\System32\initdebug.nfo
[2012.12.11 23:34:22 | 000,000,334 | ---- | M] () -- H:\Dokumente und Einstellungen\***\Desktop\Verknüpfung mit FILME.lnk
[2012.12.08 13:48:27 | 000,000,586 | ---- | M] () -- H:\Dokumente und Einstellungen\***\Desktop\XnView.lnk
[2012.11.30 12:37:40 | 000,002,528 | ---- | M] () -- H:\Dokumente und Einstellungen\***\Anwendungsdaten\$_hpcst$.hpc
[5 H:\WINDOWS\System32\*.tmp files -> H:\WINDOWS\System32\*.tmp -> ]
[5 H:\WINDOWS\*.tmp files -> H:\WINDOWS\*.tmp -> ]
[1 H:\*.tmp files -> H:\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.12.24 14:23:20 | 000,000,756 | ---- | C] () -- H:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012.12.24 14:21:59 | 000,160,217 | ---- | C] () -- H:\WINDOWS\System32\PowerToysLicense.rtf
[2012.12.19 02:02:11 | 000,000,350 | ---- | C] () -- H:\Dokumente und Einstellungen\***\Desktop\Verknüpfung (2) mit HÖRBÜCHER.lnk
[2012.12.17 11:09:31 | 000,000,350 | ---- | C] () -- H:\Dokumente und Einstellungen\***\Desktop\Verknüpfung mit Downloads.lnk
[2012.12.14 19:25:47 | 000,000,040 | -HS- | C] () -- H:\Dokumente und Einstellungen\All Users\Anwendungsdaten\.zreglib
[2012.12.14 19:23:44 | 000,000,726 | ---- | C] () -- H:\Dokumente und Einstellungen\All Users\Desktop\AnyDVD.lnk
[2012.12.14 15:07:18 | 000,000,654 | ---- | C] () -- H:\Dokumente und Einstellungen\***\Desktop\SpeedFan.lnk
[2012.12.14 15:07:15 | 000,000,045 | ---- | C] () -- H:\WINDOWS\System32\initdebug.nfo
[2012.12.11 23:34:22 | 000,000,334 | ---- | C] () -- H:\Dokumente und Einstellungen\***\Desktop\Verknüpfung mit FILME.lnk
[2012.12.08 13:47:08 | 000,000,586 | ---- | C] () -- H:\Dokumente und Einstellungen\***\Desktop\XnView.lnk
[2012.11.30 12:38:22 | 000,110,592 | ---- | C] () -- H:\WINDOWS\System32\FsUsbExDevice.Dll
[2012.11.30 12:38:22 | 000,036,608 | ---- | C] () -- H:\WINDOWS\System32\FsUsbExDisk.Sys
[2012.11.30 12:37:40 | 000,002,528 | ---- | C] () -- H:\Dokumente und Einstellungen\***\Anwendungsdaten\$_hpcst$.hpc
[2012.11.05 17:18:33 | 000,000,036 | ---- | C] () -- H:\WINDOWS\avgui.INI
[2012.10.12 09:48:33 | 000,000,040 | ---- | C] () -- H:\WINDOWS\iltwain.ini
[2012.10.04 20:15:58 | 000,025,548 | ---- | C] () -- H:\WINDOWS\System32\drivers\RTAIODAT.DAT
[2012.09.26 19:57:16 | 000,030,568 | ---- | C] () -- H:\WINDOWS\MusiccityDownload.exe
[2012.09.26 19:57:14 | 000,974,848 | ---- | C] () -- H:\WINDOWS\System32\cis-2.4.dll
[2012.09.26 19:57:14 | 000,081,920 | ---- | C] () -- H:\WINDOWS\System32\issacapi_bs-2.3.dll
[2012.09.26 19:57:14 | 000,065,536 | ---- | C] () -- H:\WINDOWS\System32\issacapi_pe-2.3.dll
[2012.09.26 19:57:14 | 000,057,344 | ---- | C] () -- H:\WINDOWS\System32\issacapi_se-2.3.dll
[2012.09.12 15:28:49 | 000,110,592 | ---- | C] () -- H:\WINDOWS\System32\rtvcvfw32.dll
[2012.09.05 07:02:28 | 000,338,432 | ---- | C] () -- H:\WINDOWS\System32\sqlite36_engine.dll
[2012.08.04 11:58:41 | 000,003,072 | ---- | C] () -- H:\WINDOWS\System32\iacenc.dll
[2011.12.11 20:15:30 | 000,069,632 | ---- | C] () -- H:\WINDOWS\RAUNINST.EXE
[2011.12.09 15:57:31 | 000,069,632 | ---- | C] () -- H:\WINDOWS\UNINSTCC.EXE
[2011.03.21 18:56:22 | 000,059,904 | ---- | C] () -- H:\WINDOWS\System32\OVDecode.dll
[2011.03.14 16:39:52 | 000,022,328 | ---- | C] () -- H:\Dokumente und Einstellungen\***\Anwendungsdaten\PnkBstrK.sys
[2010.05.20 11:14:47 | 000,000,012 | -HS- | C] () -- H:\Dokumente und Einstellungen\***\windata.xfd
[2009.12.16 15:28:35 | 000,000,760 | ---- | C] () -- H:\Dokumente und Einstellungen\***\Anwendungsdaten\setup_ldm.iss
[2009.06.23 21:42:37 | 000,000,183 | ---- | C] () -- H:\Dokumente und Einstellungen\***\Anwendungsdaten\default.pls
[2009.05.26 00:02:07 | 000,003,013 | ---- | C] () -- H:\Dokumente und Einstellungen\***\.keystore
[2009.05.12 22:16:19 | 000,001,024 | ---- | C] () -- H:\Dokumente und Einstellungen\***\.rnd
[2009.05.12 16:56:04 | 000,242,176 | ---- | C] () -- H:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007.03.20 18:21:00 | 001,544,291 | R--- | C] () -- H:\Programme\XR_3DA.exe
========== ZeroAccess Check ==========
[2009.05.12 14:27:32 | 000,000,227 | RHS- | M] () -- H:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2009.03.03 00:10:15 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = H:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 11:51:44 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = H:\WINDOWS\system32\wbem\wbemess.dll -- [2008.04.14 03:22:32 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== Alternate Data Streams ==========
@Alternate Data Stream - 227 bytes -> H:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:D282699C
@Alternate Data Stream - 125 bytes -> H:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TEMP:8CE646EE
< End of report >
|
