Ich habe Windows XP Home Edition als Betriebssystem.
Gehe mit einer Lan Verbindung mit einem Alice Modem WLAN1421 ins Netz, und siehe anhänge. Hab mein Windows Neu aufgesetz, und das Problem besteht immernoch, was evt dadurch kommen kann, weil ich die Treiber für meine Grafikkarte, Soundkarte etc über ein USB Stick raufgezogen hatte bevor ich alles Formatiert habe,weil ich die CD´s nicht finden kann.OTL Logfile: Code:
OTL logfile created on: 05.06.2012 00:14:58 - Run 1
OTL by OldTimer - Version 3.2.46.0 Folder = C:\Dokumente und Einstellungen\***\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 1,50 Gb Available Physical Memory | 74,94% Memory free
3,85 Gb Paging File | 3,38 Gb Available in Paging File | 87,87% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 232,88 Gb Total Space | 218,04 Gb Free Space | 93,63% Space Free | Partition Type: NTFS
Computer Name: *** | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012.06.05 00:13:42 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\***\Desktop\OTL.exe
PRC - [2012.06.04 12:12:37 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2012.06.04 12:12:36 | 000,348,624 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.06.04 12:12:36 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.06.04 12:12:36 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2012.05.15 12:18:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.04.04 15:56:38 | 000,462,408 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011.08.10 11:53:46 | 000,094,880 | ---- | M] (McAfee, Inc.) -- c:\Programme\McAfee\SiteAdvisor\McSACore.exe
PRC - [2011.06.17 19:33:04 | 000,272,528 | ---- | M] (McAfee, Inc.) -- C:\Programme\McAfee Security Scan\3.0.207\SSScheduler.exe
PRC - [2008.04.14 07:52:46 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
========== Modules (No Company Name) ==========
MOD - [2012.06.04 12:12:37 | 000,398,288 | ---- | M] () -- C:\Programme\Avira\AntiVir Desktop\sqlite3.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2012.06.04 12:12:37 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.06.04 12:12:36 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.06.03 11:56:19 | 000,257,696 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.05.15 12:18:00 | 001,262,400 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012.04.21 03:16:42 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011.08.10 11:53:46 | 000,094,880 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\Programme\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)
SRV - [2011.06.17 19:33:04 | 000,237,008 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Programme\McAfee Security Scan\3.0.207\McCHSvc.exe -- (McComponentHostService)
SRV - [2008.04.14 07:52:56 | 000,114,176 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\netdde.exe -- (NetDDEdsdm)
SRV - [2008.04.14 07:52:56 | 000,114,176 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\netdde.exe -- (NetDDE)
SRV - [2008.04.14 07:52:40 | 000,033,280 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\clipsrv.exe -- (ClipSrv)
SRV - [2008.04.14 07:52:18 | 000,033,792 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\msgsvc.dll -- (Messenger)
SRV - [2008.04.14 07:52:16 | 000,053,248 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\mprdim.dll -- (RemoteAccess)
SRV - [2008.04.14 07:52:08 | 000,017,408 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\WINDOWS\system32\alrsvc.dll -- (Alerter)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - [2012.06.04 12:12:37 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2012.06.04 12:12:37 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2012.04.04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012.03.27 17:03:36 | 006,100,072 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2011.10.11 15:00:01 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2010.06.17 15:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.11.18 07:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2009.11.18 07:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2009.07.01 11:53:34 | 000,013,824 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2009.07.01 11:53:30 | 000,066,688 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2009.06.30 17:31:00 | 000,164,896 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nvgts.sys -- (nvgts)
DRV - [2008.04.14 07:32:18 | 000,120,576 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\pcmcia.sys -- (Pcmcia)
DRV - [2008.04.14 07:28:20 | 000,154,112 | ---- | M] (Microsoft Corp., Veritas Software) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\dmio.sys -- (dmio)
DRV - [2008.04.14 07:28:14 | 000,800,384 | ---- | M] (Microsoft Corp., Veritas Software) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\dmboot.sys -- (dmboot)
DRV - [2008.04.14 00:44:30 | 000,143,744 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\fastfat.sys -- (Fastfat)
DRV - [2008.04.14 00:02:38 | 000,066,048 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\udfs.sys -- (Udfs)
DRV - [2006.02.28 14:00:00 | 000,013,952 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\cbidf2k.sys -- (cbidf2k)
DRV - [2006.02.28 14:00:00 | 000,012,160 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\drivers\acpiec.sys -- (ACPIEC)
DRV - [2006.02.28 14:00:00 | 000,005,888 | ---- | M] (Microsoft Corp., Veritas Software.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\dmload.sys -- (dmload)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "www.google.de"
FF - prefs.js..keyword.URL: "hxxp://de.search.yahoo.com/search?fr=mcafee&p="
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll ()
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Programme\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Programme\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Programme\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Programme\McAfee\SiteAdvisor [2012.06.04 15:22:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Programme\Mozilla Firefox\components [2012.06.03 11:52:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins
[2012.06.03 11:53:22 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Extensions
[2012.06.04 12:13:46 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\tbslwpgk.default\extensions
[2012.06.03 12:50:54 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\tbslwpgk.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.06.03 19:09:21 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla\Firefox\Profiles\tbslwpgk.default\extensions\ich@maltegoetz.de
[2012.06.03 11:52:28 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
File not found (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\***\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\TBSLWPGK.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
File not found (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\***\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\TBSLWPGK.DEFAULT\EXTENSIONS\ICH@MALTEGOETZ.DE
[2012.06.04 15:22:05 | 000,000,000 | ---D | M] (McAfee SiteAdvisor) -- C:\PROGRAMME\MCAFEE\SITEADVISOR
[2012.04.21 03:18:00 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll
[2012.04.21 03:54:08 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.04.21 03:54:08 | 000,002,252 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml
[2012.04.21 03:54:08 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2012.04.21 03:54:08 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.06.04 15:29:58 | 000,002,027 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\McSiteAdvisor.xml
[2012.04.21 03:54:08 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.04.21 03:54:08 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2006.02.28 14:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\nvmctray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\Programme\NVIDIA Corporation\nview\nwiz.exe ()
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\McAfee Security Scan Plus.lnk = C:\Programme\McAfee Security Scan\3.0.207\SSScheduler.exe (McAfee, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Dokumente und Einstellungen\***\Anwendungsdaten\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6E0B8D1C-4CA9-4520-85E0-D5A81B3035F6}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F3D4611A-7ECA-4AF9-8F53-46FD040DAA97}: NameServer = 62.109.123.197 213.191.74.19
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Programme\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Grüne Idylle.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Grüne Idylle.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012.06.03 11:40:20 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
File not found -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Neue Funktion 1
[2012.06.05 00:13:37 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\***\Desktop\OTL.exe
[2012.06.04 21:34:59 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\***\IETldCache
[2012.06.04 21:31:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2012.06.04 21:30:44 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2012.06.04 14:27:44 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Malwarebytes
[2012.06.04 14:27:27 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware
[2012.06.04 14:27:26 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012.06.04 14:27:26 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2012.06.04 14:27:25 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2012.06.04 14:25:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\NtmsData
[2012.06.04 12:35:49 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2012.06.03 13:32:11 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\LolClient2
[2012.06.03 13:21:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\Logs
[2012.06.03 13:15:51 | 000,000,000 | ---D | C] -- C:\Riot Games
[2012.06.03 12:51:55 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\OpenCandy
[2012.06.03 12:50:54 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\DVDVideoSoftIEHelpers
[2012.06.03 12:50:52 | 002,557,952 | ---- | C] (Nokia Corporation and/or its subsidiary(-ies)) -- C:\WINDOWS\System32\QtCore4.dll
[2012.06.03 12:50:52 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\DVDVideoSoft
[2012.06.03 12:50:48 | 000,405,176 | ---- | C] (Newtonsoft) -- C:\WINDOWS\System32\Newtonsoft.Json.Net20.dll
[2012.06.03 12:50:43 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\DVDVideoSoft
[2012.06.03 12:50:43 | 000,000,000 | ---D | C] -- C:\Programme\DVDVideoSoft
[2012.06.03 12:50:01 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\DVDVideoSoft
[2012.06.03 12:48:55 | 000,000,000 | R-SD | C] -- C:\WINDOWS\assembly
[2012.06.03 12:48:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\Microsoft.NET
[2012.06.03 12:41:45 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\***\Eigene Dateien\Eigene Videos
[2012.06.03 12:41:45 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\All Users\Dokumente\Eigene Videos
[2012.06.03 12:32:22 | 000,000,000 | R-SD | C] -- C:\WINDOWS\Fonts
[2012.06.03 12:32:22 | 000,000,000 | RHSD | C] -- C:\WINDOWS\System32\dllcache
[2012.06.03 12:32:22 | 000,000,000 | R--D | C] -- C:\WINDOWS\Web
[2012.06.03 12:32:22 | 000,000,000 | -H-D | C] -- C:\WINDOWS\inf
[2012.06.03 12:32:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\WinSxS
[2012.06.03 12:32:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wins
[2012.06.03 12:32:22 | 000,000,000 | ---D | C] -- C:\WINDOWS
[2012.06.03 12:32:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\wbem
[2012.06.03 12:32:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\usmt
[2012.06.03 12:32:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\twain_32
[2012.06.03 12:32:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\Temp
[2012.06.03 12:32:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\system32
[2012.06.03 12:32:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\system
[2012.06.03 12:32:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\spool
[2012.06.03 12:32:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ShellExt
[2012.06.03 12:32:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Setup
[2012.06.03 12:32:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\security
[2012.06.03 12:32:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\Resources
[2012.06.03 12:32:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\repair
[2012.06.03 12:32:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ras
[2012.06.03 12:32:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\Provisioning
[2012.06.03 12:32:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\PeerNet
[2012.06.03 12:32:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\pchealth
[2012.06.03 12:32:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\oobe
[2012.06.03 12:32:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\npp
[2012.06.03 12:32:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\mui
[2012.06.03 12:32:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\mui
[2012.06.03 12:32:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\msapps
[2012.06.03 12:32:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\msagent
[2012.06.03 12:32:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\Media
[2012.06.03 12:32:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\java
[2012.06.03 12:32:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\inetsrv
[2012.06.03 12:32:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\IME
[2012.06.03 12:32:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\ime
[2012.06.03 12:32:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\icsxml
[2012.06.03 12:32:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ias
[2012.06.03 12:32:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\Help
[2012.06.03 12:32:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\export
[2012.06.03 12:32:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\etc
[2012.06.03 12:32:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers
[2012.06.03 12:32:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\Driver Cache
[2012.06.03 12:32:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\disdn
[2012.06.03 12:32:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dhcp
[2012.06.03 12:32:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\Debug
[2012.06.03 12:32:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cursors
[2012.06.03 12:32:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\Connection Wizard
[2012.06.03 12:32:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\config
[2012.06.03 12:32:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\Config
[2012.06.03 12:32:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\AppPatch
[2012.06.03 12:32:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\addins
[2012.06.03 12:32:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3com_dmi
[2012.06.03 12:32:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\3076
[2012.06.03 12:32:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\2052
[2012.06.03 12:32:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1054
[2012.06.03 12:32:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1042
[2012.06.03 12:32:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1041
[2012.06.03 12:32:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1037
[2012.06.03 12:32:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1033
[2012.06.03 12:32:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1031
[2012.06.03 12:32:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1028
[2012.06.03 12:32:22 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\1025
[2012.06.03 12:25:33 | 000,000,000 | ---D | C] -- C:\Programme\Windows Media Connect 2
[2012.06.03 12:24:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\UMDF
[2012.06.03 12:24:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles
[2012.06.03 12:19:06 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Windows Genuine Advantage
[2012.06.03 12:15:50 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\McAfee
[2012.06.03 12:15:46 | 000,000,000 | ---D | C] -- C:\Programme\McAfee
[2012.06.03 12:11:33 | 000,000,000 | --SD | C] -- C:\Dokumente und Einstellungen\***\UserData
[2012.06.03 12:10:26 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Avira
[2012.06.03 12:10:13 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Avira
[2012.06.03 12:10:04 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2012.06.03 12:10:02 | 000,137,928 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2012.06.03 12:10:02 | 000,083,392 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2012.06.03 12:10:02 | 000,036,000 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avkmgr.sys
[2012.06.03 12:10:01 | 000,000,000 | ---D | C] -- C:\Programme\Avira
[2012.06.03 12:10:01 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avira
[2012.06.03 12:09:14 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\McAfee
[2012.06.03 12:08:34 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\McAfee Security Scan Plus
[2012.06.03 12:07:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Lang
[2012.06.03 12:06:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\RTCOM
[2012.06.03 12:06:04 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2012.06.03 12:02:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\PreInstall
[2012.06.03 12:01:33 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Desktop\League of Legends
[2012.06.03 11:59:27 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\PMB Files
[2012.06.03 11:59:23 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PMB Files
[2012.06.03 11:59:06 | 000,000,000 | ---D | C] -- C:\Programme\Pando Networks
[2012.06.03 11:57:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\de-de
[2012.06.03 11:57:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\l2schemas
[2012.06.03 11:57:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\de
[2012.06.03 11:57:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\bits
[2012.06.03 11:57:12 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Macromedia
[2012.06.03 11:57:12 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Adobe
[2012.06.03 11:56:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServicePackFiles
[2012.06.03 11:56:24 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\McAfee Security Scan
[2012.06.03 11:56:23 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\McAfee
[2012.06.03 11:56:22 | 000,000,000 | ---D | C] -- C:\Programme\McAfee Security Scan
[2012.06.03 11:55:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\network diagnostic
[2012.06.03 11:54:44 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Eigene Dateien\Downloads
[2012.06.03 11:53:17 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Mozilla
[2012.06.03 11:53:17 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Mozilla
[2012.06.03 11:52:49 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$NtServicePackUninstall$
[2012.06.03 11:52:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\EHome
[2012.06.03 11:52:31 | 000,000,000 | ---D | C] -- C:\Programme\Mozilla Maintenance Service
[2012.06.03 11:52:31 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Mozilla
[2012.06.03 11:52:26 | 000,000,000 | ---D | C] -- C:\Programme\Mozilla Firefox
[2012.06.03 11:52:12 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NVIDIA
[2012.06.03 11:52:03 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NVIDIA Corporation
[2012.06.03 11:51:41 | 000,359,016 | ---- | C] (Realtek Semiconductor Crop.) -- C:\WINDOWS\vncutil.exe
[2012.06.03 11:51:37 | 000,129,640 | ---- | C] (Realtek Semiconductor) -- C:\WINDOWS\RtkAudioService.exe
[2012.06.03 11:51:30 | 001,691,480 | ---- | C] (Creative) -- C:\WINDOWS\System32\drivers\Ambfilt.sys
[2012.06.03 11:51:29 | 002,815,592 | ---- | C] (RealTek Semicoductor Corp.) -- C:\WINDOWS\ALCWZRD.EXE
[2012.06.03 11:51:29 | 000,000,000 | ---D | C] -- C:\Programme\Realtek
[2012.06.03 11:51:28 | 000,000,000 | -H-D | C] -- C:\Programme\InstallShield Installation Information
[2012.06.03 11:51:17 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\InstallShield
[2012.06.03 11:50:58 | 000,065,536 | ---- | C] (Khronos Group) -- C:\WINDOWS\System32\OpenCL.dll
[2012.06.03 11:48:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2012.06.03 11:46:17 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Wise Installation Wizard
[2012.06.03 11:45:56 | 000,000,000 | ---D | C] -- C:\a5c9215c6a61d3b39cfd1b1c780a
[2012.06.03 11:45:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\SoftwareDistribution
[2012.06.03 11:45:48 | 000,000,000 | ---D | C] -- C:\Programme\NVIDIA Corporation
[2012.06.03 11:45:47 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
[2012.06.03 11:45:47 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ReinstallBackups
[2012.06.03 11:45:08 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2012.06.03 11:43:27 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Identities
[2012.06.03 11:43:26 | 000,000,000 | -H-D | C] -- C:\Programme\Uninstall Information
[2012.06.03 11:43:24 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\***\Eigene Dateien\Eigene Musik
[2012.06.03 11:43:24 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\***\Eigene Dateien
[2012.06.03 11:43:24 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\***\Eigene Dateien\Eigene Bilder
[2012.06.03 11:43:22 | 000,000,000 | --SD | C] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\Microsoft
[2012.06.03 11:43:22 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten
[2012.06.03 11:43:22 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\***\Favoriten
[2012.06.03 11:43:22 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\***\Cookies
[2012.06.03 11:43:22 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\***\Druckumgebung
[2012.06.03 11:43:22 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen\Anwendungsdaten\Microsoft
[2012.06.03 11:43:22 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\***\Desktop
[2012.06.03 11:43:21 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\***\SendTo
[2012.06.03 11:43:21 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\***\Recent
[2012.06.03 11:43:21 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\***\Startmenü\Programme\Zubehör
[2012.06.03 11:43:21 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\***\Startmenü
[2012.06.03 11:43:21 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\***\Startmenü\Programme\Autostart
[2012.06.03 11:43:21 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\***\Vorlagen
[2012.06.03 11:43:21 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\***\Netzwerkumgebung
[2012.06.03 11:43:21 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\***\Lokale Einstellungen
[2012.06.03 11:42:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2012.06.03 11:42:37 | 000,000,000 | --SD | C] -- C:\WINDOWS\System32\Microsoft
[2012.06.03 11:42:36 | 000,000,000 | --SD | C] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\Microsoft
[2012.06.03 11:42:36 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\Microsoft
[2012.06.03 11:42:24 | 000,000,000 | --SD | C] -- C:\Dokumente und Einstellungen\NetworkService\Anwendungsdaten\Microsoft
[2012.06.03 11:42:24 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Anwendungsdaten\Microsoft
[2012.06.03 11:41:30 | 000,081,408 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2012.06.03 11:41:30 | 000,081,408 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2012.06.03 11:40:50 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2012.06.03 11:40:34 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\xircom
[2012.06.03 11:40:34 | 000,000,000 | ---D | C] -- C:\Programme\xerox
[2012.06.03 11:40:34 | 000,000,000 | ---D | C] -- C:\Programme\microsoft frontpage
[2012.06.03 11:40:31 | 000,000,000 | -H-D | C] -- C:\WINDOWS\$hf_mig$
[2012.06.03 11:39:42 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\All Users\DRM
[2012.06.03 11:39:36 | 000,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files
[2012.06.03 11:39:36 | 000,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages
[2012.06.03 11:39:29 | 000,000,000 | -H-D | C] -- C:\Programme\WindowsUpdate
[2012.06.03 11:39:27 | 000,000,000 | ---D | C] -- C:\Programme\Online-Dienste
[2012.06.03 11:39:17 | 000,000,000 | -HSD | C] -- C:\WINDOWS\Installer
[2012.06.03 11:39:17 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\ODBC
[2012.06.03 11:39:14 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\SpeechEngines
[2012.06.03 11:39:13 | 000,000,000 | R--D | C] -- C:\Programme
[2012.06.03 11:39:13 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared
[2012.06.03 11:39:13 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien
[2012.06.03 11:39:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DirectX
[2012.06.03 11:38:49 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü
[2012.06.03 11:38:49 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\All Users\Dokumente
[2012.06.03 11:38:49 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart
[2012.06.03 11:38:49 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\All Users\Vorlagen
[2012.06.03 11:38:49 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Favoriten
[2012.06.03 11:38:49 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Desktop
[2012.06.03 11:38:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot2
[2012.06.03 11:38:39 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\CatRoot
[2012.06.03 11:38:37 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Dienste
[2012.06.03 11:38:34 | 000,000,000 | --SD | C] -- C:\WINDOWS\Tasks
[2012.06.03 11:38:33 | 000,000,000 | --SD | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft
[2012.06.03 11:38:33 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten
[2012.06.03 11:38:33 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\MSSoap
[2012.06.03 11:38:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\srchasst
[2012.06.03 11:38:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Macromed
[2012.06.03 11:38:20 | 000,000,000 | ---D | C] -- C:\Programme\Movie Maker
[2012.06.03 11:38:12 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2012.06.03 11:38:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Restore
[2012.06.03 11:38:12 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen
[2012.06.03 11:38:07 | 000,000,000 | ---D | C] -- C:\Programme\NetMeeting
[2012.06.03 11:38:03 | 000,000,000 | ---D | C] -- C:\Programme\Outlook Express
[2012.06.03 11:37:56 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\System
[2012.06.03 11:37:55 | 000,000,000 | ---D | C] -- C:\Programme\Internet Explorer
[2012.06.03 11:37:54 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\All Users\Dokumente\Eigene Bilder
[2012.06.03 11:37:46 | 000,000,000 | ---D | C] -- C:\Programme\ComPlus Applications
[2012.06.03 11:37:40 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Verwaltung
[2012.06.03 11:37:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\Registration
[2012.06.03 11:37:21 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Spiele
[2012.06.03 11:37:21 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\All Users\Dokumente\Eigene Musik
[2012.06.03 11:37:21 | 000,000,000 | ---D | C] -- C:\Programme\Windows Media Player
[2012.06.03 11:37:21 | 000,000,000 | ---D | C] -- C:\Programme\Online Services
[2012.06.03 11:37:17 | 000,000,000 | ---D | C] -- C:\Programme\Messenger
[2012.06.03 11:37:13 | 000,000,000 | ---D | C] -- C:\Programme\MSN Gaming Zone
[2012.06.03 11:36:36 | 000,000,000 | ---D | C] -- C:\Programme\MSN
[2012.06.03 11:36:34 | 000,000,000 | ---D | C] -- C:\Programme\Windows NT
[2012.06.03 11:36:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\MsDtc
[2012.06.03 11:36:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Com
[2012.06.03 11:36:01 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Zubehör
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012.06.05 00:13:42 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\***\Desktop\OTL.exe
[2012.06.05 00:12:52 | 000,000,000 | ---- | M] () -- C:\Dokumente und Einstellungen\***\defogger_reenable
[2012.06.04 23:52:15 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012.06.04 23:43:52 | 000,013,680 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.06.04 23:36:37 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.06.04 21:36:12 | 000,410,744 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2012.06.04 21:36:12 | 000,397,060 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012.06.04 21:36:12 | 000,072,312 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2012.06.04 21:36:12 | 000,059,532 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012.06.04 21:34:53 | 000,091,888 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012.06.04 21:31:37 | 000,001,355 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012.06.04 15:21:18 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2012.06.04 14:27:28 | 000,000,756 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012.06.04 12:41:17 | 001,074,636 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2012.06.04 12:41:17 | 000,000,001 | ---- | M] () -- C:\WINDOWS\System32\nvdrssel.bin
[2012.06.04 12:41:14 | 001,074,636 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2012.06.04 12:12:37 | 000,137,928 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2012.06.04 12:12:37 | 000,083,392 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2012.06.03 13:21:17 | 000,001,616 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\League of Legends spielen .lnk
[2012.06.03 12:40:26 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2012.06.03 12:40:26 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2012.06.03 12:25:10 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2012.06.03 12:24:47 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf
[2012.06.03 12:10:13 | 000,001,671 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Avira Control Center.lnk
[2012.06.03 12:08:35 | 000,001,771 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\McAfee Security Scan Plus.lnk
[2012.06.03 12:08:35 | 000,001,765 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\McAfee Security Scan Plus.lnk
[2012.06.03 12:07:28 | 000,940,794 | ---- | M] () -- C:\WINDOWS\System32\LoopyMusic.wav
[2012.06.03 12:07:28 | 000,146,650 | ---- | M] () -- C:\WINDOWS\System32\BuzzingBee.wav
[2012.06.03 11:54:57 | 000,251,712 | RHS- | M] () -- C:\ntldr
[2012.06.03 11:54:09 | 000,013,680 | ---- | M] () -- C:\WINDOWS\System32\wpa.bak
[2012.06.03 11:52:31 | 000,000,696 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Mozilla Firefox.lnk
[2012.06.03 11:46:53 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\nvdrswr.lk
[2012.06.03 11:42:27 | 000,008,192 | ---- | M] () -- C:\WINDOWS\REGLOCS.OLD
[2012.06.03 11:41:46 | 000,000,261 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2012.06.03 11:40:20 | 000,002,951 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2012.06.03 11:40:20 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2012.06.03 11:40:20 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2012.06.03 11:40:20 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2012.06.03 11:40:20 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2012.06.03 11:40:10 | 000,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2012.06.03 11:37:53 | 000,021,740 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2012.05.15 12:18:00 | 002,807,708 | ---- | M] () -- C:\WINDOWS\System32\nvdata.data
[2012.05.15 12:18:00 | 000,065,536 | ---- | M] (Khronos Group) -- C:\WINDOWS\System32\OpenCL.dll
[2012.05.15 12:18:00 | 000,010,264 | ---- | M] () -- C:\WINDOWS\System32\nvinfo.pb
[5 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.06.05 00:12:52 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\***\defogger_reenable
[2012.06.04 14:27:28 | 000,000,756 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes Anti-Malware.lnk
[2012.06.04 12:12:32 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012.06.04 12:12:32 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\dllcache\iacenc.dll
[2012.06.03 13:21:17 | 000,001,616 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\League of Legends spielen .lnk
[2012.06.03 12:37:19 | 000,000,211 | -HS- | C] () -- C:\boot.ini
[2012.06.03 12:37:17 | 000,000,261 | ---- | C] () -- C:\WINDOWS\System32\$winnt$.inf
[2012.06.03 12:24:47 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf
[2012.06.03 12:10:13 | 000,001,671 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Avira Control Center.lnk
[2012.06.03 12:07:28 | 000,146,650 | ---- | C] () -- C:\WINDOWS\System32\BuzzingBee.wav
[2012.06.03 12:07:27 | 000,940,794 | ---- | C] () -- C:\WINDOWS\System32\LoopyMusic.wav
[2012.06.03 11:57:45 | 000,660,224 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.chm
[2012.06.03 11:57:45 | 000,354,468 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud1.wav
[2012.06.03 11:57:45 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud7.wav
[2012.06.03 11:57:45 | 000,343,204 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud6.wav
[2012.06.03 11:57:45 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud9.wav
[2012.06.03 11:57:45 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud8.wav
[2012.06.03 11:57:45 | 000,172,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud3.wav
[2012.06.03 11:57:45 | 000,086,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud5.wav
[2012.06.03 11:57:45 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud4.wav
[2012.06.03 11:57:45 | 000,086,180 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpaud2.wav
[2012.06.03 11:57:45 | 000,079,196 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplayer.adm
[2012.06.03 11:57:45 | 000,058,216 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmp.inf
[2012.06.03 11:57:45 | 000,026,141 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmplay.chm
[2012.06.03 11:57:45 | 000,013,540 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmfsdk.inf
[2012.06.03 11:57:45 | 000,010,457 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.hta
[2012.06.03 11:57:45 | 000,001,771 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmptour.css
[2012.06.03 11:57:45 | 000,001,730 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmpocm.inf
[2012.06.03 11:57:45 | 000,000,420 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmploc.js
[2012.06.03 11:57:44 | 000,572,557 | ---- | C] () -- C:\WINDOWS\System32\dllcache\rtuner.wmv
[2012.06.03 11:57:44 | 000,375,519 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nuskin.wmv
[2012.06.03 11:57:44 | 000,300,969 | ---- | C] () -- C:\WINDOWS\System32\dllcache\viz.wmv
[2012.06.03 11:57:44 | 000,084,531 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plyr_err.chm
[2012.06.03 11:57:44 | 000,066,132 | ---- | C] () -- C:\WINDOWS\System32\dllcache\revert.wmz
[2012.06.03 11:57:44 | 000,036,610 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplayer2.inf
[2012.06.03 11:57:44 | 000,034,554 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmdm.inf
[2012.06.03 11:57:44 | 000,023,829 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tourbg.gif
[2012.06.03 11:57:44 | 000,022,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npds.zip
[2012.06.03 11:57:44 | 000,017,489 | ---- | C] () -- C:\WINDOWS\System32\dllcache\videobg.gif
[2012.06.03 11:57:44 | 000,008,677 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm7.gif
[2012.06.03 11:57:44 | 000,007,892 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm9.gif
[2012.06.03 11:57:44 | 000,007,636 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm2.gif
[2012.06.03 11:57:44 | 000,007,369 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm4.gif
[2012.06.03 11:57:44 | 000,006,241 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm3.gif
[2012.06.03 11:57:44 | 000,006,060 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm6.gif
[2012.06.03 11:57:44 | 000,005,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm1.gif
[2012.06.03 11:57:44 | 000,005,290 | ---- | C] () -- C:\WINDOWS\System32\dllcache\vidsamp.gif
[2012.06.03 11:57:44 | 000,004,193 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm8.gif
[2012.06.03 11:57:44 | 000,003,187 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tour.js
[2012.06.03 11:57:44 | 000,002,778 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogoh.gif
[2012.06.03 11:57:44 | 000,002,545 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mplogo.gif
[2012.06.03 11:57:44 | 000,002,477 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wm5.gif
[2012.06.03 11:57:44 | 000,002,469 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplay.gif
[2012.06.03 11:57:44 | 000,002,450 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpause.gif
[2012.06.03 11:57:44 | 000,002,375 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tplayh.gif
[2012.06.03 11:57:44 | 000,002,371 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tpauseh.gif
[2012.06.03 11:57:44 | 000,001,810 | ---- | C] () -- C:\WINDOWS\System32\dllcache\skins.inf
[2012.06.03 11:57:44 | 000,001,476 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst5.wpl
[2012.06.03 11:57:44 | 000,001,471 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst6.wpl
[2012.06.03 11:57:44 | 000,001,471 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst12.wpl
[2012.06.03 11:57:44 | 000,001,469 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst3.wpl
[2012.06.03 11:57:44 | 000,001,467 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst4.wpl
[2012.06.03 11:57:44 | 000,001,398 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taon.gif
[2012.06.03 11:57:44 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taonh.gif
[2012.06.03 11:57:44 | 000,001,380 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoff.gif
[2012.06.03 11:57:44 | 000,001,367 | ---- | C] () -- C:\WINDOWS\System32\dllcache\taoffh.gif
[2012.06.03 11:57:44 | 000,001,261 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst1.wpl
[2012.06.03 11:57:44 | 000,001,148 | ---- | C] () -- C:\WINDOWS\System32\dllcache\snd.htm
[2012.06.03 11:57:44 | 000,001,055 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst2.wpl
[2012.06.03 11:57:44 | 000,001,047 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst7.wpl
[2012.06.03 11:57:44 | 000,001,038 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst8.wpl
[2012.06.03 11:57:44 | 000,000,807 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst11.wpl
[2012.06.03 11:57:44 | 000,000,800 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst10.wpl
[2012.06.03 11:57:44 | 000,000,782 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst9.wpl
[2012.06.03 11:57:44 | 000,000,779 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst13.wpl
[2012.06.03 11:57:44 | 000,000,778 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst14.wpl
[2012.06.03 11:57:44 | 000,000,725 | ---- | C] () -- C:\WINDOWS\System32\dllcache\plylst15.wpl
[2012.06.03 11:57:44 | 000,000,403 | ---- | C] () -- C:\WINDOWS\System32\dllcache\npdrmv2.zip
[2012.06.03 11:57:43 | 000,457,607 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mdlib.wmv
[2012.06.03 11:57:43 | 000,381,425 | ---- | C] () -- C:\WINDOWS\System32\dllcache\copycd.wmv
[2012.06.03 11:57:43 | 000,184,109 | ---- | C] () -- C:\WINDOWS\System32\dllcache\compact.wmz
[2012.06.03 11:57:43 | 000,009,585 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.css
[2012.06.03 11:57:43 | 000,008,298 | ---- | C] () -- C:\WINDOWS\System32\dllcache\contents.htm
[2012.06.03 11:57:43 | 000,006,878 | ---- | C] () -- C:\WINDOWS\System32\dllcache\controls.js
[2012.06.03 11:57:43 | 000,005,971 | ---- | C] () -- C:\WINDOWS\System32\dllcache\events.js
[2012.06.03 11:57:43 | 000,000,999 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bktrh.gif
[2012.06.03 11:57:43 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnth.gif
[2012.06.03 11:57:43 | 000,000,773 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cnt.gif
[2012.06.03 11:57:43 | 000,000,772 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cntd.gif
[2012.06.03 11:57:43 | 000,000,760 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapph.gif
[2012.06.03 11:57:43 | 000,000,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\cloapp.gif
[2012.06.03 11:56:22 | 000,001,771 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\McAfee Security Scan Plus.lnk
[2012.06.03 11:56:22 | 000,001,765 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\McAfee Security Scan Plus.lnk
[2012.06.03 11:56:20 | 000,000,884 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012.06.03 11:55:10 | 000,129,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\cxthsfs2.cty
[2012.06.03 11:55:10 | 000,064,352 | ---- | C] () -- C:\WINDOWS\System32\drivers\ativmc20.cod
[2012.06.03 11:55:09 | 000,067,866 | ---- | C] () -- C:\WINDOWS\System32\drivers\netwlan5.img
[2012.06.03 11:54:09 | 000,013,680 | ---- | C] () -- C:\WINDOWS\System32\wpa.bak
[2012.06.03 11:52:31 | 000,000,702 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Mozilla Firefox.lnk
[2012.06.03 11:52:31 | 000,000,696 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Mozilla Firefox.lnk
[2012.06.03 11:51:35 | 000,021,736 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTAIODAT.DAT
[2012.06.03 11:46:53 | 001,074,636 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
[2012.06.03 11:46:53 | 001,074,636 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
[2012.06.03 11:46:53 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
[2012.06.03 11:46:53 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\nvdrswr.lk
[2012.06.03 11:46:25 | 002,807,708 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data
[2012.06.03 11:46:25 | 000,010,264 | ---- | C] () -- C:\WINDOWS\System32\nvinfo.pb
[2012.06.03 11:45:56 | 000,019,495 | ---- | C] () -- C:\WINDOWS\System32\nvdisp.nvu
[2012.06.03 11:45:40 | 000,007,090 | ---- | C] () -- C:\WINDOWS\System32\nvnrm.nvu
[2012.06.03 11:45:40 | 000,006,136 | ---- | C] () -- C:\WINDOWS\System32\drivers\nvphy.bin
[2012.06.03 11:43:27 | 000,000,718 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Startmenü\Programme\Outlook Express.lnk
[2012.06.03 11:43:26 | 000,000,783 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Startmenü\Programme\Internet Explorer.lnk
[2012.06.03 11:43:22 | 000,001,599 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Startmenü\Programme\Remoteunterstützung.lnk
[2012.06.03 11:43:22 | 000,000,768 | ---- | C] () -- C:\Dokumente und Einstellungen\***\Startmenü\Programme\Windows Media Player.lnk
[2012.06.03 11:42:27 | 000,008,192 | ---- | C] () -- C:\WINDOWS\REGLOCS.OLD
[2012.06.03 11:41:46 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2012.06.03 11:41:26 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2012.06.03 11:41:17 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2012.06.03 11:41:12 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2012.06.03 11:41:12 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2012.06.03 11:41:10 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2012.06.03 11:41:04 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2012.06.03 11:41:01 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2012.06.03 11:40:52 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2012.06.03 11:40:20 | 000,002,951 | ---- | C] () -- C:\WINDOWS\System32\CONFIG.NT
[2012.06.03 11:40:20 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2012.06.03 11:40:20 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2012.06.03 11:40:20 | 000,000,000 | ---- | C] () -- C:\CONFIG.SYS
[2012.06.03 11:40:20 | 000,000,000 | ---- | C] () -- C:\AUTOEXEC.BAT
[2012.06.03 11:40:17 | 000,316,640 | ---- | C] () -- C:\WINDOWS\WMSysPr9.prx
[2012.06.03 11:40:17 | 000,023,392 | ---- | C] () -- C:\WINDOWS\System32\nscompat.tlb
[2012.06.03 11:40:17 | 000,016,832 | ---- | C] () -- C:\WINDOWS\System32\amcompat.tlb
[2012.06.03 11:39:29 | 000,000,758 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Windows Movie Maker.lnk
[2012.06.03 11:39:20 | 004,399,505 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nls302en.lex
[2012.06.03 11:39:19 | 000,001,355 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2012.06.03 11:39:17 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2012.06.03 11:39:15 | 001,685,606 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.spd
[2012.06.03 11:39:15 | 000,605,050 | ---- | C] () -- C:\WINDOWS\System32\dllcache\r1033tts.lxa
[2012.06.03 11:39:15 | 000,000,888 | ---- | C] () -- C:\WINDOWS\System32\dllcache\sam.sdf
[2012.06.03 11:39:14 | 000,643,717 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ltts1033.lxa
[2012.06.03 11:38:56 | 000,001,806 | ---- | C] () -- C:\WINDOWS\System32\AUTOEXEC.NT
[2012.06.03 11:38:48 | 001,014,663 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP2.CAT
[2012.06.03 11:38:48 | 000,817,199 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2012.06.03 11:38:48 | 000,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2012.06.03 11:38:48 | 000,041,270 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2012.06.03 11:38:48 | 000,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2012.06.03 11:38:48 | 000,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2012.06.03 11:38:48 | 000,007,382 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2012.06.03 11:38:48 | 000,007,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat
[2012.06.03 11:38:47 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt256.bmp
[2012.06.03 11:38:47 | 000,048,680 | -HS- | C] () -- C:\WINDOWS\winnt.bmp
[2012.06.03 11:38:40 | 000,000,984 | ---- | C] () -- C:\WINDOWS\System32\dllcache\srframe.mmf
[2012.06.03 11:38:11 | 000,091,888 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012.06.03 11:37:53 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2012.06.03 11:37:21 | 000,002,004 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\MSN.lnk
[2012.06.03 11:37:21 | 000,000,621 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Windows Messenger.lnk
[2012.06.03 11:36:56 | 000,065,978 | ---- | C] () -- C:\WINDOWS\Seifenblase.bmp
[2012.06.03 11:36:56 | 000,065,954 | ---- | C] () -- C:\WINDOWS\Präriewind.bmp
[2012.06.03 11:36:56 | 000,065,832 | ---- | C] () -- C:\WINDOWS\Santa Fe-Stuck.bmp
[2012.06.03 11:36:56 | 000,026,680 | ---- | C] () -- C:\WINDOWS\Fächer.bmp
[2012.06.03 11:36:56 | 000,026,582 | ---- | C] () -- C:\WINDOWS\Granit.bmp
[2012.06.03 11:36:56 | 000,017,362 | ---- | C] () -- C:\WINDOWS\Rhododendron.bmp
[2012.06.03 11:36:56 | 000,017,336 | ---- | C] () -- C:\WINDOWS\Angler.bmp
[2012.06.03 11:36:56 | 000,017,062 | ---- | C] () -- C:\WINDOWS\Kaffeetasse.bmp
[2012.06.03 11:36:56 | 000,016,730 | ---- | C] () -- C:\WINDOWS\Feder.bmp
[2012.06.03 11:36:56 | 000,009,522 | ---- | C] () -- C:\WINDOWS\Zapotek.bmp
[2012.06.03 11:36:56 | 000,001,272 | ---- | C] () -- C:\WINDOWS\Blaue Spitzen 16.bmp
[2012.06.03 11:36:52 | 000,003,286 | ---- | C] () -- C:\WINDOWS\System32\tslabels.h
[2012.06.03 11:36:52 | 000,001,237 | ---- | C] () -- C:\WINDOWS\System32\usrlogon.cmd
[2012.06.03 11:36:51 | 000,000,768 | ---- | C] () -- C:\WINDOWS\System32\msdtcprf.h
[2012.06.03 11:36:45 | 000,063,488 | ---- | C] () -- C:\WINDOWS\System32\wmimgmt.msc
========== LOP Check ==========
[2012.06.05 00:12:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PMB Files
[2012.06.03 12:51:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\DVDVideoSoft
[2012.06.03 12:50:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\DVDVideoSoftIEHelpers
[2012.06.03 13:32:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\LolClient2
[2012.06.03 12:52:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\***\Anwendungsdaten\OpenCandy
========== Purity Check ==========
< End of report > --- --- ---
OTL Logfile: Code:
OTL Extras logfile created on: 05.06.2012 00:14:58 - Run 1
OTL by OldTimer - Version 3.2.46.0 Folder = C:\Dokumente und Einstellungen\***\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,00 Gb Total Physical Memory | 1,50 Gb Available Physical Memory | 74,94% Memory free
3,85 Gb Paging File | 3,38 Gb Available in Paging File | 87,87% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 232,88 Gb Total Space | 218,04 Gb Free Space | 93,63% Space Free | Partition Type: NTFS
Computer Name: *** | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"58935:TCP" = 58935:TCP:*:Enabled:Pando Media Booster
"58935:UDP" = 58935:UDP:*:Enabled:Pando Media Booster
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"58935:TCP" = 58935:TCP:*:Enabled:Pando Media Booster
"58935:UDP" = 58935:UDP:*:Enabled:Pando Media Booster
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Programme\Pando Networks\Media Booster\PMB.exe" = C:\Programme\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Programme\Pando Networks\Media Booster\PMB.exe" = C:\Programme\Pando Networks\Media Booster\PMB.exe:*:Enabled:Pando Media Booster -- ()
"C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe" = C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe:*:Disabled:Daemonu.exe -- (NVIDIA Corporation)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}" = McAfee SiteAdvisor
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NView" = NVIDIA nView 136.27
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.0213
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.8.15
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}" = NVIDIA PhysX
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Avira AntiVir Desktop" = Avira Free Antivirus
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.22.508
"ie8" = Windows Internet Explorer 8
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.61.0.1400
"McAfee Security Scan" = McAfee Security Scan Plus
"Mozilla Firefox 12.0 (x86 de)" = Mozilla Firefox 12.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NVIDIA Drivers" = NVIDIA Drivers
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 03.06.2012 05:52:25 | Computer Name = *** | Source = MsiInstaller | ID = 11704
Description = Product: NVIDIA PhysX -- Error 1704. An installation for NVIDIA Control
Panel is currently suspended. You must undo the changes made by that installation
to continue. Do you want to undo those changes?
[ System Events ]
Error - 03.06.2012 05:48:50 | Computer Name = *** | Source = System Error | ID = 1003
Description = Fehlercode 1000008e, 1. Parameter c0000005, 2. Parameter bfa14be2,
3. Parameter b5f84920, 4. Parameter 00000000.
Error - 03.06.2012 05:55:09 | Computer Name = *** | Source = Windows Update Agent | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
Fehler 0x8007f205 fehlgeschlagen: Update für Windows XP (KB898461)
Error - 03.06.2012 06:06:12 | Computer Name = *** | Source = Service Control Manager | ID = 7000
Description = Der Dienst "NVIDIA Driver Helper Service" wurde aufgrund folgenden
Fehlers nicht gestartet: %%2
Error - 03.06.2012 06:40:07 | Computer Name = *** | Source = Service Control Manager | ID = 7000
Description = Der Dienst "NVIDIA Driver Helper Service" wurde aufgrund folgenden
Fehlers nicht gestartet: %%2
Error - 03.06.2012 08:10:03 | Computer Name = *** | Source = Service Control Manager | ID = 7000
Description = Der Dienst "NVIDIA Driver Helper Service" wurde aufgrund folgenden
Fehlers nicht gestartet: %%2
Error - 03.06.2012 18:58:08 | Computer Name = *** | Source = Service Control Manager | ID = 7000
Description = Der Dienst "NVIDIA Driver Helper Service" wurde aufgrund folgenden
Fehlers nicht gestartet: %%2
Error - 04.06.2012 06:08:15 | Computer Name = *** | Source = Service Control Manager | ID = 7000
Description = Der Dienst "NVIDIA Driver Helper Service" wurde aufgrund folgenden
Fehlers nicht gestartet: %%2
< End of report > --- --- --- |