Anbei die beiden Textdateien aus OTL.txt
OTL Logfile: Code:
OTL logfile created on: 19.01.2012 21:29:06 - Run 2
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\Christoph Vogel\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,87 Gb Total Physical Memory | 2,89 Gb Available Physical Memory | 74,83% Memory free
7,73 Gb Paging File | 6,78 Gb Available in Paging File | 87,71% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 458,87 Gb Total Space | 397,81 Gb Free Space | 86,69% Space Free | Partition Type: NTFS
Drive D: | 458,87 Gb Total Space | 454,03 Gb Free Space | 98,94% Space Free | Partition Type: NTFS
Drive H: | 120,25 Mb Total Space | 109,29 Mb Free Space | 90,89% Space Free | Partition Type: FAT
Drive I: | 931,51 Gb Total Space | 297,82 Gb Free Space | 31,97% Space Free | Partition Type: NTFS
Computer Name: ACER | User Name: Christoph Vogel | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012.01.19 20:57:50 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Christoph Vogel\Desktop\OTL.exe
PRC - [2011.12.24 17:50:16 | 000,981,680 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
========== Modules (No Company Name) ==========
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2009.01.28 09:54:04 | 002,790,400 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Auto | Stopped] -- C:\Windows\SysNative\hasplms.exe -- (hasplms)
SRV - [2011.12.24 17:50:18 | 000,652,872 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011.06.28 18:15:01 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Stopped] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.06.08 12:02:00 | 000,633,856 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2011.05.01 09:28:19 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Stopped] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011.04.01 04:11:52 | 000,428,640 | ---- | M] (Logitech Inc.) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)
SRV - [2011.02.21 01:48:00 | 000,155,232 | ---- | M] (DATEV eG) [Auto | Stopped] -- D:\DATEV\PROGRAMM\INSTALL\DvInesASDSvc.Exe -- (DATEV Update-Service)
SRV - [2010.12.08 02:20:00 | 000,079,872 | ---- | M] (DATEV eG) [Auto | Stopped] -- D:\DATEV\PROGRAMM\B0001442\PSNTServ.exe -- (DatevPrintService)
SRV - [2010.10.22 02:00:00 | 000,376,832 | ---- | M] (AVM Berlin) [Auto | Stopped] -- C:\Program Files (x86)\avmwlanstick\WlanNetService.exe -- (AVM WLAN Connection Service)
SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.12.09 10:24:16 | 000,076,320 | ---- | M] () [Auto | Stopped] -- C:\OEM\USBDECTION\USBS3S4Detection.exe -- (USBS3S4Detection)
SRV - [2009.10.13 20:25:30 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMON) Intel(R)
SRV - [2009.09.30 13:01:32 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2009.09.30 13:01:30 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2009.08.28 10:38:58 | 001,150,496 | ---- | M] (Acer Incorporated) [Auto | Stopped] -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe -- (Greg_Service)
SRV - [2009.08.25 19:38:06 | 000,935,208 | ---- | M] (Nero AG) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2009.08.13 00:04:44 | 000,062,208 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2009.07.04 03:47:12 | 000,240,160 | ---- | M] (Acer) [Auto | Stopped] -- C:\Programme\Acer\Acer Updater\UpdaterService.exe -- (Updater Service)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.01.26 14:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Stopped] -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
SRV - [2007.06.15 12:57:42 | 000,145,504 | ---- | M] (B.H.A Corporation) [Auto | Stopped] -- C:\Windows\SysWOW64\bgsvcgen.exe -- (bgsvcgen)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2011.12.10 15:24:08 | 000,023,152 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2011.06.28 18:15:01 | 000,123,784 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2011.06.28 18:15:01 | 000,088,288 | ---- | M] (Avira GmbH) [File_System | Auto | Stopped] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2011.05.18 09:14:22 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt)
DRV:64bit: - [2011.05.18 09:14:20 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2011.05.18 09:14:16 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc)
DRV:64bit: - [2011.05.18 09:14:12 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:64bit: - [2011.04.01 04:07:54 | 004,184,672 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64) Logitech Webcam 200(UVC)
DRV:64bit: - [2011.04.01 04:06:22 | 000,341,856 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 14:03:10 | 000,230,352 | ---- | M] (TrueCrypt Foundation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\truecrypt.sys -- (truecrypt)
DRV:64bit: - [2010.11.20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 11:43:57 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2010.10.04 01:00:00 | 001,293,824 | ---- | M] (AVM GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fwlanusb4.sys -- (fwlanusb4)
DRV:64bit: - [2010.10.04 01:00:00 | 000,014,120 | ---- | M] (AVM Berlin) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\avmeject.sys -- (avmeject)
DRV:64bit: - [2010.07.27 07:11:38 | 000,271,712 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvpopf64.sys -- (lvpopf64)
DRV:64bit: - [2010.05.07 17:43:30 | 000,030,304 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LVPr2M64.sys -- (LVPr2Mon)
DRV:64bit: - [2010.05.07 17:43:30 | 000,030,304 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LVPr2M64.sys -- (LVPr2M64)
DRV:64bit: - [2009.10.13 20:16:40 | 000,409,624 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009.10.08 13:41:42 | 000,025,344 | ---- | M] (KOBIL Systems GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\KOBCCEX.sys -- (KOBCCEX)
DRV:64bit: - [2009.10.08 13:41:26 | 000,104,576 | ---- | M] (KOBIL Systems GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\KOBCCID.sys -- (KOBCCID)
DRV:64bit: - [2009.09.23 10:11:04 | 000,283,824 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1k62x64.sys -- (e1kexpress) Intel(R)
DRV:64bit: - [2009.09.17 05:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel(R)
DRV:64bit: - [2009.08.21 21:24:04 | 000,084,512 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 01:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009.07.14 01:10:47 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rootmdm.sys -- (ROOTMODEM)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.06 01:46:08 | 000,018,432 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:64bit: - [2009.05.06 01:46:08 | 000,016,896 | ---- | M] (NewTech Infosystems Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV:64bit: - [2009.02.03 02:10:26 | 000,318,464 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\hardlock.sys -- (Hardlock)
DRV:64bit: - [2009.01.09 15:02:08 | 000,031,744 | ---- | M] (Research in Motion Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimSerial_AMD64.sys -- (RimVSerPort)
DRV:64bit: - [2009.01.08 09:55:04 | 000,129,280 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\aksfridge.sys -- (aksfridge)
DRV:64bit: - [2008.08.28 11:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2008.02.11 14:57:10 | 000,070,272 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\aksdf.sys -- (aksdf)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_x3900&r=17360510ln07973780f553h931y34n
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_x3900&r=17360510ln07973780f553h931y34n
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_x3900&r=17360510ln07973780f553h931y34n
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_x3900&r=17360510ln07973780f553h931y34n
IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_x3900&r=17360510ln07973780f553h931y34n
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\..\URLSearchHook: - No CLSID value found
IE - HKCU\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - No CLSID value found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = fritz.box
========== FireFox ==========
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.732: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.732: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=1.0.0.0: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.732: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010.06.04 10:50:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2011.08.04 16:48:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.20\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.10.27 09:26:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.20\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.12.04 18:56:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2011.08.04 16:48:25 | 000,000,000 | ---D | M]
[2011.07.10 16:31:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Christoph Vogel\AppData\Roaming\mozilla\Extensions
[2011.07.10 16:31:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Christoph Vogel\AppData\Roaming\mozilla\Extensions\ideskbrowser@haufe.de
[2012.01.18 22:27:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Christoph Vogel\AppData\Roaming\mozilla\Firefox\Profiles\icnjzktg.default\extensions
[2011.12.04 18:56:31 | 000,000,000 | ---D | M] (Winamp Toolbar) -- C:\Users\Christoph Vogel\AppData\Roaming\mozilla\Firefox\Profiles\icnjzktg.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}
[2011.12.04 19:54:25 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Users\Christoph Vogel\AppData\Roaming\mozilla\Firefox\Profiles\icnjzktg.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.12.04 19:54:24 | 000,000,000 | ---D | M] (DVDVideoSoftTB Community Toolbar) -- C:\Users\Christoph Vogel\AppData\Roaming\mozilla\Firefox\Profiles\icnjzktg.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2010.11.20 11:42:30 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\Christoph Vogel\AppData\Roaming\mozilla\Firefox\Profiles\icnjzktg.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.05.14 14:37:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Christoph Vogel\AppData\Roaming\mozilla\Firefox\Profiles\icnjzktg.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2011.08.14 20:42:47 | 000,000,000 | ---D | M] (Разпознаване на устройство Logitech) -- C:\Users\Christoph Vogel\AppData\Roaming\mozilla\Firefox\Profiles\icnjzktg.default\extensions\DeviceDetection@logitech.com
[2011.12.04 19:54:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Christoph Vogel\AppData\Roaming\mozilla\Firefox\Profiles\icnjzktg.default\extensions\staged-xpis
[2011.10.28 09:10:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2010.05.13 14:56:41 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.08.08 18:08:36 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
File not found (No name found) -- C:\PROGRAM FILES (X86)\HAUFE\IDESK\IDESKBROWSER\EXTENSIONS\{C24AECC7-7C95-507F-D71F-155CB86656DF}
[2010.07.17 04:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2011.10.26 19:49:56 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2011.07.03 20:14:36 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.01.26 10:13:29 | 000,002,226 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2011.07.03 20:14:36 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2011.07.03 20:14:36 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.07.03 20:14:36 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.07.03 20:14:36 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2012.01.18 23:10:12 | 000,440,287 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 www.123fporn.info
O1 - Hosts: 15136 more lines...
O2:64bit: - BHO: (DtvIePwdSafeBHO64 Class) - {557F4852-8868-44dd-B5E9-9890AC4B1FD5} - D:\DATEV\PROGRAMM\B0000397\DtvIePwdSafe64.dll File not found
O2:64bit: - BHO: (no name) - {6EF6B546-25FB-455B-801F-FDB3B3D39F9E} - No CLSID value found.
O2:64bit: - BHO: (Windows Live ID-Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2:64bit: - BHO: (SCardBHOEvent Class) - {AF8CD625-E04A-4A8F-A90A-0C74846C2E30} - D:\DATEV\SYSTEM\DVCCSASCardBHO64002.Dll File not found
O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll (AOL Inc.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll (AOL Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [AVMWlanClient] C:\Program Files (x86)\avmwlanstick\wlangui.exe (AVM Berlin)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)
O4 - HKLM..\Run: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [DATEV Update-Monitor] D:\DATEV\PROGRAMM\Install\DvInesASDMon.exe (DATEV eG)
O4 - HKLM..\Run: [Hotkey Utility] C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe ()
O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKCU..\Run: [] File not found
O4 - HKCU..\Run: [{D29D1C2C-5DF3-11DF-B7E8-806E6F6E6963}] C:\Users\Christoph Vogel\AppData\Roaming\Microsoft\dllhsts.exe (TrueCrypt Foundation)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html File not found
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html File not found
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll (Safer Networking Limited)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: datev.at ([]http is out of zone range - 5)
O15 - HKCU\..Trusted Domains: datev.at ([]https is out of zone range - 5)
O15 - HKCU\..Trusted Domains: datev.com ([]http is out of zone range - 5)
O15 - HKCU\..Trusted Domains: datev.com ([]https is out of zone range - 5)
O15 - HKCU\..Trusted Domains: datev.de ([]http is out of zone range - 5)
O15 - HKCU\..Trusted Domains: datev.de ([]https is out of zone range - 5)
O15 - HKCU\..Trusted Domains: datev.de ([www] http is out of zone range - 5)
O15 - HKCU\..Trusted Domains: datev.de ([www] https is out of zone range - 5)
O15 - HKCU\..Trusted Domains: datevnet.de ([*.services] http is out of zone range - 5)
O15 - HKCU\..Trusted Domains: datevnet.de ([*.services] https is out of zone range - 5)
O15 - HKCU\..Trusted Domains: datevstadt.de ([]http is out of zone range - 5)
O15 - HKCU\..Trusted Domains: datevstadt.de ([]https is out of zone range - 5)
O15 - HKCU\..Trusted Domains: fritz.box ([]* in Lokales Intranet)
O15 - HKCU\..Trusted Ranges: Range37 ([*] in Lokales Intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{28BC79AF-CCDE-424E-8365-BF35FC0AF72F}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\haufereader - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\haufereader - No CLSID value found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{9973e1db-42d1-11e1-8808-90fba62d60ac}\Shell - "" = AutoRun
O33 - MountPoints2\{9973e1db-42d1-11e1-8808-90fba62d60ac}\Shell\AutoRun\command - "" = H:\pushinst.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2012.01.19 21:24:46 | 000,000,000 | ---D | C] -- C:\Users\Christoph Vogel\AppData\Local\ElevatedDiagnostics
[2012.01.19 21:21:25 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Christoph Vogel\Desktop\OTL.exe
[2012.01.19 20:52:51 | 000,000,000 | ---D | C] -- C:\Users\Christoph Vogel\AppData\Roaming\Malwarebytes
[2012.01.19 20:52:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.01.19 20:52:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.01.19 20:52:41 | 000,023,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.01.19 20:52:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.01.19 20:52:18 | 010,847,608 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Christoph Vogel\Desktop\mbam-setup-1.60.0.1800.exe
[2012.01.19 20:25:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FRITZ!WLAN
[2012.01.19 20:25:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\avmwlanstick
[2012.01.19 20:24:35 | 001,293,824 | ---- | C] (AVM GmbH) -- C:\Windows\SysNative\drivers\fwlanusb4.sys
[2012.01.19 20:24:34 | 000,099,328 | ---- | C] (AVM Berlin) -- C:\Windows\SysNative\fwlan4ci.dll
[2012.01.19 20:24:30 | 000,014,120 | ---- | C] (AVM Berlin) -- C:\Windows\SysNative\drivers\avmeject.sys
[2012.01.19 20:24:30 | 000,000,000 | ---D | C] -- C:\Windows\AVM_Driver
[2012.01.19 20:24:24 | 000,000,000 | ---D | C] -- C:\Users\Christoph Vogel\AVM_Driver
[2012.01.18 21:32:54 | 001,572,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2012.01.18 21:32:53 | 001,328,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2012.01.18 21:32:53 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2012.01.18 21:32:53 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2012.01.18 21:32:51 | 001,731,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2012.01.18 21:32:51 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2012.01.18 21:32:51 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[2012.01.09 10:09:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\USM
[2012.01.09 10:01:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steuer 2011
[2012.01.09 10:01:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Buhl Data Service GmbH
[2012.01.08 13:16:27 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2009.11.26 18:31:51 | 000,036,136 | ---- | C] (Oberon Media) -- C:\ProgramData\FullRemove.exe
========== Files - Modified Within 30 Days ==========
[2012.01.19 21:21:38 | 000,654,150 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.01.19 21:21:38 | 000,616,032 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.01.19 21:21:38 | 000,130,022 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.01.19 21:21:38 | 000,106,412 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.01.19 21:21:37 | 001,498,742 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.01.19 21:18:19 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.01.19 21:18:10 | 3113,558,016 | -HS- | M] () -- C:\hiberfil.sys
[2012.01.19 20:57:50 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Christoph Vogel\Desktop\OTL.exe
[2012.01.19 20:52:43 | 000,001,117 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.01.19 20:51:24 | 010,847,608 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Christoph Vogel\Desktop\mbam-setup-1.60.0.1800.exe
[2012.01.19 20:21:35 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.01.19 20:21:34 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.01.19 20:14:11 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.01.19 20:13:32 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\drivers\lvuvc.hs
[2012.01.19 20:06:21 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.01.18 23:10:12 | 000,440,287 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012.01.18 21:36:55 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.01.09 13:47:00 | 009,816,064 | ---- | M] () -- C:\Users\Christoph Vogel\Desktop\Köln bei Nacht vom 01 05 2010-ho.pps
[2012.01.08 13:22:42 | 000,017,463 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\services
[2012.01.08 13:12:55 | 000,000,127 | ---- | M] () -- C:\Windows\KurusDeinstall.INI
[2012.01.08 13:04:49 | 000,000,050 | ---- | M] () -- C:\Windows\cdplayer.ini
[2011.12.26 09:10:03 | 000,344,536 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
========== Files Created - No Company Name ==========
[2012.01.19 20:52:43 | 000,001,117 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.01.19 20:24:38 | 000,013,202 | ---- | C] () -- C:\Windows\instwcli.inf
[2012.01.19 20:24:35 | 000,049,792 | ---- | C] () -- C:\Windows\SysNative\drivers\fwlanusb4.bin
[2012.01.09 13:47:00 | 009,816,064 | ---- | C] () -- C:\Users\Christoph Vogel\Desktop\Köln bei Nacht vom 01 05 2010-ho.pps
[2012.01.08 13:04:48 | 000,000,050 | ---- | C] () -- C:\Windows\cdplayer.ini
[2011.05.15 16:46:18 | 000,001,933 | ---- | C] () -- C:\Windows\lightworks.ini
[2011.04.01 04:07:02 | 010,877,272 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll
[2011.04.01 04:07:02 | 000,102,744 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe
[2011.04.01 04:06:56 | 000,331,608 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll
[2010.12.26 12:28:36 | 000,111,932 | ---- | C] () -- C:\Windows\SysWow64\EPPICPrinterDB.dat
[2010.12.26 12:28:36 | 000,031,053 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern131.dat
[2010.12.26 12:28:36 | 000,027,417 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern121.dat
[2010.12.26 12:28:36 | 000,026,154 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern1.dat
[2010.12.26 12:28:36 | 000,024,903 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern3.dat
[2010.12.26 12:28:36 | 000,021,390 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern5.dat
[2010.12.26 12:28:36 | 000,020,148 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern2.dat
[2010.12.26 12:28:36 | 000,011,811 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern4.dat
[2010.12.26 12:28:36 | 000,004,943 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern6.dat
[2010.12.26 12:28:36 | 000,001,146 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_DU.dat
[2010.12.26 12:28:36 | 000,001,139 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_PT.dat
[2010.12.26 12:28:36 | 000,001,139 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_BP.dat
[2010.12.26 12:28:36 | 000,001,136 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_ES.dat
[2010.12.26 12:28:36 | 000,001,129 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_FR.dat
[2010.12.26 12:28:36 | 000,001,129 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_CF.dat
[2010.12.26 12:28:36 | 000,001,120 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_IT.dat
[2010.12.26 12:28:36 | 000,001,107 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_GE.dat
[2010.12.26 12:28:36 | 000,001,104 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_EN.dat
[2010.12.26 12:28:36 | 000,000,097 | ---- | C] () -- C:\Windows\SysWow64\PICSDK.ini
[2010.11.14 15:08:09 | 000,000,000 | ---- | C] () -- C:\Windows\WHOProg.INI
[2010.10.23 16:26:28 | 000,000,000 | ---- | C] () -- C:\Windows\winiv.INI
[2010.10.10 14:34:42 | 000,005,658 | ---- | C] () -- C:\Users\Christoph Vogel\AppData\Local\EmptySettings.xml
[2010.10.09 22:47:27 | 000,000,093 | ---- | C] () -- C:\Users\Christoph Vogel\AppData\Roaming\BEVI.CFG
[2010.10.09 22:43:52 | 000,006,733 | ---- | C] () -- C:\Users\Christoph Vogel\AppData\Roaming\abspann_datev_idea.gif
[2010.10.09 22:43:52 | 000,000,291 | ---- | C] () -- C:\Users\Christoph Vogel\AppData\Roaming\lastscreen.html
[2010.10.09 22:43:52 | 000,000,105 | ---- | C] () -- C:\Users\Christoph Vogel\AppData\Roaming\lastscreen.ikf
[2010.10.09 19:02:50 | 000,000,501 | ---- | C] () -- C:\Windows\SysWow64\ACER.jrf.init
[2010.10.09 18:46:23 | 000,000,127 | ---- | C] () -- C:\Windows\KurusDeinstall.INI
[2010.10.09 18:34:14 | 000,000,236 | ---- | C] () -- C:\Windows\ODBC.INI
[2010.10.09 18:23:26 | 001,526,744 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.10.09 18:11:04 | 000,000,021 | ---- | C] () -- C:\Windows\DvInesKurusOleServer003.INI
[2010.10.09 18:10:23 | 000,000,111 | ---- | C] () -- C:\Windows\dvinesinstart001.INI
[2010.10.09 18:10:23 | 000,000,111 | ---- | C] () -- C:\Windows\dvinesinstalllocation001.INI
[2010.10.09 18:08:10 | 000,000,112 | ---- | C] () -- C:\Windows\Startup.INI
[2010.09.22 15:48:26 | 000,032,352 | ---- | C] () -- C:\Windows\SysWow64\JNILibrary.dll
[2010.09.22 15:48:06 | 000,114,272 | ---- | C] () -- C:\Windows\SysWow64\INetCert.dll
[2010.07.03 14:18:20 | 000,000,088 | ---- | C] () -- C:\Windows\SysWow64\bs.bin
[2010.05.16 11:21:29 | 000,000,189 | ---- | C] () -- C:\Windows\SHISETUP.SYS
[2010.05.13 09:45:19 | 000,000,256 | ---- | C] () -- C:\Windows\Brpfx04a.ini
[2010.05.13 09:45:19 | 000,000,093 | ---- | C] () -- C:\Windows\brpcfx.ini
[2010.05.13 09:45:06 | 000,000,432 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2010.05.13 09:44:21 | 000,106,496 | ---- | C] () -- C:\Windows\SysWow64\BrMuSNMP.dll
[2010.05.13 09:44:21 | 000,000,066 | ---- | C] () -- C:\Windows\Brfaxrx.ini
[2010.05.13 09:44:21 | 000,000,000 | ---- | C] () -- C:\Windows\brdfxspd.dat
[2010.05.13 09:44:06 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\BRTCPCON.DLL
[2010.05.13 09:44:02 | 000,000,114 | ---- | C] () -- C:\Windows\SysWow64\BRLMW03A.INI
[2010.05.13 09:41:50 | 000,031,864 | ---- | C] () -- C:\Windows\maxlink.ini
[2010.05.13 08:53:51 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010.05.04 20:44:03 | 000,000,048 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009.08.02 23:21:54 | 000,197,912 | ---- | C] () -- C:\Windows\SysWow64\physxcudart_20.dll
[2009.08.02 23:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll
[2009.08.02 23:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll
[2009.08.02 23:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll
[2009.08.02 23:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll
[2009.08.02 23:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll
[2009.08.02 23:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll
[2009.08.02 23:21:54 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll
[2009.08.02 23:21:52 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll
[2009.08.02 23:21:52 | 000,058,648 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll
[2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2006.04.21 09:08:22 | 000,253,952 | ---- | C] () -- C:\Windows\SysWow64\HtmlHelp.dll
[1999.01.19 14:18:30 | 000,110,080 | ---- | C] () -- C:\Windows\SysWow64\LFPNG60N.DLL
[1999.01.19 14:18:30 | 000,046,080 | ---- | C] () -- C:\Windows\SysWow64\LFTIF60N.DLL
[1999.01.19 14:18:30 | 000,043,008 | ---- | C] () -- C:\Windows\SysWow64\LTFIL60N.DLL
[1999.01.19 14:18:30 | 000,020,480 | ---- | C] () -- C:\Windows\SysWow64\LFPSD60N.DLL
[1999.01.19 14:18:30 | 000,019,968 | ---- | C] () -- C:\Windows\SysWow64\LFTGA60N.DLL
[1999.01.19 14:18:30 | 000,019,456 | ---- | C] () -- C:\Windows\SysWow64\LFWPG60N.DLL
[1999.01.19 14:18:30 | 000,019,456 | ---- | C] () -- C:\Windows\SysWow64\LFWMF60N.DLL
[1999.01.19 14:18:28 | 000,176,128 | ---- | C] () -- C:\Windows\SysWow64\LFFAX60N.DLL
[1999.01.19 14:18:28 | 000,141,824 | ---- | C] () -- C:\Windows\SysWow64\LFCMP60N.DLL
[1999.01.19 14:18:28 | 000,023,552 | ---- | C] () -- C:\Windows\SysWow64\LFPCX60N.DLL
[1999.01.19 14:18:28 | 000,022,528 | ---- | C] () -- C:\Windows\SysWow64\LFPCT60N.DLL
[1999.01.19 14:18:28 | 000,022,528 | ---- | C] () -- C:\Windows\SysWow64\LFEPS60N.DLL
[1999.01.19 14:18:28 | 000,022,016 | ---- | C] () -- C:\Windows\SysWow64\LFBMP60N.DLL
[1999.01.19 14:18:28 | 000,018,432 | ---- | C] () -- C:\Windows\SysWow64\LFMSP60N.DLL
[1999.01.19 14:18:28 | 000,017,920 | ---- | C] () -- C:\Windows\SysWow64\LFMAC60N.DLL
[1995.02.14 23:11:00 | 000,017,920 | ---- | C] () -- C:\Windows\SysWow64\IMPLODE.DLL
========== Alternate Data Streams ==========
@Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:93DE1838
@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:4CF61E54
< End of report >
--- --- ---
[code/] |
