Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   In jedem Textfeld erscheinen ständig unendlich viele *x* (https://www.trojaner-board.de/125268-textfeld-erscheinen-staendig-unendlich-viele-x.html)

zr7driver 06.10.2012 19:32
In jedem Textfeld erscheinen ständig unendlich viele *x*
 
Seit ein paar Tagen erscheinen in jedem Textfeld unendlich viele *x*! Egal ob online oder nicht. Manchmal sind sogar ganze Internetadressen durch *x* ersetzt! Alle Rettungsversuche sind bis jetzt gescheitert. Egal ob mit Avast, Avira oder Kaspersky Rettungs CD! Schreibe jetzt am LapTop! Deshalb auch keine Auswertungen... Was kann ich tun? Wer weiß Rat? DANKE!!

Avira AntiVir Rescue System findet auch nichts!! :(

Code:
Malwarebytes Anti-Malware 1.65.0.1400
Malwarebytes : Free anti-malware download

Datenbank Version: v2012.10.06.06

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
zr7driver :: ZR7DRIVER-PC [Administrator]

07.10.2012 01:12:45
mbam-log-2012-10-07 (01-12-45).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 577454
Laufzeit: 3 Stunde(n), 2 Minute(n), 38 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\loadtbs-3.0 (PUP.LoadTubes) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 3
C:\Users\zr7driver\AppData\Roaming\loadtbs (PUP.LoadTubes) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\zr7driver\AppData\Roaming\loadtbs\chrome@loadtubes.com (PUP.LoadTubes) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\zr7driver\AppData\Roaming\loadtbs\html (PUP.LoadTubes) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateien: 23
C:\Users\zr7driver\AppData\Roaming\loadtbs\ytdl.exe (PUP.LoadTubes) -> Keine Aktion durchgeführt.
C:\Program Files\Mozilla Firefox\plugins\npmieze.dll (PUP.LoadTubes) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\zr7driver\Handy\WinMob\Programme\CruiseController\CruiseController_wm.exe (Backdoor.MSIL.PGen) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\zr7driver\Handy\WinMob\Programme\Just-a-Clock\Just-a-Clock_wm.exe (Backdoor.MSIL.PGen) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\zr7driver\Handy\WinMob\Programme\SpeedoPhone\SpeedoPhone.exe (Backdoor.MSIL.PGen) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Externe Festplatte 1\Software\No23Player.exe (Malware.Packer.as) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\zr7driver\AppData\Roaming\loadtbs\keyHash.txt (PUP.LoadTubes) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\zr7driver\AppData\Roaming\loadtbs\config.txt (PUP.LoadTubes) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\zr7driver\AppData\Roaming\loadtbs\domHash.txt (PUP.LoadTubes) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\zr7driver\AppData\Roaming\loadtbs\evHash.txt (PUP.LoadTubes) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\zr7driver\AppData\Roaming\loadtbs\license.txt (PUP.LoadTubes) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\zr7driver\AppData\Roaming\loadtbs\uninstall.exe (PUP.LoadTubes) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\zr7driver\AppData\Roaming\loadtbs\updateHash.txt (PUP.LoadTubes) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\zr7driver\AppData\Roaming\loadtbs\CHROME@LOADTUBES.COM\background.html (PUP.LoadTubes) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\zr7driver\AppData\Roaming\loadtbs\CHROME@LOADTUBES.COM\background.js (PUP.LoadTubes) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\zr7driver\AppData\Roaming\loadtbs\CHROME@LOADTUBES.COM\download.js (PUP.LoadTubes) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\zr7driver\AppData\Roaming\loadtbs\CHROME@LOADTUBES.COM\fire.js (PUP.LoadTubes) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\zr7driver\AppData\Roaming\loadtbs\CHROME@LOADTUBES.COM\manifest.json (PUP.LoadTubes) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\zr7driver\AppData\Roaming\loadtbs\html\dimensions.ini (PUP.LoadTubes) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\zr7driver\AppData\Roaming\loadtbs\html\install.html (PUP.LoadTubes) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\zr7driver\AppData\Roaming\loadtbs\html\license.txt (PUP.LoadTubes) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\zr7driver\AppData\Roaming\loadtbs\html\uninstall.html (PUP.LoadTubes) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\zr7driver\AppData\Roaming\loadtbs\html\uninstallComplete.html (PUP.LoadTubes) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)
Und es geht trotzdem weiter.x.

Malwarebytes Anti-Malware 1.65.0.1400
Malwarebytes : Free anti-malware download

Datenbank Version: v2012.10.06.06

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
zr7driver :: ZR7DRIVER-PC [Administrator]

07.10.2012 09:49:48
mbam-log-2012-10-07 (09-49-48).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 224734
Laufzeit: 10 Minute(n), 26 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

cosinus 07.10.2012 20:57

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset



Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
hier steht das Log

zr7driver 09.10.2012 07:54
Code:
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=4876077f741c2840b6849238d9e58032
# end=stopped
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-10-08 07:53:42
# local_time=2012-10-08 09:53:42 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1792 16777215 100 0 226516 226516 0 0
# compatibility_mode=5893 16776574 100 94 279768 101313399 0 0
# compatibility_mode=8192 67108863 100 0 122 122 0 0
# scanned=11286
# found=1
# cleaned=1
# scan_time=614
C:\ART\SOC\Root\unlockroot23.exe        a variant of Win32/Packed.VProtect.C application (cleaned by deleting - quarantined)        00000000000000000000000000000000        C
ESETSmartInstaller@High as downloader log:
all ok
esets_scanner_update returned -1 esets_gle=53251
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=4876077f741c2840b6849238d9e58032
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-10-09 02:54:43
# local_time=2012-10-09 04:54:43 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.0.6000 NT
# compatibility_mode=1792 16777215 100 0 227336 227336 0 0
# compatibility_mode=5893 16776574 100 94 280588 101314219 0 0
# compatibility_mode=8192 67108863 100 0 942 942 0 0
# scanned=374558
# found=8
# cleaned=0
# scan_time=68254
C:\Externe Festplatte 1\Eigene Dateien\Software\registrybooster.exe        a variant of Win32/RegistryBooster application (unable to clean)        00000000000000000000000000000000        I
C:\Externe Festplatte 1\Software\jdprof2009.exe        a variant of MSIL/Packed.PvLogNetProtector.B application (unable to clean)        00000000000000000000000000000000        I
C:\Externe Festplatte 1\Software\wgo-winload.exe        a variant of MSIL/Packed.PvLogNetProtector.B application (unable to clean)        00000000000000000000000000000000        I
C:\Program Files\Glary Utilities\v9gls.exe        probably a variant of Win32/ELEX application (unable to clean)        00000000000000000000000000000000        I
C:\Program Files\WebSite X5 v9 - Smart\imRegister.exe        a variant of MSIL/Packed.CryptoObfuscator.I application (unable to clean)        00000000000000000000000000000000        I
C:\Users\zr7driver\Downloads\Babylon8_setup.exe        a variant of Win32/Toolbar.Babylon application (unable to clean)        00000000000000000000000000000000        I
C:\Users\zr7driver\Downloads\gusetup.exe        probably a variant of Win32/ELEX application (unable to clean)        00000000000000000000000000000000        I
C:\Users\zr7driver\Downloads\wsx5_sm.exe        a variant of MSIL/Packed.CryptoObfuscator.I application (unable to clean)        00000000000000000000000000000000        I

cosinus 09.10.2012 14:50
adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen
  • Schließe alle offenen Programme und Browser.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Löschen.
  • Bestätige jeweils mit Ok.
  • Dein Rechner wird neu gestartet. Nach dem Neustart öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[Sx].txt. (x=fortlaufende Nummer)

zr7driver 09.10.2012 17:53
Code:
# AdwCleaner v2.003 - Datei am 10/09/2012 um 18:44:35 erstellt
# Aktualisiert am 23/09/2012 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (32 bits)
# Benutzer : zr7driver - ZR7DRIVER-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\zr7driver\Desktop\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Datei Gelöscht : C:\Users\zr7driver\AppData\Roaming\Mozilla\Firefox\Profiles\fdux24z8.Ralf\searchplugins\Askcom.xml
Ordner Gelöscht : C:\Program Files\Ask.com
Ordner Gelöscht : C:\Users\ZR7DRI~1\AppData\Local\Temp\AskSearch
Ordner Gelöscht : C:\Users\zr7driver\AppData\Local\APN
Ordner Gelöscht : C:\Users\zr7driver\AppData\LocalLow\AskToolbar
Ordner Gelöscht : C:\Users\zr7driver\AppData\Roaming\Mozilla\Firefox\Profiles\fdux24z8.Ralf\extensions\toolbar@ask.com
Ordner Gelöscht : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKCU\Software\APN
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\AskToolbar
Schlüssel Gelöscht : HKCU\Software\Ask.com
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\incredibar.com
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\incredibar.com
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Schlüssel Gelöscht : HKLM\Software\APN
Schlüssel Gelöscht : HKLM\Software\AskToolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\incredibar.com
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\incredibar.com
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v15.0 (de)

Profilname : default
Datei : C:\Users\zr7driver\AppData\Roaming\Mozilla\Firefox\Profiles\9wn4tm8l.default\prefs.js

Gelöscht : user_pref("browser.search.selectedEngine", "Ask.com");
Gelöscht : user_pref("browser.search.order.1", "Ask.com");
Gelöscht : user_pref("browser.search.defaultengine", "Ask.com");
Gelöscht : user_pref("browser.search.defaultenginename", "Ask.com");
Gelöscht : user_pref("keyword.URL", "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=AVR-4&o=APN10261&loc[...]
Gelöscht : user_pref("extensions.asktb.ff-original-keyword-url", "");

Profilname : Ralf [Profil par défaut]
Datei : C:\Users\zr7driver\AppData\Roaming\Mozilla\Firefox\Profiles\fdux24z8.Ralf\prefs.js

Gelöscht : user_pref("browser.search.defaultengine", "Ask.com");
Gelöscht : user_pref("browser.search.defaultenginename", "Ask.com");
Gelöscht : user_pref("browser.search.order.1", "Ask.com");
Gelöscht : user_pref("browser.search.selectedEngine", "Ask.com");
Gelöscht : user_pref("extensions.asktb.InstallDir", "C:\\Program Files\\Ask.com\\");
Gelöscht : user_pref("extensions.asktb.apn_dbr", "ff_15.0");
Gelöscht : user_pref("extensions.asktb.autofill-text-highlight-enabled", true);
Gelöscht : user_pref("extensions.asktb.cbid", "^AGS");
Gelöscht : user_pref("extensions.asktb.config-updated", false);
Gelöscht : user_pref("extensions.asktb.cr-o", "APN10261");
Gelöscht : user_pref("extensions.asktb.crumb", "2012.10.07+12.10.15-toolbar012iad-DE-QXVnc2J1cmcsR2VybWFueQ%3D%[...]
Gelöscht : user_pref("extensions.asktb.default-channel-url-mask", "hxxp://avira-int.ask.com/web?q={query}&qsrc=[...]
Gelöscht : user_pref("extensions.asktb.domain", "avira-int.ask.com");
Gelöscht : user_pref("extensions.asktb.domainName", "avira-int.ask.com");
Gelöscht : user_pref("extensions.asktb.dtid", "^YYYYYY^YY^DE");
Gelöscht : user_pref("extensions.asktb.ff-original-keyword-url", "hxxp://www.google.com/search?ie=UTF-8&oe=UTF-[...]
Gelöscht : user_pref("extensions.asktb.fresh-install", false);
Gelöscht : user_pref("extensions.asktb.guid", "b270a8c8-c838-4580-968b-86c69f2550a3");
Gelöscht : user_pref("extensions.asktb.hxxp-header-whitelist-hosts", "[\"static-dev.en.dev.ask.com\", \"ask.com[...]
Gelöscht : user_pref("extensions.asktb.if", "first");
Gelöscht : user_pref("extensions.asktb.l", "dis");
Gelöscht : user_pref("extensions.asktb.last-config-req", "1349747776354");
Gelöscht : user_pref("extensions.asktb.locale", "de_DE");
Gelöscht : user_pref("extensions.asktb.localePref", true);
Gelöscht : user_pref("extensions.asktb.location", "Augsburg,Germany");
Gelöscht : user_pref("extensions.asktb.o", "APN10261");
Gelöscht : user_pref("extensions.asktb.overlay-reloaded-using-restart", true);
Gelöscht : user_pref("extensions.asktb.qsrc", "2871");
Gelöscht : user_pref("extensions.asktb.r", "2");
Gelöscht : user_pref("extensions.asktb.sa", "YES");
Gelöscht : user_pref("extensions.asktb.saguid", "74ACD6B1-898A-4431-99F3-0D200D08CED2");
Gelöscht : user_pref("extensions.asktb.search-suggestions-enabled", true);
Gelöscht : user_pref("extensions.asktb.silent-upgrade-from-pre-newtabs-build", false);
Gelöscht : user_pref("extensions.asktb.socialmini-first", true);
Gelöscht : user_pref("extensions.asktb.socialmini-interval", "1200000");
Gelöscht : user_pref("extensions.asktb.socialmini-max-char-ticker", "33");
Gelöscht : user_pref("extensions.asktb.socialmini-max-items", "30");
Gelöscht : user_pref("extensions.asktb.socialmini-native-on", true);
Gelöscht : user_pref("extensions.asktb.socialmini-speed", "5000");
Gelöscht : user_pref("extensions.asktb.themeid", "");
Gelöscht : user_pref("extensions.asktb.timeinstalled", "07.10.2012 21:11:26");
Gelöscht : user_pref("extensions.asktb.to", "");
Gelöscht : user_pref("extensions.asktb.v", "3.15.5.100015");
Gelöscht : user_pref("extensions.asktb.version", "5.15.5.26921");
Gelöscht : user_pref("extensions.enabledAddons", "eQuakeAlert@vaxghost.addons.mozilla.org:7.0.0,finder@meinguts[...]
Gelöscht : user_pref("keyword.URL", "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=AVR-4&o=APN10261&loc[...]

-\\ Google Chrome v [Version kann nicht ermittelt werden]

Datei : C:\Users\zr7driver\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

*************************

AdwCleaner[R1].txt - [121599 octets] - [07/10/2012 10:05:51]
AdwCleaner[S1].txt - [121024 octets] - [07/10/2012 10:09:34]
AdwCleaner[R2].txt - [1484 octets] - [07/10/2012 10:23:22]
AdwCleaner[S2].txt - [1417 octets] - [07/10/2012 10:23:48]
AdwCleaner[R3].txt - [8798 octets] - [09/10/2012 18:43:38]
AdwCleaner[S3].txt - [8602 octets] - [09/10/2012 18:44:35]

########## EOF - C:\AdwCleaner[S3].txt - [8662 octets] ##########

cosinus 09.10.2012 19:03
Die Logs bitte in CODE-Tags :kloppen:

Bitte mal den aktuellen adwCleaner runterladen, also die alte adwcleaner löschen und neu runterladen

adwCleaner - Toolbars und ungewollte Start-/Suchseiten aufspüren

Downloade Dir bitte AdwCleaner auf deinen Desktop.

Falls der adwCleaner schon mal in der runtergeladen wurde, bitte die alte adwcleaner.exe löschen und neu runterladen!!
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Suche.
  • Nach Ende des Suchlaufs öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[Rx].txt. (x=fortlaufende Nummer)

zr7driver 09.10.2012 19:33
Code:
# AdwCleaner v2.004 - Datei am 09/10/2012 um 20:32:39 erstellt
# Aktualisiert am 06/10/2012 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (32 bits)
# Benutzer : zr7driver - ZR7DRIVER-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\zr7driver\Desktop\adwcleaner.exe
# Option [Suche]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Ordner Gefunden : C:\Program Files\Mozilla Firefox\Extensions\ffxtlbr@babylon.com

***** [Registrierungsdatenbank] *****

Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\NCTAudioCDGrabber2.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Scheduled Update for Ask Toolbar
Schlüssel Gefunden : HKU\S-1-5-21-2688999502-884777346-3256751407-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v15.0 (de)

Profilname : default
Datei : C:\Users\zr7driver\AppData\Roaming\Mozilla\Firefox\Profiles\9wn4tm8l.default\prefs.js

[OK] Die Datei ist sauber.

Profilname : Ralf [Profil par défaut]
Datei : C:\Users\zr7driver\AppData\Roaming\Mozilla\Firefox\Profiles\fdux24z8.Ralf\prefs.js

[OK] Die Datei ist sauber.

-\\ Google Chrome v [Version kann nicht ermittelt werden]

Datei : C:\Users\zr7driver\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

*************************

AdwCleaner[R1].txt - [121599 octets] - [07/10/2012 10:05:51]
AdwCleaner[S1].txt - [121024 octets] - [07/10/2012 10:09:34]
AdwCleaner[R2].txt - [1484 octets] - [07/10/2012 10:23:22]
AdwCleaner[S2].txt - [1417 octets] - [07/10/2012 10:23:48]
AdwCleaner[R3].txt - [8798 octets] - [09/10/2012 18:43:38]
AdwCleaner[S3].txt - [8731 octets] - [09/10/2012 18:44:35]
AdwCleaner[R4].txt - [1724 octets] - [09/10/2012 19:21:59]
AdwCleaner[R5].txt - [2293 octets] - [09/10/2012 20:32:39]

########## EOF - C:\AdwCleaner[R5].txt - [2353 octets] ##########

cosinus 09.10.2012 19:59
adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen
  • Schließe alle offenen Programme und Browser.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Löschen.
  • Bestätige jeweils mit Ok.
  • Dein Rechner wird neu gestartet. Nach dem Neustart öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[Sx].txt. (x=fortlaufende Nummer)

zr7driver 09.10.2012 20:53
Code:
# AdwCleaner v2.004 - Datei am 09/10/2012 um 21:43:39 erstellt
# Aktualisiert am 06/10/2012 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (32 bits)
# Benutzer : zr7driver - ZR7DRIVER-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\zr7driver\Desktop\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Ordner Gelöscht : C:\Program Files\Mozilla Firefox\Extensions\ffxtlbr@babylon.com

***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\NCTAudioCDGrabber2.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v15.0 (de)

Profilname : default
Datei : C:\Users\zr7driver\AppData\Roaming\Mozilla\Firefox\Profiles\9wn4tm8l.default\prefs.js

[OK] Die Datei ist sauber.

Profilname : Ralf [Profil par défaut]
Datei : C:\Users\zr7driver\AppData\Roaming\Mozilla\Firefox\Profiles\fdux24z8.Ralf\prefs.js

[OK] Die Datei ist sauber.

-\\ Google Chrome v [Version kann nicht ermittelt werden]

Datei : C:\Users\zr7driver\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

*************************

AdwCleaner[R1].txt - [121599 octets] - [07/10/2012 10:05:51]
AdwCleaner[S1].txt - [121024 octets] - [07/10/2012 10:09:34]
AdwCleaner[R2].txt - [1484 octets] - [07/10/2012 10:23:22]
AdwCleaner[S2].txt - [1417 octets] - [07/10/2012 10:23:48]
AdwCleaner[R3].txt - [8798 octets] - [09/10/2012 18:43:38]
AdwCleaner[S3].txt - [8731 octets] - [09/10/2012 18:44:35]
AdwCleaner[R4].txt - [1724 octets] - [09/10/2012 19:21:59]
AdwCleaner[R5].txt - [2422 octets] - [09/10/2012 20:32:39]
AdwCleaner[R6].txt - [2482 octets] - [09/10/2012 21:43:21]
AdwCleaner[S4].txt - [2125 octets] - [09/10/2012 21:43:39]

########## EOF - C:\AdwCleaner[S4].txt - [2185 octets] ##########

cosinus 10.10.2012 10:22
Hätte da mal zwei Fragen bevor es weiter geht (wir sind noch nicht fertig!)

1.) Geht der normale Modus von Windows (wieder) uneingeschränkt?
2.) Vermisst du irgendwas im Startmenü? Sind da leere Ordner unter alle Programme oder ist alles vorhanden?

zr7driver 10.10.2012 10:50
Habe heute Nacht nochmals Kaspersky Rettungs CD laufen lassen und heute früh ging der PC wieder ganz normal! Ich vermisse auch nichts! Hoffe das war's jetzt?! Danke schon mal für alles!!

cosinus 10.10.2012 13:16
Mach bitte ein neues OTL-Log. Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
hier steht das Log
CustomScan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop. Falls schon vorhanden, bitte die ältere vorhandene Datei durch die neu heruntergeladene Datei ersetzen, damit du auch wirklich mit einer aktuellen Version von OTL arbeitest.
Code:
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT

zr7driver 10.10.2012 19:50
Code:
OTL logfile created on: 10.10.2012 20:00:53 - Run 1
OTL by OldTimer - Version 3.2.69.0    Folder = C:\Users\zr7driver\Desktop
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,25 Gb Total Physical Memory | 2,08 Gb Available Physical Memory | 64,01% Memory free
6,50 Gb Paging File | 4,71 Gb Available in Paging File | 72,45% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 910,41 Gb Total Space | 584,22 Gb Free Space | 64,17% Space Free | Partition Type: NTFS
Drive D: | 20,00 Gb Total Space | 10,36 Gb Free Space | 51,80% Space Free | Partition Type: NTFS
 
Computer Name: ZR7DRIVER-PC | User Name: zr7driver | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.10.10 19:57:07 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\zr7driver\Desktop\OTL.exe
PRC - [2012.09.25 11:00:45 | 000,084,256 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2012.09.25 10:54:05 | 000,554,784 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe
PRC - [2012.09.25 10:52:56 | 000,108,320 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.09.25 10:52:48 | 000,386,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.09.24 17:24:20 | 001,161,768 | ---- | M] (WiseCleaner.com) -- C:\Programme\Wise\Wise Care 365\WiseTray.exe
PRC - [2012.09.19 19:20:40 | 000,079,136 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2012.09.18 01:07:45 | 000,212,432 | ---- | M] (Google Inc.) -- C:\Programme\Google\Update\1.3.21.123\GoogleCrashHandler.exe
PRC - [2012.08.31 02:52:22 | 000,021,432 | ---- | M] () -- C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
PRC - [2012.08.31 02:52:12 | 000,964,024 | ---- | M] (Samsung) -- C:\Programme\Samsung\Kies\Kies.exe
PRC - [2012.08.21 11:12:26 | 004,282,728 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastUI.exe
PRC - [2012.08.21 11:12:25 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe
PRC - [2012.08.13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.07.25 04:08:10 | 026,909,544 | ---- | M] (Dropbox, Inc.) -- C:\Users\zr7driver\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2012.07.17 22:31:18 | 000,776,088 | ---- | M] () -- C:\Programme\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
PRC - [2012.07.17 22:31:18 | 000,116,632 | ---- | M] () -- C:\Programme\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
PRC - [2012.07.02 16:02:28 | 004,473,728 | ---- | M] (IObit) -- C:\Programme\IObit\IObit Malware Fighter\IMF.exe
PRC - [2012.03.23 14:25:24 | 000,087,040 | ---- | M] () -- C:\Programme\HTC\Internet Pass-Through\PassThruSvr.exe
PRC - [2012.02.29 16:56:07 | 001,564,368 | ---- | M] () -- C:\Programme\Guard-ICQ\GuardICQ.exe
PRC - [2012.01.23 06:43:08 | 000,092,592 | ---- | M] (TomTom) -- C:\Programme\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2012.01.09 20:17:44 | 000,821,592 | ---- | M] (IObit) -- C:\Programme\IObit\IObit Malware Fighter\IMFsrv.exe
PRC - [2011.09.02 16:06:38 | 000,065,657 | ---- | M] (Motorola) -- C:\Programme\Motorola\MotForwardDaemon\ForwardDaemon.exe
PRC - [2011.05.24 11:33:30 | 001,840,128 | ---- | M] (MAGIX AG) -- C:\Programme\Common Files\MAGIX Services\Database\bin\FABS.exe
PRC - [2011.03.10 20:57:04 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft\BingBar\SeaPort.EXE
PRC - [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2011.02.24 19:07:06 | 000,470,120 | ---- | M] () -- C:\Programme\Acronis\DriveMonitor\adm_tray.exe
PRC - [2011.02.12 07:43:02 | 000,660,576 | ---- | M] (Acronis) -- C:\Programme\Common Files\Acronis\Schedule2\schedul2.exe
PRC - [2011.02.12 07:40:50 | 000,365,632 | ---- | M] (Acronis) -- C:\Programme\Common Files\Acronis\Schedule2\schedhlp.exe
PRC - [2011.01.07 22:06:12 | 000,803,432 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\Display\NvXDSync.exe
PRC - [2011.01.05 12:31:34 | 000,399,416 | ---- | M] (Secunia) -- C:\Programme\Secunia\PSI\sua.exe
PRC - [2011.01.05 12:31:32 | 000,988,216 | ---- | M] (Secunia) -- C:\Programme\Secunia\PSI\psia.exe
PRC - [2010.11.20 14:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2010.11.20 14:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010.11.20 14:17:41 | 001,174,016 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Sidebar\sidebar.exe
PRC - [2010.11.05 17:11:52 | 000,081,920 | R--- | M] (Nero AG) -- C:\Programme\Motorola Media Link\NServiceEntry.exe
PRC - [2010.04.05 21:55:01 | 000,116,104 | ---- | M] () -- C:\Programme\Canon\IJPLM\ijplmsvc.exe
PRC - [2010.04.02 11:18:54 | 001,185,112 | ---- | M] (CANON INC.) -- C:\Programme\Canon\Solution Menu EX\CNSEMAIN.EXE
PRC - [2010.03.25 03:50:00 | 002,516,296 | ---- | M] (CANON INC.) -- C:\Programme\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2009.12.24 12:17:20 | 000,100,152 | ---- | M] (MICRO-STAR INT'L,.LTD.) -- C:\Programme\msi\OSD hot keys\WMI_Hook_Service.exe
PRC - [2009.08.18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
PRC - [2009.08.18 11:29:22 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
PRC - [2009.07.28 16:07:42 | 000,073,528 | ---- | M] (AVM Berlin) -- C:\Programme\FRITZ!DSL\IGDCTRL.EXE
PRC - [2009.07.27 11:38:46 | 000,987,960 | ---- | M] (AVM Berlin) -- C:\Programme\FRITZ!DSL\FritzDsl.exe
PRC - [2009.07.23 14:13:10 | 000,066,824 | ---- | M] (Raxco Software, Inc.) -- C:\Programme\Raxco\PerfectDisk10\PDAgentS1.exe
PRC - [2009.07.23 14:13:08 | 000,931,080 | ---- | M] (Raxco Software, Inc.) -- C:\Programme\Raxco\PerfectDisk10\PDAgent.exe
PRC - [2009.07.20 11:01:00 | 000,760,120 | ---- | M] (AVM Berlin) -- C:\Programme\FRITZ!DSL\StCenter.exe
PRC - [2009.07.14 03:14:21 | 000,294,400 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\ink\InputPersonalization.exe
PRC - [2009.06.03 21:59:02 | 000,103,720 | ---- | M] (CyberLink) -- C:\Programme\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2009.04.09 12:45:26 | 001,061,688 | ---- | M] (AVM Berlin) -- C:\Programme\FRITZ!DSL\FwebProt.exe
PRC - [2009.01.26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Programme\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2008.11.09 22:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Programme\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008.10.24 16:35:44 | 000,128,296 | ---- | M] () -- C:\Programme\AAVUpdateManager\aavus.exe
PRC - [2008.06.13 14:24:02 | 000,081,920 | ---- | M] (Firebird Project) -- C:\Programme\Firebird\Firebird_2_1\bin\fbguard.exe
PRC - [2008.06.13 14:22:50 | 002,723,840 | ---- | M] (Firebird Project) -- C:\Programme\Firebird\Firebird_2_1\bin\fbserver.exe
PRC - [2007.12.27 15:39:30 | 000,166,520 | ---- | M] () -- C:\Programme\IVT Corporation\BlueSoleil\BTNtService.exe
PRC - [2007.12.27 15:39:20 | 000,051,816 | ---- | M] () -- C:\Programme\IVT Corporation\BlueSoleil\StartSkysolSvc.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.10.10 03:47:16 | 000,115,137 | ---- | M] () -- C:\Users\zr7driver\AppData\Local\Temp\fbe2808e-2380-4f14-a1fa-3fa9c3a364e8\CliSecureRT.dll
MOD - [2012.09.15 18:54:57 | 015,399,936 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Theme\002b4b1af5f8145bf6b6afe21d4f1db2\Kies.Theme.ni.dll
MOD - [2012.09.15 18:54:56 | 000,608,256 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DevicePodcast\de1a504d1535e5005fbae8f6a4d97ce5\DevicePodcast.ni.dll
MOD - [2012.09.15 18:54:54 | 000,290,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceVideo\ee12ab3bf308cbe22f373afbddf0be6b\DeviceVideo.ni.dll
MOD - [2012.09.15 18:54:52 | 000,367,104 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DevicePhoto\e5e58a020638d28d3740195f1d0738da\DevicePhoto.ni.dll
MOD - [2012.09.15 18:54:51 | 000,299,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceMusic\0377dd6ed6a5e92a0b8d6eb7d0b64f79\DeviceMusic.ni.dll
MOD - [2012.09.15 18:54:50 | 000,461,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\VideoManager\23e80240003377b6412081a4523943fe\VideoManager.ni.dll
MOD - [2012.09.15 18:54:48 | 002,778,112 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PodcastService\23fd65cd04b03d19931758d7472e38a4\PodcastService.ni.dll
MOD - [2012.09.15 18:54:45 | 001,143,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Podcaster\65018f5e3da23293d642168f7b132d40\Podcaster.ni.dll
MOD - [2012.09.15 18:54:42 | 000,607,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PhotoManager\e96a4bd6a51ec7762f15f9bc64c6c33a\PhotoManager.ni.dll
MOD - [2012.09.15 18:54:16 | 000,033,792 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\deb1e04d94f18bc88afabf744c5d87aa\Kies.Common.DeviceServiceLib.FirmwareUpdate.FirmwareUpdateAgentHelper.ni.dll
MOD - [2012.09.15 18:54:14 | 005,677,568 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceHost\64d3040868aba797c48f608f5361e5bc\DeviceHost.ni.dll
MOD - [2012.09.15 18:53:59 | 001,843,712 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Phonebook\1bedf64dbdd091ac8dceee7cbfd84a88\Phonebook.ni.dll
MOD - [2012.09.15 18:53:50 | 001,008,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CPKTMusicPlugin\f73c846c21b32d8e446f08fe7bf0b75a\CPKTMusicPlugin.ni.dll
MOD - [2012.09.15 18:53:47 | 000,964,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\MusicManager\dc5b622e73080b69c1c63606f283b795\MusicManager.ni.dll
MOD - [2012.09.15 18:53:41 | 000,320,512 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\EBookManager\e5c8f9e08db50fb625c029361147f47e\EBookManager.ni.dll
MOD - [2012.09.15 18:53:39 | 000,391,168 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\BATPlugin\ed8a6670f7dbe1ae78aa091a0935fb87\BATPlugin.ni.dll
MOD - [2012.09.15 18:53:38 | 000,031,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\AllShareController\c209d4b3c25507564757710f6d4a4570\AllShareController.ni.dll
MOD - [2012.09.15 18:53:37 | 000,507,392 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.MediaDB\25823a7264f74e67158031f485c0bb23\Kies.Common.MediaDB.ni.dll
MOD - [2012.09.15 18:53:37 | 000,029,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.StoreMa#\d9eca4746981ac218c1dbe0c131ce108\Kies.Common.StoreManager.ni.dll
MOD - [2012.09.15 18:53:35 | 000,232,960 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\ASF_cSharpAPI\81bb58061bcd2a4c3bf4136abe041d20\ASF_cSharpAPI.ni.dll
MOD - [2012.09.15 18:53:35 | 000,064,000 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.AllShare\065aa3ca107d7b3d679a5f408e535239\Kies.Common.AllShare.ni.dll
MOD - [2012.09.15 18:53:34 | 000,278,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\1f13cee7982e84f07cff152618950b20\Kies.Common.DeviceServiceLib.FirmwareUpdate.Common.ni.dll
MOD - [2012.09.15 18:53:32 | 000,189,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\57b7389241c36caa1d2132d68eddedda\Kies.Common.DeviceServiceLib.FirmwareUpdate.Downloader.ni.dll
MOD - [2012.09.15 18:53:32 | 000,174,592 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.DevFileServ#\170b754ba9dcd78ee0b06a32af4a7c1f\Interop.DevFileServiceLib.ni.dll
MOD - [2012.09.15 18:53:31 | 000,565,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\4b033da616a5e8e2b9ebe95342e9cf0d\Kies.Common.DeviceServiceLib.FileService.ni.dll
MOD - [2012.09.15 18:53:29 | 000,566,784 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\bf6e9c84dd994fef46819ed3bd9fa934\Kies.Common.DeviceServiceLib.DeviceDataService.ni.dll
MOD - [2012.09.15 18:53:26 | 000,184,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\e1837e9c63789850168d0bb76826128d\Kies.Common.DeviceServiceLib.Interface.ni.dll
MOD - [2012.09.15 18:53:25 | 000,902,656 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\4f549b26003474662ef7e2f3be9e3dd3\Kies.Common.DeviceServiceLib.DeviceManagement.ni.dll
MOD - [2012.09.15 18:53:23 | 001,025,536 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\60c16bc46e86b9a852e71968dc63d9c7\Kies.Common.DeviceService.ni.dll
MOD - [2012.09.15 18:53:20 | 000,052,224 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.MP3FileInfo#\c99811c6a988ca6c2104a5b45acbddbb\Interop.MP3FileInfoCOMLib.ni.dll
MOD - [2012.09.15 18:53:20 | 000,030,720 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.PRPLAYERCOR#\25dc31b1903a3689788caf51d3d93f97\Interop.PRPLAYERCORELib.ni.dll
MOD - [2012.09.15 18:53:19 | 002,188,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.Multime#\923e655c1069f7faa553275eb2e6763c\Kies.Common.Multimedia.ni.dll
MOD - [2012.09.15 18:53:15 | 000,183,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.MainUI\4603ed01ff960f6d861f798e826c9442\Kies.Common.MainUI.ni.dll
MOD - [2012.09.15 18:53:13 | 000,067,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DBManag#\dcc3307fb870292826318142cf4fa8aa\Kies.Common.DBManager.ni.dll
MOD - [2012.09.15 18:53:12 | 000,201,728 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.Util\b0cec9954e5583399b377b65a469a74c\Kies.Common.Util.ni.dll
MOD - [2012.09.15 18:53:11 | 001,437,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Locale\c4f56538bb1d5921690a486bf052e30b\Kies.Locale.ni.dll
MOD - [2012.09.15 18:53:10 | 000,078,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.MVVM\afa8de1e7aabde98f9a5fec1abdb9a05\Kies.MVVM.ni.dll
MOD - [2012.09.15 18:53:09 | 001,728,512 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.UI\7a0eb5bc5decef8dc1ef9dd3bca3b4d4\Kies.UI.ni.dll
MOD - [2012.09.15 18:53:06 | 000,119,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\GongSolutions.Wpf.D#\3f6f79987f17c00edce423932abd1cf2\GongSolutions.Wpf.DragDrop.ni.dll
MOD - [2012.09.15 18:53:04 | 001,185,280 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Interface\0a26df964bb433ab607743b20c7704f7\Kies.Interface.ni.dll
MOD - [2012.09.15 18:53:02 | 001,674,240 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies\41f4faf4ff2ba56c26252d6069ceff76\Kies.ni.exe
MOD - [2012.08.31 02:52:22 | 000,021,432 | ---- | M] () -- C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
MOD - [2012.07.17 22:31:18 | 000,776,088 | ---- | M] () -- C:\Programme\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
MOD - [2012.06.13 09:05:50 | 000,221,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\26e0457a9776a0e9f23e3986686d90a5\System.ServiceProcess.ni.dll
MOD - [2012.06.13 05:36:30 | 013,198,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\00a4922fbf869a79c043b665035516b6\System.Windows.Forms.ni.dll
MOD - [2012.06.13 05:26:03 | 018,019,840 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\d239f585ee55f833dbe21e897e1265ac\PresentationFramework.ni.dll
MOD - [2012.06.13 05:25:46 | 011,522,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\b7de318e9fd1ef519ca6c1f3b5dba8e0\PresentationCore.ni.dll
MOD - [2012.06.13 05:25:32 | 003,881,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\a6e37a05b8d0cedbc5c3ea266ae3fc31\WindowsBase.ni.dll
MOD - [2012.06.13 05:25:27 | 001,666,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\4230ed1c7990e4ee8352baf67a2a85fa\System.Drawing.ni.dll
MOD - [2012.06.03 09:36:31 | 000,032,256 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.OGGFileInfo#\cbeefee33636e0d0be226cf11e180ba3\Interop.OGGFileInfoCOMLib.ni.dll
MOD - [2012.06.03 09:36:30 | 000,171,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.P3MPINTERFA#\b0b31095249cec5ef5c0407fa6b7fc22\Interop.P3MPINTERFACECTRLLib.ni.dll
MOD - [2012.06.03 09:36:22 | 000,395,776 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CabLib\6265ffca46eab52d5f798847b5ea908c\CabLib.ni.dll
MOD - [2012.06.03 09:36:21 | 000,530,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\ICSharpCode.SharpZi#\2d7161baa59dd2c1c39f4a192d760e7d\ICSharpCode.SharpZipLib.ni.dll
MOD - [2012.06.03 09:36:20 | 000,052,224 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.DeviceSearc#\9a6bad5be6518d4a975893676a49a82c\Interop.DeviceSearchLib.ni.dll
MOD - [2012.05.09 10:26:42 | 001,218,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\d0e1cdaff8f9055187f8e7b52c060dff\System.Management.ni.dll
MOD - [2012.05.09 10:21:00 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\63bc6e391de5014965039e100ce1e9d5\System.Runtime.Remoting.ni.dll
MOD - [2012.05.09 10:20:41 | 001,782,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\b68bee05c7e518172982cc92059c3315\System.Xaml.ni.dll
MOD - [2012.05.09 10:12:43 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\608d29d7cc89f3a9a195c91354561915\PresentationFramework.Aero.ni.dll
MOD - [2012.05.09 10:08:26 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\a84262e1224189f93e10cd3c403a9527\System.Configuration.ni.dll
MOD - [2012.05.09 10:08:13 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\9abe44a0f82070ead5f1256683a4d25a\System.Xml.ni.dll
MOD - [2012.05.09 10:07:42 | 007,069,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\09bd2126bba2ab4f29ed52afde1470d7\System.Core.ni.dll
MOD - [2012.05.09 10:07:30 | 009,092,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\a6be120e49f895ef6b00e9918402395b\System.ni.dll
MOD - [2012.05.09 10:07:19 | 014,414,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\c1af4ec9a36f671617a8ecaec00373f4\mscorlib.ni.dll
MOD - [2012.02.17 20:55:35 | 000,166,912 | ---- | M] () -- C:\Programme\WinRAR\RarExt.dll
MOD - [2011.02.24 19:07:06 | 000,470,120 | ---- | M] () -- C:\Programme\Acronis\DriveMonitor\adm_tray.exe
MOD - [2011.02.24 18:39:44 | 000,012,128 | ---- | M] () -- C:\Programme\Common Files\Acronis\DriveMonitor\Common\icudt38.dll
MOD - [2009.06.03 21:59:14 | 000,013,096 | ---- | M] () -- C:\Programme\CyberLink\Power2Go\CLMLSvcPS.dll
MOD - [2009.06.03 21:59:02 | 000,619,816 | ---- | M] () -- C:\Programme\CyberLink\Power2Go\CLMediaLibrary.dll
MOD - [2009.02.04 12:08:06 | 000,207,872 | ---- | M] () -- C:\Programme\FRITZ!DSL\C90dll.dll
 
 
========== Services (SafeList) ==========
 
SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SBSDWSCService)
SRV - [2012.10.09 11:34:18 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.09.25 11:00:45 | 000,084,256 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.09.25 10:54:05 | 000,554,784 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe -- (AntiVirWebService)
SRV - [2012.09.25 10:52:56 | 000,108,320 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.09.07 18:31:50 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.08.21 11:12:25 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Programme\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012.08.13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.07.17 22:31:18 | 000,116,632 | ---- | M] () [Auto | Running] -- C:\Programme\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe -- (Motorola Device Manager)
SRV - [2012.07.17 15:25:28 | 000,580,648 | ---- | M] (WiseCleaner.com) [Auto | Stopped] -- C:\Programme\Wise\Wise Care 365\BootTime.exe -- (WiseBootAssistant)
SRV - [2012.07.03 13:19:28 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.03.23 14:25:24 | 000,087,040 | ---- | M] () [Auto | Running] -- C:\Programme\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service)
SRV - [2012.02.29 16:56:07 | 001,564,368 | ---- | M] () [Auto | Running] -- C:\Programme\Guard-ICQ\GuardICQ.exe -- (Guard.Mail.ru)
SRV - [2012.01.23 06:43:08 | 000,092,592 | ---- | M] (TomTom) [Auto | Running] -- C:\Programme\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2012.01.18 14:38:28 | 000,155,320 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Programme\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion)
SRV - [2012.01.09 20:17:44 | 000,821,592 | ---- | M] (IObit) [Auto | Running] -- C:\Programme\IObit\IObit Malware Fighter\IMFsrv.exe -- (IMFservice)
SRV - [2011.09.02 16:06:38 | 000,065,657 | ---- | M] (Motorola) [Auto | Running] -- C:\Programme\Motorola\MotForwardDaemon\ForwardDaemon.exe -- (PST Service)
SRV - [2011.05.26 14:34:34 | 000,191,752 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Programme\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011.05.24 11:33:30 | 001,840,128 | ---- | M] (MAGIX AG) [Auto | Running] -- C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs)
SRV - [2011.04.26 14:54:12 | 002,702,848 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Programme\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
SRV - [2011.03.21 13:21:24 | 000,632,832 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2011.03.10 20:57:04 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2011.02.12 07:43:02 | 000,660,576 | ---- | M] (Acronis) [Auto | Running] -- C:\Programme\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2011.01.05 12:31:34 | 000,399,416 | ---- | M] (Secunia) [Auto | Running] -- C:\Programme\Secunia\PSI\sua.exe -- (Secunia Update Agent)
SRV - [2011.01.05 12:31:32 | 000,988,216 | ---- | M] (Secunia) [Auto | Running] -- C:\Programme\Secunia\PSI\psia.exe -- (Secunia PSI Agent)
SRV - [2010.11.20 14:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2010.11.05 17:11:52 | 000,081,920 | R--- | M] (Nero AG) [Auto | Running] -- C:\Programme\Motorola Media Link\NServiceEntry.exe -- (DeviceMonitorService)
SRV - [2010.04.28 07:44:02 | 000,704,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
SRV - [2010.04.05 21:55:01 | 000,116,104 | ---- | M] () [Auto | Running] -- C:\Programme\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2009.12.24 12:17:20 | 000,100,152 | ---- | M] (MICRO-STAR INT'L,.LTD.) [Auto | Running] -- C:\Programme\msi\OSD hot keys\WMI_Hook_Service.exe -- (WMI_Hook_Service)
SRV - [2009.08.24 22:16:36 | 000,406,016 | ---- | M] (mst software GmbH, Germany) [On_Demand | Stopped] -- C:\Programme\Ashampoo\Ashampoo WinOptimizer 2012\DfSdkS.exe -- (DfSdkS)
SRV - [2009.08.18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2009.08.10 15:58:28 | 000,093,848 | ---- | M] (SiSoftware) [On_Demand | Stopped] -- C:\Programme\SiSoftware\SiSoftware Sandra Lite 2011b\RpcAgentSrv.exe -- (SandraAgentSrv)
SRV - [2009.07.28 16:07:42 | 000,073,528 | ---- | M] (AVM Berlin) [Auto | Running] -- C:\Programme\FRITZ!DSL\IGDCTRL.EXE -- (IGDCTRL)
SRV - [2009.07.23 14:13:12 | 001,033,480 | ---- | M] (Raxco Software, Inc.) [On_Demand | Stopped] -- C:\Programme\Raxco\PerfectDisk10\PDEngine.exe -- (PDEngine)
SRV - [2009.07.23 14:13:08 | 000,931,080 | ---- | M] (Raxco Software, Inc.) [Auto | Running] -- C:\Programme\Raxco\PerfectDisk10\PDAgent.exe -- (PDAgent)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008.11.09 22:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Programme\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008.10.24 16:35:44 | 000,128,296 | ---- | M] () [Auto | Running] -- C:\Programme\AAVUpdateManager\aavus.exe -- (AAV UpdateService)
SRV - [2008.06.13 14:24:02 | 000,081,920 | ---- | M] (Firebird Project) [Auto | Running] -- C:\Programme\Firebird\Firebird_2_1\bin\fbguard.exe -- (FirebirdGuardianDefaultInstance)
SRV - [2008.06.13 14:22:50 | 002,723,840 | ---- | M] (Firebird Project) [On_Demand | Running] -- C:\Programme\Firebird\Firebird_2_1\bin\fbserver.exe -- (FirebirdServerDefaultInstance)
SRV - [2007.12.27 15:39:30 | 000,166,520 | ---- | M] () [Auto | Running] -- C:\Programme\IVT Corporation\BlueSoleil\BTNtService.exe -- (BlueSoleil Hid Service)
SRV - [2007.12.27 15:39:20 | 000,051,816 | ---- | M] () [Auto | Running] -- C:\Programme\IVT Corporation\BlueSoleil\StartSkysolSvc.exe -- (Start BT in service)
SRV - [2007.05.31 09:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007.05.31 09:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2003.07.28 12:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbmodem.sys -- (USBModem)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbdiag.sys -- (UsbDiag)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbbus.sys -- (usbbus)
DRV - File not found [Kernel | System | Stopped] -- C:\Windows\system32\drivers\SBREdrv.sys -- (SBRE)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\motodrv.sys -- (MotDev)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\motoandroid.sys -- (motandroidusb)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\ZR7DRI~1\AppData\Local\Temp\mfe_rr.sys -- (MFE_RR)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\C10F.tmp -- (MEMSWEEP2)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgbtbus.sys -- (lgbusenum)
DRV - File not found [File_System | Boot | Stopped] -- system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2012.10.01 17:14:23 | 000,134,184 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2012.09.24 09:58:11 | 000,036,552 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2012.09.13 10:58:17 | 000,083,792 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2012.08.28 19:41:29 | 000,025,200 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggsemc.sys -- (ggsemc)
DRV - [2012.08.28 19:41:29 | 000,012,400 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggflt.sys -- (ggflt)
DRV - [2012.08.27 15:50:24 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2012.08.21 11:13:15 | 000,729,752 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012.08.21 11:13:15 | 000,355,632 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012.08.21 11:13:15 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012.08.21 11:13:14 | 000,058,680 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2012.08.21 11:13:14 | 000,044,784 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2012.08.21 11:13:13 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012.07.31 12:42:48 | 000,181,344 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudserd.sys -- (ssudserd)
DRV - [2012.07.31 12:42:48 | 000,181,344 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudmdm.sys -- (ssudmdm)
DRV - [2012.07.31 12:42:48 | 000,083,168 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudbus.sys -- (dg_ssudbus)
DRV - [2012.07.05 13:53:38 | 000,019,832 | ---- | M] (IObit.com) [Kernel | On_Demand | Running] -- C:\Programme\IObit\IObit Malware Fighter\Drivers\win7_x86\UrlFilter.sys -- (UrlFilter)
DRV - [2012.07.05 13:53:36 | 000,030,640 | ---- | M] (IObit.com) [Kernel | On_Demand | Running] -- C:\Programme\IObit\IObit Malware Fighter\Drivers\win7_x86\RegFilter.sys -- (RegFilter)
DRV - [2012.06.11 11:56:32 | 000,020,864 | ---- | M] (Motorola Mobility Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motccgp.sys -- (motccgp)
DRV - [2012.06.08 16:09:10 | 000,023,808 | ---- | M] (Motorola Mobility Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Motousbnet.sys -- (Motousbnet)
DRV - [2012.06.08 16:08:52 | 000,006,656 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motswch.sys -- (MotoSwitchService)
DRV - [2012.06.08 16:08:26 | 000,024,576 | ---- | M] (Motorola Mobility Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motmodem.sys -- (motmodem)
DRV - [2012.03.07 03:11:00 | 000,025,856 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandnetadb.sys -- (andnetadb)
DRV - [2012.03.02 16:02:00 | 000,025,088 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandmodem.sys -- (ANDModem)
DRV - [2012.03.02 16:02:00 | 000,020,736 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lganddiag.sys -- (AndDiag)
DRV - [2012.03.02 16:02:00 | 000,020,096 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandgps.sys -- (AndGps)
DRV - [2012.03.02 16:02:00 | 000,014,336 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandbus.sys -- (Andbus)
DRV - [2012.02.07 17:46:02 | 000,024,328 | ---- | M] (CPUID) [Kernel | On_Demand | Stopped] -- C:\Programme\CPUID\PC Wizard 2012\pcwiz_x32.sys -- (cpuz135)
DRV - [2012.01.25 14:57:46 | 000,008,448 | ---- | M] (Motorola Mobility Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motccgpfl.sys -- (motccgpfl)
DRV - [2012.01.05 18:07:20 | 000,020,336 | ---- | M] (IObit) [File_System | On_Demand | Running] -- C:\Programme\IObit\IObit Malware Fighter\Drivers\win7_x86\FileMonitor.sys -- (FileMonitor)
DRV - [2011.11.08 13:59:04 | 000,011,008 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motusbdevice.sys -- (motusbdevice)
DRV - [2011.01.08 05:27:00 | 010,467,656 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2010.12.13 05:59:14 | 000,036,360 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\blueletaudio.sys -- (BlueletAudio)
DRV - [2010.12.13 05:45:42 | 000,036,616 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btcusb.sys -- (Btcsrusb)
DRV - [2010.12.12 21:40:51 | 000,032,392 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VcommMgr.sys -- (VcommMgr)
DRV - [2010.12.12 21:34:13 | 000,014,856 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VComm.sys -- (VComm)
DRV - [2010.12.02 15:13:30 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2010.12.02 15:13:28 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2010.12.02 15:13:26 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2010.12.02 15:13:22 | 000,018,304 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2010.12.01 11:51:53 | 000,110,304 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\ACEDRV09.sys -- (ACEDRV09)
DRV - [2010.11.20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.11.20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WINUSB)
DRV - [2010.09.01 10:30:58 | 000,015,544 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\psi_mf.sys -- (PSI)
DRV - [2010.06.23 10:24:56 | 000,023,040 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\htcnprot.sys -- (htcnprot)
DRV - [2010.04.01 10:13:38 | 001,009,184 | ---- | M] (Realtek Semiconductor Corporation                          ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rtl8192se.sys -- (rtl8192se)
DRV - [2010.03.12 18:22:18 | 000,081,920 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ser2pl.sys -- (Ser2pl)
DRV - [2009.12.22 14:43:16 | 001,558,368 | ---- | M] (NXP Semiconductors Germany GmbH) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NxpCap.sys -- (NxpCap)
DRV - [2009.10.29 12:20:40 | 000,010,360 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hidkmdf.sys -- (hidkmdf)
DRV - [2009.10.29 12:20:38 | 000,022,392 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NW1950.sys -- (NW1950)
DRV - [2009.10.26 17:54:26 | 000,025,088 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ANDROIDUSB.sys -- (HTCAND32)
DRV - [2009.08.08 00:46:56 | 000,023,112 | ---- | M] (SiSoftware) [Kernel | On_Demand | Stopped] -- C:\Programme\SiSoftware\SiSoftware Sandra Lite 2011b\WNt500x86\sandra.sys -- (SANDRA)
DRV - [2009.06.30 17:32:54 | 000,212,000 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\nvstor32.sys -- (nvstor32)
DRV - [2009.06.29 00:36:36 | 000,017,920 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2009.06.08 10:00:56 | 000,071,696 | ---- | M] (Raxco Software, Inc.) [File_System | Auto | Running] -- C:\Windows\System32\drivers\DefragFs.sys -- (DefragFS)
DRV - [2009.06.05 01:47:48 | 000,024,608 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\nvamacpi.sys -- (nvamacpi)
DRV - [2009.01.29 18:11:20 | 000,006,016 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motfilt.sys -- (BTCFilterService)
DRV - [2008.08.26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007.06.24 21:56:40 | 000,027,656 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\BlueletSCOAudio.sys -- (BlueletSCOAudio)
DRV - [2007.03.05 20:59:04 | 000,018,320 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btnetdrv.sys -- (BT)
DRV - [2007.03.05 20:56:18 | 000,035,600 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\BtHidMgr.sys -- (BTHidMgr)
DRV - [2007.03.05 20:55:12 | 000,020,880 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\VBTEnum.sys -- (BTHidEnum)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\URLSearchHook:  - No CLSID value found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope =
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
 
IE - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\..\SearchScopes\{095C1A85-7264-4B56-BB5A-783E8E888AB2}: "URL" = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=302398&p={searchTerms}
IE - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\..\SearchScopes\{0A5C582A-2E0F-45B4-A278-5CC42B563211}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=kw&q={searchTerms}&locale=&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^YY^DE&apn_uid=b270a8c8-c838-4580-968b-86c69f2550a3&apn_sauid=74ACD6B1-898A-4431-99F3-0D200D08CED2
IE - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
IE - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\..\SearchScopes\{D73A46A4-5C66-4286-8399-9A51DF36E0A0}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=MEDTDF&pc=MAMD&src=IE-SearchBox
IE - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1166636.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi:  File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=4.0: C:\Program Files\Virtual Earth 3D\ [2011.06.18 18:41:42 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00: C:\Program Files\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.2.72: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.2.72: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.2.72: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.2.72: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.2.72: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: C:\Program Files\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.3: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1: C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll (Yahoo! Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2011.05.22 21:16:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012.02.28 18:48:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Program Files\AVG\AVG2012\Firefox\DoNotTrack\ [2012.05.01 15:59:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012.08.27 14:18:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.07 18:31:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.07 18:31:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.07 18:31:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.07 18:31:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.07 18:31:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.07 18:31:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.07 18:31:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.07 18:31:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.07 18:31:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.07 18:31:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.07 18:31:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.07 18:31:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.07 18:31:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 15.0.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.06.21 05:20:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2011.05.22 21:16:30 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.07 18:31:51 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.07 18:31:51 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.07 18:31:51 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.07 18:31:51 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
 
[2012.10.09 21:43:40 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.09.07 18:31:39 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.09.07 18:31:51 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010.12.09 12:47:06 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2007.03.10 01:16:44 | 000,189,496 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\mozilla firefox\plugins\npyaxmpb.dll
[2012.06.01 18:33:00 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.08.30 19:24:08 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.06.01 18:33:00 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.06.01 18:33:00 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.06.01 18:33:00 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.06.01 18:33:00 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.92\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.92\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.92\pdf.dll
CHR - plugin: Skype Click to Call (Enabled) = C:\Users\zr7driver\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.2.0.10687_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Windows Genuine Advantage (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npLegitCheckPlugin.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit)  (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit)  (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: Yahoo! activeX Plug-in Bridge (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll
CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility (Enabled) = C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Java Deployment Toolkit 7.0.70.10 (Enabled) = C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll
CHR - plugin: Java(TM) Platform SE 7 U7 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: Media Go Detector (Enabled) = C:\Program Files\Sony\Media Go\npmediago.dll
CHR - plugin: PlayStation(R)Network Downloader Check Plug-in (Enabled) = C:\Program Files\Sony\PLAYSTATION Network Downloader\nppsndl.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: RealNetworks(tm) Chrome Background Extension Plug-In (32-bit)  (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw_1166636.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - Extension: avast! WebRep = C:\Users\zr7driver\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1466_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\zr7driver\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: Skype Click to Call = C:\Users\zr7driver\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.2.0.10687_0\
 
O1 HOSTS File: ([2012.05.04 08:56:10 | 000,442,850 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1        www.007guard.com
O1 - Hosts: 127.0.0.1        007guard.com
O1 - Hosts: 127.0.0.1        008i.com
O1 - Hosts: 127.0.0.1        www.008k.com
O1 - Hosts: 127.0.0.1        008k.com
O1 - Hosts: 127.0.0.1        www.00hq.com
O1 - Hosts: 127.0.0.1        00hq.com
O1 - Hosts: 127.0.0.1        010402.com
O1 - Hosts: 127.0.0.1        www.032439.com
O1 - Hosts: 127.0.0.1        032439.com
O1 - Hosts: 127.0.0.1        www.0scan.com
O1 - Hosts: 127.0.0.1        0scan.com
O1 - Hosts: 127.0.0.1        1000gratisproben.com
O1 - Hosts: 127.0.0.1        www.1000gratisproben.com
O1 - Hosts: 127.0.0.1        1001namen.com
O1 - Hosts: 127.0.0.1        www.1001namen.com
O1 - Hosts: 127.0.0.1        www.100888290cs.com
O1 - Hosts: 127.0.0.1        100888290cs.com
O1 - Hosts: 127.0.0.1        100sexlinks.com
O1 - Hosts: 127.0.0.1        www.100sexlinks.com
O1 - Hosts: 127.0.0.1        www.10sek.com
O1 - Hosts: 127.0.0.1        10sek.com
O1 - Hosts: 127.0.0.1        1-2005-search.com
O1 - Hosts: 127.0.0.1        www.1-2005-search.com
O1 - Hosts: 127.0.0.1        www.123fporn.info
O1 - Hosts: 15214 more lines...
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Programme\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Programme\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Windows Live ID-Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (WOT Helper) - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Programme\WOT\WOT.dll ()
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (WOT) - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Programme\WOT\WOT.dll ()
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Programme\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\..\Toolbar\WebBrowser: (WOT) - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Programme\WOT\WOT.dll ()
O3 - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Programme\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
O4 - HKLM..\Run: [adm_tray.exe] C:\Programme\Acronis\DriveMonitor\adm_tray.exe ()
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [IObit Malware Fighter] C:\Program Files\IObit\IObit Malware Fighter\IMF.exe (IObit)
O4 - HKLM..\Run: [LexwareInfoService] C:\Program Files\Common Files\Lexware\Update Manager\LxUpdateManager.exe (Haufe-Lexware GmbH & Co. KG)
O4 - HKLM..\Run: [mumservice] C:\Programme\Motorola\Software Update\mumservice.exe (Motorola)
O4 - HKU\.DEFAULT..\Run: [FRITZ!protect] FwebProt.exe File not found
O4 - HKU\S-1-5-18..\Run: [FRITZ!protect] FwebProt.exe File not found
O4 - HKU\S-1-5-21-2688999502-884777346-3256751407-1001..\Run: [KiesPDLR] C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O4 - HKU\S-1-5-21-2688999502-884777346-3256751407-1001..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe (Samsung)
O4 - HKU\S-1-5-21-2688999502-884777346-3256751407-1001..\Run: [Sony PC Companion] C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe (Sony)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk =  File not found
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk =  File not found
O4 - Startup: C:\Users\zr7driver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\zr7driver\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\zr7driver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FRITZ!DSL Internet.lnk = C:\Programme\FRITZ!DSL\FritzDsl.exe (AVM Berlin)
O4 - Startup: C:\Users\zr7driver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FRITZ!DSL Protect.lnk = C:\Programme\FRITZ!DSL\FwebProt.exe (AVM Berlin)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoPropertiesMyComputer = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFileAssociate = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogoff = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispScrSavPage = 0
O7 - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 221
O7 - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found
O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - Reg Error: Key error. File not found
O9 - Extra Button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Programme\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Programme\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files\FRITZ!DSL\\sarah.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\FRITZ!DSL\sarah.dll (AVM Berlin)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\FRITZ!DSL\sarah.dll (AVM Berlin)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\FRITZ!DSL\sarah.dll (AVM Berlin)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000058 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000059 - C:\Program Files\FRITZ!DSL\sarah.dll (AVM Berlin)
O13 - gopher Prefix: missing
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {1E3F1348-4370-4BBE-A67A-CC7ED824CA85} hxxp://download.microsoft.com/download/7/4/9/749b0dc5-2175-4d5b-a6dd-9c4bc923683e/Selfhelpcontrol.cab (Microsoft Genuine Advantage Self Support Tool)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 10.7.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3752C415-0AD3-4D70-88DD-5C627777D71D}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{70461503-9E7A-42FB-9CFC-1852690458B5}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8BBE4987-A903-408A-A660-FD8F19F10960}: DhcpNameServer = 192.168.42.129
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\wot {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Programme\WOT\WOT.dll ()
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{13769a4b-bcd5-11df-a9f6-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{13769a4b-bcd5-11df-a9f6-806e6f6e6963}\Shell\AutoRun\command - "" = E:\LxSetup.exe
O33 - MountPoints2\{30442c83-27ba-11e1-9df3-001583096ec8}\Shell - "" = AutoRun
O33 - MountPoints2\{30442c83-27ba-11e1-9df3-001583096ec8}\Shell\AutoRun\command - "" = G:\setup.exe -a
O33 - MountPoints2\{50e93006-11bf-11e0-b121-001583096ec8}\Shell - "" = AutoRun
O33 - MountPoints2\{d20cf144-c87b-11df-ad11-001583096ec8}\Shell - "" = AutoRun
O34 - HKLM BootExecute: (pdboot.exe)
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^PHOTOfunSTUDIO 5.2 HD Edition.lnk - C:\Programme\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe - (Panasonic Corporation)
MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Secunia PSI Tray.lnk - C:\Programme\Secunia\PSI\psi_tray.exe - (Secunia)
MsConfig - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: AndroidSync - hkey= - key= - C:\Program Files\Android-Sync\AndroidSync.exe (hxxp://www.android-sync.com)
MsConfig - StartUpReg: B2C_AGENT - hkey= - key= - C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe (LG Electronics)
MsConfig - StartUpReg: Badoo Desktop - hkey= - key= - C:\ProgramData\Badoo\Badoo Desktop\1.2.22.828\Badoo.Desktop.exe (Badoo)
MsConfig - StartUpReg: Guard.Mail.ru.gui - hkey= - key= - C:\Program Files\Guard-ICQ\GuardICQ.exe ()
MsConfig - StartUpReg: HTC Sync Loader - hkey= - key= - C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe ()
MsConfig - StartUpReg: KiesAirMessage - hkey= - key= -  File not found
MsConfig - StartUpReg: KiesHelper - hkey= - key= -  File not found
MsConfig - StartUpReg: KiesPDLR - hkey= - key= - C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
MsConfig - StartUpReg: KiesTrayAgent - hkey= - key= - C:\Programme\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
MsConfig - StartUpReg: Messenger (Yahoo!) - hkey= - key= - C:\Programme\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
MsConfig - StartUpReg: Miranda Fusion - hkey= - key= - C:\Programme\MirandaFusion\fusiontools\mfstart.exe (Miranda Fusion Team)
MsConfig - StartUpReg: mumservice - hkey= - key= - C:\Programme\Motorola\Software Update\mumservice.exe (Motorola)
MsConfig - StartUpReg: NokiaMServer - hkey= - key= - C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
MsConfig - StartUpReg: NokiaOviSuite2 - hkey= - key= - C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe (Nokia)
MsConfig - StartUpReg: TkBellExe - hkey= - key= - c:\program files\real\realplayer\Update\realsched.exe (RealNetworks, Inc.)
MsConfig - StartUpReg: TomTomHOME.exe - hkey= - key= - C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
MsConfig - StartUpReg: WinampAgent - hkey= - key= - C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.)
MsConfig - State: "startup" - 2
 
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: IMFservice - C:\Programme\IObit\IObit Malware Fighter\IMFsrv.exe (IObit)
SafeBootMin: NTDS -  File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS -  File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
ActiveX: {0291E591-EA41-4c82-8106-3DC6CE7F7664} - Reg Error: Value error.
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {166B1BCA-3F9C-11CF-8075-444553540000} - Macromedia Shockwave Director 10.1
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 10.4
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Macromedia Shockwave Director 10.1
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} - Reg Error: Value error.
ActiveX: {347B0667-C7ED-429B-BDE3-CC8D3BACAA31} - Reg Error: Value error.
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Webordner
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - DOTNETFRAMEWORKS
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - Reg Error: Value error.
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.10.10 19:57:00 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\zr7driver\Desktop\OTL.exe
[2012.10.08 09:41:26 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012.10.07 21:11:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2012.10.07 01:11:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.10.07 01:11:15 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.10.07 01:11:15 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.10.05 18:48:20 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2012.10.05 18:48:15 | 000,134,184 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avipbb.sys
[2012.10.05 18:48:15 | 000,083,792 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avgntflt.sys
[2012.10.05 18:48:15 | 000,036,552 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avkmgr.sys
[2012.10.05 18:48:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2012.10.05 18:48:12 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2012.09.29 16:15:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steuer 2010
[2012.09.29 16:15:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexware
[2012.09.29 16:14:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Lexware
[2012.09.29 16:14:21 | 000,000,000 | ---D | C] -- C:\Program Files\Lexware
[2012.09.29 16:11:05 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Lexware
[2012.09.29 16:11:04 | 000,000,000 | ---D | C] -- C:\Users\zr7driver\AppData\Local\Lexware
[2012.09.28 21:41:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Care 365
[2012.09.28 21:41:02 | 000,000,000 | ---D | C] -- C:\Program Files\Wise
[2012.09.21 10:58:54 | 000,000,000 | ---D | C] -- C:\Users\zr7driver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Urlaubsplaner 2013
[2012.09.15 16:55:23 | 000,181,344 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\System32\drivers\ssudserd.sys
[2012.09.15 16:55:23 | 000,181,344 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\System32\drivers\ssudmdm.sys
[2012.09.15 16:55:22 | 000,083,168 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\System32\drivers\ssudbus.sys
[2012.09.14 12:11:42 | 000,000,000 | ---D | C] -- C:\Users\zr7driver\Documents\Steuerfälle
[2012.09.14 12:11:42 | 000,000,000 | ---D | C] -- C:\Users\zr7driver\AppData\Local\AAV
[2012.09.14 12:03:03 | 000,000,000 | ---D | C] -- C:\Program Files\AAVUpdateManager
[2012.09.14 12:02:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steuer-Sparer 2012
[2012.09.14 11:59:38 | 000,000,000 | ---D | C] -- C:\Program Files\Steuer-Sparer 2012
[2012.09.14 11:58:32 | 000,000,000 | ---D | C] -- C:\ProgramData\AAV
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

zr7driver 10.10.2012 19:55
Code:
OTL logfile created on: 10.10.2012 20:00:53 - Run 1
OTL by OldTimer - Version 3.2.69.0    Folder = C:\Users\zr7driver\Desktop
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,25 Gb Total Physical Memory | 2,08 Gb Available Physical Memory | 64,01% Memory free
6,50 Gb Paging File | 4,71 Gb Available in Paging File | 72,45% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 910,41 Gb Total Space | 584,22 Gb Free Space | 64,17% Space Free | Partition Type: NTFS
Drive D: | 20,00 Gb Total Space | 10,36 Gb Free Space | 51,80% Space Free | Partition Type: NTFS
 
Computer Name: ZR7DRIVER-PC | User Name: zr7driver | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.10.10 19:57:07 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\zr7driver\Desktop\OTL.exe
PRC - [2012.09.25 11:00:45 | 000,084,256 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2012.09.25 10:54:05 | 000,554,784 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe
PRC - [2012.09.25 10:52:56 | 000,108,320 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.09.25 10:52:48 | 000,386,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.09.24 17:24:20 | 001,161,768 | ---- | M] (WiseCleaner.com) -- C:\Programme\Wise\Wise Care 365\WiseTray.exe
PRC - [2012.09.19 19:20:40 | 000,079,136 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2012.09.18 01:07:45 | 000,212,432 | ---- | M] (Google Inc.) -- C:\Programme\Google\Update\1.3.21.123\GoogleCrashHandler.exe
PRC - [2012.08.31 02:52:22 | 000,021,432 | ---- | M] () -- C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
PRC - [2012.08.31 02:52:12 | 000,964,024 | ---- | M] (Samsung) -- C:\Programme\Samsung\Kies\Kies.exe
PRC - [2012.08.21 11:12:26 | 004,282,728 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastUI.exe
PRC - [2012.08.21 11:12:25 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe
PRC - [2012.08.13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.07.25 04:08:10 | 026,909,544 | ---- | M] (Dropbox, Inc.) -- C:\Users\zr7driver\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2012.07.17 22:31:18 | 000,776,088 | ---- | M] () -- C:\Programme\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
PRC - [2012.07.17 22:31:18 | 000,116,632 | ---- | M] () -- C:\Programme\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
PRC - [2012.07.02 16:02:28 | 004,473,728 | ---- | M] (IObit) -- C:\Programme\IObit\IObit Malware Fighter\IMF.exe
PRC - [2012.03.23 14:25:24 | 000,087,040 | ---- | M] () -- C:\Programme\HTC\Internet Pass-Through\PassThruSvr.exe
PRC - [2012.02.29 16:56:07 | 001,564,368 | ---- | M] () -- C:\Programme\Guard-ICQ\GuardICQ.exe
PRC - [2012.01.23 06:43:08 | 000,092,592 | ---- | M] (TomTom) -- C:\Programme\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2012.01.09 20:17:44 | 000,821,592 | ---- | M] (IObit) -- C:\Programme\IObit\IObit Malware Fighter\IMFsrv.exe
PRC - [2011.09.02 16:06:38 | 000,065,657 | ---- | M] (Motorola) -- C:\Programme\Motorola\MotForwardDaemon\ForwardDaemon.exe
PRC - [2011.05.24 11:33:30 | 001,840,128 | ---- | M] (MAGIX AG) -- C:\Programme\Common Files\MAGIX Services\Database\bin\FABS.exe
PRC - [2011.03.10 20:57:04 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft\BingBar\SeaPort.EXE
PRC - [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2011.02.24 19:07:06 | 000,470,120 | ---- | M] () -- C:\Programme\Acronis\DriveMonitor\adm_tray.exe
PRC - [2011.02.12 07:43:02 | 000,660,576 | ---- | M] (Acronis) -- C:\Programme\Common Files\Acronis\Schedule2\schedul2.exe
PRC - [2011.02.12 07:40:50 | 000,365,632 | ---- | M] (Acronis) -- C:\Programme\Common Files\Acronis\Schedule2\schedhlp.exe
PRC - [2011.01.07 22:06:12 | 000,803,432 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\Display\NvXDSync.exe
PRC - [2011.01.05 12:31:34 | 000,399,416 | ---- | M] (Secunia) -- C:\Programme\Secunia\PSI\sua.exe
PRC - [2011.01.05 12:31:32 | 000,988,216 | ---- | M] (Secunia) -- C:\Programme\Secunia\PSI\psia.exe
PRC - [2010.11.20 14:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2010.11.20 14:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010.11.20 14:17:41 | 001,174,016 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Sidebar\sidebar.exe
PRC - [2010.11.05 17:11:52 | 000,081,920 | R--- | M] (Nero AG) -- C:\Programme\Motorola Media Link\NServiceEntry.exe
PRC - [2010.04.05 21:55:01 | 000,116,104 | ---- | M] () -- C:\Programme\Canon\IJPLM\ijplmsvc.exe
PRC - [2010.04.02 11:18:54 | 001,185,112 | ---- | M] (CANON INC.) -- C:\Programme\Canon\Solution Menu EX\CNSEMAIN.EXE
PRC - [2010.03.25 03:50:00 | 002,516,296 | ---- | M] (CANON INC.) -- C:\Programme\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2009.12.24 12:17:20 | 000,100,152 | ---- | M] (MICRO-STAR INT'L,.LTD.) -- C:\Programme\msi\OSD hot keys\WMI_Hook_Service.exe
PRC - [2009.08.18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
PRC - [2009.08.18 11:29:22 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
PRC - [2009.07.28 16:07:42 | 000,073,528 | ---- | M] (AVM Berlin) -- C:\Programme\FRITZ!DSL\IGDCTRL.EXE
PRC - [2009.07.27 11:38:46 | 000,987,960 | ---- | M] (AVM Berlin) -- C:\Programme\FRITZ!DSL\FritzDsl.exe
PRC - [2009.07.23 14:13:10 | 000,066,824 | ---- | M] (Raxco Software, Inc.) -- C:\Programme\Raxco\PerfectDisk10\PDAgentS1.exe
PRC - [2009.07.23 14:13:08 | 000,931,080 | ---- | M] (Raxco Software, Inc.) -- C:\Programme\Raxco\PerfectDisk10\PDAgent.exe
PRC - [2009.07.20 11:01:00 | 000,760,120 | ---- | M] (AVM Berlin) -- C:\Programme\FRITZ!DSL\StCenter.exe
PRC - [2009.07.14 03:14:21 | 000,294,400 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\ink\InputPersonalization.exe
PRC - [2009.06.03 21:59:02 | 000,103,720 | ---- | M] (CyberLink) -- C:\Programme\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2009.04.09 12:45:26 | 001,061,688 | ---- | M] (AVM Berlin) -- C:\Programme\FRITZ!DSL\FwebProt.exe
PRC - [2009.01.26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Programme\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2008.11.09 22:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Programme\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008.10.24 16:35:44 | 000,128,296 | ---- | M] () -- C:\Programme\AAVUpdateManager\aavus.exe
PRC - [2008.06.13 14:24:02 | 000,081,920 | ---- | M] (Firebird Project) -- C:\Programme\Firebird\Firebird_2_1\bin\fbguard.exe
PRC - [2008.06.13 14:22:50 | 002,723,840 | ---- | M] (Firebird Project) -- C:\Programme\Firebird\Firebird_2_1\bin\fbserver.exe
PRC - [2007.12.27 15:39:30 | 000,166,520 | ---- | M] () -- C:\Programme\IVT Corporation\BlueSoleil\BTNtService.exe
PRC - [2007.12.27 15:39:20 | 000,051,816 | ---- | M] () -- C:\Programme\IVT Corporation\BlueSoleil\StartSkysolSvc.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.10.10 03:47:16 | 000,115,137 | ---- | M] () -- C:\Users\zr7driver\AppData\Local\Temp\fbe2808e-2380-4f14-a1fa-3fa9c3a364e8\CliSecureRT.dll
MOD - [2012.09.15 18:54:57 | 015,399,936 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Theme\002b4b1af5f8145bf6b6afe21d4f1db2\Kies.Theme.ni.dll
MOD - [2012.09.15 18:54:56 | 000,608,256 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DevicePodcast\de1a504d1535e5005fbae8f6a4d97ce5\DevicePodcast.ni.dll
MOD - [2012.09.15 18:54:54 | 000,290,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceVideo\ee12ab3bf308cbe22f373afbddf0be6b\DeviceVideo.ni.dll
MOD - [2012.09.15 18:54:52 | 000,367,104 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DevicePhoto\e5e58a020638d28d3740195f1d0738da\DevicePhoto.ni.dll
MOD - [2012.09.15 18:54:51 | 000,299,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceMusic\0377dd6ed6a5e92a0b8d6eb7d0b64f79\DeviceMusic.ni.dll
MOD - [2012.09.15 18:54:50 | 000,461,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\VideoManager\23e80240003377b6412081a4523943fe\VideoManager.ni.dll
MOD - [2012.09.15 18:54:48 | 002,778,112 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PodcastService\23fd65cd04b03d19931758d7472e38a4\PodcastService.ni.dll
MOD - [2012.09.15 18:54:45 | 001,143,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Podcaster\65018f5e3da23293d642168f7b132d40\Podcaster.ni.dll
MOD - [2012.09.15 18:54:42 | 000,607,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PhotoManager\e96a4bd6a51ec7762f15f9bc64c6c33a\PhotoManager.ni.dll
MOD - [2012.09.15 18:54:16 | 000,033,792 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\deb1e04d94f18bc88afabf744c5d87aa\Kies.Common.DeviceServiceLib.FirmwareUpdate.FirmwareUpdateAgentHelper.ni.dll
MOD - [2012.09.15 18:54:14 | 005,677,568 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceHost\64d3040868aba797c48f608f5361e5bc\DeviceHost.ni.dll
MOD - [2012.09.15 18:53:59 | 001,843,712 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Phonebook\1bedf64dbdd091ac8dceee7cbfd84a88\Phonebook.ni.dll
MOD - [2012.09.15 18:53:50 | 001,008,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CPKTMusicPlugin\f73c846c21b32d8e446f08fe7bf0b75a\CPKTMusicPlugin.ni.dll
MOD - [2012.09.15 18:53:47 | 000,964,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\MusicManager\dc5b622e73080b69c1c63606f283b795\MusicManager.ni.dll
MOD - [2012.09.15 18:53:41 | 000,320,512 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\EBookManager\e5c8f9e08db50fb625c029361147f47e\EBookManager.ni.dll
MOD - [2012.09.15 18:53:39 | 000,391,168 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\BATPlugin\ed8a6670f7dbe1ae78aa091a0935fb87\BATPlugin.ni.dll
MOD - [2012.09.15 18:53:38 | 000,031,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\AllShareController\c209d4b3c25507564757710f6d4a4570\AllShareController.ni.dll
MOD - [2012.09.15 18:53:37 | 000,507,392 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.MediaDB\25823a7264f74e67158031f485c0bb23\Kies.Common.MediaDB.ni.dll
MOD - [2012.09.15 18:53:37 | 000,029,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.StoreMa#\d9eca4746981ac218c1dbe0c131ce108\Kies.Common.StoreManager.ni.dll
MOD - [2012.09.15 18:53:35 | 000,232,960 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\ASF_cSharpAPI\81bb58061bcd2a4c3bf4136abe041d20\ASF_cSharpAPI.ni.dll
MOD - [2012.09.15 18:53:35 | 000,064,000 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.AllShare\065aa3ca107d7b3d679a5f408e535239\Kies.Common.AllShare.ni.dll
MOD - [2012.09.15 18:53:34 | 000,278,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\1f13cee7982e84f07cff152618950b20\Kies.Common.DeviceServiceLib.FirmwareUpdate.Common.ni.dll
MOD - [2012.09.15 18:53:32 | 000,189,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\57b7389241c36caa1d2132d68eddedda\Kies.Common.DeviceServiceLib.FirmwareUpdate.Downloader.ni.dll
MOD - [2012.09.15 18:53:32 | 000,174,592 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.DevFileServ#\170b754ba9dcd78ee0b06a32af4a7c1f\Interop.DevFileServiceLib.ni.dll
MOD - [2012.09.15 18:53:31 | 000,565,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\4b033da616a5e8e2b9ebe95342e9cf0d\Kies.Common.DeviceServiceLib.FileService.ni.dll
MOD - [2012.09.15 18:53:29 | 000,566,784 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\bf6e9c84dd994fef46819ed3bd9fa934\Kies.Common.DeviceServiceLib.DeviceDataService.ni.dll
MOD - [2012.09.15 18:53:26 | 000,184,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\e1837e9c63789850168d0bb76826128d\Kies.Common.DeviceServiceLib.Interface.ni.dll
MOD - [2012.09.15 18:53:25 | 000,902,656 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\4f549b26003474662ef7e2f3be9e3dd3\Kies.Common.DeviceServiceLib.DeviceManagement.ni.dll
MOD - [2012.09.15 18:53:23 | 001,025,536 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\60c16bc46e86b9a852e71968dc63d9c7\Kies.Common.DeviceService.ni.dll
MOD - [2012.09.15 18:53:20 | 000,052,224 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.MP3FileInfo#\c99811c6a988ca6c2104a5b45acbddbb\Interop.MP3FileInfoCOMLib.ni.dll
MOD - [2012.09.15 18:53:20 | 000,030,720 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.PRPLAYERCOR#\25dc31b1903a3689788caf51d3d93f97\Interop.PRPLAYERCORELib.ni.dll
MOD - [2012.09.15 18:53:19 | 002,188,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.Multime#\923e655c1069f7faa553275eb2e6763c\Kies.Common.Multimedia.ni.dll
MOD - [2012.09.15 18:53:15 | 000,183,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.MainUI\4603ed01ff960f6d861f798e826c9442\Kies.Common.MainUI.ni.dll
MOD - [2012.09.15 18:53:13 | 000,067,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DBManag#\dcc3307fb870292826318142cf4fa8aa\Kies.Common.DBManager.ni.dll
MOD - [2012.09.15 18:53:12 | 000,201,728 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.Util\b0cec9954e5583399b377b65a469a74c\Kies.Common.Util.ni.dll
MOD - [2012.09.15 18:53:11 | 001,437,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Locale\c4f56538bb1d5921690a486bf052e30b\Kies.Locale.ni.dll
MOD - [2012.09.15 18:53:10 | 000,078,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.MVVM\afa8de1e7aabde98f9a5fec1abdb9a05\Kies.MVVM.ni.dll
MOD - [2012.09.15 18:53:09 | 001,728,512 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.UI\7a0eb5bc5decef8dc1ef9dd3bca3b4d4\Kies.UI.ni.dll
MOD - [2012.09.15 18:53:06 | 000,119,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\GongSolutions.Wpf.D#\3f6f79987f17c00edce423932abd1cf2\GongSolutions.Wpf.DragDrop.ni.dll
MOD - [2012.09.15 18:53:04 | 001,185,280 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Interface\0a26df964bb433ab607743b20c7704f7\Kies.Interface.ni.dll
MOD - [2012.09.15 18:53:02 | 001,674,240 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies\41f4faf4ff2ba56c26252d6069ceff76\Kies.ni.exe
MOD - [2012.08.31 02:52:22 | 000,021,432 | ---- | M] () -- C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
MOD - [2012.07.17 22:31:18 | 000,776,088 | ---- | M] () -- C:\Programme\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
MOD - [2012.06.13 09:05:50 | 000,221,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\26e0457a9776a0e9f23e3986686d90a5\System.ServiceProcess.ni.dll
MOD - [2012.06.13 05:36:30 | 013,198,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\00a4922fbf869a79c043b665035516b6\System.Windows.Forms.ni.dll
MOD - [2012.06.13 05:26:03 | 018,019,840 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\d239f585ee55f833dbe21e897e1265ac\PresentationFramework.ni.dll
MOD - [2012.06.13 05:25:46 | 011,522,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\b7de318e9fd1ef519ca6c1f3b5dba8e0\PresentationCore.ni.dll
MOD - [2012.06.13 05:25:32 | 003,881,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\a6e37a05b8d0cedbc5c3ea266ae3fc31\WindowsBase.ni.dll
MOD - [2012.06.13 05:25:27 | 001,666,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\4230ed1c7990e4ee8352baf67a2a85fa\System.Drawing.ni.dll
MOD - [2012.06.03 09:36:31 | 000,032,256 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.OGGFileInfo#\cbeefee33636e0d0be226cf11e180ba3\Interop.OGGFileInfoCOMLib.ni.dll
MOD - [2012.06.03 09:36:30 | 000,171,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.P3MPINTERFA#\b0b31095249cec5ef5c0407fa6b7fc22\Interop.P3MPINTERFACECTRLLib.ni.dll
MOD - [2012.06.03 09:36:22 | 000,395,776 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CabLib\6265ffca46eab52d5f798847b5ea908c\CabLib.ni.dll
MOD - [2012.06.03 09:36:21 | 000,530,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\ICSharpCode.SharpZi#\2d7161baa59dd2c1c39f4a192d760e7d\ICSharpCode.SharpZipLib.ni.dll
MOD - [2012.06.03 09:36:20 | 000,052,224 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.DeviceSearc#\9a6bad5be6518d4a975893676a49a82c\Interop.DeviceSearchLib.ni.dll
MOD - [2012.05.09 10:26:42 | 001,218,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\d0e1cdaff8f9055187f8e7b52c060dff\System.Management.ni.dll
MOD - [2012.05.09 10:21:00 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\63bc6e391de5014965039e100ce1e9d5\System.Runtime.Remoting.ni.dll
MOD - [2012.05.09 10:20:41 | 001,782,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\b68bee05c7e518172982cc92059c3315\System.Xaml.ni.dll
MOD - [2012.05.09 10:12:43 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\608d29d7cc89f3a9a195c91354561915\PresentationFramework.Aero.ni.dll
MOD - [2012.05.09 10:08:26 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\a84262e1224189f93e10cd3c403a9527\System.Configuration.ni.dll
MOD - [2012.05.09 10:08:13 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\9abe44a0f82070ead5f1256683a4d25a\System.Xml.ni.dll
MOD - [2012.05.09 10:07:42 | 007,069,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\09bd2126bba2ab4f29ed52afde1470d7\System.Core.ni.dll
MOD - [2012.05.09 10:07:30 | 009,092,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\a6be120e49f895ef6b00e9918402395b\System.ni.dll
MOD - [2012.05.09 10:07:19 | 014,414,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\c1af4ec9a36f671617a8ecaec00373f4\mscorlib.ni.dll
MOD - [2012.02.17 20:55:35 | 000,166,912 | ---- | M] () -- C:\Programme\WinRAR\RarExt.dll
MOD - [2011.02.24 19:07:06 | 000,470,120 | ---- | M] () -- C:\Programme\Acronis\DriveMonitor\adm_tray.exe
MOD - [2011.02.24 18:39:44 | 000,012,128 | ---- | M] () -- C:\Programme\Common Files\Acronis\DriveMonitor\Common\icudt38.dll
MOD - [2009.06.03 21:59:14 | 000,013,096 | ---- | M] () -- C:\Programme\CyberLink\Power2Go\CLMLSvcPS.dll
MOD - [2009.06.03 21:59:02 | 000,619,816 | ---- | M] () -- C:\Programme\CyberLink\Power2Go\CLMediaLibrary.dll
MOD - [2009.02.04 12:08:06 | 000,207,872 | ---- | M] () -- C:\Programme\FRITZ!DSL\C90dll.dll
 
 
========== Services (SafeList) ==========
 
SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SBSDWSCService)
SRV - [2012.10.09 11:34:18 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.09.25 11:00:45 | 000,084,256 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.09.25 10:54:05 | 000,554,784 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe -- (AntiVirWebService)
SRV - [2012.09.25 10:52:56 | 000,108,320 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.09.07 18:31:50 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.08.21 11:12:25 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Programme\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012.08.13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.07.17 22:31:18 | 000,116,632 | ---- | M] () [Auto | Running] -- C:\Programme\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe -- (Motorola Device Manager)
SRV - [2012.07.17 15:25:28 | 000,580,648 | ---- | M] (WiseCleaner.com) [Auto | Stopped] -- C:\Programme\Wise\Wise Care 365\BootTime.exe -- (WiseBootAssistant)
SRV - [2012.07.03 13:19:28 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.03.23 14:25:24 | 000,087,040 | ---- | M] () [Auto | Running] -- C:\Programme\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service)
SRV - [2012.02.29 16:56:07 | 001,564,368 | ---- | M] () [Auto | Running] -- C:\Programme\Guard-ICQ\GuardICQ.exe -- (Guard.Mail.ru)
SRV - [2012.01.23 06:43:08 | 000,092,592 | ---- | M] (TomTom) [Auto | Running] -- C:\Programme\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2012.01.18 14:38:28 | 000,155,320 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Programme\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion)
SRV - [2012.01.09 20:17:44 | 000,821,592 | ---- | M] (IObit) [Auto | Running] -- C:\Programme\IObit\IObit Malware Fighter\IMFsrv.exe -- (IMFservice)
SRV - [2011.09.02 16:06:38 | 000,065,657 | ---- | M] (Motorola) [Auto | Running] -- C:\Programme\Motorola\MotForwardDaemon\ForwardDaemon.exe -- (PST Service)
SRV - [2011.05.26 14:34:34 | 000,191,752 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Programme\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011.05.24 11:33:30 | 001,840,128 | ---- | M] (MAGIX AG) [Auto | Running] -- C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs)
SRV - [2011.04.26 14:54:12 | 002,702,848 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Programme\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
SRV - [2011.03.21 13:21:24 | 000,632,832 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2011.03.10 20:57:04 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2011.02.12 07:43:02 | 000,660,576 | ---- | M] (Acronis) [Auto | Running] -- C:\Programme\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2011.01.05 12:31:34 | 000,399,416 | ---- | M] (Secunia) [Auto | Running] -- C:\Programme\Secunia\PSI\sua.exe -- (Secunia Update Agent)
SRV - [2011.01.05 12:31:32 | 000,988,216 | ---- | M] (Secunia) [Auto | Running] -- C:\Programme\Secunia\PSI\psia.exe -- (Secunia PSI Agent)
SRV - [2010.11.20 14:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2010.11.05 17:11:52 | 000,081,920 | R--- | M] (Nero AG) [Auto | Running] -- C:\Programme\Motorola Media Link\NServiceEntry.exe -- (DeviceMonitorService)
SRV - [2010.04.28 07:44:02 | 000,704,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
SRV - [2010.04.05 21:55:01 | 000,116,104 | ---- | M] () [Auto | Running] -- C:\Programme\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2009.12.24 12:17:20 | 000,100,152 | ---- | M] (MICRO-STAR INT'L,.LTD.) [Auto | Running] -- C:\Programme\msi\OSD hot keys\WMI_Hook_Service.exe -- (WMI_Hook_Service)
SRV - [2009.08.24 22:16:36 | 000,406,016 | ---- | M] (mst software GmbH, Germany) [On_Demand | Stopped] -- C:\Programme\Ashampoo\Ashampoo WinOptimizer 2012\DfSdkS.exe -- (DfSdkS)
SRV - [2009.08.18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2009.08.10 15:58:28 | 000,093,848 | ---- | M] (SiSoftware) [On_Demand | Stopped] -- C:\Programme\SiSoftware\SiSoftware Sandra Lite 2011b\RpcAgentSrv.exe -- (SandraAgentSrv)
SRV - [2009.07.28 16:07:42 | 000,073,528 | ---- | M] (AVM Berlin) [Auto | Running] -- C:\Programme\FRITZ!DSL\IGDCTRL.EXE -- (IGDCTRL)
SRV - [2009.07.23 14:13:12 | 001,033,480 | ---- | M] (Raxco Software, Inc.) [On_Demand | Stopped] -- C:\Programme\Raxco\PerfectDisk10\PDEngine.exe -- (PDEngine)
SRV - [2009.07.23 14:13:08 | 000,931,080 | ---- | M] (Raxco Software, Inc.) [Auto | Running] -- C:\Programme\Raxco\PerfectDisk10\PDAgent.exe -- (PDAgent)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008.11.09 22:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Programme\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008.10.24 16:35:44 | 000,128,296 | ---- | M] () [Auto | Running] -- C:\Programme\AAVUpdateManager\aavus.exe -- (AAV UpdateService)
SRV - [2008.06.13 14:24:02 | 000,081,920 | ---- | M] (Firebird Project) [Auto | Running] -- C:\Programme\Firebird\Firebird_2_1\bin\fbguard.exe -- (FirebirdGuardianDefaultInstance)
SRV - [2008.06.13 14:22:50 | 002,723,840 | ---- | M] (Firebird Project) [On_Demand | Running] -- C:\Programme\Firebird\Firebird_2_1\bin\fbserver.exe -- (FirebirdServerDefaultInstance)
SRV - [2007.12.27 15:39:30 | 000,166,520 | ---- | M] () [Auto | Running] -- C:\Programme\IVT Corporation\BlueSoleil\BTNtService.exe -- (BlueSoleil Hid Service)
SRV - [2007.12.27 15:39:20 | 000,051,816 | ---- | M] () [Auto | Running] -- C:\Programme\IVT Corporation\BlueSoleil\StartSkysolSvc.exe -- (Start BT in service)
SRV - [2007.05.31 09:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007.05.31 09:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2003.07.28 12:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbmodem.sys -- (USBModem)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbdiag.sys -- (UsbDiag)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbbus.sys -- (usbbus)
DRV - File not found [Kernel | System | Stopped] -- C:\Windows\system32\drivers\SBREdrv.sys -- (SBRE)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\motodrv.sys -- (MotDev)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\motoandroid.sys -- (motandroidusb)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\ZR7DRI~1\AppData\Local\Temp\mfe_rr.sys -- (MFE_RR)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\C10F.tmp -- (MEMSWEEP2)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgbtbus.sys -- (lgbusenum)
DRV - File not found [File_System | Boot | Stopped] -- system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2012.10.01 17:14:23 | 000,134,184 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2012.09.24 09:58:11 | 000,036,552 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2012.09.13 10:58:17 | 000,083,792 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2012.08.28 19:41:29 | 000,025,200 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggsemc.sys -- (ggsemc)
DRV - [2012.08.28 19:41:29 | 000,012,400 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggflt.sys -- (ggflt)
DRV - [2012.08.27 15:50:24 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2012.08.21 11:13:15 | 000,729,752 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012.08.21 11:13:15 | 000,355,632 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012.08.21 11:13:15 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012.08.21 11:13:14 | 000,058,680 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2012.08.21 11:13:14 | 000,044,784 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2012.08.21 11:13:13 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012.07.31 12:42:48 | 000,181,344 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudserd.sys -- (ssudserd)
DRV - [2012.07.31 12:42:48 | 000,181,344 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudmdm.sys -- (ssudmdm)
DRV - [2012.07.31 12:42:48 | 000,083,168 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudbus.sys -- (dg_ssudbus)
DRV - [2012.07.05 13:53:38 | 000,019,832 | ---- | M] (IObit.com) [Kernel | On_Demand | Running] -- C:\Programme\IObit\IObit Malware Fighter\Drivers\win7_x86\UrlFilter.sys -- (UrlFilter)
DRV - [2012.07.05 13:53:36 | 000,030,640 | ---- | M] (IObit.com) [Kernel | On_Demand | Running] -- C:\Programme\IObit\IObit Malware Fighter\Drivers\win7_x86\RegFilter.sys -- (RegFilter)
DRV - [2012.06.11 11:56:32 | 000,020,864 | ---- | M] (Motorola Mobility Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motccgp.sys -- (motccgp)
DRV - [2012.06.08 16:09:10 | 000,023,808 | ---- | M] (Motorola Mobility Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Motousbnet.sys -- (Motousbnet)
DRV - [2012.06.08 16:08:52 | 000,006,656 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motswch.sys -- (MotoSwitchService)
DRV - [2012.06.08 16:08:26 | 000,024,576 | ---- | M] (Motorola Mobility Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motmodem.sys -- (motmodem)
DRV - [2012.03.07 03:11:00 | 000,025,856 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandnetadb.sys -- (andnetadb)
DRV - [2012.03.02 16:02:00 | 000,025,088 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandmodem.sys -- (ANDModem)
DRV - [2012.03.02 16:02:00 | 000,020,736 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lganddiag.sys -- (AndDiag)
DRV - [2012.03.02 16:02:00 | 000,020,096 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandgps.sys -- (AndGps)
DRV - [2012.03.02 16:02:00 | 000,014,336 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandbus.sys -- (Andbus)
DRV - [2012.02.07 17:46:02 | 000,024,328 | ---- | M] (CPUID) [Kernel | On_Demand | Stopped] -- C:\Programme\CPUID\PC Wizard 2012\pcwiz_x32.sys -- (cpuz135)
DRV - [2012.01.25 14:57:46 | 000,008,448 | ---- | M] (Motorola Mobility Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motccgpfl.sys -- (motccgpfl)
DRV - [2012.01.05 18:07:20 | 000,020,336 | ---- | M] (IObit) [File_System | On_Demand | Running] -- C:\Programme\IObit\IObit Malware Fighter\Drivers\win7_x86\FileMonitor.sys -- (FileMonitor)
DRV - [2011.11.08 13:59:04 | 000,011,008 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motusbdevice.sys -- (motusbdevice)
DRV - [2011.01.08 05:27:00 | 010,467,656 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2010.12.13 05:59:14 | 000,036,360 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\blueletaudio.sys -- (BlueletAudio)
DRV - [2010.12.13 05:45:42 | 000,036,616 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btcusb.sys -- (Btcsrusb)
DRV - [2010.12.12 21:40:51 | 000,032,392 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VcommMgr.sys -- (VcommMgr)
DRV - [2010.12.12 21:34:13 | 000,014,856 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VComm.sys -- (VComm)
DRV - [2010.12.02 15:13:30 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2010.12.02 15:13:28 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2010.12.02 15:13:26 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2010.12.02 15:13:22 | 000,018,304 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2010.12.01 11:51:53 | 000,110,304 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\ACEDRV09.sys -- (ACEDRV09)
DRV - [2010.11.20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.11.20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WINUSB)
DRV - [2010.09.01 10:30:58 | 000,015,544 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\psi_mf.sys -- (PSI)
DRV - [2010.06.23 10:24:56 | 000,023,040 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\htcnprot.sys -- (htcnprot)
DRV - [2010.04.01 10:13:38 | 001,009,184 | ---- | M] (Realtek Semiconductor Corporation                          ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rtl8192se.sys -- (rtl8192se)
DRV - [2010.03.12 18:22:18 | 000,081,920 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ser2pl.sys -- (Ser2pl)
DRV - [2009.12.22 14:43:16 | 001,558,368 | ---- | M] (NXP Semiconductors Germany GmbH) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NxpCap.sys -- (NxpCap)
DRV - [2009.10.29 12:20:40 | 000,010,360 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hidkmdf.sys -- (hidkmdf)
DRV - [2009.10.29 12:20:38 | 000,022,392 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NW1950.sys -- (NW1950)
DRV - [2009.10.26 17:54:26 | 000,025,088 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ANDROIDUSB.sys -- (HTCAND32)
DRV - [2009.08.08 00:46:56 | 000,023,112 | ---- | M] (SiSoftware) [Kernel | On_Demand | Stopped] -- C:\Programme\SiSoftware\SiSoftware Sandra Lite 2011b\WNt500x86\sandra.sys -- (SANDRA)
DRV - [2009.06.30 17:32:54 | 000,212,000 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\nvstor32.sys -- (nvstor32)
DRV - [2009.06.29 00:36:36 | 000,017,920 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2009.06.08 10:00:56 | 000,071,696 | ---- | M] (Raxco Software, Inc.) [File_System | Auto | Running] -- C:\Windows\System32\drivers\DefragFs.sys -- (DefragFS)
DRV - [2009.06.05 01:47:48 | 000,024,608 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\nvamacpi.sys -- (nvamacpi)
DRV - [2009.01.29 18:11:20 | 000,006,016 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motfilt.sys -- (BTCFilterService)
DRV - [2008.08.26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007.06.24 21:56:40 | 000,027,656 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\BlueletSCOAudio.sys -- (BlueletSCOAudio)
DRV - [2007.03.05 20:59:04 | 000,018,320 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btnetdrv.sys -- (BT)
DRV - [2007.03.05 20:56:18 | 000,035,600 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\BtHidMgr.sys -- (BTHidMgr)
DRV - [2007.03.05 20:55:12 | 000,020,880 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\VBTEnum.sys -- (BTHidEnum)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\URLSearchHook:  - No CLSID value found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope =
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
 
IE - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\..\SearchScopes\{095C1A85-7264-4B56-BB5A-783E8E888AB2}: "URL" = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=302398&p={searchTerms}
IE - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\..\SearchScopes\{0A5C582A-2E0F-45B4-A278-5CC42B563211}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=kw&q={searchTerms}&locale=&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^YY^DE&apn_uid=b270a8c8-c838-4580-968b-86c69f2550a3&apn_sauid=74ACD6B1-898A-4431-99F3-0D200D08CED2
IE - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
IE - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\..\SearchScopes\{D73A46A4-5C66-4286-8399-9A51DF36E0A0}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=MEDTDF&pc=MAMD&src=IE-SearchBox
IE - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1166636.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi:  File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=4.0: C:\Program Files\Virtual Earth 3D\ [2011.06.18 18:41:42 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00: C:\Program Files\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.2.72: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.2.72: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.2.72: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.2.72: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.2.72: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: C:\Program Files\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.3: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1: C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll (Yahoo! Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2011.05.22 21:16:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012.02.28 18:48:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Program Files\AVG\AVG2012\Firefox\DoNotTrack\ [2012.05.01 15:59:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012.08.27 14:18:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.07 18:31:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.07 18:31:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.07 18:31:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.07 18:31:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.07 18:31:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.07 18:31:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.07 18:31:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.07 18:31:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.07 18:31:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.07 18:31:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.07 18:31:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.07 18:31:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.07 18:31:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 15.0.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.06.21 05:20:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2011.05.22 21:16:30 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.07 18:31:51 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.07 18:31:51 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.07 18:31:51 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.07 18:31:51 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
 
[2012.10.09 21:43:40 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.09.07 18:31:39 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.09.07 18:31:51 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010.12.09 12:47:06 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2007.03.10 01:16:44 | 000,189,496 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\mozilla firefox\plugins\npyaxmpb.dll
[2012.06.01 18:33:00 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.08.30 19:24:08 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.06.01 18:33:00 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.06.01 18:33:00 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.06.01 18:33:00 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.06.01 18:33:00 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.92\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.92\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.92\pdf.dll
CHR - plugin: Skype Click to Call (Enabled) = C:\Users\zr7driver\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.2.0.10687_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Windows Genuine Advantage (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npLegitCheckPlugin.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit)  (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit)  (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: Yahoo! activeX Plug-in Bridge (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll
CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility (Enabled) = C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Java Deployment Toolkit 7.0.70.10 (Enabled) = C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll
CHR - plugin: Java(TM) Platform SE 7 U7 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: Media Go Detector (Enabled) = C:\Program Files\Sony\Media Go\npmediago.dll
CHR - plugin: PlayStation(R)Network Downloader Check Plug-in (Enabled) = C:\Program Files\Sony\PLAYSTATION Network Downloader\nppsndl.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: RealNetworks(tm) Chrome Background Extension Plug-In (32-bit)  (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw_1166636.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - Extension: avast! WebRep = C:\Users\zr7driver\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1466_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\zr7driver\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: Skype Click to Call = C:\Users\zr7driver\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.2.0.10687_0\
 
O1 HOSTS File: ([2012.05.04 08:56:10 | 000,442,850 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1        www.007guard.com
O1 - Hosts: 127.0.0.1        007guard.com
O1 - Hosts: 127.0.0.1        008i.com
O1 - Hosts: 127.0.0.1        www.008k.com
O1 - Hosts: 127.0.0.1        008k.com
O1 - Hosts: 127.0.0.1        www.00hq.com
O1 - Hosts: 127.0.0.1        00hq.com
O1 - Hosts: 127.0.0.1        010402.com
O1 - Hosts: 127.0.0.1        www.032439.com
O1 - Hosts: 127.0.0.1        032439.com
O1 - Hosts: 127.0.0.1        www.0scan.com
O1 - Hosts: 127.0.0.1        0scan.com
O1 - Hosts: 127.0.0.1        1000gratisproben.com
O1 - Hosts: 127.0.0.1        www.1000gratisproben.com
O1 - Hosts: 127.0.0.1        1001namen.com
O1 - Hosts: 127.0.0.1        www.1001namen.com
O1 - Hosts: 127.0.0.1        www.100888290cs.com
O1 - Hosts: 127.0.0.1        100888290cs.com
O1 - Hosts: 127.0.0.1        100sexlinks.com
O1 - Hosts: 127.0.0.1        www.100sexlinks.com
O1 - Hosts: 127.0.0.1        www.10sek.com
O1 - Hosts: 127.0.0.1        10sek.com
O1 - Hosts: 127.0.0.1        1-2005-search.com
O1 - Hosts: 127.0.0.1        www.1-2005-search.com
O1 - Hosts: 127.0.0.1        www.123fporn.info
O1 - Hosts: 15214 more lines...
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Programme\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Programme\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Windows Live ID-Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (WOT Helper) - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Programme\WOT\WOT.dll ()
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (WOT) - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Programme\WOT\WOT.dll ()
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Programme\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\..\Toolbar\WebBrowser: (WOT) - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Programme\WOT\WOT.dll ()
O3 - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Programme\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
O4 - HKLM..\Run: [adm_tray.exe] C:\Programme\Acronis\DriveMonitor\adm_tray.exe ()
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [IObit Malware Fighter] C:\Program Files\IObit\IObit Malware Fighter\IMF.exe (IObit)
O4 - HKLM..\Run: [LexwareInfoService] C:\Program Files\Common Files\Lexware\Update Manager\LxUpdateManager.exe (Haufe-Lexware GmbH & Co. KG)
O4 - HKLM..\Run: [mumservice] C:\Programme\Motorola\Software Update\mumservice.exe (Motorola)
O4 - HKU\.DEFAULT..\Run: [FRITZ!protect] FwebProt.exe File not found
O4 - HKU\S-1-5-18..\Run: [FRITZ!protect] FwebProt.exe File not found
O4 - HKU\S-1-5-21-2688999502-884777346-3256751407-1001..\Run: [KiesPDLR] C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O4 - HKU\S-1-5-21-2688999502-884777346-3256751407-1001..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe (Samsung)
O4 - HKU\S-1-5-21-2688999502-884777346-3256751407-1001..\Run: [Sony PC Companion] C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe (Sony)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk =  File not found
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk =  File not found
O4 - Startup: C:\Users\zr7driver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\zr7driver\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\zr7driver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FRITZ!DSL Internet.lnk = C:\Programme\FRITZ!DSL\FritzDsl.exe (AVM Berlin)
O4 - Startup: C:\Users\zr7driver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FRITZ!DSL Protect.lnk = C:\Programme\FRITZ!DSL\FwebProt.exe (AVM Berlin)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoPropertiesMyComputer = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFileAssociate = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogoff = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispScrSavPage = 0
O7 - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 221
O7 - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found
O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - Reg Error: Key error. File not found
O9 - Extra Button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Programme\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Programme\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files\FRITZ!DSL\\sarah.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\FRITZ!DSL\sarah.dll (AVM Berlin)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\FRITZ!DSL\sarah.dll (AVM Berlin)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\FRITZ!DSL\sarah.dll (AVM Berlin)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000058 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000059 - C:\Program Files\FRITZ!DSL\sarah.dll (AVM Berlin)
O13 - gopher Prefix: missing
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {1E3F1348-4370-4BBE-A67A-CC7ED824CA85} hxxp://download.microsoft.com/download/7/4/9/749b0dc5-2175-4d5b-a6dd-9c4bc923683e/Selfhelpcontrol.cab (Microsoft Genuine Advantage Self Support Tool)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 10.7.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3752C415-0AD3-4D70-88DD-5C627777D71D}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{70461503-9E7A-42FB-9CFC-1852690458B5}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8BBE4987-A903-408A-A660-FD8F19F10960}: DhcpNameServer = 192.168.42.129
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\wot {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Programme\WOT\WOT.dll ()
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{13769a4b-bcd5-11df-a9f6-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{13769a4b-bcd5-11df-a9f6-806e6f6e6963}\Shell\AutoRun\command - "" = E:\LxSetup.exe
O33 - MountPoints2\{30442c83-27ba-11e1-9df3-001583096ec8}\Shell - "" = AutoRun
O33 - MountPoints2\{30442c83-27ba-11e1-9df3-001583096ec8}\Shell\AutoRun\command - "" = G:\setup.exe -a
O33 - MountPoints2\{50e93006-11bf-11e0-b121-001583096ec8}\Shell - "" = AutoRun
O33 - MountPoints2\{d20cf144-c87b-11df-ad11-001583096ec8}\Shell - "" = AutoRun
O34 - HKLM BootExecute: (pdboot.exe)
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^PHOTOfunSTUDIO 5.2 HD Edition.lnk - C:\Programme\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe - (Panasonic Corporation)
MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Secunia PSI Tray.lnk - C:\Programme\Secunia\PSI\psi_tray.exe - (Secunia)
MsConfig - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: AndroidSync - hkey= - key= - C:\Program Files\Android-Sync\AndroidSync.exe (hxxp://www.android-sync.com)
MsConfig - StartUpReg: B2C_AGENT - hkey= - key= - C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe (LG Electronics)
MsConfig - StartUpReg: Badoo Desktop - hkey= - key= - C:\ProgramData\Badoo\Badoo Desktop\1.2.22.828\Badoo.Desktop.exe (Badoo)
MsConfig - StartUpReg: Guard.Mail.ru.gui - hkey= - key= - C:\Program Files\Guard-ICQ\GuardICQ.exe ()
MsConfig - StartUpReg: HTC Sync Loader - hkey= - key= - C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe ()
MsConfig - StartUpReg: KiesAirMessage - hkey= - key= -  File not found
MsConfig - StartUpReg: KiesHelper - hkey= - key= -  File not found
MsConfig - StartUpReg: KiesPDLR - hkey= - key= - C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
MsConfig - StartUpReg: KiesTrayAgent - hkey= - key= - C:\Programme\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
MsConfig - StartUpReg: Messenger (Yahoo!) - hkey= - key= - C:\Programme\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
MsConfig - StartUpReg: Miranda Fusion - hkey= - key= - C:\Programme\MirandaFusion\fusiontools\mfstart.exe (Miranda Fusion Team)
MsConfig - StartUpReg: mumservice - hkey= - key= - C:\Programme\Motorola\Software Update\mumservice.exe (Motorola)
MsConfig - StartUpReg: NokiaMServer - hkey= - key= - C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
MsConfig - StartUpReg: NokiaOviSuite2 - hkey= - key= - C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe (Nokia)
MsConfig - StartUpReg: TkBellExe - hkey= - key= - c:\program files\real\realplayer\Update\realsched.exe (RealNetworks, Inc.)
MsConfig - StartUpReg: TomTomHOME.exe - hkey= - key= - C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
MsConfig - StartUpReg: WinampAgent - hkey= - key= - C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.)
MsConfig - State: "startup" - 2
 
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: IMFservice - C:\Programme\IObit\IObit Malware Fighter\IMFsrv.exe (IObit)
SafeBootMin: NTDS -  File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS -  File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
ActiveX: {0291E591-EA41-4c82-8106-3DC6CE7F7664} - Reg Error: Value error.
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {166B1BCA-3F9C-11CF-8075-444553540000} - Macromedia Shockwave Director 10.1
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 10.4
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Macromedia Shockwave Director 10.1
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} - Reg Error: Value error.
ActiveX: {347B0667-C7ED-429B-BDE3-CC8D3BACAA31} - Reg Error: Value error.
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Webordner
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - DOTNETFRAMEWORKS
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - Reg Error: Value error.
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.10.10 19:57:00 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\zr7driver\Desktop\OTL.exe
[2012.10.08 09:41:26 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012.10.07 21:11:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2012.10.07 01:11:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.10.07 01:11:15 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.10.07 01:11:15 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.10.05 18:48:20 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2012.10.05 18:48:15 | 000,134,184 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avipbb.sys
[2012.10.05 18:48:15 | 000,083,792 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avgntflt.sys
[2012.10.05 18:48:15 | 000,036,552 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avkmgr.sys
[2012.10.05 18:48:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2012.10.05 18:48:12 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2012.09.29 16:15:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steuer 2010
[2012.09.29 16:15:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexware
[2012.09.29 16:14:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Lexware
[2012.09.29 16:14:21 | 000,000,000 | ---D | C] -- C:\Program Files\Lexware
[2012.09.29 16:11:05 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Lexware
[2012.09.29 16:11:04 | 000,000,000 | ---D | C] -- C:\Users\zr7driver\AppData\Local\Lexware
[2012.09.28 21:41:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Care 365
[2012.09.28 21:41:02 | 000,000,000 | ---D | C] -- C:\Program Files\Wise
[2012.09.21 10:58:54 | 000,000,000 | ---D | C] -- C:\Users\zr7driver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Urlaubsplaner 2013
[2012.09.15 16:55:23 | 000,181,344 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\System32\drivers\ssudserd.sys
[2012.09.15 16:55:23 | 000,181,344 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\System32\drivers\ssudmdm.sys
[2012.09.15 16:55:22 | 000,083,168 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\System32\drivers\ssudbus.sys
[2012.09.14 12:11:42 | 000,000,000 | ---D | C] -- C:\Users\zr7driver\Documents\Steuerfälle
[2012.09.14 12:11:42 | 000,000,000 | ---D | C] -- C:\Users\zr7driver\AppData\Local\AAV
[2012.09.14 12:03:03 | 000,000,000 | ---D | C] -- C:\Program Files\AAVUpdateManager
[2012.09.14 12:02:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steuer-Sparer 2012
[2012.09.14 11:59:38 | 000,000,000 | ---D | C] -- C:\Program Files\Steuer-Sparer 2012
[2012.09.14 11:58:32 | 000,000,000 | ---D | C] -- C:\ProgramData\AAV
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

zr7driver 10.10.2012 20:01
Code:
========== Files - Modified Within 30 Days ==========
 
[2012.10.10 19:57:07 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\zr7driver\Desktop\OTL.exe
[2012.10.10 19:49:41 | 000,009,888 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.10.10 19:49:40 | 000,009,888 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.10.10 19:49:11 | 000,707,706 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.10.10 19:49:11 | 000,661,302 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.10.10 19:49:11 | 000,153,192 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.10.10 19:49:11 | 000,125,388 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.10.10 19:41:04 | 000,001,100 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.10.10 19:40:22 | 000,000,322 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job
[2012.10.10 19:40:21 | 000,000,406 | ---- | M] () -- C:\Windows\tasks\Wise Care 365.job
[2012.10.10 19:40:09 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.10.10 19:39:54 | 2616,643,584 | -HS- | M] () -- C:\hiberfil.sys
[2012.10.10 11:33:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.10.10 11:12:00 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.10.10 10:34:00 | 000,000,944 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2688999502-884777346-3256751407-1001UA.job
[2012.10.09 20:32:20 | 000,538,327 | ---- | M] () -- C:\Users\zr7driver\Desktop\adwcleaner.exe
[2012.10.09 15:15:36 | 000,002,326 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012.10.08 22:34:00 | 000,000,922 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2688999502-884777346-3256751407-1001Core.job
[2012.10.07 21:11:37 | 000,002,022 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2012.10.07 01:11:17 | 000,001,089 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.10.01 17:14:23 | 000,134,184 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avipbb.sys
[2012.09.29 16:25:19 | 000,002,739 | ---- | M] () -- C:\Users\Public\Desktop\Steuer 2010.lnk
[2012.09.28 21:41:07 | 000,001,124 | ---- | M] () -- C:\Users\Public\Desktop\Wise Care 365.lnk
[2012.09.27 21:12:55 | 000,010,495 | ---- | M] () -- C:\Users\zr7driver\WaltherR_elster_2048.pfx
[2012.09.24 09:58:11 | 000,036,552 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avkmgr.sys
[2012.09.21 10:58:54 | 000,001,094 | ---- | M] () -- C:\Users\zr7driver\Desktop\Urlaubsplaner 2013 (Version 2.13) - Deutschland.lnk
[2012.09.18 10:15:17 | 000,000,969 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.09.14 12:09:37 | 000,001,900 | ---- | M] () -- C:\Users\Public\Desktop\Steuer-Sparer 2012.lnk
[2012.09.13 10:58:17 | 000,083,792 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avgntflt.sys
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.10.07 10:04:28 | 000,538,327 | ---- | C] () -- C:\Users\zr7driver\Desktop\adwcleaner.exe
[2012.10.07 01:11:17 | 000,001,089 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.10.05 18:50:12 | 000,002,022 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2012.09.29 16:15:52 | 000,002,739 | ---- | C] () -- C:\Users\Public\Desktop\Steuer 2010.lnk
[2012.09.28 22:24:17 | 000,000,406 | ---- | C] () -- C:\Windows\tasks\Wise Care 365.job
[2012.09.28 21:41:07 | 000,001,124 | ---- | C] () -- C:\Users\Public\Desktop\Wise Care 365.lnk
[2012.09.27 21:12:39 | 000,010,495 | ---- | C] () -- C:\Users\zr7driver\WaltherR_elster_2048.pfx
[2012.09.21 10:58:54 | 000,001,094 | ---- | C] () -- C:\Users\zr7driver\Desktop\Urlaubsplaner 2013 (Version 2.13) - Deutschland.lnk
[2012.09.14 12:02:28 | 000,001,900 | ---- | C] () -- C:\Users\Public\Desktop\Steuer-Sparer 2012.lnk
[2012.07.29 10:59:44 | 000,000,017 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\resmon.resmoncfg
[2012.06.17 13:31:23 | 000,001,124 | ---- | C] () -- C:\Users\zr7driver\Unterammergau_2012.itn
[2012.06.17 13:29:59 | 000,023,945 | ---- | C] () -- C:\Users\zr7driver\Unterammergau_2012.kml
[2012.04.09 20:19:46 | 000,002,773 | ---- | C] () -- \ZR7DRIVER-PC.rtf
[2012.03.30 20:40:37 | 000,338,432 | ---- | C] () -- C:\Windows\System32\sqlite36_engine.dll
[2012.03.15 12:19:31 | 002,950,336 | ---- | C] () -- C:\Users\zr7driver\Kony2012_digital_kit.zip
[2012.02.01 05:41:45 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{4A4B9D26-AA08-4479-8413-EC94C1495FEA}
[2012.01.31 19:15:44 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2012.01.31 19:15:42 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2012.01.31 19:15:42 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2012.01.31 19:15:42 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2012.01.31 19:15:42 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
[2012.01.13 20:08:12 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{3ADCD066-1845-4420-813A-0152E185A562}
[2011.12.30 10:50:01 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{0766FBBE-1B10-4D18-B8FD-7921451DF9C6}
[2011.12.26 13:04:07 | 000,451,072 | ---- | C] () -- C:\Windows\System32\ISSRemoveSP.exe
[2011.12.25 23:49:46 | 000,110,080 | ---- | C] () -- C:\Windows\System32\advd.dll
[2011.12.25 23:49:46 | 000,023,040 | ---- | C] () -- C:\Windows\System32\auth.dll
[2011.12.25 23:49:44 | 000,559,104 | ---- | C] () -- C:\Windows\System32\lame.exe
[2011.12.25 23:49:44 | 000,237,568 | ---- | C] () -- C:\Windows\System32\lame_enc.dll
[2011.12.23 10:50:00 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{1C4F85BF-C25C-40D8-9072-C915C7610CF0}
[2011.12.23 10:02:20 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{DC88FA66-C4A7-4165-B3C1-62F961889D2F}
[2011.12.23 05:42:16 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{753738CE-CC9E-43C5-A535-266989FB1EB0}
[2011.12.22 21:15:10 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{56518DCC-6EA3-475B-8402-DCD2DBC03511}
[2011.12.22 10:50:00 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{CEC58609-76D2-4EA6-9531-7C3AA9E59D4E}
[2011.12.22 09:58:41 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{75C3B094-F8E5-49A6-B3F7-6EE5EC9B06A9}
[2011.12.13 10:50:01 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{36A7198A-B63C-4ED1-8E79-D6E1A01847BA}
[2011.12.13 10:04:48 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{43A6C6E7-5102-4D08-B831-D9FF396BBB74}
[2011.12.12 10:50:02 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{E93FDF79-0B6E-40E7-ACBB-3E68917B158A}
[2011.12.08 10:08:03 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{A4AFC9A3-D672-44ED-982A-467C3938BFE7}
[2011.12.07 09:54:52 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{E9BBF441-1A49-47C7-A653-236B5B3BBFA1}
[2011.12.04 07:22:12 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{AE7A2FF6-BC86-4981-A1CC-55430DF54232}
[2011.12.02 10:04:51 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{5CE40A7C-C86D-4574-AA9B-81AF3B3984FF}
[2011.12.01 21:19:21 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{A67ACE38-ADEE-449A-86E7-909D2DBA9B23}
[2011.12.01 10:06:14 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{A795E345-7B05-4BC3-80F5-8E145C4EDBA5}
[2011.11.30 21:01:54 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{46D14579-E7ED-4468-A4A1-010E6903B9D6}
[2011.11.29 10:50:01 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{15BAC503-F22F-4409-A44E-3EF0670584FA}
[2011.11.29 10:03:41 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{759C9C24-C460-4D61-9460-1EBF1E7E2F7F}
[2011.11.29 05:39:30 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{4D4D9BF3-9AC9-4895-9352-F90DC35855A6}
[2011.11.25 19:49:49 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{A36FD9B9-77B7-4AA3-88CD-916BA7ED3164}
[2011.11.23 19:32:37 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{0BF97707-9995-4474-AA26-C1B7A09F2755}
[2011.11.20 12:36:06 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{9A3933A9-ABB4-4DD1-BDF9-EE9E60064BA0}
[2011.11.14 11:03:11 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{D09CB122-FADC-444C-8947-C71A91EABD81}
[2011.11.14 10:50:03 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{60914264-77B5-4DF5-97B5-7C0FF0508A66}
[2011.10.10 11:33:41 | 000,000,097 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\fusioncache.dat
[2011.06.17 00:36:07 | 005,406,987 | ---- | C] () -- \RUU_signed.nbh
[2011.06.17 00:36:07 | 001,481,928 | ---- | C] () -- \task29.exe
[2011.06.17 00:36:07 | 001,449,160 | ---- | C] () -- \RUUResource.dll
[2011.06.17 00:36:07 | 000,213,864 | ---- | C] () -- \ModelID.fig
[2011.06.17 00:36:07 | 000,175,304 | ---- | C] () -- \rapitool.exe
[2011.06.17 00:36:07 | 000,141,368 | ---- | C] () -- \ErrorUSB.fig
[2011.06.17 00:36:07 | 000,095,552 | ---- | C] () -- \ErrorBattery.fig
[2011.06.17 00:36:07 | 000,013,512 | ---- | C] () -- \RUUGetInfo.exe
[2011.06.17 00:36:07 | 000,008,904 | ---- | C] () -- \EnterBootloader.exe
[2011.06.17 00:36:07 | 000,000,013 | ---- | C] () -- \ROMUpdateUtility.cfg
[2011.06.10 06:34:52 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2011.06.03 22:46:09 | 000,000,518 | ---- | C] () -- C:\Windows\wininit.ini
[2011.04.27 10:40:07 | 000,000,064 | ---- | C] () -- C:\Windows\System32\rp_stats.dat
[2011.04.27 10:40:07 | 000,000,044 | ---- | C] () -- C:\Windows\System32\rp_rules.dat
[2011.01.21 23:30:49 | 000,000,102 | ---- | C] () -- \qehjlhawlh
[2011.01.18 20:57:44 | 000,000,862 | ---- | C] () -- C:\Users\zr7driver\.recently-used.xbel
[2011.01.08 12:02:39 | 000,001,117 | ---- | C] () -- C:\Users\zr7driver\Dokumente - Verknüpfung.lnk
[2011.01.04 21:05:23 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll
[2010.12.26 00:18:10 | 000,000,064 | ---- | C] () -- C:\ProgramData\sandra.ldb
[2010.12.26 00:14:22 | 010,960,896 | ---- | C] () -- C:\ProgramData\sandra.mda
[2010.11.16 21:01:57 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
[2010.11.16 21:01:56 | 000,111,932 | ---- | C] () -- C:\Windows\System32\EPPICPrinterDB.dat
[2010.11.16 21:01:56 | 000,031,053 | ---- | C] () -- C:\Windows\System32\EPPICPattern131.dat
[2010.11.16 21:01:56 | 000,027,417 | ---- | C] () -- C:\Windows\System32\EPPICPattern121.dat
[2010.11.16 21:01:56 | 000,026,154 | ---- | C] () -- C:\Windows\System32\EPPICPattern1.dat
[2010.11.16 21:01:56 | 000,024,903 | ---- | C] () -- C:\Windows\System32\EPPICPattern3.dat
[2010.11.16 21:01:56 | 000,021,390 | ---- | C] () -- C:\Windows\System32\EPPICPattern5.dat
[2010.11.16 21:01:56 | 000,020,148 | ---- | C] () -- C:\Windows\System32\EPPICPattern2.dat
[2010.11.16 21:01:56 | 000,011,811 | ---- | C] () -- C:\Windows\System32\EPPICPattern4.dat
[2010.11.16 21:01:56 | 000,004,943 | ---- | C] () -- C:\Windows\System32\EPPICPattern6.dat
[2010.11.16 21:01:56 | 000,001,146 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_DU.dat
[2010.11.16 21:01:56 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_PT.dat
[2010.11.16 21:01:56 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_BP.dat
[2010.11.16 21:01:56 | 000,001,136 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_ES.dat
[2010.11.16 21:01:56 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_FR.dat
[2010.11.16 21:01:56 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_CF.dat
[2010.11.16 21:01:56 | 000,001,120 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_IT.dat
[2010.11.16 21:01:56 | 000,001,107 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_GE.dat
[2010.11.16 21:01:56 | 000,001,104 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_EN.dat
[2010.10.28 13:24:13 | 000,015,873 | ---- | C] () -- C:\Windows\System32\Inetde.dll
[2010.10.03 22:23:13 | 001,140,638 | ---- | C] () -- C:\Users\zr7driver\Backup LG GT540 Optimus 03.10.2010.mpb
[2010.10.02 22:02:25 | 000,000,360 | -H-- | C] () -- \IPH.PH
[2010.09.24 13:26:13 | 000,050,688 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.09.12 11:27:22 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.09.10 14:15:23 | 2616,643,584 | -HS- | C] () -- \hiberfil.sys
[2010.02.15 15:31:27 | 000,000,000 | RHS- | C] () -- \MSDOS.SYS
[2010.02.15 15:31:27 | 000,000,000 | RHS- | C] () -- \IO.SYS
[2009.07.14 04:04:04 | 000,000,024 | ---- | C] () -- \autoexec.bat
[2009.07.14 04:04:04 | 000,000,010 | ---- | C] () -- \config.sys
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2010.09.10 14:23:37 | 000,000,000 | -H-D | M] -- C:\Users\Administrator\AppData
[2012.09.14 12:05:54 | 000,000,000 | ---D | M] -- C:\Users\All Users\AAV
[2012.06.21 22:54:33 | 000,000,000 | ---D | M] -- C:\Users\All Users\Acronis
[2010.10.02 22:02:57 | 000,000,000 | ---D | M] -- C:\Users\All Users\AIM
[2010.09.10 14:33:24 | 000,000,000 | ---D | M] -- C:\Users\All Users\ALDI Sued Foto Service
[2010.02.15 19:14:06 | 000,000,000 | ---D | M] -- C:\Users\All Users\Aldi Sued Fotoservice
[2010.09.10 14:23:35 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Anwendungsdaten
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Application Data
[2010.02.04 10:24:04 | 000,000,000 | ---D | M] -- C:\Users\All Users\Applications
[2010.10.01 09:50:45 | 000,000,000 | ---D | M] -- C:\Users\All Users\ashampoo
[2010.10.28 14:22:41 | 000,000,000 | ---D | M] -- C:\Users\All Users\Avanquest
[2011.12.13 12:33:25 | 000,000,000 | ---D | M] -- C:\Users\All Users\AVAST Software
[2011.01.21 23:14:26 | 000,000,000 | ---D | M] -- C:\Users\All Users\Avery
[2012.05.01 17:04:55 | 000,000,000 | ---D | M] -- C:\Users\All Users\AVG2012
[2011.03.20 19:35:07 | 000,000,000 | ---D | M] -- C:\Users\All Users\Badoo
[2011.11.13 13:13:35 | 000,000,000 | ---D | M] -- C:\Users\All Users\BlueStacks
[2010.09.11 13:32:20 | 000,000,000 | ---D | M] -- C:\Users\All Users\Bluetooth
[2010.09.10 14:38:52 | 000,000,000 | ---D | M] -- C:\Users\All Users\BullGuard
[2011.01.21 23:25:01 | 000,000,000 | ---D | M] -- C:\Users\All Users\CAM Development
[2012.07.06 11:12:42 | 000,000,000 | ---D | M] -- C:\Users\All Users\Canneverbe Limited
[2010.12.21 18:54:57 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CanonBJ
[2010.12.21 19:18:51 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CanonEPP
[2011.01.06 12:49:01 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CanonIJEGV
[2010.12.21 19:20:52 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CanonIJEPPEX
[2010.12.21 19:18:51 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CanonIJEPPEX2
[2010.12.21 18:59:24 | 000,000,000 | ---D | M] -- C:\Users\All Users\CanonIJMSetup
[2010.12.21 19:18:50 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CanonIJMyPrinter
[2012.10.01 04:30:00 | 000,000,000 | ---D | M] -- C:\Users\All Users\CanonIJPLM
[2010.12.21 19:18:54 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CanonIJSolutionMenuEX
[2010.12.21 18:57:38 | 000,000,000 | ---D | M] -- C:\Users\All Users\CanonIJWSpt
[2011.12.13 12:28:15 | 000,000,000 | ---D | M] -- C:\Users\All Users\CheckPoint
[2012.04.06 22:36:51 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Common Files
[2011.05.27 20:42:55 | 000,000,000 | ---D | M] -- C:\Users\All Users\Das Fussball Studio
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Desktop
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Documents
[2010.09.10 14:23:35 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Dokumente
[2010.09.24 15:06:46 | 000,000,000 | ---D | M] -- C:\Users\All Users\Electronic Arts
[2010.09.10 14:23:35 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Favoriten
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Favorites
[2012.05.30 15:31:55 | 000,000,000 | ---D | M] -- C:\Users\All Users\GFI Software
[2011.09.02 19:02:18 | 000,000,000 | ---D | M] -- C:\Users\All Users\ICQ
[2011.02.03 11:43:08 | 000,000,000 | ---D | M] -- C:\Users\All Users\Installations
[2010.09.14 20:54:50 | 000,000,000 | ---D | M] -- C:\Users\All Users\ISDNWatch
[2011.09.18 13:50:27 | 000,000,000 | ---D | M] -- C:\Users\All Users\Kaspersky SDK
[2012.09.29 16:20:15 | 000,000,000 | ---D | M] -- C:\Users\All Users\Lexware
[2012.08.06 17:35:58 | 000,000,000 | ---D | M] -- C:\Users\All Users\LGMOBILEAX
[2011.12.26 00:31:42 | 000,000,000 | ---D | M] -- C:\Users\All Users\MAGIX
[2010.10.01 09:34:33 | 000,000,000 | ---D | M] -- C:\Users\All Users\Magix Shared
[2012.07.04 11:21:23 | 000,000,000 | ---D | M] -- C:\Users\All Users\Motorola
[2011.02.03 11:45:44 | 000,000,000 | ---D | M] -- C:\Users\All Users\Nokia
[2011.05.22 21:27:49 | 000,000,000 | ---D | M] -- C:\Users\All Users\NokiaAccount
[2011.02.03 11:35:56 | 000,000,000 | ---D | M] -- C:\Users\All Users\NokiaInstallerCache
[2010.10.28 09:33:37 | 000,000,000 | ---D | M] -- C:\Users\All Users\OO Software
[2010.11.17 23:21:04 | 000,000,000 | ---D | M] -- C:\Users\All Users\Panasonic
[2011.02.03 20:58:50 | 000,000,000 | ---D | M] -- C:\Users\All Users\PC Suite
[2010.10.28 14:56:56 | 000,000,000 | ---D | M] -- C:\Users\All Users\PimeroUpdater
[2011.09.25 19:24:16 | 000,000,000 | ---D | M] -- C:\Users\All Users\RapidSolution
[2012.06.03 09:31:13 | 000,000,000 | ---D | M] -- C:\Users\All Users\Samsung
[2010.09.14 09:30:30 | 000,000,000 | ---D | M] -- C:\Users\All Users\ScanSoft
[2010.10.28 14:56:56 | 000,000,000 | ---D | M] -- C:\Users\All Users\soft-evolution
[2012.08.17 13:24:08 | 000,000,000 | ---D | M] -- C:\Users\All Users\Sony
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Start Menu
[2010.09.10 14:23:35 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Startmenü
[2010.09.24 14:39:57 | 000,000,000 | ---D | M] -- C:\Users\All Users\T-Online
[2012.06.05 16:48:09 | 000,000,000 | ---D | M] -- C:\Users\All Users\Temp
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Templates
[2010.12.18 13:26:06 | 000,000,000 | ---D | M] -- C:\Users\All Users\TomTom
[2010.12.12 21:06:36 | 000,000,000 | ---D | M] -- C:\Users\All Users\Uniblue
[2010.09.10 14:23:35 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Vorlagen
[2010.09.10 14:23:35 | 000,000,000 | -HSD | M] -- C:\Users\Default\Anwendungsdaten
[2009.07.14 04:37:05 | 000,000,000 | -H-D | M] -- C:\Users\Default\AppData
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\Default\Application Data
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\Default\Cookies
[2009.07.14 04:04:25 | 000,000,000 | R--D | M] -- C:\Users\Default\Desktop
[2010.09.10 14:23:35 | 000,000,000 | R--D | M] -- C:\Users\Default\Documents
[2009.07.14 04:04:25 | 000,000,000 | R--D | M] -- C:\Users\Default\Downloads
[2010.09.10 14:23:35 | 000,000,000 | -HSD | M] -- C:\Users\Default\Druckumgebung
[2010.09.10 14:23:35 | 000,000,000 | -HSD | M] -- C:\Users\Default\Eigene Dateien
[2010.02.15 14:08:00 | 000,000,000 | R--D | M] -- C:\Users\Default\Favorites
[2009.07.14 04:04:25 | 000,000,000 | R--D | M] -- C:\Users\Default\Links
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\Default\Local Settings
[2010.09.10 14:23:35 | 000,000,000 | -HSD | M] -- C:\Users\Default\Lokale Einstellungen
[2009.07.14 04:04:25 | 000,000,000 | R--D | M] -- C:\Users\Default\Music
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\Default\My Documents
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\Default\NetHood
[2010.09.10 14:23:35 | 000,000,000 | -HSD | M] -- C:\Users\Default\Netzwerkumgebung
[2009.07.14 04:04:25 | 000,000,000 | R--D | M] -- C:\Users\Default\Pictures
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\Default\PrintHood
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\Default\Recent
[2009.07.14 04:04:25 | 000,000,000 | ---D | M] -- C:\Users\Default\Saved Games
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\Default\SendTo
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\Default\Start Menu
[2010.09.10 14:23:35 | 000,000,000 | -HSD | M] -- C:\Users\Default\Startmenü
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\Default\Templates
[2009.07.14 04:04:25 | 000,000,000 | R--D | M] -- C:\Users\Default\Videos
[2010.09.10 14:23:35 | 000,000,000 | -HSD | M] -- C:\Users\Default\Vorlagen
[2012.10.07 21:11:37 | 000,000,000 | RH-D | M] -- C:\Users\Public\Desktop
[2012.05.01 18:01:42 | 000,000,000 | R--D | M] -- C:\Users\Public\Documents
[2009.07.14 06:41:57 | 000,000,000 | R--D | M] -- C:\Users\Public\Downloads
[2009.07.14 04:04:25 | 000,000,000 | RH-D | M] -- C:\Users\Public\Favorites
[2010.09.10 14:23:36 | 000,000,000 | RH-D | M] -- C:\Users\Public\Libraries
[2009.07.14 06:41:57 | 000,000,000 | R--D | M] -- C:\Users\Public\Music
[2010.11.28 10:51:32 | 000,000,000 | R--D | M] -- C:\Users\Public\Pictures
[2010.09.11 11:34:19 | 000,000,000 | R--D | M] -- C:\Users\Public\Recorded TV
[2012.08.21 14:05:30 | 000,000,000 | R--D | M] -- C:\Users\Public\Videos
[2011.01.18 21:04:39 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\.gimp-2.6
[2012.08.16 14:37:17 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\.hgt
[2011.05.29 10:38:53 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\.jordan
[2012.08.11 19:06:48 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\.swt
[2011.01.18 20:57:41 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\.thumbnails
[2010.09.10 14:23:51 | 000,000,000 | -HSD | M] -- C:\Users\zr7driver\Anwendungsdaten
[2010.09.10 14:23:51 | 000,000,000 | -H-D | M] -- C:\Users\zr7driver\AppData
[2010.09.11 13:57:02 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\Application Data
[2012.07.12 18:50:21 | 000,000,000 | R--D | M] -- C:\Users\zr7driver\Contacts
[2010.09.10 14:23:51 | 000,000,000 | -HSD | M] -- C:\Users\zr7driver\Cookies
[2012.10.10 19:57:03 | 000,000,000 | R--D | M] -- C:\Users\zr7driver\Desktop
[2012.09.29 16:08:53 | 000,000,000 | R--D | M] -- C:\Users\zr7driver\Documents
[2012.10.09 18:56:03 | 000,000,000 | R--D | M] -- C:\Users\zr7driver\Downloads
[2012.10.10 19:41:56 | 000,000,000 | R--D | M] -- C:\Users\zr7driver\Dropbox
[2010.09.10 14:23:51 | 000,000,000 | -HSD | M] -- C:\Users\zr7driver\Druckumgebung
[2010.09.10 14:23:51 | 000,000,000 | -HSD | M] -- C:\Users\zr7driver\Eigene Dateien
[2012.08.11 19:12:29 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\Eigene Routen
[2012.07.28 18:43:44 | 000,000,000 | R--D | M] -- C:\Users\zr7driver\Favorites
[2012.03.05 14:54:22 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\Handy
[2012.08.26 18:19:27 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\IGO
[2012.08.03 21:41:35 | 000,000,000 | R--D | M] -- C:\Users\zr7driver\Links
[2010.09.10 14:23:51 | 000,000,000 | -HSD | M] -- C:\Users\zr7driver\Lokale Einstellungen
[2012.10.09 09:02:41 | 000,000,000 | R--D | M] -- C:\Users\zr7driver\Music
[2010.09.10 14:23:51 | 000,000,000 | -HSD | M] -- C:\Users\zr7driver\Netzwerkumgebung
[2012.06.17 13:28:52 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\Neuer Ordner
[2012.06.17 13:29:08 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\Neuer Ordner (2)
[2012.06.17 13:29:52 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\Neuer Ordner (3)
[2012.10.02 19:47:04 | 000,000,000 | R--D | M] -- C:\Users\zr7driver\Pictures
[2012.08.20 17:46:18 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\Podcasts
[2010.09.10 14:23:51 | 000,000,000 | -HSD | M] -- C:\Users\zr7driver\Recent
[2012.07.12 18:50:22 | 000,000,000 | R--D | M] -- C:\Users\zr7driver\Saved Games
[2012.10.07 20:39:51 | 000,000,000 | R--D | M] -- C:\Users\zr7driver\Searches
[2010.09.10 14:23:51 | 000,000,000 | -HSD | M] -- C:\Users\zr7driver\SendTo
[2010.09.10 14:23:51 | 000,000,000 | -HSD | M] -- C:\Users\zr7driver\Startmenü
[2010.12.26 00:01:52 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\Tracing
[2012.09.30 13:51:29 | 000,000,000 | R--D | M] -- C:\Users\zr7driver\Videos
[2010.09.10 14:23:51 | 000,000,000 | -HSD | M] -- C:\Users\zr7driver\Vorlagen
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2010.10.28 14:18:49 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\A-Z Technology
[2010.10.02 22:04:10 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\acccore
[2012.05.30 09:44:14 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Ad-Aware Antivirus
[2011.06.13 19:49:33 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Adobe
[2010.12.16 21:21:27 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\ALK Technologies
[2011.09.09 13:46:44 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Amazon
[2011.10.29 09:06:40 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Apple Computer
[2012.05.26 21:04:40 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Ashampoo
[2012.08.11 11:42:43 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Audacity
[2011.01.26 15:58:44 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Avery
[2012.05.01 16:29:09 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\AVG2012
[2012.10.05 18:56:32 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Avira
[2010.12.04 14:50:24 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\BOM
[2012.07.06 11:12:41 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Canneverbe Limited
[2012.01.23 06:15:42 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Canon
[2010.12.21 19:26:56 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\CD-LabelPrint
[2011.06.04 13:50:55 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\CheckPoint
[2010.09.19 14:50:38 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Chilirec
[2011.09.02 19:03:03 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\COMPUTERBILD-Abzockschutz
[2012.06.03 00:15:44 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\concept design
[2012.06.21 20:11:09 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\convert
[2010.11.27 12:27:16 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Cool Record Edit Pro
[2010.11.19 12:08:31 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Corel
[2010.11.13 22:23:11 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\CyberLink
[2012.10.10 19:41:59 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Dropbox
[2010.09.11 21:55:53 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.10.23 11:56:56 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\FastStone
[2010.10.23 18:03:47 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\FinalTorrent
[2010.11.05 10:08:17 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Fixit-E28F99E6-6133-4824-AECC-4D2FB1701F0B
[2010.12.12 20:59:56 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\foobar2000
[2011.12.25 23:51:12 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Franzis
[2010.11.27 11:25:32 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Free Sound Recorder 2010
[2010.10.28 11:45:39 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\FreeCommander
[2012.10.10 12:09:45 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\FRITZ!
[2010.09.14 20:54:50 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\FRITZ!fax für FRITZ!Box
[2012.06.03 20:12:55 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Geek Uninstaller
[2012.08.23 18:51:08 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\GeoSetter
[2011.01.21 23:12:47 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\GetRightToGo
[2010.09.24 14:52:19 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\GlarySoft
[2011.01.18 20:57:44 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\gtk-2.0
[2012.07.18 09:51:28 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\HTC
[2011.06.13 19:56:38 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1
[2012.05.29 16:30:38 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\ICQ
[2010.09.10 14:24:11 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Identities
[2010.11.16 21:01:55 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\InstallShield
[2012.07.28 18:43:35 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\IObit
[2012.07.12 11:53:07 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\IrfanView
[2012.06.05 16:42:29 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\iSpy
[2012.09.29 16:19:37 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Lexware
[2010.09.13 11:15:13 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\LG Electronics
[2010.09.10 14:47:37 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Macromedia
[2011.12.26 15:19:54 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\MAGIX
[2012.04.06 22:14:51 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Malwarebytes
[2010.10.28 14:25:13 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Marine Aquarium 3
[2009.07.14 10:56:41 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Media Center Programs
[2012.04.09 20:31:48 | 000,000,000 | --SD | M] -- C:\Users\zr7driver\AppData\Roaming\Microsoft
[2011.06.04 09:41:15 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Miranda
[2011.05.01 19:40:34 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Miranda Fusion
[2011.12.16 20:49:54 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\motorola
[2012.07.04 10:14:43 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Motorola Mobility
[2010.09.12 23:24:34 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Mozilla
[2012.06.10 17:56:08 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\MyPhoneExplorer
[2011.10.23 12:38:31 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\NCH Software
[2010.09.24 15:28:50 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Need for Speed World
[2012.10.10 20:14:45 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\NetSpeedMonitor
[2011.02.03 11:47:02 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Nokia
[2011.02.03 11:47:05 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Nokia Ovi Suite
[2010.09.20 10:01:58 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\OpenOffice.org
[2011.06.14 18:11:07 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Outlook
[2011.04.03 16:48:53 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\PC Suite
[2012.07.29 11:28:54 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\QuickScan
[2012.06.03 00:18:52 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Real
[2012.06.03 00:19:00 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\RealNetworks
[2011.01.06 14:37:49 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Recolored
[2012.06.03 09:29:45 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Samsung
[2010.12.13 18:44:15 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\ScanSoft
[2012.10.07 14:09:28 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Skype
[2012.04.09 20:31:38 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\skypePM
[2010.10.28 14:56:56 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\soft-evolution
[2012.09.17 10:23:30 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\SoftMaker
[2012.08.18 20:34:51 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Sony
[2010.10.29 01:45:32 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\streamripper
[2012.06.03 09:41:32 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Temp
[2010.09.20 09:33:23 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Template
[2010.09.12 23:24:33 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Thunderbird
[2010.12.18 13:25:50 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\TomTom
[2010.12.12 21:19:08 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Uniblue
[2012.09.26 09:24:10 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\vlc
[2012.01.08 00:12:50 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Weather Pulse
[2012.02.24 14:52:39 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\WeatherWatcherLive
[2010.12.26 00:01:52 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Winamp
[2010.10.23 19:53:19 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\WinRAR
[2012.10.10 19:43:04 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Wise Care 365
[2012.09.10 14:08:58 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Yahoo!
 
< %APPDATA%\*.exe /s >
[2011.12.25 23:48:53 | 000,709,568 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\unins000.exe
[2009.08.10 04:15:00 | 000,563,056 | ---- | M] (Avery Dennison Corporation. Envel Informationssysteme GmbH.) -- C:\Users\zr7driver\AppData\Roaming\Avery\Avery Wizard 3.1\AZWizard.exe
[2012.06.21 20:13:57 | 012,697,088 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\convert\convert.exe
[2012.07.25 04:08:10 | 026,909,544 | ---- | M] (Dropbox, Inc.) -- C:\Users\zr7driver\AppData\Roaming\Dropbox\bin\Dropbox.exe
[2012.07.25 04:08:14 | 000,874,424 | ---- | M] (Dropbox, Inc.) -- C:\Users\zr7driver\AppData\Roaming\Dropbox\bin\DropboxUpdateHelper.exe
[2012.07.25 04:08:20 | 000,181,784 | ---- | M] (Dropbox, Inc.) -- C:\Users\zr7driver\AppData\Roaming\Dropbox\bin\Uninstall.exe
[2012.08.18 07:23:58 | 004,907,207 | ---- | M] (Phil Harvey) -- C:\Users\zr7driver\AppData\Roaming\GeoSetter\tools\exiftool(-k).exe
[2010.09.13 12:10:23 | 000,053,248 | R--- | M] (Acresso Software Inc.) -- C:\Users\zr7driver\AppData\Roaming\Microsoft\Installer\{3E8DE1A6-B365-4FF6-B917-2892A34990E8}\ARPPRODUCTICON.exe
[2011.10.01 17:52:52 | 000,137,750 | R--- | M] () -- C:\Users\zr7driver\AppData\Roaming\Microsoft\Installer\{5D5509EA-B85A-411E-AB75-59069A411876}\_6199747583AC94FD011270.exe
[2011.10.01 17:52:52 | 000,137,750 | R--- | M] () -- C:\Users\zr7driver\AppData\Roaming\Microsoft\Installer\{5D5509EA-B85A-411E-AB75-59069A411876}\_7A9B8CB6BE7902E1058674.exe
[2011.10.01 17:52:52 | 000,137,750 | R--- | M] () -- C:\Users\zr7driver\AppData\Roaming\Microsoft\Installer\{5D5509EA-B85A-411E-AB75-59069A411876}\_853F67D554F05449430E7E.exe
[2011.10.01 17:52:52 | 000,010,134 | R--- | M] () -- C:\Users\zr7driver\AppData\Roaming\Microsoft\Installer\{5D5509EA-B85A-411E-AB75-59069A411876}\_9E1C27574C0C6A1F98F273.exe
[2011.01.26 15:58:48 | 000,010,134 | R--- | M] () -- C:\Users\zr7driver\AppData\Roaming\Microsoft\Installer\{77077FFF-8831-470F-9627-E86F06A50CCD}\ARPPRODUCTICON.exe
[2012.04.15 21:34:06 | 000,675,840 | ---- | M] (Maximilian Stangel) -- C:\Users\zr7driver\AppData\Roaming\Microsoft\Windows\Templates\BLT11-12_206.exe
[2011.01.16 11:17:32 | 000,510,120 | ---- | M] (RealNetworks, Inc.) -- C:\Users\zr7driver\AppData\Roaming\Real\Update\setup3.13\setup.exe
[2012.05.30 15:27:54 | 000,315,544 | ---- | M] (RealNetworks, Inc.) -- C:\Users\zr7driver\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\9.11\rnupgagent.exe
[2012.05.30 18:29:03 | 027,381,184 | ---- | M] (RealNetworks, Inc.) -- C:\Users\zr7driver\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\9.11\stub_data\RealPlayer.exe
[2012.05.30 18:28:15 | 000,692,480 | ---- | M] (RealNetworks, Inc.) -- C:\Users\zr7driver\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\9.11\stub_exe\RealPlayer.exe
[2012.05.30 03:17:52 | 000,958,392 | ---- | M] (Samsung) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\Kies.exe
[2012.05.30 03:17:54 | 000,278,968 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\KiesDriverInstaller.exe
[2012.05.23 18:51:18 | 000,318,976 | ---- | M] (Samsung) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\KiesLogger.exe
[2012.05.30 03:17:54 | 003,521,464 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\KiesTrayAgent.exe
[2012.05.23 18:50:32 | 000,180,224 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\DeviceModules\ConnectionManager.exe
[2012.05.23 18:50:32 | 000,321,024 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\DeviceModules\DeviceDataService.exe
[2012.05.30 02:49:14 | 000,721,920 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\DeviceModules\DeviceManager.exe
[2012.05.30 03:18:02 | 000,067,512 | ---- | M] (Samsung) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\DeviceModules\Kies_Tutorial.exe
[2012.05.23 18:50:18 | 000,106,960 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\FirmwareUpdate\AgentInstaller.exe
[2012.05.23 18:50:18 | 000,101,328 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\FirmwareUpdate\AgentUpdate.exe
[2012.05.30 03:18:04 | 000,183,736 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\FirmwareUpdate\BinaryLoaderMgr.exe
[2012.05.30 03:18:06 | 000,021,432 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\FirmwareUpdate\KiesPDLR.exe
[2012.05.30 03:18:08 | 003,570,352 | ---- | M] (Freeware) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\MediaModules\MyFreeCodecPack.exe
[2012.05.23 18:50:02 | 000,221,184 | ---- | M] (ENJsoft corp.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\TransModules\SelfMV.exe
[2012.05.23 18:50:04 | 000,061,440 | ---- | M] (ENJsoft corp.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\TransModules\SelfMV2.exe
[2012.05.30 03:18:10 | 000,371,128 | ---- | M] (ml) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\Updater\Kies.Update.exe
[2012.05.23 18:49:28 | 024,162,120 | ---- | M] (SAMSUNG Electronics Co., Ltd.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\USB Driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe
[2012.08.31 02:52:12 | 000,964,024 | ---- | M] (Samsung) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\Kies.exe
[2012.08.28 03:06:22 | 000,291,840 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\KiesAgent.exe
[2012.08.31 02:52:14 | 000,278,968 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\KiesDriverInstaller.exe
[2012.08.28 03:06:22 | 000,320,512 | ---- | M] (Samsung) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\KiesLogger.exe
[2012.08.31 02:52:14 | 003,524,536 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\KiesTrayAgent.exe
[2012.08.28 03:05:28 | 000,182,784 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\ConnectionManager.exe
[2012.08.28 03:05:28 | 000,322,048 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\DeviceDataService.exe
[2012.08.28 03:05:32 | 000,717,312 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\DeviceManager.exe
[2012.08.31 02:52:18 | 000,067,512 | ---- | M] (Samsung) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\Kies_Tutorial.exe
[2012.08.28 03:05:28 | 000,057,344 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\RegisterCOM.exe
[2012.08.28 03:05:14 | 000,106,960 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\FirmwareUpdate\AgentInstaller.exe
[2012.08.28 03:05:14 | 000,101,328 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\FirmwareUpdate\AgentUpdate.exe
[2012.08.31 02:52:20 | 000,183,736 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\FirmwareUpdate\BinaryLoaderMgr.exe
[2012.08.31 02:52:22 | 000,021,432 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\FirmwareUpdate\KiesPDLR.exe
[2012.08.31 02:52:24 | 003,765,256 | ---- | M] (Freeware) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\MediaModules\MyFreeCodecPack.exe
[2012.08.28 03:05:02 | 000,262,144 | ---- | M] (ENJsoft corp.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\TransModules\SelfMV.exe
[2012.08.28 03:05:02 | 000,090,112 | ---- | M] (ENJsoft corp.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\TransModules\SelfMV2.exe
[2012.08.31 02:52:26 | 000,593,848 | ---- | M] (ml) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\Updater\Kies.Update.exe
[2012.08.28 03:04:28 | 024,177,352 | ---- | M] (SAMSUNG Electronics Co., Ltd.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\USB Driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe
[2012.05.30 03:18:10 | 000,371,128 | ---- | M] (ml) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Temp\Kies.Update.exe
[2012.08.31 02:52:26 | 000,593,848 | ---- | M] (ml) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Updater\Kies.Update.exe
[2012.02.26 12:57:16 | 005,070,960 | ---- | M] (Uniblue Systems Ltd                                        ) -- C:\Users\zr7driver\AppData\Roaming\Uniblue\SystemTweaker\_temp\ub.exe
 
< %SYSTEMDRIVE%\*.exe >
[2010.03.10 18:51:36 | 000,008,904 | ---- | M] (HTC) -- C:\EnterBootloader.exe
[2010.03.10 18:51:36 | 000,175,304 | ---- | M] (HTC) -- C:\rapitool.exe
[2010.03.10 18:51:36 | 000,013,512 | ---- | M] () -- C:\RUUGetInfo.exe
[2010.03.10 18:54:08 | 001,481,928 | ---- | M] (HTC) -- C:\task29.exe
 
< MD5 for: AGP440.SYS  >
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
 
< MD5 for: EVENTLOG.DLL  >
[2010.07.06 12:53:22 | 000,043,520 | ---- | M] (Panasonic Corporation) MD5=536BD91DA54844945AF4971D877692D4 -- C:\Program Files\Panasonic\PHOTOfunSTUDIO 5.2 HD\Core\EventLog\EventLog.dll
[2008.06.06 15:03:52 | 000,007,216 | ---- | M] () MD5=C2A279A458A06DE2C83D842AA042B5A8 -- C:\Program Files\CyberLink\PowerDirector\EventLog.dll
 
< MD5 for: IASTORV.SYS  >
[2011.03.11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\drivers\iaStorV.sys
[2011.03.11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_b0daddb9e6380745\iaStorV.sys
[2011.03.11 07:43:55 | 000,332,160 | ---- | M] (Intel Corporation) MD5=71F1A494FEDF4B33C02C4A6A28D6D9E9 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_aef580fde910b4b0\iaStorV.sys
[2011.03.11 07:28:00 | 000,332,160 | ---- | M] (Intel Corporation) MD5=778D0E6D7D9EBA0C403BADBAAD41DB20 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_b152a892ff64119f\iaStorV.sys
[2009.07.14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys
[2010.11.20 14:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_668286aa35d55928\iaStorV.sys
[2010.11.20 14:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_b118bc63e60a139a\iaStorV.sys
[2011.03.11 07:52:21 | 000,332,160 | ---- | M] (Intel Corporation) MD5=B9039A34C2F8769490DCC494E2402445 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_afae2d45020c148b\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\System32\netlogon.dll
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_ffbf212e963c0162\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2011.03.11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\drivers\nvstor.sys
[2011.03.11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_3ba44e691d6eb11d\nvstor.sys
[2011.03.11 07:44:01 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4520B63899E867F354EE012D34E11536 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_39bef1ad20475e88\nvstor.sys
[2011.03.11 07:28:10 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=66D468654A58594F5F3BA63D5AD5B1AF -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_3c1c1942369abb77\nvstor.sys
[2011.03.11 07:52:25 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=8A7583A3B58D3EEB28BB26626526BC91 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_3a779df43942be63\nvstor.sys
[2010.11.20 14:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.20 14:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvstor.sys
[2009.07.14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys
 
< MD5 for: NVSTOR32.SYS  >
[2009.06.30 17:32:54 | 000,212,000 | ---- | M] (NVIDIA Corporation) MD5=032EF66DD96692AD3A9D36160F467F67 -- C:\Medion\Chipset\Win7Vista32_new_15.46\Win7Vista32\International\IDE\Win7\sata_ide\nvstor32.sys
[2009.06.30 17:32:54 | 000,212,000 | ---- | M] (NVIDIA Corporation) MD5=032EF66DD96692AD3A9D36160F467F67 -- C:\Medion\Chipset\Win7Vista32_new_15.46\Win7Vista32\International\IDE\WinVista\sata_ide\nvstor32.sys
[2009.06.30 17:32:54 | 000,212,000 | ---- | M] (NVIDIA Corporation) MD5=032EF66DD96692AD3A9D36160F467F67 -- C:\Windows\System32\drivers\nvstor32.sys
[2009.06.30 17:32:54 | 000,212,000 | ---- | M] (NVIDIA Corporation) MD5=032EF66DD96692AD3A9D36160F467F67 -- C:\Windows\System32\DriverStore\FileRepository\nvstor32.inf_x86_neutral_68640c3c72cad0af\nvstor32.sys
[2009.06.30 17:33:08 | 000,212,000 | ---- | M] (NVIDIA Corporation) MD5=3A1A03FF72DF7114B35AE0FD6781464D -- C:\Medion\Chipset\Win7Vista32_new_15.46\Win7Vista32\International\IDE\Win7\sataraid\nvstor32.sys
[2009.06.30 17:33:08 | 000,212,000 | ---- | M] (NVIDIA Corporation) MD5=3A1A03FF72DF7114B35AE0FD6781464D -- C:\Medion\Chipset\Win7Vista32_new_15.46\Win7Vista32\International\IDE\WinVista\sataraid\nvstor32.sys
 
< MD5 for: SCECLI.DLL  >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll
 
< MD5 for: USER32.DLL  >
[2009.07.14 03:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=34B7E222E81FAFA885F0C5F2CFA56861 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_cd0ec264ceb014a3\user32.dll
[2010.11.20 14:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\System32\user32.dll
[2010.11.20 14:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_cf3fd62ccb9e983d\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
 
< MD5 for: WININIT.EXE  >
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\System32\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe
 
< MD5 for: WINLOGON.EXE  >
[2009.10.28 08:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009.10.28 07:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2012.09.07 17:04:42 | 000,218,696 | ---- | M] () MD5=4E0D8C9F83B7FD82393F7D8CCC27E7AE -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2010.11.20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010.11.20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009.07.14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2009.07.14 01:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2009.07.14 01:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_4f5cf6f829213bb2\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
[2011.05.01 16:21:48 | 000,353,792 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\dxtmsft.dll
[2011.05.01 16:21:48 | 000,223,232 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\dxtrans.dll
[2009.07.14 03:15:21 | 000,462,848 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\FirewallAPI.dll
 
<          >
[2009.07.14 06:53:46 | 000,032,632 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009.07.14 06:53:47 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2010.09.12 21:18:04 | 000,001,100 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2010.09.12 21:18:05 | 000,001,104 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2010.09.24 14:31:09 | 000,000,322 | ---- | C] () -- C:\Windows\Tasks\GlaryInitialize.job
[2012.03.07 14:21:41 | 000,000,922 | ---- | C] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2688999502-884777346-3256751407-1001Core.job
[2012.03.07 14:21:43 | 000,000,944 | ---- | C] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2688999502-884777346-3256751407-1001UA.job
[2012.03.30 04:45:50 | 000,000,884 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2012.09.28 22:24:17 | 000,000,406 | ---- | C] () -- C:\Windows\Tasks\Wise Care 365.job

< End of report >
Code:
========== Files - Modified Within 30 Days ==========
 
[2012.10.10 19:57:07 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\zr7driver\Desktop\OTL.exe
[2012.10.10 19:49:41 | 000,009,888 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.10.10 19:49:40 | 000,009,888 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.10.10 19:49:11 | 000,707,706 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.10.10 19:49:11 | 000,661,302 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.10.10 19:49:11 | 000,153,192 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.10.10 19:49:11 | 000,125,388 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.10.10 19:41:04 | 000,001,100 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.10.10 19:40:22 | 000,000,322 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job
[2012.10.10 19:40:21 | 000,000,406 | ---- | M] () -- C:\Windows\tasks\Wise Care 365.job
[2012.10.10 19:40:09 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.10.10 19:39:54 | 2616,643,584 | -HS- | M] () -- C:\hiberfil.sys
[2012.10.10 11:33:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.10.10 11:12:00 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.10.10 10:34:00 | 000,000,944 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2688999502-884777346-3256751407-1001UA.job
[2012.10.09 20:32:20 | 000,538,327 | ---- | M] () -- C:\Users\zr7driver\Desktop\adwcleaner.exe
[2012.10.09 15:15:36 | 000,002,326 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012.10.08 22:34:00 | 000,000,922 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2688999502-884777346-3256751407-1001Core.job
[2012.10.07 21:11:37 | 000,002,022 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2012.10.07 01:11:17 | 000,001,089 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.10.01 17:14:23 | 000,134,184 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avipbb.sys
[2012.09.29 16:25:19 | 000,002,739 | ---- | M] () -- C:\Users\Public\Desktop\Steuer 2010.lnk
[2012.09.28 21:41:07 | 000,001,124 | ---- | M] () -- C:\Users\Public\Desktop\Wise Care 365.lnk
[2012.09.27 21:12:55 | 000,010,495 | ---- | M] () -- C:\Users\zr7driver\WaltherR_elster_2048.pfx
[2012.09.24 09:58:11 | 000,036,552 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avkmgr.sys
[2012.09.21 10:58:54 | 000,001,094 | ---- | M] () -- C:\Users\zr7driver\Desktop\Urlaubsplaner 2013 (Version 2.13) - Deutschland.lnk
[2012.09.18 10:15:17 | 000,000,969 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.09.14 12:09:37 | 000,001,900 | ---- | M] () -- C:\Users\Public\Desktop\Steuer-Sparer 2012.lnk
[2012.09.13 10:58:17 | 000,083,792 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avgntflt.sys
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.10.07 10:04:28 | 000,538,327 | ---- | C] () -- C:\Users\zr7driver\Desktop\adwcleaner.exe
[2012.10.07 01:11:17 | 000,001,089 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.10.05 18:50:12 | 000,002,022 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2012.09.29 16:15:52 | 000,002,739 | ---- | C] () -- C:\Users\Public\Desktop\Steuer 2010.lnk
[2012.09.28 22:24:17 | 000,000,406 | ---- | C] () -- C:\Windows\tasks\Wise Care 365.job
[2012.09.28 21:41:07 | 000,001,124 | ---- | C] () -- C:\Users\Public\Desktop\Wise Care 365.lnk
[2012.09.27 21:12:39 | 000,010,495 | ---- | C] () -- C:\Users\zr7driver\WaltherR_elster_2048.pfx
[2012.09.21 10:58:54 | 000,001,094 | ---- | C] () -- C:\Users\zr7driver\Desktop\Urlaubsplaner 2013 (Version 2.13) - Deutschland.lnk
[2012.09.14 12:02:28 | 000,001,900 | ---- | C] () -- C:\Users\Public\Desktop\Steuer-Sparer 2012.lnk
[2012.07.29 10:59:44 | 000,000,017 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\resmon.resmoncfg
[2012.06.17 13:31:23 | 000,001,124 | ---- | C] () -- C:\Users\zr7driver\Unterammergau_2012.itn
[2012.06.17 13:29:59 | 000,023,945 | ---- | C] () -- C:\Users\zr7driver\Unterammergau_2012.kml
[2012.04.09 20:19:46 | 000,002,773 | ---- | C] () -- \ZR7DRIVER-PC.rtf
[2012.03.30 20:40:37 | 000,338,432 | ---- | C] () -- C:\Windows\System32\sqlite36_engine.dll
[2012.03.15 12:19:31 | 002,950,336 | ---- | C] () -- C:\Users\zr7driver\Kony2012_digital_kit.zip
[2012.02.01 05:41:45 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{4A4B9D26-AA08-4479-8413-EC94C1495FEA}
[2012.01.31 19:15:44 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2012.01.31 19:15:42 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2012.01.31 19:15:42 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2012.01.31 19:15:42 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2012.01.31 19:15:42 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
[2012.01.13 20:08:12 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{3ADCD066-1845-4420-813A-0152E185A562}
[2011.12.30 10:50:01 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{0766FBBE-1B10-4D18-B8FD-7921451DF9C6}
[2011.12.26 13:04:07 | 000,451,072 | ---- | C] () -- C:\Windows\System32\ISSRemoveSP.exe
[2011.12.25 23:49:46 | 000,110,080 | ---- | C] () -- C:\Windows\System32\advd.dll
[2011.12.25 23:49:46 | 000,023,040 | ---- | C] () -- C:\Windows\System32\auth.dll
[2011.12.25 23:49:44 | 000,559,104 | ---- | C] () -- C:\Windows\System32\lame.exe
[2011.12.25 23:49:44 | 000,237,568 | ---- | C] () -- C:\Windows\System32\lame_enc.dll
[2011.12.23 10:50:00 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{1C4F85BF-C25C-40D8-9072-C915C7610CF0}
[2011.12.23 10:02:20 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{DC88FA66-C4A7-4165-B3C1-62F961889D2F}
[2011.12.23 05:42:16 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{753738CE-CC9E-43C5-A535-266989FB1EB0}
[2011.12.22 21:15:10 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{56518DCC-6EA3-475B-8402-DCD2DBC03511}
[2011.12.22 10:50:00 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{CEC58609-76D2-4EA6-9531-7C3AA9E59D4E}
[2011.12.22 09:58:41 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{75C3B094-F8E5-49A6-B3F7-6EE5EC9B06A9}
[2011.12.13 10:50:01 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{36A7198A-B63C-4ED1-8E79-D6E1A01847BA}
[2011.12.13 10:04:48 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{43A6C6E7-5102-4D08-B831-D9FF396BBB74}
[2011.12.12 10:50:02 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{E93FDF79-0B6E-40E7-ACBB-3E68917B158A}
[2011.12.08 10:08:03 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{A4AFC9A3-D672-44ED-982A-467C3938BFE7}
[2011.12.07 09:54:52 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{E9BBF441-1A49-47C7-A653-236B5B3BBFA1}
[2011.12.04 07:22:12 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{AE7A2FF6-BC86-4981-A1CC-55430DF54232}
[2011.12.02 10:04:51 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{5CE40A7C-C86D-4574-AA9B-81AF3B3984FF}
[2011.12.01 21:19:21 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{A67ACE38-ADEE-449A-86E7-909D2DBA9B23}
[2011.12.01 10:06:14 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{A795E345-7B05-4BC3-80F5-8E145C4EDBA5}
[2011.11.30 21:01:54 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{46D14579-E7ED-4468-A4A1-010E6903B9D6}
[2011.11.29 10:50:01 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{15BAC503-F22F-4409-A44E-3EF0670584FA}
[2011.11.29 10:03:41 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{759C9C24-C460-4D61-9460-1EBF1E7E2F7F}
[2011.11.29 05:39:30 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{4D4D9BF3-9AC9-4895-9352-F90DC35855A6}
[2011.11.25 19:49:49 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{A36FD9B9-77B7-4AA3-88CD-916BA7ED3164}
[2011.11.23 19:32:37 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{0BF97707-9995-4474-AA26-C1B7A09F2755}
[2011.11.20 12:36:06 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{9A3933A9-ABB4-4DD1-BDF9-EE9E60064BA0}
[2011.11.14 11:03:11 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{D09CB122-FADC-444C-8947-C71A91EABD81}
[2011.11.14 10:50:03 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{60914264-77B5-4DF5-97B5-7C0FF0508A66}
[2011.10.10 11:33:41 | 000,000,097 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\fusioncache.dat
[2011.06.17 00:36:07 | 005,406,987 | ---- | C] () -- \RUU_signed.nbh
[2011.06.17 00:36:07 | 001,481,928 | ---- | C] () -- \task29.exe
[2011.06.17 00:36:07 | 001,449,160 | ---- | C] () -- \RUUResource.dll
[2011.06.17 00:36:07 | 000,213,864 | ---- | C] () -- \ModelID.fig
[2011.06.17 00:36:07 | 000,175,304 | ---- | C] () -- \rapitool.exe
[2011.06.17 00:36:07 | 000,141,368 | ---- | C] () -- \ErrorUSB.fig
[2011.06.17 00:36:07 | 000,095,552 | ---- | C] () -- \ErrorBattery.fig
[2011.06.17 00:36:07 | 000,013,512 | ---- | C] () -- \RUUGetInfo.exe
[2011.06.17 00:36:07 | 000,008,904 | ---- | C] () -- \EnterBootloader.exe
[2011.06.17 00:36:07 | 000,000,013 | ---- | C] () -- \ROMUpdateUtility.cfg
[2011.06.10 06:34:52 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2011.06.03 22:46:09 | 000,000,518 | ---- | C] () -- C:\Windows\wininit.ini
[2011.04.27 10:40:07 | 000,000,064 | ---- | C] () -- C:\Windows\System32\rp_stats.dat
[2011.04.27 10:40:07 | 000,000,044 | ---- | C] () -- C:\Windows\System32\rp_rules.dat
[2011.01.21 23:30:49 | 000,000,102 | ---- | C] () -- \qehjlhawlh
[2011.01.18 20:57:44 | 000,000,862 | ---- | C] () -- C:\Users\zr7driver\.recently-used.xbel
[2011.01.08 12:02:39 | 000,001,117 | ---- | C] () -- C:\Users\zr7driver\Dokumente - Verknüpfung.lnk
[2011.01.04 21:05:23 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll
[2010.12.26 00:18:10 | 000,000,064 | ---- | C] () -- C:\ProgramData\sandra.ldb
[2010.12.26 00:14:22 | 010,960,896 | ---- | C] () -- C:\ProgramData\sandra.mda
[2010.11.16 21:01:57 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
[2010.11.16 21:01:56 | 000,111,932 | ---- | C] () -- C:\Windows\System32\EPPICPrinterDB.dat
[2010.11.16 21:01:56 | 000,031,053 | ---- | C] () -- C:\Windows\System32\EPPICPattern131.dat
[2010.11.16 21:01:56 | 000,027,417 | ---- | C] () -- C:\Windows\System32\EPPICPattern121.dat
[2010.11.16 21:01:56 | 000,026,154 | ---- | C] () -- C:\Windows\System32\EPPICPattern1.dat
[2010.11.16 21:01:56 | 000,024,903 | ---- | C] () -- C:\Windows\System32\EPPICPattern3.dat
[2010.11.16 21:01:56 | 000,021,390 | ---- | C] () -- C:\Windows\System32\EPPICPattern5.dat
[2010.11.16 21:01:56 | 000,020,148 | ---- | C] () -- C:\Windows\System32\EPPICPattern2.dat
[2010.11.16 21:01:56 | 000,011,811 | ---- | C] () -- C:\Windows\System32\EPPICPattern4.dat
[2010.11.16 21:01:56 | 000,004,943 | ---- | C] () -- C:\Windows\System32\EPPICPattern6.dat
[2010.11.16 21:01:56 | 000,001,146 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_DU.dat
[2010.11.16 21:01:56 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_PT.dat
[2010.11.16 21:01:56 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_BP.dat
[2010.11.16 21:01:56 | 000,001,136 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_ES.dat
[2010.11.16 21:01:56 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_FR.dat
[2010.11.16 21:01:56 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_CF.dat
[2010.11.16 21:01:56 | 000,001,120 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_IT.dat
[2010.11.16 21:01:56 | 000,001,107 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_GE.dat
[2010.11.16 21:01:56 | 000,001,104 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_EN.dat
[2010.10.28 13:24:13 | 000,015,873 | ---- | C] () -- C:\Windows\System32\Inetde.dll
[2010.10.03 22:23:13 | 001,140,638 | ---- | C] () -- C:\Users\zr7driver\Backup LG GT540 Optimus 03.10.2010.mpb
[2010.10.02 22:02:25 | 000,000,360 | -H-- | C] () -- \IPH.PH
[2010.09.24 13:26:13 | 000,050,688 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.09.12 11:27:22 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.09.10 14:15:23 | 2616,643,584 | -HS- | C] () -- \hiberfil.sys
[2010.02.15 15:31:27 | 000,000,000 | RHS- | C] () -- \MSDOS.SYS
[2010.02.15 15:31:27 | 000,000,000 | RHS- | C] () -- \IO.SYS
[2009.07.14 04:04:04 | 000,000,024 | ---- | C] () -- \autoexec.bat
[2009.07.14 04:04:04 | 000,000,010 | ---- | C] () -- \config.sys
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2010.09.10 14:23:37 | 000,000,000 | -H-D | M] -- C:\Users\Administrator\AppData
[2012.09.14 12:05:54 | 000,000,000 | ---D | M] -- C:\Users\All Users\AAV
[2012.06.21 22:54:33 | 000,000,000 | ---D | M] -- C:\Users\All Users\Acronis
[2010.10.02 22:02:57 | 000,000,000 | ---D | M] -- C:\Users\All Users\AIM
[2010.09.10 14:33:24 | 000,000,000 | ---D | M] -- C:\Users\All Users\ALDI Sued Foto Service
[2010.02.15 19:14:06 | 000,000,000 | ---D | M] -- C:\Users\All Users\Aldi Sued Fotoservice
[2010.09.10 14:23:35 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Anwendungsdaten
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Application Data
[2010.02.04 10:24:04 | 000,000,000 | ---D | M] -- C:\Users\All Users\Applications
[2010.10.01 09:50:45 | 000,000,000 | ---D | M] -- C:\Users\All Users\ashampoo
[2010.10.28 14:22:41 | 000,000,000 | ---D | M] -- C:\Users\All Users\Avanquest
[2011.12.13 12:33:25 | 000,000,000 | ---D | M] -- C:\Users\All Users\AVAST Software
[2011.01.21 23:14:26 | 000,000,000 | ---D | M] -- C:\Users\All Users\Avery
[2012.05.01 17:04:55 | 000,000,000 | ---D | M] -- C:\Users\All Users\AVG2012
[2011.03.20 19:35:07 | 000,000,000 | ---D | M] -- C:\Users\All Users\Badoo
[2011.11.13 13:13:35 | 000,000,000 | ---D | M] -- C:\Users\All Users\BlueStacks
[2010.09.11 13:32:20 | 000,000,000 | ---D | M] -- C:\Users\All Users\Bluetooth
[2010.09.10 14:38:52 | 000,000,000 | ---D | M] -- C:\Users\All Users\BullGuard
[2011.01.21 23:25:01 | 000,000,000 | ---D | M] -- C:\Users\All Users\CAM Development
[2012.07.06 11:12:42 | 000,000,000 | ---D | M] -- C:\Users\All Users\Canneverbe Limited
[2010.12.21 18:54:57 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CanonBJ
[2010.12.21 19:18:51 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CanonEPP
[2011.01.06 12:49:01 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CanonIJEGV
[2010.12.21 19:20:52 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CanonIJEPPEX
[2010.12.21 19:18:51 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CanonIJEPPEX2
[2010.12.21 18:59:24 | 000,000,000 | ---D | M] -- C:\Users\All Users\CanonIJMSetup
[2010.12.21 19:18:50 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CanonIJMyPrinter
[2012.10.01 04:30:00 | 000,000,000 | ---D | M] -- C:\Users\All Users\CanonIJPLM
[2010.12.21 19:18:54 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CanonIJSolutionMenuEX
[2010.12.21 18:57:38 | 000,000,000 | ---D | M] -- C:\Users\All Users\CanonIJWSpt
[2011.12.13 12:28:15 | 000,000,000 | ---D | M] -- C:\Users\All Users\CheckPoint
[2012.04.06 22:36:51 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Common Files
[2011.05.27 20:42:55 | 000,000,000 | ---D | M] -- C:\Users\All Users\Das Fussball Studio
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Desktop
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Documents
[2010.09.10 14:23:35 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Dokumente
[2010.09.24 15:06:46 | 000,000,000 | ---D | M] -- C:\Users\All Users\Electronic Arts
[2010.09.10 14:23:35 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Favoriten
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Favorites
[2012.05.30 15:31:55 | 000,000,000 | ---D | M] -- C:\Users\All Users\GFI Software
[2011.09.02 19:02:18 | 000,000,000 | ---D | M] -- C:\Users\All Users\ICQ
[2011.02.03 11:43:08 | 000,000,000 | ---D | M] -- C:\Users\All Users\Installations
[2010.09.14 20:54:50 | 000,000,000 | ---D | M] -- C:\Users\All Users\ISDNWatch
[2011.09.18 13:50:27 | 000,000,000 | ---D | M] -- C:\Users\All Users\Kaspersky SDK
[2012.09.29 16:20:15 | 000,000,000 | ---D | M] -- C:\Users\All Users\Lexware
[2012.08.06 17:35:58 | 000,000,000 | ---D | M] -- C:\Users\All Users\LGMOBILEAX
[2011.12.26 00:31:42 | 000,000,000 | ---D | M] -- C:\Users\All Users\MAGIX
[2010.10.01 09:34:33 | 000,000,000 | ---D | M] -- C:\Users\All Users\Magix Shared
[2012.07.04 11:21:23 | 000,000,000 | ---D | M] -- C:\Users\All Users\Motorola
[2011.02.03 11:45:44 | 000,000,000 | ---D | M] -- C:\Users\All Users\Nokia
[2011.05.22 21:27:49 | 000,000,000 | ---D | M] -- C:\Users\All Users\NokiaAccount
[2011.02.03 11:35:56 | 000,000,000 | ---D | M] -- C:\Users\All Users\NokiaInstallerCache
[2010.10.28 09:33:37 | 000,000,000 | ---D | M] -- C:\Users\All Users\OO Software
[2010.11.17 23:21:04 | 000,000,000 | ---D | M] -- C:\Users\All Users\Panasonic
[2011.02.03 20:58:50 | 000,000,000 | ---D | M] -- C:\Users\All Users\PC Suite
[2010.10.28 14:56:56 | 000,000,000 | ---D | M] -- C:\Users\All Users\PimeroUpdater
[2011.09.25 19:24:16 | 000,000,000 | ---D | M] -- C:\Users\All Users\RapidSolution
[2012.06.03 09:31:13 | 000,000,000 | ---D | M] -- C:\Users\All Users\Samsung
[2010.09.14 09:30:30 | 000,000,000 | ---D | M] -- C:\Users\All Users\ScanSoft
[2010.10.28 14:56:56 | 000,000,000 | ---D | M] -- C:\Users\All Users\soft-evolution
[2012.08.17 13:24:08 | 000,000,000 | ---D | M] -- C:\Users\All Users\Sony
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Start Menu
[2010.09.10 14:23:35 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Startmenü
[2010.09.24 14:39:57 | 000,000,000 | ---D | M] -- C:\Users\All Users\T-Online
[2012.06.05 16:48:09 | 000,000,000 | ---D | M] -- C:\Users\All Users\Temp
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Templates
[2010.12.18 13:26:06 | 000,000,000 | ---D | M] -- C:\Users\All Users\TomTom
[2010.12.12 21:06:36 | 000,000,000 | ---D | M] -- C:\Users\All Users\Uniblue
[2010.09.10 14:23:35 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Vorlagen
[2010.09.10 14:23:35 | 000,000,000 | -HSD | M] -- C:\Users\Default\Anwendungsdaten
[2009.07.14 04:37:05 | 000,000,000 | -H-D | M] -- C:\Users\Default\AppData
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\Default\Application Data
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\Default\Cookies
[2009.07.14 04:04:25 | 000,000,000 | R--D | M] -- C:\Users\Default\Desktop
[2010.09.10 14:23:35 | 000,000,000 | R--D | M] -- C:\Users\Default\Documents
[2009.07.14 04:04:25 | 000,000,000 | R--D | M] -- C:\Users\Default\Downloads
[2010.09.10 14:23:35 | 000,000,000 | -HSD | M] -- C:\Users\Default\Druckumgebung
[2010.09.10 14:23:35 | 000,000,000 | -HSD | M] -- C:\Users\Default\Eigene Dateien
[2010.02.15 14:08:00 | 000,000,000 | R--D | M] -- C:\Users\Default\Favorites
[2009.07.14 04:04:25 | 000,000,000 | R--D | M] -- C:\Users\Default\Links
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\Default\Local Settings
[2010.09.10 14:23:35 | 000,000,000 | -HSD | M] -- C:\Users\Default\Lokale Einstellungen
[2009.07.14 04:04:25 | 000,000,000 | R--D | M] -- C:\Users\Default\Music
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\Default\My Documents
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\Default\NetHood
[2010.09.10 14:23:35 | 000,000,000 | -HSD | M] -- C:\Users\Default\Netzwerkumgebung
[2009.07.14 04:04:25 | 000,000,000 | R--D | M] -- C:\Users\Default\Pictures
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\Default\PrintHood
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\Default\Recent
[2009.07.14 04:04:25 | 000,000,000 | ---D | M] -- C:\Users\Default\Saved Games
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\Default\SendTo
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\Default\Start Menu
[2010.09.10 14:23:35 | 000,000,000 | -HSD | M] -- C:\Users\Default\Startmenü
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\Default\Templates
[2009.07.14 04:04:25 | 000,000,000 | R--D | M] -- C:\Users\Default\Videos
[2010.09.10 14:23:35 | 000,000,000 | -HSD | M] -- C:\Users\Default\Vorlagen
[2012.10.07 21:11:37 | 000,000,000 | RH-D | M] -- C:\Users\Public\Desktop
[2012.05.01 18:01:42 | 000,000,000 | R--D | M] -- C:\Users\Public\Documents
[2009.07.14 06:41:57 | 000,000,000 | R--D | M] -- C:\Users\Public\Downloads
[2009.07.14 04:04:25 | 000,000,000 | RH-D | M] -- C:\Users\Public\Favorites
[2010.09.10 14:23:36 | 000,000,000 | RH-D | M] -- C:\Users\Public\Libraries
[2009.07.14 06:41:57 | 000,000,000 | R--D | M] -- C:\Users\Public\Music
[2010.11.28 10:51:32 | 000,000,000 | R--D | M] -- C:\Users\Public\Pictures
[2010.09.11 11:34:19 | 000,000,000 | R--D | M] -- C:\Users\Public\Recorded TV
[2012.08.21 14:05:30 | 000,000,000 | R--D | M] -- C:\Users\Public\Videos
[2011.01.18 21:04:39 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\.gimp-2.6
[2012.08.16 14:37:17 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\.hgt
[2011.05.29 10:38:53 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\.jordan
[2012.08.11 19:06:48 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\.swt
[2011.01.18 20:57:41 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\.thumbnails
[2010.09.10 14:23:51 | 000,000,000 | -HSD | M] -- C:\Users\zr7driver\Anwendungsdaten
[2010.09.10 14:23:51 | 000,000,000 | -H-D | M] -- C:\Users\zr7driver\AppData
[2010.09.11 13:57:02 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\Application Data
[2012.07.12 18:50:21 | 000,000,000 | R--D | M] -- C:\Users\zr7driver\Contacts
[2010.09.10 14:23:51 | 000,000,000 | -HSD | M] -- C:\Users\zr7driver\Cookies
[2012.10.10 19:57:03 | 000,000,000 | R--D | M] -- C:\Users\zr7driver\Desktop
[2012.09.29 16:08:53 | 000,000,000 | R--D | M] -- C:\Users\zr7driver\Documents
[2012.10.09 18:56:03 | 000,000,000 | R--D | M] -- C:\Users\zr7driver\Downloads
[2012.10.10 19:41:56 | 000,000,000 | R--D | M] -- C:\Users\zr7driver\Dropbox
[2010.09.10 14:23:51 | 000,000,000 | -HSD | M] -- C:\Users\zr7driver\Druckumgebung
[2010.09.10 14:23:51 | 000,000,000 | -HSD | M] -- C:\Users\zr7driver\Eigene Dateien
[2012.08.11 19:12:29 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\Eigene Routen
[2012.07.28 18:43:44 | 000,000,000 | R--D | M] -- C:\Users\zr7driver\Favorites
[2012.03.05 14:54:22 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\Handy
[2012.08.26 18:19:27 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\IGO
[2012.08.03 21:41:35 | 000,000,000 | R--D | M] -- C:\Users\zr7driver\Links
[2010.09.10 14:23:51 | 000,000,000 | -HSD | M] -- C:\Users\zr7driver\Lokale Einstellungen
[2012.10.09 09:02:41 | 000,000,000 | R--D | M] -- C:\Users\zr7driver\Music
[2010.09.10 14:23:51 | 000,000,000 | -HSD | M] -- C:\Users\zr7driver\Netzwerkumgebung
[2012.06.17 13:28:52 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\Neuer Ordner
[2012.06.17 13:29:08 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\Neuer Ordner (2)
[2012.06.17 13:29:52 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\Neuer Ordner (3)
[2012.10.02 19:47:04 | 000,000,000 | R--D | M] -- C:\Users\zr7driver\Pictures
[2012.08.20 17:46:18 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\Podcasts
[2010.09.10 14:23:51 | 000,000,000 | -HSD | M] -- C:\Users\zr7driver\Recent
[2012.07.12 18:50:22 | 000,000,000 | R--D | M] -- C:\Users\zr7driver\Saved Games
[2012.10.07 20:39:51 | 000,000,000 | R--D | M] -- C:\Users\zr7driver\Searches
[2010.09.10 14:23:51 | 000,000,000 | -HSD | M] -- C:\Users\zr7driver\SendTo
[2010.09.10 14:23:51 | 000,000,000 | -HSD | M] -- C:\Users\zr7driver\Startmenü
[2010.12.26 00:01:52 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\Tracing
[2012.09.30 13:51:29 | 000,000,000 | R--D | M] -- C:\Users\zr7driver\Videos
[2010.09.10 14:23:51 | 000,000,000 | -HSD | M] -- C:\Users\zr7driver\Vorlagen
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2010.10.28 14:18:49 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\A-Z Technology
[2010.10.02 22:04:10 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\acccore
[2012.05.30 09:44:14 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Ad-Aware Antivirus
[2011.06.13 19:49:33 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Adobe
[2010.12.16 21:21:27 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\ALK Technologies
[2011.09.09 13:46:44 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Amazon
[2011.10.29 09:06:40 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Apple Computer
[2012.05.26 21:04:40 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Ashampoo
[2012.08.11 11:42:43 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Audacity
[2011.01.26 15:58:44 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Avery
[2012.05.01 16:29:09 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\AVG2012
[2012.10.05 18:56:32 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Avira
[2010.12.04 14:50:24 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\BOM
[2012.07.06 11:12:41 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Canneverbe Limited
[2012.01.23 06:15:42 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Canon
[2010.12.21 19:26:56 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\CD-LabelPrint
[2011.06.04 13:50:55 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\CheckPoint
[2010.09.19 14:50:38 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Chilirec
[2011.09.02 19:03:03 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\COMPUTERBILD-Abzockschutz
[2012.06.03 00:15:44 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\concept design
[2012.06.21 20:11:09 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\convert
[2010.11.27 12:27:16 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Cool Record Edit Pro
[2010.11.19 12:08:31 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Corel
[2010.11.13 22:23:11 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\CyberLink
[2012.10.10 19:41:59 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Dropbox
[2010.09.11 21:55:53 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.10.23 11:56:56 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\FastStone
[2010.10.23 18:03:47 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\FinalTorrent
[2010.11.05 10:08:17 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Fixit-E28F99E6-6133-4824-AECC-4D2FB1701F0B
[2010.12.12 20:59:56 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\foobar2000
[2011.12.25 23:51:12 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Franzis
[2010.11.27 11:25:32 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Free Sound Recorder 2010
[2010.10.28 11:45:39 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\FreeCommander
[2012.10.10 12:09:45 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\FRITZ!
[2010.09.14 20:54:50 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\FRITZ!fax für FRITZ!Box
[2012.06.03 20:12:55 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Geek Uninstaller
[2012.08.23 18:51:08 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\GeoSetter
[2011.01.21 23:12:47 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\GetRightToGo
[2010.09.24 14:52:19 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\GlarySoft
[2011.01.18 20:57:44 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\gtk-2.0
[2012.07.18 09:51:28 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\HTC
[2011.06.13 19:56:38 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1
[2012.05.29 16:30:38 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\ICQ
[2010.09.10 14:24:11 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Identities
[2010.11.16 21:01:55 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\InstallShield
[2012.07.28 18:43:35 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\IObit
[2012.07.12 11:53:07 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\IrfanView
[2012.06.05 16:42:29 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\iSpy
[2012.09.29 16:19:37 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Lexware
[2010.09.13 11:15:13 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\LG Electronics
[2010.09.10 14:47:37 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Macromedia
[2011.12.26 15:19:54 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\MAGIX
[2012.04.06 22:14:51 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Malwarebytes
[2010.10.28 14:25:13 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Marine Aquarium 3
[2009.07.14 10:56:41 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Media Center Programs
[2012.04.09 20:31:48 | 000,000,000 | --SD | M] -- C:\Users\zr7driver\AppData\Roaming\Microsoft
[2011.06.04 09:41:15 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Miranda
[2011.05.01 19:40:34 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Miranda Fusion
[2011.12.16 20:49:54 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\motorola
[2012.07.04 10:14:43 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Motorola Mobility
[2010.09.12 23:24:34 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Mozilla
[2012.06.10 17:56:08 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\MyPhoneExplorer
[2011.10.23 12:38:31 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\NCH Software
[2010.09.24 15:28:50 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Need for Speed World
[2012.10.10 20:14:45 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\NetSpeedMonitor
[2011.02.03 11:47:02 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Nokia
[2011.02.03 11:47:05 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Nokia Ovi Suite
[2010.09.20 10:01:58 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\OpenOffice.org
[2011.06.14 18:11:07 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Outlook
[2011.04.03 16:48:53 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\PC Suite
[2012.07.29 11:28:54 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\QuickScan
[2012.06.03 00:18:52 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Real
[2012.06.03 00:19:00 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\RealNetworks
[2011.01.06 14:37:49 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Recolored
[2012.06.03 09:29:45 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Samsung
[2010.12.13 18:44:15 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\ScanSoft
[2012.10.07 14:09:28 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Skype
[2012.04.09 20:31:38 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\skypePM
[2010.10.28 14:56:56 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\soft-evolution
[2012.09.17 10:23:30 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\SoftMaker
[2012.08.18 20:34:51 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Sony
[2010.10.29 01:45:32 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\streamripper
[2012.06.03 09:41:32 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Temp
[2010.09.20 09:33:23 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Template
[2010.09.12 23:24:33 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Thunderbird
[2010.12.18 13:25:50 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\TomTom
[2010.12.12 21:19:08 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Uniblue
[2012.09.26 09:24:10 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\vlc
[2012.01.08 00:12:50 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Weather Pulse
[2012.02.24 14:52:39 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\WeatherWatcherLive
[2010.12.26 00:01:52 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Winamp
[2010.10.23 19:53:19 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\WinRAR
[2012.10.10 19:43:04 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Wise Care 365
[2012.09.10 14:08:58 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Yahoo!
 
< %APPDATA%\*.exe /s >
[2011.12.25 23:48:53 | 000,709,568 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\unins000.exe
[2009.08.10 04:15:00 | 000,563,056 | ---- | M] (Avery Dennison Corporation. Envel Informationssysteme GmbH.) -- C:\Users\zr7driver\AppData\Roaming\Avery\Avery Wizard 3.1\AZWizard.exe
[2012.06.21 20:13:57 | 012,697,088 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\convert\convert.exe
[2012.07.25 04:08:10 | 026,909,544 | ---- | M] (Dropbox, Inc.) -- C:\Users\zr7driver\AppData\Roaming\Dropbox\bin\Dropbox.exe
[2012.07.25 04:08:14 | 000,874,424 | ---- | M] (Dropbox, Inc.) -- C:\Users\zr7driver\AppData\Roaming\Dropbox\bin\DropboxUpdateHelper.exe
[2012.07.25 04:08:20 | 000,181,784 | ---- | M] (Dropbox, Inc.) -- C:\Users\zr7driver\AppData\Roaming\Dropbox\bin\Uninstall.exe
[2012.08.18 07:23:58 | 004,907,207 | ---- | M] (Phil Harvey) -- C:\Users\zr7driver\AppData\Roaming\GeoSetter\tools\exiftool(-k).exe
[2010.09.13 12:10:23 | 000,053,248 | R--- | M] (Acresso Software Inc.) -- C:\Users\zr7driver\AppData\Roaming\Microsoft\Installer\{3E8DE1A6-B365-4FF6-B917-2892A34990E8}\ARPPRODUCTICON.exe
[2011.10.01 17:52:52 | 000,137,750 | R--- | M] () -- C:\Users\zr7driver\AppData\Roaming\Microsoft\Installer\{5D5509EA-B85A-411E-AB75-59069A411876}\_6199747583AC94FD011270.exe
[2011.10.01 17:52:52 | 000,137,750 | R--- | M] () -- C:\Users\zr7driver\AppData\Roaming\Microsoft\Installer\{5D5509EA-B85A-411E-AB75-59069A411876}\_7A9B8CB6BE7902E1058674.exe
[2011.10.01 17:52:52 | 000,137,750 | R--- | M] () -- C:\Users\zr7driver\AppData\Roaming\Microsoft\Installer\{5D5509EA-B85A-411E-AB75-59069A411876}\_853F67D554F05449430E7E.exe
[2011.10.01 17:52:52 | 000,010,134 | R--- | M] () -- C:\Users\zr7driver\AppData\Roaming\Microsoft\Installer\{5D5509EA-B85A-411E-AB75-59069A411876}\_9E1C27574C0C6A1F98F273.exe
[2011.01.26 15:58:48 | 000,010,134 | R--- | M] () -- C:\Users\zr7driver\AppData\Roaming\Microsoft\Installer\{77077FFF-8831-470F-9627-E86F06A50CCD}\ARPPRODUCTICON.exe
[2012.04.15 21:34:06 | 000,675,840 | ---- | M] (Maximilian Stangel) -- C:\Users\zr7driver\AppData\Roaming\Microsoft\Windows\Templates\BLT11-12_206.exe
[2011.01.16 11:17:32 | 000,510,120 | ---- | M] (RealNetworks, Inc.) -- C:\Users\zr7driver\AppData\Roaming\Real\Update\setup3.13\setup.exe
[2012.05.30 15:27:54 | 000,315,544 | ---- | M] (RealNetworks, Inc.) -- C:\Users\zr7driver\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\9.11\rnupgagent.exe
[2012.05.30 18:29:03 | 027,381,184 | ---- | M] (RealNetworks, Inc.) -- C:\Users\zr7driver\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\9.11\stub_data\RealPlayer.exe
[2012.05.30 18:28:15 | 000,692,480 | ---- | M] (RealNetworks, Inc.) -- C:\Users\zr7driver\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\9.11\stub_exe\RealPlayer.exe
[2012.05.30 03:17:52 | 000,958,392 | ---- | M] (Samsung) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\Kies.exe
[2012.05.30 03:17:54 | 000,278,968 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\KiesDriverInstaller.exe
[2012.05.23 18:51:18 | 000,318,976 | ---- | M] (Samsung) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\KiesLogger.exe
[2012.05.30 03:17:54 | 003,521,464 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\KiesTrayAgent.exe
[2012.05.23 18:50:32 | 000,180,224 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\DeviceModules\ConnectionManager.exe
[2012.05.23 18:50:32 | 000,321,024 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\DeviceModules\DeviceDataService.exe
[2012.05.30 02:49:14 | 000,721,920 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\DeviceModules\DeviceManager.exe
[2012.05.30 03:18:02 | 000,067,512 | ---- | M] (Samsung) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\DeviceModules\Kies_Tutorial.exe
[2012.05.23 18:50:18 | 000,106,960 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\FirmwareUpdate\AgentInstaller.exe
[2012.05.23 18:50:18 | 000,101,328 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\FirmwareUpdate\AgentUpdate.exe
[2012.05.30 03:18:04 | 000,183,736 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\FirmwareUpdate\BinaryLoaderMgr.exe
[2012.05.30 03:18:06 | 000,021,432 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\FirmwareUpdate\KiesPDLR.exe
[2012.05.30 03:18:08 | 003,570,352 | ---- | M] (Freeware) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\MediaModules\MyFreeCodecPack.exe
[2012.05.23 18:50:02 | 000,221,184 | ---- | M] (ENJsoft corp.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\TransModules\SelfMV.exe
[2012.05.23 18:50:04 | 000,061,440 | ---- | M] (ENJsoft corp.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\TransModules\SelfMV2.exe
[2012.05.30 03:18:10 | 000,371,128 | ---- | M] (ml) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\Updater\Kies.Update.exe
[2012.05.23 18:49:28 | 024,162,120 | ---- | M] (SAMSUNG Electronics Co., Ltd.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\USB Driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe
[2012.08.31 02:52:12 | 000,964,024 | ---- | M] (Samsung) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\Kies.exe
[2012.08.28 03:06:22 | 000,291,840 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\KiesAgent.exe
[2012.08.31 02:52:14 | 000,278,968 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\KiesDriverInstaller.exe
[2012.08.28 03:06:22 | 000,320,512 | ---- | M] (Samsung) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\KiesLogger.exe
[2012.08.31 02:52:14 | 003,524,536 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\KiesTrayAgent.exe
[2012.08.28 03:05:28 | 000,182,784 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\ConnectionManager.exe
[2012.08.28 03:05:28 | 000,322,048 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\DeviceDataService.exe
[2012.08.28 03:05:32 | 000,717,312 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\DeviceManager.exe
[2012.08.31 02:52:18 | 000,067,512 | ---- | M] (Samsung) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\Kies_Tutorial.exe
[2012.08.28 03:05:28 | 000,057,344 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\RegisterCOM.exe
[2012.08.28 03:05:14 | 000,106,960 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\FirmwareUpdate\AgentInstaller.exe
[2012.08.28 03:05:14 | 000,101,328 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\FirmwareUpdate\AgentUpdate.exe
[2012.08.31 02:52:20 | 000,183,736 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\FirmwareUpdate\BinaryLoaderMgr.exe
[2012.08.31 02:52:22 | 000,021,432 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\FirmwareUpdate\KiesPDLR.exe
[2012.08.31 02:52:24 | 003,765,256 | ---- | M] (Freeware) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\MediaModules\MyFreeCodecPack.exe
[2012.08.28 03:05:02 | 000,262,144 | ---- | M] (ENJsoft corp.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\TransModules\SelfMV.exe
[2012.08.28 03:05:02 | 000,090,112 | ---- | M] (ENJsoft corp.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\TransModules\SelfMV2.exe
[2012.08.31 02:52:26 | 000,593,848 | ---- | M] (ml) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\Updater\Kies.Update.exe
[2012.08.28 03:04:28 | 024,177,352 | ---- | M] (SAMSUNG Electronics Co., Ltd.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\USB Driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe
[2012.05.30 03:18:10 | 000,371,128 | ---- | M] (ml) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Temp\Kies.Update.exe
[2012.08.31 02:52:26 | 000,593,848 | ---- | M] (ml) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Updater\Kies.Update.exe
[2012.02.26 12:57:16 | 005,070,960 | ---- | M] (Uniblue Systems Ltd                                        ) -- C:\Users\zr7driver\AppData\Roaming\Uniblue\SystemTweaker\_temp\ub.exe
 
< %SYSTEMDRIVE%\*.exe >
[2010.03.10 18:51:36 | 000,008,904 | ---- | M] (HTC) -- C:\EnterBootloader.exe
[2010.03.10 18:51:36 | 000,175,304 | ---- | M] (HTC) -- C:\rapitool.exe
[2010.03.10 18:51:36 | 000,013,512 | ---- | M] () -- C:\RUUGetInfo.exe
[2010.03.10 18:54:08 | 001,481,928 | ---- | M] (HTC) -- C:\task29.exe
 
< MD5 for: AGP440.SYS  >
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
 
< MD5 for: EVENTLOG.DLL  >
[2010.07.06 12:53:22 | 000,043,520 | ---- | M] (Panasonic Corporation) MD5=536BD91DA54844945AF4971D877692D4 -- C:\Program Files\Panasonic\PHOTOfunSTUDIO 5.2 HD\Core\EventLog\EventLog.dll
[2008.06.06 15:03:52 | 000,007,216 | ---- | M] () MD5=C2A279A458A06DE2C83D842AA042B5A8 -- C:\Program Files\CyberLink\PowerDirector\EventLog.dll
 
< MD5 for: IASTORV.SYS  >
[2011.03.11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\drivers\iaStorV.sys
[2011.03.11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_b0daddb9e6380745\iaStorV.sys
[2011.03.11 07:43:55 | 000,332,160 | ---- | M] (Intel Corporation) MD5=71F1A494FEDF4B33C02C4A6A28D6D9E9 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_aef580fde910b4b0\iaStorV.sys
[2011.03.11 07:28:00 | 000,332,160 | ---- | M] (Intel Corporation) MD5=778D0E6D7D9EBA0C403BADBAAD41DB20 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_b152a892ff64119f\iaStorV.sys
[2009.07.14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys
[2010.11.20 14:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_668286aa35d55928\iaStorV.sys
[2010.11.20 14:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_b118bc63e60a139a\iaStorV.sys
[2011.03.11 07:52:21 | 000,332,160 | ---- | M] (Intel Corporation) MD5=B9039A34C2F8769490DCC494E2402445 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_afae2d45020c148b\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\System32\netlogon.dll
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_ffbf212e963c0162\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2011.03.11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\drivers\nvstor.sys
[2011.03.11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_3ba44e691d6eb11d\nvstor.sys
[2011.03.11 07:44:01 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4520B63899E867F354EE012D34E11536 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_39bef1ad20475e88\nvstor.sys
[2011.03.11 07:28:10 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=66D468654A58594F5F3BA63D5AD5B1AF -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_3c1c1942369abb77\nvstor.sys
[2011.03.11 07:52:25 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=8A7583A3B58D3EEB28BB26626526BC91 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_3a779df43942be63\nvstor.sys
[2010.11.20 14:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.20 14:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvstor.sys
[2009.07.14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys
 
< MD5 for: NVSTOR32.SYS  >
[2009.06.30 17:32:54 | 000,212,000 | ---- | M] (NVIDIA Corporation) MD5=032EF66DD96692AD3A9D36160F467F67 -- C:\Medion\Chipset\Win7Vista32_new_15.46\Win7Vista32\International\IDE\Win7\sata_ide\nvstor32.sys
[2009.06.30 17:32:54 | 000,212,000 | ---- | M] (NVIDIA Corporation) MD5=032EF66DD96692AD3A9D36160F467F67 -- C:\Medion\Chipset\Win7Vista32_new_15.46\Win7Vista32\International\IDE\WinVista\sata_ide\nvstor32.sys
[2009.06.30 17:32:54 | 000,212,000 | ---- | M] (NVIDIA Corporation) MD5=032EF66DD96692AD3A9D36160F467F67 -- C:\Windows\System32\drivers\nvstor32.sys
[2009.06.30 17:32:54 | 000,212,000 | ---- | M] (NVIDIA Corporation) MD5=032EF66DD96692AD3A9D36160F467F67 -- C:\Windows\System32\DriverStore\FileRepository\nvstor32.inf_x86_neutral_68640c3c72cad0af\nvstor32.sys
[2009.06.30 17:33:08 | 000,212,000 | ---- | M] (NVIDIA Corporation) MD5=3A1A03FF72DF7114B35AE0FD6781464D -- C:\Medion\Chipset\Win7Vista32_new_15.46\Win7Vista32\International\IDE\Win7\sataraid\nvstor32.sys
[2009.06.30 17:33:08 | 000,212,000 | ---- | M] (NVIDIA Corporation) MD5=3A1A03FF72DF7114B35AE0FD6781464D -- C:\Medion\Chipset\Win7Vista32_new_15.46\Win7Vista32\International\IDE\WinVista\sataraid\nvstor32.sys
 
< MD5 for: SCECLI.DLL  >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll
 
< MD5 for: USER32.DLL  >
[2009.07.14 03:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=34B7E222E81FAFA885F0C5F2CFA56861 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_cd0ec264ceb014a3\user32.dll
[2010.11.20 14:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\System32\user32.dll
[2010.11.20 14:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_cf3fd62ccb9e983d\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
 
< MD5 for: WININIT.EXE  >
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\System32\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe
 
< MD5 for: WINLOGON.EXE  >
[2009.10.28 08:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009.10.28 07:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2012.09.07 17:04:42 | 000,218,696 | ---- | M] () MD5=4E0D8C9F83B7FD82393F7D8CCC27E7AE -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2010.11.20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010.11.20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009.07.14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2009.07.14 01:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2009.07.14 01:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_4f5cf6f829213bb2\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
[2011.05.01 16:21:48 | 000,353,792 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\dxtmsft.dll
[2011.05.01 16:21:48 | 000,223,232 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\dxtrans.dll
[2009.07.14 03:15:21 | 000,462,848 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\FirewallAPI.dll
 
<          >
[2009.07.14 06:53:46 | 000,032,632 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009.07.14 06:53:47 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2010.09.12 21:18:04 | 000,001,100 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2010.09.12 21:18:05 | 000,001,104 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2010.09.24 14:31:09 | 000,000,322 | ---- | C] () -- C:\Windows\Tasks\GlaryInitialize.job
[2012.03.07 14:21:41 | 000,000,922 | ---- | C] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2688999502-884777346-3256751407-1001Core.job
[2012.03.07 14:21:43 | 000,000,944 | ---- | C] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2688999502-884777346-3256751407-1001UA.job
[2012.03.30 04:45:50 | 000,000,884 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2012.09.28 22:24:17 | 000,000,406 | ---- | C] () -- C:\Windows\Tasks\Wise Care 365.job

< End of report >

cosinus 11.10.2012 13:00
Passt das OTL-Log nicht in einem Rutsch? :wtf:

Code:
PRC - [2012.09.25 10:52:56 | 000,108,320 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.09.25 10:52:48 | 000,386,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.08.21 11:12:26 | 004,282,728 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastUI.exe
PRC - [2012.08.21 11:12:25 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe
Avast und AntiVir nicht parallel betreiben! Umgehend eins der beiden deinstallieren, ich plädiere dafür du deinstallierst Avira AntiVir!

zr7driver 11.10.2012 18:20
Nein passt es nicht ;) Ok Avira fliegt raus, hatte ich auch erst seit dem *x* Vorfall!! Bin mit Avast total zufrieden!

cosinus 12.10.2012 09:56
Ok, mach danach bitte ein neues OTL-Log

zr7driver 12.10.2012 10:37
OTL Logfile:
Code:
OTL logfile created on: 12.10.2012 11:21:03 - Run 2
OTL by OldTimer - Version 3.2.69.0    Folder = C:\Users\zr7driver\Desktop
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,25 Gb Total Physical Memory | 1,07 Gb Available Physical Memory | 33,02% Memory free
6,50 Gb Paging File | 3,23 Gb Available in Paging File | 49,77% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 910,41 Gb Total Space | 589,57 Gb Free Space | 64,76% Space Free | Partition Type: NTFS
Drive D: | 20,00 Gb Total Space | 10,36 Gb Free Space | 51,80% Space Free | Partition Type: NTFS
 
Computer Name: ZR7DRIVER-PC | User Name: zr7driver | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.10.10 19:57:07 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\zr7driver\Desktop\OTL.exe
PRC - [2012.10.09 11:34:07 | 001,807,800 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe
PRC - [2012.09.25 11:00:45 | 000,084,256 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2012.09.25 10:54:05 | 000,554,784 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe
PRC - [2012.09.25 10:52:56 | 000,108,320 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.09.24 17:24:20 | 001,161,768 | ---- | M] (WiseCleaner.com) -- C:\Programme\Wise\Wise Care 365\WiseTray.exe
PRC - [2012.09.19 19:20:40 | 000,079,136 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2012.09.18 01:07:45 | 000,212,432 | ---- | M] (Google Inc.) -- C:\Programme\Google\Update\1.3.21.123\GoogleCrashHandler.exe
PRC - [2012.09.12 16:47:44 | 000,388,576 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Thunderbird\thunderbird.exe
PRC - [2012.09.07 18:31:51 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe
PRC - [2012.08.31 02:52:22 | 000,021,432 | ---- | M] () -- C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
PRC - [2012.08.31 02:52:12 | 000,964,024 | ---- | M] (Samsung) -- C:\Programme\Samsung\Kies\Kies.exe
PRC - [2012.08.21 11:12:26 | 004,282,728 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastUI.exe
PRC - [2012.08.21 11:12:25 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe
PRC - [2012.08.13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.07.25 04:08:10 | 026,909,544 | ---- | M] (Dropbox, Inc.) -- C:\Users\zr7driver\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2012.07.17 22:31:18 | 000,776,088 | ---- | M] () -- C:\Programme\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
PRC - [2012.07.17 22:31:18 | 000,116,632 | ---- | M] () -- C:\Programme\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
PRC - [2012.07.02 16:02:28 | 004,473,728 | ---- | M] (IObit) -- C:\Programme\IObit\IObit Malware Fighter\IMF.exe
PRC - [2012.05.31 15:00:22 | 000,445,624 | ---- | M] (Sony) -- C:\Programme\Sony\Sony PC Companion\PCCompanion.exe
PRC - [2012.04.30 11:57:42 | 000,067,072 | ---- | M] () -- C:\Programme\Sony\Sony PC Companion\PCCompanionInfo.exe
PRC - [2012.03.23 14:25:24 | 000,087,040 | ---- | M] () -- C:\Programme\HTC\Internet Pass-Through\PassThruSvr.exe
PRC - [2012.01.23 06:43:08 | 000,092,592 | ---- | M] (TomTom) -- C:\Programme\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2012.01.09 20:17:44 | 000,821,592 | ---- | M] (IObit) -- C:\Programme\IObit\IObit Malware Fighter\IMFsrv.exe
PRC - [2011.09.02 16:06:38 | 000,065,657 | ---- | M] (Motorola) -- C:\Programme\Motorola\MotForwardDaemon\ForwardDaemon.exe
PRC - [2011.05.24 11:33:30 | 001,840,128 | ---- | M] (MAGIX AG) -- C:\Programme\Common Files\MAGIX Services\Database\bin\FABS.exe
PRC - [2011.03.10 20:57:04 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft\BingBar\SeaPort.EXE
PRC - [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2011.02.24 19:07:06 | 000,470,120 | ---- | M] () -- C:\Programme\Acronis\DriveMonitor\adm_tray.exe
PRC - [2011.02.12 07:43:02 | 000,660,576 | ---- | M] (Acronis) -- C:\Programme\Common Files\Acronis\Schedule2\schedul2.exe
PRC - [2011.02.12 07:40:50 | 000,365,632 | ---- | M] (Acronis) -- C:\Programme\Common Files\Acronis\Schedule2\schedhlp.exe
PRC - [2011.01.07 22:06:12 | 000,803,432 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\Display\NvXDSync.exe
PRC - [2011.01.05 12:31:34 | 000,399,416 | ---- | M] (Secunia) -- C:\Programme\Secunia\PSI\sua.exe
PRC - [2011.01.05 12:31:32 | 000,988,216 | ---- | M] (Secunia) -- C:\Programme\Secunia\PSI\psia.exe
PRC - [2010.11.20 14:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2010.11.20 14:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010.11.20 14:17:41 | 001,174,016 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Sidebar\sidebar.exe
PRC - [2010.11.05 17:11:52 | 000,081,920 | R--- | M] (Nero AG) -- C:\Programme\Motorola Media Link\NServiceEntry.exe
PRC - [2010.09.15 10:11:22 | 000,339,312 | ---- | M] (Haufe-Lexware GmbH & Co. KG) -- C:\Programme\Common Files\Lexware\Update Manager\LxUpdateManager.exe
PRC - [2010.04.05 21:55:01 | 000,116,104 | ---- | M] () -- C:\Programme\Canon\IJPLM\ijplmsvc.exe
PRC - [2010.04.02 11:18:54 | 001,185,112 | ---- | M] (CANON INC.) -- C:\Programme\Canon\Solution Menu EX\CNSEMAIN.EXE
PRC - [2010.03.25 03:50:00 | 002,516,296 | ---- | M] (CANON INC.) -- C:\Programme\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2009.12.24 12:17:20 | 000,100,152 | ---- | M] (MICRO-STAR INT'L,.LTD.) -- C:\Programme\msi\OSD hot keys\WMI_Hook_Service.exe
PRC - [2009.07.28 16:07:42 | 000,073,528 | ---- | M] (AVM Berlin) -- C:\Programme\FRITZ!DSL\IGDCTRL.EXE
PRC - [2009.07.27 11:38:46 | 000,987,960 | ---- | M] (AVM Berlin) -- C:\Programme\FRITZ!DSL\FritzDsl.exe
PRC - [2009.07.23 14:13:10 | 000,066,824 | ---- | M] (Raxco Software, Inc.) -- C:\Programme\Raxco\PerfectDisk10\PDAgentS1.exe
PRC - [2009.07.23 14:13:08 | 000,931,080 | ---- | M] (Raxco Software, Inc.) -- C:\Programme\Raxco\PerfectDisk10\PDAgent.exe
PRC - [2009.07.20 11:01:00 | 000,760,120 | ---- | M] (AVM Berlin) -- C:\Programme\FRITZ!DSL\StCenter.exe
PRC - [2009.07.14 03:14:21 | 000,294,400 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\ink\InputPersonalization.exe
PRC - [2009.06.03 21:59:02 | 000,103,720 | ---- | M] (CyberLink) -- C:\Programme\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2009.04.09 12:45:26 | 001,061,688 | ---- | M] (AVM Berlin) -- C:\Programme\FRITZ!DSL\FwebProt.exe
PRC - [2009.01.26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Programme\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2008.11.09 22:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Programme\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008.10.24 16:35:44 | 000,128,296 | ---- | M] () -- C:\Programme\AAVUpdateManager\aavus.exe
PRC - [2008.06.13 14:24:02 | 000,081,920 | ---- | M] (Firebird Project) -- C:\Programme\Firebird\Firebird_2_1\bin\fbguard.exe
PRC - [2008.06.13 14:22:50 | 002,723,840 | ---- | M] (Firebird Project) -- C:\Programme\Firebird\Firebird_2_1\bin\fbserver.exe
PRC - [2007.12.27 15:39:30 | 000,166,520 | ---- | M] () -- C:\Programme\IVT Corporation\BlueSoleil\BTNtService.exe
PRC - [2007.12.27 15:39:20 | 000,051,816 | ---- | M] () -- C:\Programme\IVT Corporation\BlueSoleil\StartSkysolSvc.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.10.12 09:13:01 | 000,115,137 | ---- | M] () -- C:\Users\zr7driver\AppData\Local\Temp\fbe2808e-2380-4f14-a1fa-3fa9c3a364e8\CliSecureRT.dll
MOD - [2012.10.09 11:34:06 | 009,814,968 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_4_402_287.dll
MOD - [2012.09.15 18:54:57 | 015,399,936 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Theme\002b4b1af5f8145bf6b6afe21d4f1db2\Kies.Theme.ni.dll
MOD - [2012.09.15 18:54:56 | 000,608,256 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DevicePodcast\de1a504d1535e5005fbae8f6a4d97ce5\DevicePodcast.ni.dll
MOD - [2012.09.15 18:54:54 | 000,290,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceVideo\ee12ab3bf308cbe22f373afbddf0be6b\DeviceVideo.ni.dll
MOD - [2012.09.15 18:54:52 | 000,367,104 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DevicePhoto\e5e58a020638d28d3740195f1d0738da\DevicePhoto.ni.dll
MOD - [2012.09.15 18:54:51 | 000,299,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceMusic\0377dd6ed6a5e92a0b8d6eb7d0b64f79\DeviceMusic.ni.dll
MOD - [2012.09.15 18:54:50 | 000,461,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\VideoManager\23e80240003377b6412081a4523943fe\VideoManager.ni.dll
MOD - [2012.09.15 18:54:48 | 002,778,112 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PodcastService\23fd65cd04b03d19931758d7472e38a4\PodcastService.ni.dll
MOD - [2012.09.15 18:54:45 | 001,143,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Podcaster\65018f5e3da23293d642168f7b132d40\Podcaster.ni.dll
MOD - [2012.09.15 18:54:42 | 000,607,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PhotoManager\e96a4bd6a51ec7762f15f9bc64c6c33a\PhotoManager.ni.dll
MOD - [2012.09.15 18:54:16 | 000,033,792 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\deb1e04d94f18bc88afabf744c5d87aa\Kies.Common.DeviceServiceLib.FirmwareUpdate.FirmwareUpdateAgentHelper.ni.dll
MOD - [2012.09.15 18:54:14 | 005,677,568 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceHost\64d3040868aba797c48f608f5361e5bc\DeviceHost.ni.dll
MOD - [2012.09.15 18:53:59 | 001,843,712 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Phonebook\1bedf64dbdd091ac8dceee7cbfd84a88\Phonebook.ni.dll
MOD - [2012.09.15 18:53:50 | 001,008,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CPKTMusicPlugin\f73c846c21b32d8e446f08fe7bf0b75a\CPKTMusicPlugin.ni.dll
MOD - [2012.09.15 18:53:47 | 000,964,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\MusicManager\dc5b622e73080b69c1c63606f283b795\MusicManager.ni.dll
MOD - [2012.09.15 18:53:41 | 000,320,512 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\EBookManager\e5c8f9e08db50fb625c029361147f47e\EBookManager.ni.dll
MOD - [2012.09.15 18:53:39 | 000,391,168 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\BATPlugin\ed8a6670f7dbe1ae78aa091a0935fb87\BATPlugin.ni.dll
MOD - [2012.09.15 18:53:38 | 000,031,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\AllShareController\c209d4b3c25507564757710f6d4a4570\AllShareController.ni.dll
MOD - [2012.09.15 18:53:37 | 000,507,392 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.MediaDB\25823a7264f74e67158031f485c0bb23\Kies.Common.MediaDB.ni.dll
MOD - [2012.09.15 18:53:37 | 000,029,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.StoreMa#\d9eca4746981ac218c1dbe0c131ce108\Kies.Common.StoreManager.ni.dll
MOD - [2012.09.15 18:53:35 | 000,232,960 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\ASF_cSharpAPI\81bb58061bcd2a4c3bf4136abe041d20\ASF_cSharpAPI.ni.dll
MOD - [2012.09.15 18:53:35 | 000,064,000 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.AllShare\065aa3ca107d7b3d679a5f408e535239\Kies.Common.AllShare.ni.dll
MOD - [2012.09.15 18:53:34 | 000,278,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\1f13cee7982e84f07cff152618950b20\Kies.Common.DeviceServiceLib.FirmwareUpdate.Common.ni.dll
MOD - [2012.09.15 18:53:32 | 000,189,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\57b7389241c36caa1d2132d68eddedda\Kies.Common.DeviceServiceLib.FirmwareUpdate.Downloader.ni.dll
MOD - [2012.09.15 18:53:32 | 000,174,592 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.DevFileServ#\170b754ba9dcd78ee0b06a32af4a7c1f\Interop.DevFileServiceLib.ni.dll
MOD - [2012.09.15 18:53:31 | 000,565,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\4b033da616a5e8e2b9ebe95342e9cf0d\Kies.Common.DeviceServiceLib.FileService.ni.dll
MOD - [2012.09.15 18:53:29 | 000,566,784 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\bf6e9c84dd994fef46819ed3bd9fa934\Kies.Common.DeviceServiceLib.DeviceDataService.ni.dll
MOD - [2012.09.15 18:53:26 | 000,184,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\e1837e9c63789850168d0bb76826128d\Kies.Common.DeviceServiceLib.Interface.ni.dll
MOD - [2012.09.15 18:53:25 | 000,902,656 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\4f549b26003474662ef7e2f3be9e3dd3\Kies.Common.DeviceServiceLib.DeviceManagement.ni.dll
MOD - [2012.09.15 18:53:23 | 001,025,536 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\60c16bc46e86b9a852e71968dc63d9c7\Kies.Common.DeviceService.ni.dll
MOD - [2012.09.15 18:53:20 | 000,052,224 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.MP3FileInfo#\c99811c6a988ca6c2104a5b45acbddbb\Interop.MP3FileInfoCOMLib.ni.dll
MOD - [2012.09.15 18:53:20 | 000,030,720 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.PRPLAYERCOR#\25dc31b1903a3689788caf51d3d93f97\Interop.PRPLAYERCORELib.ni.dll
MOD - [2012.09.15 18:53:19 | 002,188,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.Multime#\923e655c1069f7faa553275eb2e6763c\Kies.Common.Multimedia.ni.dll
MOD - [2012.09.15 18:53:15 | 000,183,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.MainUI\4603ed01ff960f6d861f798e826c9442\Kies.Common.MainUI.ni.dll
MOD - [2012.09.15 18:53:13 | 000,067,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DBManag#\dcc3307fb870292826318142cf4fa8aa\Kies.Common.DBManager.ni.dll
MOD - [2012.09.15 18:53:12 | 000,201,728 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.Util\b0cec9954e5583399b377b65a469a74c\Kies.Common.Util.ni.dll
MOD - [2012.09.15 18:53:11 | 001,437,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Locale\c4f56538bb1d5921690a486bf052e30b\Kies.Locale.ni.dll
MOD - [2012.09.15 18:53:10 | 000,078,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.MVVM\afa8de1e7aabde98f9a5fec1abdb9a05\Kies.MVVM.ni.dll
MOD - [2012.09.15 18:53:09 | 001,728,512 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.UI\7a0eb5bc5decef8dc1ef9dd3bca3b4d4\Kies.UI.ni.dll
MOD - [2012.09.15 18:53:06 | 000,119,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\GongSolutions.Wpf.D#\3f6f79987f17c00edce423932abd1cf2\GongSolutions.Wpf.DragDrop.ni.dll
MOD - [2012.09.15 18:53:04 | 001,185,280 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Interface\0a26df964bb433ab607743b20c7704f7\Kies.Interface.ni.dll
MOD - [2012.09.15 18:53:02 | 001,674,240 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies\41f4faf4ff2ba56c26252d6069ceff76\Kies.ni.exe
MOD - [2012.09.12 16:47:45 | 002,061,280 | ---- | M] () -- C:\Programme\Mozilla Thunderbird\mozjs.dll
MOD - [2012.09.12 16:47:45 | 000,157,664 | ---- | M] () -- C:\Programme\Mozilla Thunderbird\nsldap32v60.dll
MOD - [2012.09.12 16:47:45 | 000,021,984 | ---- | M] () -- C:\Programme\Mozilla Thunderbird\nsldappr32v60.dll
MOD - [2012.09.07 18:31:49 | 002,244,064 | ---- | M] () -- C:\Programme\Mozilla Firefox\mozjs.dll
MOD - [2012.08.31 02:52:22 | 000,021,432 | ---- | M] () -- C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
MOD - [2012.07.17 22:31:18 | 000,776,088 | ---- | M] () -- C:\Programme\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
MOD - [2012.07.17 10:56:14 | 000,587,776 | ---- | M] () -- C:\Programme\Sony\Sony PC Companion\PhoneUpdate.dll
MOD - [2012.06.13 09:05:50 | 000,221,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\26e0457a9776a0e9f23e3986686d90a5\System.ServiceProcess.ni.dll
MOD - [2012.06.13 08:59:44 | 000,593,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Messaging\2b4d6976393bf5643a4ef2d8dffdf75b\System.Messaging.ni.dll
MOD - [2012.06.13 08:54:18 | 011,833,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\a501b7960f6c6e2e39162b83f3303aaa\System.Web.ni.dll
MOD - [2012.06.13 08:53:22 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll
MOD - [2012.06.13 08:52:58 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll
MOD - [2012.06.13 05:36:30 | 013,198,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\00a4922fbf869a79c043b665035516b6\System.Windows.Forms.ni.dll
MOD - [2012.06.13 05:26:03 | 018,019,840 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\d239f585ee55f833dbe21e897e1265ac\PresentationFramework.ni.dll
MOD - [2012.06.13 05:25:46 | 011,522,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\b7de318e9fd1ef519ca6c1f3b5dba8e0\PresentationCore.ni.dll
MOD - [2012.06.13 05:25:32 | 003,881,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\a6e37a05b8d0cedbc5c3ea266ae3fc31\WindowsBase.ni.dll
MOD - [2012.06.13 05:25:27 | 001,666,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\4230ed1c7990e4ee8352baf67a2a85fa\System.Drawing.ni.dll
MOD - [2012.06.03 09:36:31 | 000,032,256 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.OGGFileInfo#\cbeefee33636e0d0be226cf11e180ba3\Interop.OGGFileInfoCOMLib.ni.dll
MOD - [2012.06.03 09:36:30 | 000,171,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.P3MPINTERFA#\b0b31095249cec5ef5c0407fa6b7fc22\Interop.P3MPINTERFACECTRLLib.ni.dll
MOD - [2012.06.03 09:36:22 | 000,395,776 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CabLib\6265ffca46eab52d5f798847b5ea908c\CabLib.ni.dll
MOD - [2012.06.03 09:36:21 | 000,530,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\ICSharpCode.SharpZi#\2d7161baa59dd2c1c39f4a192d760e7d\ICSharpCode.SharpZipLib.ni.dll
MOD - [2012.06.03 09:36:20 | 000,052,224 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.DeviceSearc#\9a6bad5be6518d4a975893676a49a82c\Interop.DeviceSearchLib.ni.dll
MOD - [2012.05.24 11:50:32 | 000,203,776 | ---- | M] () -- C:\Programme\Sony\Sony PC Companion\MExplorer.dll
MOD - [2012.05.09 10:46:49 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
MOD - [2012.05.09 10:46:41 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll
MOD - [2012.05.09 10:46:36 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
MOD - [2012.05.09 10:45:27 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
MOD - [2012.05.09 10:26:42 | 001,218,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\d0e1cdaff8f9055187f8e7b52c060dff\System.Management.ni.dll
MOD - [2012.05.09 10:21:00 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\63bc6e391de5014965039e100ce1e9d5\System.Runtime.Remoting.ni.dll
MOD - [2012.05.09 10:20:41 | 001,782,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\b68bee05c7e518172982cc92059c3315\System.Xaml.ni.dll
MOD - [2012.05.09 10:12:43 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\608d29d7cc89f3a9a195c91354561915\PresentationFramework.Aero.ni.dll
MOD - [2012.05.09 10:08:26 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\a84262e1224189f93e10cd3c403a9527\System.Configuration.ni.dll
MOD - [2012.05.09 10:08:13 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\9abe44a0f82070ead5f1256683a4d25a\System.Xml.ni.dll
MOD - [2012.05.09 10:07:42 | 007,069,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\09bd2126bba2ab4f29ed52afde1470d7\System.Core.ni.dll
MOD - [2012.05.09 10:07:30 | 009,092,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\a6be120e49f895ef6b00e9918402395b\System.ni.dll
MOD - [2012.05.09 10:07:19 | 014,414,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\c1af4ec9a36f671617a8ecaec00373f4\mscorlib.ni.dll
MOD - [2012.04.30 11:57:42 | 000,067,072 | ---- | M] () -- C:\Programme\Sony\Sony PC Companion\PCCompanionInfo.exe
MOD - [2012.04.30 11:57:42 | 000,039,936 | ---- | M] () -- C:\Programme\Sony\Sony PC Companion\TMonitorAPI.dll
MOD - [2012.04.04 14:33:24 | 000,139,776 | ---- | M] () -- C:\Programme\Sony\Sony PC Companion\CAgdLNotes.dll
MOD - [2012.03.16 12:51:02 | 000,188,416 | ---- | M] () -- C:\Programme\Sony\Sony PC Companion\CAgdOutlook.dll
MOD - [2012.02.17 20:55:35 | 000,166,912 | ---- | M] () -- C:\Programme\WinRAR\RarExt.dll
MOD - [2012.02.13 09:53:50 | 000,086,016 | ---- | M] () -- C:\Programme\Sony\Sony PC Companion\CalEngine.dll
MOD - [2011.07.07 14:54:36 | 000,233,984 | ---- | M] () -- C:\Programme\Sony\Sony PC Companion\Report.dll
MOD - [2011.02.24 19:07:06 | 000,470,120 | ---- | M] () -- C:\Programme\Acronis\DriveMonitor\adm_tray.exe
MOD - [2011.02.24 18:39:44 | 000,012,128 | ---- | M] () -- C:\Programme\Common Files\Acronis\DriveMonitor\Common\icudt38.dll
MOD - [2010.11.13 01:19:04 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010.09.14 15:01:00 | 000,212,992 | ---- | M] () -- C:\Programme\Sony\Sony PC Companion\VistaCalendar.dll
MOD - [2010.01.11 16:44:54 | 000,053,248 | ---- | M] () -- C:\Programme\Sony\Sony PC Companion\VObject.dll
MOD - [2009.06.03 21:59:14 | 000,013,096 | ---- | M] () -- C:\Programme\CyberLink\Power2Go\CLMLSvcPS.dll
MOD - [2009.06.03 21:59:02 | 000,619,816 | ---- | M] () -- C:\Programme\CyberLink\Power2Go\CLMediaLibrary.dll
MOD - [2009.02.04 12:08:06 | 000,207,872 | ---- | M] () -- C:\Programme\FRITZ!DSL\C90dll.dll
 
 
========== Services (SafeList) ==========
 
SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SBSDWSCService)
SRV - [2012.10.09 11:34:18 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.09.25 11:00:45 | 000,084,256 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.09.25 10:54:05 | 000,554,784 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe -- (AntiVirWebService)
SRV - [2012.09.25 10:52:56 | 000,108,320 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.09.07 18:31:50 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.08.21 11:12:25 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Programme\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012.08.13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.07.17 22:31:18 | 000,116,632 | ---- | M] () [Auto | Running] -- C:\Programme\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe -- (Motorola Device Manager)
SRV - [2012.07.17 15:25:28 | 000,580,648 | ---- | M] (WiseCleaner.com) [Auto | Stopped] -- C:\Programme\Wise\Wise Care 365\BootTime.exe -- (WiseBootAssistant)
SRV - [2012.07.03 13:19:28 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.03.23 14:25:24 | 000,087,040 | ---- | M] () [Auto | Running] -- C:\Programme\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service)
SRV - [2012.01.23 06:43:08 | 000,092,592 | ---- | M] (TomTom) [Auto | Running] -- C:\Programme\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2012.01.18 14:38:28 | 000,155,320 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Programme\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion)
SRV - [2012.01.09 20:17:44 | 000,821,592 | ---- | M] (IObit) [Auto | Running] -- C:\Programme\IObit\IObit Malware Fighter\IMFsrv.exe -- (IMFservice)
SRV - [2011.09.02 16:06:38 | 000,065,657 | ---- | M] (Motorola) [Auto | Running] -- C:\Programme\Motorola\MotForwardDaemon\ForwardDaemon.exe -- (PST Service)
SRV - [2011.05.26 14:34:34 | 000,191,752 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Programme\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011.05.24 11:33:30 | 001,840,128 | ---- | M] (MAGIX AG) [Auto | Running] -- C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs)
SRV - [2011.04.26 14:54:12 | 002,702,848 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Programme\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
SRV - [2011.03.21 13:21:24 | 000,632,832 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2011.03.10 20:57:04 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2011.02.12 07:43:02 | 000,660,576 | ---- | M] (Acronis) [Auto | Running] -- C:\Programme\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2011.01.05 12:31:34 | 000,399,416 | ---- | M] (Secunia) [Auto | Running] -- C:\Programme\Secunia\PSI\sua.exe -- (Secunia Update Agent)
SRV - [2011.01.05 12:31:32 | 000,988,216 | ---- | M] (Secunia) [Auto | Running] -- C:\Programme\Secunia\PSI\psia.exe -- (Secunia PSI Agent)
SRV - [2010.11.20 14:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2010.11.05 17:11:52 | 000,081,920 | R--- | M] (Nero AG) [Auto | Running] -- C:\Programme\Motorola Media Link\NServiceEntry.exe -- (DeviceMonitorService)
SRV - [2010.04.28 07:44:02 | 000,704,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
SRV - [2010.04.05 21:55:01 | 000,116,104 | ---- | M] () [Auto | Running] -- C:\Programme\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2009.12.24 12:17:20 | 000,100,152 | ---- | M] (MICRO-STAR INT'L,.LTD.) [Auto | Running] -- C:\Programme\msi\OSD hot keys\WMI_Hook_Service.exe -- (WMI_Hook_Service)
SRV - [2009.08.24 22:16:36 | 000,406,016 | ---- | M] (mst software GmbH, Germany) [On_Demand | Stopped] -- C:\Programme\Ashampoo\Ashampoo WinOptimizer 2012\DfSdkS.exe -- (DfSdkS)
SRV - [2009.08.18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2009.08.10 15:58:28 | 000,093,848 | ---- | M] (SiSoftware) [On_Demand | Stopped] -- C:\Programme\SiSoftware\SiSoftware Sandra Lite 2011b\RpcAgentSrv.exe -- (SandraAgentSrv)
SRV - [2009.07.28 16:07:42 | 000,073,528 | ---- | M] (AVM Berlin) [Auto | Running] -- C:\Programme\FRITZ!DSL\IGDCTRL.EXE -- (IGDCTRL)
SRV - [2009.07.23 14:13:12 | 001,033,480 | ---- | M] (Raxco Software, Inc.) [On_Demand | Stopped] -- C:\Programme\Raxco\PerfectDisk10\PDEngine.exe -- (PDEngine)
SRV - [2009.07.23 14:13:08 | 000,931,080 | ---- | M] (Raxco Software, Inc.) [Auto | Running] -- C:\Programme\Raxco\PerfectDisk10\PDAgent.exe -- (PDAgent)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008.11.09 22:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Programme\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008.10.24 16:35:44 | 000,128,296 | ---- | M] () [Auto | Running] -- C:\Programme\AAVUpdateManager\aavus.exe -- (AAV UpdateService)
SRV - [2008.06.13 14:24:02 | 000,081,920 | ---- | M] (Firebird Project) [Auto | Running] -- C:\Programme\Firebird\Firebird_2_1\bin\fbguard.exe -- (FirebirdGuardianDefaultInstance)
SRV - [2008.06.13 14:22:50 | 002,723,840 | ---- | M] (Firebird Project) [On_Demand | Running] -- C:\Programme\Firebird\Firebird_2_1\bin\fbserver.exe -- (FirebirdServerDefaultInstance)
SRV - [2007.12.27 15:39:30 | 000,166,520 | ---- | M] () [Auto | Running] -- C:\Programme\IVT Corporation\BlueSoleil\BTNtService.exe -- (BlueSoleil Hid Service)
SRV - [2007.12.27 15:39:20 | 000,051,816 | ---- | M] () [Auto | Running] -- C:\Programme\IVT Corporation\BlueSoleil\StartSkysolSvc.exe -- (Start BT in service)
SRV - [2007.05.31 09:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007.05.31 09:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2003.07.28 12:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbmodem.sys -- (USBModem)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbdiag.sys -- (UsbDiag)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbbus.sys -- (usbbus)
DRV - File not found [Kernel | System | Stopped] -- C:\Windows\system32\drivers\SBREdrv.sys -- (SBRE)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\motodrv.sys -- (MotDev)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\motoandroid.sys -- (motandroidusb)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\ZR7DRI~1\AppData\Local\Temp\mfe_rr.sys -- (MFE_RR)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\C10F.tmp -- (MEMSWEEP2)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgbtbus.sys -- (lgbusenum)
DRV - File not found [File_System | Boot | Stopped] -- system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2012.10.01 17:14:23 | 000,134,184 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2012.09.24 09:58:11 | 000,036,552 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2012.09.13 10:58:17 | 000,083,792 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2012.08.28 19:41:29 | 000,025,200 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggsemc.sys -- (ggsemc)
DRV - [2012.08.28 19:41:29 | 000,012,400 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggflt.sys -- (ggflt)
DRV - [2012.08.21 11:13:15 | 000,729,752 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012.08.21 11:13:15 | 000,355,632 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012.08.21 11:13:15 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012.08.21 11:13:14 | 000,058,680 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2012.08.21 11:13:14 | 000,044,784 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2012.08.21 11:13:13 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012.07.31 12:42:48 | 000,181,344 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudserd.sys -- (ssudserd)
DRV - [2012.07.31 12:42:48 | 000,181,344 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudmdm.sys -- (ssudmdm)
DRV - [2012.07.31 12:42:48 | 000,083,168 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudbus.sys -- (dg_ssudbus)
DRV - [2012.07.05 13:53:38 | 000,019,832 | ---- | M] (IObit.com) [Kernel | On_Demand | Running] -- C:\Programme\IObit\IObit Malware Fighter\Drivers\win7_x86\UrlFilter.sys -- (UrlFilter)
DRV - [2012.07.05 13:53:36 | 000,030,640 | ---- | M] (IObit.com) [Kernel | On_Demand | Running] -- C:\Programme\IObit\IObit Malware Fighter\Drivers\win7_x86\RegFilter.sys -- (RegFilter)
DRV - [2012.06.11 11:56:32 | 000,020,864 | ---- | M] (Motorola Mobility Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motccgp.sys -- (motccgp)
DRV - [2012.06.08 16:09:10 | 000,023,808 | ---- | M] (Motorola Mobility Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Motousbnet.sys -- (Motousbnet)
DRV - [2012.06.08 16:08:52 | 000,006,656 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motswch.sys -- (MotoSwitchService)
DRV - [2012.06.08 16:08:26 | 000,024,576 | ---- | M] (Motorola Mobility Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motmodem.sys -- (motmodem)
DRV - [2012.03.07 03:11:00 | 000,025,856 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandnetadb.sys -- (andnetadb)
DRV - [2012.03.02 16:02:00 | 000,025,088 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandmodem.sys -- (ANDModem)
DRV - [2012.03.02 16:02:00 | 000,020,736 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lganddiag.sys -- (AndDiag)
DRV - [2012.03.02 16:02:00 | 000,020,096 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandgps.sys -- (AndGps)
DRV - [2012.03.02 16:02:00 | 000,014,336 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandbus.sys -- (Andbus)
DRV - [2012.02.07 17:46:02 | 000,024,328 | ---- | M] (CPUID) [Kernel | On_Demand | Stopped] -- C:\Programme\CPUID\PC Wizard 2012\pcwiz_x32.sys -- (cpuz135)
DRV - [2012.01.25 14:57:46 | 000,008,448 | ---- | M] (Motorola Mobility Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motccgpfl.sys -- (motccgpfl)
DRV - [2012.01.05 18:07:20 | 000,020,336 | ---- | M] (IObit) [File_System | On_Demand | Running] -- C:\Programme\IObit\IObit Malware Fighter\Drivers\win7_x86\FileMonitor.sys -- (FileMonitor)
DRV - [2011.11.08 13:59:04 | 000,011,008 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motusbdevice.sys -- (motusbdevice)
DRV - [2011.01.08 05:27:00 | 010,467,656 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2010.12.13 05:59:14 | 000,036,360 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\blueletaudio.sys -- (BlueletAudio)
DRV - [2010.12.13 05:45:42 | 000,036,616 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btcusb.sys -- (Btcsrusb)
DRV - [2010.12.12 21:40:51 | 000,032,392 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VcommMgr.sys -- (VcommMgr)
DRV - [2010.12.12 21:34:13 | 000,014,856 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VComm.sys -- (VComm)
DRV - [2010.12.02 15:13:30 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2010.12.02 15:13:28 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2010.12.02 15:13:26 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2010.12.02 15:13:22 | 000,018,304 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2010.12.01 11:51:53 | 000,110,304 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\ACEDRV09.sys -- (ACEDRV09)
DRV - [2010.11.20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.11.20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WINUSB)
DRV - [2010.09.01 10:30:58 | 000,015,544 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\psi_mf.sys -- (PSI)
DRV - [2010.06.23 10:24:56 | 000,023,040 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\htcnprot.sys -- (htcnprot)
DRV - [2010.04.01 10:13:38 | 001,009,184 | ---- | M] (Realtek Semiconductor Corporation                          ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rtl8192se.sys -- (rtl8192se)
DRV - [2010.03.12 18:22:18 | 000,081,920 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ser2pl.sys -- (Ser2pl)
DRV - [2009.12.22 14:43:16 | 001,558,368 | ---- | M] (NXP Semiconductors Germany GmbH) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NxpCap.sys -- (NxpCap)
DRV - [2009.10.29 12:20:40 | 000,010,360 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hidkmdf.sys -- (hidkmdf)
DRV - [2009.10.29 12:20:38 | 000,022,392 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NW1950.sys -- (NW1950)
DRV - [2009.10.26 17:54:26 | 000,025,088 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ANDROIDUSB.sys -- (HTCAND32)
DRV - [2009.08.08 00:46:56 | 000,023,112 | ---- | M] (SiSoftware) [Kernel | On_Demand | Stopped] -- C:\Programme\SiSoftware\SiSoftware Sandra Lite 2011b\WNt500x86\sandra.sys -- (SANDRA)
DRV - [2009.06.30 17:32:54 | 000,212,000 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\nvstor32.sys -- (nvstor32)
DRV - [2009.06.29 00:36:36 | 000,017,920 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2009.06.08 10:00:56 | 000,071,696 | ---- | M] (Raxco Software, Inc.) [File_System | Auto | Running] -- C:\Windows\System32\drivers\DefragFs.sys -- (DefragFS)
DRV - [2009.06.05 01:47:48 | 000,024,608 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\nvamacpi.sys -- (nvamacpi)
DRV - [2009.01.29 18:11:20 | 000,006,016 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motfilt.sys -- (BTCFilterService)
DRV - [2008.08.26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007.06.24 21:56:40 | 000,027,656 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\BlueletSCOAudio.sys -- (BlueletSCOAudio)
DRV - [2007.03.05 20:59:04 | 000,018,320 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btnetdrv.sys -- (BT)
DRV - [2007.03.05 20:56:18 | 000,035,600 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\BtHidMgr.sys -- (BTHidMgr)
DRV - [2007.03.05 20:55:12 | 000,020,880 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\VBTEnum.sys -- (BTHidEnum)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\URLSearchHook:  - No CLSID value found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope =
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{095C1A85-7264-4B56-BB5A-783E8E888AB2}: "URL" = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=302398&p={searchTerms}
IE - HKCU\..\SearchScopes\{0A5C582A-2E0F-45B4-A278-5CC42B563211}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=kw&q={searchTerms}&locale=&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^YY^DE&apn_uid=b270a8c8-c838-4580-968b-86c69f2550a3&apn_sauid=74ACD6B1-898A-4431-99F3-0D200D08CED2
IE - HKCU\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
IE - HKCU\..\SearchScopes\{D73A46A4-5C66-4286-8399-9A51DF36E0A0}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=MEDTDF&pc=MAMD&src=IE-SearchBox
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1166636.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi:  File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=4.0: C:\Program Files\Virtual Earth 3D\ [2011.06.18 18:41:42 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00: C:\Program Files\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.2.72: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.2.72: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.2.72: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.2.72: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.2.72: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: C:\Program Files\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.3: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1: C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll (Yahoo! Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2011.05.22 21:16:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012.02.28 18:48:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Program Files\AVG\AVG2012\Firefox\DoNotTrack\ [2012.05.01 15:59:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012.08.27 14:18:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.07 18:31:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.07 18:31:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.07 18:31:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.07 18:31:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.07 18:31:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.07 18:31:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.07 18:31:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.07 18:31:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.07 18:31:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.07 18:31:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.07 18:31:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.07 18:31:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.07 18:31:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 15.0.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.06.21 05:20:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2011.05.22 21:16:30 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.07 18:31:51 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.07 18:31:51 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.07 18:31:51 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.07 18:31:51 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
 
[2012.10.09 21:43:40 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.09.07 18:31:39 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.09.07 18:31:51 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010.12.09 12:47:06 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2007.03.10 01:16:44 | 000,189,496 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\mozilla firefox\plugins\npyaxmpb.dll
[2012.06.01 18:33:00 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.08.30 19:24:08 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.06.01 18:33:00 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.06.01 18:33:00 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.06.01 18:33:00 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.06.01 18:33:00 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.92\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.92\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.92\pdf.dll
CHR - plugin: Skype Click to Call (Enabled) = C:\Users\zr7driver\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.2.0.10687_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Windows Genuine Advantage (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npLegitCheckPlugin.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit)  (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit)  (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: Yahoo! activeX Plug-in Bridge (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll
CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility (Enabled) = C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Java Deployment Toolkit 7.0.70.10 (Enabled) = C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll
CHR - plugin: Java(TM) Platform SE 7 U7 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: Media Go Detector (Enabled) = C:\Program Files\Sony\Media Go\npmediago.dll
CHR - plugin: PlayStation(R)Network Downloader Check Plug-in (Enabled) = C:\Program Files\Sony\PLAYSTATION Network Downloader\nppsndl.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: RealNetworks(tm) Chrome Background Extension Plug-In (32-bit)  (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw_1166636.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - Extension: avast! WebRep = C:\Users\zr7driver\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1466_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\zr7driver\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: Skype Click to Call = C:\Users\zr7driver\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.2.0.10687_0\
 
O1 HOSTS File: ([2012.05.04 08:56:10 | 000,442,850 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1        www.007guard.com
O1 - Hosts: 127.0.0.1        007guard.com
O1 - Hosts: 127.0.0.1        008i.com
O1 - Hosts: 127.0.0.1        www.008k.com
O1 - Hosts: 127.0.0.1        008k.com
O1 - Hosts: 127.0.0.1        www.00hq.com
O1 - Hosts: 127.0.0.1        00hq.com
O1 - Hosts: 127.0.0.1        010402.com
O1 - Hosts: 127.0.0.1        www.032439.com
O1 - Hosts: 127.0.0.1        032439.com
O1 - Hosts: 127.0.0.1        www.0scan.com
O1 - Hosts: 127.0.0.1        0scan.com
O1 - Hosts: 127.0.0.1        1000gratisproben.com
O1 - Hosts: 127.0.0.1        www.1000gratisproben.com
O1 - Hosts: 127.0.0.1        1001namen.com
O1 - Hosts: 127.0.0.1        www.1001namen.com
O1 - Hosts: 127.0.0.1        www.100888290cs.com
O1 - Hosts: 127.0.0.1        100888290cs.com
O1 - Hosts: 127.0.0.1        100sexlinks.com
O1 - Hosts: 127.0.0.1        www.100sexlinks.com
O1 - Hosts: 127.0.0.1        www.10sek.com
O1 - Hosts: 127.0.0.1        10sek.com
O1 - Hosts: 127.0.0.1        1-2005-search.com
O1 - Hosts: 127.0.0.1        www.1-2005-search.com
O1 - Hosts: 127.0.0.1        www.123fporn.info
O1 - Hosts: 15214 more lines...
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Programme\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Programme\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Windows Live ID-Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (WOT Helper) - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Programme\WOT\WOT.dll ()
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (WOT) - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Programme\WOT\WOT.dll ()
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Programme\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (WOT) - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Programme\WOT\WOT.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Programme\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
O4 - HKLM..\Run: [adm_tray.exe] C:\Programme\Acronis\DriveMonitor\adm_tray.exe ()
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [IObit Malware Fighter] C:\Program Files\IObit\IObit Malware Fighter\IMF.exe (IObit)
O4 - HKLM..\Run: [LexwareInfoService] C:\Program Files\Common Files\Lexware\Update Manager\LxUpdateManager.exe (Haufe-Lexware GmbH & Co. KG)
O4 - HKLM..\Run: [mumservice] C:\Programme\Motorola\Software Update\mumservice.exe (Motorola)
O4 - HKCU..\Run: [KiesPDLR] C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O4 - HKCU..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe (Samsung)
O4 - HKCU..\Run: [Sony PC Companion] C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe (Sony)
O4 - Startup: C:\Users\zr7driver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\zr7driver\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\zr7driver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FRITZ!DSL Internet.lnk = C:\Programme\FRITZ!DSL\FritzDsl.exe (AVM Berlin)
O4 - Startup: C:\Users\zr7driver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FRITZ!DSL Protect.lnk = C:\Programme\FRITZ!DSL\FwebProt.exe (AVM Berlin)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoPropertiesMyComputer = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFileAssociate = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogoff = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispScrSavPage = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 221
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found
O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - Reg Error: Key error. File not found
O9 - Extra Button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Programme\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Programme\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files\FRITZ!DSL\\sarah.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\FRITZ!DSL\sarah.dll (AVM Berlin)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\FRITZ!DSL\sarah.dll (AVM Berlin)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\FRITZ!DSL\sarah.dll (AVM Berlin)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000058 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000059 - C:\Program Files\FRITZ!DSL\sarah.dll (AVM Berlin)
O13 - gopher Prefix: missing
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {1E3F1348-4370-4BBE-A67A-CC7ED824CA85} hxxp://download.microsoft.com/download/7/4/9/749b0dc5-2175-4d5b-a6dd-9c4bc923683e/Selfhelpcontrol.cab (Microsoft Genuine Advantage Self Support Tool)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 10.7.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3752C415-0AD3-4D70-88DD-5C627777D71D}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{70461503-9E7A-42FB-9CFC-1852690458B5}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8BBE4987-A903-408A-A660-FD8F19F10960}: DhcpNameServer = 192.168.42.129
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\wot {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Programme\WOT\WOT.dll ()
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{13769a4b-bcd5-11df-a9f6-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{13769a4b-bcd5-11df-a9f6-806e6f6e6963}\Shell\AutoRun\command - "" = E:\LxSetup.exe
O33 - MountPoints2\{30442c83-27ba-11e1-9df3-001583096ec8}\Shell - "" = AutoRun
O33 - MountPoints2\{30442c83-27ba-11e1-9df3-001583096ec8}\Shell\AutoRun\command - "" = G:\setup.exe -a
O33 - MountPoints2\{50e93006-11bf-11e0-b121-001583096ec8}\Shell - "" = AutoRun
O33 - MountPoints2\{d20cf144-c87b-11df-ad11-001583096ec8}\Shell - "" = AutoRun
O34 - HKLM BootExecute: (pdboot.exe)
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.10.11 23:02:36 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2012.10.11 23:02:36 | 000,000,000 | ---D | C] -- C:\Users\zr7driver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
[2012.10.10 19:57:00 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\zr7driver\Desktop\OTL.exe
[2012.10.08 09:41:26 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012.10.07 21:11:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2012.10.07 01:11:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.10.07 01:11:15 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.10.07 01:11:15 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.10.05 18:48:20 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2012.10.05 18:48:15 | 000,134,184 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avipbb.sys
[2012.10.05 18:48:15 | 000,083,792 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avgntflt.sys
[2012.10.05 18:48:15 | 000,036,552 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avkmgr.sys
[2012.10.05 18:48:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2012.10.05 18:48:12 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2012.09.29 16:15:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steuer 2010
[2012.09.29 16:15:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexware
[2012.09.29 16:14:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Lexware
[2012.09.29 16:14:21 | 000,000,000 | ---D | C] -- C:\Program Files\Lexware
[2012.09.29 16:11:05 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Lexware
[2012.09.29 16:11:04 | 000,000,000 | ---D | C] -- C:\Users\zr7driver\AppData\Local\Lexware
[2012.09.28 21:41:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Care 365
[2012.09.28 21:41:02 | 000,000,000 | ---D | C] -- C:\Program Files\Wise
[2012.09.21 10:58:54 | 000,000,000 | ---D | C] -- C:\Users\zr7driver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Urlaubsplaner 2013
[2012.09.15 16:55:23 | 000,181,344 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\System32\drivers\ssudserd.sys
[2012.09.15 16:55:23 | 000,181,344 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\System32\drivers\ssudmdm.sys
[2012.09.15 16:55:22 | 000,083,168 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\System32\drivers\ssudbus.sys
[2012.09.14 12:11:42 | 000,000,000 | ---D | C] -- C:\Users\zr7driver\Documents\Steuerfälle
[2012.09.14 12:11:42 | 000,000,000 | ---D | C] -- C:\Users\zr7driver\AppData\Local\AAV
[2012.09.14 12:03:03 | 000,000,000 | ---D | C] -- C:\Program Files\AAVUpdateManager
[2012.09.14 12:02:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steuer-Sparer 2012
[2012.09.14 11:59:38 | 000,000,000 | ---D | C] -- C:\Program Files\Steuer-Sparer 2012
[2012.09.14 11:58:32 | 000,000,000 | ---D | C] -- C:\ProgramData\AAV
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.10.12 11:12:00 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.10.12 10:34:00 | 000,000,944 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2688999502-884777346-3256751407-1001UA.job
[2012.10.12 10:33:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.10.12 09:20:53 | 000,009,888 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.10.12 09:20:51 | 000,009,888 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.10.12 09:18:52 | 000,707,706 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.10.12 09:18:52 | 000,661,302 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.10.12 09:18:52 | 000,153,192 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.10.12 09:18:52 | 000,125,388 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.10.12 09:11:24 | 000,001,100 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.10.12 09:11:14 | 000,000,322 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job
[2012.10.12 09:11:11 | 000,000,406 | ---- | M] () -- C:\Windows\tasks\Wise Care 365.job
[2012.10.12 09:10:52 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.10.12 09:10:41 | 2616,643,584 | -HS- | M] () -- C:\hiberfil.sys
[2012.10.11 23:02:37 | 000,001,244 | ---- | M] () -- C:\Users\zr7driver\Desktop\Revo Uninstaller.lnk
[2012.10.11 22:34:00 | 000,000,922 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2688999502-884777346-3256751407-1001Core.job
[2012.10.11 19:10:32 | 000,001,124 | ---- | M] () -- C:\Users\Public\Desktop\Wise Care 365.lnk
[2012.10.11 06:14:51 | 000,002,326 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012.10.10 19:57:07 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\zr7driver\Desktop\OTL.exe
[2012.10.09 20:32:20 | 000,538,327 | ---- | M] () -- C:\Users\zr7driver\Desktop\adwcleaner.exe
[2012.10.07 21:11:37 | 000,002,022 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2012.10.07 01:11:17 | 000,001,089 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.10.01 17:14:23 | 000,134,184 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avipbb.sys
[2012.09.29 16:25:19 | 000,002,739 | ---- | M] () -- C:\Users\Public\Desktop\Steuer 2010.lnk
[2012.09.27 21:12:55 | 000,010,495 | ---- | M] () -- C:\Users\zr7driver\WaltherR_elster_2048.pfx
[2012.09.24 09:58:11 | 000,036,552 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avkmgr.sys
[2012.09.21 10:58:54 | 000,001,094 | ---- | M] () -- C:\Users\zr7driver\Desktop\Urlaubsplaner 2013 (Version 2.13) - Deutschland.lnk
[2012.09.18 10:15:17 | 000,000,969 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.09.14 12:09:37 | 000,001,900 | ---- | M] () -- C:\Users\Public\Desktop\Steuer-Sparer 2012.lnk
[2012.09.13 10:58:17 | 000,083,792 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avgntflt.sys
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.10.11 23:02:37 | 000,001,244 | ---- | C] () -- C:\Users\zr7driver\Desktop\Revo Uninstaller.lnk
[2012.10.07 10:04:28 | 000,538,327 | ---- | C] () -- C:\Users\zr7driver\Desktop\adwcleaner.exe
[2012.10.07 01:11:17 | 000,001,089 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.10.05 18:50:12 | 000,002,022 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2012.09.29 16:15:52 | 000,002,739 | ---- | C] () -- C:\Users\Public\Desktop\Steuer 2010.lnk
[2012.09.28 22:24:17 | 000,000,406 | ---- | C] () -- C:\Windows\tasks\Wise Care 365.job
[2012.09.28 21:41:07 | 000,001,124 | ---- | C] () -- C:\Users\Public\Desktop\Wise Care 365.lnk
[2012.09.27 21:12:39 | 000,010,495 | ---- | C] () -- C:\Users\zr7driver\WaltherR_elster_2048.pfx
[2012.09.21 10:58:54 | 000,001,094 | ---- | C] () -- C:\Users\zr7driver\Desktop\Urlaubsplaner 2013 (Version 2.13) - Deutschland.lnk
[2012.09.14 12:02:28 | 000,001,900 | ---- | C] () -- C:\Users\Public\Desktop\Steuer-Sparer 2012.lnk
[2012.07.29 10:59:44 | 000,000,017 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\resmon.resmoncfg
[2012.06.17 13:31:23 | 000,001,124 | ---- | C] () -- C:\Users\zr7driver\Unterammergau_2012.itn
[2012.06.17 13:29:59 | 000,023,945 | ---- | C] () -- C:\Users\zr7driver\Unterammergau_2012.kml
[2012.04.09 20:19:46 | 000,002,773 | ---- | C] () -- \ZR7DRIVER-PC.rtf
[2012.03.30 20:40:37 | 000,338,432 | ---- | C] () -- C:\Windows\System32\sqlite36_engine.dll
[2012.03.15 12:19:31 | 002,950,336 | ---- | C] () -- C:\Users\zr7driver\Kony2012_digital_kit.zip
[2012.02.01 05:41:45 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{4A4B9D26-AA08-4479-8413-EC94C1495FEA}
[2012.01.31 19:15:44 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2012.01.31 19:15:42 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2012.01.31 19:15:42 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2012.01.31 19:15:42 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2012.01.31 19:15:42 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
[2012.01.13 20:08:12 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{3ADCD066-1845-4420-813A-0152E185A562}
[2011.12.30 10:50:01 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{0766FBBE-1B10-4D18-B8FD-7921451DF9C6}
[2011.12.26 13:04:07 | 000,451,072 | ---- | C] () -- C:\Windows\System32\ISSRemoveSP.exe
[2011.12.25 23:49:46 | 000,110,080 | ---- | C] () -- C:\Windows\System32\advd.dll
[2011.12.25 23:49:46 | 000,023,040 | ---- | C] () -- C:\Windows\System32\auth.dll
[2011.12.25 23:49:44 | 000,559,104 | ---- | C] () -- C:\Windows\System32\lame.exe
[2011.12.25 23:49:44 | 000,237,568 | ---- | C] () -- C:\Windows\System32\lame_enc.dll
[2011.12.23 10:50:00 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{1C4F85BF-C25C-40D8-9072-C915C7610CF0}
[2011.12.23 10:02:20 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{DC88FA66-C4A7-4165-B3C1-62F961889D2F}
[2011.12.23 05:42:16 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{753738CE-CC9E-43C5-A535-266989FB1EB0}
[2011.12.22 21:15:10 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{56518DCC-6EA3-475B-8402-DCD2DBC03511}
[2011.12.22 10:50:00 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{CEC58609-76D2-4EA6-9531-7C3AA9E59D4E}
[2011.12.22 09:58:41 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{75C3B094-F8E5-49A6-B3F7-6EE5EC9B06A9}
[2011.12.13 10:50:01 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{36A7198A-B63C-4ED1-8E79-D6E1A01847BA}
[2011.12.13 10:04:48 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{43A6C6E7-5102-4D08-B831-D9FF396BBB74}
[2011.12.12 10:50:02 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{E93FDF79-0B6E-40E7-ACBB-3E68917B158A}
[2011.12.08 10:08:03 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{A4AFC9A3-D672-44ED-982A-467C3938BFE7}
[2011.12.07 09:54:52 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{E9BBF441-1A49-47C7-A653-236B5B3BBFA1}
[2011.12.04 07:22:12 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{AE7A2FF6-BC86-4981-A1CC-55430DF54232}
[2011.12.02 10:04:51 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{5CE40A7C-C86D-4574-AA9B-81AF3B3984FF}
[2011.12.01 21:19:21 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{A67ACE38-ADEE-449A-86E7-909D2DBA9B23}
[2011.12.01 10:06:14 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{A795E345-7B05-4BC3-80F5-8E145C4EDBA5}
[2011.11.30 21:01:54 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{46D14579-E7ED-4468-A4A1-010E6903B9D6}
[2011.11.29 10:50:01 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{15BAC503-F22F-4409-A44E-3EF0670584FA}
[2011.11.29 10:03:41 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{759C9C24-C460-4D61-9460-1EBF1E7E2F7F}
[2011.11.29 05:39:30 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{4D4D9BF3-9AC9-4895-9352-F90DC35855A6}
[2011.11.25 19:49:49 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{A36FD9B9-77B7-4AA3-88CD-916BA7ED3164}
[2011.11.23 19:32:37 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{0BF97707-9995-4474-AA26-C1B7A09F2755}
[2011.11.20 12:36:06 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{9A3933A9-ABB4-4DD1-BDF9-EE9E60064BA0}
[2011.11.14 11:03:11 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{D09CB122-FADC-444C-8947-C71A91EABD81}
[2011.11.14 10:50:03 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{60914264-77B5-4DF5-97B5-7C0FF0508A66}
[2011.10.10 11:33:41 | 000,000,097 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\fusioncache.dat
[2011.06.17 00:36:07 | 005,406,987 | ---- | C] () -- \RUU_signed.nbh
[2011.06.17 00:36:07 | 001,481,928 | ---- | C] () -- \task29.exe
[2011.06.17 00:36:07 | 001,449,160 | ---- | C] () -- \RUUResource.dll
[2011.06.17 00:36:07 | 000,213,864 | ---- | C] () -- \ModelID.fig
[2011.06.17 00:36:07 | 000,175,304 | ---- | C] () -- \rapitool.exe
[2011.06.17 00:36:07 | 000,141,368 | ---- | C] () -- \ErrorUSB.fig
[2011.06.17 00:36:07 | 000,095,552 | ---- | C] () -- \ErrorBattery.fig
[2011.06.17 00:36:07 | 000,013,512 | ---- | C] () -- \RUUGetInfo.exe
[2011.06.17 00:36:07 | 000,008,904 | ---- | C] () -- \EnterBootloader.exe
[2011.06.17 00:36:07 | 000,000,013 | ---- | C] () -- \ROMUpdateUtility.cfg
[2011.06.10 06:34:52 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2011.06.03 22:46:09 | 000,000,518 | ---- | C] () -- C:\Windows\wininit.ini
[2011.04.27 10:40:07 | 000,000,064 | ---- | C] () -- C:\Windows\System32\rp_stats.dat
[2011.04.27 10:40:07 | 000,000,044 | ---- | C] () -- C:\Windows\System32\rp_rules.dat
[2011.01.21 23:30:49 | 000,000,102 | ---- | C] () -- \qehjlhawlh
[2011.01.18 20:57:44 | 000,000,862 | ---- | C] () -- C:\Users\zr7driver\.recently-used.xbel
[2011.01.08 12:02:39 | 000,001,117 | ---- | C] () -- C:\Users\zr7driver\Dokumente - Verknüpfung.lnk
[2011.01.04 21:05:23 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll
[2010.12.26 00:18:10 | 000,000,064 | ---- | C] () -- C:\ProgramData\sandra.ldb
[2010.12.26 00:14:22 | 010,960,896 | ---- | C] () -- C:\ProgramData\sandra.mda
[2010.11.16 21:01:57 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
[2010.11.16 21:01:56 | 000,111,932 | ---- | C] () -- C:\Windows\System32\EPPICPrinterDB.dat
[2010.11.16 21:01:56 | 000,031,053 | ---- | C] () -- C:\Windows\System32\EPPICPattern131.dat
[2010.11.16 21:01:56 | 000,027,417 | ---- | C] () -- C:\Windows\System32\EPPICPattern121.dat
[2010.11.16 21:01:56 | 000,026,154 | ---- | C] () -- C:\Windows\System32\EPPICPattern1.dat
[2010.11.16 21:01:56 | 000,024,903 | ---- | C] () -- C:\Windows\System32\EPPICPattern3.dat
[2010.11.16 21:01:56 | 000,021,390 | ---- | C] () -- C:\Windows\System32\EPPICPattern5.dat
[2010.11.16 21:01:56 | 000,020,148 | ---- | C] () -- C:\Windows\System32\EPPICPattern2.dat
[2010.11.16 21:01:56 | 000,011,811 | ---- | C] () -- C:\Windows\System32\EPPICPattern4.dat
[2010.11.16 21:01:56 | 000,004,943 | ---- | C] () -- C:\Windows\System32\EPPICPattern6.dat
[2010.11.16 21:01:56 | 000,001,146 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_DU.dat
[2010.11.16 21:01:56 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_PT.dat
[2010.11.16 21:01:56 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_BP.dat
[2010.11.16 21:01:56 | 000,001,136 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_ES.dat
[2010.11.16 21:01:56 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_FR.dat
[2010.11.16 21:01:56 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_CF.dat
[2010.11.16 21:01:56 | 000,001,120 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_IT.dat
[2010.11.16 21:01:56 | 000,001,107 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_GE.dat
[2010.11.16 21:01:56 | 000,001,104 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_EN.dat
[2010.10.28 13:24:13 | 000,015,873 | ---- | C] () -- C:\Windows\System32\Inetde.dll
[2010.10.03 22:23:13 | 001,140,638 | ---- | C] () -- C:\Users\zr7driver\Backup LG GT540 Optimus 03.10.2010.mpb
[2010.10.02 22:02:25 | 000,000,360 | -H-- | C] () -- \IPH.PH
[2010.09.24 13:26:13 | 000,050,688 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.09.12 11:27:22 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.09.10 14:15:23 | 2616,643,584 | -HS- | C] () -- \hiberfil.sys
[2010.02.15 15:31:27 | 000,000,000 | RHS- | C] () -- \MSDOS.SYS
[2010.02.15 15:31:27 | 000,000,000 | RHS- | C] () -- \IO.SYS
[2009.07.14 04:04:04 | 000,000,024 | ---- | C] () -- \autoexec.bat
[2009.07.14 04:04:04 | 000,000,010 | ---- | C] () -- \config.sys
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
 
========== Purity Check ==========
 
 

< End of report >
--- --- ---

zr7driver 12.10.2012 10:40
OTL Logfile:
Code:
OTL logfile created on: 12.10.2012 11:21:03 - Run 2
OTL by OldTimer - Version 3.2.69.0    Folder = C:\Users\zr7driver\Desktop
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,25 Gb Total Physical Memory | 1,07 Gb Available Physical Memory | 33,02% Memory free
6,50 Gb Paging File | 3,23 Gb Available in Paging File | 49,77% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 910,41 Gb Total Space | 589,57 Gb Free Space | 64,76% Space Free | Partition Type: NTFS
Drive D: | 20,00 Gb Total Space | 10,36 Gb Free Space | 51,80% Space Free | Partition Type: NTFS
 
Computer Name: ZR7DRIVER-PC | User Name: zr7driver | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.10.10 19:57:07 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\zr7driver\Desktop\OTL.exe
PRC - [2012.10.09 11:34:07 | 001,807,800 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe
PRC - [2012.09.25 11:00:45 | 000,084,256 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2012.09.25 10:54:05 | 000,554,784 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe
PRC - [2012.09.25 10:52:56 | 000,108,320 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.09.24 17:24:20 | 001,161,768 | ---- | M] (WiseCleaner.com) -- C:\Programme\Wise\Wise Care 365\WiseTray.exe
PRC - [2012.09.19 19:20:40 | 000,079,136 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2012.09.18 01:07:45 | 000,212,432 | ---- | M] (Google Inc.) -- C:\Programme\Google\Update\1.3.21.123\GoogleCrashHandler.exe
PRC - [2012.09.12 16:47:44 | 000,388,576 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Thunderbird\thunderbird.exe
PRC - [2012.09.07 18:31:51 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe
PRC - [2012.08.31 02:52:22 | 000,021,432 | ---- | M] () -- C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
PRC - [2012.08.31 02:52:12 | 000,964,024 | ---- | M] (Samsung) -- C:\Programme\Samsung\Kies\Kies.exe
PRC - [2012.08.21 11:12:26 | 004,282,728 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastUI.exe
PRC - [2012.08.21 11:12:25 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe
PRC - [2012.08.13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.07.25 04:08:10 | 026,909,544 | ---- | M] (Dropbox, Inc.) -- C:\Users\zr7driver\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2012.07.17 22:31:18 | 000,776,088 | ---- | M] () -- C:\Programme\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
PRC - [2012.07.17 22:31:18 | 000,116,632 | ---- | M] () -- C:\Programme\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
PRC - [2012.07.02 16:02:28 | 004,473,728 | ---- | M] (IObit) -- C:\Programme\IObit\IObit Malware Fighter\IMF.exe
PRC - [2012.05.31 15:00:22 | 000,445,624 | ---- | M] (Sony) -- C:\Programme\Sony\Sony PC Companion\PCCompanion.exe
PRC - [2012.04.30 11:57:42 | 000,067,072 | ---- | M] () -- C:\Programme\Sony\Sony PC Companion\PCCompanionInfo.exe
PRC - [2012.03.23 14:25:24 | 000,087,040 | ---- | M] () -- C:\Programme\HTC\Internet Pass-Through\PassThruSvr.exe
PRC - [2012.01.23 06:43:08 | 000,092,592 | ---- | M] (TomTom) -- C:\Programme\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2012.01.09 20:17:44 | 000,821,592 | ---- | M] (IObit) -- C:\Programme\IObit\IObit Malware Fighter\IMFsrv.exe
PRC - [2011.09.02 16:06:38 | 000,065,657 | ---- | M] (Motorola) -- C:\Programme\Motorola\MotForwardDaemon\ForwardDaemon.exe
PRC - [2011.05.24 11:33:30 | 001,840,128 | ---- | M] (MAGIX AG) -- C:\Programme\Common Files\MAGIX Services\Database\bin\FABS.exe
PRC - [2011.03.10 20:57:04 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft\BingBar\SeaPort.EXE
PRC - [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2011.02.24 19:07:06 | 000,470,120 | ---- | M] () -- C:\Programme\Acronis\DriveMonitor\adm_tray.exe
PRC - [2011.02.12 07:43:02 | 000,660,576 | ---- | M] (Acronis) -- C:\Programme\Common Files\Acronis\Schedule2\schedul2.exe
PRC - [2011.02.12 07:40:50 | 000,365,632 | ---- | M] (Acronis) -- C:\Programme\Common Files\Acronis\Schedule2\schedhlp.exe
PRC - [2011.01.07 22:06:12 | 000,803,432 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\Display\NvXDSync.exe
PRC - [2011.01.05 12:31:34 | 000,399,416 | ---- | M] (Secunia) -- C:\Programme\Secunia\PSI\sua.exe
PRC - [2011.01.05 12:31:32 | 000,988,216 | ---- | M] (Secunia) -- C:\Programme\Secunia\PSI\psia.exe
PRC - [2010.11.20 14:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2010.11.20 14:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010.11.20 14:17:41 | 001,174,016 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Sidebar\sidebar.exe
PRC - [2010.11.05 17:11:52 | 000,081,920 | R--- | M] (Nero AG) -- C:\Programme\Motorola Media Link\NServiceEntry.exe
PRC - [2010.09.15 10:11:22 | 000,339,312 | ---- | M] (Haufe-Lexware GmbH & Co. KG) -- C:\Programme\Common Files\Lexware\Update Manager\LxUpdateManager.exe
PRC - [2010.04.05 21:55:01 | 000,116,104 | ---- | M] () -- C:\Programme\Canon\IJPLM\ijplmsvc.exe
PRC - [2010.04.02 11:18:54 | 001,185,112 | ---- | M] (CANON INC.) -- C:\Programme\Canon\Solution Menu EX\CNSEMAIN.EXE
PRC - [2010.03.25 03:50:00 | 002,516,296 | ---- | M] (CANON INC.) -- C:\Programme\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2009.12.24 12:17:20 | 000,100,152 | ---- | M] (MICRO-STAR INT'L,.LTD.) -- C:\Programme\msi\OSD hot keys\WMI_Hook_Service.exe
PRC - [2009.07.28 16:07:42 | 000,073,528 | ---- | M] (AVM Berlin) -- C:\Programme\FRITZ!DSL\IGDCTRL.EXE
PRC - [2009.07.27 11:38:46 | 000,987,960 | ---- | M] (AVM Berlin) -- C:\Programme\FRITZ!DSL\FritzDsl.exe
PRC - [2009.07.23 14:13:10 | 000,066,824 | ---- | M] (Raxco Software, Inc.) -- C:\Programme\Raxco\PerfectDisk10\PDAgentS1.exe
PRC - [2009.07.23 14:13:08 | 000,931,080 | ---- | M] (Raxco Software, Inc.) -- C:\Programme\Raxco\PerfectDisk10\PDAgent.exe
PRC - [2009.07.20 11:01:00 | 000,760,120 | ---- | M] (AVM Berlin) -- C:\Programme\FRITZ!DSL\StCenter.exe
PRC - [2009.07.14 03:14:21 | 000,294,400 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\ink\InputPersonalization.exe
PRC - [2009.06.03 21:59:02 | 000,103,720 | ---- | M] (CyberLink) -- C:\Programme\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2009.04.09 12:45:26 | 001,061,688 | ---- | M] (AVM Berlin) -- C:\Programme\FRITZ!DSL\FwebProt.exe
PRC - [2009.01.26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Programme\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2008.11.09 22:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Programme\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008.10.24 16:35:44 | 000,128,296 | ---- | M] () -- C:\Programme\AAVUpdateManager\aavus.exe
PRC - [2008.06.13 14:24:02 | 000,081,920 | ---- | M] (Firebird Project) -- C:\Programme\Firebird\Firebird_2_1\bin\fbguard.exe
PRC - [2008.06.13 14:22:50 | 002,723,840 | ---- | M] (Firebird Project) -- C:\Programme\Firebird\Firebird_2_1\bin\fbserver.exe
PRC - [2007.12.27 15:39:30 | 000,166,520 | ---- | M] () -- C:\Programme\IVT Corporation\BlueSoleil\BTNtService.exe
PRC - [2007.12.27 15:39:20 | 000,051,816 | ---- | M] () -- C:\Programme\IVT Corporation\BlueSoleil\StartSkysolSvc.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.10.12 09:13:01 | 000,115,137 | ---- | M] () -- C:\Users\zr7driver\AppData\Local\Temp\fbe2808e-2380-4f14-a1fa-3fa9c3a364e8\CliSecureRT.dll
MOD - [2012.10.09 11:34:06 | 009,814,968 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32_11_4_402_287.dll
MOD - [2012.09.15 18:54:57 | 015,399,936 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Theme\002b4b1af5f8145bf6b6afe21d4f1db2\Kies.Theme.ni.dll
MOD - [2012.09.15 18:54:56 | 000,608,256 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DevicePodcast\de1a504d1535e5005fbae8f6a4d97ce5\DevicePodcast.ni.dll
MOD - [2012.09.15 18:54:54 | 000,290,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceVideo\ee12ab3bf308cbe22f373afbddf0be6b\DeviceVideo.ni.dll
MOD - [2012.09.15 18:54:52 | 000,367,104 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DevicePhoto\e5e58a020638d28d3740195f1d0738da\DevicePhoto.ni.dll
MOD - [2012.09.15 18:54:51 | 000,299,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceMusic\0377dd6ed6a5e92a0b8d6eb7d0b64f79\DeviceMusic.ni.dll
MOD - [2012.09.15 18:54:50 | 000,461,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\VideoManager\23e80240003377b6412081a4523943fe\VideoManager.ni.dll
MOD - [2012.09.15 18:54:48 | 002,778,112 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PodcastService\23fd65cd04b03d19931758d7472e38a4\PodcastService.ni.dll
MOD - [2012.09.15 18:54:45 | 001,143,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Podcaster\65018f5e3da23293d642168f7b132d40\Podcaster.ni.dll
MOD - [2012.09.15 18:54:42 | 000,607,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PhotoManager\e96a4bd6a51ec7762f15f9bc64c6c33a\PhotoManager.ni.dll
MOD - [2012.09.15 18:54:16 | 000,033,792 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\deb1e04d94f18bc88afabf744c5d87aa\Kies.Common.DeviceServiceLib.FirmwareUpdate.FirmwareUpdateAgentHelper.ni.dll
MOD - [2012.09.15 18:54:14 | 005,677,568 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceHost\64d3040868aba797c48f608f5361e5bc\DeviceHost.ni.dll
MOD - [2012.09.15 18:53:59 | 001,843,712 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Phonebook\1bedf64dbdd091ac8dceee7cbfd84a88\Phonebook.ni.dll
MOD - [2012.09.15 18:53:50 | 001,008,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CPKTMusicPlugin\f73c846c21b32d8e446f08fe7bf0b75a\CPKTMusicPlugin.ni.dll
MOD - [2012.09.15 18:53:47 | 000,964,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\MusicManager\dc5b622e73080b69c1c63606f283b795\MusicManager.ni.dll
MOD - [2012.09.15 18:53:41 | 000,320,512 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\EBookManager\e5c8f9e08db50fb625c029361147f47e\EBookManager.ni.dll
MOD - [2012.09.15 18:53:39 | 000,391,168 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\BATPlugin\ed8a6670f7dbe1ae78aa091a0935fb87\BATPlugin.ni.dll
MOD - [2012.09.15 18:53:38 | 000,031,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\AllShareController\c209d4b3c25507564757710f6d4a4570\AllShareController.ni.dll
MOD - [2012.09.15 18:53:37 | 000,507,392 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.MediaDB\25823a7264f74e67158031f485c0bb23\Kies.Common.MediaDB.ni.dll
MOD - [2012.09.15 18:53:37 | 000,029,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.StoreMa#\d9eca4746981ac218c1dbe0c131ce108\Kies.Common.StoreManager.ni.dll
MOD - [2012.09.15 18:53:35 | 000,232,960 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\ASF_cSharpAPI\81bb58061bcd2a4c3bf4136abe041d20\ASF_cSharpAPI.ni.dll
MOD - [2012.09.15 18:53:35 | 000,064,000 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.AllShare\065aa3ca107d7b3d679a5f408e535239\Kies.Common.AllShare.ni.dll
MOD - [2012.09.15 18:53:34 | 000,278,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\1f13cee7982e84f07cff152618950b20\Kies.Common.DeviceServiceLib.FirmwareUpdate.Common.ni.dll
MOD - [2012.09.15 18:53:32 | 000,189,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\57b7389241c36caa1d2132d68eddedda\Kies.Common.DeviceServiceLib.FirmwareUpdate.Downloader.ni.dll
MOD - [2012.09.15 18:53:32 | 000,174,592 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.DevFileServ#\170b754ba9dcd78ee0b06a32af4a7c1f\Interop.DevFileServiceLib.ni.dll
MOD - [2012.09.15 18:53:31 | 000,565,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\4b033da616a5e8e2b9ebe95342e9cf0d\Kies.Common.DeviceServiceLib.FileService.ni.dll
MOD - [2012.09.15 18:53:29 | 000,566,784 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\bf6e9c84dd994fef46819ed3bd9fa934\Kies.Common.DeviceServiceLib.DeviceDataService.ni.dll
MOD - [2012.09.15 18:53:26 | 000,184,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\e1837e9c63789850168d0bb76826128d\Kies.Common.DeviceServiceLib.Interface.ni.dll
MOD - [2012.09.15 18:53:25 | 000,902,656 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\4f549b26003474662ef7e2f3be9e3dd3\Kies.Common.DeviceServiceLib.DeviceManagement.ni.dll
MOD - [2012.09.15 18:53:23 | 001,025,536 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\60c16bc46e86b9a852e71968dc63d9c7\Kies.Common.DeviceService.ni.dll
MOD - [2012.09.15 18:53:20 | 000,052,224 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.MP3FileInfo#\c99811c6a988ca6c2104a5b45acbddbb\Interop.MP3FileInfoCOMLib.ni.dll
MOD - [2012.09.15 18:53:20 | 000,030,720 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.PRPLAYERCOR#\25dc31b1903a3689788caf51d3d93f97\Interop.PRPLAYERCORELib.ni.dll
MOD - [2012.09.15 18:53:19 | 002,188,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.Multime#\923e655c1069f7faa553275eb2e6763c\Kies.Common.Multimedia.ni.dll
MOD - [2012.09.15 18:53:15 | 000,183,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.MainUI\4603ed01ff960f6d861f798e826c9442\Kies.Common.MainUI.ni.dll
MOD - [2012.09.15 18:53:13 | 000,067,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DBManag#\dcc3307fb870292826318142cf4fa8aa\Kies.Common.DBManager.ni.dll
MOD - [2012.09.15 18:53:12 | 000,201,728 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.Util\b0cec9954e5583399b377b65a469a74c\Kies.Common.Util.ni.dll
MOD - [2012.09.15 18:53:11 | 001,437,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Locale\c4f56538bb1d5921690a486bf052e30b\Kies.Locale.ni.dll
MOD - [2012.09.15 18:53:10 | 000,078,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.MVVM\afa8de1e7aabde98f9a5fec1abdb9a05\Kies.MVVM.ni.dll
MOD - [2012.09.15 18:53:09 | 001,728,512 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.UI\7a0eb5bc5decef8dc1ef9dd3bca3b4d4\Kies.UI.ni.dll
MOD - [2012.09.15 18:53:06 | 000,119,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\GongSolutions.Wpf.D#\3f6f79987f17c00edce423932abd1cf2\GongSolutions.Wpf.DragDrop.ni.dll
MOD - [2012.09.15 18:53:04 | 001,185,280 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Interface\0a26df964bb433ab607743b20c7704f7\Kies.Interface.ni.dll
MOD - [2012.09.15 18:53:02 | 001,674,240 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies\41f4faf4ff2ba56c26252d6069ceff76\Kies.ni.exe
MOD - [2012.09.12 16:47:45 | 002,061,280 | ---- | M] () -- C:\Programme\Mozilla Thunderbird\mozjs.dll
MOD - [2012.09.12 16:47:45 | 000,157,664 | ---- | M] () -- C:\Programme\Mozilla Thunderbird\nsldap32v60.dll
MOD - [2012.09.12 16:47:45 | 000,021,984 | ---- | M] () -- C:\Programme\Mozilla Thunderbird\nsldappr32v60.dll
MOD - [2012.09.07 18:31:49 | 002,244,064 | ---- | M] () -- C:\Programme\Mozilla Firefox\mozjs.dll
MOD - [2012.08.31 02:52:22 | 000,021,432 | ---- | M] () -- C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
MOD - [2012.07.17 22:31:18 | 000,776,088 | ---- | M] () -- C:\Programme\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
MOD - [2012.07.17 10:56:14 | 000,587,776 | ---- | M] () -- C:\Programme\Sony\Sony PC Companion\PhoneUpdate.dll
MOD - [2012.06.13 09:05:50 | 000,221,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\26e0457a9776a0e9f23e3986686d90a5\System.ServiceProcess.ni.dll
MOD - [2012.06.13 08:59:44 | 000,593,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Messaging\2b4d6976393bf5643a4ef2d8dffdf75b\System.Messaging.ni.dll
MOD - [2012.06.13 08:54:18 | 011,833,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\a501b7960f6c6e2e39162b83f3303aaa\System.Web.ni.dll
MOD - [2012.06.13 08:53:22 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll
MOD - [2012.06.13 08:52:58 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll
MOD - [2012.06.13 05:36:30 | 013,198,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\00a4922fbf869a79c043b665035516b6\System.Windows.Forms.ni.dll
MOD - [2012.06.13 05:26:03 | 018,019,840 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\d239f585ee55f833dbe21e897e1265ac\PresentationFramework.ni.dll
MOD - [2012.06.13 05:25:46 | 011,522,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\b7de318e9fd1ef519ca6c1f3b5dba8e0\PresentationCore.ni.dll
MOD - [2012.06.13 05:25:32 | 003,881,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\a6e37a05b8d0cedbc5c3ea266ae3fc31\WindowsBase.ni.dll
MOD - [2012.06.13 05:25:27 | 001,666,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\4230ed1c7990e4ee8352baf67a2a85fa\System.Drawing.ni.dll
MOD - [2012.06.03 09:36:31 | 000,032,256 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.OGGFileInfo#\cbeefee33636e0d0be226cf11e180ba3\Interop.OGGFileInfoCOMLib.ni.dll
MOD - [2012.06.03 09:36:30 | 000,171,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.P3MPINTERFA#\b0b31095249cec5ef5c0407fa6b7fc22\Interop.P3MPINTERFACECTRLLib.ni.dll
MOD - [2012.06.03 09:36:22 | 000,395,776 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CabLib\6265ffca46eab52d5f798847b5ea908c\CabLib.ni.dll
MOD - [2012.06.03 09:36:21 | 000,530,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\ICSharpCode.SharpZi#\2d7161baa59dd2c1c39f4a192d760e7d\ICSharpCode.SharpZipLib.ni.dll
MOD - [2012.06.03 09:36:20 | 000,052,224 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.DeviceSearc#\9a6bad5be6518d4a975893676a49a82c\Interop.DeviceSearchLib.ni.dll
MOD - [2012.05.24 11:50:32 | 000,203,776 | ---- | M] () -- C:\Programme\Sony\Sony PC Companion\MExplorer.dll
MOD - [2012.05.09 10:46:49 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
MOD - [2012.05.09 10:46:41 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll
MOD - [2012.05.09 10:46:36 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
MOD - [2012.05.09 10:45:27 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
MOD - [2012.05.09 10:26:42 | 001,218,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\d0e1cdaff8f9055187f8e7b52c060dff\System.Management.ni.dll
MOD - [2012.05.09 10:21:00 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\63bc6e391de5014965039e100ce1e9d5\System.Runtime.Remoting.ni.dll
MOD - [2012.05.09 10:20:41 | 001,782,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\b68bee05c7e518172982cc92059c3315\System.Xaml.ni.dll
MOD - [2012.05.09 10:12:43 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\608d29d7cc89f3a9a195c91354561915\PresentationFramework.Aero.ni.dll
MOD - [2012.05.09 10:08:26 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\a84262e1224189f93e10cd3c403a9527\System.Configuration.ni.dll
MOD - [2012.05.09 10:08:13 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\9abe44a0f82070ead5f1256683a4d25a\System.Xml.ni.dll
MOD - [2012.05.09 10:07:42 | 007,069,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\09bd2126bba2ab4f29ed52afde1470d7\System.Core.ni.dll
MOD - [2012.05.09 10:07:30 | 009,092,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\a6be120e49f895ef6b00e9918402395b\System.ni.dll
MOD - [2012.05.09 10:07:19 | 014,414,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\c1af4ec9a36f671617a8ecaec00373f4\mscorlib.ni.dll
MOD - [2012.04.30 11:57:42 | 000,067,072 | ---- | M] () -- C:\Programme\Sony\Sony PC Companion\PCCompanionInfo.exe
MOD - [2012.04.30 11:57:42 | 000,039,936 | ---- | M] () -- C:\Programme\Sony\Sony PC Companion\TMonitorAPI.dll
MOD - [2012.04.04 14:33:24 | 000,139,776 | ---- | M] () -- C:\Programme\Sony\Sony PC Companion\CAgdLNotes.dll
MOD - [2012.03.16 12:51:02 | 000,188,416 | ---- | M] () -- C:\Programme\Sony\Sony PC Companion\CAgdOutlook.dll
MOD - [2012.02.17 20:55:35 | 000,166,912 | ---- | M] () -- C:\Programme\WinRAR\RarExt.dll
MOD - [2012.02.13 09:53:50 | 000,086,016 | ---- | M] () -- C:\Programme\Sony\Sony PC Companion\CalEngine.dll
MOD - [2011.07.07 14:54:36 | 000,233,984 | ---- | M] () -- C:\Programme\Sony\Sony PC Companion\Report.dll
MOD - [2011.02.24 19:07:06 | 000,470,120 | ---- | M] () -- C:\Programme\Acronis\DriveMonitor\adm_tray.exe
MOD - [2011.02.24 18:39:44 | 000,012,128 | ---- | M] () -- C:\Programme\Common Files\Acronis\DriveMonitor\Common\icudt38.dll
MOD - [2010.11.13 01:19:04 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010.09.14 15:01:00 | 000,212,992 | ---- | M] () -- C:\Programme\Sony\Sony PC Companion\VistaCalendar.dll
MOD - [2010.01.11 16:44:54 | 000,053,248 | ---- | M] () -- C:\Programme\Sony\Sony PC Companion\VObject.dll
MOD - [2009.06.03 21:59:14 | 000,013,096 | ---- | M] () -- C:\Programme\CyberLink\Power2Go\CLMLSvcPS.dll
MOD - [2009.06.03 21:59:02 | 000,619,816 | ---- | M] () -- C:\Programme\CyberLink\Power2Go\CLMediaLibrary.dll
MOD - [2009.02.04 12:08:06 | 000,207,872 | ---- | M] () -- C:\Programme\FRITZ!DSL\C90dll.dll
 
 
========== Services (SafeList) ==========
 
SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SBSDWSCService)
SRV - [2012.10.09 11:34:18 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.09.25 11:00:45 | 000,084,256 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.09.25 10:54:05 | 000,554,784 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe -- (AntiVirWebService)
SRV - [2012.09.25 10:52:56 | 000,108,320 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.09.07 18:31:50 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.08.21 11:12:25 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Programme\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012.08.13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.07.17 22:31:18 | 000,116,632 | ---- | M] () [Auto | Running] -- C:\Programme\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe -- (Motorola Device Manager)
SRV - [2012.07.17 15:25:28 | 000,580,648 | ---- | M] (WiseCleaner.com) [Auto | Stopped] -- C:\Programme\Wise\Wise Care 365\BootTime.exe -- (WiseBootAssistant)
SRV - [2012.07.03 13:19:28 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.03.23 14:25:24 | 000,087,040 | ---- | M] () [Auto | Running] -- C:\Programme\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service)
SRV - [2012.01.23 06:43:08 | 000,092,592 | ---- | M] (TomTom) [Auto | Running] -- C:\Programme\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2012.01.18 14:38:28 | 000,155,320 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Programme\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion)
SRV - [2012.01.09 20:17:44 | 000,821,592 | ---- | M] (IObit) [Auto | Running] -- C:\Programme\IObit\IObit Malware Fighter\IMFsrv.exe -- (IMFservice)
SRV - [2011.09.02 16:06:38 | 000,065,657 | ---- | M] (Motorola) [Auto | Running] -- C:\Programme\Motorola\MotForwardDaemon\ForwardDaemon.exe -- (PST Service)
SRV - [2011.05.26 14:34:34 | 000,191,752 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Programme\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011.05.24 11:33:30 | 001,840,128 | ---- | M] (MAGIX AG) [Auto | Running] -- C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs)
SRV - [2011.04.26 14:54:12 | 002,702,848 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Programme\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
SRV - [2011.03.21 13:21:24 | 000,632,832 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2011.03.10 20:57:04 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2011.02.12 07:43:02 | 000,660,576 | ---- | M] (Acronis) [Auto | Running] -- C:\Programme\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2011.01.05 12:31:34 | 000,399,416 | ---- | M] (Secunia) [Auto | Running] -- C:\Programme\Secunia\PSI\sua.exe -- (Secunia Update Agent)
SRV - [2011.01.05 12:31:32 | 000,988,216 | ---- | M] (Secunia) [Auto | Running] -- C:\Programme\Secunia\PSI\psia.exe -- (Secunia PSI Agent)
SRV - [2010.11.20 14:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2010.11.05 17:11:52 | 000,081,920 | R--- | M] (Nero AG) [Auto | Running] -- C:\Programme\Motorola Media Link\NServiceEntry.exe -- (DeviceMonitorService)
SRV - [2010.04.28 07:44:02 | 000,704,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
SRV - [2010.04.05 21:55:01 | 000,116,104 | ---- | M] () [Auto | Running] -- C:\Programme\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2009.12.24 12:17:20 | 000,100,152 | ---- | M] (MICRO-STAR INT'L,.LTD.) [Auto | Running] -- C:\Programme\msi\OSD hot keys\WMI_Hook_Service.exe -- (WMI_Hook_Service)
SRV - [2009.08.24 22:16:36 | 000,406,016 | ---- | M] (mst software GmbH, Germany) [On_Demand | Stopped] -- C:\Programme\Ashampoo\Ashampoo WinOptimizer 2012\DfSdkS.exe -- (DfSdkS)
SRV - [2009.08.18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2009.08.10 15:58:28 | 000,093,848 | ---- | M] (SiSoftware) [On_Demand | Stopped] -- C:\Programme\SiSoftware\SiSoftware Sandra Lite 2011b\RpcAgentSrv.exe -- (SandraAgentSrv)
SRV - [2009.07.28 16:07:42 | 000,073,528 | ---- | M] (AVM Berlin) [Auto | Running] -- C:\Programme\FRITZ!DSL\IGDCTRL.EXE -- (IGDCTRL)
SRV - [2009.07.23 14:13:12 | 001,033,480 | ---- | M] (Raxco Software, Inc.) [On_Demand | Stopped] -- C:\Programme\Raxco\PerfectDisk10\PDEngine.exe -- (PDEngine)
SRV - [2009.07.23 14:13:08 | 000,931,080 | ---- | M] (Raxco Software, Inc.) [Auto | Running] -- C:\Programme\Raxco\PerfectDisk10\PDAgent.exe -- (PDAgent)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008.11.09 22:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Programme\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008.10.24 16:35:44 | 000,128,296 | ---- | M] () [Auto | Running] -- C:\Programme\AAVUpdateManager\aavus.exe -- (AAV UpdateService)
SRV - [2008.06.13 14:24:02 | 000,081,920 | ---- | M] (Firebird Project) [Auto | Running] -- C:\Programme\Firebird\Firebird_2_1\bin\fbguard.exe -- (FirebirdGuardianDefaultInstance)
SRV - [2008.06.13 14:22:50 | 002,723,840 | ---- | M] (Firebird Project) [On_Demand | Running] -- C:\Programme\Firebird\Firebird_2_1\bin\fbserver.exe -- (FirebirdServerDefaultInstance)
SRV - [2007.12.27 15:39:30 | 000,166,520 | ---- | M] () [Auto | Running] -- C:\Programme\IVT Corporation\BlueSoleil\BTNtService.exe -- (BlueSoleil Hid Service)
SRV - [2007.12.27 15:39:20 | 000,051,816 | ---- | M] () [Auto | Running] -- C:\Programme\IVT Corporation\BlueSoleil\StartSkysolSvc.exe -- (Start BT in service)
SRV - [2007.05.31 09:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007.05.31 09:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2003.07.28 12:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbmodem.sys -- (USBModem)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbdiag.sys -- (UsbDiag)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbbus.sys -- (usbbus)
DRV - File not found [Kernel | System | Stopped] -- C:\Windows\system32\drivers\SBREdrv.sys -- (SBRE)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\motodrv.sys -- (MotDev)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\motoandroid.sys -- (motandroidusb)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\ZR7DRI~1\AppData\Local\Temp\mfe_rr.sys -- (MFE_RR)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\C10F.tmp -- (MEMSWEEP2)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgbtbus.sys -- (lgbusenum)
DRV - File not found [File_System | Boot | Stopped] -- system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2012.10.01 17:14:23 | 000,134,184 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2012.09.24 09:58:11 | 000,036,552 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2012.09.13 10:58:17 | 000,083,792 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2012.08.28 19:41:29 | 000,025,200 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggsemc.sys -- (ggsemc)
DRV - [2012.08.28 19:41:29 | 000,012,400 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggflt.sys -- (ggflt)
DRV - [2012.08.21 11:13:15 | 000,729,752 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012.08.21 11:13:15 | 000,355,632 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012.08.21 11:13:15 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012.08.21 11:13:14 | 000,058,680 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2012.08.21 11:13:14 | 000,044,784 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2012.08.21 11:13:13 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012.07.31 12:42:48 | 000,181,344 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudserd.sys -- (ssudserd)
DRV - [2012.07.31 12:42:48 | 000,181,344 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudmdm.sys -- (ssudmdm)
DRV - [2012.07.31 12:42:48 | 000,083,168 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudbus.sys -- (dg_ssudbus)
DRV - [2012.07.05 13:53:38 | 000,019,832 | ---- | M] (IObit.com) [Kernel | On_Demand | Running] -- C:\Programme\IObit\IObit Malware Fighter\Drivers\win7_x86\UrlFilter.sys -- (UrlFilter)
DRV - [2012.07.05 13:53:36 | 000,030,640 | ---- | M] (IObit.com) [Kernel | On_Demand | Running] -- C:\Programme\IObit\IObit Malware Fighter\Drivers\win7_x86\RegFilter.sys -- (RegFilter)
DRV - [2012.06.11 11:56:32 | 000,020,864 | ---- | M] (Motorola Mobility Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motccgp.sys -- (motccgp)
DRV - [2012.06.08 16:09:10 | 000,023,808 | ---- | M] (Motorola Mobility Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Motousbnet.sys -- (Motousbnet)
DRV - [2012.06.08 16:08:52 | 000,006,656 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motswch.sys -- (MotoSwitchService)
DRV - [2012.06.08 16:08:26 | 000,024,576 | ---- | M] (Motorola Mobility Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motmodem.sys -- (motmodem)
DRV - [2012.03.07 03:11:00 | 000,025,856 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandnetadb.sys -- (andnetadb)
DRV - [2012.03.02 16:02:00 | 000,025,088 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandmodem.sys -- (ANDModem)
DRV - [2012.03.02 16:02:00 | 000,020,736 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lganddiag.sys -- (AndDiag)
DRV - [2012.03.02 16:02:00 | 000,020,096 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandgps.sys -- (AndGps)
DRV - [2012.03.02 16:02:00 | 000,014,336 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandbus.sys -- (Andbus)
DRV - [2012.02.07 17:46:02 | 000,024,328 | ---- | M] (CPUID) [Kernel | On_Demand | Stopped] -- C:\Programme\CPUID\PC Wizard 2012\pcwiz_x32.sys -- (cpuz135)
DRV - [2012.01.25 14:57:46 | 000,008,448 | ---- | M] (Motorola Mobility Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motccgpfl.sys -- (motccgpfl)
DRV - [2012.01.05 18:07:20 | 000,020,336 | ---- | M] (IObit) [File_System | On_Demand | Running] -- C:\Programme\IObit\IObit Malware Fighter\Drivers\win7_x86\FileMonitor.sys -- (FileMonitor)
DRV - [2011.11.08 13:59:04 | 000,011,008 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motusbdevice.sys -- (motusbdevice)
DRV - [2011.01.08 05:27:00 | 010,467,656 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2010.12.13 05:59:14 | 000,036,360 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\blueletaudio.sys -- (BlueletAudio)
DRV - [2010.12.13 05:45:42 | 000,036,616 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btcusb.sys -- (Btcsrusb)
DRV - [2010.12.12 21:40:51 | 000,032,392 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VcommMgr.sys -- (VcommMgr)
DRV - [2010.12.12 21:34:13 | 000,014,856 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VComm.sys -- (VComm)
DRV - [2010.12.02 15:13:30 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2010.12.02 15:13:28 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2010.12.02 15:13:26 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2010.12.02 15:13:22 | 000,018,304 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2010.12.01 11:51:53 | 000,110,304 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\ACEDRV09.sys -- (ACEDRV09)
DRV - [2010.11.20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.11.20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WINUSB)
DRV - [2010.09.01 10:30:58 | 000,015,544 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\psi_mf.sys -- (PSI)
DRV - [2010.06.23 10:24:56 | 000,023,040 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\htcnprot.sys -- (htcnprot)
DRV - [2010.04.01 10:13:38 | 001,009,184 | ---- | M] (Realtek Semiconductor Corporation                          ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rtl8192se.sys -- (rtl8192se)
DRV - [2010.03.12 18:22:18 | 000,081,920 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ser2pl.sys -- (Ser2pl)
DRV - [2009.12.22 14:43:16 | 001,558,368 | ---- | M] (NXP Semiconductors Germany GmbH) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NxpCap.sys -- (NxpCap)
DRV - [2009.10.29 12:20:40 | 000,010,360 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hidkmdf.sys -- (hidkmdf)
DRV - [2009.10.29 12:20:38 | 000,022,392 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NW1950.sys -- (NW1950)
DRV - [2009.10.26 17:54:26 | 000,025,088 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ANDROIDUSB.sys -- (HTCAND32)
DRV - [2009.08.08 00:46:56 | 000,023,112 | ---- | M] (SiSoftware) [Kernel | On_Demand | Stopped] -- C:\Programme\SiSoftware\SiSoftware Sandra Lite 2011b\WNt500x86\sandra.sys -- (SANDRA)
DRV - [2009.06.30 17:32:54 | 000,212,000 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\nvstor32.sys -- (nvstor32)
DRV - [2009.06.29 00:36:36 | 000,017,920 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2009.06.08 10:00:56 | 000,071,696 | ---- | M] (Raxco Software, Inc.) [File_System | Auto | Running] -- C:\Windows\System32\drivers\DefragFs.sys -- (DefragFS)
DRV - [2009.06.05 01:47:48 | 000,024,608 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\nvamacpi.sys -- (nvamacpi)
DRV - [2009.01.29 18:11:20 | 000,006,016 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motfilt.sys -- (BTCFilterService)
DRV - [2008.08.26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007.06.24 21:56:40 | 000,027,656 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\BlueletSCOAudio.sys -- (BlueletSCOAudio)
DRV - [2007.03.05 20:59:04 | 000,018,320 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btnetdrv.sys -- (BT)
DRV - [2007.03.05 20:56:18 | 000,035,600 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\BtHidMgr.sys -- (BTHidMgr)
DRV - [2007.03.05 20:55:12 | 000,020,880 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\VBTEnum.sys -- (BTHidEnum)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\URLSearchHook:  - No CLSID value found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope =
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{095C1A85-7264-4B56-BB5A-783E8E888AB2}: "URL" = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=302398&p={searchTerms}
IE - HKCU\..\SearchScopes\{0A5C582A-2E0F-45B4-A278-5CC42B563211}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=kw&q={searchTerms}&locale=&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^YY^DE&apn_uid=b270a8c8-c838-4580-968b-86c69f2550a3&apn_sauid=74ACD6B1-898A-4431-99F3-0D200D08CED2
IE - HKCU\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
IE - HKCU\..\SearchScopes\{D73A46A4-5C66-4286-8399-9A51DF36E0A0}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=MEDTDF&pc=MAMD&src=IE-SearchBox
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1166636.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi:  File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=4.0: C:\Program Files\Virtual Earth 3D\ [2011.06.18 18:41:42 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00: C:\Program Files\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.2.72: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.2.72: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.2.72: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.2.72: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.2.72: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: C:\Program Files\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.3: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1: C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll (Yahoo! Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2011.05.22 21:16:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012.02.28 18:48:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Program Files\AVG\AVG2012\Firefox\DoNotTrack\ [2012.05.01 15:59:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012.08.27 14:18:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.07 18:31:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.07 18:31:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.07 18:31:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.07 18:31:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.07 18:31:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.07 18:31:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.07 18:31:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.07 18:31:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.07 18:31:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.07 18:31:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.07 18:31:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.07 18:31:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.07 18:31:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 15.0.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.06.21 05:20:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2011.05.22 21:16:30 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.07 18:31:51 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.07 18:31:51 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.07 18:31:51 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.09.07 18:31:51 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
 
[2012.10.09 21:43:40 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.09.07 18:31:39 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.09.07 18:31:51 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010.12.09 12:47:06 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2007.03.10 01:16:44 | 000,189,496 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\mozilla firefox\plugins\npyaxmpb.dll
[2012.06.01 18:33:00 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.08.30 19:24:08 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.06.01 18:33:00 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.06.01 18:33:00 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.06.01 18:33:00 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.06.01 18:33:00 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.92\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.92\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.92\pdf.dll
CHR - plugin: Skype Click to Call (Enabled) = C:\Users\zr7driver\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.2.0.10687_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Windows Genuine Advantage (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npLegitCheckPlugin.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit)  (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit)  (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: Yahoo! activeX Plug-in Bridge (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll
CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility (Enabled) = C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Java Deployment Toolkit 7.0.70.10 (Enabled) = C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll
CHR - plugin: Java(TM) Platform SE 7 U7 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: Media Go Detector (Enabled) = C:\Program Files\Sony\Media Go\npmediago.dll
CHR - plugin: PlayStation(R)Network Downloader Check Plug-in (Enabled) = C:\Program Files\Sony\PLAYSTATION Network Downloader\nppsndl.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: RealNetworks(tm) Chrome Background Extension Plug-In (32-bit)  (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw_1166636.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - Extension: avast! WebRep = C:\Users\zr7driver\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1466_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\zr7driver\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: Skype Click to Call = C:\Users\zr7driver\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.2.0.10687_0\
 
O1 HOSTS File: ([2012.05.04 08:56:10 | 000,442,850 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1        www.007guard.com
O1 - Hosts: 127.0.0.1        007guard.com
O1 - Hosts: 127.0.0.1        008i.com
O1 - Hosts: 127.0.0.1        www.008k.com
O1 - Hosts: 127.0.0.1        008k.com
O1 - Hosts: 127.0.0.1        www.00hq.com
O1 - Hosts: 127.0.0.1        00hq.com
O1 - Hosts: 127.0.0.1        010402.com
O1 - Hosts: 127.0.0.1        www.032439.com
O1 - Hosts: 127.0.0.1        032439.com
O1 - Hosts: 127.0.0.1        www.0scan.com
O1 - Hosts: 127.0.0.1        0scan.com
O1 - Hosts: 127.0.0.1        1000gratisproben.com
O1 - Hosts: 127.0.0.1        www.1000gratisproben.com
O1 - Hosts: 127.0.0.1        1001namen.com
O1 - Hosts: 127.0.0.1        www.1001namen.com
O1 - Hosts: 127.0.0.1        www.100888290cs.com
O1 - Hosts: 127.0.0.1        100888290cs.com
O1 - Hosts: 127.0.0.1        100sexlinks.com
O1 - Hosts: 127.0.0.1        www.100sexlinks.com
O1 - Hosts: 127.0.0.1        www.10sek.com
O1 - Hosts: 127.0.0.1        10sek.com
O1 - Hosts: 127.0.0.1        1-2005-search.com
O1 - Hosts: 127.0.0.1        www.1-2005-search.com
O1 - Hosts: 127.0.0.1        www.123fporn.info
O1 - Hosts: 15214 more lines...
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Programme\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Programme\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Windows Live ID-Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (WOT Helper) - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Programme\WOT\WOT.dll ()
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (WOT) - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Programme\WOT\WOT.dll ()
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Programme\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (WOT) - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Programme\WOT\WOT.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Programme\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
O4 - HKLM..\Run: [adm_tray.exe] C:\Programme\Acronis\DriveMonitor\adm_tray.exe ()
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [IObit Malware Fighter] C:\Program Files\IObit\IObit Malware Fighter\IMF.exe (IObit)
O4 - HKLM..\Run: [LexwareInfoService] C:\Program Files\Common Files\Lexware\Update Manager\LxUpdateManager.exe (Haufe-Lexware GmbH & Co. KG)
O4 - HKLM..\Run: [mumservice] C:\Programme\Motorola\Software Update\mumservice.exe (Motorola)
O4 - HKCU..\Run: [KiesPDLR] C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O4 - HKCU..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe (Samsung)
O4 - HKCU..\Run: [Sony PC Companion] C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe (Sony)
O4 - Startup: C:\Users\zr7driver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\zr7driver\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\zr7driver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FRITZ!DSL Internet.lnk = C:\Programme\FRITZ!DSL\FritzDsl.exe (AVM Berlin)
O4 - Startup: C:\Users\zr7driver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FRITZ!DSL Protect.lnk = C:\Programme\FRITZ!DSL\FwebProt.exe (AVM Berlin)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoPropertiesMyComputer = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFileAssociate = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogoff = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispScrSavPage = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 221
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found
O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - Reg Error: Key error. File not found
O9 - Extra Button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Programme\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Programme\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files\FRITZ!DSL\\sarah.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\FRITZ!DSL\sarah.dll (AVM Berlin)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\FRITZ!DSL\sarah.dll (AVM Berlin)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\FRITZ!DSL\sarah.dll (AVM Berlin)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000058 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000059 - C:\Program Files\FRITZ!DSL\sarah.dll (AVM Berlin)
O13 - gopher Prefix: missing
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {1E3F1348-4370-4BBE-A67A-CC7ED824CA85} hxxp://download.microsoft.com/download/7/4/9/749b0dc5-2175-4d5b-a6dd-9c4bc923683e/Selfhelpcontrol.cab (Microsoft Genuine Advantage Self Support Tool)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 10.7.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3752C415-0AD3-4D70-88DD-5C627777D71D}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{70461503-9E7A-42FB-9CFC-1852690458B5}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8BBE4987-A903-408A-A660-FD8F19F10960}: DhcpNameServer = 192.168.42.129
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\wot {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Programme\WOT\WOT.dll ()
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{13769a4b-bcd5-11df-a9f6-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{13769a4b-bcd5-11df-a9f6-806e6f6e6963}\Shell\AutoRun\command - "" = E:\LxSetup.exe
O33 - MountPoints2\{30442c83-27ba-11e1-9df3-001583096ec8}\Shell - "" = AutoRun
O33 - MountPoints2\{30442c83-27ba-11e1-9df3-001583096ec8}\Shell\AutoRun\command - "" = G:\setup.exe -a
O33 - MountPoints2\{50e93006-11bf-11e0-b121-001583096ec8}\Shell - "" = AutoRun
O33 - MountPoints2\{d20cf144-c87b-11df-ad11-001583096ec8}\Shell - "" = AutoRun
O34 - HKLM BootExecute: (pdboot.exe)
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.10.11 23:02:36 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2012.10.11 23:02:36 | 000,000,000 | ---D | C] -- C:\Users\zr7driver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
[2012.10.10 19:57:00 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\zr7driver\Desktop\OTL.exe
[2012.10.08 09:41:26 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012.10.07 21:11:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2012.10.07 01:11:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.10.07 01:11:15 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.10.07 01:11:15 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.10.05 18:48:20 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2012.10.05 18:48:15 | 000,134,184 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avipbb.sys
[2012.10.05 18:48:15 | 000,083,792 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avgntflt.sys
[2012.10.05 18:48:15 | 000,036,552 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avkmgr.sys
[2012.10.05 18:48:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2012.10.05 18:48:12 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2012.09.29 16:15:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steuer 2010
[2012.09.29 16:15:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexware
[2012.09.29 16:14:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Lexware
[2012.09.29 16:14:21 | 000,000,000 | ---D | C] -- C:\Program Files\Lexware
[2012.09.29 16:11:05 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Lexware
[2012.09.29 16:11:04 | 000,000,000 | ---D | C] -- C:\Users\zr7driver\AppData\Local\Lexware
[2012.09.28 21:41:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Care 365
[2012.09.28 21:41:02 | 000,000,000 | ---D | C] -- C:\Program Files\Wise
[2012.09.21 10:58:54 | 000,000,000 | ---D | C] -- C:\Users\zr7driver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Urlaubsplaner 2013
[2012.09.15 16:55:23 | 000,181,344 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\System32\drivers\ssudserd.sys
[2012.09.15 16:55:23 | 000,181,344 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\System32\drivers\ssudmdm.sys
[2012.09.15 16:55:22 | 000,083,168 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\System32\drivers\ssudbus.sys
[2012.09.14 12:11:42 | 000,000,000 | ---D | C] -- C:\Users\zr7driver\Documents\Steuerfälle
[2012.09.14 12:11:42 | 000,000,000 | ---D | C] -- C:\Users\zr7driver\AppData\Local\AAV
[2012.09.14 12:03:03 | 000,000,000 | ---D | C] -- C:\Program Files\AAVUpdateManager
[2012.09.14 12:02:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steuer-Sparer 2012
[2012.09.14 11:59:38 | 000,000,000 | ---D | C] -- C:\Program Files\Steuer-Sparer 2012
[2012.09.14 11:58:32 | 000,000,000 | ---D | C] -- C:\ProgramData\AAV
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.10.12 11:12:00 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.10.12 10:34:00 | 000,000,944 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2688999502-884777346-3256751407-1001UA.job
[2012.10.12 10:33:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.10.12 09:20:53 | 000,009,888 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.10.12 09:20:51 | 000,009,888 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.10.12 09:18:52 | 000,707,706 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.10.12 09:18:52 | 000,661,302 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.10.12 09:18:52 | 000,153,192 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.10.12 09:18:52 | 000,125,388 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.10.12 09:11:24 | 000,001,100 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.10.12 09:11:14 | 000,000,322 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job
[2012.10.12 09:11:11 | 000,000,406 | ---- | M] () -- C:\Windows\tasks\Wise Care 365.job
[2012.10.12 09:10:52 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.10.12 09:10:41 | 2616,643,584 | -HS- | M] () -- C:\hiberfil.sys
[2012.10.11 23:02:37 | 000,001,244 | ---- | M] () -- C:\Users\zr7driver\Desktop\Revo Uninstaller.lnk
[2012.10.11 22:34:00 | 000,000,922 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2688999502-884777346-3256751407-1001Core.job
[2012.10.11 19:10:32 | 000,001,124 | ---- | M] () -- C:\Users\Public\Desktop\Wise Care 365.lnk
[2012.10.11 06:14:51 | 000,002,326 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012.10.10 19:57:07 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\zr7driver\Desktop\OTL.exe
[2012.10.09 20:32:20 | 000,538,327 | ---- | M] () -- C:\Users\zr7driver\Desktop\adwcleaner.exe
[2012.10.07 21:11:37 | 000,002,022 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2012.10.07 01:11:17 | 000,001,089 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.10.01 17:14:23 | 000,134,184 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avipbb.sys
[2012.09.29 16:25:19 | 000,002,739 | ---- | M] () -- C:\Users\Public\Desktop\Steuer 2010.lnk
[2012.09.27 21:12:55 | 000,010,495 | ---- | M] () -- C:\Users\zr7driver\WaltherR_elster_2048.pfx
[2012.09.24 09:58:11 | 000,036,552 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avkmgr.sys
[2012.09.21 10:58:54 | 000,001,094 | ---- | M] () -- C:\Users\zr7driver\Desktop\Urlaubsplaner 2013 (Version 2.13) - Deutschland.lnk
[2012.09.18 10:15:17 | 000,000,969 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.09.14 12:09:37 | 000,001,900 | ---- | M] () -- C:\Users\Public\Desktop\Steuer-Sparer 2012.lnk
[2012.09.13 10:58:17 | 000,083,792 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avgntflt.sys
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.10.11 23:02:37 | 000,001,244 | ---- | C] () -- C:\Users\zr7driver\Desktop\Revo Uninstaller.lnk
[2012.10.07 10:04:28 | 000,538,327 | ---- | C] () -- C:\Users\zr7driver\Desktop\adwcleaner.exe
[2012.10.07 01:11:17 | 000,001,089 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.10.05 18:50:12 | 000,002,022 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2012.09.29 16:15:52 | 000,002,739 | ---- | C] () -- C:\Users\Public\Desktop\Steuer 2010.lnk
[2012.09.28 22:24:17 | 000,000,406 | ---- | C] () -- C:\Windows\tasks\Wise Care 365.job
[2012.09.28 21:41:07 | 000,001,124 | ---- | C] () -- C:\Users\Public\Desktop\Wise Care 365.lnk
[2012.09.27 21:12:39 | 000,010,495 | ---- | C] () -- C:\Users\zr7driver\WaltherR_elster_2048.pfx
[2012.09.21 10:58:54 | 000,001,094 | ---- | C] () -- C:\Users\zr7driver\Desktop\Urlaubsplaner 2013 (Version 2.13) - Deutschland.lnk
[2012.09.14 12:02:28 | 000,001,900 | ---- | C] () -- C:\Users\Public\Desktop\Steuer-Sparer 2012.lnk
[2012.07.29 10:59:44 | 000,000,017 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\resmon.resmoncfg
[2012.06.17 13:31:23 | 000,001,124 | ---- | C] () -- C:\Users\zr7driver\Unterammergau_2012.itn
[2012.06.17 13:29:59 | 000,023,945 | ---- | C] () -- C:\Users\zr7driver\Unterammergau_2012.kml
[2012.04.09 20:19:46 | 000,002,773 | ---- | C] () -- \ZR7DRIVER-PC.rtf
[2012.03.30 20:40:37 | 000,338,432 | ---- | C] () -- C:\Windows\System32\sqlite36_engine.dll
[2012.03.15 12:19:31 | 002,950,336 | ---- | C] () -- C:\Users\zr7driver\Kony2012_digital_kit.zip
[2012.02.01 05:41:45 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{4A4B9D26-AA08-4479-8413-EC94C1495FEA}
[2012.01.31 19:15:44 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2012.01.31 19:15:42 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2012.01.31 19:15:42 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2012.01.31 19:15:42 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2012.01.31 19:15:42 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
[2012.01.13 20:08:12 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{3ADCD066-1845-4420-813A-0152E185A562}
[2011.12.30 10:50:01 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{0766FBBE-1B10-4D18-B8FD-7921451DF9C6}
[2011.12.26 13:04:07 | 000,451,072 | ---- | C] () -- C:\Windows\System32\ISSRemoveSP.exe
[2011.12.25 23:49:46 | 000,110,080 | ---- | C] () -- C:\Windows\System32\advd.dll
[2011.12.25 23:49:46 | 000,023,040 | ---- | C] () -- C:\Windows\System32\auth.dll
[2011.12.25 23:49:44 | 000,559,104 | ---- | C] () -- C:\Windows\System32\lame.exe
[2011.12.25 23:49:44 | 000,237,568 | ---- | C] () -- C:\Windows\System32\lame_enc.dll
[2011.12.23 10:50:00 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{1C4F85BF-C25C-40D8-9072-C915C7610CF0}
[2011.12.23 10:02:20 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{DC88FA66-C4A7-4165-B3C1-62F961889D2F}
[2011.12.23 05:42:16 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{753738CE-CC9E-43C5-A535-266989FB1EB0}
[2011.12.22 21:15:10 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{56518DCC-6EA3-475B-8402-DCD2DBC03511}
[2011.12.22 10:50:00 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{CEC58609-76D2-4EA6-9531-7C3AA9E59D4E}
[2011.12.22 09:58:41 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{75C3B094-F8E5-49A6-B3F7-6EE5EC9B06A9}
[2011.12.13 10:50:01 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{36A7198A-B63C-4ED1-8E79-D6E1A01847BA}
[2011.12.13 10:04:48 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{43A6C6E7-5102-4D08-B831-D9FF396BBB74}
[2011.12.12 10:50:02 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{E93FDF79-0B6E-40E7-ACBB-3E68917B158A}
[2011.12.08 10:08:03 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{A4AFC9A3-D672-44ED-982A-467C3938BFE7}
[2011.12.07 09:54:52 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{E9BBF441-1A49-47C7-A653-236B5B3BBFA1}
[2011.12.04 07:22:12 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{AE7A2FF6-BC86-4981-A1CC-55430DF54232}
[2011.12.02 10:04:51 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{5CE40A7C-C86D-4574-AA9B-81AF3B3984FF}
[2011.12.01 21:19:21 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{A67ACE38-ADEE-449A-86E7-909D2DBA9B23}
[2011.12.01 10:06:14 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{A795E345-7B05-4BC3-80F5-8E145C4EDBA5}
[2011.11.30 21:01:54 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{46D14579-E7ED-4468-A4A1-010E6903B9D6}
[2011.11.29 10:50:01 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{15BAC503-F22F-4409-A44E-3EF0670584FA}
[2011.11.29 10:03:41 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{759C9C24-C460-4D61-9460-1EBF1E7E2F7F}
[2011.11.29 05:39:30 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{4D4D9BF3-9AC9-4895-9352-F90DC35855A6}
[2011.11.25 19:49:49 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{A36FD9B9-77B7-4AA3-88CD-916BA7ED3164}
[2011.11.23 19:32:37 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{0BF97707-9995-4474-AA26-C1B7A09F2755}
[2011.11.20 12:36:06 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{9A3933A9-ABB4-4DD1-BDF9-EE9E60064BA0}
[2011.11.14 11:03:11 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{D09CB122-FADC-444C-8947-C71A91EABD81}
[2011.11.14 10:50:03 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{60914264-77B5-4DF5-97B5-7C0FF0508A66}
[2011.10.10 11:33:41 | 000,000,097 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\fusioncache.dat
[2011.06.17 00:36:07 | 005,406,987 | ---- | C] () -- \RUU_signed.nbh
[2011.06.17 00:36:07 | 001,481,928 | ---- | C] () -- \task29.exe
[2011.06.17 00:36:07 | 001,449,160 | ---- | C] () -- \RUUResource.dll
[2011.06.17 00:36:07 | 000,213,864 | ---- | C] () -- \ModelID.fig
[2011.06.17 00:36:07 | 000,175,304 | ---- | C] () -- \rapitool.exe
[2011.06.17 00:36:07 | 000,141,368 | ---- | C] () -- \ErrorUSB.fig
[2011.06.17 00:36:07 | 000,095,552 | ---- | C] () -- \ErrorBattery.fig
[2011.06.17 00:36:07 | 000,013,512 | ---- | C] () -- \RUUGetInfo.exe
[2011.06.17 00:36:07 | 000,008,904 | ---- | C] () -- \EnterBootloader.exe
[2011.06.17 00:36:07 | 000,000,013 | ---- | C] () -- \ROMUpdateUtility.cfg
[2011.06.10 06:34:52 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2011.06.03 22:46:09 | 000,000,518 | ---- | C] () -- C:\Windows\wininit.ini
[2011.04.27 10:40:07 | 000,000,064 | ---- | C] () -- C:\Windows\System32\rp_stats.dat
[2011.04.27 10:40:07 | 000,000,044 | ---- | C] () -- C:\Windows\System32\rp_rules.dat
[2011.01.21 23:30:49 | 000,000,102 | ---- | C] () -- \qehjlhawlh
[2011.01.18 20:57:44 | 000,000,862 | ---- | C] () -- C:\Users\zr7driver\.recently-used.xbel
[2011.01.08 12:02:39 | 000,001,117 | ---- | C] () -- C:\Users\zr7driver\Dokumente - Verknüpfung.lnk
[2011.01.04 21:05:23 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll
[2010.12.26 00:18:10 | 000,000,064 | ---- | C] () -- C:\ProgramData\sandra.ldb
[2010.12.26 00:14:22 | 010,960,896 | ---- | C] () -- C:\ProgramData\sandra.mda
[2010.11.16 21:01:57 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
[2010.11.16 21:01:56 | 000,111,932 | ---- | C] () -- C:\Windows\System32\EPPICPrinterDB.dat
[2010.11.16 21:01:56 | 000,031,053 | ---- | C] () -- C:\Windows\System32\EPPICPattern131.dat
[2010.11.16 21:01:56 | 000,027,417 | ---- | C] () -- C:\Windows\System32\EPPICPattern121.dat
[2010.11.16 21:01:56 | 000,026,154 | ---- | C] () -- C:\Windows\System32\EPPICPattern1.dat
[2010.11.16 21:01:56 | 000,024,903 | ---- | C] () -- C:\Windows\System32\EPPICPattern3.dat
[2010.11.16 21:01:56 | 000,021,390 | ---- | C] () -- C:\Windows\System32\EPPICPattern5.dat
[2010.11.16 21:01:56 | 000,020,148 | ---- | C] () -- C:\Windows\System32\EPPICPattern2.dat
[2010.11.16 21:01:56 | 000,011,811 | ---- | C] () -- C:\Windows\System32\EPPICPattern4.dat
[2010.11.16 21:01:56 | 000,004,943 | ---- | C] () -- C:\Windows\System32\EPPICPattern6.dat
[2010.11.16 21:01:56 | 000,001,146 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_DU.dat
[2010.11.16 21:01:56 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_PT.dat
[2010.11.16 21:01:56 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_BP.dat
[2010.11.16 21:01:56 | 000,001,136 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_ES.dat
[2010.11.16 21:01:56 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_FR.dat
[2010.11.16 21:01:56 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_CF.dat
[2010.11.16 21:01:56 | 000,001,120 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_IT.dat
[2010.11.16 21:01:56 | 000,001,107 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_GE.dat
[2010.11.16 21:01:56 | 000,001,104 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_EN.dat
[2010.10.28 13:24:13 | 000,015,873 | ---- | C] () -- C:\Windows\System32\Inetde.dll
[2010.10.03 22:23:13 | 001,140,638 | ---- | C] () -- C:\Users\zr7driver\Backup LG GT540 Optimus 03.10.2010.mpb
[2010.10.02 22:02:25 | 000,000,360 | -H-- | C] () -- \IPH.PH
[2010.09.24 13:26:13 | 000,050,688 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.09.12 11:27:22 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.09.10 14:15:23 | 2616,643,584 | -HS- | C] () -- \hiberfil.sys
[2010.02.15 15:31:27 | 000,000,000 | RHS- | C] () -- \MSDOS.SYS
[2010.02.15 15:31:27 | 000,000,000 | RHS- | C] () -- \IO.SYS
[2009.07.14 04:04:04 | 000,000,024 | ---- | C] () -- \autoexec.bat
[2009.07.14 04:04:04 | 000,000,010 | ---- | C] () -- \config.sys
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
 
========== Purity Check ==========
 
 

< End of report >
--- --- ---

cosinus 12.10.2012 13:55
Warum machst du jetzt keinen CustomScan?

zr7driver 12.10.2012 13:57
Was mache ich??

Ach die Sachen von dir ins OTL kopieren und dann scannen... ok mache ich!! :))

Code:
OTL logfile created on: 12.10.2012 16:19:14 - Run 2
OTL by OldTimer - Version 3.2.69.0    Folder = C:\Users\zr7driver\Desktop
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,25 Gb Total Physical Memory | 2,06 Gb Available Physical Memory | 63,42% Memory free
6,50 Gb Paging File | 4,55 Gb Available in Paging File | 70,02% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 910,41 Gb Total Space | 587,50 Gb Free Space | 64,53% Space Free | Partition Type: NTFS
Drive D: | 20,00 Gb Total Space | 10,36 Gb Free Space | 51,80% Space Free | Partition Type: NTFS
 
Computer Name: ZR7DRIVER-PC | User Name: zr7driver | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.10.10 19:57:07 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\zr7driver\Desktop\OTL.exe
PRC - [2012.09.25 11:00:45 | 000,084,256 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2012.09.25 10:54:05 | 000,554,784 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe
PRC - [2012.09.25 10:52:56 | 000,108,320 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.09.24 17:24:20 | 001,161,768 | ---- | M] (WiseCleaner.com) -- C:\Programme\Wise\Wise Care 365\WiseTray.exe
PRC - [2012.09.19 19:20:40 | 000,079,136 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2012.09.18 01:07:45 | 000,212,432 | ---- | M] (Google Inc.) -- C:\Programme\Google\Update\1.3.21.123\GoogleCrashHandler.exe
PRC - [2012.08.31 02:52:22 | 000,021,432 | ---- | M] () -- C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
PRC - [2012.08.31 02:52:12 | 000,964,024 | ---- | M] (Samsung) -- C:\Programme\Samsung\Kies\Kies.exe
PRC - [2012.08.21 11:12:26 | 004,282,728 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastUI.exe
PRC - [2012.08.21 11:12:25 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe
PRC - [2012.08.13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.07.25 04:08:10 | 026,909,544 | ---- | M] (Dropbox, Inc.) -- C:\Users\zr7driver\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2012.07.17 22:31:18 | 000,776,088 | ---- | M] () -- C:\Programme\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
PRC - [2012.07.17 22:31:18 | 000,116,632 | ---- | M] () -- C:\Programme\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
PRC - [2012.07.02 16:02:28 | 004,473,728 | ---- | M] (IObit) -- C:\Programme\IObit\IObit Malware Fighter\IMF.exe
PRC - [2012.03.23 14:25:24 | 000,087,040 | ---- | M] () -- C:\Programme\HTC\Internet Pass-Through\PassThruSvr.exe
PRC - [2012.01.23 06:43:08 | 000,092,592 | ---- | M] (TomTom) -- C:\Programme\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2012.01.09 20:17:44 | 000,821,592 | ---- | M] (IObit) -- C:\Programme\IObit\IObit Malware Fighter\IMFsrv.exe
PRC - [2011.09.02 16:06:38 | 000,065,657 | ---- | M] (Motorola) -- C:\Programme\Motorola\MotForwardDaemon\ForwardDaemon.exe
PRC - [2011.05.24 11:33:30 | 001,840,128 | ---- | M] (MAGIX AG) -- C:\Programme\Common Files\MAGIX Services\Database\bin\FABS.exe
PRC - [2011.03.10 20:57:04 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft\BingBar\SeaPort.EXE
PRC - [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2011.02.24 19:07:06 | 000,470,120 | ---- | M] () -- C:\Programme\Acronis\DriveMonitor\adm_tray.exe
PRC - [2011.02.12 07:43:02 | 000,660,576 | ---- | M] (Acronis) -- C:\Programme\Common Files\Acronis\Schedule2\schedul2.exe
PRC - [2011.02.12 07:40:50 | 000,365,632 | ---- | M] (Acronis) -- C:\Programme\Common Files\Acronis\Schedule2\schedhlp.exe
PRC - [2011.01.07 22:06:12 | 000,803,432 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\Display\NvXDSync.exe
PRC - [2011.01.05 12:31:34 | 000,399,416 | ---- | M] (Secunia) -- C:\Programme\Secunia\PSI\sua.exe
PRC - [2011.01.05 12:31:32 | 000,988,216 | ---- | M] (Secunia) -- C:\Programme\Secunia\PSI\psia.exe
PRC - [2010.11.20 14:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2010.11.20 14:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010.11.20 14:17:41 | 001,174,016 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Sidebar\sidebar.exe
PRC - [2010.11.05 17:11:52 | 000,081,920 | R--- | M] (Nero AG) -- C:\Programme\Motorola Media Link\NServiceEntry.exe
PRC - [2010.04.05 21:55:01 | 000,116,104 | ---- | M] () -- C:\Programme\Canon\IJPLM\ijplmsvc.exe
PRC - [2010.04.02 11:18:54 | 001,185,112 | ---- | M] (CANON INC.) -- C:\Programme\Canon\Solution Menu EX\CNSEMAIN.EXE
PRC - [2010.03.25 03:50:00 | 002,516,296 | ---- | M] (CANON INC.) -- C:\Programme\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2009.12.24 12:17:20 | 000,100,152 | ---- | M] (MICRO-STAR INT'L,.LTD.) -- C:\Programme\msi\OSD hot keys\WMI_Hook_Service.exe
PRC - [2009.07.28 16:07:42 | 000,073,528 | ---- | M] (AVM Berlin) -- C:\Programme\FRITZ!DSL\IGDCTRL.EXE
PRC - [2009.07.27 11:38:46 | 000,987,960 | ---- | M] (AVM Berlin) -- C:\Programme\FRITZ!DSL\FritzDsl.exe
PRC - [2009.07.23 14:13:10 | 000,066,824 | ---- | M] (Raxco Software, Inc.) -- C:\Programme\Raxco\PerfectDisk10\PDAgentS1.exe
PRC - [2009.07.23 14:13:08 | 000,931,080 | ---- | M] (Raxco Software, Inc.) -- C:\Programme\Raxco\PerfectDisk10\PDAgent.exe
PRC - [2009.07.20 11:01:00 | 000,760,120 | ---- | M] (AVM Berlin) -- C:\Programme\FRITZ!DSL\StCenter.exe
PRC - [2009.07.14 03:14:21 | 000,294,400 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\ink\InputPersonalization.exe
PRC - [2009.06.03 21:59:02 | 000,103,720 | ---- | M] (CyberLink) -- C:\Programme\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2009.04.09 12:45:26 | 001,061,688 | ---- | M] (AVM Berlin) -- C:\Programme\FRITZ!DSL\FwebProt.exe
PRC - [2009.01.26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Programme\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2008.11.09 22:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Programme\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008.10.24 16:35:44 | 000,128,296 | ---- | M] () -- C:\Programme\AAVUpdateManager\aavus.exe
PRC - [2008.06.13 14:24:02 | 000,081,920 | ---- | M] (Firebird Project) -- C:\Programme\Firebird\Firebird_2_1\bin\fbguard.exe
PRC - [2008.06.13 14:22:50 | 002,723,840 | ---- | M] (Firebird Project) -- C:\Programme\Firebird\Firebird_2_1\bin\fbserver.exe
PRC - [2007.12.27 15:39:30 | 000,166,520 | ---- | M] () -- C:\Programme\IVT Corporation\BlueSoleil\BTNtService.exe
PRC - [2007.12.27 15:39:20 | 000,051,816 | ---- | M] () -- C:\Programme\IVT Corporation\BlueSoleil\StartSkysolSvc.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.10.12 09:13:01 | 000,115,137 | ---- | M] () -- C:\Users\zr7driver\AppData\Local\Temp\fbe2808e-2380-4f14-a1fa-3fa9c3a364e8\CliSecureRT.dll
MOD - [2012.09.15 18:54:57 | 015,399,936 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Theme\002b4b1af5f8145bf6b6afe21d4f1db2\Kies.Theme.ni.dll
MOD - [2012.09.15 18:54:56 | 000,608,256 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DevicePodcast\de1a504d1535e5005fbae8f6a4d97ce5\DevicePodcast.ni.dll
MOD - [2012.09.15 18:54:54 | 000,290,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceVideo\ee12ab3bf308cbe22f373afbddf0be6b\DeviceVideo.ni.dll
MOD - [2012.09.15 18:54:52 | 000,367,104 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DevicePhoto\e5e58a020638d28d3740195f1d0738da\DevicePhoto.ni.dll
MOD - [2012.09.15 18:54:51 | 000,299,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceMusic\0377dd6ed6a5e92a0b8d6eb7d0b64f79\DeviceMusic.ni.dll
MOD - [2012.09.15 18:54:50 | 000,461,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\VideoManager\23e80240003377b6412081a4523943fe\VideoManager.ni.dll
MOD - [2012.09.15 18:54:48 | 002,778,112 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PodcastService\23fd65cd04b03d19931758d7472e38a4\PodcastService.ni.dll
MOD - [2012.09.15 18:54:45 | 001,143,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Podcaster\65018f5e3da23293d642168f7b132d40\Podcaster.ni.dll
MOD - [2012.09.15 18:54:42 | 000,607,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PhotoManager\e96a4bd6a51ec7762f15f9bc64c6c33a\PhotoManager.ni.dll
MOD - [2012.09.15 18:54:16 | 000,033,792 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\deb1e04d94f18bc88afabf744c5d87aa\Kies.Common.DeviceServiceLib.FirmwareUpdate.FirmwareUpdateAgentHelper.ni.dll
MOD - [2012.09.15 18:54:14 | 005,677,568 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceHost\64d3040868aba797c48f608f5361e5bc\DeviceHost.ni.dll
MOD - [2012.09.15 18:53:59 | 001,843,712 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Phonebook\1bedf64dbdd091ac8dceee7cbfd84a88\Phonebook.ni.dll
MOD - [2012.09.15 18:53:50 | 001,008,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CPKTMusicPlugin\f73c846c21b32d8e446f08fe7bf0b75a\CPKTMusicPlugin.ni.dll
MOD - [2012.09.15 18:53:47 | 000,964,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\MusicManager\dc5b622e73080b69c1c63606f283b795\MusicManager.ni.dll
MOD - [2012.09.15 18:53:41 | 000,320,512 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\EBookManager\e5c8f9e08db50fb625c029361147f47e\EBookManager.ni.dll
MOD - [2012.09.15 18:53:39 | 000,391,168 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\BATPlugin\ed8a6670f7dbe1ae78aa091a0935fb87\BATPlugin.ni.dll
MOD - [2012.09.15 18:53:38 | 000,031,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\AllShareController\c209d4b3c25507564757710f6d4a4570\AllShareController.ni.dll
MOD - [2012.09.15 18:53:37 | 000,507,392 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.MediaDB\25823a7264f74e67158031f485c0bb23\Kies.Common.MediaDB.ni.dll
MOD - [2012.09.15 18:53:37 | 000,029,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.StoreMa#\d9eca4746981ac218c1dbe0c131ce108\Kies.Common.StoreManager.ni.dll
MOD - [2012.09.15 18:53:35 | 000,232,960 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\ASF_cSharpAPI\81bb58061bcd2a4c3bf4136abe041d20\ASF_cSharpAPI.ni.dll
MOD - [2012.09.15 18:53:35 | 000,064,000 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.AllShare\065aa3ca107d7b3d679a5f408e535239\Kies.Common.AllShare.ni.dll
MOD - [2012.09.15 18:53:34 | 000,278,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\1f13cee7982e84f07cff152618950b20\Kies.Common.DeviceServiceLib.FirmwareUpdate.Common.ni.dll
MOD - [2012.09.15 18:53:32 | 000,189,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\57b7389241c36caa1d2132d68eddedda\Kies.Common.DeviceServiceLib.FirmwareUpdate.Downloader.ni.dll
MOD - [2012.09.15 18:53:32 | 000,174,592 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.DevFileServ#\170b754ba9dcd78ee0b06a32af4a7c1f\Interop.DevFileServiceLib.ni.dll
MOD - [2012.09.15 18:53:31 | 000,565,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\4b033da616a5e8e2b9ebe95342e9cf0d\Kies.Common.DeviceServiceLib.FileService.ni.dll
MOD - [2012.09.15 18:53:29 | 000,566,784 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\bf6e9c84dd994fef46819ed3bd9fa934\Kies.Common.DeviceServiceLib.DeviceDataService.ni.dll
MOD - [2012.09.15 18:53:26 | 000,184,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\e1837e9c63789850168d0bb76826128d\Kies.Common.DeviceServiceLib.Interface.ni.dll
MOD - [2012.09.15 18:53:25 | 000,902,656 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\4f549b26003474662ef7e2f3be9e3dd3\Kies.Common.DeviceServiceLib.DeviceManagement.ni.dll
MOD - [2012.09.15 18:53:23 | 001,025,536 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\60c16bc46e86b9a852e71968dc63d9c7\Kies.Common.DeviceService.ni.dll
MOD - [2012.09.15 18:53:20 | 000,052,224 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.MP3FileInfo#\c99811c6a988ca6c2104a5b45acbddbb\Interop.MP3FileInfoCOMLib.ni.dll
MOD - [2012.09.15 18:53:20 | 000,030,720 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.PRPLAYERCOR#\25dc31b1903a3689788caf51d3d93f97\Interop.PRPLAYERCORELib.ni.dll
MOD - [2012.09.15 18:53:19 | 002,188,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.Multime#\923e655c1069f7faa553275eb2e6763c\Kies.Common.Multimedia.ni.dll
MOD - [2012.09.15 18:53:15 | 000,183,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.MainUI\4603ed01ff960f6d861f798e826c9442\Kies.Common.MainUI.ni.dll
MOD - [2012.09.15 18:53:13 | 000,067,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DBManag#\dcc3307fb870292826318142cf4fa8aa\Kies.Common.DBManager.ni.dll
MOD - [2012.09.15 18:53:12 | 000,201,728 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.Util\b0cec9954e5583399b377b65a469a74c\Kies.Common.Util.ni.dll
MOD - [2012.09.15 18:53:11 | 001,437,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Locale\c4f56538bb1d5921690a486bf052e30b\Kies.Locale.ni.dll
MOD - [2012.09.15 18:53:10 | 000,078,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.MVVM\afa8de1e7aabde98f9a5fec1abdb9a05\Kies.MVVM.ni.dll
MOD - [2012.09.15 18:53:09 | 001,728,512 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.UI\7a0eb5bc5decef8dc1ef9dd3bca3b4d4\Kies.UI.ni.dll
MOD - [2012.09.15 18:53:06 | 000,119,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\GongSolutions.Wpf.D#\3f6f79987f17c00edce423932abd1cf2\GongSolutions.Wpf.DragDrop.ni.dll
MOD - [2012.09.15 18:53:04 | 001,185,280 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Interface\0a26df964bb433ab607743b20c7704f7\Kies.Interface.ni.dll
MOD - [2012.09.15 18:53:02 | 001,674,240 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies\41f4faf4ff2ba56c26252d6069ceff76\Kies.ni.exe
MOD - [2012.08.31 02:52:22 | 000,021,432 | ---- | M] () -- C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
MOD - [2012.07.17 22:31:18 | 000,776,088 | ---- | M] () -- C:\Programme\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
MOD - [2012.06.13 09:05:50 | 000,221,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\26e0457a9776a0e9f23e3986686d90a5\System.ServiceProcess.ni.dll
MOD - [2012.06.13 05:36:30 | 013,198,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\00a4922fbf869a79c043b665035516b6\System.Windows.Forms.ni.dll
MOD - [2012.06.13 05:26:03 | 018,019,840 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\d239f585ee55f833dbe21e897e1265ac\PresentationFramework.ni.dll
MOD - [2012.06.13 05:25:46 | 011,522,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\b7de318e9fd1ef519ca6c1f3b5dba8e0\PresentationCore.ni.dll
MOD - [2012.06.13 05:25:32 | 003,881,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\a6e37a05b8d0cedbc5c3ea266ae3fc31\WindowsBase.ni.dll
MOD - [2012.06.13 05:25:27 | 001,666,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\4230ed1c7990e4ee8352baf67a2a85fa\System.Drawing.ni.dll
MOD - [2012.06.03 09:36:31 | 000,032,256 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.OGGFileInfo#\cbeefee33636e0d0be226cf11e180ba3\Interop.OGGFileInfoCOMLib.ni.dll
MOD - [2012.06.03 09:36:30 | 000,171,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.P3MPINTERFA#\b0b31095249cec5ef5c0407fa6b7fc22\Interop.P3MPINTERFACECTRLLib.ni.dll
MOD - [2012.06.03 09:36:22 | 000,395,776 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CabLib\6265ffca46eab52d5f798847b5ea908c\CabLib.ni.dll
MOD - [2012.06.03 09:36:21 | 000,530,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\ICSharpCode.SharpZi#\2d7161baa59dd2c1c39f4a192d760e7d\ICSharpCode.SharpZipLib.ni.dll
MOD - [2012.06.03 09:36:20 | 000,052,224 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.DeviceSearc#\9a6bad5be6518d4a975893676a49a82c\Interop.DeviceSearchLib.ni.dll
MOD - [2012.05.09 10:26:42 | 001,218,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\d0e1cdaff8f9055187f8e7b52c060dff\System.Management.ni.dll
MOD - [2012.05.09 10:21:00 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\63bc6e391de5014965039e100ce1e9d5\System.Runtime.Remoting.ni.dll
MOD - [2012.05.09 10:20:41 | 001,782,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\b68bee05c7e518172982cc92059c3315\System.Xaml.ni.dll
MOD - [2012.05.09 10:12:43 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\608d29d7cc89f3a9a195c91354561915\PresentationFramework.Aero.ni.dll
MOD - [2012.05.09 10:08:26 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\a84262e1224189f93e10cd3c403a9527\System.Configuration.ni.dll
MOD - [2012.05.09 10:08:13 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\9abe44a0f82070ead5f1256683a4d25a\System.Xml.ni.dll
MOD - [2012.05.09 10:07:42 | 007,069,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\09bd2126bba2ab4f29ed52afde1470d7\System.Core.ni.dll
MOD - [2012.05.09 10:07:30 | 009,092,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\a6be120e49f895ef6b00e9918402395b\System.ni.dll
MOD - [2012.05.09 10:07:19 | 014,414,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\c1af4ec9a36f671617a8ecaec00373f4\mscorlib.ni.dll
MOD - [2012.02.17 20:55:35 | 000,166,912 | ---- | M] () -- C:\Programme\WinRAR\RarExt.dll
MOD - [2011.02.24 19:07:06 | 000,470,120 | ---- | M] () -- C:\Programme\Acronis\DriveMonitor\adm_tray.exe
MOD - [2011.02.24 18:39:44 | 000,012,128 | ---- | M] () -- C:\Programme\Common Files\Acronis\DriveMonitor\Common\icudt38.dll
MOD - [2009.06.03 21:59:14 | 000,013,096 | ---- | M] () -- C:\Programme\CyberLink\Power2Go\CLMLSvcPS.dll
MOD - [2009.06.03 21:59:02 | 000,619,816 | ---- | M] () -- C:\Programme\CyberLink\Power2Go\CLMediaLibrary.dll
MOD - [2009.02.04 12:08:06 | 000,207,872 | ---- | M] () -- C:\Programme\FRITZ!DSL\C90dll.dll
 
 
========== Services (SafeList) ==========
 
SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SBSDWSCService)
SRV - [2012.10.11 03:04:37 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.10.09 11:34:18 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.09.25 11:00:45 | 000,084,256 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.09.25 10:54:05 | 000,554,784 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe -- (AntiVirWebService)
SRV - [2012.09.25 10:52:56 | 000,108,320 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.08.21 11:12:25 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Programme\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012.08.13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.07.17 22:31:18 | 000,116,632 | ---- | M] () [Auto | Running] -- C:\Programme\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe -- (Motorola Device Manager)
SRV - [2012.07.17 15:25:28 | 000,580,648 | ---- | M] (WiseCleaner.com) [Auto | Stopped] -- C:\Programme\Wise\Wise Care 365\BootTime.exe -- (WiseBootAssistant)
SRV - [2012.07.03 13:19:28 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.03.23 14:25:24 | 000,087,040 | ---- | M] () [Auto | Running] -- C:\Programme\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service)
SRV - [2012.01.23 06:43:08 | 000,092,592 | ---- | M] (TomTom) [Auto | Running] -- C:\Programme\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2012.01.18 14:38:28 | 000,155,320 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Programme\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion)
SRV - [2012.01.09 20:17:44 | 000,821,592 | ---- | M] (IObit) [Auto | Running] -- C:\Programme\IObit\IObit Malware Fighter\IMFsrv.exe -- (IMFservice)
SRV - [2011.09.02 16:06:38 | 000,065,657 | ---- | M] (Motorola) [Auto | Running] -- C:\Programme\Motorola\MotForwardDaemon\ForwardDaemon.exe -- (PST Service)
SRV - [2011.05.26 14:34:34 | 000,191,752 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Programme\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011.05.24 11:33:30 | 001,840,128 | ---- | M] (MAGIX AG) [Auto | Running] -- C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs)
SRV - [2011.04.26 14:54:12 | 002,702,848 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Programme\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
SRV - [2011.03.21 13:21:24 | 000,632,832 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2011.03.10 20:57:04 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2011.02.12 07:43:02 | 000,660,576 | ---- | M] (Acronis) [Auto | Running] -- C:\Programme\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2011.01.05 12:31:34 | 000,399,416 | ---- | M] (Secunia) [Auto | Running] -- C:\Programme\Secunia\PSI\sua.exe -- (Secunia Update Agent)
SRV - [2011.01.05 12:31:32 | 000,988,216 | ---- | M] (Secunia) [Auto | Running] -- C:\Programme\Secunia\PSI\psia.exe -- (Secunia PSI Agent)
SRV - [2010.11.20 14:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2010.11.05 17:11:52 | 000,081,920 | R--- | M] (Nero AG) [Auto | Running] -- C:\Programme\Motorola Media Link\NServiceEntry.exe -- (DeviceMonitorService)
SRV - [2010.04.28 07:44:02 | 000,704,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
SRV - [2010.04.05 21:55:01 | 000,116,104 | ---- | M] () [Auto | Running] -- C:\Programme\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2009.12.24 12:17:20 | 000,100,152 | ---- | M] (MICRO-STAR INT'L,.LTD.) [Auto | Running] -- C:\Programme\msi\OSD hot keys\WMI_Hook_Service.exe -- (WMI_Hook_Service)
SRV - [2009.08.24 22:16:36 | 000,406,016 | ---- | M] (mst software GmbH, Germany) [On_Demand | Stopped] -- C:\Programme\Ashampoo\Ashampoo WinOptimizer 2012\DfSdkS.exe -- (DfSdkS)
SRV - [2009.08.18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2009.08.10 15:58:28 | 000,093,848 | ---- | M] (SiSoftware) [On_Demand | Stopped] -- C:\Programme\SiSoftware\SiSoftware Sandra Lite 2011b\RpcAgentSrv.exe -- (SandraAgentSrv)
SRV - [2009.07.28 16:07:42 | 000,073,528 | ---- | M] (AVM Berlin) [Auto | Running] -- C:\Programme\FRITZ!DSL\IGDCTRL.EXE -- (IGDCTRL)
SRV - [2009.07.23 14:13:12 | 001,033,480 | ---- | M] (Raxco Software, Inc.) [On_Demand | Stopped] -- C:\Programme\Raxco\PerfectDisk10\PDEngine.exe -- (PDEngine)
SRV - [2009.07.23 14:13:08 | 000,931,080 | ---- | M] (Raxco Software, Inc.) [Auto | Running] -- C:\Programme\Raxco\PerfectDisk10\PDAgent.exe -- (PDAgent)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008.11.09 22:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Programme\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008.10.24 16:35:44 | 000,128,296 | ---- | M] () [Auto | Running] -- C:\Programme\AAVUpdateManager\aavus.exe -- (AAV UpdateService)
SRV - [2008.06.13 14:24:02 | 000,081,920 | ---- | M] (Firebird Project) [Auto | Running] -- C:\Programme\Firebird\Firebird_2_1\bin\fbguard.exe -- (FirebirdGuardianDefaultInstance)
SRV - [2008.06.13 14:22:50 | 002,723,840 | ---- | M] (Firebird Project) [On_Demand | Running] -- C:\Programme\Firebird\Firebird_2_1\bin\fbserver.exe -- (FirebirdServerDefaultInstance)
SRV - [2007.12.27 15:39:30 | 000,166,520 | ---- | M] () [Auto | Running] -- C:\Programme\IVT Corporation\BlueSoleil\BTNtService.exe -- (BlueSoleil Hid Service)
SRV - [2007.12.27 15:39:20 | 000,051,816 | ---- | M] () [Auto | Running] -- C:\Programme\IVT Corporation\BlueSoleil\StartSkysolSvc.exe -- (Start BT in service)
SRV - [2007.05.31 09:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007.05.31 09:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2003.07.28 12:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbmodem.sys -- (USBModem)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbdiag.sys -- (UsbDiag)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbbus.sys -- (usbbus)
DRV - File not found [Kernel | System | Stopped] -- C:\Windows\system32\drivers\SBREdrv.sys -- (SBRE)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\motodrv.sys -- (MotDev)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\motoandroid.sys -- (motandroidusb)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\ZR7DRI~1\AppData\Local\Temp\mfe_rr.sys -- (MFE_RR)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\C10F.tmp -- (MEMSWEEP2)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgbtbus.sys -- (lgbusenum)
DRV - File not found [File_System | Boot | Stopped] -- system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2012.10.01 17:14:23 | 000,134,184 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2012.09.24 09:58:11 | 000,036,552 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2012.09.13 10:58:17 | 000,083,792 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2012.08.28 19:41:29 | 000,025,200 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggsemc.sys -- (ggsemc)
DRV - [2012.08.28 19:41:29 | 000,012,400 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggflt.sys -- (ggflt)
DRV - [2012.08.21 11:13:15 | 000,729,752 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012.08.21 11:13:15 | 000,355,632 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012.08.21 11:13:15 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012.08.21 11:13:14 | 000,058,680 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2012.08.21 11:13:14 | 000,044,784 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2012.08.21 11:13:13 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012.07.31 12:42:48 | 000,181,344 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudserd.sys -- (ssudserd)
DRV - [2012.07.31 12:42:48 | 000,181,344 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudmdm.sys -- (ssudmdm)
DRV - [2012.07.31 12:42:48 | 000,083,168 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudbus.sys -- (dg_ssudbus)
DRV - [2012.07.05 13:53:38 | 000,019,832 | ---- | M] (IObit.com) [Kernel | On_Demand | Running] -- C:\Programme\IObit\IObit Malware Fighter\Drivers\win7_x86\UrlFilter.sys -- (UrlFilter)
DRV - [2012.07.05 13:53:36 | 000,030,640 | ---- | M] (IObit.com) [Kernel | On_Demand | Running] -- C:\Programme\IObit\IObit Malware Fighter\Drivers\win7_x86\RegFilter.sys -- (RegFilter)
DRV - [2012.06.11 11:56:32 | 000,020,864 | ---- | M] (Motorola Mobility Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motccgp.sys -- (motccgp)
DRV - [2012.06.08 16:09:10 | 000,023,808 | ---- | M] (Motorola Mobility Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Motousbnet.sys -- (Motousbnet)
DRV - [2012.06.08 16:08:52 | 000,006,656 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motswch.sys -- (MotoSwitchService)
DRV - [2012.06.08 16:08:26 | 000,024,576 | ---- | M] (Motorola Mobility Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motmodem.sys -- (motmodem)
DRV - [2012.03.07 03:11:00 | 000,025,856 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandnetadb.sys -- (andnetadb)
DRV - [2012.03.02 16:02:00 | 000,025,088 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandmodem.sys -- (ANDModem)
DRV - [2012.03.02 16:02:00 | 000,020,736 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lganddiag.sys -- (AndDiag)
DRV - [2012.03.02 16:02:00 | 000,020,096 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandgps.sys -- (AndGps)
DRV - [2012.03.02 16:02:00 | 000,014,336 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandbus.sys -- (Andbus)
DRV - [2012.02.07 17:46:02 | 000,024,328 | ---- | M] (CPUID) [Kernel | On_Demand | Stopped] -- C:\Programme\CPUID\PC Wizard 2012\pcwiz_x32.sys -- (cpuz135)
DRV - [2012.01.25 14:57:46 | 000,008,448 | ---- | M] (Motorola Mobility Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motccgpfl.sys -- (motccgpfl)
DRV - [2012.01.05 18:07:20 | 000,020,336 | ---- | M] (IObit) [File_System | On_Demand | Running] -- C:\Programme\IObit\IObit Malware Fighter\Drivers\win7_x86\FileMonitor.sys -- (FileMonitor)
DRV - [2011.11.08 13:59:04 | 000,011,008 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motusbdevice.sys -- (motusbdevice)
DRV - [2011.01.08 05:27:00 | 010,467,656 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2010.12.13 05:59:14 | 000,036,360 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\blueletaudio.sys -- (BlueletAudio)
DRV - [2010.12.13 05:45:42 | 000,036,616 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btcusb.sys -- (Btcsrusb)
DRV - [2010.12.12 21:40:51 | 000,032,392 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VcommMgr.sys -- (VcommMgr)
DRV - [2010.12.12 21:34:13 | 000,014,856 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VComm.sys -- (VComm)
DRV - [2010.12.02 15:13:30 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2010.12.02 15:13:28 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2010.12.02 15:13:26 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2010.12.02 15:13:22 | 000,018,304 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2010.12.01 11:51:53 | 000,110,304 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\ACEDRV09.sys -- (ACEDRV09)
DRV - [2010.11.20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.11.20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WINUSB)
DRV - [2010.09.01 10:30:58 | 000,015,544 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\psi_mf.sys -- (PSI)
DRV - [2010.06.23 10:24:56 | 000,023,040 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\htcnprot.sys -- (htcnprot)
DRV - [2010.04.01 10:13:38 | 001,009,184 | ---- | M] (Realtek Semiconductor Corporation                          ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rtl8192se.sys -- (rtl8192se)
DRV - [2010.03.12 18:22:18 | 000,081,920 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ser2pl.sys -- (Ser2pl)
DRV - [2009.12.22 14:43:16 | 001,558,368 | ---- | M] (NXP Semiconductors Germany GmbH) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NxpCap.sys -- (NxpCap)
DRV - [2009.10.29 12:20:40 | 000,010,360 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hidkmdf.sys -- (hidkmdf)
DRV - [2009.10.29 12:20:38 | 000,022,392 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NW1950.sys -- (NW1950)
DRV - [2009.10.26 17:54:26 | 000,025,088 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ANDROIDUSB.sys -- (HTCAND32)
DRV - [2009.08.08 00:46:56 | 000,023,112 | ---- | M] (SiSoftware) [Kernel | On_Demand | Stopped] -- C:\Programme\SiSoftware\SiSoftware Sandra Lite 2011b\WNt500x86\sandra.sys -- (SANDRA)
DRV - [2009.06.30 17:32:54 | 000,212,000 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\nvstor32.sys -- (nvstor32)
DRV - [2009.06.29 00:36:36 | 000,017,920 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2009.06.08 10:00:56 | 000,071,696 | ---- | M] (Raxco Software, Inc.) [File_System | Auto | Running] -- C:\Windows\System32\drivers\DefragFs.sys -- (DefragFS)
DRV - [2009.06.05 01:47:48 | 000,024,608 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\nvamacpi.sys -- (nvamacpi)
DRV - [2009.01.29 18:11:20 | 000,006,016 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motfilt.sys -- (BTCFilterService)
DRV - [2008.08.26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007.06.24 21:56:40 | 000,027,656 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\BlueletSCOAudio.sys -- (BlueletSCOAudio)
DRV - [2007.03.05 20:59:04 | 000,018,320 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btnetdrv.sys -- (BT)
DRV - [2007.03.05 20:56:18 | 000,035,600 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\BtHidMgr.sys -- (BTHidMgr)
DRV - [2007.03.05 20:55:12 | 000,020,880 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\VBTEnum.sys -- (BTHidEnum)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\URLSearchHook:  - No CLSID value found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope =
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
 
IE - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\..\SearchScopes\{095C1A85-7264-4B56-BB5A-783E8E888AB2}: "URL" = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=302398&p={searchTerms}
IE - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\..\SearchScopes\{0A5C582A-2E0F-45B4-A278-5CC42B563211}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=kw&q={searchTerms}&locale=&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^YY^DE&apn_uid=b270a8c8-c838-4580-968b-86c69f2550a3&apn_sauid=74ACD6B1-898A-4431-99F3-0D200D08CED2
IE - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
IE - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\..\SearchScopes\{D73A46A4-5C66-4286-8399-9A51DF36E0A0}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=MEDTDF&pc=MAMD&src=IE-SearchBox
IE - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1166636.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi:  File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=4.0: C:\Program Files\Virtual Earth 3D\ [2011.06.18 18:41:42 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00: C:\Program Files\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.2.72: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.2.72: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.2.72: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.2.72: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.2.72: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: C:\Program Files\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.3: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1: C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll (Yahoo! Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2011.05.22 21:16:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012.02.28 18:48:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Program Files\AVG\AVG2012\Firefox\DoNotTrack\ [2012.05.01 15:59:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012.08.27 14:18:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.10.12 15:18:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.10.12 15:18:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.10.12 15:18:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.10.12 15:18:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.10.12 15:18:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.10.12 15:18:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.10.12 15:18:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.10.12 15:18:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.10.12 15:18:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.10.12 15:18:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.10.12 15:18:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.10.12 15:18:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.10.12 15:18:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 16.0.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.06.21 05:20:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 16.0.1\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2011.05.22 21:16:30 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.10.12 15:18:39 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.10.12 15:18:39 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.10.12 15:18:39 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
 
[2012.10.09 21:43:40 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.09.07 18:31:39 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.10.12 14:13:02 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\updated\extensions
[2012.10.12 14:13:02 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Programme\Mozilla Firefox\updated\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.10.12 14:13:21 | 000,000,000 | ---D | M] (Default) -- C:\Programme\Mozilla Firefox\updated\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2012.10.11 03:05:24 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010.12.09 12:47:06 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2007.03.10 01:16:44 | 000,189,496 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\mozilla firefox\plugins\npyaxmpb.dll
[2012.10.11 04:10:32 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.10.11 04:10:32 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.10.11 04:10:32 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.10.11 04:10:32 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.10.11 04:10:32 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.10.11 04:10:32 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.92\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.92\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.92\pdf.dll
CHR - plugin: Skype Click to Call (Enabled) = C:\Users\zr7driver\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.2.0.10687_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Windows Genuine Advantage (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npLegitCheckPlugin.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit)  (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit)  (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: Yahoo! activeX Plug-in Bridge (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll
CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility (Enabled) = C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Java Deployment Toolkit 7.0.70.10 (Enabled) = C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll
CHR - plugin: Java(TM) Platform SE 7 U7 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: Media Go Detector (Enabled) = C:\Program Files\Sony\Media Go\npmediago.dll
CHR - plugin: PlayStation(R)Network Downloader Check Plug-in (Enabled) = C:\Program Files\Sony\PLAYSTATION Network Downloader\nppsndl.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: RealNetworks(tm) Chrome Background Extension Plug-In (32-bit)  (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw_1166636.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - Extension: avast! WebRep = C:\Users\zr7driver\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1466_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\zr7driver\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: Skype Click to Call = C:\Users\zr7driver\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.2.0.10687_0\
 
O1 HOSTS File: ([2012.05.04 08:56:10 | 000,442,850 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1        www.007guard.com
O1 - Hosts: 127.0.0.1        007guard.com
O1 - Hosts: 127.0.0.1        008i.com
O1 - Hosts: 127.0.0.1        www.008k.com
O1 - Hosts: 127.0.0.1        008k.com
O1 - Hosts: 127.0.0.1        www.00hq.com
O1 - Hosts: 127.0.0.1        00hq.com
O1 - Hosts: 127.0.0.1        010402.com
O1 - Hosts: 127.0.0.1        www.032439.com
O1 - Hosts: 127.0.0.1        032439.com
O1 - Hosts: 127.0.0.1        www.0scan.com
O1 - Hosts: 127.0.0.1        0scan.com
O1 - Hosts: 127.0.0.1        1000gratisproben.com
O1 - Hosts: 127.0.0.1        www.1000gratisproben.com
O1 - Hosts: 127.0.0.1        1001namen.com
O1 - Hosts: 127.0.0.1        www.1001namen.com
O1 - Hosts: 127.0.0.1        www.100888290cs.com
O1 - Hosts: 127.0.0.1        100888290cs.com
O1 - Hosts: 127.0.0.1        100sexlinks.com
O1 - Hosts: 127.0.0.1        www.100sexlinks.com
O1 - Hosts: 127.0.0.1        www.10sek.com
O1 - Hosts: 127.0.0.1        10sek.com
O1 - Hosts: 127.0.0.1        1-2005-search.com
O1 - Hosts: 127.0.0.1        www.1-2005-search.com
O1 - Hosts: 127.0.0.1        www.123fporn.info
O1 - Hosts: 15214 more lines...
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Programme\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Programme\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Windows Live ID-Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (WOT Helper) - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Programme\WOT\WOT.dll ()
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (WOT) - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Programme\WOT\WOT.dll ()
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Programme\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\..\Toolbar\WebBrowser: (WOT) - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Programme\WOT\WOT.dll ()
O3 - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Programme\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
O4 - HKLM..\Run: [adm_tray.exe] C:\Programme\Acronis\DriveMonitor\adm_tray.exe ()
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [IObit Malware Fighter] C:\Program Files\IObit\IObit Malware Fighter\IMF.exe (IObit)
O4 - HKLM..\Run: [LexwareInfoService] C:\Program Files\Common Files\Lexware\Update Manager\LxUpdateManager.exe (Haufe-Lexware GmbH & Co. KG)
O4 - HKLM..\Run: [mumservice] C:\Programme\Motorola\Software Update\mumservice.exe (Motorola)
O4 - HKU\.DEFAULT..\Run: [FRITZ!protect] FwebProt.exe File not found
O4 - HKU\S-1-5-18..\Run: [FRITZ!protect] FwebProt.exe File not found
O4 - HKU\S-1-5-21-2688999502-884777346-3256751407-1001..\Run: [KiesPDLR] C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O4 - HKU\S-1-5-21-2688999502-884777346-3256751407-1001..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe (Samsung)
O4 - HKU\S-1-5-21-2688999502-884777346-3256751407-1001..\Run: [Sony PC Companion] C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe (Sony)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk =  File not found
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk =  File not found
O4 - Startup: C:\Users\zr7driver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\zr7driver\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\zr7driver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FRITZ!DSL Internet.lnk = C:\Programme\FRITZ!DSL\FritzDsl.exe (AVM Berlin)
O4 - Startup: C:\Users\zr7driver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FRITZ!DSL Protect.lnk = C:\Programme\FRITZ!DSL\FwebProt.exe (AVM Berlin)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoPropertiesMyComputer = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFileAssociate = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogoff = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispScrSavPage = 0
O7 - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 221
O7 - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found
O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - Reg Error: Key error. File not found
O9 - Extra Button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Programme\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Programme\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files\FRITZ!DSL\\sarah.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\FRITZ!DSL\sarah.dll (AVM Berlin)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\FRITZ!DSL\sarah.dll (AVM Berlin)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\FRITZ!DSL\sarah.dll (AVM Berlin)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000058 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000059 - C:\Program Files\FRITZ!DSL\sarah.dll (AVM Berlin)
O13 - gopher Prefix: missing
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {1E3F1348-4370-4BBE-A67A-CC7ED824CA85} hxxp://download.microsoft.com/download/7/4/9/749b0dc5-2175-4d5b-a6dd-9c4bc923683e/Selfhelpcontrol.cab (Microsoft Genuine Advantage Self Support Tool)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 10.7.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3752C415-0AD3-4D70-88DD-5C627777D71D}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{70461503-9E7A-42FB-9CFC-1852690458B5}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8BBE4987-A903-408A-A660-FD8F19F10960}: DhcpNameServer = 192.168.42.129
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\wot {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Programme\WOT\WOT.dll ()
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{13769a4b-bcd5-11df-a9f6-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{13769a4b-bcd5-11df-a9f6-806e6f6e6963}\Shell\AutoRun\command - "" = E:\LxSetup.exe
O33 - MountPoints2\{30442c83-27ba-11e1-9df3-001583096ec8}\Shell - "" = AutoRun
O33 - MountPoints2\{30442c83-27ba-11e1-9df3-001583096ec8}\Shell\AutoRun\command - "" = G:\setup.exe -a
O33 - MountPoints2\{50e93006-11bf-11e0-b121-001583096ec8}\Shell - "" = AutoRun
O33 - MountPoints2\{d20cf144-c87b-11df-ad11-001583096ec8}\Shell - "" = AutoRun
O34 - HKLM BootExecute: (pdboot.exe)
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^PHOTOfunSTUDIO 5.2 HD Edition.lnk - C:\Programme\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe - (Panasonic Corporation)
MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Secunia PSI Tray.lnk - C:\Programme\Secunia\PSI\psi_tray.exe - (Secunia)
MsConfig - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: AndroidSync - hkey= - key= - C:\Program Files\Android-Sync\AndroidSync.exe (hxxp://www.android-sync.com)
MsConfig - StartUpReg: B2C_AGENT - hkey= - key= - C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe (LG Electronics)
MsConfig - StartUpReg: Badoo Desktop - hkey= - key= - C:\ProgramData\Badoo\Badoo Desktop\1.2.22.828\Badoo.Desktop.exe (Badoo)
MsConfig - StartUpReg: Guard.Mail.ru.gui - hkey= - key= -  File not found
MsConfig - StartUpReg: HTC Sync Loader - hkey= - key= - C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe ()
MsConfig - StartUpReg: KiesAirMessage - hkey= - key= -  File not found
MsConfig - StartUpReg: KiesHelper - hkey= - key= -  File not found
MsConfig - StartUpReg: KiesPDLR - hkey= - key= - C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
MsConfig - StartUpReg: KiesTrayAgent - hkey= - key= - C:\Programme\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
MsConfig - StartUpReg: Messenger (Yahoo!) - hkey= - key= - C:\Programme\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
MsConfig - StartUpReg: Miranda Fusion - hkey= - key= - C:\Programme\MirandaFusion\fusiontools\mfstart.exe (Miranda Fusion Team)
MsConfig - StartUpReg: mumservice - hkey= - key= - C:\Programme\Motorola\Software Update\mumservice.exe (Motorola)
MsConfig - StartUpReg: NokiaMServer - hkey= - key= - C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
MsConfig - StartUpReg: NokiaOviSuite2 - hkey= - key= - C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe (Nokia)
MsConfig - StartUpReg: TkBellExe - hkey= - key= - c:\program files\real\realplayer\Update\realsched.exe (RealNetworks, Inc.)
MsConfig - StartUpReg: TomTomHOME.exe - hkey= - key= - C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
MsConfig - StartUpReg: WinampAgent - hkey= - key= - C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.)
MsConfig - State: "startup" - 2
 
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: IMFservice - C:\Programme\IObit\IObit Malware Fighter\IMFsrv.exe (IObit)
SafeBootMin: NTDS -  File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS -  File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
ActiveX: {0291E591-EA41-4c82-8106-3DC6CE7F7664} - Reg Error: Value error.
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {166B1BCA-3F9C-11CF-8075-444553540000} - Macromedia Shockwave Director 10.1
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 10.4
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Macromedia Shockwave Director 10.1
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} - Reg Error: Value error.
ActiveX: {347B0667-C7ED-429B-BDE3-CC8D3BACAA31} - Reg Error: Value error.
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Webordner
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - DOTNETFRAMEWORKS
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - Reg Error: Value error.
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.10.11 23:02:36 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2012.10.11 23:02:36 | 000,000,000 | ---D | C] -- C:\Users\zr7driver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
[2012.10.10 19:57:00 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\zr7driver\Desktop\OTL.exe
[2012.10.08 09:41:26 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012.10.07 21:11:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2012.10.07 01:11:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.10.07 01:11:15 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.10.07 01:11:15 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.10.05 18:48:20 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2012.10.05 18:48:15 | 000,134,184 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avipbb.sys
[2012.10.05 18:48:15 | 000,083,792 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avgntflt.sys
[2012.10.05 18:48:15 | 000,036,552 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avkmgr.sys
[2012.10.05 18:48:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2012.10.05 18:48:12 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2012.09.29 16:15:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steuer 2010
[2012.09.29 16:15:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexware
[2012.09.29 16:14:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Lexware
[2012.09.29 16:14:21 | 000,000,000 | ---D | C] -- C:\Program Files\Lexware
[2012.09.29 16:11:05 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Lexware
[2012.09.29 16:11:04 | 000,000,000 | ---D | C] -- C:\Users\zr7driver\AppData\Local\Lexware
[2012.09.28 21:41:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Care 365
[2012.09.28 21:41:02 | 000,000,000 | ---D | C] -- C:\Program Files\Wise
[2012.09.21 10:58:54 | 000,000,000 | ---D | C] -- C:\Users\zr7driver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Urlaubsplaner 2013
[2012.09.15 16:55:23 | 000,181,344 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\System32\drivers\ssudserd.sys
[2012.09.15 16:55:23 | 000,181,344 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\System32\drivers\ssudmdm.sys
[2012.09.15 16:55:22 | 000,083,168 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\System32\drivers\ssudbus.sys
[2012.09.14 12:11:42 | 000,000,000 | ---D | C] -- C:\Users\zr7driver\Documents\Steuerfälle
[2012.09.14 12:11:42 | 000,000,000 | ---D | C] -- C:\Users\zr7driver\AppData\Local\AAV
[2012.09.14 12:03:03 | 000,000,000 | ---D | C] -- C:\Program Files\AAVUpdateManager
[2012.09.14 12:02:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steuer-Sparer 2012
[2012.09.14 11:59:38 | 000,000,000 | ---D | C] -- C:\Program Files\Steuer-Sparer 2012
[2012.09.14 11:58:32 | 000,000,000 | ---D | C] -- C:\ProgramData\AAV
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.10.12 16:12:00 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.10.12 15:33:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.10.12 15:18:45 | 000,001,115 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.10.12 13:34:00 | 000,000,944 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2688999502-884777346-3256751407-1001UA.job
[2012.10.12 09:20:53 | 000,009,888 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.10.12 09:20:51 | 000,009,888 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.10.12 09:18:52 | 000,707,706 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.10.12 09:18:52 | 000,661,302 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.10.12 09:18:52 | 000,153,192 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.10.12 09:18:52 | 000,125,388 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.10.12 09:11:24 | 000,001,100 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.10.12 09:11:14 | 000,000,322 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job
[2012.10.12 09:11:11 | 000,000,406 | ---- | M] () -- C:\Windows\tasks\Wise Care 365.job
[2012.10.12 09:10:52 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.10.12 09:10:41 | 2616,643,584 | -HS- | M] () -- C:\hiberfil.sys
[2012.10.11 23:02:37 | 000,001,244 | ---- | M] () -- C:\Users\zr7driver\Desktop\Revo Uninstaller.lnk
[2012.10.11 22:34:00 | 000,000,922 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2688999502-884777346-3256751407-1001Core.job
[2012.10.11 19:10:32 | 000,001,124 | ---- | M] () -- C:\Users\Public\Desktop\Wise Care 365.lnk
[2012.10.11 06:14:51 | 000,002,326 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012.10.10 19:57:07 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\zr7driver\Desktop\OTL.exe
[2012.10.09 20:32:20 | 000,538,327 | ---- | M] () -- C:\Users\zr7driver\Desktop\adwcleaner.exe
[2012.10.07 21:11:37 | 000,002,022 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2012.10.07 01:11:17 | 000,001,089 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.10.01 17:14:23 | 000,134,184 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avipbb.sys
[2012.09.29 16:25:19 | 000,002,739 | ---- | M] () -- C:\Users\Public\Desktop\Steuer 2010.lnk
[2012.09.27 21:12:55 | 000,010,495 | ---- | M] () -- C:\Users\zr7driver\WaltherR_elster_2048.pfx
[2012.09.24 09:58:11 | 000,036,552 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avkmgr.sys
[2012.09.21 10:58:54 | 000,001,094 | ---- | M] () -- C:\Users\zr7driver\Desktop\Urlaubsplaner 2013 (Version 2.13) - Deutschland.lnk
[2012.09.18 10:15:17 | 000,000,969 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.09.14 12:09:37 | 000,001,900 | ---- | M] () -- C:\Users\Public\Desktop\Steuer-Sparer 2012.lnk
[2012.09.13 10:58:17 | 000,083,792 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avgntflt.sys
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

zr7driver 12.10.2012 19:34
Code:
========== Files Created - No Company Name ==========
 
[2012.10.11 23:02:37 | 000,001,244 | ---- | C] () -- C:\Users\zr7driver\Desktop\Revo Uninstaller.lnk
[2012.10.07 10:04:28 | 000,538,327 | ---- | C] () -- C:\Users\zr7driver\Desktop\adwcleaner.exe
[2012.10.07 01:11:17 | 000,001,089 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.10.05 18:50:12 | 000,002,022 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2012.09.29 16:15:52 | 000,002,739 | ---- | C] () -- C:\Users\Public\Desktop\Steuer 2010.lnk
[2012.09.28 22:24:17 | 000,000,406 | ---- | C] () -- C:\Windows\tasks\Wise Care 365.job
[2012.09.28 21:41:07 | 000,001,124 | ---- | C] () -- C:\Users\Public\Desktop\Wise Care 365.lnk
[2012.09.27 21:12:39 | 000,010,495 | ---- | C] () -- C:\Users\zr7driver\WaltherR_elster_2048.pfx
[2012.09.21 10:58:54 | 000,001,094 | ---- | C] () -- C:\Users\zr7driver\Desktop\Urlaubsplaner 2013 (Version 2.13) - Deutschland.lnk
[2012.09.14 12:02:28 | 000,001,900 | ---- | C] () -- C:\Users\Public\Desktop\Steuer-Sparer 2012.lnk
[2012.07.29 10:59:44 | 000,000,017 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\resmon.resmoncfg
[2012.06.17 13:31:23 | 000,001,124 | ---- | C] () -- C:\Users\zr7driver\Unterammergau_2012.itn
[2012.06.17 13:29:59 | 000,023,945 | ---- | C] () -- C:\Users\zr7driver\Unterammergau_2012.kml
[2012.04.09 20:19:46 | 000,002,773 | ---- | C] () -- \ZR7DRIVER-PC.rtf
[2012.03.30 20:40:37 | 000,338,432 | ---- | C] () -- C:\Windows\System32\sqlite36_engine.dll
[2012.03.15 12:19:31 | 002,950,336 | ---- | C] () -- C:\Users\zr7driver\Kony2012_digital_kit.zip
[2012.02.01 05:41:45 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{4A4B9D26-AA08-4479-8413-EC94C1495FEA}
[2012.01.31 19:15:44 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2012.01.31 19:15:42 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2012.01.31 19:15:42 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2012.01.31 19:15:42 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2012.01.31 19:15:42 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
[2012.01.13 20:08:12 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{3ADCD066-1845-4420-813A-0152E185A562}
[2011.12.30 10:50:01 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{0766FBBE-1B10-4D18-B8FD-7921451DF9C6}
[2011.12.26 13:04:07 | 000,451,072 | ---- | C] () -- C:\Windows\System32\ISSRemoveSP.exe
[2011.12.25 23:49:46 | 000,110,080 | ---- | C] () -- C:\Windows\System32\advd.dll
[2011.12.25 23:49:46 | 000,023,040 | ---- | C] () -- C:\Windows\System32\auth.dll
[2011.12.25 23:49:44 | 000,559,104 | ---- | C] () -- C:\Windows\System32\lame.exe
[2011.12.25 23:49:44 | 000,237,568 | ---- | C] () -- C:\Windows\System32\lame_enc.dll
[2011.12.23 10:50:00 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{1C4F85BF-C25C-40D8-9072-C915C7610CF0}
[2011.12.23 10:02:20 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{DC88FA66-C4A7-4165-B3C1-62F961889D2F}
[2011.12.23 05:42:16 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{753738CE-CC9E-43C5-A535-266989FB1EB0}
[2011.12.22 21:15:10 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{56518DCC-6EA3-475B-8402-DCD2DBC03511}
[2011.12.22 10:50:00 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{CEC58609-76D2-4EA6-9531-7C3AA9E59D4E}
[2011.12.22 09:58:41 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{75C3B094-F8E5-49A6-B3F7-6EE5EC9B06A9}
[2011.12.13 10:50:01 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{36A7198A-B63C-4ED1-8E79-D6E1A01847BA}
[2011.12.13 10:04:48 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{43A6C6E7-5102-4D08-B831-D9FF396BBB74}
[2011.12.12 10:50:02 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{E93FDF79-0B6E-40E7-ACBB-3E68917B158A}
[2011.12.08 10:08:03 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{A4AFC9A3-D672-44ED-982A-467C3938BFE7}
[2011.12.07 09:54:52 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{E9BBF441-1A49-47C7-A653-236B5B3BBFA1}
[2011.12.04 07:22:12 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{AE7A2FF6-BC86-4981-A1CC-55430DF54232}
[2011.12.02 10:04:51 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{5CE40A7C-C86D-4574-AA9B-81AF3B3984FF}
[2011.12.01 21:19:21 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{A67ACE38-ADEE-449A-86E7-909D2DBA9B23}
[2011.12.01 10:06:14 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{A795E345-7B05-4BC3-80F5-8E145C4EDBA5}
[2011.11.30 21:01:54 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{46D14579-E7ED-4468-A4A1-010E6903B9D6}
[2011.11.29 10:50:01 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{15BAC503-F22F-4409-A44E-3EF0670584FA}
[2011.11.29 10:03:41 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{759C9C24-C460-4D61-9460-1EBF1E7E2F7F}
[2011.11.29 05:39:30 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{4D4D9BF3-9AC9-4895-9352-F90DC35855A6}
[2011.11.25 19:49:49 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{A36FD9B9-77B7-4AA3-88CD-916BA7ED3164}
[2011.11.23 19:32:37 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{0BF97707-9995-4474-AA26-C1B7A09F2755}
[2011.11.20 12:36:06 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{9A3933A9-ABB4-4DD1-BDF9-EE9E60064BA0}
[2011.11.14 11:03:11 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{D09CB122-FADC-444C-8947-C71A91EABD81}
[2011.11.14 10:50:03 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{60914264-77B5-4DF5-97B5-7C0FF0508A66}
[2011.10.10 11:33:41 | 000,000,097 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\fusioncache.dat
[2011.06.17 00:36:07 | 005,406,987 | ---- | C] () -- \RUU_signed.nbh
[2011.06.17 00:36:07 | 001,481,928 | ---- | C] () -- \task29.exe
[2011.06.17 00:36:07 | 001,449,160 | ---- | C] () -- \RUUResource.dll
[2011.06.17 00:36:07 | 000,213,864 | ---- | C] () -- \ModelID.fig
[2011.06.17 00:36:07 | 000,175,304 | ---- | C] () -- \rapitool.exe
[2011.06.17 00:36:07 | 000,141,368 | ---- | C] () -- \ErrorUSB.fig
[2011.06.17 00:36:07 | 000,095,552 | ---- | C] () -- \ErrorBattery.fig
[2011.06.17 00:36:07 | 000,013,512 | ---- | C] () -- \RUUGetInfo.exe
[2011.06.17 00:36:07 | 000,008,904 | ---- | C] () -- \EnterBootloader.exe
[2011.06.17 00:36:07 | 000,000,013 | ---- | C] () -- \ROMUpdateUtility.cfg
[2011.06.10 06:34:52 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2011.06.03 22:46:09 | 000,000,518 | ---- | C] () -- C:\Windows\wininit.ini
[2011.04.27 10:40:07 | 000,000,064 | ---- | C] () -- C:\Windows\System32\rp_stats.dat
[2011.04.27 10:40:07 | 000,000,044 | ---- | C] () -- C:\Windows\System32\rp_rules.dat
[2011.01.21 23:30:49 | 000,000,102 | ---- | C] () -- \qehjlhawlh
[2011.01.18 20:57:44 | 000,000,862 | ---- | C] () -- C:\Users\zr7driver\.recently-used.xbel
[2011.01.08 12:02:39 | 000,001,117 | ---- | C] () -- C:\Users\zr7driver\Dokumente - Verknüpfung.lnk
[2011.01.04 21:05:23 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll
[2010.12.26 00:18:10 | 000,000,064 | ---- | C] () -- C:\ProgramData\sandra.ldb
[2010.12.26 00:14:22 | 010,960,896 | ---- | C] () -- C:\ProgramData\sandra.mda
[2010.11.16 21:01:57 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
[2010.11.16 21:01:56 | 000,111,932 | ---- | C] () -- C:\Windows\System32\EPPICPrinterDB.dat
[2010.11.16 21:01:56 | 000,031,053 | ---- | C] () -- C:\Windows\System32\EPPICPattern131.dat
[2010.11.16 21:01:56 | 000,027,417 | ---- | C] () -- C:\Windows\System32\EPPICPattern121.dat
[2010.11.16 21:01:56 | 000,026,154 | ---- | C] () -- C:\Windows\System32\EPPICPattern1.dat
[2010.11.16 21:01:56 | 000,024,903 | ---- | C] () -- C:\Windows\System32\EPPICPattern3.dat
[2010.11.16 21:01:56 | 000,021,390 | ---- | C] () -- C:\Windows\System32\EPPICPattern5.dat
[2010.11.16 21:01:56 | 000,020,148 | ---- | C] () -- C:\Windows\System32\EPPICPattern2.dat
[2010.11.16 21:01:56 | 000,011,811 | ---- | C] () -- C:\Windows\System32\EPPICPattern4.dat
[2010.11.16 21:01:56 | 000,004,943 | ---- | C] () -- C:\Windows\System32\EPPICPattern6.dat
[2010.11.16 21:01:56 | 000,001,146 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_DU.dat
[2010.11.16 21:01:56 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_PT.dat
[2010.11.16 21:01:56 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_BP.dat
[2010.11.16 21:01:56 | 000,001,136 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_ES.dat
[2010.11.16 21:01:56 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_FR.dat
[2010.11.16 21:01:56 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_CF.dat
[2010.11.16 21:01:56 | 000,001,120 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_IT.dat
[2010.11.16 21:01:56 | 000,001,107 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_GE.dat
[2010.11.16 21:01:56 | 000,001,104 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_EN.dat
[2010.10.28 13:24:13 | 000,015,873 | ---- | C] () -- C:\Windows\System32\Inetde.dll
[2010.10.03 22:23:13 | 001,140,638 | ---- | C] () -- C:\Users\zr7driver\Backup LG GT540 Optimus 03.10.2010.mpb
[2010.10.02 22:02:25 | 000,000,360 | -H-- | C] () -- \IPH.PH
[2010.09.24 13:26:13 | 000,050,688 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.09.12 11:27:22 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.09.10 14:15:23 | 2616,643,584 | -HS- | C] () -- \hiberfil.sys
[2010.02.15 15:31:27 | 000,000,000 | RHS- | C] () -- \MSDOS.SYS
[2010.02.15 15:31:27 | 000,000,000 | RHS- | C] () -- \IO.SYS
[2009.07.14 04:04:04 | 000,000,024 | ---- | C] () -- \autoexec.bat
[2009.07.14 04:04:04 | 000,000,010 | ---- | C] () -- \config.sys
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2010.09.10 14:23:37 | 000,000,000 | -H-D | M] -- C:\Users\Administrator\AppData
[2012.09.14 12:05:54 | 000,000,000 | ---D | M] -- C:\Users\All Users\AAV
[2012.06.21 22:54:33 | 000,000,000 | ---D | M] -- C:\Users\All Users\Acronis
[2010.10.02 22:02:57 | 000,000,000 | ---D | M] -- C:\Users\All Users\AIM
[2010.09.10 14:33:24 | 000,000,000 | ---D | M] -- C:\Users\All Users\ALDI Sued Foto Service
[2010.02.15 19:14:06 | 000,000,000 | ---D | M] -- C:\Users\All Users\Aldi Sued Fotoservice
[2010.09.10 14:23:35 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Anwendungsdaten
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Application Data
[2010.02.04 10:24:04 | 000,000,000 | ---D | M] -- C:\Users\All Users\Applications
[2010.10.01 09:50:45 | 000,000,000 | ---D | M] -- C:\Users\All Users\ashampoo
[2010.10.28 14:22:41 | 000,000,000 | ---D | M] -- C:\Users\All Users\Avanquest
[2011.12.13 12:33:25 | 000,000,000 | ---D | M] -- C:\Users\All Users\AVAST Software
[2011.01.21 23:14:26 | 000,000,000 | ---D | M] -- C:\Users\All Users\Avery
[2012.05.01 17:04:55 | 000,000,000 | ---D | M] -- C:\Users\All Users\AVG2012
[2011.03.20 19:35:07 | 000,000,000 | ---D | M] -- C:\Users\All Users\Badoo
[2011.11.13 13:13:35 | 000,000,000 | ---D | M] -- C:\Users\All Users\BlueStacks
[2010.09.11 13:32:20 | 000,000,000 | ---D | M] -- C:\Users\All Users\Bluetooth
[2010.09.10 14:38:52 | 000,000,000 | ---D | M] -- C:\Users\All Users\BullGuard
[2011.01.21 23:25:01 | 000,000,000 | ---D | M] -- C:\Users\All Users\CAM Development
[2012.07.06 11:12:42 | 000,000,000 | ---D | M] -- C:\Users\All Users\Canneverbe Limited
[2010.12.21 18:54:57 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CanonBJ
[2010.12.21 19:18:51 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CanonEPP
[2011.01.06 12:49:01 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CanonIJEGV
[2010.12.21 19:20:52 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CanonIJEPPEX
[2010.12.21 19:18:51 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CanonIJEPPEX2
[2010.12.21 18:59:24 | 000,000,000 | ---D | M] -- C:\Users\All Users\CanonIJMSetup
[2010.12.21 19:18:50 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CanonIJMyPrinter
[2012.10.11 19:19:04 | 000,000,000 | ---D | M] -- C:\Users\All Users\CanonIJPLM
[2010.12.21 19:18:54 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CanonIJSolutionMenuEX
[2010.12.21 18:57:38 | 000,000,000 | ---D | M] -- C:\Users\All Users\CanonIJWSpt
[2011.12.13 12:28:15 | 000,000,000 | ---D | M] -- C:\Users\All Users\CheckPoint
[2012.04.06 22:36:51 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Common Files
[2011.05.27 20:42:55 | 000,000,000 | ---D | M] -- C:\Users\All Users\Das Fussball Studio
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Desktop
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Documents
[2010.09.10 14:23:35 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Dokumente
[2010.09.24 15:06:46 | 000,000,000 | ---D | M] -- C:\Users\All Users\Electronic Arts
[2010.09.10 14:23:35 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Favoriten
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Favorites
[2012.05.30 15:31:55 | 000,000,000 | ---D | M] -- C:\Users\All Users\GFI Software
[2011.09.02 19:02:18 | 000,000,000 | ---D | M] -- C:\Users\All Users\ICQ
[2011.02.03 11:43:08 | 000,000,000 | ---D | M] -- C:\Users\All Users\Installations
[2010.09.14 20:54:50 | 000,000,000 | ---D | M] -- C:\Users\All Users\ISDNWatch
[2011.09.18 13:50:27 | 000,000,000 | ---D | M] -- C:\Users\All Users\Kaspersky SDK
[2012.09.29 16:20:15 | 000,000,000 | ---D | M] -- C:\Users\All Users\Lexware
[2012.08.06 17:35:58 | 000,000,000 | ---D | M] -- C:\Users\All Users\LGMOBILEAX
[2011.12.26 00:31:42 | 000,000,000 | ---D | M] -- C:\Users\All Users\MAGIX
[2010.10.01 09:34:33 | 000,000,000 | ---D | M] -- C:\Users\All Users\Magix Shared
[2012.07.04 11:21:23 | 000,000,000 | ---D | M] -- C:\Users\All Users\Motorola
[2011.02.03 11:45:44 | 000,000,000 | ---D | M] -- C:\Users\All Users\Nokia
[2011.05.22 21:27:49 | 000,000,000 | ---D | M] -- C:\Users\All Users\NokiaAccount
[2011.02.03 11:35:56 | 000,000,000 | ---D | M] -- C:\Users\All Users\NokiaInstallerCache
[2010.10.28 09:33:37 | 000,000,000 | ---D | M] -- C:\Users\All Users\OO Software
[2010.11.17 23:21:04 | 000,000,000 | ---D | M] -- C:\Users\All Users\Panasonic
[2011.02.03 20:58:50 | 000,000,000 | ---D | M] -- C:\Users\All Users\PC Suite
[2010.10.28 14:56:56 | 000,000,000 | ---D | M] -- C:\Users\All Users\PimeroUpdater
[2011.09.25 19:24:16 | 000,000,000 | ---D | M] -- C:\Users\All Users\RapidSolution
[2012.06.03 09:31:13 | 000,000,000 | ---D | M] -- C:\Users\All Users\Samsung
[2010.09.14 09:30:30 | 000,000,000 | ---D | M] -- C:\Users\All Users\ScanSoft
[2010.10.28 14:56:56 | 000,000,000 | ---D | M] -- C:\Users\All Users\soft-evolution
[2012.08.17 13:24:08 | 000,000,000 | ---D | M] -- C:\Users\All Users\Sony
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Start Menu
[2010.09.10 14:23:35 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Startmenü
[2010.09.24 14:39:57 | 000,000,000 | ---D | M] -- C:\Users\All Users\T-Online
[2012.06.05 16:48:09 | 000,000,000 | ---D | M] -- C:\Users\All Users\Temp
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Templates
[2010.12.18 13:26:06 | 000,000,000 | ---D | M] -- C:\Users\All Users\TomTom
[2010.12.12 21:06:36 | 000,000,000 | ---D | M] -- C:\Users\All Users\Uniblue
[2010.09.10 14:23:35 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Vorlagen
[2010.09.10 14:23:35 | 000,000,000 | -HSD | M] -- C:\Users\Default\Anwendungsdaten
[2009.07.14 04:37:05 | 000,000,000 | -H-D | M] -- C:\Users\Default\AppData
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\Default\Application Data
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\Default\Cookies
[2009.07.14 04:04:25 | 000,000,000 | R--D | M] -- C:\Users\Default\Desktop
[2010.09.10 14:23:35 | 000,000,000 | R--D | M] -- C:\Users\Default\Documents
[2009.07.14 04:04:25 | 000,000,000 | R--D | M] -- C:\Users\Default\Downloads
[2010.09.10 14:23:35 | 000,000,000 | -HSD | M] -- C:\Users\Default\Druckumgebung
[2010.09.10 14:23:35 | 000,000,000 | -HSD | M] -- C:\Users\Default\Eigene Dateien
[2010.02.15 14:08:00 | 000,000,000 | R--D | M] -- C:\Users\Default\Favorites
[2009.07.14 04:04:25 | 000,000,000 | R--D | M] -- C:\Users\Default\Links
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\Default\Local Settings
[2010.09.10 14:23:35 | 000,000,000 | -HSD | M] -- C:\Users\Default\Lokale Einstellungen
[2009.07.14 04:04:25 | 000,000,000 | R--D | M] -- C:\Users\Default\Music
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\Default\My Documents
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\Default\NetHood
[2010.09.10 14:23:35 | 000,000,000 | -HSD | M] -- C:\Users\Default\Netzwerkumgebung
[2009.07.14 04:04:25 | 000,000,000 | R--D | M] -- C:\Users\Default\Pictures
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\Default\PrintHood
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\Default\Recent
[2009.07.14 04:04:25 | 000,000,000 | ---D | M] -- C:\Users\Default\Saved Games
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\Default\SendTo
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\Default\Start Menu
[2010.09.10 14:23:35 | 000,000,000 | -HSD | M] -- C:\Users\Default\Startmenü
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\Default\Templates
[2009.07.14 04:04:25 | 000,000,000 | R--D | M] -- C:\Users\Default\Videos
[2010.09.10 14:23:35 | 000,000,000 | -HSD | M] -- C:\Users\Default\Vorlagen
[2012.10.12 15:18:45 | 000,000,000 | RH-D | M] -- C:\Users\Public\Desktop
[2012.05.01 18:01:42 | 000,000,000 | R--D | M] -- C:\Users\Public\Documents
[2009.07.14 06:41:57 | 000,000,000 | R--D | M] -- C:\Users\Public\Downloads
[2009.07.14 04:04:25 | 000,000,000 | RH-D | M] -- C:\Users\Public\Favorites
[2010.09.10 14:23:36 | 000,000,000 | RH-D | M] -- C:\Users\Public\Libraries
[2009.07.14 06:41:57 | 000,000,000 | R--D | M] -- C:\Users\Public\Music
[2010.11.28 10:51:32 | 000,000,000 | R--D | M] -- C:\Users\Public\Pictures
[2010.09.11 11:34:19 | 000,000,000 | R--D | M] -- C:\Users\Public\Recorded TV
[2012.08.21 14:05:30 | 000,000,000 | R--D | M] -- C:\Users\Public\Videos
[2011.01.18 21:04:39 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\.gimp-2.6
[2012.08.16 14:37:17 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\.hgt
[2011.05.29 10:38:53 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\.jordan
[2012.08.11 19:06:48 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\.swt
[2011.01.18 20:57:41 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\.thumbnails
[2010.09.10 14:23:51 | 000,000,000 | -HSD | M] -- C:\Users\zr7driver\Anwendungsdaten
[2010.09.10 14:23:51 | 000,000,000 | -H-D | M] -- C:\Users\zr7driver\AppData
[2010.09.11 13:57:02 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\Application Data
[2012.07.12 18:50:21 | 000,000,000 | R--D | M] -- C:\Users\zr7driver\Contacts
[2010.09.10 14:23:51 | 000,000,000 | -HSD | M] -- C:\Users\zr7driver\Cookies
[2012.10.12 11:34:58 | 000,000,000 | R--D | M] -- C:\Users\zr7driver\Desktop
[2012.09.29 16:08:53 | 000,000,000 | R--D | M] -- C:\Users\zr7driver\Documents
[2012.10.12 15:14:25 | 000,000,000 | R--D | M] -- C:\Users\zr7driver\Downloads
[2012.10.12 09:13:45 | 000,000,000 | R--D | M] -- C:\Users\zr7driver\Dropbox
[2010.09.10 14:23:51 | 000,000,000 | -HSD | M] -- C:\Users\zr7driver\Druckumgebung
[2010.09.10 14:23:51 | 000,000,000 | -HSD | M] -- C:\Users\zr7driver\Eigene Dateien
[2012.08.11 19:12:29 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\Eigene Routen
[2012.07.28 18:43:44 | 000,000,000 | R--D | M] -- C:\Users\zr7driver\Favorites
[2012.03.05 14:54:22 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\Handy
[2012.08.26 18:19:27 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\IGO
[2012.08.03 21:41:35 | 000,000,000 | R--D | M] -- C:\Users\zr7driver\Links
[2010.09.10 14:23:51 | 000,000,000 | -HSD | M] -- C:\Users\zr7driver\Lokale Einstellungen
[2012.10.11 11:42:16 | 000,000,000 | R--D | M] -- C:\Users\zr7driver\Music
[2010.09.10 14:23:51 | 000,000,000 | -HSD | M] -- C:\Users\zr7driver\Netzwerkumgebung
[2012.06.17 13:28:52 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\Neuer Ordner
[2012.06.17 13:29:08 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\Neuer Ordner (2)
[2012.06.17 13:29:52 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\Neuer Ordner (3)
[2012.10.02 19:47:04 | 000,000,000 | R--D | M] -- C:\Users\zr7driver\Pictures
[2012.08.20 17:46:18 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\Podcasts
[2010.09.10 14:23:51 | 000,000,000 | -HSD | M] -- C:\Users\zr7driver\Recent
[2012.07.12 18:50:22 | 000,000,000 | R--D | M] -- C:\Users\zr7driver\Saved Games
[2012.10.07 20:39:51 | 000,000,000 | R--D | M] -- C:\Users\zr7driver\Searches
[2010.09.10 14:23:51 | 000,000,000 | -HSD | M] -- C:\Users\zr7driver\SendTo
[2010.09.10 14:23:51 | 000,000,000 | -HSD | M] -- C:\Users\zr7driver\Startmenü
[2010.12.26 00:01:52 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\Tracing
[2012.09.30 13:51:29 | 000,000,000 | R--D | M] -- C:\Users\zr7driver\Videos
[2010.09.10 14:23:51 | 000,000,000 | -HSD | M] -- C:\Users\zr7driver\Vorlagen
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2010.10.28 14:18:49 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\A-Z Technology
[2010.10.02 22:04:10 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\acccore
[2012.05.30 09:44:14 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Ad-Aware Antivirus
[2011.06.13 19:49:33 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Adobe
[2010.12.16 21:21:27 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\ALK Technologies
[2011.09.09 13:46:44 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Amazon
[2011.10.29 09:06:40 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Apple Computer
[2012.05.26 21:04:40 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Ashampoo
[2012.08.11 11:42:43 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Audacity
[2011.01.26 15:58:44 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Avery
[2012.05.01 16:29:09 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\AVG2012
[2012.10.05 18:56:32 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Avira
[2010.12.04 14:50:24 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\BOM
[2012.07.06 11:12:41 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Canneverbe Limited
[2012.01.23 06:15:42 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Canon
[2010.12.21 19:26:56 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\CD-LabelPrint
[2011.06.04 13:50:55 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\CheckPoint
[2010.09.19 14:50:38 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Chilirec
[2011.09.02 19:03:03 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\COMPUTERBILD-Abzockschutz
[2012.06.03 00:15:44 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\concept design
[2012.06.21 20:11:09 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\convert
[2010.11.27 12:27:16 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Cool Record Edit Pro
[2010.11.19 12:08:31 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Corel
[2010.11.13 22:23:11 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\CyberLink
[2012.10.12 09:13:51 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Dropbox
[2010.09.11 21:55:53 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.10.23 11:56:56 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\FastStone
[2010.10.23 18:03:47 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\FinalTorrent
[2010.11.05 10:08:17 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Fixit-E28F99E6-6133-4824-AECC-4D2FB1701F0B
[2010.12.12 20:59:56 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\foobar2000
[2011.12.25 23:51:12 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Franzis
[2010.11.27 11:25:32 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Free Sound Recorder 2010
[2010.10.28 11:45:39 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\FreeCommander
[2012.10.12 15:22:50 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\FRITZ!
[2010.09.14 20:54:50 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\FRITZ!fax für FRITZ!Box
[2012.06.03 20:12:55 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Geek Uninstaller
[2012.08.23 18:51:08 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\GeoSetter
[2011.01.21 23:12:47 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\GetRightToGo
[2010.09.24 14:52:19 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\GlarySoft
[2011.01.18 20:57:44 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\gtk-2.0
[2012.07.18 09:51:28 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\HTC
[2011.06.13 19:56:38 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1
[2012.05.29 16:30:38 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\ICQ
[2010.09.10 14:24:11 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Identities
[2010.11.16 21:01:55 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\InstallShield
[2012.07.28 18:43:35 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\IObit
[2012.07.12 11:53:07 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\IrfanView
[2012.06.05 16:42:29 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\iSpy
[2012.09.29 16:19:37 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Lexware
[2010.09.13 11:15:13 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\LG Electronics
[2010.09.10 14:47:37 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Macromedia
[2011.12.26 15:19:54 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\MAGIX
[2012.04.06 22:14:51 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Malwarebytes
[2010.10.28 14:25:13 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Marine Aquarium 3
[2009.07.14 10:56:41 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Media Center Programs
[2012.04.09 20:31:48 | 000,000,000 | --SD | M] -- C:\Users\zr7driver\AppData\Roaming\Microsoft
[2011.06.04 09:41:15 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Miranda
[2011.05.01 19:40:34 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Miranda Fusion
[2011.12.16 20:49:54 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\motorola
[2012.07.04 10:14:43 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Motorola Mobility
[2010.09.12 23:24:34 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Mozilla
[2012.06.10 17:56:08 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\MyPhoneExplorer
[2011.10.23 12:38:31 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\NCH Software
[2010.09.24 15:28:50 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Need for Speed World
[2012.10.12 16:32:06 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\NetSpeedMonitor
[2011.02.03 11:47:02 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Nokia
[2011.02.03 11:47:05 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Nokia Ovi Suite
[2010.09.20 10:01:58 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\OpenOffice.org
[2011.06.14 18:11:07 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Outlook
[2011.04.03 16:48:53 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\PC Suite
[2012.07.29 11:28:54 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\QuickScan
[2012.06.03 00:18:52 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Real
[2012.06.03 00:19:00 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\RealNetworks
[2011.01.06 14:37:49 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Recolored
[2012.06.03 09:29:45 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Samsung
[2010.12.13 18:44:15 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\ScanSoft
[2012.10.11 18:58:52 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Skype
[2012.04.09 20:31:38 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\skypePM
[2010.10.28 14:56:56 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\soft-evolution
[2012.09.17 10:23:30 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\SoftMaker
[2012.08.18 20:34:51 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Sony
[2010.10.29 01:45:32 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\streamripper
[2012.06.03 09:41:32 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Temp
[2010.09.20 09:33:23 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Template
[2010.09.12 23:24:33 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Thunderbird
[2010.12.18 13:25:50 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\TomTom
[2010.12.12 21:19:08 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Uniblue
[2012.09.26 09:24:10 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\vlc
[2012.01.08 00:12:50 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Weather Pulse
[2012.02.24 14:52:39 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\WeatherWatcherLive
[2010.12.26 00:01:52 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Winamp
[2010.10.23 19:53:19 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\WinRAR
[2012.10.12 09:13:57 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Wise Care 365
[2012.09.10 14:08:58 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Yahoo!
 
< %APPDATA%\*.exe /s >
[2011.12.25 23:48:53 | 000,709,568 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\unins000.exe
[2009.08.10 04:15:00 | 000,563,056 | ---- | M] (Avery Dennison Corporation. Envel Informationssysteme GmbH.) -- C:\Users\zr7driver\AppData\Roaming\Avery\Avery Wizard 3.1\AZWizard.exe
[2012.06.21 20:13:57 | 012,697,088 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\convert\convert.exe
[2012.07.25 04:08:10 | 026,909,544 | ---- | M] (Dropbox, Inc.) -- C:\Users\zr7driver\AppData\Roaming\Dropbox\bin\Dropbox.exe
[2012.07.25 04:08:14 | 000,874,424 | ---- | M] (Dropbox, Inc.) -- C:\Users\zr7driver\AppData\Roaming\Dropbox\bin\DropboxUpdateHelper.exe
[2012.07.25 04:08:20 | 000,181,784 | ---- | M] (Dropbox, Inc.) -- C:\Users\zr7driver\AppData\Roaming\Dropbox\bin\Uninstall.exe
[2012.08.18 07:23:58 | 004,907,207 | ---- | M] (Phil Harvey) -- C:\Users\zr7driver\AppData\Roaming\GeoSetter\tools\exiftool(-k).exe
[2010.09.13 12:10:23 | 000,053,248 | R--- | M] (Acresso Software Inc.) -- C:\Users\zr7driver\AppData\Roaming\Microsoft\Installer\{3E8DE1A6-B365-4FF6-B917-2892A34990E8}\ARPPRODUCTICON.exe
[2011.10.01 17:52:52 | 000,137,750 | R--- | M] () -- C:\Users\zr7driver\AppData\Roaming\Microsoft\Installer\{5D5509EA-B85A-411E-AB75-59069A411876}\_6199747583AC94FD011270.exe
[2011.10.01 17:52:52 | 000,137,750 | R--- | M] () -- C:\Users\zr7driver\AppData\Roaming\Microsoft\Installer\{5D5509EA-B85A-411E-AB75-59069A411876}\_7A9B8CB6BE7902E1058674.exe
[2011.10.01 17:52:52 | 000,137,750 | R--- | M] () -- C:\Users\zr7driver\AppData\Roaming\Microsoft\Installer\{5D5509EA-B85A-411E-AB75-59069A411876}\_853F67D554F05449430E7E.exe
[2011.10.01 17:52:52 | 000,010,134 | R--- | M] () -- C:\Users\zr7driver\AppData\Roaming\Microsoft\Installer\{5D5509EA-B85A-411E-AB75-59069A411876}\_9E1C27574C0C6A1F98F273.exe
[2011.01.26 15:58:48 | 000,010,134 | R--- | M] () -- C:\Users\zr7driver\AppData\Roaming\Microsoft\Installer\{77077FFF-8831-470F-9627-E86F06A50CCD}\ARPPRODUCTICON.exe
[2012.04.15 21:34:06 | 000,675,840 | ---- | M] (Maximilian Stangel) -- C:\Users\zr7driver\AppData\Roaming\Microsoft\Windows\Templates\BLT11-12_206.exe
[2011.01.16 11:17:32 | 000,510,120 | ---- | M] (RealNetworks, Inc.) -- C:\Users\zr7driver\AppData\Roaming\Real\Update\setup3.13\setup.exe
[2012.05.30 15:27:54 | 000,315,544 | ---- | M] (RealNetworks, Inc.) -- C:\Users\zr7driver\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\9.11\rnupgagent.exe
[2012.05.30 18:29:03 | 027,381,184 | ---- | M] (RealNetworks, Inc.) -- C:\Users\zr7driver\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\9.11\stub_data\RealPlayer.exe
[2012.05.30 18:28:15 | 000,692,480 | ---- | M] (RealNetworks, Inc.) -- C:\Users\zr7driver\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\9.11\stub_exe\RealPlayer.exe
[2012.05.30 03:17:52 | 000,958,392 | ---- | M] (Samsung) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\Kies.exe
[2012.05.30 03:17:54 | 000,278,968 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\KiesDriverInstaller.exe
[2012.05.23 18:51:18 | 000,318,976 | ---- | M] (Samsung) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\KiesLogger.exe
[2012.05.30 03:17:54 | 003,521,464 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\KiesTrayAgent.exe
[2012.05.23 18:50:32 | 000,180,224 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\DeviceModules\ConnectionManager.exe
[2012.05.23 18:50:32 | 000,321,024 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\DeviceModules\DeviceDataService.exe
[2012.05.30 02:49:14 | 000,721,920 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\DeviceModules\DeviceManager.exe
[2012.05.30 03:18:02 | 000,067,512 | ---- | M] (Samsung) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\DeviceModules\Kies_Tutorial.exe
[2012.05.23 18:50:18 | 000,106,960 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\FirmwareUpdate\AgentInstaller.exe
[2012.05.23 18:50:18 | 000,101,328 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\FirmwareUpdate\AgentUpdate.exe
[2012.05.30 03:18:04 | 000,183,736 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\FirmwareUpdate\BinaryLoaderMgr.exe
[2012.05.30 03:18:06 | 000,021,432 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\FirmwareUpdate\KiesPDLR.exe
[2012.05.30 03:18:08 | 003,570,352 | ---- | M] (Freeware) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\MediaModules\MyFreeCodecPack.exe
[2012.05.23 18:50:02 | 000,221,184 | ---- | M] (ENJsoft corp.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\TransModules\SelfMV.exe
[2012.05.23 18:50:04 | 000,061,440 | ---- | M] (ENJsoft corp.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\TransModules\SelfMV2.exe
[2012.05.30 03:18:10 | 000,371,128 | ---- | M] (ml) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\Updater\Kies.Update.exe
[2012.05.23 18:49:28 | 024,162,120 | ---- | M] (SAMSUNG Electronics Co., Ltd.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\USB Driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe
[2012.08.31 02:52:12 | 000,964,024 | ---- | M] (Samsung) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\Kies.exe
[2012.08.28 03:06:22 | 000,291,840 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\KiesAgent.exe
[2012.08.31 02:52:14 | 000,278,968 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\KiesDriverInstaller.exe
[2012.08.28 03:06:22 | 000,320,512 | ---- | M] (Samsung) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\KiesLogger.exe
[2012.08.31 02:52:14 | 003,524,536 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\KiesTrayAgent.exe
[2012.08.28 03:05:28 | 000,182,784 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\ConnectionManager.exe
[2012.08.28 03:05:28 | 000,322,048 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\DeviceDataService.exe
[2012.08.28 03:05:32 | 000,717,312 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\DeviceManager.exe
[2012.08.31 02:52:18 | 000,067,512 | ---- | M] (Samsung) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\Kies_Tutorial.exe
[2012.08.28 03:05:28 | 000,057,344 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\RegisterCOM.exe
[2012.08.28 03:05:14 | 000,106,960 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\FirmwareUpdate\AgentInstaller.exe
[2012.08.28 03:05:14 | 000,101,328 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\FirmwareUpdate\AgentUpdate.exe
[2012.08.31 02:52:20 | 000,183,736 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\FirmwareUpdate\BinaryLoaderMgr.exe
[2012.08.31 02:52:22 | 000,021,432 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\FirmwareUpdate\KiesPDLR.exe
[2012.08.31 02:52:24 | 003,765,256 | ---- | M] (Freeware) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\MediaModules\MyFreeCodecPack.exe
[2012.08.28 03:05:02 | 000,262,144 | ---- | M] (ENJsoft corp.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\TransModules\SelfMV.exe
[2012.08.28 03:05:02 | 000,090,112 | ---- | M] (ENJsoft corp.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\TransModules\SelfMV2.exe
[2012.08.31 02:52:26 | 000,593,848 | ---- | M] (ml) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\Updater\Kies.Update.exe
[2012.08.28 03:04:28 | 024,177,352 | ---- | M] (SAMSUNG Electronics Co., Ltd.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\USB Driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe
[2012.05.30 03:18:10 | 000,371,128 | ---- | M] (ml) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Temp\Kies.Update.exe
[2012.08.31 02:52:26 | 000,593,848 | ---- | M] (ml) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Updater\Kies.Update.exe
[2012.02.26 12:57:16 | 005,070,960 | ---- | M] (Uniblue Systems Ltd                                        ) -- C:\Users\zr7driver\AppData\Roaming\Uniblue\SystemTweaker\_temp\ub.exe
 
< %SYSTEMDRIVE%\*.exe >
[2010.03.10 18:51:36 | 000,008,904 | ---- | M] (HTC) -- C:\EnterBootloader.exe
[2010.03.10 18:51:36 | 000,175,304 | ---- | M] (HTC) -- C:\rapitool.exe
[2010.03.10 18:51:36 | 000,013,512 | ---- | M] () -- C:\RUUGetInfo.exe
[2010.03.10 18:54:08 | 001,481,928 | ---- | M] (HTC) -- C:\task29.exe
 
< MD5 for: AGP440.SYS  >
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
 
< MD5 for: EVENTLOG.DLL  >
[2010.07.06 12:53:22 | 000,043,520 | ---- | M] (Panasonic Corporation) MD5=536BD91DA54844945AF4971D877692D4 -- C:\Program Files\Panasonic\PHOTOfunSTUDIO 5.2 HD\Core\EventLog\EventLog.dll
[2008.06.06 15:03:52 | 000,007,216 | ---- | M] () MD5=C2A279A458A06DE2C83D842AA042B5A8 -- C:\Program Files\CyberLink\PowerDirector\EventLog.dll
 
< MD5 for: IASTORV.SYS  >
[2011.03.11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\drivers\iaStorV.sys
[2011.03.11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_b0daddb9e6380745\iaStorV.sys
[2011.03.11 07:43:55 | 000,332,160 | ---- | M] (Intel Corporation) MD5=71F1A494FEDF4B33C02C4A6A28D6D9E9 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_aef580fde910b4b0\iaStorV.sys
[2011.03.11 07:28:00 | 000,332,160 | ---- | M] (Intel Corporation) MD5=778D0E6D7D9EBA0C403BADBAAD41DB20 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_b152a892ff64119f\iaStorV.sys
[2009.07.14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys
[2010.11.20 14:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_668286aa35d55928\iaStorV.sys
[2010.11.20 14:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_b118bc63e60a139a\iaStorV.sys
[2011.03.11 07:52:21 | 000,332,160 | ---- | M] (Intel Corporation) MD5=B9039A34C2F8769490DCC494E2402445 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_afae2d45020c148b\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\System32\netlogon.dll
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_ffbf212e963c0162\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2011.03.11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\drivers\nvstor.sys
[2011.03.11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_3ba44e691d6eb11d\nvstor.sys
[2011.03.11 07:44:01 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4520B63899E867F354EE012D34E11536 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_39bef1ad20475e88\nvstor.sys
[2011.03.11 07:28:10 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=66D468654A58594F5F3BA63D5AD5B1AF -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_3c1c1942369abb77\nvstor.sys
[2011.03.11 07:52:25 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=8A7583A3B58D3EEB28BB26626526BC91 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_3a779df43942be63\nvstor.sys
[2010.11.20 14:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.20 14:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvstor.sys
[2009.07.14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys
 
< MD5 for: NVSTOR32.SYS  >
[2009.06.30 17:32:54 | 000,212,000 | ---- | M] (NVIDIA Corporation) MD5=032EF66DD96692AD3A9D36160F467F67 -- C:\Medion\Chipset\Win7Vista32_new_15.46\Win7Vista32\International\IDE\Win7\sata_ide\nvstor32.sys
[2009.06.30 17:32:54 | 000,212,000 | ---- | M] (NVIDIA Corporation) MD5=032EF66DD96692AD3A9D36160F467F67 -- C:\Medion\Chipset\Win7Vista32_new_15.46\Win7Vista32\International\IDE\WinVista\sata_ide\nvstor32.sys
[2009.06.30 17:32:54 | 000,212,000 | ---- | M] (NVIDIA Corporation) MD5=032EF66DD96692AD3A9D36160F467F67 -- C:\Windows\System32\drivers\nvstor32.sys
[2009.06.30 17:32:54 | 000,212,000 | ---- | M] (NVIDIA Corporation) MD5=032EF66DD96692AD3A9D36160F467F67 -- C:\Windows\System32\DriverStore\FileRepository\nvstor32.inf_x86_neutral_68640c3c72cad0af\nvstor32.sys
[2009.06.30 17:33:08 | 000,212,000 | ---- | M] (NVIDIA Corporation) MD5=3A1A03FF72DF7114B35AE0FD6781464D -- C:\Medion\Chipset\Win7Vista32_new_15.46\Win7Vista32\International\IDE\Win7\sataraid\nvstor32.sys
[2009.06.30 17:33:08 | 000,212,000 | ---- | M] (NVIDIA Corporation) MD5=3A1A03FF72DF7114B35AE0FD6781464D -- C:\Medion\Chipset\Win7Vista32_new_15.46\Win7Vista32\International\IDE\WinVista\sataraid\nvstor32.sys
 
< MD5 for: SCECLI.DLL  >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll
 
< MD5 for: USER32.DLL  >
[2009.07.14 03:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=34B7E222E81FAFA885F0C5F2CFA56861 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_cd0ec264ceb014a3\user32.dll
[2010.11.20 14:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\System32\user32.dll
[2010.11.20 14:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_cf3fd62ccb9e983d\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
 
< MD5 for: WININIT.EXE  >
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\System32\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe
 
< MD5 for: WINLOGON.EXE  >
[2009.10.28 08:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009.10.28 07:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2012.09.07 17:04:42 | 000,218,696 | ---- | M] () MD5=4E0D8C9F83B7FD82393F7D8CCC27E7AE -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2010.11.20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010.11.20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009.07.14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2009.07.14 01:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2009.07.14 01:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_4f5cf6f829213bb2\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
[2011.05.01 16:21:48 | 000,353,792 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\dxtmsft.dll
[2011.05.01 16:21:48 | 000,223,232 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\dxtrans.dll
[2009.07.14 03:15:21 | 000,462,848 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\FirewallAPI.dll
 
<          >
[2009.07.14 06:53:46 | 000,032,632 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009.07.14 06:53:47 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2010.09.12 21:18:04 | 000,001,100 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2010.09.12 21:18:05 | 000,001,104 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2010.09.24 14:31:09 | 000,000,322 | ---- | C] () -- C:\Windows\Tasks\GlaryInitialize.job
[2012.03.07 14:21:41 | 000,000,922 | ---- | C] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2688999502-884777346-3256751407-1001Core.job
[2012.03.07 14:21:43 | 000,000,944 | ---- | C] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2688999502-884777346-3256751407-1001UA.job
[2012.03.30 04:45:50 | 000,000,884 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2012.09.28 22:24:17 | 000,000,406 | ---- | C] () -- C:\Windows\Tasks\Wise Care 365.job

< End of report >

cosinus 12.10.2012 20:54
Code:
DRV - [2012.09.13 10:58:17 | 000,083,792 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2012.08.21 11:13:15 | 000,729,752 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012.08.21 11:13:15 | 000,355,632 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012.08.21 11:13:15 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
Avira und Avast gehen nicht zusammen! Bitte einen der beiden umgehend deinstallieren!
Zudem seh ich da BackupSooftware von Acronis, nutzt du die nicht?! :wtf:

zr7driver 13.10.2012 00:48
Avira ist aber bereits deinstalliert?!
Das ist nur der Drive Monitor von Acronis ohne Backup Software!

cosinus 13.10.2012 16:07
Avira ist NICHT deinstalliert, da sind noch laufende Prozesse!

Code:
PRC - [2012.09.25 11:00:45 | 000,084,256 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2012.09.25 10:54:05 | 000,554,784 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe
PRC - [2012.09.25 10:52:56 | 000,108,320 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
Zitat:
Das ist nur der Drive Monitor von Acronis ohne Backup Software!
Ja wenn du schon so eine Backupsoftware hast, warum nutzt du sie nicht regelmäßig? Dann kann man sich solche Analyse-Eskapaden vermeiden :pfeiff:

zr7driver 13.10.2012 16:49
Habe es aber deeinstalliert! Sehe es auch nicht mehr am PC! Was soll ich jetzt machen? :confused:

cosinus 13.10.2012 19:19
"Im PC sehen" ist ja nun eine Aussage mit der jeder was anderes versteht
Wird das Programm nicht mehr in der Liste der installierten Software angezeigt?

zr7driver 13.10.2012 21:10
Ich habe es neu installiert und dann nochmals deeinstalliert! Habe auch den avira_registry_70012cleaner_de benutzt!! Hat nichts mehr gefunden!

cosinus 14.10.2012 15:51
Dann mach bitte wie o.g. ein neues OTL-Log

zr7driver 14.10.2012 18:42
Code:
OTL logfile created on: 14.10.2012 18:46:32 - Run 3
OTL by OldTimer - Version 3.2.69.0    Folder = C:\Users\zr7driver\Desktop
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,25 Gb Total Physical Memory | 1,01 Gb Available Physical Memory | 31,10% Memory free
6,50 Gb Paging File | 3,44 Gb Available in Paging File | 52,94% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 910,41 Gb Total Space | 587,35 Gb Free Space | 64,51% Space Free | Partition Type: NTFS
Drive D: | 20,00 Gb Total Space | 10,36 Gb Free Space | 51,80% Space Free | Partition Type: NTFS
 
Computer Name: ZR7DRIVER-PC | User Name: zr7driver | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.10.10 19:57:07 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\zr7driver\Desktop\OTL.exe
PRC - [2012.10.10 12:06:17 | 001,239,064 | ---- | M] (Google Inc.) -- C:\Programme\Google\Chrome\Application\chrome.exe
PRC - [2012.09.24 17:24:20 | 001,161,768 | ---- | M] (WiseCleaner.com) -- C:\Programme\Wise\Wise Care 365\WiseTray.exe
PRC - [2012.09.18 01:07:45 | 000,212,432 | ---- | M] (Google Inc.) -- C:\Programme\Google\Update\1.3.21.123\GoogleCrashHandler.exe
PRC - [2012.08.31 02:52:22 | 000,021,432 | ---- | M] () -- C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
PRC - [2012.08.31 02:52:12 | 000,964,024 | ---- | M] (Samsung) -- C:\Programme\Samsung\Kies\Kies.exe
PRC - [2012.08.21 11:12:26 | 004,282,728 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastUI.exe
PRC - [2012.08.21 11:12:25 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe
PRC - [2012.08.13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.07.25 04:08:10 | 026,909,544 | ---- | M] (Dropbox, Inc.) -- C:\Users\zr7driver\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2012.07.17 22:31:18 | 000,776,088 | ---- | M] () -- C:\Programme\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
PRC - [2012.07.17 22:31:18 | 000,116,632 | ---- | M] () -- C:\Programme\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
PRC - [2012.07.02 16:02:28 | 004,473,728 | ---- | M] (IObit) -- C:\Programme\IObit\IObit Malware Fighter\IMF.exe
PRC - [2012.03.23 14:25:24 | 000,087,040 | ---- | M] () -- C:\Programme\HTC\Internet Pass-Through\PassThruSvr.exe
PRC - [2012.01.23 06:43:08 | 000,092,592 | ---- | M] (TomTom) -- C:\Programme\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2012.01.09 20:17:44 | 000,821,592 | ---- | M] (IObit) -- C:\Programme\IObit\IObit Malware Fighter\IMFsrv.exe
PRC - [2011.09.02 16:06:38 | 000,065,657 | ---- | M] (Motorola) -- C:\Programme\Motorola\MotForwardDaemon\ForwardDaemon.exe
PRC - [2011.05.24 11:33:30 | 001,840,128 | ---- | M] (MAGIX AG) -- C:\Programme\Common Files\MAGIX Services\Database\bin\FABS.exe
PRC - [2011.03.10 20:57:04 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft\BingBar\SeaPort.EXE
PRC - [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2011.02.24 19:07:06 | 000,470,120 | ---- | M] () -- C:\Programme\Acronis\DriveMonitor\adm_tray.exe
PRC - [2011.02.12 07:43:02 | 000,660,576 | ---- | M] (Acronis) -- C:\Programme\Common Files\Acronis\Schedule2\schedul2.exe
PRC - [2011.02.12 07:40:50 | 000,365,632 | ---- | M] (Acronis) -- C:\Programme\Common Files\Acronis\Schedule2\schedhlp.exe
PRC - [2011.01.07 22:06:12 | 000,803,432 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\Display\NvXDSync.exe
PRC - [2011.01.05 12:31:34 | 000,399,416 | ---- | M] (Secunia) -- C:\Programme\Secunia\PSI\sua.exe
PRC - [2011.01.05 12:31:32 | 000,988,216 | ---- | M] (Secunia) -- C:\Programme\Secunia\PSI\psia.exe
PRC - [2010.11.20 14:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2010.11.20 14:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010.11.20 14:17:41 | 001,174,016 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Sidebar\sidebar.exe
PRC - [2010.11.05 17:11:52 | 000,081,920 | R--- | M] (Nero AG) -- C:\Programme\Motorola Media Link\NServiceEntry.exe
PRC - [2010.09.15 10:11:22 | 000,339,312 | ---- | M] (Haufe-Lexware GmbH & Co. KG) -- C:\Programme\Common Files\Lexware\Update Manager\LxUpdateManager.exe
PRC - [2010.09.14 12:12:46 | 001,701,232 | ---- | M] (Lexware GmbH & Co. KG) -- C:\Programme\Common Files\Lexware\LxWebAccess\LxWebAccess.exe
PRC - [2010.04.05 21:55:01 | 000,116,104 | ---- | M] () -- C:\Programme\Canon\IJPLM\ijplmsvc.exe
PRC - [2010.04.02 11:18:54 | 001,185,112 | ---- | M] (CANON INC.) -- C:\Programme\Canon\Solution Menu EX\CNSEMAIN.EXE
PRC - [2010.03.25 03:50:00 | 002,516,296 | ---- | M] (CANON INC.) -- C:\Programme\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2009.12.24 12:17:20 | 000,100,152 | ---- | M] (MICRO-STAR INT'L,.LTD.) -- C:\Programme\msi\OSD hot keys\WMI_Hook_Service.exe
PRC - [2009.08.18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
PRC - [2009.08.18 11:29:22 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
PRC - [2009.07.28 16:07:42 | 000,073,528 | ---- | M] (AVM Berlin) -- C:\Programme\FRITZ!DSL\IGDCTRL.EXE
PRC - [2009.07.27 11:38:46 | 000,987,960 | ---- | M] (AVM Berlin) -- C:\Programme\FRITZ!DSL\FritzDsl.exe
PRC - [2009.07.23 14:13:10 | 000,066,824 | ---- | M] (Raxco Software, Inc.) -- C:\Programme\Raxco\PerfectDisk10\PDAgentS1.exe
PRC - [2009.07.23 14:13:08 | 000,931,080 | ---- | M] (Raxco Software, Inc.) -- C:\Programme\Raxco\PerfectDisk10\PDAgent.exe
PRC - [2009.07.20 11:01:00 | 000,760,120 | ---- | M] (AVM Berlin) -- C:\Programme\FRITZ!DSL\StCenter.exe
PRC - [2009.07.14 03:14:21 | 000,294,400 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\ink\InputPersonalization.exe
PRC - [2009.06.03 21:59:02 | 000,103,720 | ---- | M] (CyberLink) -- C:\Programme\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2009.04.09 12:45:26 | 001,061,688 | ---- | M] (AVM Berlin) -- C:\Programme\FRITZ!DSL\FwebProt.exe
PRC - [2009.01.26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Programme\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2008.11.09 22:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Programme\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008.10.24 16:35:44 | 000,128,296 | ---- | M] () -- C:\Programme\AAVUpdateManager\aavus.exe
PRC - [2008.06.13 14:24:02 | 000,081,920 | ---- | M] (Firebird Project) -- C:\Programme\Firebird\Firebird_2_1\bin\fbguard.exe
PRC - [2008.06.13 14:22:50 | 002,723,840 | ---- | M] (Firebird Project) -- C:\Programme\Firebird\Firebird_2_1\bin\fbserver.exe
PRC - [2007.12.27 15:39:30 | 000,166,520 | ---- | M] () -- C:\Programme\IVT Corporation\BlueSoleil\BTNtService.exe
PRC - [2007.12.27 15:39:20 | 000,051,816 | ---- | M] () -- C:\Programme\IVT Corporation\BlueSoleil\StartSkysolSvc.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.10.14 09:11:59 | 000,115,137 | ---- | M] () -- C:\Users\zr7driver\AppData\Local\Temp\fbe2808e-2380-4f14-a1fa-3fa9c3a364e8\CliSecureRT.dll
MOD - [2012.10.12 15:22:42 | 002,111,456 | ---- | M] () -- C:\Programme\Mozilla Thunderbird\mozjs.dll
MOD - [2012.10.12 15:22:41 | 000,157,664 | ---- | M] () -- C:\Programme\Mozilla Thunderbird\nsldap32v60.dll
MOD - [2012.10.12 15:22:41 | 000,021,984 | ---- | M] () -- C:\Programme\Mozilla Thunderbird\nsldappr32v60.dll
MOD - [2012.10.10 12:06:15 | 000,460,312 | ---- | M] () -- C:\Programme\Google\Chrome\Application\22.0.1229.94\ppgooglenaclpluginchrome.dll
MOD - [2012.10.10 12:06:13 | 012,435,992 | ---- | M] () -- C:\Programme\Google\Chrome\Application\22.0.1229.94\PepperFlash\pepflashplayer.dll
MOD - [2012.10.10 12:06:12 | 004,005,912 | ---- | M] () -- C:\Programme\Google\Chrome\Application\22.0.1229.94\pdf.dll
MOD - [2012.10.10 12:04:57 | 000,578,072 | ---- | M] () -- C:\Programme\Google\Chrome\Application\22.0.1229.94\libglesv2.dll
MOD - [2012.10.10 12:04:55 | 000,123,928 | ---- | M] () -- C:\Programme\Google\Chrome\Application\22.0.1229.94\libegl.dll
MOD - [2012.10.10 12:04:44 | 000,156,712 | ---- | M] () -- C:\Programme\Google\Chrome\Application\22.0.1229.94\avutil-51.dll
MOD - [2012.10.10 12:04:43 | 000,275,496 | ---- | M] () -- C:\Programme\Google\Chrome\Application\22.0.1229.94\avformat-54.dll
MOD - [2012.10.10 12:04:42 | 002,168,360 | ---- | M] () -- C:\Programme\Google\Chrome\Application\22.0.1229.94\avcodec-54.dll
MOD - [2012.09.15 18:54:57 | 015,399,936 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Theme\002b4b1af5f8145bf6b6afe21d4f1db2\Kies.Theme.ni.dll
MOD - [2012.09.15 18:54:56 | 000,608,256 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DevicePodcast\de1a504d1535e5005fbae8f6a4d97ce5\DevicePodcast.ni.dll
MOD - [2012.09.15 18:54:54 | 000,290,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceVideo\ee12ab3bf308cbe22f373afbddf0be6b\DeviceVideo.ni.dll
MOD - [2012.09.15 18:54:52 | 000,367,104 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DevicePhoto\e5e58a020638d28d3740195f1d0738da\DevicePhoto.ni.dll
MOD - [2012.09.15 18:54:51 | 000,299,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceMusic\0377dd6ed6a5e92a0b8d6eb7d0b64f79\DeviceMusic.ni.dll
MOD - [2012.09.15 18:54:50 | 000,461,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\VideoManager\23e80240003377b6412081a4523943fe\VideoManager.ni.dll
MOD - [2012.09.15 18:54:48 | 002,778,112 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PodcastService\23fd65cd04b03d19931758d7472e38a4\PodcastService.ni.dll
MOD - [2012.09.15 18:54:45 | 001,143,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Podcaster\65018f5e3da23293d642168f7b132d40\Podcaster.ni.dll
MOD - [2012.09.15 18:54:42 | 000,607,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PhotoManager\e96a4bd6a51ec7762f15f9bc64c6c33a\PhotoManager.ni.dll
MOD - [2012.09.15 18:54:16 | 000,033,792 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\deb1e04d94f18bc88afabf744c5d87aa\Kies.Common.DeviceServiceLib.FirmwareUpdate.FirmwareUpdateAgentHelper.ni.dll
MOD - [2012.09.15 18:54:14 | 005,677,568 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceHost\64d3040868aba797c48f608f5361e5bc\DeviceHost.ni.dll
MOD - [2012.09.15 18:53:59 | 001,843,712 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Phonebook\1bedf64dbdd091ac8dceee7cbfd84a88\Phonebook.ni.dll
MOD - [2012.09.15 18:53:50 | 001,008,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CPKTMusicPlugin\f73c846c21b32d8e446f08fe7bf0b75a\CPKTMusicPlugin.ni.dll
MOD - [2012.09.15 18:53:47 | 000,964,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\MusicManager\dc5b622e73080b69c1c63606f283b795\MusicManager.ni.dll
MOD - [2012.09.15 18:53:41 | 000,320,512 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\EBookManager\e5c8f9e08db50fb625c029361147f47e\EBookManager.ni.dll
MOD - [2012.09.15 18:53:39 | 000,391,168 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\BATPlugin\ed8a6670f7dbe1ae78aa091a0935fb87\BATPlugin.ni.dll
MOD - [2012.09.15 18:53:38 | 000,031,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\AllShareController\c209d4b3c25507564757710f6d4a4570\AllShareController.ni.dll
MOD - [2012.09.15 18:53:37 | 000,507,392 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.MediaDB\25823a7264f74e67158031f485c0bb23\Kies.Common.MediaDB.ni.dll
MOD - [2012.09.15 18:53:37 | 000,029,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.StoreMa#\d9eca4746981ac218c1dbe0c131ce108\Kies.Common.StoreManager.ni.dll
MOD - [2012.09.15 18:53:35 | 000,232,960 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\ASF_cSharpAPI\81bb58061bcd2a4c3bf4136abe041d20\ASF_cSharpAPI.ni.dll
MOD - [2012.09.15 18:53:35 | 000,064,000 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.AllShare\065aa3ca107d7b3d679a5f408e535239\Kies.Common.AllShare.ni.dll
MOD - [2012.09.15 18:53:34 | 000,278,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\1f13cee7982e84f07cff152618950b20\Kies.Common.DeviceServiceLib.FirmwareUpdate.Common.ni.dll
MOD - [2012.09.15 18:53:32 | 000,189,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\57b7389241c36caa1d2132d68eddedda\Kies.Common.DeviceServiceLib.FirmwareUpdate.Downloader.ni.dll
MOD - [2012.09.15 18:53:32 | 000,174,592 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.DevFileServ#\170b754ba9dcd78ee0b06a32af4a7c1f\Interop.DevFileServiceLib.ni.dll
MOD - [2012.09.15 18:53:31 | 000,565,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\4b033da616a5e8e2b9ebe95342e9cf0d\Kies.Common.DeviceServiceLib.FileService.ni.dll
MOD - [2012.09.15 18:53:29 | 000,566,784 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\bf6e9c84dd994fef46819ed3bd9fa934\Kies.Common.DeviceServiceLib.DeviceDataService.ni.dll
MOD - [2012.09.15 18:53:26 | 000,184,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\e1837e9c63789850168d0bb76826128d\Kies.Common.DeviceServiceLib.Interface.ni.dll
MOD - [2012.09.15 18:53:25 | 000,902,656 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\4f549b26003474662ef7e2f3be9e3dd3\Kies.Common.DeviceServiceLib.DeviceManagement.ni.dll
MOD - [2012.09.15 18:53:23 | 001,025,536 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\60c16bc46e86b9a852e71968dc63d9c7\Kies.Common.DeviceService.ni.dll
MOD - [2012.09.15 18:53:20 | 000,052,224 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.MP3FileInfo#\c99811c6a988ca6c2104a5b45acbddbb\Interop.MP3FileInfoCOMLib.ni.dll
MOD - [2012.09.15 18:53:20 | 000,030,720 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.PRPLAYERCOR#\25dc31b1903a3689788caf51d3d93f97\Interop.PRPLAYERCORELib.ni.dll
MOD - [2012.09.15 18:53:19 | 002,188,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.Multime#\923e655c1069f7faa553275eb2e6763c\Kies.Common.Multimedia.ni.dll
MOD - [2012.09.15 18:53:15 | 000,183,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.MainUI\4603ed01ff960f6d861f798e826c9442\Kies.Common.MainUI.ni.dll
MOD - [2012.09.15 18:53:13 | 000,067,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DBManag#\dcc3307fb870292826318142cf4fa8aa\Kies.Common.DBManager.ni.dll
MOD - [2012.09.15 18:53:12 | 000,201,728 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.Util\b0cec9954e5583399b377b65a469a74c\Kies.Common.Util.ni.dll
MOD - [2012.09.15 18:53:11 | 001,437,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Locale\c4f56538bb1d5921690a486bf052e30b\Kies.Locale.ni.dll
MOD - [2012.09.15 18:53:10 | 000,078,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.MVVM\afa8de1e7aabde98f9a5fec1abdb9a05\Kies.MVVM.ni.dll
MOD - [2012.09.15 18:53:09 | 001,728,512 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.UI\7a0eb5bc5decef8dc1ef9dd3bca3b4d4\Kies.UI.ni.dll
MOD - [2012.09.15 18:53:06 | 000,119,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\GongSolutions.Wpf.D#\3f6f79987f17c00edce423932abd1cf2\GongSolutions.Wpf.DragDrop.ni.dll
MOD - [2012.09.15 18:53:04 | 001,185,280 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Interface\0a26df964bb433ab607743b20c7704f7\Kies.Interface.ni.dll
MOD - [2012.09.15 18:53:02 | 001,674,240 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies\41f4faf4ff2ba56c26252d6069ceff76\Kies.ni.exe
MOD - [2012.08.31 02:52:22 | 000,021,432 | ---- | M] () -- C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
MOD - [2012.07.17 22:31:18 | 000,776,088 | ---- | M] () -- C:\Programme\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
MOD - [2012.06.13 09:05:50 | 000,221,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\26e0457a9776a0e9f23e3986686d90a5\System.ServiceProcess.ni.dll
MOD - [2012.06.13 08:59:44 | 000,593,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Messaging\2b4d6976393bf5643a4ef2d8dffdf75b\System.Messaging.ni.dll
MOD - [2012.06.13 08:54:18 | 011,833,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\a501b7960f6c6e2e39162b83f3303aaa\System.Web.ni.dll
MOD - [2012.06.13 08:53:22 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll
MOD - [2012.06.13 08:52:58 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll
MOD - [2012.06.13 05:36:30 | 013,198,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\00a4922fbf869a79c043b665035516b6\System.Windows.Forms.ni.dll
MOD - [2012.06.13 05:26:03 | 018,019,840 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\d239f585ee55f833dbe21e897e1265ac\PresentationFramework.ni.dll
MOD - [2012.06.13 05:25:46 | 011,522,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\b7de318e9fd1ef519ca6c1f3b5dba8e0\PresentationCore.ni.dll
MOD - [2012.06.13 05:25:32 | 003,881,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\a6e37a05b8d0cedbc5c3ea266ae3fc31\WindowsBase.ni.dll
MOD - [2012.06.13 05:25:27 | 001,666,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\4230ed1c7990e4ee8352baf67a2a85fa\System.Drawing.ni.dll
MOD - [2012.06.03 09:36:31 | 000,032,256 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.OGGFileInfo#\cbeefee33636e0d0be226cf11e180ba3\Interop.OGGFileInfoCOMLib.ni.dll
MOD - [2012.06.03 09:36:30 | 000,171,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.P3MPINTERFA#\b0b31095249cec5ef5c0407fa6b7fc22\Interop.P3MPINTERFACECTRLLib.ni.dll
MOD - [2012.06.03 09:36:22 | 000,395,776 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CabLib\6265ffca46eab52d5f798847b5ea908c\CabLib.ni.dll
MOD - [2012.06.03 09:36:21 | 000,530,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\ICSharpCode.SharpZi#\2d7161baa59dd2c1c39f4a192d760e7d\ICSharpCode.SharpZipLib.ni.dll
MOD - [2012.06.03 09:36:20 | 000,052,224 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.DeviceSearc#\9a6bad5be6518d4a975893676a49a82c\Interop.DeviceSearchLib.ni.dll
MOD - [2012.05.09 10:56:39 | 000,220,672 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\626d0ac2f4ada682d7ca6c4ebf821469\CustomMarshalers.ni.dll
MOD - [2012.05.09 10:46:49 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll
MOD - [2012.05.09 10:46:41 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll
MOD - [2012.05.09 10:46:36 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
MOD - [2012.05.09 10:45:27 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
MOD - [2012.05.09 10:26:42 | 001,218,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\d0e1cdaff8f9055187f8e7b52c060dff\System.Management.ni.dll
MOD - [2012.05.09 10:21:00 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\63bc6e391de5014965039e100ce1e9d5\System.Runtime.Remoting.ni.dll
MOD - [2012.05.09 10:20:41 | 001,782,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\b68bee05c7e518172982cc92059c3315\System.Xaml.ni.dll
MOD - [2012.05.09 10:12:43 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\608d29d7cc89f3a9a195c91354561915\PresentationFramework.Aero.ni.dll
MOD - [2012.05.09 10:08:26 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\a84262e1224189f93e10cd3c403a9527\System.Configuration.ni.dll
MOD - [2012.05.09 10:08:13 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\9abe44a0f82070ead5f1256683a4d25a\System.Xml.ni.dll
MOD - [2012.05.09 10:07:42 | 007,069,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\09bd2126bba2ab4f29ed52afde1470d7\System.Core.ni.dll
MOD - [2012.05.09 10:07:30 | 009,092,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\a6be120e49f895ef6b00e9918402395b\System.ni.dll
MOD - [2012.05.09 10:07:19 | 014,414,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\c1af4ec9a36f671617a8ecaec00373f4\mscorlib.ni.dll
MOD - [2011.02.24 19:07:06 | 000,470,120 | ---- | M] () -- C:\Programme\Acronis\DriveMonitor\adm_tray.exe
MOD - [2011.02.24 18:39:44 | 000,012,128 | ---- | M] () -- C:\Programme\Common Files\Acronis\DriveMonitor\Common\icudt38.dll
MOD - [2010.11.13 01:19:04 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010.11.05 03:57:39 | 000,069,120 | ---- | M] () -- C:\Windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
MOD - [2009.06.03 21:59:14 | 000,013,096 | ---- | M] () -- C:\Programme\CyberLink\Power2Go\CLMLSvcPS.dll
MOD - [2009.06.03 21:59:02 | 000,619,816 | ---- | M] () -- C:\Programme\CyberLink\Power2Go\CLMediaLibrary.dll
MOD - [2009.02.04 12:08:06 | 000,207,872 | ---- | M] () -- C:\Programme\FRITZ!DSL\C90dll.dll
 
 
========== Services (SafeList) ==========
 
SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SBSDWSCService)
SRV - [2012.10.11 03:04:37 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.10.09 11:34:18 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.08.21 11:12:25 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Programme\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012.08.13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.07.17 22:31:18 | 000,116,632 | ---- | M] () [Auto | Running] -- C:\Programme\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe -- (Motorola Device Manager)
SRV - [2012.07.17 15:25:28 | 000,580,648 | ---- | M] (WiseCleaner.com) [Auto | Stopped] -- C:\Programme\Wise\Wise Care 365\BootTime.exe -- (WiseBootAssistant)
SRV - [2012.07.03 13:19:28 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.03.23 14:25:24 | 000,087,040 | ---- | M] () [Auto | Running] -- C:\Programme\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service)
SRV - [2012.01.23 06:43:08 | 000,092,592 | ---- | M] (TomTom) [Auto | Running] -- C:\Programme\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2012.01.18 14:38:28 | 000,155,320 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Programme\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion)
SRV - [2012.01.09 20:17:44 | 000,821,592 | ---- | M] (IObit) [Auto | Running] -- C:\Programme\IObit\IObit Malware Fighter\IMFsrv.exe -- (IMFservice)
SRV - [2011.09.02 16:06:38 | 000,065,657 | ---- | M] (Motorola) [Auto | Running] -- C:\Programme\Motorola\MotForwardDaemon\ForwardDaemon.exe -- (PST Service)
SRV - [2011.05.26 14:34:34 | 000,191,752 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Programme\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011.05.24 11:33:30 | 001,840,128 | ---- | M] (MAGIX AG) [Auto | Running] -- C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs)
SRV - [2011.04.26 14:54:12 | 002,702,848 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Programme\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
SRV - [2011.03.21 13:21:24 | 000,632,832 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2011.03.10 20:57:04 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2011.02.12 07:43:02 | 000,660,576 | ---- | M] (Acronis) [Auto | Running] -- C:\Programme\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2011.01.05 12:31:34 | 000,399,416 | ---- | M] (Secunia) [Auto | Running] -- C:\Programme\Secunia\PSI\sua.exe -- (Secunia Update Agent)
SRV - [2011.01.05 12:31:32 | 000,988,216 | ---- | M] (Secunia) [Auto | Running] -- C:\Programme\Secunia\PSI\psia.exe -- (Secunia PSI Agent)
SRV - [2010.11.20 14:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2010.11.05 17:11:52 | 000,081,920 | R--- | M] (Nero AG) [Auto | Running] -- C:\Programme\Motorola Media Link\NServiceEntry.exe -- (DeviceMonitorService)
SRV - [2010.04.28 07:44:02 | 000,704,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
SRV - [2010.04.05 21:55:01 | 000,116,104 | ---- | M] () [Auto | Running] -- C:\Programme\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2009.12.24 12:17:20 | 000,100,152 | ---- | M] (MICRO-STAR INT'L,.LTD.) [Auto | Running] -- C:\Programme\msi\OSD hot keys\WMI_Hook_Service.exe -- (WMI_Hook_Service)
SRV - [2009.08.24 22:16:36 | 000,406,016 | ---- | M] (mst software GmbH, Germany) [On_Demand | Stopped] -- C:\Programme\Ashampoo\Ashampoo WinOptimizer 2012\DfSdkS.exe -- (DfSdkS)
SRV - [2009.08.18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2009.08.10 15:58:28 | 000,093,848 | ---- | M] (SiSoftware) [On_Demand | Stopped] -- C:\Programme\SiSoftware\SiSoftware Sandra Lite 2011b\RpcAgentSrv.exe -- (SandraAgentSrv)
SRV - [2009.07.28 16:07:42 | 000,073,528 | ---- | M] (AVM Berlin) [Auto | Running] -- C:\Programme\FRITZ!DSL\IGDCTRL.EXE -- (IGDCTRL)
SRV - [2009.07.23 14:13:12 | 001,033,480 | ---- | M] (Raxco Software, Inc.) [On_Demand | Stopped] -- C:\Programme\Raxco\PerfectDisk10\PDEngine.exe -- (PDEngine)
SRV - [2009.07.23 14:13:08 | 000,931,080 | ---- | M] (Raxco Software, Inc.) [Auto | Running] -- C:\Programme\Raxco\PerfectDisk10\PDAgent.exe -- (PDAgent)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008.11.09 22:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Programme\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008.10.24 16:35:44 | 000,128,296 | ---- | M] () [Auto | Running] -- C:\Programme\AAVUpdateManager\aavus.exe -- (AAV UpdateService)
SRV - [2008.06.13 14:24:02 | 000,081,920 | ---- | M] (Firebird Project) [Auto | Running] -- C:\Programme\Firebird\Firebird_2_1\bin\fbguard.exe -- (FirebirdGuardianDefaultInstance)
SRV - [2008.06.13 14:22:50 | 002,723,840 | ---- | M] (Firebird Project) [On_Demand | Running] -- C:\Programme\Firebird\Firebird_2_1\bin\fbserver.exe -- (FirebirdServerDefaultInstance)
SRV - [2007.12.27 15:39:30 | 000,166,520 | ---- | M] () [Auto | Running] -- C:\Programme\IVT Corporation\BlueSoleil\BTNtService.exe -- (BlueSoleil Hid Service)
SRV - [2007.12.27 15:39:20 | 000,051,816 | ---- | M] () [Auto | Running] -- C:\Programme\IVT Corporation\BlueSoleil\StartSkysolSvc.exe -- (Start BT in service)
SRV - [2007.05.31 09:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007.05.31 09:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2003.07.28 12:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbmodem.sys -- (USBModem)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbdiag.sys -- (UsbDiag)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbbus.sys -- (usbbus)
DRV - File not found [Kernel | System | Stopped] -- C:\Windows\system32\drivers\SBREdrv.sys -- (SBRE)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\motodrv.sys -- (MotDev)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\motoandroid.sys -- (motandroidusb)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\ZR7DRI~1\AppData\Local\Temp\mfe_rr.sys -- (MFE_RR)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\C10F.tmp -- (MEMSWEEP2)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgbtbus.sys -- (lgbusenum)
DRV - File not found [File_System | Boot | Stopped] -- system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2012.08.28 19:41:29 | 000,025,200 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggsemc.sys -- (ggsemc)
DRV - [2012.08.28 19:41:29 | 000,012,400 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggflt.sys -- (ggflt)
DRV - [2012.08.21 11:13:15 | 000,729,752 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012.08.21 11:13:15 | 000,355,632 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012.08.21 11:13:15 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012.08.21 11:13:14 | 000,058,680 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2012.08.21 11:13:14 | 000,044,784 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2012.08.21 11:13:13 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012.07.31 12:42:48 | 000,181,344 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudserd.sys -- (ssudserd)
DRV - [2012.07.31 12:42:48 | 000,181,344 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudmdm.sys -- (ssudmdm)
DRV - [2012.07.31 12:42:48 | 000,083,168 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudbus.sys -- (dg_ssudbus)
DRV - [2012.07.05 13:53:38 | 000,019,832 | ---- | M] (IObit.com) [Kernel | On_Demand | Running] -- C:\Programme\IObit\IObit Malware Fighter\Drivers\win7_x86\UrlFilter.sys -- (UrlFilter)
DRV - [2012.07.05 13:53:36 | 000,030,640 | ---- | M] (IObit.com) [Kernel | On_Demand | Running] -- C:\Programme\IObit\IObit Malware Fighter\Drivers\win7_x86\RegFilter.sys -- (RegFilter)
DRV - [2012.06.11 11:56:32 | 000,020,864 | ---- | M] (Motorola Mobility Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motccgp.sys -- (motccgp)
DRV - [2012.06.08 16:09:10 | 000,023,808 | ---- | M] (Motorola Mobility Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Motousbnet.sys -- (Motousbnet)
DRV - [2012.06.08 16:08:52 | 000,006,656 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motswch.sys -- (MotoSwitchService)
DRV - [2012.06.08 16:08:26 | 000,024,576 | ---- | M] (Motorola Mobility Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motmodem.sys -- (motmodem)
DRV - [2012.03.07 03:11:00 | 000,025,856 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandnetadb.sys -- (andnetadb)
DRV - [2012.03.02 16:02:00 | 000,025,088 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandmodem.sys -- (ANDModem)
DRV - [2012.03.02 16:02:00 | 000,020,736 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lganddiag.sys -- (AndDiag)
DRV - [2012.03.02 16:02:00 | 000,020,096 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandgps.sys -- (AndGps)
DRV - [2012.03.02 16:02:00 | 000,014,336 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandbus.sys -- (Andbus)
DRV - [2012.02.07 17:46:02 | 000,024,328 | ---- | M] (CPUID) [Kernel | On_Demand | Stopped] -- C:\Programme\CPUID\PC Wizard 2012\pcwiz_x32.sys -- (cpuz135)
DRV - [2012.01.25 14:57:46 | 000,008,448 | ---- | M] (Motorola Mobility Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motccgpfl.sys -- (motccgpfl)
DRV - [2012.01.05 18:07:20 | 000,020,336 | ---- | M] (IObit) [File_System | On_Demand | Running] -- C:\Programme\IObit\IObit Malware Fighter\Drivers\win7_x86\FileMonitor.sys -- (FileMonitor)
DRV - [2011.11.08 13:59:04 | 000,011,008 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motusbdevice.sys -- (motusbdevice)
DRV - [2011.01.08 05:27:00 | 010,467,656 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2010.12.13 05:59:14 | 000,036,360 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\blueletaudio.sys -- (BlueletAudio)
DRV - [2010.12.13 05:45:42 | 000,036,616 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btcusb.sys -- (Btcsrusb)
DRV - [2010.12.12 21:40:51 | 000,032,392 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VcommMgr.sys -- (VcommMgr)
DRV - [2010.12.12 21:34:13 | 000,014,856 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VComm.sys -- (VComm)
DRV - [2010.12.02 15:13:30 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2010.12.02 15:13:28 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2010.12.02 15:13:26 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2010.12.02 15:13:22 | 000,018,304 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2010.12.01 11:51:53 | 000,110,304 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\ACEDRV09.sys -- (ACEDRV09)
DRV - [2010.11.20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.11.20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WINUSB)
DRV - [2010.09.01 10:30:58 | 000,015,544 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\psi_mf.sys -- (PSI)
DRV - [2010.06.23 10:24:56 | 000,023,040 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\htcnprot.sys -- (htcnprot)
DRV - [2010.04.01 10:13:38 | 001,009,184 | ---- | M] (Realtek Semiconductor Corporation                          ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rtl8192se.sys -- (rtl8192se)
DRV - [2010.03.12 18:22:18 | 000,081,920 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ser2pl.sys -- (Ser2pl)
DRV - [2009.12.22 14:43:16 | 001,558,368 | ---- | M] (NXP Semiconductors Germany GmbH) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NxpCap.sys -- (NxpCap)
DRV - [2009.10.29 12:20:40 | 000,010,360 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hidkmdf.sys -- (hidkmdf)
DRV - [2009.10.29 12:20:38 | 000,022,392 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NW1950.sys -- (NW1950)
DRV - [2009.10.26 17:54:26 | 000,025,088 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ANDROIDUSB.sys -- (HTCAND32)
DRV - [2009.08.08 00:46:56 | 000,023,112 | ---- | M] (SiSoftware) [Kernel | On_Demand | Stopped] -- C:\Programme\SiSoftware\SiSoftware Sandra Lite 2011b\WNt500x86\sandra.sys -- (SANDRA)
DRV - [2009.06.30 17:32:54 | 000,212,000 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\nvstor32.sys -- (nvstor32)
DRV - [2009.06.29 00:36:36 | 000,017,920 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2009.06.08 10:00:56 | 000,071,696 | ---- | M] (Raxco Software, Inc.) [File_System | Auto | Running] -- C:\Windows\System32\drivers\DefragFs.sys -- (DefragFS)
DRV - [2009.06.05 01:47:48 | 000,024,608 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\nvamacpi.sys -- (nvamacpi)
DRV - [2009.01.29 18:11:20 | 000,006,016 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motfilt.sys -- (BTCFilterService)
DRV - [2008.08.26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007.06.24 21:56:40 | 000,027,656 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\BlueletSCOAudio.sys -- (BlueletSCOAudio)
DRV - [2007.03.05 20:59:04 | 000,018,320 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btnetdrv.sys -- (BT)
DRV - [2007.03.05 20:56:18 | 000,035,600 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\BtHidMgr.sys -- (BTHidMgr)
DRV - [2007.03.05 20:55:12 | 000,020,880 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\VBTEnum.sys -- (BTHidEnum)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\URLSearchHook:  - No CLSID value found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope =
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
 
IE - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\..\SearchScopes\{095C1A85-7264-4B56-BB5A-783E8E888AB2}: "URL" = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=302398&p={searchTerms}
IE - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\..\SearchScopes\{0A5C582A-2E0F-45B4-A278-5CC42B563211}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=kw&q={searchTerms}&locale=&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^YY^DE&apn_uid=b270a8c8-c838-4580-968b-86c69f2550a3&apn_sauid=74ACD6B1-898A-4431-99F3-0D200D08CED2
IE - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
IE - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\..\SearchScopes\{D73A46A4-5C66-4286-8399-9A51DF36E0A0}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=MEDTDF&pc=MAMD&src=IE-SearchBox
IE - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1166636.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi:  File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=4.0: C:\Program Files\Virtual Earth 3D\ [2011.06.18 18:41:42 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00: C:\Program Files\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.2.72: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.2.72: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.2.72: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.2.72: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.2.72: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: C:\Program Files\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.3: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1: C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll (Yahoo! Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2011.05.22 21:16:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012.02.28 18:48:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Program Files\AVG\AVG2012\Firefox\DoNotTrack\ [2012.05.01 15:59:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012.08.27 14:18:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.10.12 15:18:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.10.12 15:18:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.10.12 15:18:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.10.12 15:18:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.10.12 15:18:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.10.12 15:18:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.10.12 15:18:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.10.12 15:18:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.10.12 15:18:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.10.12 15:18:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.10.12 15:18:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.10.12 15:18:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.10.12 15:18:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 16.0.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.06.21 05:20:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 16.0.1\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2011.05.22 21:16:30 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.10.12 15:18:39 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.10.12 15:18:39 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.10.12 15:18:39 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
 
[2012.10.13 02:13:17 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.09.07 18:31:39 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.10.12 14:13:02 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\updated\extensions
[2012.10.12 14:13:02 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Programme\Mozilla Firefox\updated\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.10.12 14:13:21 | 000,000,000 | ---D | M] (Default) -- C:\Programme\Mozilla Firefox\updated\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2012.10.11 03:05:24 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010.12.09 12:47:06 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2007.03.10 01:16:44 | 000,189,496 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\mozilla firefox\plugins\npyaxmpb.dll
[2012.10.11 04:10:32 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.10.11 04:10:32 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.10.11 04:10:32 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.10.11 04:10:32 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.10.11 04:10:32 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.10.11 04:10:32 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = hxxp://www.google.com/search?q={searchTerms}&ie=utf-8&oe=utf-8&aq=t
CHR - default_search_provider: suggest_url = hxxp://suggestqueries.google.com/complete/search?q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.92\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.94\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.94\pdf.dll
CHR - plugin: Skype Click to Call (Enabled) = C:\Users\zr7driver\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.2.0.10687_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Windows Genuine Advantage (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npLegitCheckPlugin.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit)  (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit)  (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: Yahoo! activeX Plug-in Bridge (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll
CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility (Enabled) = C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Java Deployment Toolkit 7.0.70.10 (Enabled) = C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll
CHR - plugin: Java(TM) Platform SE 7 U7 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: Media Go Detector (Enabled) = C:\Program Files\Sony\Media Go\npmediago.dll
CHR - plugin: PlayStation(R)Network Downloader Check Plug-in (Enabled) = C:\Program Files\Sony\PLAYSTATION Network Downloader\nppsndl.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: RealNetworks(tm) Chrome Background Extension Plug-In (32-bit)  (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw_1166636.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - Extension: Photo Zoom for Facebook = C:\Users\zr7driver\AppData\Local\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi\1.1208.30.1_0\
CHR - Extension: Clock f\u00FCr Google Chrome \u2122 = C:\Users\zr7driver\AppData\Local\Google\Chrome\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg\2.0.1.3_0\
CHR - Extension: YoWindow Wetter = C:\Users\zr7driver\AppData\Local\Google\Chrome\User Data\Default\Extensions\fanogbnclpilemkifpjeglokomebpnef\1.33_0\
CHR - Extension: Full Screen Weather = C:\Users\zr7driver\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkkaebihfmbofclegkcfkkemepfehibg\1.3_0\
CHR - Extension: AdBlock = C:\Users\zr7driver\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.45_0\
CHR - Extension: avast! WebRep = C:\Users\zr7driver\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1466_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\zr7driver\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: Skype Click to Call = C:\Users\zr7driver\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.2.0.10687_0\
CHR - Extension: Regen-Alarm Erweiterung = C:\Users\zr7driver\AppData\Local\Google\Chrome\User Data\Default\Extensions\olnconaknblgbkfgknkfmmfhhbebkekd\1.2.7_0\
 
O1 HOSTS File: ([2012.05.04 08:56:10 | 000,442,850 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1        www.007guard.com
O1 - Hosts: 127.0.0.1        007guard.com
O1 - Hosts: 127.0.0.1        008i.com
O1 - Hosts: 127.0.0.1        www.008k.com
O1 - Hosts: 127.0.0.1        008k.com
O1 - Hosts: 127.0.0.1        www.00hq.com
O1 - Hosts: 127.0.0.1        00hq.com
O1 - Hosts: 127.0.0.1        010402.com
O1 - Hosts: 127.0.0.1        www.032439.com
O1 - Hosts: 127.0.0.1        032439.com
O1 - Hosts: 127.0.0.1        www.0scan.com
O1 - Hosts: 127.0.0.1        0scan.com
O1 - Hosts: 127.0.0.1        1000gratisproben.com
O1 - Hosts: 127.0.0.1        www.1000gratisproben.com
O1 - Hosts: 127.0.0.1        1001namen.com
O1 - Hosts: 127.0.0.1        www.1001namen.com
O1 - Hosts: 127.0.0.1        www.100888290cs.com
O1 - Hosts: 127.0.0.1        100888290cs.com
O1 - Hosts: 127.0.0.1        100sexlinks.com
O1 - Hosts: 127.0.0.1        www.100sexlinks.com
O1 - Hosts: 127.0.0.1        www.10sek.com
O1 - Hosts: 127.0.0.1        10sek.com
O1 - Hosts: 127.0.0.1        1-2005-search.com
O1 - Hosts: 127.0.0.1        www.1-2005-search.com
O1 - Hosts: 127.0.0.1        www.123fporn.info
O1 - Hosts: 15214 more lines...
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Programme\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Programme\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Windows Live ID-Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (WOT Helper) - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Programme\WOT\WOT.dll ()
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (WOT) - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Programme\WOT\WOT.dll ()
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Programme\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\..\Toolbar\WebBrowser: (WOT) - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Programme\WOT\WOT.dll ()
O3 - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Programme\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
O4 - HKLM..\Run: [adm_tray.exe] C:\Programme\Acronis\DriveMonitor\adm_tray.exe ()
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [IObit Malware Fighter] C:\Program Files\IObit\IObit Malware Fighter\IMF.exe (IObit)
O4 - HKLM..\Run: [LexwareInfoService] C:\Program Files\Common Files\Lexware\Update Manager\LxUpdateManager.exe (Haufe-Lexware GmbH & Co. KG)
O4 - HKLM..\Run: [mumservice] C:\Programme\Motorola\Software Update\mumservice.exe (Motorola)
O4 - HKU\.DEFAULT..\Run: [FRITZ!protect] FwebProt.exe File not found
O4 - HKU\S-1-5-18..\Run: [FRITZ!protect] FwebProt.exe File not found
O4 - HKU\S-1-5-21-2688999502-884777346-3256751407-1001..\Run: [KiesPDLR] C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O4 - HKU\S-1-5-21-2688999502-884777346-3256751407-1001..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe (Samsung)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk =  File not found
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk =  File not found
O4 - Startup: C:\Users\zr7driver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\zr7driver\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\zr7driver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FRITZ!DSL Internet.lnk = C:\Programme\FRITZ!DSL\FritzDsl.exe (AVM Berlin)
O4 - Startup: C:\Users\zr7driver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FRITZ!DSL Protect.lnk = C:\Programme\FRITZ!DSL\FwebProt.exe (AVM Berlin)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoPropertiesMyComputer = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFileAssociate = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogoff = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispScrSavPage = 0
O7 - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 221
O7 - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found
O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - Reg Error: Key error. File not found
O9 - Extra Button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Programme\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Programme\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files\FRITZ!DSL\\sarah.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\FRITZ!DSL\sarah.dll (AVM Berlin)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\FRITZ!DSL\sarah.dll (AVM Berlin)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\FRITZ!DSL\sarah.dll (AVM Berlin)
O10 - Protocol_Catalog9\Catalog_Entries\000000000050 - C:\Program Files\FRITZ!DSL\sarah.dll (AVM Berlin)
O13 - gopher Prefix: missing
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {1E3F1348-4370-4BBE-A67A-CC7ED824CA85} hxxp://download.microsoft.com/download/7/4/9/749b0dc5-2175-4d5b-a6dd-9c4bc923683e/Selfhelpcontrol.cab (Microsoft Genuine Advantage Self Support Tool)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 10.7.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3752C415-0AD3-4D70-88DD-5C627777D71D}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{70461503-9E7A-42FB-9CFC-1852690458B5}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8BBE4987-A903-408A-A660-FD8F19F10960}: DhcpNameServer = 192.168.42.129
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\wot {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Programme\WOT\WOT.dll ()
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{13769a4b-bcd5-11df-a9f6-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{13769a4b-bcd5-11df-a9f6-806e6f6e6963}\Shell\AutoRun\command - "" = E:\LxSetup.exe
O33 - MountPoints2\{30442c83-27ba-11e1-9df3-001583096ec8}\Shell - "" = AutoRun
O33 - MountPoints2\{30442c83-27ba-11e1-9df3-001583096ec8}\Shell\AutoRun\command - "" = G:\setup.exe -a
O33 - MountPoints2\{50e93006-11bf-11e0-b121-001583096ec8}\Shell - "" = AutoRun
O33 - MountPoints2\{d20cf144-c87b-11df-ad11-001583096ec8}\Shell - "" = AutoRun
O34 - HKLM BootExecute: (pdboot.exe)
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^PHOTOfunSTUDIO 5.2 HD Edition.lnk - C:\Programme\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe - (Panasonic Corporation)
MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Secunia PSI Tray.lnk - C:\Programme\Secunia\PSI\psi_tray.exe - (Secunia)
MsConfig - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: AndroidSync - hkey= - key= - C:\Program Files\Android-Sync\AndroidSync.exe (hxxp://www.android-sync.com)
MsConfig - StartUpReg: B2C_AGENT - hkey= - key= - C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe (LG Electronics)
MsConfig - StartUpReg: Badoo Desktop - hkey= - key= - C:\ProgramData\Badoo\Badoo Desktop\1.2.22.828\Badoo.Desktop.exe (Badoo)
MsConfig - StartUpReg: Guard.Mail.ru.gui - hkey= - key= -  File not found
MsConfig - StartUpReg: HTC Sync Loader - hkey= - key= - C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe ()
MsConfig - StartUpReg: KiesAirMessage - hkey= - key= -  File not found
MsConfig - StartUpReg: KiesHelper - hkey= - key= -  File not found
MsConfig - StartUpReg: KiesPDLR - hkey= - key= - C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
MsConfig - StartUpReg: KiesTrayAgent - hkey= - key= - C:\Programme\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
MsConfig - StartUpReg: Messenger (Yahoo!) - hkey= - key= - C:\Programme\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
MsConfig - StartUpReg: Miranda Fusion - hkey= - key= - C:\Programme\MirandaFusion\fusiontools\mfstart.exe (Miranda Fusion Team)
MsConfig - StartUpReg: mumservice - hkey= - key= - C:\Programme\Motorola\Software Update\mumservice.exe (Motorola)
MsConfig - StartUpReg: NokiaMServer - hkey= - key= - C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
MsConfig - StartUpReg: NokiaOviSuite2 - hkey= - key= - C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe (Nokia)
MsConfig - StartUpReg: TkBellExe - hkey= - key= - c:\program files\real\realplayer\Update\realsched.exe (RealNetworks, Inc.)
MsConfig - StartUpReg: TomTomHOME.exe - hkey= - key= - C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
MsConfig - StartUpReg: WinampAgent - hkey= - key= - C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.)
MsConfig - State: "startup" - 2

zr7driver 14.10.2012 19:13
Code:
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: IMFservice - C:\Programme\IObit\IObit Malware Fighter\IMFsrv.exe (IObit)
SafeBootMin: NTDS -  File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS -  File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
ActiveX: {0291E591-EA41-4c82-8106-3DC6CE7F7664} - Reg Error: Value error.
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {166B1BCA-3F9C-11CF-8075-444553540000} - Macromedia Shockwave Director 10.1
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 10.4
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Macromedia Shockwave Director 10.1
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} - Reg Error: Value error.
ActiveX: {347B0667-C7ED-429B-BDE3-CC8D3BACAA31} - Reg Error: Value error.
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Webordner
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - DOTNETFRAMEWORKS
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - Reg Error: Value error.
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.10.13 10:43:38 | 000,000,000 | ---D | C] -- C:\Users\zr7driver\AppData\Local\assembly
[2012.10.12 21:16:38 | 000,000,000 | ---D | C] -- C:\Users\zr7driver\Documents\Add-in Express
[2012.10.12 21:16:28 | 000,000,000 | ---D | C] -- C:\Users\zr7driver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmartTools
[2012.10.12 21:16:27 | 000,000,000 | ---D | C] -- C:\Program Files\SmartTools
[2012.10.11 23:02:36 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2012.10.11 23:02:36 | 000,000,000 | ---D | C] -- C:\Users\zr7driver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
[2012.10.10 19:57:00 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\zr7driver\Desktop\OTL.exe
[2012.10.08 09:41:26 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012.10.07 01:11:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.10.07 01:11:15 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.10.07 01:11:15 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.10.05 18:48:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2012.09.29 16:15:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steuer 2010
[2012.09.29 16:15:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexware
[2012.09.29 16:14:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Lexware
[2012.09.29 16:14:21 | 000,000,000 | ---D | C] -- C:\Program Files\Lexware
[2012.09.29 16:11:05 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Lexware
[2012.09.29 16:11:04 | 000,000,000 | ---D | C] -- C:\Users\zr7driver\AppData\Local\Lexware
[2012.09.28 21:41:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Care 365
[2012.09.28 21:41:02 | 000,000,000 | ---D | C] -- C:\Program Files\Wise
[2012.09.21 10:58:54 | 000,000,000 | ---D | C] -- C:\Users\zr7driver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Urlaubsplaner 2013
[2012.09.15 16:55:23 | 000,181,344 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\System32\drivers\ssudserd.sys
[2012.09.15 16:55:23 | 000,181,344 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\System32\drivers\ssudmdm.sys
[2012.09.15 16:55:22 | 000,083,168 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\System32\drivers\ssudbus.sys
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.10.14 18:34:54 | 000,009,888 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.10.14 18:34:54 | 000,009,888 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.10.14 18:34:48 | 000,707,706 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.10.14 18:34:48 | 000,661,302 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.10.14 18:34:48 | 000,153,192 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.10.14 18:34:48 | 000,125,388 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.10.14 18:33:01 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.10.14 18:27:14 | 000,000,322 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job
[2012.10.14 18:27:01 | 000,001,100 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.10.14 18:26:46 | 000,000,406 | ---- | M] () -- C:\Windows\tasks\Wise Care 365.job
[2012.10.14 18:26:38 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.10.14 18:26:35 | 2616,643,584 | -HS- | M] () -- C:\hiberfil.sys
[2012.10.14 12:12:01 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.10.14 10:34:00 | 000,000,944 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2688999502-884777346-3256751407-1001UA.job
[2012.10.14 01:56:45 | 000,000,922 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2688999502-884777346-3256751407-1001Core.job
[2012.10.12 15:18:45 | 000,001,115 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.10.11 23:02:37 | 000,001,244 | ---- | M] () -- C:\Users\zr7driver\Desktop\Revo Uninstaller.lnk
[2012.10.11 19:10:32 | 000,001,124 | ---- | M] () -- C:\Users\Public\Desktop\Wise Care 365.lnk
[2012.10.11 06:14:51 | 000,002,326 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012.10.10 19:57:07 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\zr7driver\Desktop\OTL.exe
[2012.10.09 20:32:20 | 000,538,327 | ---- | M] () -- C:\Users\zr7driver\Desktop\adwcleaner.exe
[2012.10.07 01:11:17 | 000,001,089 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.09.29 16:25:19 | 000,002,739 | ---- | M] () -- C:\Users\Public\Desktop\Steuer 2010.lnk
[2012.09.27 21:12:55 | 000,010,495 | ---- | M] () -- C:\Users\zr7driver\WaltherR_elster_2048.pfx
[2012.09.21 10:58:54 | 000,001,094 | ---- | M] () -- C:\Users\zr7driver\Desktop\Urlaubsplaner 2013 (Version 2.13) - Deutschland.lnk
[2012.09.18 10:15:17 | 000,000,969 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.10.11 23:02:37 | 000,001,244 | ---- | C] () -- C:\Users\zr7driver\Desktop\Revo Uninstaller.lnk
[2012.10.07 10:04:28 | 000,538,327 | ---- | C] () -- C:\Users\zr7driver\Desktop\adwcleaner.exe
[2012.10.07 01:11:17 | 000,001,089 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.09.29 16:15:52 | 000,002,739 | ---- | C] () -- C:\Users\Public\Desktop\Steuer 2010.lnk
[2012.09.28 22:24:17 | 000,000,406 | ---- | C] () -- C:\Windows\tasks\Wise Care 365.job
[2012.09.28 21:41:07 | 000,001,124 | ---- | C] () -- C:\Users\Public\Desktop\Wise Care 365.lnk
[2012.09.27 21:12:39 | 000,010,495 | ---- | C] () -- C:\Users\zr7driver\WaltherR_elster_2048.pfx
[2012.09.21 10:58:54 | 000,001,094 | ---- | C] () -- C:\Users\zr7driver\Desktop\Urlaubsplaner 2013 (Version 2.13) - Deutschland.lnk
[2012.07.29 10:59:44 | 000,000,017 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\resmon.resmoncfg
[2012.06.17 13:31:23 | 000,001,124 | ---- | C] () -- C:\Users\zr7driver\Unterammergau_2012.itn
[2012.06.17 13:29:59 | 000,023,945 | ---- | C] () -- C:\Users\zr7driver\Unterammergau_2012.kml
[2012.04.09 20:19:46 | 000,002,773 | ---- | C] () -- \ZR7DRIVER-PC.rtf
[2012.03.30 20:40:37 | 000,338,432 | ---- | C] () -- C:\Windows\System32\sqlite36_engine.dll
[2012.03.15 12:19:31 | 002,950,336 | ---- | C] () -- C:\Users\zr7driver\Kony2012_digital_kit.zip
[2012.02.01 05:41:45 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{4A4B9D26-AA08-4479-8413-EC94C1495FEA}
[2012.01.31 19:15:44 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2012.01.31 19:15:42 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2012.01.31 19:15:42 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2012.01.31 19:15:42 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2012.01.31 19:15:42 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
[2012.01.13 20:08:12 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{3ADCD066-1845-4420-813A-0152E185A562}
[2011.12.30 10:50:01 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{0766FBBE-1B10-4D18-B8FD-7921451DF9C6}
[2011.12.26 13:04:07 | 000,451,072 | ---- | C] () -- C:\Windows\System32\ISSRemoveSP.exe
[2011.12.25 23:49:46 | 000,110,080 | ---- | C] () -- C:\Windows\System32\advd.dll
[2011.12.25 23:49:46 | 000,023,040 | ---- | C] () -- C:\Windows\System32\auth.dll
[2011.12.25 23:49:44 | 000,559,104 | ---- | C] () -- C:\Windows\System32\lame.exe
[2011.12.25 23:49:44 | 000,237,568 | ---- | C] () -- C:\Windows\System32\lame_enc.dll
[2011.12.23 10:50:00 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{1C4F85BF-C25C-40D8-9072-C915C7610CF0}
[2011.12.23 10:02:20 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{DC88FA66-C4A7-4165-B3C1-62F961889D2F}
[2011.12.23 05:42:16 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{753738CE-CC9E-43C5-A535-266989FB1EB0}
[2011.12.22 21:15:10 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{56518DCC-6EA3-475B-8402-DCD2DBC03511}
[2011.12.22 10:50:00 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{CEC58609-76D2-4EA6-9531-7C3AA9E59D4E}
[2011.12.22 09:58:41 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{75C3B094-F8E5-49A6-B3F7-6EE5EC9B06A9}
[2011.12.13 10:50:01 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{36A7198A-B63C-4ED1-8E79-D6E1A01847BA}
[2011.12.13 10:04:48 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{43A6C6E7-5102-4D08-B831-D9FF396BBB74}
[2011.12.12 10:50:02 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{E93FDF79-0B6E-40E7-ACBB-3E68917B158A}
[2011.12.08 10:08:03 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{A4AFC9A3-D672-44ED-982A-467C3938BFE7}
[2011.12.07 09:54:52 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{E9BBF441-1A49-47C7-A653-236B5B3BBFA1}
[2011.12.04 07:22:12 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{AE7A2FF6-BC86-4981-A1CC-55430DF54232}
[2011.12.02 10:04:51 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{5CE40A7C-C86D-4574-AA9B-81AF3B3984FF}
[2011.12.01 21:19:21 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{A67ACE38-ADEE-449A-86E7-909D2DBA9B23}
[2011.12.01 10:06:14 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{A795E345-7B05-4BC3-80F5-8E145C4EDBA5}
[2011.11.30 21:01:54 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{46D14579-E7ED-4468-A4A1-010E6903B9D6}
[2011.11.29 10:50:01 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{15BAC503-F22F-4409-A44E-3EF0670584FA}
[2011.11.29 10:03:41 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{759C9C24-C460-4D61-9460-1EBF1E7E2F7F}
[2011.11.29 05:39:30 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{4D4D9BF3-9AC9-4895-9352-F90DC35855A6}
[2011.11.25 19:49:49 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{A36FD9B9-77B7-4AA3-88CD-916BA7ED3164}
[2011.11.23 19:32:37 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{0BF97707-9995-4474-AA26-C1B7A09F2755}
[2011.11.20 12:36:06 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{9A3933A9-ABB4-4DD1-BDF9-EE9E60064BA0}
[2011.11.14 11:03:11 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{D09CB122-FADC-444C-8947-C71A91EABD81}
[2011.11.14 10:50:03 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{60914264-77B5-4DF5-97B5-7C0FF0508A66}
[2011.10.10 11:33:41 | 000,000,097 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\fusioncache.dat
[2011.06.17 00:36:07 | 005,406,987 | ---- | C] () -- \RUU_signed.nbh
[2011.06.17 00:36:07 | 001,481,928 | ---- | C] () -- \task29.exe
[2011.06.17 00:36:07 | 001,449,160 | ---- | C] () -- \RUUResource.dll
[2011.06.17 00:36:07 | 000,213,864 | ---- | C] () -- \ModelID.fig
[2011.06.17 00:36:07 | 000,175,304 | ---- | C] () -- \rapitool.exe
[2011.06.17 00:36:07 | 000,141,368 | ---- | C] () -- \ErrorUSB.fig
[2011.06.17 00:36:07 | 000,095,552 | ---- | C] () -- \ErrorBattery.fig
[2011.06.17 00:36:07 | 000,013,512 | ---- | C] () -- \RUUGetInfo.exe
[2011.06.17 00:36:07 | 000,008,904 | ---- | C] () -- \EnterBootloader.exe
[2011.06.17 00:36:07 | 000,000,013 | ---- | C] () -- \ROMUpdateUtility.cfg
[2011.06.10 06:34:52 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2011.06.03 22:46:09 | 000,000,518 | ---- | C] () -- C:\Windows\wininit.ini
[2011.04.27 10:40:07 | 000,000,064 | ---- | C] () -- C:\Windows\System32\rp_stats.dat
[2011.04.27 10:40:07 | 000,000,044 | ---- | C] () -- C:\Windows\System32\rp_rules.dat
[2011.01.21 23:30:49 | 000,000,102 | ---- | C] () -- \qehjlhawlh
[2011.01.18 20:57:44 | 000,000,862 | ---- | C] () -- C:\Users\zr7driver\.recently-used.xbel
[2011.01.08 12:02:39 | 000,001,117 | ---- | C] () -- C:\Users\zr7driver\Dokumente - Verknüpfung.lnk
[2011.01.04 21:05:23 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll
[2010.12.26 00:18:10 | 000,000,064 | ---- | C] () -- C:\ProgramData\sandra.ldb
[2010.12.26 00:14:22 | 010,960,896 | ---- | C] () -- C:\ProgramData\sandra.mda
[2010.11.16 21:01:57 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
[2010.11.16 21:01:56 | 000,111,932 | ---- | C] () -- C:\Windows\System32\EPPICPrinterDB.dat
[2010.11.16 21:01:56 | 000,031,053 | ---- | C] () -- C:\Windows\System32\EPPICPattern131.dat
[2010.11.16 21:01:56 | 000,027,417 | ---- | C] () -- C:\Windows\System32\EPPICPattern121.dat
[2010.11.16 21:01:56 | 000,026,154 | ---- | C] () -- C:\Windows\System32\EPPICPattern1.dat
[2010.11.16 21:01:56 | 000,024,903 | ---- | C] () -- C:\Windows\System32\EPPICPattern3.dat
[2010.11.16 21:01:56 | 000,021,390 | ---- | C] () -- C:\Windows\System32\EPPICPattern5.dat
[2010.11.16 21:01:56 | 000,020,148 | ---- | C] () -- C:\Windows\System32\EPPICPattern2.dat
[2010.11.16 21:01:56 | 000,011,811 | ---- | C] () -- C:\Windows\System32\EPPICPattern4.dat
[2010.11.16 21:01:56 | 000,004,943 | ---- | C] () -- C:\Windows\System32\EPPICPattern6.dat
[2010.11.16 21:01:56 | 000,001,146 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_DU.dat
[2010.11.16 21:01:56 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_PT.dat
[2010.11.16 21:01:56 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_BP.dat
[2010.11.16 21:01:56 | 000,001,136 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_ES.dat
[2010.11.16 21:01:56 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_FR.dat
[2010.11.16 21:01:56 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_CF.dat
[2010.11.16 21:01:56 | 000,001,120 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_IT.dat
[2010.11.16 21:01:56 | 000,001,107 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_GE.dat
[2010.11.16 21:01:56 | 000,001,104 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_EN.dat
[2010.10.28 13:24:13 | 000,015,873 | ---- | C] () -- C:\Windows\System32\Inetde.dll
[2010.10.03 22:23:13 | 001,140,638 | ---- | C] () -- C:\Users\zr7driver\Backup LG GT540 Optimus 03.10.2010.mpb
[2010.10.02 22:02:25 | 000,000,360 | -H-- | C] () -- \IPH.PH
[2010.09.24 13:26:13 | 000,050,688 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.09.12 11:27:22 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.09.10 14:15:23 | 2616,643,584 | -HS- | C] () -- \hiberfil.sys
[2010.02.15 15:31:27 | 000,000,000 | RHS- | C] () -- \MSDOS.SYS
[2010.02.15 15:31:27 | 000,000,000 | RHS- | C] () -- \IO.SYS
[2009.07.14 04:04:04 | 000,000,024 | ---- | C] () -- \autoexec.bat
[2009.07.14 04:04:04 | 000,000,010 | ---- | C] () -- \config.sys
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2010.09.10 14:23:37 | 000,000,000 | -H-D | M] -- C:\Users\Administrator\AppData
[2012.09.14 12:05:54 | 000,000,000 | ---D | M] -- C:\Users\All Users\AAV
[2012.06.21 22:54:33 | 000,000,000 | ---D | M] -- C:\Users\All Users\Acronis
[2010.10.02 22:02:57 | 000,000,000 | ---D | M] -- C:\Users\All Users\AIM
[2010.09.10 14:33:24 | 000,000,000 | ---D | M] -- C:\Users\All Users\ALDI Sued Foto Service
[2010.02.15 19:14:06 | 000,000,000 | ---D | M] -- C:\Users\All Users\Aldi Sued Fotoservice
[2010.09.10 14:23:35 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Anwendungsdaten
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Application Data
[2010.02.04 10:24:04 | 000,000,000 | ---D | M] -- C:\Users\All Users\Applications
[2010.10.01 09:50:45 | 000,000,000 | ---D | M] -- C:\Users\All Users\ashampoo
[2010.10.28 14:22:41 | 000,000,000 | ---D | M] -- C:\Users\All Users\Avanquest
[2011.12.13 12:33:25 | 000,000,000 | ---D | M] -- C:\Users\All Users\AVAST Software
[2011.01.21 23:14:26 | 000,000,000 | ---D | M] -- C:\Users\All Users\Avery
[2012.05.01 17:04:55 | 000,000,000 | ---D | M] -- C:\Users\All Users\AVG2012
[2011.03.20 19:35:07 | 000,000,000 | ---D | M] -- C:\Users\All Users\Badoo
[2011.11.13 13:13:35 | 000,000,000 | ---D | M] -- C:\Users\All Users\BlueStacks
[2010.09.11 13:32:20 | 000,000,000 | ---D | M] -- C:\Users\All Users\Bluetooth
[2010.09.10 14:38:52 | 000,000,000 | ---D | M] -- C:\Users\All Users\BullGuard
[2011.01.21 23:25:01 | 000,000,000 | ---D | M] -- C:\Users\All Users\CAM Development
[2012.07.06 11:12:42 | 000,000,000 | ---D | M] -- C:\Users\All Users\Canneverbe Limited
[2010.12.21 18:54:57 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CanonBJ
[2010.12.21 19:18:51 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CanonEPP
[2011.01.06 12:49:01 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CanonIJEGV
[2010.12.21 19:20:52 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CanonIJEPPEX
[2010.12.21 19:18:51 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CanonIJEPPEX2
[2010.12.21 18:59:24 | 000,000,000 | ---D | M] -- C:\Users\All Users\CanonIJMSetup
[2010.12.21 19:18:50 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CanonIJMyPrinter
[2012.10.11 19:19:04 | 000,000,000 | ---D | M] -- C:\Users\All Users\CanonIJPLM
[2010.12.21 19:18:54 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CanonIJSolutionMenuEX
[2010.12.21 18:57:38 | 000,000,000 | ---D | M] -- C:\Users\All Users\CanonIJWSpt
[2011.12.13 12:28:15 | 000,000,000 | ---D | M] -- C:\Users\All Users\CheckPoint
[2012.04.06 22:36:51 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Common Files
[2011.05.27 20:42:55 | 000,000,000 | ---D | M] -- C:\Users\All Users\Das Fussball Studio
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Desktop
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Documents
[2010.09.10 14:23:35 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Dokumente
[2010.09.24 15:06:46 | 000,000,000 | ---D | M] -- C:\Users\All Users\Electronic Arts
[2010.09.10 14:23:35 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Favoriten
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Favorites
[2012.05.30 15:31:55 | 000,000,000 | ---D | M] -- C:\Users\All Users\GFI Software
[2011.09.02 19:02:18 | 000,000,000 | ---D | M] -- C:\Users\All Users\ICQ
[2011.02.03 11:43:08 | 000,000,000 | ---D | M] -- C:\Users\All Users\Installations
[2010.09.14 20:54:50 | 000,000,000 | ---D | M] -- C:\Users\All Users\ISDNWatch
[2011.09.18 13:50:27 | 000,000,000 | ---D | M] -- C:\Users\All Users\Kaspersky SDK
[2012.09.29 16:20:15 | 000,000,000 | ---D | M] -- C:\Users\All Users\Lexware
[2012.08.06 17:35:58 | 000,000,000 | ---D | M] -- C:\Users\All Users\LGMOBILEAX
[2011.12.26 00:31:42 | 000,000,000 | ---D | M] -- C:\Users\All Users\MAGIX
[2010.10.01 09:34:33 | 000,000,000 | ---D | M] -- C:\Users\All Users\Magix Shared
[2012.07.04 11:21:23 | 000,000,000 | ---D | M] -- C:\Users\All Users\Motorola
[2011.02.03 11:45:44 | 000,000,000 | ---D | M] -- C:\Users\All Users\Nokia
[2011.05.22 21:27:49 | 000,000,000 | ---D | M] -- C:\Users\All Users\NokiaAccount
[2011.02.03 11:35:56 | 000,000,000 | ---D | M] -- C:\Users\All Users\NokiaInstallerCache
[2010.10.28 09:33:37 | 000,000,000 | ---D | M] -- C:\Users\All Users\OO Software
[2010.11.17 23:21:04 | 000,000,000 | ---D | M] -- C:\Users\All Users\Panasonic
[2011.02.03 20:58:50 | 000,000,000 | ---D | M] -- C:\Users\All Users\PC Suite
[2010.10.28 14:56:56 | 000,000,000 | ---D | M] -- C:\Users\All Users\PimeroUpdater
[2011.09.25 19:24:16 | 000,000,000 | ---D | M] -- C:\Users\All Users\RapidSolution
[2012.06.03 09:31:13 | 000,000,000 | ---D | M] -- C:\Users\All Users\Samsung
[2010.09.14 09:30:30 | 000,000,000 | ---D | M] -- C:\Users\All Users\ScanSoft
[2010.10.28 14:56:56 | 000,000,000 | ---D | M] -- C:\Users\All Users\soft-evolution
[2012.08.17 13:24:08 | 000,000,000 | ---D | M] -- C:\Users\All Users\Sony
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Start Menu
[2010.09.10 14:23:35 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Startmenü
[2010.09.24 14:39:57 | 000,000,000 | ---D | M] -- C:\Users\All Users\T-Online
[2012.06.05 16:48:09 | 000,000,000 | ---D | M] -- C:\Users\All Users\Temp
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Templates
[2010.12.18 13:26:06 | 000,000,000 | ---D | M] -- C:\Users\All Users\TomTom
[2010.12.12 21:06:36 | 000,000,000 | ---D | M] -- C:\Users\All Users\Uniblue
[2010.09.10 14:23:35 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Vorlagen
[2010.09.10 14:23:35 | 000,000,000 | -HSD | M] -- C:\Users\Default\Anwendungsdaten
[2009.07.14 04:37:05 | 000,000,000 | -H-D | M] -- C:\Users\Default\AppData
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\Default\Application Data
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\Default\Cookies
[2009.07.14 04:04:25 | 000,000,000 | R--D | M] -- C:\Users\Default\Desktop
[2010.09.10 14:23:35 | 000,000,000 | R--D | M] -- C:\Users\Default\Documents
[2009.07.14 04:04:25 | 000,000,000 | R--D | M] -- C:\Users\Default\Downloads
[2010.09.10 14:23:35 | 000,000,000 | -HSD | M] -- C:\Users\Default\Druckumgebung
[2010.09.10 14:23:35 | 000,000,000 | -HSD | M] -- C:\Users\Default\Eigene Dateien
[2010.02.15 14:08:00 | 000,000,000 | R--D | M] -- C:\Users\Default\Favorites
[2009.07.14 04:04:25 | 000,000,000 | R--D | M] -- C:\Users\Default\Links
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\Default\Local Settings
[2010.09.10 14:23:35 | 000,000,000 | -HSD | M] -- C:\Users\Default\Lokale Einstellungen
[2009.07.14 04:04:25 | 000,000,000 | R--D | M] -- C:\Users\Default\Music
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\Default\My Documents
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\Default\NetHood
[2010.09.10 14:23:35 | 000,000,000 | -HSD | M] -- C:\Users\Default\Netzwerkumgebung
[2009.07.14 04:04:25 | 000,000,000 | R--D | M] -- C:\Users\Default\Pictures
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\Default\PrintHood
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\Default\Recent
[2009.07.14 04:04:25 | 000,000,000 | ---D | M] -- C:\Users\Default\Saved Games
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\Default\SendTo
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\Default\Start Menu
[2010.09.10 14:23:35 | 000,000,000 | -HSD | M] -- C:\Users\Default\Startmenü
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\Default\Templates
[2009.07.14 04:04:25 | 000,000,000 | R--D | M] -- C:\Users\Default\Videos
[2010.09.10 14:23:35 | 000,000,000 | -HSD | M] -- C:\Users\Default\Vorlagen
[2012.10.13 21:57:45 | 000,000,000 | RH-D | M] -- C:\Users\Public\Desktop
[2012.05.01 18:01:42 | 000,000,000 | R--D | M] -- C:\Users\Public\Documents
[2009.07.14 06:41:57 | 000,000,000 | R--D | M] -- C:\Users\Public\Downloads
[2009.07.14 04:04:25 | 000,000,000 | RH-D | M] -- C:\Users\Public\Favorites
[2010.09.10 14:23:36 | 000,000,000 | RH-D | M] -- C:\Users\Public\Libraries
[2009.07.14 06:41:57 | 000,000,000 | R--D | M] -- C:\Users\Public\Music
[2010.11.28 10:51:32 | 000,000,000 | R--D | M] -- C:\Users\Public\Pictures
[2010.09.11 11:34:19 | 000,000,000 | R--D | M] -- C:\Users\Public\Recorded TV
[2012.08.21 14:05:30 | 000,000,000 | R--D | M] -- C:\Users\Public\Videos
[2011.01.18 21:04:39 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\.gimp-2.6
[2012.08.16 14:37:17 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\.hgt
[2011.05.29 10:38:53 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\.jordan
[2012.08.11 19:06:48 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\.swt
[2011.01.18 20:57:41 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\.thumbnails
[2010.09.10 14:23:51 | 000,000,000 | -HSD | M] -- C:\Users\zr7driver\Anwendungsdaten
[2010.09.10 14:23:51 | 000,000,000 | -H-D | M] -- C:\Users\zr7driver\AppData
[2010.09.11 13:57:02 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\Application Data
[2012.07.12 18:50:21 | 000,000,000 | R--D | M] -- C:\Users\zr7driver\Contacts
[2010.09.10 14:23:51 | 000,000,000 | -HSD | M] -- C:\Users\zr7driver\Cookies
[2012.10.12 11:34:58 | 000,000,000 | R--D | M] -- C:\Users\zr7driver\Desktop
[2012.10.12 21:16:38 | 000,000,000 | R--D | M] -- C:\Users\zr7driver\Documents
[2012.10.14 18:34:39 | 000,000,000 | R--D | M] -- C:\Users\zr7driver\Downloads
[2012.10.14 18:28:26 | 000,000,000 | R--D | M] -- C:\Users\zr7driver\Dropbox
[2010.09.10 14:23:51 | 000,000,000 | -HSD | M] -- C:\Users\zr7driver\Druckumgebung
[2010.09.10 14:23:51 | 000,000,000 | -HSD | M] -- C:\Users\zr7driver\Eigene Dateien
[2012.08.11 19:12:29 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\Eigene Routen
[2012.07.28 18:43:44 | 000,000,000 | R--D | M] -- C:\Users\zr7driver\Favorites
[2012.03.05 14:54:22 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\Handy
[2012.08.26 18:19:27 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\IGO
[2012.08.03 21:41:35 | 000,000,000 | R--D | M] -- C:\Users\zr7driver\Links
[2010.09.10 14:23:51 | 000,000,000 | -HSD | M] -- C:\Users\zr7driver\Lokale Einstellungen
[2012.10.14 11:17:52 | 000,000,000 | R--D | M] -- C:\Users\zr7driver\Music
[2010.09.10 14:23:51 | 000,000,000 | -HSD | M] -- C:\Users\zr7driver\Netzwerkumgebung
[2012.06.17 13:28:52 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\Neuer Ordner
[2012.06.17 13:29:08 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\Neuer Ordner (2)
[2012.06.17 13:29:52 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\Neuer Ordner (3)
[2012.10.02 19:47:04 | 000,000,000 | R--D | M] -- C:\Users\zr7driver\Pictures
[2012.08.20 17:46:18 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\Podcasts
[2010.09.10 14:23:51 | 000,000,000 | -HSD | M] -- C:\Users\zr7driver\Recent
[2012.07.12 18:50:22 | 000,000,000 | R--D | M] -- C:\Users\zr7driver\Saved Games
[2012.10.07 20:39:51 | 000,000,000 | R--D | M] -- C:\Users\zr7driver\Searches
[2010.09.10 14:23:51 | 000,000,000 | -HSD | M] -- C:\Users\zr7driver\SendTo
[2010.09.10 14:23:51 | 000,000,000 | -HSD | M] -- C:\Users\zr7driver\Startmenü
[2010.12.26 00:01:52 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\Tracing
[2012.09.30 13:51:29 | 000,000,000 | R--D | M] -- C:\Users\zr7driver\Videos
[2010.09.10 14:23:51 | 000,000,000 | -HSD | M] -- C:\Users\zr7driver\Vorlagen
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2010.10.28 14:18:49 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\A-Z Technology
[2010.10.02 22:04:10 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\acccore
[2012.05.30 09:44:14 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Ad-Aware Antivirus
[2011.06.13 19:49:33 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Adobe
[2010.12.16 21:21:27 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\ALK Technologies
[2011.09.09 13:46:44 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Amazon
[2011.10.29 09:06:40 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Apple Computer
[2012.05.26 21:04:40 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Ashampoo
[2012.08.11 11:42:43 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Audacity
[2011.01.26 15:58:44 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Avery
[2012.05.01 16:29:09 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\AVG2012
[2010.12.04 14:50:24 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\BOM
[2012.07.06 11:12:41 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Canneverbe Limited
[2012.01.23 06:15:42 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Canon
[2010.12.21 19:26:56 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\CD-LabelPrint
[2011.06.04 13:50:55 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\CheckPoint
[2010.09.19 14:50:38 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Chilirec
[2011.09.02 19:03:03 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\COMPUTERBILD-Abzockschutz
[2012.06.03 00:15:44 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\concept design
[2012.06.21 20:11:09 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\convert
[2010.11.27 12:27:16 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Cool Record Edit Pro
[2010.11.19 12:08:31 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Corel
[2010.11.13 22:23:11 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\CyberLink
[2012.10.14 18:28:31 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Dropbox
[2010.09.11 21:55:53 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.10.23 11:56:56 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\FastStone
[2010.10.23 18:03:47 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\FinalTorrent
[2010.11.05 10:08:17 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Fixit-E28F99E6-6133-4824-AECC-4D2FB1701F0B
[2010.12.12 20:59:56 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\foobar2000
[2011.12.25 23:51:12 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Franzis
[2010.11.27 11:25:32 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Free Sound Recorder 2010
[2010.10.28 11:45:39 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\FreeCommander
[2012.10.14 18:30:14 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\FRITZ!
[2010.09.14 20:54:50 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\FRITZ!fax für FRITZ!Box
[2012.06.03 20:12:55 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Geek Uninstaller
[2012.08.23 18:51:08 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\GeoSetter
[2011.01.21 23:12:47 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\GetRightToGo
[2010.09.24 14:52:19 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\GlarySoft
[2011.01.18 20:57:44 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\gtk-2.0
[2012.07.18 09:51:28 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\HTC
[2011.06.13 19:56:38 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1
[2012.05.29 16:30:38 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\ICQ
[2010.09.10 14:24:11 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Identities
[2010.11.16 21:01:55 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\InstallShield
[2012.07.28 18:43:35 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\IObit
[2012.07.12 11:53:07 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\IrfanView
[2012.06.05 16:42:29 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\iSpy
[2012.09.29 16:19:37 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Lexware
[2010.09.13 11:15:13 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\LG Electronics
[2010.09.10 14:47:37 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Macromedia
[2011.12.26 15:19:54 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\MAGIX
[2012.04.06 22:14:51 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Malwarebytes
[2010.10.28 14:25:13 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Marine Aquarium 3
[2009.07.14 10:56:41 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Media Center Programs
[2012.04.09 20:31:48 | 000,000,000 | --SD | M] -- C:\Users\zr7driver\AppData\Roaming\Microsoft
[2011.06.04 09:41:15 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Miranda
[2011.05.01 19:40:34 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Miranda Fusion
[2011.12.16 20:49:54 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\motorola
[2012.07.04 10:14:43 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Motorola Mobility
[2010.09.12 23:24:34 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Mozilla
[2012.06.10 17:56:08 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\MyPhoneExplorer
[2011.10.23 12:38:31 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\NCH Software
[2010.09.24 15:28:50 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Need for Speed World
[2012.10.14 19:00:07 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\NetSpeedMonitor
[2011.02.03 11:47:02 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Nokia
[2011.02.03 11:47:05 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Nokia Ovi Suite
[2010.09.20 10:01:58 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\OpenOffice.org
[2011.06.14 18:11:07 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Outlook
[2011.04.03 16:48:53 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\PC Suite
[2012.07.29 11:28:54 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\QuickScan
[2012.06.03 00:18:52 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Real
[2012.06.03 00:19:00 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\RealNetworks
[2011.01.06 14:37:49 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Recolored
[2012.06.03 09:29:45 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Samsung
[2010.12.13 18:44:15 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\ScanSoft
[2012.10.13 22:01:56 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Skype
[2012.04.09 20:31:38 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\skypePM
[2012.10.12 21:14:01 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\SmartTools
[2010.10.28 14:56:56 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\soft-evolution
[2012.09.17 10:23:30 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\SoftMaker
[2012.08.18 20:34:51 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Sony
[2010.10.29 01:45:32 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\streamripper
[2012.06.03 09:41:32 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Temp
[2010.09.20 09:33:23 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Template
[2010.09.12 23:24:33 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Thunderbird
[2010.12.18 13:25:50 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\TomTom
[2010.12.12 21:19:08 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Uniblue
[2012.09.26 09:24:10 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\vlc
[2012.01.08 00:12:50 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Weather Pulse
[2012.02.24 14:52:39 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\WeatherWatcherLive
[2010.12.26 00:01:52 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Winamp
[2010.10.23 19:53:19 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\WinRAR
[2012.10.14 18:28:24 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Wise Care 365
[2012.09.10 14:08:58 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Yahoo!
 
< %APPDATA%\*.exe /s >
[2011.12.25 23:48:53 | 000,709,568 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\unins000.exe
[2009.08.10 04:15:00 | 000,563,056 | ---- | M] (Avery Dennison Corporation. Envel Informationssysteme GmbH.) -- C:\Users\zr7driver\AppData\Roaming\Avery\Avery Wizard 3.1\AZWizard.exe
[2012.06.21 20:13:57 | 012,697,088 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\convert\convert.exe
[2012.07.25 04:08:10 | 026,909,544 | ---- | M] (Dropbox, Inc.) -- C:\Users\zr7driver\AppData\Roaming\Dropbox\bin\Dropbox.exe
[2012.07.25 04:08:14 | 000,874,424 | ---- | M] (Dropbox, Inc.) -- C:\Users\zr7driver\AppData\Roaming\Dropbox\bin\DropboxUpdateHelper.exe
[2012.07.25 04:08:20 | 000,181,784 | ---- | M] (Dropbox, Inc.) -- C:\Users\zr7driver\AppData\Roaming\Dropbox\bin\Uninstall.exe
[2012.08.18 07:23:58 | 004,907,207 | ---- | M] (Phil Harvey) -- C:\Users\zr7driver\AppData\Roaming\GeoSetter\tools\exiftool(-k).exe
[2010.09.13 12:10:23 | 000,053,248 | R--- | M] (Acresso Software Inc.) -- C:\Users\zr7driver\AppData\Roaming\Microsoft\Installer\{3E8DE1A6-B365-4FF6-B917-2892A34990E8}\ARPPRODUCTICON.exe
[2011.10.01 17:52:52 | 000,137,750 | R--- | M] () -- C:\Users\zr7driver\AppData\Roaming\Microsoft\Installer\{5D5509EA-B85A-411E-AB75-59069A411876}\_6199747583AC94FD011270.exe
[2011.10.01 17:52:52 | 000,137,750 | R--- | M] () -- C:\Users\zr7driver\AppData\Roaming\Microsoft\Installer\{5D5509EA-B85A-411E-AB75-59069A411876}\_7A9B8CB6BE7902E1058674.exe
[2011.10.01 17:52:52 | 000,137,750 | R--- | M] () -- C:\Users\zr7driver\AppData\Roaming\Microsoft\Installer\{5D5509EA-B85A-411E-AB75-59069A411876}\_853F67D554F05449430E7E.exe
[2011.10.01 17:52:52 | 000,010,134 | R--- | M] () -- C:\Users\zr7driver\AppData\Roaming\Microsoft\Installer\{5D5509EA-B85A-411E-AB75-59069A411876}\_9E1C27574C0C6A1F98F273.exe
[2011.01.26 15:58:48 | 000,010,134 | R--- | M] () -- C:\Users\zr7driver\AppData\Roaming\Microsoft\Installer\{77077FFF-8831-470F-9627-E86F06A50CCD}\ARPPRODUCTICON.exe
[2012.04.15 21:34:06 | 000,675,840 | ---- | M] (Maximilian Stangel) -- C:\Users\zr7driver\AppData\Roaming\Microsoft\Windows\Templates\BLT11-12_206.exe
[2011.01.16 11:17:32 | 000,510,120 | ---- | M] (RealNetworks, Inc.) -- C:\Users\zr7driver\AppData\Roaming\Real\Update\setup3.13\setup.exe
[2012.05.30 15:27:54 | 000,315,544 | ---- | M] (RealNetworks, Inc.) -- C:\Users\zr7driver\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\9.11\rnupgagent.exe
[2012.05.30 18:29:03 | 027,381,184 | ---- | M] (RealNetworks, Inc.) -- C:\Users\zr7driver\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\9.11\stub_data\RealPlayer.exe
[2012.05.30 18:28:15 | 000,692,480 | ---- | M] (RealNetworks, Inc.) -- C:\Users\zr7driver\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\9.11\stub_exe\RealPlayer.exe
[2012.05.30 03:17:52 | 000,958,392 | ---- | M] (Samsung) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\Kies.exe
[2012.05.30 03:17:54 | 000,278,968 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\KiesDriverInstaller.exe
[2012.05.23 18:51:18 | 000,318,976 | ---- | M] (Samsung) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\KiesLogger.exe
[2012.05.30 03:17:54 | 003,521,464 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\KiesTrayAgent.exe
[2012.05.23 18:50:32 | 000,180,224 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\DeviceModules\ConnectionManager.exe
[2012.05.23 18:50:32 | 000,321,024 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\DeviceModules\DeviceDataService.exe
[2012.05.30 02:49:14 | 000,721,920 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\DeviceModules\DeviceManager.exe
[2012.05.30 03:18:02 | 000,067,512 | ---- | M] (Samsung) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\DeviceModules\Kies_Tutorial.exe
[2012.05.23 18:50:18 | 000,106,960 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\FirmwareUpdate\AgentInstaller.exe
[2012.05.23 18:50:18 | 000,101,328 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\FirmwareUpdate\AgentUpdate.exe
[2012.05.30 03:18:04 | 000,183,736 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\FirmwareUpdate\BinaryLoaderMgr.exe
[2012.05.30 03:18:06 | 000,021,432 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\FirmwareUpdate\KiesPDLR.exe
[2012.05.30 03:18:08 | 003,570,352 | ---- | M] (Freeware) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\MediaModules\MyFreeCodecPack.exe
[2012.05.23 18:50:02 | 000,221,184 | ---- | M] (ENJsoft corp.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\TransModules\SelfMV.exe
[2012.05.23 18:50:04 | 000,061,440 | ---- | M] (ENJsoft corp.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\TransModules\SelfMV2.exe
[2012.05.30 03:18:10 | 000,371,128 | ---- | M] (ml) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\Updater\Kies.Update.exe
[2012.05.23 18:49:28 | 024,162,120 | ---- | M] (SAMSUNG Electronics Co., Ltd.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\USB Driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe
[2012.08.31 02:52:12 | 000,964,024 | ---- | M] (Samsung) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\Kies.exe
[2012.08.28 03:06:22 | 000,291,840 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\KiesAgent.exe
[2012.08.31 02:52:14 | 000,278,968 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\KiesDriverInstaller.exe
[2012.08.28 03:06:22 | 000,320,512 | ---- | M] (Samsung) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\KiesLogger.exe
[2012.08.31 02:52:14 | 003,524,536 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\KiesTrayAgent.exe
[2012.08.28 03:05:28 | 000,182,784 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\ConnectionManager.exe
[2012.08.28 03:05:28 | 000,322,048 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\DeviceDataService.exe
[2012.08.28 03:05:32 | 000,717,312 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\DeviceManager.exe
[2012.08.31 02:52:18 | 000,067,512 | ---- | M] (Samsung) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\Kies_Tutorial.exe
[2012.08.28 03:05:28 | 000,057,344 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\RegisterCOM.exe
[2012.08.28 03:05:14 | 000,106,960 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\FirmwareUpdate\AgentInstaller.exe
[2012.08.28 03:05:14 | 000,101,328 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\FirmwareUpdate\AgentUpdate.exe
[2012.08.31 02:52:20 | 000,183,736 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\FirmwareUpdate\BinaryLoaderMgr.exe
[2012.08.31 02:52:22 | 000,021,432 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\FirmwareUpdate\KiesPDLR.exe
[2012.08.31 02:52:24 | 003,765,256 | ---- | M] (Freeware) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\MediaModules\MyFreeCodecPack.exe
[2012.08.28 03:05:02 | 000,262,144 | ---- | M] (ENJsoft corp.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\TransModules\SelfMV.exe
[2012.08.28 03:05:02 | 000,090,112 | ---- | M] (ENJsoft corp.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\TransModules\SelfMV2.exe
[2012.08.31 02:52:26 | 000,593,848 | ---- | M] (ml) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\Updater\Kies.Update.exe
[2012.08.28 03:04:28 | 024,177,352 | ---- | M] (SAMSUNG Electronics Co., Ltd.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\USB Driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe
[2012.05.30 03:18:10 | 000,371,128 | ---- | M] (ml) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Temp\Kies.Update.exe
[2012.08.31 02:52:26 | 000,593,848 | ---- | M] (ml) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Updater\Kies.Update.exe
[2012.02.26 12:57:16 | 005,070,960 | ---- | M] (Uniblue Systems Ltd                                        ) -- C:\Users\zr7driver\AppData\Roaming\Uniblue\SystemTweaker\_temp\ub.exe
 
< %SYSTEMDRIVE%\*.exe >
[2010.03.10 18:51:36 | 000,008,904 | ---- | M] (HTC) -- C:\EnterBootloader.exe
[2010.03.10 18:51:36 | 000,175,304 | ---- | M] (HTC) -- C:\rapitool.exe
[2010.03.10 18:51:36 | 000,013,512 | ---- | M] () -- C:\RUUGetInfo.exe
[2010.03.10 18:54:08 | 001,481,928 | ---- | M] (HTC) -- C:\task29.exe
 
< MD5 for: AGP440.SYS  >
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
 
< MD5 for: EVENTLOG.DLL  >
[2010.07.06 12:53:22 | 000,043,520 | ---- | M] (Panasonic Corporation) MD5=536BD91DA54844945AF4971D877692D4 -- C:\Program Files\Panasonic\PHOTOfunSTUDIO 5.2 HD\Core\EventLog\EventLog.dll
[2008.06.06 15:03:52 | 000,007,216 | ---- | M] () MD5=C2A279A458A06DE2C83D842AA042B5A8 -- C:\Program Files\CyberLink\PowerDirector\EventLog.dll
 
< MD5 for: IASTORV.SYS  >
[2011.03.11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\drivers\iaStorV.sys
[2011.03.11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_b0daddb9e6380745\iaStorV.sys
[2011.03.11 07:43:55 | 000,332,160 | ---- | M] (Intel Corporation) MD5=71F1A494FEDF4B33C02C4A6A28D6D9E9 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_aef580fde910b4b0\iaStorV.sys
[2011.03.11 07:28:00 | 000,332,160 | ---- | M] (Intel Corporation) MD5=778D0E6D7D9EBA0C403BADBAAD41DB20 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_b152a892ff64119f\iaStorV.sys
[2009.07.14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys
[2010.11.20 14:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_668286aa35d55928\iaStorV.sys
[2010.11.20 14:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_b118bc63e60a139a\iaStorV.sys
[2011.03.11 07:52:21 | 000,332,160 | ---- | M] (Intel Corporation) MD5=B9039A34C2F8769490DCC494E2402445 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_afae2d45020c148b\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\System32\netlogon.dll
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_ffbf212e963c0162\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2011.03.11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\drivers\nvstor.sys
[2011.03.11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_3ba44e691d6eb11d\nvstor.sys
[2011.03.11 07:44:01 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4520B63899E867F354EE012D34E11536 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_39bef1ad20475e88\nvstor.sys
[2011.03.11 07:28:10 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=66D468654A58594F5F3BA63D5AD5B1AF -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_3c1c1942369abb77\nvstor.sys
[2011.03.11 07:52:25 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=8A7583A3B58D3EEB28BB26626526BC91 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_3a779df43942be63\nvstor.sys
[2010.11.20 14:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.20 14:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvstor.sys
[2009.07.14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys
 
< MD5 for: NVSTOR32.SYS  >
[2009.06.30 17:32:54 | 000,212,000 | ---- | M] (NVIDIA Corporation) MD5=032EF66DD96692AD3A9D36160F467F67 -- C:\Medion\Chipset\Win7Vista32_new_15.46\Win7Vista32\International\IDE\Win7\sata_ide\nvstor32.sys
[2009.06.30 17:32:54 | 000,212,000 | ---- | M] (NVIDIA Corporation) MD5=032EF66DD96692AD3A9D36160F467F67 -- C:\Medion\Chipset\Win7Vista32_new_15.46\Win7Vista32\International\IDE\WinVista\sata_ide\nvstor32.sys
[2009.06.30 17:32:54 | 000,212,000 | ---- | M] (NVIDIA Corporation) MD5=032EF66DD96692AD3A9D36160F467F67 -- C:\Windows\System32\drivers\nvstor32.sys
[2009.06.30 17:32:54 | 000,212,000 | ---- | M] (NVIDIA Corporation) MD5=032EF66DD96692AD3A9D36160F467F67 -- C:\Windows\System32\DriverStore\FileRepository\nvstor32.inf_x86_neutral_68640c3c72cad0af\nvstor32.sys
[2009.06.30 17:33:08 | 000,212,000 | ---- | M] (NVIDIA Corporation) MD5=3A1A03FF72DF7114B35AE0FD6781464D -- C:\Medion\Chipset\Win7Vista32_new_15.46\Win7Vista32\International\IDE\Win7\sataraid\nvstor32.sys
[2009.06.30 17:33:08 | 000,212,000 | ---- | M] (NVIDIA Corporation) MD5=3A1A03FF72DF7114B35AE0FD6781464D -- C:\Medion\Chipset\Win7Vista32_new_15.46\Win7Vista32\International\IDE\WinVista\sataraid\nvstor32.sys
 
< MD5 for: SCECLI.DLL  >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll
 
< MD5 for: USER32.DLL  >
[2009.07.14 03:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=34B7E222E81FAFA885F0C5F2CFA56861 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_cd0ec264ceb014a3\user32.dll
[2010.11.20 14:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\System32\user32.dll
[2010.11.20 14:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_cf3fd62ccb9e983d\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
 
< MD5 for: WININIT.EXE  >
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\System32\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe
 
< MD5 for: WINLOGON.EXE  >
[2009.10.28 08:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009.10.28 07:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2012.09.07 17:04:42 | 000,218,696 | ---- | M] () MD5=4E0D8C9F83B7FD82393F7D8CCC27E7AE -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2010.11.20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010.11.20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009.07.14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2009.07.14 01:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2009.07.14 01:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_4f5cf6f829213bb2\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
[2011.05.01 16:21:48 | 000,353,792 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\dxtmsft.dll
[2011.05.01 16:21:48 | 000,223,232 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\dxtrans.dll
[2009.07.14 03:15:21 | 000,462,848 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\FirewallAPI.dll
 
<          >
[2009.07.14 06:53:46 | 000,032,632 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009.07.14 06:53:47 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2010.09.12 21:18:04 | 000,001,100 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2010.09.12 21:18:05 | 000,001,104 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2010.09.24 14:31:09 | 000,000,322 | ---- | C] () -- C:\Windows\Tasks\GlaryInitialize.job
[2012.03.07 14:21:41 | 000,000,922 | ---- | C] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2688999502-884777346-3256751407-1001Core.job
[2012.03.07 14:21:43 | 000,000,944 | ---- | C] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2688999502-884777346-3256751407-1001UA.job
[2012.03.30 04:45:50 | 000,000,884 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2012.09.28 22:24:17 | 000,000,406 | ---- | C] () -- C:\Windows\Tasks\Wise Care 365.job

< End of report >

cosinus 14.10.2012 20:36
Code:
(WiseCleaner.com) -- C:\Programme\Wise\Wise Care 365\WiseTray.exe
Sry aber das Teil fällt mir jetzt erst auf und gefällt mir garnicht! :pfui:

Finger weg von Registry-Cleanern!!

Die Registry ist das Hirn des Systems. Funktioniert das Hirn nicht, funktioniert der Rest nicht mehr wirklich.
Wir lesen oft genug von Hilfesuchenden, dass deren System nach der Nutzung von Registry Cleanern nicht mehr startet.
  • Wie soll der Cleaner zu 100% wissen ob der Eintrag benötigt wird oder nicht ?
  • Es ist vollkommen egal ob ein paar verwaiste Registry Einträge am System sind oder nicht.
  • Auch die dauernd angepriesene Beschleunigung des Systems ist nur bedingt wahr. Du würdest es nicht merken.

Ein sogenanntes False Positive von einem Cleaner kann auch dein System unbootbar machen.
Zerstörst Du die Registry, zerstörst Du Windows.

Bitte deinstallieren! Mach danach ein neues Log mit dem afwCleaner, Verison 2.005 ist draußen

adwCleaner - Toolbars und ungewollte Start-/Suchseiten aufspüren

Downloade Dir bitte AdwCleaner auf deinen Desktop.

Falls der adwCleaner schon mal in der runtergeladen wurde, bitte die alte adwcleaner.exe löschen und neu runterladen!!
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Suche.
  • Nach Ende des Suchlaufs öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[Rx].txt. (x=fortlaufende Nummer)

zr7driver 15.10.2012 03:27
Code:
# AdwCleaner v2.005 - Datei am 15/10/2012 um 04:25:29 erstellt
# Aktualisiert am 14/10/2012 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (32 bits)
# Benutzer : zr7driver - ZR7DRIVER-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\zr7driver\Desktop\adwcleaner.exe
# Option [Suche]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Datei Gefunden : C:\Users\zr7driver\AppData\Roaming\Mozilla\Firefox\Profiles\9wn4tm8l.default\searchplugins\icqplugin.xml
Datei Gefunden : C:\Users\zr7driver\AppData\Roaming\Mozilla\Firefox\Profiles\9wn4tm8l.default\searchplugins\icqplugin-1.xml
Datei Gefunden : C:\Users\zr7driver\AppData\Roaming\Mozilla\Firefox\Profiles\9wn4tm8l.default\searchplugins\icqplugin-2.xml
Datei Gefunden : C:\Users\zr7driver\AppData\Roaming\Mozilla\Firefox\Profiles\9wn4tm8l.default\searchplugins\icqplugin-3.xml
Datei Gefunden : C:\Users\zr7driver\AppData\Roaming\Mozilla\Firefox\Profiles\fdux24z8.Ralf\searchplugins\icqplugin.xml
Datei Gefunden : C:\Users\zr7driver\AppData\Roaming\Mozilla\Firefox\Profiles\fdux24z8.Ralf\searchplugins\icqplugin-1.xml
Datei Gefunden : C:\Users\zr7driver\AppData\Roaming\Mozilla\Firefox\Profiles\fdux24z8.Ralf\searchplugins\icqplugin-2.xml
Datei Gefunden : C:\Users\zr7driver\AppData\Roaming\Mozilla\Firefox\Profiles\fdux24z8.Ralf\searchplugins\icqplugin-3.xml
Ordner Gefunden : C:\ProgramData\ICQ\ICQToolbar
Ordner Gefunden : C:\Users\zr7driver\AppData\Roaming\Mozilla\Firefox\Profiles\9wn4tm8l.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
Ordner Gefunden : C:\Users\zr7driver\AppData\Roaming\Mozilla\Firefox\Profiles\fdux24z8.Ralf\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}

***** [Registrierungsdatenbank] *****

Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook.1
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Scheduled Update for Ask Toolbar
Schlüssel Gefunden : HKU\S-1-5-21-2688999502-884777346-3256751407-1001\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16421

[HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd

-\\ Mozilla Firefox v16.0.1 (de)

Profilname : default
Datei : C:\Users\zr7driver\AppData\Roaming\Mozilla\Firefox\Profiles\9wn4tm8l.default\prefs.js

Gefunden : user_pref("browser.search.defaulturl", "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_v[...]
Gefunden : user_pref("browser.startup.homepage", "hxxp://start.icq.com/");

Profilname : Ralf [Profil par défaut]
Datei : C:\Users\zr7driver\AppData\Roaming\Mozilla\Firefox\Profiles\fdux24z8.Ralf\prefs.js

Gefunden : user_pref("browser.search.defaulturl", "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_v[...]

-\\ Google Chrome v [Version kann nicht ermittelt werden]

Datei : C:\Users\zr7driver\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

*************************

AdwCleaner[R1].txt - [121599 octets] - [07/10/2012 10:05:51]
AdwCleaner[S1].txt - [121024 octets] - [07/10/2012 10:09:34]
AdwCleaner[R2].txt - [1484 octets] - [07/10/2012 10:23:22]
AdwCleaner[S2].txt - [1417 octets] - [07/10/2012 10:23:48]
AdwCleaner[R3].txt - [8798 octets] - [09/10/2012 18:43:38]
AdwCleaner[S3].txt - [8731 octets] - [09/10/2012 18:44:35]
AdwCleaner[R4].txt - [1724 octets] - [09/10/2012 19:21:59]
AdwCleaner[R5].txt - [2422 octets] - [09/10/2012 20:32:39]
AdwCleaner[R6].txt - [2482 octets] - [09/10/2012 21:43:21]
AdwCleaner[S4].txt - [2254 octets] - [09/10/2012 21:43:39]
AdwCleaner[R7].txt - [1964 octets] - [09/10/2012 21:55:47]
AdwCleaner[R8].txt - [2024 octets] - [10/10/2012 19:51:25]
AdwCleaner[R9].txt - [2084 octets] - [12/10/2012 00:32:54]
AdwCleaner[R10].txt - [4431 octets] - [15/10/2012 04:25:29]

########## EOF - C:\AdwCleaner[R10].txt - [4492 octets] ##########

cosinus 15.10.2012 13:54
Hast du diesen Regcleaner deinstalliert?! Lass die Flossen von solchen Programmen, Regcleaner ist regelrechte Problemverursachungssoftware! :pfui:

adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen
  • Schließe alle offenen Programme und Browser.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Löschen.
  • Bestätige jeweils mit Ok.
  • Dein Rechner wird neu gestartet. Nach dem Neustart öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[Sx].txt. (x=fortlaufende Nummer)

zr7driver 15.10.2012 19:13
Code:
# AdwCleaner v2.005 - Datei am 15/10/2012 um 20:03:44 erstellt
# Aktualisiert am 14/10/2012 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (32 bits)
# Benutzer : zr7driver - ZR7DRIVER-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\zr7driver\Desktop\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Datei Gelöscht : C:\Users\zr7driver\AppData\Roaming\Mozilla\Firefox\Profiles\9wn4tm8l.default\searchplugins\icqplugin.xml
Datei Gelöscht : C:\Users\zr7driver\AppData\Roaming\Mozilla\Firefox\Profiles\9wn4tm8l.default\searchplugins\icqplugin-1.xml
Datei Gelöscht : C:\Users\zr7driver\AppData\Roaming\Mozilla\Firefox\Profiles\9wn4tm8l.default\searchplugins\icqplugin-2.xml
Datei Gelöscht : C:\Users\zr7driver\AppData\Roaming\Mozilla\Firefox\Profiles\9wn4tm8l.default\searchplugins\icqplugin-3.xml
Datei Gelöscht : C:\Users\zr7driver\AppData\Roaming\Mozilla\Firefox\Profiles\fdux24z8.Ralf\searchplugins\icqplugin.xml
Datei Gelöscht : C:\Users\zr7driver\AppData\Roaming\Mozilla\Firefox\Profiles\fdux24z8.Ralf\searchplugins\icqplugin-1.xml
Datei Gelöscht : C:\Users\zr7driver\AppData\Roaming\Mozilla\Firefox\Profiles\fdux24z8.Ralf\searchplugins\icqplugin-2.xml
Datei Gelöscht : C:\Users\zr7driver\AppData\Roaming\Mozilla\Firefox\Profiles\fdux24z8.Ralf\searchplugins\icqplugin-3.xml
Ordner Gelöscht : C:\ProgramData\ICQ\ICQToolbar
Ordner Gelöscht : C:\Users\zr7driver\AppData\Roaming\Mozilla\Firefox\Profiles\9wn4tm8l.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
Ordner Gelöscht : C:\Users\zr7driver\AppData\Roaming\Mozilla\Firefox\Profiles\fdux24z8.Ralf\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}

***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16421

Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd --> hxxp://www.google.com

-\\ Mozilla Firefox v16.0.1 (de)

Profilname : default
Datei : C:\Users\zr7driver\AppData\Roaming\Mozilla\Firefox\Profiles\9wn4tm8l.default\prefs.js

Gelöscht : user_pref("browser.search.defaulturl", "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_v[...]
Gelöscht : user_pref("browser.startup.homepage", "hxxp://start.icq.com/");

Profilname : Ralf [Profil par défaut]
Datei : C:\Users\zr7driver\AppData\Roaming\Mozilla\Firefox\Profiles\fdux24z8.Ralf\prefs.js

Gelöscht : user_pref("browser.search.defaulturl", "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_v[...]

-\\ Google Chrome v [Version kann nicht ermittelt werden]

Datei : C:\Users\zr7driver\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

*************************

AdwCleaner[R1].txt - [121599 octets] - [07/10/2012 10:05:51]
AdwCleaner[S1].txt - [121024 octets] - [07/10/2012 10:09:34]
AdwCleaner[R2].txt - [1484 octets] - [07/10/2012 10:23:22]
AdwCleaner[S2].txt - [1417 octets] - [07/10/2012 10:23:48]
AdwCleaner[R3].txt - [8798 octets] - [09/10/2012 18:43:38]
AdwCleaner[S3].txt - [8731 octets] - [09/10/2012 18:44:35]
AdwCleaner[R4].txt - [1724 octets] - [09/10/2012 19:21:59]
AdwCleaner[R5].txt - [2422 octets] - [09/10/2012 20:32:39]
AdwCleaner[R6].txt - [2482 octets] - [09/10/2012 21:43:21]
AdwCleaner[S4].txt - [2254 octets] - [09/10/2012 21:43:39]
AdwCleaner[R7].txt - [1964 octets] - [09/10/2012 21:55:47]
AdwCleaner[R8].txt - [2024 octets] - [10/10/2012 19:51:25]
AdwCleaner[R9].txt - [2084 octets] - [12/10/2012 00:32:54]
AdwCleaner[R10].txt - [4562 octets] - [15/10/2012 04:25:29]
AdwCleaner[S6].txt - [4240 octets] - [15/10/2012 20:03:44]

########## EOF - C:\AdwCleaner[S6].txt - [4300 octets] ##########

cosinus 15.10.2012 20:54
Mach bitte einen CustomScan mit OTL . Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
hier steht das Log

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop. Falls schon vorhanden, bitte die ältere vorhandene Datei durch die neu heruntergeladene Datei ersetzen, damit du auch wirklich mit einer aktuellen Version von OTL arbeitest.
Code:
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT

zr7driver 16.10.2012 07:34
Code:
OTL logfile created on: 16.10.2012 04:24:35 - Run 4
OTL by OldTimer - Version 3.2.69.0    Folder = C:\Users\zr7driver\Desktop
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,25 Gb Total Physical Memory | 2,15 Gb Available Physical Memory | 66,29% Memory free
6,50 Gb Paging File | 4,99 Gb Available in Paging File | 76,87% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 910,41 Gb Total Space | 586,46 Gb Free Space | 64,42% Space Free | Partition Type: NTFS
Drive D: | 20,00 Gb Total Space | 10,36 Gb Free Space | 51,80% Space Free | Partition Type: NTFS
 
Computer Name: ZR7DRIVER-PC | User Name: zr7driver | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.10.16 04:06:35 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\zr7driver\Desktop\OTL.exe
PRC - [2012.09.18 01:07:45 | 000,212,432 | ---- | M] (Google Inc.) -- C:\Programme\Google\Update\1.3.21.123\GoogleCrashHandler.exe
PRC - [2012.08.31 02:52:22 | 000,021,432 | ---- | M] () -- C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
PRC - [2012.08.31 02:52:12 | 000,964,024 | ---- | M] (Samsung) -- C:\Programme\Samsung\Kies\Kies.exe
PRC - [2012.08.21 11:12:26 | 004,282,728 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastUI.exe
PRC - [2012.08.21 11:12:25 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe
PRC - [2012.08.13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.07.25 04:08:10 | 026,909,544 | ---- | M] (Dropbox, Inc.) -- C:\Users\zr7driver\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2012.07.17 22:31:18 | 000,776,088 | ---- | M] () -- C:\Programme\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
PRC - [2012.07.17 22:31:18 | 000,116,632 | ---- | M] () -- C:\Programme\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
PRC - [2012.07.02 16:02:28 | 004,473,728 | ---- | M] (IObit) -- C:\Programme\IObit\IObit Malware Fighter\IMF.exe
PRC - [2012.03.23 14:25:24 | 000,087,040 | ---- | M] () -- C:\Programme\HTC\Internet Pass-Through\PassThruSvr.exe
PRC - [2012.01.23 06:43:08 | 000,092,592 | ---- | M] (TomTom) -- C:\Programme\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2012.01.09 20:17:44 | 000,821,592 | ---- | M] (IObit) -- C:\Programme\IObit\IObit Malware Fighter\IMFsrv.exe
PRC - [2011.09.02 16:06:38 | 000,065,657 | ---- | M] (Motorola) -- C:\Programme\Motorola\MotForwardDaemon\ForwardDaemon.exe
PRC - [2011.05.24 11:33:30 | 001,840,128 | ---- | M] (MAGIX AG) -- C:\Programme\Common Files\MAGIX Services\Database\bin\FABS.exe
PRC - [2011.03.10 20:57:04 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft\BingBar\SeaPort.EXE
PRC - [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2011.02.24 19:07:06 | 000,470,120 | ---- | M] () -- C:\Programme\Acronis\DriveMonitor\adm_tray.exe
PRC - [2011.02.12 07:43:02 | 000,660,576 | ---- | M] (Acronis) -- C:\Programme\Common Files\Acronis\Schedule2\schedul2.exe
PRC - [2011.02.12 07:40:50 | 000,365,632 | ---- | M] (Acronis) -- C:\Programme\Common Files\Acronis\Schedule2\schedhlp.exe
PRC - [2011.01.07 22:06:12 | 000,803,432 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\Display\NvXDSync.exe
PRC - [2011.01.05 12:31:34 | 000,399,416 | ---- | M] (Secunia) -- C:\Programme\Secunia\PSI\sua.exe
PRC - [2011.01.05 12:31:32 | 000,988,216 | ---- | M] (Secunia) -- C:\Programme\Secunia\PSI\psia.exe
PRC - [2010.11.20 14:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2010.11.20 14:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010.11.20 14:17:41 | 001,174,016 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Sidebar\sidebar.exe
PRC - [2010.11.05 17:11:52 | 000,081,920 | R--- | M] (Nero AG) -- C:\Programme\Motorola Media Link\NServiceEntry.exe
PRC - [2010.04.05 21:55:01 | 000,116,104 | ---- | M] () -- C:\Programme\Canon\IJPLM\ijplmsvc.exe
PRC - [2010.04.02 11:18:54 | 001,185,112 | ---- | M] (CANON INC.) -- C:\Programme\Canon\Solution Menu EX\CNSEMAIN.EXE
PRC - [2010.03.25 03:50:00 | 002,516,296 | ---- | M] (CANON INC.) -- C:\Programme\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2009.12.24 12:17:20 | 000,100,152 | ---- | M] (MICRO-STAR INT'L,.LTD.) -- C:\Programme\msi\OSD hot keys\WMI_Hook_Service.exe
PRC - [2009.08.18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
PRC - [2009.08.18 11:29:22 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
PRC - [2009.07.28 16:07:42 | 000,073,528 | ---- | M] (AVM Berlin) -- C:\Programme\FRITZ!DSL\IGDCTRL.EXE
PRC - [2009.07.27 11:38:46 | 000,987,960 | ---- | M] (AVM Berlin) -- C:\Programme\FRITZ!DSL\FritzDsl.exe
PRC - [2009.07.23 14:13:10 | 000,066,824 | ---- | M] (Raxco Software, Inc.) -- C:\Programme\Raxco\PerfectDisk10\PDAgentS1.exe
PRC - [2009.07.23 14:13:08 | 000,931,080 | ---- | M] (Raxco Software, Inc.) -- C:\Programme\Raxco\PerfectDisk10\PDAgent.exe
PRC - [2009.07.20 11:01:00 | 000,760,120 | ---- | M] (AVM Berlin) -- C:\Programme\FRITZ!DSL\StCenter.exe
PRC - [2009.07.14 03:14:21 | 000,294,400 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\ink\InputPersonalization.exe
PRC - [2009.06.03 21:59:02 | 000,103,720 | ---- | M] (CyberLink) -- C:\Programme\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2009.04.09 12:45:26 | 001,061,688 | ---- | M] (AVM Berlin) -- C:\Programme\FRITZ!DSL\FwebProt.exe
PRC - [2009.01.26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Programme\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2008.11.09 22:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Programme\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008.10.24 16:35:44 | 000,128,296 | ---- | M] () -- C:\Programme\AAVUpdateManager\aavus.exe
PRC - [2008.06.13 14:24:02 | 000,081,920 | ---- | M] (Firebird Project) -- C:\Programme\Firebird\Firebird_2_1\bin\fbguard.exe
PRC - [2008.06.13 14:22:50 | 002,723,840 | ---- | M] (Firebird Project) -- C:\Programme\Firebird\Firebird_2_1\bin\fbserver.exe
PRC - [2007.12.27 15:39:30 | 000,166,520 | ---- | M] () -- C:\Programme\IVT Corporation\BlueSoleil\BTNtService.exe
PRC - [2007.12.27 15:39:20 | 000,051,816 | ---- | M] () -- C:\Programme\IVT Corporation\BlueSoleil\StartSkysolSvc.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.10.14 09:11:59 | 000,115,137 | ---- | M] () -- C:\Users\zr7driver\AppData\Local\Temp\fbe2808e-2380-4f14-a1fa-3fa9c3a364e8\CliSecureRT.dll
MOD - [2012.09.15 18:54:57 | 015,399,936 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Theme\002b4b1af5f8145bf6b6afe21d4f1db2\Kies.Theme.ni.dll
MOD - [2012.09.15 18:54:56 | 000,608,256 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DevicePodcast\de1a504d1535e5005fbae8f6a4d97ce5\DevicePodcast.ni.dll
MOD - [2012.09.15 18:54:54 | 000,290,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceVideo\ee12ab3bf308cbe22f373afbddf0be6b\DeviceVideo.ni.dll
MOD - [2012.09.15 18:54:52 | 000,367,104 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DevicePhoto\e5e58a020638d28d3740195f1d0738da\DevicePhoto.ni.dll
MOD - [2012.09.15 18:54:51 | 000,299,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceMusic\0377dd6ed6a5e92a0b8d6eb7d0b64f79\DeviceMusic.ni.dll
MOD - [2012.09.15 18:54:50 | 000,461,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\VideoManager\23e80240003377b6412081a4523943fe\VideoManager.ni.dll
MOD - [2012.09.15 18:54:48 | 002,778,112 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PodcastService\23fd65cd04b03d19931758d7472e38a4\PodcastService.ni.dll
MOD - [2012.09.15 18:54:45 | 001,143,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Podcaster\65018f5e3da23293d642168f7b132d40\Podcaster.ni.dll
MOD - [2012.09.15 18:54:42 | 000,607,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PhotoManager\e96a4bd6a51ec7762f15f9bc64c6c33a\PhotoManager.ni.dll
MOD - [2012.09.15 18:54:16 | 000,033,792 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\deb1e04d94f18bc88afabf744c5d87aa\Kies.Common.DeviceServiceLib.FirmwareUpdate.FirmwareUpdateAgentHelper.ni.dll
MOD - [2012.09.15 18:54:14 | 005,677,568 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceHost\64d3040868aba797c48f608f5361e5bc\DeviceHost.ni.dll
MOD - [2012.09.15 18:53:59 | 001,843,712 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Phonebook\1bedf64dbdd091ac8dceee7cbfd84a88\Phonebook.ni.dll
MOD - [2012.09.15 18:53:50 | 001,008,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CPKTMusicPlugin\f73c846c21b32d8e446f08fe7bf0b75a\CPKTMusicPlugin.ni.dll
MOD - [2012.09.15 18:53:47 | 000,964,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\MusicManager\dc5b622e73080b69c1c63606f283b795\MusicManager.ni.dll
MOD - [2012.09.15 18:53:41 | 000,320,512 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\EBookManager\e5c8f9e08db50fb625c029361147f47e\EBookManager.ni.dll
MOD - [2012.09.15 18:53:39 | 000,391,168 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\BATPlugin\ed8a6670f7dbe1ae78aa091a0935fb87\BATPlugin.ni.dll
MOD - [2012.09.15 18:53:38 | 000,031,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\AllShareController\c209d4b3c25507564757710f6d4a4570\AllShareController.ni.dll
MOD - [2012.09.15 18:53:37 | 000,507,392 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.MediaDB\25823a7264f74e67158031f485c0bb23\Kies.Common.MediaDB.ni.dll
MOD - [2012.09.15 18:53:37 | 000,029,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.StoreMa#\d9eca4746981ac218c1dbe0c131ce108\Kies.Common.StoreManager.ni.dll
MOD - [2012.09.15 18:53:35 | 000,232,960 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\ASF_cSharpAPI\81bb58061bcd2a4c3bf4136abe041d20\ASF_cSharpAPI.ni.dll
MOD - [2012.09.15 18:53:35 | 000,064,000 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.AllShare\065aa3ca107d7b3d679a5f408e535239\Kies.Common.AllShare.ni.dll
MOD - [2012.09.15 18:53:34 | 000,278,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\1f13cee7982e84f07cff152618950b20\Kies.Common.DeviceServiceLib.FirmwareUpdate.Common.ni.dll
MOD - [2012.09.15 18:53:32 | 000,189,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\57b7389241c36caa1d2132d68eddedda\Kies.Common.DeviceServiceLib.FirmwareUpdate.Downloader.ni.dll
MOD - [2012.09.15 18:53:32 | 000,174,592 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.DevFileServ#\170b754ba9dcd78ee0b06a32af4a7c1f\Interop.DevFileServiceLib.ni.dll
MOD - [2012.09.15 18:53:31 | 000,565,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\4b033da616a5e8e2b9ebe95342e9cf0d\Kies.Common.DeviceServiceLib.FileService.ni.dll
MOD - [2012.09.15 18:53:29 | 000,566,784 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\bf6e9c84dd994fef46819ed3bd9fa934\Kies.Common.DeviceServiceLib.DeviceDataService.ni.dll
MOD - [2012.09.15 18:53:26 | 000,184,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\e1837e9c63789850168d0bb76826128d\Kies.Common.DeviceServiceLib.Interface.ni.dll
MOD - [2012.09.15 18:53:25 | 000,902,656 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\4f549b26003474662ef7e2f3be9e3dd3\Kies.Common.DeviceServiceLib.DeviceManagement.ni.dll
MOD - [2012.09.15 18:53:23 | 001,025,536 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\60c16bc46e86b9a852e71968dc63d9c7\Kies.Common.DeviceService.ni.dll
MOD - [2012.09.15 18:53:20 | 000,052,224 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.MP3FileInfo#\c99811c6a988ca6c2104a5b45acbddbb\Interop.MP3FileInfoCOMLib.ni.dll
MOD - [2012.09.15 18:53:20 | 000,030,720 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.PRPLAYERCOR#\25dc31b1903a3689788caf51d3d93f97\Interop.PRPLAYERCORELib.ni.dll
MOD - [2012.09.15 18:53:19 | 002,188,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.Multime#\923e655c1069f7faa553275eb2e6763c\Kies.Common.Multimedia.ni.dll
MOD - [2012.09.15 18:53:15 | 000,183,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.MainUI\4603ed01ff960f6d861f798e826c9442\Kies.Common.MainUI.ni.dll
MOD - [2012.09.15 18:53:13 | 000,067,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DBManag#\dcc3307fb870292826318142cf4fa8aa\Kies.Common.DBManager.ni.dll
MOD - [2012.09.15 18:53:12 | 000,201,728 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.Util\b0cec9954e5583399b377b65a469a74c\Kies.Common.Util.ni.dll
MOD - [2012.09.15 18:53:11 | 001,437,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Locale\c4f56538bb1d5921690a486bf052e30b\Kies.Locale.ni.dll
MOD - [2012.09.15 18:53:10 | 000,078,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.MVVM\afa8de1e7aabde98f9a5fec1abdb9a05\Kies.MVVM.ni.dll
MOD - [2012.09.15 18:53:09 | 001,728,512 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.UI\7a0eb5bc5decef8dc1ef9dd3bca3b4d4\Kies.UI.ni.dll
MOD - [2012.09.15 18:53:06 | 000,119,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\GongSolutions.Wpf.D#\3f6f79987f17c00edce423932abd1cf2\GongSolutions.Wpf.DragDrop.ni.dll
MOD - [2012.09.15 18:53:04 | 001,185,280 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Interface\0a26df964bb433ab607743b20c7704f7\Kies.Interface.ni.dll
MOD - [2012.09.15 18:53:02 | 001,674,240 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies\41f4faf4ff2ba56c26252d6069ceff76\Kies.ni.exe
MOD - [2012.08.31 02:52:22 | 000,021,432 | ---- | M] () -- C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
MOD - [2012.07.17 22:31:18 | 000,776,088 | ---- | M] () -- C:\Programme\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
MOD - [2012.06.13 09:05:50 | 000,221,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\26e0457a9776a0e9f23e3986686d90a5\System.ServiceProcess.ni.dll
MOD - [2012.06.13 05:36:30 | 013,198,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\00a4922fbf869a79c043b665035516b6\System.Windows.Forms.ni.dll
MOD - [2012.06.13 05:26:03 | 018,019,840 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\d239f585ee55f833dbe21e897e1265ac\PresentationFramework.ni.dll
MOD - [2012.06.13 05:25:46 | 011,522,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\b7de318e9fd1ef519ca6c1f3b5dba8e0\PresentationCore.ni.dll
MOD - [2012.06.13 05:25:32 | 003,881,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\a6e37a05b8d0cedbc5c3ea266ae3fc31\WindowsBase.ni.dll
MOD - [2012.06.13 05:25:27 | 001,666,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\4230ed1c7990e4ee8352baf67a2a85fa\System.Drawing.ni.dll
MOD - [2012.06.03 09:36:31 | 000,032,256 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.OGGFileInfo#\cbeefee33636e0d0be226cf11e180ba3\Interop.OGGFileInfoCOMLib.ni.dll
MOD - [2012.06.03 09:36:30 | 000,171,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.P3MPINTERFA#\b0b31095249cec5ef5c0407fa6b7fc22\Interop.P3MPINTERFACECTRLLib.ni.dll
MOD - [2012.06.03 09:36:22 | 000,395,776 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CabLib\6265ffca46eab52d5f798847b5ea908c\CabLib.ni.dll
MOD - [2012.06.03 09:36:21 | 000,530,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\ICSharpCode.SharpZi#\2d7161baa59dd2c1c39f4a192d760e7d\ICSharpCode.SharpZipLib.ni.dll
MOD - [2012.06.03 09:36:20 | 000,052,224 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.DeviceSearc#\9a6bad5be6518d4a975893676a49a82c\Interop.DeviceSearchLib.ni.dll
MOD - [2012.05.09 10:26:42 | 001,218,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\d0e1cdaff8f9055187f8e7b52c060dff\System.Management.ni.dll
MOD - [2012.05.09 10:21:00 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\63bc6e391de5014965039e100ce1e9d5\System.Runtime.Remoting.ni.dll
MOD - [2012.05.09 10:20:41 | 001,782,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\b68bee05c7e518172982cc92059c3315\System.Xaml.ni.dll
MOD - [2012.05.09 10:12:43 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\608d29d7cc89f3a9a195c91354561915\PresentationFramework.Aero.ni.dll
MOD - [2012.05.09 10:08:26 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\a84262e1224189f93e10cd3c403a9527\System.Configuration.ni.dll
MOD - [2012.05.09 10:08:13 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\9abe44a0f82070ead5f1256683a4d25a\System.Xml.ni.dll
MOD - [2012.05.09 10:07:42 | 007,069,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\09bd2126bba2ab4f29ed52afde1470d7\System.Core.ni.dll
MOD - [2012.05.09 10:07:30 | 009,092,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\a6be120e49f895ef6b00e9918402395b\System.ni.dll
MOD - [2012.05.09 10:07:19 | 014,414,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\c1af4ec9a36f671617a8ecaec00373f4\mscorlib.ni.dll
MOD - [2012.02.17 20:55:35 | 000,166,912 | ---- | M] () -- C:\Programme\WinRAR\RarExt.dll
MOD - [2011.02.24 19:07:06 | 000,470,120 | ---- | M] () -- C:\Programme\Acronis\DriveMonitor\adm_tray.exe
MOD - [2011.02.24 18:39:44 | 000,012,128 | ---- | M] () -- C:\Programme\Common Files\Acronis\DriveMonitor\Common\icudt38.dll
MOD - [2009.06.03 21:59:14 | 000,013,096 | ---- | M] () -- C:\Programme\CyberLink\Power2Go\CLMLSvcPS.dll
MOD - [2009.06.03 21:59:02 | 000,619,816 | ---- | M] () -- C:\Programme\CyberLink\Power2Go\CLMediaLibrary.dll
MOD - [2009.02.04 12:08:06 | 000,207,872 | ---- | M] () -- C:\Programme\FRITZ!DSL\C90dll.dll
 
 
========== Services (SafeList) ==========
 
SRV - File not found [Auto | Running] -- C:\Program Files\Spybot -- (SBSDWSCService)
SRV - [2012.10.11 03:04:37 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.10.09 11:34:18 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.08.21 11:12:25 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Programme\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012.08.13 13:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.07.17 22:31:18 | 000,116,632 | ---- | M] () [Auto | Running] -- C:\Programme\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe -- (Motorola Device Manager)
SRV - [2012.07.03 13:19:28 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.03.23 14:25:24 | 000,087,040 | ---- | M] () [Auto | Running] -- C:\Programme\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service)
SRV - [2012.01.23 06:43:08 | 000,092,592 | ---- | M] (TomTom) [Auto | Running] -- C:\Programme\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2012.01.18 14:38:28 | 000,155,320 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Programme\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion)
SRV - [2012.01.09 20:17:44 | 000,821,592 | ---- | M] (IObit) [Auto | Running] -- C:\Programme\IObit\IObit Malware Fighter\IMFsrv.exe -- (IMFservice)
SRV - [2011.09.02 16:06:38 | 000,065,657 | ---- | M] (Motorola) [Auto | Running] -- C:\Programme\Motorola\MotForwardDaemon\ForwardDaemon.exe -- (PST Service)
SRV - [2011.05.26 14:34:34 | 000,191,752 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Programme\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011.05.24 11:33:30 | 001,840,128 | ---- | M] (MAGIX AG) [Auto | Running] -- C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs)
SRV - [2011.04.26 14:54:12 | 002,702,848 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Programme\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
SRV - [2011.03.21 13:21:24 | 000,632,832 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2011.03.10 20:57:04 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2011.02.12 07:43:02 | 000,660,576 | ---- | M] (Acronis) [Auto | Running] -- C:\Programme\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2011.01.05 12:31:34 | 000,399,416 | ---- | M] (Secunia) [Auto | Running] -- C:\Programme\Secunia\PSI\sua.exe -- (Secunia Update Agent)
SRV - [2011.01.05 12:31:32 | 000,988,216 | ---- | M] (Secunia) [Auto | Running] -- C:\Programme\Secunia\PSI\psia.exe -- (Secunia PSI Agent)
SRV - [2010.11.20 14:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2010.11.05 17:11:52 | 000,081,920 | R--- | M] (Nero AG) [Auto | Running] -- C:\Programme\Motorola Media Link\NServiceEntry.exe -- (DeviceMonitorService)
SRV - [2010.04.28 07:44:02 | 000,704,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
SRV - [2010.04.05 21:55:01 | 000,116,104 | ---- | M] () [Auto | Running] -- C:\Programme\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2009.12.24 12:17:20 | 000,100,152 | ---- | M] (MICRO-STAR INT'L,.LTD.) [Auto | Running] -- C:\Programme\msi\OSD hot keys\WMI_Hook_Service.exe -- (WMI_Hook_Service)
SRV - [2009.08.24 22:16:36 | 000,406,016 | ---- | M] (mst software GmbH, Germany) [On_Demand | Stopped] -- C:\Programme\Ashampoo\Ashampoo WinOptimizer 2012\DfSdkS.exe -- (DfSdkS)
SRV - [2009.08.18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2009.08.10 15:58:28 | 000,093,848 | ---- | M] (SiSoftware) [On_Demand | Stopped] -- C:\Programme\SiSoftware\SiSoftware Sandra Lite 2011b\RpcAgentSrv.exe -- (SandraAgentSrv)
SRV - [2009.07.28 16:07:42 | 000,073,528 | ---- | M] (AVM Berlin) [Auto | Running] -- C:\Programme\FRITZ!DSL\IGDCTRL.EXE -- (IGDCTRL)
SRV - [2009.07.23 14:13:12 | 001,033,480 | ---- | M] (Raxco Software, Inc.) [On_Demand | Stopped] -- C:\Programme\Raxco\PerfectDisk10\PDEngine.exe -- (PDEngine)
SRV - [2009.07.23 14:13:08 | 000,931,080 | ---- | M] (Raxco Software, Inc.) [Auto | Running] -- C:\Programme\Raxco\PerfectDisk10\PDAgent.exe -- (PDAgent)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008.11.09 22:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Programme\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2008.10.24 16:35:44 | 000,128,296 | ---- | M] () [Auto | Running] -- C:\Programme\AAVUpdateManager\aavus.exe -- (AAV UpdateService)
SRV - [2008.06.13 14:24:02 | 000,081,920 | ---- | M] (Firebird Project) [Auto | Running] -- C:\Programme\Firebird\Firebird_2_1\bin\fbguard.exe -- (FirebirdGuardianDefaultInstance)
SRV - [2008.06.13 14:22:50 | 002,723,840 | ---- | M] (Firebird Project) [On_Demand | Running] -- C:\Programme\Firebird\Firebird_2_1\bin\fbserver.exe -- (FirebirdServerDefaultInstance)
SRV - [2007.12.27 15:39:30 | 000,166,520 | ---- | M] () [Auto | Running] -- C:\Programme\IVT Corporation\BlueSoleil\BTNtService.exe -- (BlueSoleil Hid Service)
SRV - [2007.12.27 15:39:20 | 000,051,816 | ---- | M] () [Auto | Running] -- C:\Programme\IVT Corporation\BlueSoleil\StartSkysolSvc.exe -- (Start BT in service)
SRV - [2007.05.31 09:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007.05.31 09:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2003.07.28 12:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbmodem.sys -- (USBModem)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbdiag.sys -- (UsbDiag)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbbus.sys -- (usbbus)
DRV - File not found [Kernel | System | Stopped] -- C:\Windows\system32\drivers\SBREdrv.sys -- (SBRE)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\motodrv.sys -- (MotDev)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\motoandroid.sys -- (motandroidusb)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\ZR7DRI~1\AppData\Local\Temp\mfe_rr.sys -- (MFE_RR)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\C10F.tmp -- (MEMSWEEP2)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgbtbus.sys -- (lgbusenum)
DRV - File not found [File_System | Boot | Stopped] -- system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2012.08.28 19:41:29 | 000,025,200 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggsemc.sys -- (ggsemc)
DRV - [2012.08.28 19:41:29 | 000,012,400 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggflt.sys -- (ggflt)
DRV - [2012.08.21 11:13:15 | 000,729,752 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012.08.21 11:13:15 | 000,355,632 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012.08.21 11:13:15 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012.08.21 11:13:14 | 000,058,680 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2012.08.21 11:13:14 | 000,044,784 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2012.08.21 11:13:13 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012.07.31 12:42:48 | 000,181,344 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudserd.sys -- (ssudserd)
DRV - [2012.07.31 12:42:48 | 000,181,344 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudmdm.sys -- (ssudmdm)
DRV - [2012.07.31 12:42:48 | 000,083,168 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudbus.sys -- (dg_ssudbus)
DRV - [2012.07.05 13:53:38 | 000,019,832 | ---- | M] (IObit.com) [Kernel | On_Demand | Running] -- C:\Programme\IObit\IObit Malware Fighter\Drivers\win7_x86\UrlFilter.sys -- (UrlFilter)
DRV - [2012.07.05 13:53:36 | 000,030,640 | ---- | M] (IObit.com) [Kernel | On_Demand | Running] -- C:\Programme\IObit\IObit Malware Fighter\Drivers\win7_x86\RegFilter.sys -- (RegFilter)
DRV - [2012.06.11 11:56:32 | 000,020,864 | ---- | M] (Motorola Mobility Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motccgp.sys -- (motccgp)
DRV - [2012.06.08 16:09:10 | 000,023,808 | ---- | M] (Motorola Mobility Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Motousbnet.sys -- (Motousbnet)
DRV - [2012.06.08 16:08:52 | 000,006,656 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motswch.sys -- (MotoSwitchService)
DRV - [2012.06.08 16:08:26 | 000,024,576 | ---- | M] (Motorola Mobility Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motmodem.sys -- (motmodem)
DRV - [2012.03.07 03:11:00 | 000,025,856 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandnetadb.sys -- (andnetadb)
DRV - [2012.03.02 16:02:00 | 000,025,088 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandmodem.sys -- (ANDModem)
DRV - [2012.03.02 16:02:00 | 000,020,736 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lganddiag.sys -- (AndDiag)
DRV - [2012.03.02 16:02:00 | 000,020,096 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandgps.sys -- (AndGps)
DRV - [2012.03.02 16:02:00 | 000,014,336 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandbus.sys -- (Andbus)
DRV - [2012.02.07 17:46:02 | 000,024,328 | ---- | M] (CPUID) [Kernel | On_Demand | Stopped] -- C:\Programme\CPUID\PC Wizard 2012\pcwiz_x32.sys -- (cpuz135)
DRV - [2012.01.25 14:57:46 | 000,008,448 | ---- | M] (Motorola Mobility Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motccgpfl.sys -- (motccgpfl)
DRV - [2012.01.05 18:07:20 | 000,020,336 | ---- | M] (IObit) [File_System | On_Demand | Running] -- C:\Programme\IObit\IObit Malware Fighter\Drivers\win7_x86\FileMonitor.sys -- (FileMonitor)
DRV - [2011.11.08 13:59:04 | 000,011,008 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motusbdevice.sys -- (motusbdevice)
DRV - [2011.01.08 05:27:00 | 010,467,656 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2010.12.13 05:59:14 | 000,036,360 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\blueletaudio.sys -- (BlueletAudio)
DRV - [2010.12.13 05:45:42 | 000,036,616 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btcusb.sys -- (Btcsrusb)
DRV - [2010.12.12 21:40:51 | 000,032,392 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VcommMgr.sys -- (VcommMgr)
DRV - [2010.12.12 21:34:13 | 000,014,856 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VComm.sys -- (VComm)
DRV - [2010.12.02 15:13:30 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2010.12.02 15:13:28 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2010.12.02 15:13:26 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2010.12.02 15:13:22 | 000,018,304 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2010.12.01 11:51:53 | 000,110,304 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\ACEDRV09.sys -- (ACEDRV09)
DRV - [2010.11.20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.11.20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WINUSB)
DRV - [2010.09.01 10:30:58 | 000,015,544 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\psi_mf.sys -- (PSI)
DRV - [2010.06.23 10:24:56 | 000,023,040 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\htcnprot.sys -- (htcnprot)
DRV - [2010.04.01 10:13:38 | 001,009,184 | ---- | M] (Realtek Semiconductor Corporation                          ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rtl8192se.sys -- (rtl8192se)
DRV - [2010.03.12 18:22:18 | 000,081,920 | ---- | M] (Prolific Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ser2pl.sys -- (Ser2pl)
DRV - [2009.12.22 14:43:16 | 001,558,368 | ---- | M] (NXP Semiconductors Germany GmbH) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NxpCap.sys -- (NxpCap)
DRV - [2009.10.29 12:20:40 | 000,010,360 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hidkmdf.sys -- (hidkmdf)
DRV - [2009.10.29 12:20:38 | 000,022,392 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NW1950.sys -- (NW1950)
DRV - [2009.10.26 17:54:26 | 000,025,088 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ANDROIDUSB.sys -- (HTCAND32)
DRV - [2009.08.08 00:46:56 | 000,023,112 | ---- | M] (SiSoftware) [Kernel | On_Demand | Stopped] -- C:\Programme\SiSoftware\SiSoftware Sandra Lite 2011b\WNt500x86\sandra.sys -- (SANDRA)
DRV - [2009.06.30 17:32:54 | 000,212,000 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\nvstor32.sys -- (nvstor32)
DRV - [2009.06.29 00:36:36 | 000,017,920 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2009.06.08 10:00:56 | 000,071,696 | ---- | M] (Raxco Software, Inc.) [File_System | Auto | Running] -- C:\Windows\System32\drivers\DefragFs.sys -- (DefragFS)
DRV - [2009.06.05 01:47:48 | 000,024,608 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\nvamacpi.sys -- (nvamacpi)
DRV - [2009.01.29 18:11:20 | 000,006,016 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motfilt.sys -- (BTCFilterService)
DRV - [2008.08.26 10:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007.06.24 21:56:40 | 000,027,656 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\BlueletSCOAudio.sys -- (BlueletSCOAudio)
DRV - [2007.03.05 20:59:04 | 000,018,320 | ---- | M] (IVT Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\btnetdrv.sys -- (BT)
DRV - [2007.03.05 20:56:18 | 000,035,600 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\BtHidMgr.sys -- (BTHidMgr)
DRV - [2007.03.05 20:55:12 | 000,020,880 | ---- | M] (IVT Corporation.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\VBTEnum.sys -- (BTHidEnum)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\URLSearchHook:  - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope =
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
 
IE - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\..\SearchScopes\{095C1A85-7264-4B56-BB5A-783E8E888AB2}: "URL" = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=302398&p={searchTerms}
IE - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\..\SearchScopes\{0A5C582A-2E0F-45B4-A278-5CC42B563211}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=kw&q={searchTerms}&locale=&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^YY^DE&apn_uid=b270a8c8-c838-4580-968b-86c69f2550a3&apn_sauid=74ACD6B1-898A-4431-99F3-0D200D08CED2
IE - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\..\SearchScopes\{D73A46A4-5C66-4286-8399-9A51DF36E0A0}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=MEDTDF&pc=MAMD&src=IE-SearchBox
IE - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1166636.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi:  File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6: C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=4.0: C:\Program Files\Virtual Earth 3D\ [2011.06.18 18:41:42 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00: C:\Program Files\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.2.72: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.2.72: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.2.72: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.2.72: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.2.72: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: C:\Program Files\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.3: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1: C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll (Yahoo! Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\ [2011.05.22 21:16:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012.02.28 18:48:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Program Files\AVG\AVG2012\Firefox\DoNotTrack\ [2012.05.01 15:59:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012.08.27 14:18:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.10.12 15:18:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.10.12 15:18:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.10.12 15:18:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.10.12 15:18:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.10.12 15:18:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.10.12 15:18:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.10.12 15:18:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.10.12 15:18:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.10.12 15:18:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.10.12 15:18:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.10.12 15:18:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.10.12 15:18:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.10.12 15:18:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 16.0.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.06.21 05:20:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 16.0.1\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\ [2011.05.22 21:16:30 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.10.12 15:18:39 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.10.12 15:18:39 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.10.12 15:18:39 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.07 09:11:28 | 000,000,000 | ---D | M]
 
[2012.10.13 02:13:17 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.09.07 18:31:39 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.10.12 14:13:02 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\updated\extensions
[2012.10.12 14:13:02 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Programme\Mozilla Firefox\updated\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.10.12 14:13:21 | 000,000,000 | ---D | M] (Default) -- C:\Programme\Mozilla Firefox\updated\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2012.10.11 03:05:24 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010.12.09 12:47:06 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2007.03.10 01:16:44 | 000,189,496 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\mozilla firefox\plugins\npyaxmpb.dll
[2012.10.11 04:10:32 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.10.11 04:10:32 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.10.11 04:10:32 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.10.11 04:10:32 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.10.11 04:10:32 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.10.11 04:10:32 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = hxxp://www.google.com/search?q={searchTerms}&ie=utf-8&oe=utf-8&aq=t
CHR - default_search_provider: suggest_url = hxxp://suggestqueries.google.com/complete/search?q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.92\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.94\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\22.0.1229.94\pdf.dll
CHR - plugin: Skype Click to Call (Enabled) = C:\Users\zr7driver\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.2.0.10687_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Windows Genuine Advantage (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npLegitCheckPlugin.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit)  (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit)  (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: Yahoo! activeX Plug-in Bridge (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll
CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility (Enabled) = C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Java Deployment Toolkit 7.0.70.10 (Enabled) = C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll
CHR - plugin: Java(TM) Platform SE 7 U7 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: Media Go Detector (Enabled) = C:\Program Files\Sony\Media Go\npmediago.dll
CHR - plugin: PlayStation(R)Network Downloader Check Plug-in (Enabled) = C:\Program Files\Sony\PLAYSTATION Network Downloader\nppsndl.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: RealNetworks(tm) Chrome Background Extension Plug-In (32-bit)  (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw_1166636.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - Extension: Photo Zoom for Facebook = C:\Users\zr7driver\AppData\Local\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi\1.1208.30.1_0\
CHR - Extension: Clock f\u00FCr Google Chrome \u2122 = C:\Users\zr7driver\AppData\Local\Google\Chrome\User Data\Default\Extensions\emakkfldeggiinnfcdjkakdfcppbfhdg\2.0.1.3_0\
CHR - Extension: YoWindow Wetter = C:\Users\zr7driver\AppData\Local\Google\Chrome\User Data\Default\Extensions\fanogbnclpilemkifpjeglokomebpnef\1.33_0\
CHR - Extension: Full Screen Weather = C:\Users\zr7driver\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkkaebihfmbofclegkcfkkemepfehibg\1.3_0\
CHR - Extension: AdBlock = C:\Users\zr7driver\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.45_0\
CHR - Extension: avast! WebRep = C:\Users\zr7driver\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1466_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\zr7driver\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: Skype Click to Call = C:\Users\zr7driver\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.2.0.10687_0\
CHR - Extension: Regen-Alarm Erweiterung = C:\Users\zr7driver\AppData\Local\Google\Chrome\User Data\Default\Extensions\olnconaknblgbkfgknkfmmfhhbebkekd\1.2.7_0\
 
O1 HOSTS File: ([2012.05.04 08:56:10 | 000,442,850 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1        www.007guard.com
O1 - Hosts: 127.0.0.1        007guard.com
O1 - Hosts: 127.0.0.1        008i.com
O1 - Hosts: 127.0.0.1        www.008k.com
O1 - Hosts: 127.0.0.1        008k.com
O1 - Hosts: 127.0.0.1        www.00hq.com
O1 - Hosts: 127.0.0.1        00hq.com
O1 - Hosts: 127.0.0.1        010402.com
O1 - Hosts: 127.0.0.1        www.032439.com
O1 - Hosts: 127.0.0.1        032439.com
O1 - Hosts: 127.0.0.1        www.0scan.com
O1 - Hosts: 127.0.0.1        0scan.com
O1 - Hosts: 127.0.0.1        1000gratisproben.com
O1 - Hosts: 127.0.0.1        www.1000gratisproben.com
O1 - Hosts: 127.0.0.1        1001namen.com
O1 - Hosts: 127.0.0.1        www.1001namen.com
O1 - Hosts: 127.0.0.1        www.100888290cs.com
O1 - Hosts: 127.0.0.1        100888290cs.com
O1 - Hosts: 127.0.0.1        100sexlinks.com
O1 - Hosts: 127.0.0.1        www.100sexlinks.com
O1 - Hosts: 127.0.0.1        www.10sek.com
O1 - Hosts: 127.0.0.1        10sek.com
O1 - Hosts: 127.0.0.1        1-2005-search.com
O1 - Hosts: 127.0.0.1        www.1-2005-search.com
O1 - Hosts: 127.0.0.1        www.123fporn.info
O1 - Hosts: 15214 more lines...
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Programme\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Programme\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Windows Live ID-Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (WOT Helper) - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Programme\WOT\WOT.dll ()
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (WOT) - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Programme\WOT\WOT.dll ()
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Programme\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\..\Toolbar\WebBrowser: (WOT) - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Programme\WOT\WOT.dll ()
O3 - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Programme\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
O4 - HKLM..\Run: [adm_tray.exe] C:\Programme\Acronis\DriveMonitor\adm_tray.exe ()
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [IObit Malware Fighter] C:\Program Files\IObit\IObit Malware Fighter\IMF.exe (IObit)
O4 - HKLM..\Run: [LexwareInfoService] C:\Program Files\Common Files\Lexware\Update Manager\LxUpdateManager.exe (Haufe-Lexware GmbH & Co. KG)
O4 - HKLM..\Run: [mumservice] C:\Programme\Motorola\Software Update\mumservice.exe (Motorola)
O4 - HKU\.DEFAULT..\Run: [FRITZ!protect] FwebProt.exe File not found
O4 - HKU\S-1-5-18..\Run: [FRITZ!protect] FwebProt.exe File not found
O4 - HKU\S-1-5-21-2688999502-884777346-3256751407-1001..\Run: [KiesPDLR] C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O4 - HKU\S-1-5-21-2688999502-884777346-3256751407-1001..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe (Samsung)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk =  File not found
O4 - Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk =  File not found
O4 - Startup: C:\Users\zr7driver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\zr7driver\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\zr7driver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FRITZ!DSL Internet.lnk = C:\Programme\FRITZ!DSL\FritzDsl.exe (AVM Berlin)
O4 - Startup: C:\Users\zr7driver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FRITZ!DSL Protect.lnk = C:\Programme\FRITZ!DSL\FwebProt.exe (AVM Berlin)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoPropertiesMyComputer = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFileAssociate = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogoff = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispScrSavPage = 0
O7 - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 221
O7 - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found
O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - Reg Error: Key error. File not found
O9 - Extra Button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Programme\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Programme\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files\FRITZ!DSL\\sarah.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\FRITZ!DSL\sarah.dll (AVM Berlin)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\FRITZ!DSL\sarah.dll (AVM Berlin)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\FRITZ!DSL\sarah.dll (AVM Berlin)
O10 - Protocol_Catalog9\Catalog_Entries\000000000050 - C:\Program Files\FRITZ!DSL\sarah.dll (AVM Berlin)
O13 - gopher Prefix: missing
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {1E3F1348-4370-4BBE-A67A-CC7ED824CA85} hxxp://download.microsoft.com/download/7/4/9/749b0dc5-2175-4d5b-a6dd-9c4bc923683e/Selfhelpcontrol.cab (Microsoft Genuine Advantage Self Support Tool)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 10.7.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3752C415-0AD3-4D70-88DD-5C627777D71D}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{70461503-9E7A-42FB-9CFC-1852690458B5}: DhcpNameServer = 192.168.42.129
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8BBE4987-A903-408A-A660-FD8F19F10960}: DhcpNameServer = 192.168.42.129
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\wot {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Programme\WOT\WOT.dll ()
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{13769a4b-bcd5-11df-a9f6-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{13769a4b-bcd5-11df-a9f6-806e6f6e6963}\Shell\AutoRun\command - "" = E:\LxSetup.exe
O33 - MountPoints2\{30442c83-27ba-11e1-9df3-001583096ec8}\Shell - "" = AutoRun
O33 - MountPoints2\{30442c83-27ba-11e1-9df3-001583096ec8}\Shell\AutoRun\command - "" = G:\setup.exe -a
O33 - MountPoints2\{50e93006-11bf-11e0-b121-001583096ec8}\Shell - "" = AutoRun
O33 - MountPoints2\{d20cf144-c87b-11df-ad11-001583096ec8}\Shell - "" = AutoRun
O34 - HKLM BootExecute: (pdboot.exe)
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found

zr7driver 16.10.2012 07:36
Code:
MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^PHOTOfunSTUDIO 5.2 HD Edition.lnk - C:\Programme\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe - (Panasonic Corporation)
MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Secunia PSI Tray.lnk - C:\Programme\Secunia\PSI\psi_tray.exe - (Secunia)
MsConfig - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: AndroidSync - hkey= - key= - C:\Program Files\Android-Sync\AndroidSync.exe (hxxp://www.android-sync.com)
MsConfig - StartUpReg: B2C_AGENT - hkey= - key= - C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe (LG Electronics)
MsConfig - StartUpReg: Badoo Desktop - hkey= - key= - C:\ProgramData\Badoo\Badoo Desktop\1.2.22.828\Badoo.Desktop.exe (Badoo)
MsConfig - StartUpReg: Guard.Mail.ru.gui - hkey= - key= -  File not found
MsConfig - StartUpReg: HTC Sync Loader - hkey= - key= - C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe ()
MsConfig - StartUpReg: KiesAirMessage - hkey= - key= -  File not found
MsConfig - StartUpReg: KiesHelper - hkey= - key= -  File not found
MsConfig - StartUpReg: KiesPDLR - hkey= - key= - C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
MsConfig - StartUpReg: KiesTrayAgent - hkey= - key= - C:\Programme\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
MsConfig - StartUpReg: Messenger (Yahoo!) - hkey= - key= - C:\Programme\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
MsConfig - StartUpReg: Miranda Fusion - hkey= - key= - C:\Programme\MirandaFusion\fusiontools\mfstart.exe (Miranda Fusion Team)
MsConfig - StartUpReg: mumservice - hkey= - key= - C:\Programme\Motorola\Software Update\mumservice.exe (Motorola)
MsConfig - StartUpReg: NokiaMServer - hkey= - key= - C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia)
MsConfig - StartUpReg: NokiaOviSuite2 - hkey= - key= - C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe (Nokia)
MsConfig - StartUpReg: TkBellExe - hkey= - key= - c:\program files\real\realplayer\Update\realsched.exe (RealNetworks, Inc.)
MsConfig - StartUpReg: TomTomHOME.exe - hkey= - key= - C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
MsConfig - StartUpReg: WinampAgent - hkey= - key= - C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.)
MsConfig - State: "startup" - 2
 
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: IMFservice - C:\Programme\IObit\IObit Malware Fighter\IMFsrv.exe (IObit)
SafeBootMin: NTDS -  File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS -  File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
ActiveX: {0291E591-EA41-4c82-8106-3DC6CE7F7664} - Reg Error: Value error.
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {166B1BCA-3F9C-11CF-8075-444553540000} - Macromedia Shockwave Director 10.1
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 10.4
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Macromedia Shockwave Director 10.1
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} - Reg Error: Value error.
ActiveX: {347B0667-C7ED-429B-BDE3-CC8D3BACAA31} - Reg Error: Value error.
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Webordner
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - DOTNETFRAMEWORKS
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - Reg Error: Value error.
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.10.16 04:08:09 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\zr7driver\Desktop\OTL.exe
[2012.10.13 10:43:38 | 000,000,000 | ---D | C] -- C:\Users\zr7driver\AppData\Local\assembly
[2012.10.12 21:16:38 | 000,000,000 | ---D | C] -- C:\Users\zr7driver\Documents\Add-in Express
[2012.10.12 21:16:28 | 000,000,000 | ---D | C] -- C:\Users\zr7driver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmartTools
[2012.10.12 21:16:27 | 000,000,000 | ---D | C] -- C:\Program Files\SmartTools
[2012.10.11 23:02:36 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2012.10.11 23:02:36 | 000,000,000 | ---D | C] -- C:\Users\zr7driver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
[2012.10.08 09:41:26 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012.10.07 01:11:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.10.07 01:11:15 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.10.07 01:11:15 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.10.05 18:48:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2012.09.29 16:15:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steuer 2010
[2012.09.29 16:15:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexware
[2012.09.29 16:14:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Lexware
[2012.09.29 16:14:21 | 000,000,000 | ---D | C] -- C:\Program Files\Lexware
[2012.09.29 16:11:05 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Lexware
[2012.09.29 16:11:04 | 000,000,000 | ---D | C] -- C:\Users\zr7driver\AppData\Local\Lexware
[2012.09.21 10:58:54 | 000,000,000 | ---D | C] -- C:\Users\zr7driver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Urlaubsplaner 2013
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.10.16 04:12:01 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.10.16 04:06:35 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\zr7driver\Desktop\OTL.exe
[2012.10.16 03:57:26 | 000,009,888 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.10.16 03:57:26 | 000,009,888 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.10.16 03:55:59 | 000,707,706 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.10.16 03:55:59 | 000,661,302 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.10.16 03:55:59 | 000,153,192 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.10.16 03:55:59 | 000,125,388 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.10.16 03:49:06 | 000,001,100 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.10.16 03:49:05 | 000,000,322 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job
[2012.10.16 03:48:55 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.10.16 03:48:51 | 2616,643,584 | -HS- | M] () -- C:\hiberfil.sys
[2012.10.15 20:33:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.10.15 10:34:00 | 000,000,944 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2688999502-884777346-3256751407-1001UA.job
[2012.10.15 04:23:24 | 000,538,941 | ---- | M] () -- C:\Users\zr7driver\Desktop\adwcleaner.exe
[2012.10.14 01:56:45 | 000,000,922 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2688999502-884777346-3256751407-1001Core.job
[2012.10.12 15:18:45 | 000,001,115 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.10.11 23:02:37 | 000,001,244 | ---- | M] () -- C:\Users\zr7driver\Desktop\Revo Uninstaller.lnk
[2012.10.11 06:14:51 | 000,002,326 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012.10.07 01:11:17 | 000,001,089 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.09.29 16:25:19 | 000,002,739 | ---- | M] () -- C:\Users\Public\Desktop\Steuer 2010.lnk
[2012.09.27 21:12:55 | 000,010,495 | ---- | M] () -- C:\Users\zr7driver\WaltherR_elster_2048.pfx
[2012.09.21 10:58:54 | 000,001,094 | ---- | M] () -- C:\Users\zr7driver\Desktop\Urlaubsplaner 2013 (Version 2.13) - Deutschland.lnk
[2012.09.18 10:15:17 | 000,000,969 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.10.15 04:24:26 | 000,538,941 | ---- | C] () -- C:\Users\zr7driver\Desktop\adwcleaner.exe
[2012.10.11 23:02:37 | 000,001,244 | ---- | C] () -- C:\Users\zr7driver\Desktop\Revo Uninstaller.lnk
[2012.10.07 01:11:17 | 000,001,089 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.09.29 16:15:52 | 000,002,739 | ---- | C] () -- C:\Users\Public\Desktop\Steuer 2010.lnk
[2012.09.27 21:12:39 | 000,010,495 | ---- | C] () -- C:\Users\zr7driver\WaltherR_elster_2048.pfx
[2012.09.21 10:58:54 | 000,001,094 | ---- | C] () -- C:\Users\zr7driver\Desktop\Urlaubsplaner 2013 (Version 2.13) - Deutschland.lnk
[2012.07.29 10:59:44 | 000,000,017 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\resmon.resmoncfg
[2012.06.17 13:31:23 | 000,001,124 | ---- | C] () -- C:\Users\zr7driver\Unterammergau_2012.itn
[2012.06.17 13:29:59 | 000,023,945 | ---- | C] () -- C:\Users\zr7driver\Unterammergau_2012.kml
[2012.04.09 20:19:46 | 000,002,773 | ---- | C] () -- \ZR7DRIVER-PC.rtf
[2012.03.30 20:40:37 | 000,338,432 | ---- | C] () -- C:\Windows\System32\sqlite36_engine.dll
[2012.03.15 12:19:31 | 002,950,336 | ---- | C] () -- C:\Users\zr7driver\Kony2012_digital_kit.zip
[2012.02.01 05:41:45 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{4A4B9D26-AA08-4479-8413-EC94C1495FEA}
[2012.01.31 19:15:44 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2012.01.31 19:15:42 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2012.01.31 19:15:42 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2012.01.31 19:15:42 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2012.01.31 19:15:42 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
[2012.01.13 20:08:12 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{3ADCD066-1845-4420-813A-0152E185A562}
[2011.12.30 10:50:01 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{0766FBBE-1B10-4D18-B8FD-7921451DF9C6}
[2011.12.26 13:04:07 | 000,451,072 | ---- | C] () -- C:\Windows\System32\ISSRemoveSP.exe
[2011.12.25 23:49:46 | 000,110,080 | ---- | C] () -- C:\Windows\System32\advd.dll
[2011.12.25 23:49:46 | 000,023,040 | ---- | C] () -- C:\Windows\System32\auth.dll
[2011.12.25 23:49:44 | 000,559,104 | ---- | C] () -- C:\Windows\System32\lame.exe
[2011.12.25 23:49:44 | 000,237,568 | ---- | C] () -- C:\Windows\System32\lame_enc.dll
[2011.12.23 10:50:00 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{1C4F85BF-C25C-40D8-9072-C915C7610CF0}
[2011.12.23 10:02:20 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{DC88FA66-C4A7-4165-B3C1-62F961889D2F}
[2011.12.23 05:42:16 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{753738CE-CC9E-43C5-A535-266989FB1EB0}
[2011.12.22 21:15:10 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{56518DCC-6EA3-475B-8402-DCD2DBC03511}
[2011.12.22 10:50:00 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{CEC58609-76D2-4EA6-9531-7C3AA9E59D4E}
[2011.12.22 09:58:41 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{75C3B094-F8E5-49A6-B3F7-6EE5EC9B06A9}
[2011.12.13 10:50:01 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{36A7198A-B63C-4ED1-8E79-D6E1A01847BA}
[2011.12.13 10:04:48 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{43A6C6E7-5102-4D08-B831-D9FF396BBB74}
[2011.12.12 10:50:02 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{E93FDF79-0B6E-40E7-ACBB-3E68917B158A}
[2011.12.08 10:08:03 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{A4AFC9A3-D672-44ED-982A-467C3938BFE7}
[2011.12.07 09:54:52 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{E9BBF441-1A49-47C7-A653-236B5B3BBFA1}
[2011.12.04 07:22:12 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{AE7A2FF6-BC86-4981-A1CC-55430DF54232}
[2011.12.02 10:04:51 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{5CE40A7C-C86D-4574-AA9B-81AF3B3984FF}
[2011.12.01 21:19:21 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{A67ACE38-ADEE-449A-86E7-909D2DBA9B23}
[2011.12.01 10:06:14 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{A795E345-7B05-4BC3-80F5-8E145C4EDBA5}
[2011.11.30 21:01:54 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{46D14579-E7ED-4468-A4A1-010E6903B9D6}
[2011.11.29 10:50:01 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{15BAC503-F22F-4409-A44E-3EF0670584FA}
[2011.11.29 10:03:41 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{759C9C24-C460-4D61-9460-1EBF1E7E2F7F}
[2011.11.29 05:39:30 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{4D4D9BF3-9AC9-4895-9352-F90DC35855A6}
[2011.11.25 19:49:49 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{A36FD9B9-77B7-4AA3-88CD-916BA7ED3164}
[2011.11.23 19:32:37 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{0BF97707-9995-4474-AA26-C1B7A09F2755}
[2011.11.20 12:36:06 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{9A3933A9-ABB4-4DD1-BDF9-EE9E60064BA0}
[2011.11.14 11:03:11 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{D09CB122-FADC-444C-8947-C71A91EABD81}
[2011.11.14 10:50:03 | 000,000,000 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\{60914264-77B5-4DF5-97B5-7C0FF0508A66}
[2011.10.10 11:33:41 | 000,000,097 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\fusioncache.dat
[2011.06.17 00:36:07 | 005,406,987 | ---- | C] () -- \RUU_signed.nbh
[2011.06.17 00:36:07 | 001,481,928 | ---- | C] () -- \task29.exe
[2011.06.17 00:36:07 | 001,449,160 | ---- | C] () -- \RUUResource.dll
[2011.06.17 00:36:07 | 000,213,864 | ---- | C] () -- \ModelID.fig
[2011.06.17 00:36:07 | 000,175,304 | ---- | C] () -- \rapitool.exe
[2011.06.17 00:36:07 | 000,141,368 | ---- | C] () -- \ErrorUSB.fig
[2011.06.17 00:36:07 | 000,095,552 | ---- | C] () -- \ErrorBattery.fig
[2011.06.17 00:36:07 | 000,013,512 | ---- | C] () -- \RUUGetInfo.exe
[2011.06.17 00:36:07 | 000,008,904 | ---- | C] () -- \EnterBootloader.exe
[2011.06.17 00:36:07 | 000,000,013 | ---- | C] () -- \ROMUpdateUtility.cfg
[2011.06.10 06:34:52 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2011.06.03 22:46:09 | 000,000,518 | ---- | C] () -- C:\Windows\wininit.ini
[2011.04.27 10:40:07 | 000,000,064 | ---- | C] () -- C:\Windows\System32\rp_stats.dat
[2011.04.27 10:40:07 | 000,000,044 | ---- | C] () -- C:\Windows\System32\rp_rules.dat
[2011.01.21 23:30:49 | 000,000,102 | ---- | C] () -- \qehjlhawlh
[2011.01.18 20:57:44 | 000,000,862 | ---- | C] () -- C:\Users\zr7driver\.recently-used.xbel
[2011.01.08 12:02:39 | 000,001,117 | ---- | C] () -- C:\Users\zr7driver\Dokumente - Verknüpfung.lnk
[2011.01.04 21:05:23 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll
[2010.12.26 00:18:10 | 000,000,064 | ---- | C] () -- C:\ProgramData\sandra.ldb
[2010.12.26 00:14:22 | 010,960,896 | ---- | C] () -- C:\ProgramData\sandra.mda
[2010.11.16 21:01:57 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
[2010.11.16 21:01:56 | 000,111,932 | ---- | C] () -- C:\Windows\System32\EPPICPrinterDB.dat
[2010.11.16 21:01:56 | 000,031,053 | ---- | C] () -- C:\Windows\System32\EPPICPattern131.dat
[2010.11.16 21:01:56 | 000,027,417 | ---- | C] () -- C:\Windows\System32\EPPICPattern121.dat
[2010.11.16 21:01:56 | 000,026,154 | ---- | C] () -- C:\Windows\System32\EPPICPattern1.dat
[2010.11.16 21:01:56 | 000,024,903 | ---- | C] () -- C:\Windows\System32\EPPICPattern3.dat
[2010.11.16 21:01:56 | 000,021,390 | ---- | C] () -- C:\Windows\System32\EPPICPattern5.dat
[2010.11.16 21:01:56 | 000,020,148 | ---- | C] () -- C:\Windows\System32\EPPICPattern2.dat
[2010.11.16 21:01:56 | 000,011,811 | ---- | C] () -- C:\Windows\System32\EPPICPattern4.dat
[2010.11.16 21:01:56 | 000,004,943 | ---- | C] () -- C:\Windows\System32\EPPICPattern6.dat
[2010.11.16 21:01:56 | 000,001,146 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_DU.dat
[2010.11.16 21:01:56 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_PT.dat
[2010.11.16 21:01:56 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_BP.dat
[2010.11.16 21:01:56 | 000,001,136 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_ES.dat
[2010.11.16 21:01:56 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_FR.dat
[2010.11.16 21:01:56 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_CF.dat
[2010.11.16 21:01:56 | 000,001,120 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_IT.dat
[2010.11.16 21:01:56 | 000,001,107 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_GE.dat
[2010.11.16 21:01:56 | 000,001,104 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_EN.dat
[2010.10.28 13:24:13 | 000,015,873 | ---- | C] () -- C:\Windows\System32\Inetde.dll
[2010.10.03 22:23:13 | 001,140,638 | ---- | C] () -- C:\Users\zr7driver\Backup LG GT540 Optimus 03.10.2010.mpb
[2010.10.02 22:02:25 | 000,000,360 | -H-- | C] () -- \IPH.PH
[2010.09.24 13:26:13 | 000,050,688 | ---- | C] () -- C:\Users\zr7driver\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.09.12 11:27:22 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.09.10 14:15:23 | 2616,643,584 | -HS- | C] () -- \hiberfil.sys
[2010.02.15 15:31:27 | 000,000,000 | RHS- | C] () -- \MSDOS.SYS
[2010.02.15 15:31:27 | 000,000,000 | RHS- | C] () -- \IO.SYS
[2009.07.14 04:04:04 | 000,000,024 | ---- | C] () -- \autoexec.bat
[2009.07.14 04:04:04 | 000,000,010 | ---- | C] () -- \config.sys
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2010.09.10 14:23:37 | 000,000,000 | -H-D | M] -- C:\Users\Administrator\AppData
[2012.09.14 12:05:54 | 000,000,000 | ---D | M] -- C:\Users\All Users\AAV
[2012.06.21 22:54:33 | 000,000,000 | ---D | M] -- C:\Users\All Users\Acronis
[2010.10.02 22:02:57 | 000,000,000 | ---D | M] -- C:\Users\All Users\AIM
[2010.09.10 14:33:24 | 000,000,000 | ---D | M] -- C:\Users\All Users\ALDI Sued Foto Service
[2010.02.15 19:14:06 | 000,000,000 | ---D | M] -- C:\Users\All Users\Aldi Sued Fotoservice
[2010.09.10 14:23:35 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Anwendungsdaten
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Application Data
[2010.02.04 10:24:04 | 000,000,000 | ---D | M] -- C:\Users\All Users\Applications
[2010.10.01 09:50:45 | 000,000,000 | ---D | M] -- C:\Users\All Users\ashampoo
[2010.10.28 14:22:41 | 000,000,000 | ---D | M] -- C:\Users\All Users\Avanquest
[2011.12.13 12:33:25 | 000,000,000 | ---D | M] -- C:\Users\All Users\AVAST Software
[2011.01.21 23:14:26 | 000,000,000 | ---D | M] -- C:\Users\All Users\Avery
[2012.05.01 17:04:55 | 000,000,000 | ---D | M] -- C:\Users\All Users\AVG2012
[2011.03.20 19:35:07 | 000,000,000 | ---D | M] -- C:\Users\All Users\Badoo
[2011.11.13 13:13:35 | 000,000,000 | ---D | M] -- C:\Users\All Users\BlueStacks
[2010.09.11 13:32:20 | 000,000,000 | ---D | M] -- C:\Users\All Users\Bluetooth
[2010.09.10 14:38:52 | 000,000,000 | ---D | M] -- C:\Users\All Users\BullGuard
[2011.01.21 23:25:01 | 000,000,000 | ---D | M] -- C:\Users\All Users\CAM Development
[2012.07.06 11:12:42 | 000,000,000 | ---D | M] -- C:\Users\All Users\Canneverbe Limited
[2010.12.21 18:54:57 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CanonBJ
[2010.12.21 19:18:51 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CanonEPP
[2011.01.06 12:49:01 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CanonIJEGV
[2010.12.21 19:20:52 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CanonIJEPPEX
[2010.12.21 19:18:51 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CanonIJEPPEX2
[2010.12.21 18:59:24 | 000,000,000 | ---D | M] -- C:\Users\All Users\CanonIJMSetup
[2010.12.21 19:18:50 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CanonIJMyPrinter
[2012.10.11 19:19:04 | 000,000,000 | ---D | M] -- C:\Users\All Users\CanonIJPLM
[2010.12.21 19:18:54 | 000,000,000 | -H-D | M] -- C:\Users\All Users\CanonIJSolutionMenuEX
[2010.12.21 18:57:38 | 000,000,000 | ---D | M] -- C:\Users\All Users\CanonIJWSpt
[2011.12.13 12:28:15 | 000,000,000 | ---D | M] -- C:\Users\All Users\CheckPoint
[2012.04.06 22:36:51 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Common Files
[2011.05.27 20:42:55 | 000,000,000 | ---D | M] -- C:\Users\All Users\Das Fussball Studio
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Desktop
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Documents
[2010.09.10 14:23:35 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Dokumente
[2010.09.24 15:06:46 | 000,000,000 | ---D | M] -- C:\Users\All Users\Electronic Arts
[2010.09.10 14:23:35 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Favoriten
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Favorites
[2012.05.30 15:31:55 | 000,000,000 | ---D | M] -- C:\Users\All Users\GFI Software
[2012.10.15 20:03:45 | 000,000,000 | ---D | M] -- C:\Users\All Users\ICQ
[2011.02.03 11:43:08 | 000,000,000 | ---D | M] -- C:\Users\All Users\Installations
[2010.09.14 20:54:50 | 000,000,000 | ---D | M] -- C:\Users\All Users\ISDNWatch
[2011.09.18 13:50:27 | 000,000,000 | ---D | M] -- C:\Users\All Users\Kaspersky SDK
[2012.09.29 16:20:15 | 000,000,000 | ---D | M] -- C:\Users\All Users\Lexware
[2012.08.06 17:35:58 | 000,000,000 | ---D | M] -- C:\Users\All Users\LGMOBILEAX
[2011.12.26 00:31:42 | 000,000,000 | ---D | M] -- C:\Users\All Users\MAGIX
[2010.10.01 09:34:33 | 000,000,000 | ---D | M] -- C:\Users\All Users\Magix Shared
[2012.07.04 11:21:23 | 000,000,000 | ---D | M] -- C:\Users\All Users\Motorola
[2011.02.03 11:45:44 | 000,000,000 | ---D | M] -- C:\Users\All Users\Nokia
[2011.05.22 21:27:49 | 000,000,000 | ---D | M] -- C:\Users\All Users\NokiaAccount
[2011.02.03 11:35:56 | 000,000,000 | ---D | M] -- C:\Users\All Users\NokiaInstallerCache
[2010.10.28 09:33:37 | 000,000,000 | ---D | M] -- C:\Users\All Users\OO Software
[2010.11.17 23:21:04 | 000,000,000 | ---D | M] -- C:\Users\All Users\Panasonic
[2011.02.03 20:58:50 | 000,000,000 | ---D | M] -- C:\Users\All Users\PC Suite
[2010.10.28 14:56:56 | 000,000,000 | ---D | M] -- C:\Users\All Users\PimeroUpdater
[2011.09.25 19:24:16 | 000,000,000 | ---D | M] -- C:\Users\All Users\RapidSolution
[2012.06.03 09:31:13 | 000,000,000 | ---D | M] -- C:\Users\All Users\Samsung
[2010.09.14 09:30:30 | 000,000,000 | ---D | M] -- C:\Users\All Users\ScanSoft
[2010.10.28 14:56:56 | 000,000,000 | ---D | M] -- C:\Users\All Users\soft-evolution
[2012.08.17 13:24:08 | 000,000,000 | ---D | M] -- C:\Users\All Users\Sony
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Start Menu
[2010.09.10 14:23:35 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Startmenü
[2010.09.24 14:39:57 | 000,000,000 | ---D | M] -- C:\Users\All Users\T-Online
[2012.06.05 16:48:09 | 000,000,000 | ---D | M] -- C:\Users\All Users\Temp
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Templates
[2010.12.18 13:26:06 | 000,000,000 | ---D | M] -- C:\Users\All Users\TomTom
[2010.12.12 21:06:36 | 000,000,000 | ---D | M] -- C:\Users\All Users\Uniblue
[2010.09.10 14:23:35 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Vorlagen
[2010.09.10 14:23:35 | 000,000,000 | -HSD | M] -- C:\Users\Default\Anwendungsdaten
[2009.07.14 04:37:05 | 000,000,000 | -H-D | M] -- C:\Users\Default\AppData
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\Default\Application Data
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\Default\Cookies
[2009.07.14 04:04:25 | 000,000,000 | R--D | M] -- C:\Users\Default\Desktop
[2010.09.10 14:23:35 | 000,000,000 | R--D | M] -- C:\Users\Default\Documents
[2009.07.14 04:04:25 | 000,000,000 | R--D | M] -- C:\Users\Default\Downloads
[2010.09.10 14:23:35 | 000,000,000 | -HSD | M] -- C:\Users\Default\Druckumgebung
[2010.09.10 14:23:35 | 000,000,000 | -HSD | M] -- C:\Users\Default\Eigene Dateien
[2010.02.15 14:08:00 | 000,000,000 | R--D | M] -- C:\Users\Default\Favorites
[2009.07.14 04:04:25 | 000,000,000 | R--D | M] -- C:\Users\Default\Links
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\Default\Local Settings
[2010.09.10 14:23:35 | 000,000,000 | -HSD | M] -- C:\Users\Default\Lokale Einstellungen
[2009.07.14 04:04:25 | 000,000,000 | R--D | M] -- C:\Users\Default\Music
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\Default\My Documents
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\Default\NetHood
[2010.09.10 14:23:35 | 000,000,000 | -HSD | M] -- C:\Users\Default\Netzwerkumgebung
[2009.07.14 04:04:25 | 000,000,000 | R--D | M] -- C:\Users\Default\Pictures
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\Default\PrintHood
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\Default\Recent
[2009.07.14 04:04:25 | 000,000,000 | ---D | M] -- C:\Users\Default\Saved Games
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\Default\SendTo
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\Default\Start Menu
[2010.09.10 14:23:35 | 000,000,000 | -HSD | M] -- C:\Users\Default\Startmenü
[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Users\Default\Templates
[2009.07.14 04:04:25 | 000,000,000 | R--D | M] -- C:\Users\Default\Videos
[2010.09.10 14:23:35 | 000,000,000 | -HSD | M] -- C:\Users\Default\Vorlagen
[2012.10.13 21:57:45 | 000,000,000 | RH-D | M] -- C:\Users\Public\Desktop
[2012.05.01 18:01:42 | 000,000,000 | R--D | M] -- C:\Users\Public\Documents
[2009.07.14 06:41:57 | 000,000,000 | R--D | M] -- C:\Users\Public\Downloads
[2009.07.14 04:04:25 | 000,000,000 | RH-D | M] -- C:\Users\Public\Favorites
[2010.09.10 14:23:36 | 000,000,000 | RH-D | M] -- C:\Users\Public\Libraries
[2009.07.14 06:41:57 | 000,000,000 | R--D | M] -- C:\Users\Public\Music
[2010.11.28 10:51:32 | 000,000,000 | R--D | M] -- C:\Users\Public\Pictures
[2010.09.11 11:34:19 | 000,000,000 | R--D | M] -- C:\Users\Public\Recorded TV
[2012.08.21 14:05:30 | 000,000,000 | R--D | M] -- C:\Users\Public\Videos
[2011.01.18 21:04:39 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\.gimp-2.6
[2012.08.16 14:37:17 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\.hgt
[2011.05.29 10:38:53 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\.jordan
[2012.08.11 19:06:48 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\.swt
[2011.01.18 20:57:41 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\.thumbnails
[2010.09.10 14:23:51 | 000,000,000 | -HSD | M] -- C:\Users\zr7driver\Anwendungsdaten
[2010.09.10 14:23:51 | 000,000,000 | -H-D | M] -- C:\Users\zr7driver\AppData
[2010.09.11 13:57:02 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\Application Data
[2012.07.12 18:50:21 | 000,000,000 | R--D | M] -- C:\Users\zr7driver\Contacts
[2010.09.10 14:23:51 | 000,000,000 | -HSD | M] -- C:\Users\zr7driver\Cookies
[2012.10.16 04:08:09 | 000,000,000 | R--D | M] -- C:\Users\zr7driver\Desktop
[2012.10.12 21:16:38 | 000,000,000 | R--D | M] -- C:\Users\zr7driver\Documents
[2012.10.16 04:07:57 | 000,000,000 | R--D | M] -- C:\Users\zr7driver\Downloads
[2012.10.16 03:49:52 | 000,000,000 | R--D | M] -- C:\Users\zr7driver\Dropbox
[2010.09.10 14:23:51 | 000,000,000 | -HSD | M] -- C:\Users\zr7driver\Druckumgebung
[2010.09.10 14:23:51 | 000,000,000 | -HSD | M] -- C:\Users\zr7driver\Eigene Dateien
[2012.08.11 19:12:29 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\Eigene Routen
[2012.07.28 18:43:44 | 000,000,000 | R--D | M] -- C:\Users\zr7driver\Favorites
[2012.03.05 14:54:22 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\Handy
[2012.08.26 18:19:27 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\IGO
[2012.08.03 21:41:35 | 000,000,000 | R--D | M] -- C:\Users\zr7driver\Links
[2010.09.10 14:23:51 | 000,000,000 | -HSD | M] -- C:\Users\zr7driver\Lokale Einstellungen
[2012.10.14 11:17:52 | 000,000,000 | R--D | M] -- C:\Users\zr7driver\Music
[2010.09.10 14:23:51 | 000,000,000 | -HSD | M] -- C:\Users\zr7driver\Netzwerkumgebung
[2012.06.17 13:28:52 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\Neuer Ordner
[2012.06.17 13:29:08 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\Neuer Ordner (2)
[2012.06.17 13:29:52 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\Neuer Ordner (3)
[2012.10.02 19:47:04 | 000,000,000 | R--D | M] -- C:\Users\zr7driver\Pictures
[2012.08.20 17:46:18 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\Podcasts
[2010.09.10 14:23:51 | 000,000,000 | -HSD | M] -- C:\Users\zr7driver\Recent
[2012.07.12 18:50:22 | 000,000,000 | R--D | M] -- C:\Users\zr7driver\Saved Games
[2012.10.07 20:39:51 | 000,000,000 | R--D | M] -- C:\Users\zr7driver\Searches
[2010.09.10 14:23:51 | 000,000,000 | -HSD | M] -- C:\Users\zr7driver\SendTo
[2010.09.10 14:23:51 | 000,000,000 | -HSD | M] -- C:\Users\zr7driver\Startmenü
[2010.12.26 00:01:52 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\Tracing
[2012.09.30 13:51:29 | 000,000,000 | R--D | M] -- C:\Users\zr7driver\Videos
[2010.09.10 14:23:51 | 000,000,000 | -HSD | M] -- C:\Users\zr7driver\Vorlagen
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2010.10.28 14:18:49 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\A-Z Technology
[2010.10.02 22:04:10 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\acccore
[2012.05.30 09:44:14 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Ad-Aware Antivirus
[2011.06.13 19:49:33 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Adobe
[2010.12.16 21:21:27 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\ALK Technologies
[2011.09.09 13:46:44 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Amazon
[2011.10.29 09:06:40 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Apple Computer
[2012.05.26 21:04:40 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Ashampoo
[2012.08.11 11:42:43 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Audacity
[2011.01.26 15:58:44 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Avery
[2012.05.01 16:29:09 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\AVG2012
[2010.12.04 14:50:24 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\BOM
[2012.07.06 11:12:41 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Canneverbe Limited
[2012.01.23 06:15:42 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Canon
[2010.12.21 19:26:56 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\CD-LabelPrint
[2011.06.04 13:50:55 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\CheckPoint
[2010.09.19 14:50:38 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Chilirec
[2011.09.02 19:03:03 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\COMPUTERBILD-Abzockschutz
[2012.06.03 00:15:44 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\concept design
[2012.06.21 20:11:09 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\convert
[2010.11.27 12:27:16 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Cool Record Edit Pro
[2010.11.19 12:08:31 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Corel
[2010.11.13 22:23:11 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\CyberLink
[2012.10.16 03:49:57 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Dropbox
[2010.09.11 21:55:53 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.10.23 11:56:56 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\FastStone
[2010.10.23 18:03:47 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\FinalTorrent
[2010.11.05 10:08:17 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Fixit-E28F99E6-6133-4824-AECC-4D2FB1701F0B
[2010.12.12 20:59:56 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\foobar2000
[2011.12.25 23:51:12 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Franzis
[2010.11.27 11:25:32 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Free Sound Recorder 2010
[2010.10.28 11:45:39 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\FreeCommander
[2012.10.16 03:49:38 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\FRITZ!
[2010.09.14 20:54:50 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\FRITZ!fax für FRITZ!Box
[2012.06.03 20:12:55 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Geek Uninstaller
[2012.08.23 18:51:08 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\GeoSetter
[2011.01.21 23:12:47 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\GetRightToGo
[2010.09.24 14:52:19 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\GlarySoft
[2011.01.18 20:57:44 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\gtk-2.0
[2012.07.18 09:51:28 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\HTC
[2011.06.13 19:56:38 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1
[2012.05.29 16:30:38 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\ICQ
[2010.09.10 14:24:11 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Identities
[2010.11.16 21:01:55 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\InstallShield
[2012.07.28 18:43:35 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\IObit
[2012.07.12 11:53:07 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\IrfanView
[2012.06.05 16:42:29 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\iSpy
[2012.09.29 16:19:37 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Lexware
[2010.09.13 11:15:13 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\LG Electronics
[2010.09.10 14:47:37 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Macromedia
[2011.12.26 15:19:54 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\MAGIX
[2012.04.06 22:14:51 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Malwarebytes
[2010.10.28 14:25:13 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Marine Aquarium 3
[2009.07.14 10:56:41 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Media Center Programs
[2012.04.09 20:31:48 | 000,000,000 | --SD | M] -- C:\Users\zr7driver\AppData\Roaming\Microsoft
[2011.06.04 09:41:15 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Miranda
[2011.05.01 19:40:34 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Miranda Fusion
[2011.12.16 20:49:54 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\motorola
[2012.07.04 10:14:43 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Motorola Mobility
[2010.09.12 23:24:34 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Mozilla
[2012.06.10 17:56:08 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\MyPhoneExplorer
[2011.10.23 12:38:31 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\NCH Software
[2010.09.24 15:28:50 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Need for Speed World
[2012.10.16 04:34:58 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\NetSpeedMonitor
[2011.02.03 11:47:02 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Nokia
[2011.02.03 11:47:05 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Nokia Ovi Suite
[2010.09.20 10:01:58 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\OpenOffice.org
[2011.06.14 18:11:07 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Outlook
[2011.04.03 16:48:53 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\PC Suite
[2012.07.29 11:28:54 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\QuickScan
[2012.06.03 00:18:52 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Real
[2012.06.03 00:19:00 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\RealNetworks
[2011.01.06 14:37:49 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Recolored
[2012.06.03 09:29:45 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Samsung
[2010.12.13 18:44:15 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\ScanSoft
[2012.10.15 08:51:38 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Skype
[2012.04.09 20:31:38 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\skypePM
[2012.10.12 21:14:01 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\SmartTools
[2010.10.28 14:56:56 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\soft-evolution
[2012.09.17 10:23:30 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\SoftMaker
[2012.08.18 20:34:51 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Sony
[2010.10.29 01:45:32 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\streamripper
[2012.06.03 09:41:32 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Temp
[2010.09.20 09:33:23 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Template
[2010.09.12 23:24:33 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Thunderbird
[2010.12.18 13:25:50 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\TomTom
[2010.12.12 21:19:08 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Uniblue
[2012.10.15 12:07:09 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\vlc
[2012.01.08 00:12:50 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Weather Pulse
[2012.02.24 14:52:39 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\WeatherWatcherLive
[2010.12.26 00:01:52 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Winamp
[2010.10.23 19:53:19 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\WinRAR
[2012.09.10 14:08:58 | 000,000,000 | ---D | M] -- C:\Users\zr7driver\AppData\Roaming\Yahoo!
 
< %APPDATA%\*.exe /s >
[2011.12.25 23:48:53 | 000,709,568 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\unins000.exe
[2009.08.10 04:15:00 | 000,563,056 | ---- | M] (Avery Dennison Corporation. Envel Informationssysteme GmbH.) -- C:\Users\zr7driver\AppData\Roaming\Avery\Avery Wizard 3.1\AZWizard.exe
[2012.06.21 20:13:57 | 012,697,088 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\convert\convert.exe
[2012.07.25 04:08:10 | 026,909,544 | ---- | M] (Dropbox, Inc.) -- C:\Users\zr7driver\AppData\Roaming\Dropbox\bin\Dropbox.exe
[2012.07.25 04:08:14 | 000,874,424 | ---- | M] (Dropbox, Inc.) -- C:\Users\zr7driver\AppData\Roaming\Dropbox\bin\DropboxUpdateHelper.exe
[2012.07.25 04:08:20 | 000,181,784 | ---- | M] (Dropbox, Inc.) -- C:\Users\zr7driver\AppData\Roaming\Dropbox\bin\Uninstall.exe
[2012.08.18 07:23:58 | 004,907,207 | ---- | M] (Phil Harvey) -- C:\Users\zr7driver\AppData\Roaming\GeoSetter\tools\exiftool(-k).exe
[2010.09.13 12:10:23 | 000,053,248 | R--- | M] (Acresso Software Inc.) -- C:\Users\zr7driver\AppData\Roaming\Microsoft\Installer\{3E8DE1A6-B365-4FF6-B917-2892A34990E8}\ARPPRODUCTICON.exe
[2011.10.01 17:52:52 | 000,137,750 | R--- | M] () -- C:\Users\zr7driver\AppData\Roaming\Microsoft\Installer\{5D5509EA-B85A-411E-AB75-59069A411876}\_6199747583AC94FD011270.exe
[2011.10.01 17:52:52 | 000,137,750 | R--- | M] () -- C:\Users\zr7driver\AppData\Roaming\Microsoft\Installer\{5D5509EA-B85A-411E-AB75-59069A411876}\_7A9B8CB6BE7902E1058674.exe
[2011.10.01 17:52:52 | 000,137,750 | R--- | M] () -- C:\Users\zr7driver\AppData\Roaming\Microsoft\Installer\{5D5509EA-B85A-411E-AB75-59069A411876}\_853F67D554F05449430E7E.exe
[2011.10.01 17:52:52 | 000,010,134 | R--- | M] () -- C:\Users\zr7driver\AppData\Roaming\Microsoft\Installer\{5D5509EA-B85A-411E-AB75-59069A411876}\_9E1C27574C0C6A1F98F273.exe
[2011.01.26 15:58:48 | 000,010,134 | R--- | M] () -- C:\Users\zr7driver\AppData\Roaming\Microsoft\Installer\{77077FFF-8831-470F-9627-E86F06A50CCD}\ARPPRODUCTICON.exe
[2012.04.15 21:34:06 | 000,675,840 | ---- | M] (Maximilian Stangel) -- C:\Users\zr7driver\AppData\Roaming\Microsoft\Windows\Templates\BLT11-12_206.exe
[2011.01.16 11:17:32 | 000,510,120 | ---- | M] (RealNetworks, Inc.) -- C:\Users\zr7driver\AppData\Roaming\Real\Update\setup3.13\setup.exe
[2012.05.30 15:27:54 | 000,315,544 | ---- | M] (RealNetworks, Inc.) -- C:\Users\zr7driver\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\9.11\rnupgagent.exe
[2012.05.30 18:29:03 | 027,381,184 | ---- | M] (RealNetworks, Inc.) -- C:\Users\zr7driver\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\9.11\stub_data\RealPlayer.exe
[2012.05.30 18:28:15 | 000,692,480 | ---- | M] (RealNetworks, Inc.) -- C:\Users\zr7driver\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\9.11\stub_exe\RealPlayer.exe
[2012.05.30 03:17:52 | 000,958,392 | ---- | M] (Samsung) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\Kies.exe
[2012.05.30 03:17:54 | 000,278,968 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\KiesDriverInstaller.exe
[2012.05.23 18:51:18 | 000,318,976 | ---- | M] (Samsung) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\KiesLogger.exe
[2012.05.30 03:17:54 | 003,521,464 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\KiesTrayAgent.exe
[2012.05.23 18:50:32 | 000,180,224 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\DeviceModules\ConnectionManager.exe
[2012.05.23 18:50:32 | 000,321,024 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\DeviceModules\DeviceDataService.exe
[2012.05.30 02:49:14 | 000,721,920 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\DeviceModules\DeviceManager.exe
[2012.05.30 03:18:02 | 000,067,512 | ---- | M] (Samsung) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\DeviceModules\Kies_Tutorial.exe
[2012.05.23 18:50:18 | 000,106,960 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\FirmwareUpdate\AgentInstaller.exe
[2012.05.23 18:50:18 | 000,101,328 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\FirmwareUpdate\AgentUpdate.exe
[2012.05.30 03:18:04 | 000,183,736 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\FirmwareUpdate\BinaryLoaderMgr.exe
[2012.05.30 03:18:06 | 000,021,432 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\FirmwareUpdate\KiesPDLR.exe
[2012.05.30 03:18:08 | 003,570,352 | ---- | M] (Freeware) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\MediaModules\MyFreeCodecPack.exe
[2012.05.23 18:50:02 | 000,221,184 | ---- | M] (ENJsoft corp.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\TransModules\SelfMV.exe
[2012.05.23 18:50:04 | 000,061,440 | ---- | M] (ENJsoft corp.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\External\TransModules\SelfMV2.exe
[2012.05.30 03:18:10 | 000,371,128 | ---- | M] (ml) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\Updater\Kies.Update.exe
[2012.05.23 18:49:28 | 024,162,120 | ---- | M] (SAMSUNG Electronics Co., Ltd.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Backup\USB Driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe
[2012.08.31 02:52:12 | 000,964,024 | ---- | M] (Samsung) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\Kies.exe
[2012.08.28 03:06:22 | 000,291,840 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\KiesAgent.exe
[2012.08.31 02:52:14 | 000,278,968 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\KiesDriverInstaller.exe
[2012.08.28 03:06:22 | 000,320,512 | ---- | M] (Samsung) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\KiesLogger.exe
[2012.08.31 02:52:14 | 003,524,536 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\KiesTrayAgent.exe
[2012.08.28 03:05:28 | 000,182,784 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\ConnectionManager.exe
[2012.08.28 03:05:28 | 000,322,048 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\DeviceDataService.exe
[2012.08.28 03:05:32 | 000,717,312 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\DeviceManager.exe
[2012.08.31 02:52:18 | 000,067,512 | ---- | M] (Samsung) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\Kies_Tutorial.exe
[2012.08.28 03:05:28 | 000,057,344 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\DeviceModules\RegisterCOM.exe
[2012.08.28 03:05:14 | 000,106,960 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\FirmwareUpdate\AgentInstaller.exe
[2012.08.28 03:05:14 | 000,101,328 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\FirmwareUpdate\AgentUpdate.exe
[2012.08.31 02:52:20 | 000,183,736 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\FirmwareUpdate\BinaryLoaderMgr.exe
[2012.08.31 02:52:22 | 000,021,432 | ---- | M] () -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\FirmwareUpdate\KiesPDLR.exe
[2012.08.31 02:52:24 | 003,765,256 | ---- | M] (Freeware) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\MediaModules\MyFreeCodecPack.exe
[2012.08.28 03:05:02 | 000,262,144 | ---- | M] (ENJsoft corp.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\TransModules\SelfMV.exe
[2012.08.28 03:05:02 | 000,090,112 | ---- | M] (ENJsoft corp.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\External\TransModules\SelfMV2.exe
[2012.08.31 02:52:26 | 000,593,848 | ---- | M] (ml) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\Updater\Kies.Update.exe
[2012.08.28 03:04:28 | 024,177,352 | ---- | M] (SAMSUNG Electronics Co., Ltd.) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Sub\USB Driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe
[2012.05.30 03:18:10 | 000,371,128 | ---- | M] (ml) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Temp\Kies.Update.exe
[2012.08.31 02:52:26 | 000,593,848 | ---- | M] (ml) -- C:\Users\zr7driver\AppData\Roaming\Samsung\Kies\UpdateTemp\Updater\Kies.Update.exe
[2012.02.26 12:57:16 | 005,070,960 | ---- | M] (Uniblue Systems Ltd                                        ) -- C:\Users\zr7driver\AppData\Roaming\Uniblue\SystemTweaker\_temp\ub.exe
 
< %SYSTEMDRIVE%\*.exe >
[2010.03.10 18:51:36 | 000,008,904 | ---- | M] (HTC) -- C:\EnterBootloader.exe
[2010.03.10 18:51:36 | 000,175,304 | ---- | M] (HTC) -- C:\rapitool.exe
[2010.03.10 18:51:36 | 000,013,512 | ---- | M] () -- C:\RUUGetInfo.exe
[2010.03.10 18:54:08 | 001,481,928 | ---- | M] (HTC) -- C:\task29.exe
 
< MD5 for: AGP440.SYS  >
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys
[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
 
< MD5 for: EVENTLOG.DLL  >
[2010.07.06 12:53:22 | 000,043,520 | ---- | M] (Panasonic Corporation) MD5=536BD91DA54844945AF4971D877692D4 -- C:\Program Files\Panasonic\PHOTOfunSTUDIO 5.2 HD\Core\EventLog\EventLog.dll
[2008.06.06 15:03:52 | 000,007,216 | ---- | M] () MD5=C2A279A458A06DE2C83D842AA042B5A8 -- C:\Program Files\CyberLink\PowerDirector\EventLog.dll
 
< MD5 for: IASTORV.SYS  >
[2011.03.11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\drivers\iaStorV.sys
[2011.03.11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_b0daddb9e6380745\iaStorV.sys
[2011.03.11 07:43:55 | 000,332,160 | ---- | M] (Intel Corporation) MD5=71F1A494FEDF4B33C02C4A6A28D6D9E9 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_aef580fde910b4b0\iaStorV.sys
[2011.03.11 07:28:00 | 000,332,160 | ---- | M] (Intel Corporation) MD5=778D0E6D7D9EBA0C403BADBAAD41DB20 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_b152a892ff64119f\iaStorV.sys
[2009.07.14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys
[2010.11.20 14:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_668286aa35d55928\iaStorV.sys
[2010.11.20 14:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_b118bc63e60a139a\iaStorV.sys
[2011.03.11 07:52:21 | 000,332,160 | ---- | M] (Intel Corporation) MD5=B9039A34C2F8769490DCC494E2402445 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_afae2d45020c148b\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\System32\netlogon.dll
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_ffbf212e963c0162\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2011.03.11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\drivers\nvstor.sys
[2011.03.11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_3ba44e691d6eb11d\nvstor.sys
[2011.03.11 07:44:01 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4520B63899E867F354EE012D34E11536 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_39bef1ad20475e88\nvstor.sys
[2011.03.11 07:28:10 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=66D468654A58594F5F3BA63D5AD5B1AF -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_3c1c1942369abb77\nvstor.sys
[2011.03.11 07:52:25 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=8A7583A3B58D3EEB28BB26626526BC91 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_3a779df43942be63\nvstor.sys
[2010.11.20 14:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.20 14:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvstor.sys
[2009.07.14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys
 
< MD5 for: NVSTOR32.SYS  >
[2009.06.30 17:32:54 | 000,212,000 | ---- | M] (NVIDIA Corporation) MD5=032EF66DD96692AD3A9D36160F467F67 -- C:\Medion\Chipset\Win7Vista32_new_15.46\Win7Vista32\International\IDE\Win7\sata_ide\nvstor32.sys
[2009.06.30 17:32:54 | 000,212,000 | ---- | M] (NVIDIA Corporation) MD5=032EF66DD96692AD3A9D36160F467F67 -- C:\Medion\Chipset\Win7Vista32_new_15.46\Win7Vista32\International\IDE\WinVista\sata_ide\nvstor32.sys
[2009.06.30 17:32:54 | 000,212,000 | ---- | M] (NVIDIA Corporation) MD5=032EF66DD96692AD3A9D36160F467F67 -- C:\Windows\System32\drivers\nvstor32.sys
[2009.06.30 17:32:54 | 000,212,000 | ---- | M] (NVIDIA Corporation) MD5=032EF66DD96692AD3A9D36160F467F67 -- C:\Windows\System32\DriverStore\FileRepository\nvstor32.inf_x86_neutral_68640c3c72cad0af\nvstor32.sys
[2009.06.30 17:33:08 | 000,212,000 | ---- | M] (NVIDIA Corporation) MD5=3A1A03FF72DF7114B35AE0FD6781464D -- C:\Medion\Chipset\Win7Vista32_new_15.46\Win7Vista32\International\IDE\Win7\sataraid\nvstor32.sys
[2009.06.30 17:33:08 | 000,212,000 | ---- | M] (NVIDIA Corporation) MD5=3A1A03FF72DF7114B35AE0FD6781464D -- C:\Medion\Chipset\Win7Vista32_new_15.46\Win7Vista32\International\IDE\WinVista\sataraid\nvstor32.sys
 
< MD5 for: SCECLI.DLL  >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll
 
< MD5 for: USER32.DLL  >
[2009.07.14 03:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=34B7E222E81FAFA885F0C5F2CFA56861 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_cd0ec264ceb014a3\user32.dll
[2010.11.20 14:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\System32\user32.dll
[2010.11.20 14:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_cf3fd62ccb9e983d\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
 
< MD5 for: WININIT.EXE  >
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\System32\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe
 
< MD5 for: WINLOGON.EXE  >
[2009.10.28 08:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009.10.28 07:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2012.09.07 17:04:42 | 000,218,696 | ---- | M] () MD5=4E0D8C9F83B7FD82393F7D8CCC27E7AE -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2010.11.20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010.11.20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009.07.14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2009.07.14 01:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2009.07.14 01:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_4f5cf6f829213bb2\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
[2011.05.01 16:21:48 | 000,353,792 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\dxtmsft.dll
[2011.05.01 16:21:48 | 000,223,232 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\dxtrans.dll
[2009.07.14 03:15:21 | 000,462,848 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\FirewallAPI.dll
 
<          >
[2009.07.14 06:53:46 | 000,032,632 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009.07.14 06:53:47 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2010.09.12 21:18:04 | 000,001,100 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2010.09.12 21:18:05 | 000,001,104 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2010.09.24 14:31:09 | 000,000,322 | ---- | C] () -- C:\Windows\Tasks\GlaryInitialize.job
[2012.03.07 14:21:41 | 000,000,922 | ---- | C] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2688999502-884777346-3256751407-1001Core.job
[2012.03.07 14:21:43 | 000,000,944 | ---- | C] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2688999502-884777346-3256751407-1001UA.job
[2012.03.30 04:45:50 | 000,000,884 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job

< End of report >

cosinus 16.10.2012 19:17
Beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Code:
:OTL
IE - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\..\SearchScopes\{0A5C582A-2E0F-45B4-A278-5CC42B563211}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=kw&q={searchTerms}&locale=&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^YY^DE&apn_uid=b270a8c8-c838-4580-968b-86c69f2550a3&apn_sauid=74ACD6B1-898A-4431-99F3-0D200D08CED2
FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi:  File not found
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No CLSID value found.
O3 - HKU\S-1-5-21-2688999502-884777346-3256751407-1001\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O4 - HKLM..\Run: []  File not found
O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found
O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - http://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found
:Files
C:\Externe Festplatte 1\Eigene Dateien\Software\registrybooster.exe
C:\Externe Festplatte 1\Software\jdprof2009.exe
C:\Externe Festplatte 1\Software\wgo-winload.exe
C:\Program Files\Glary Utilities\v9gls.exe
C:\Program Files\WebSite X5 v9 - Smart\imRegister.exe
C:\Users\zr7driver\Downloads\Babylon8_setup.exe
C:\Users\zr7driver\Downloads\gusetup.exe
C:\Users\zr7driver\Downloads\wsx5_sm.exe
ipconfig /flushdns /c
:Commands
[purity]
[emptytemp]
[resethosts]
Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!

zr7driver 16.10.2012 19:43
Code:
All processes killed
========== OTL ==========
Registry key HKEY_USERS\S-1-5-21-2688999502-884777346-3256751407-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0A5C582A-2E0F-45B4-A278-5CC42B563211}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0A5C582A-2E0F-45B4-A278-5CC42B563211}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@checkpoint.com/FFApi\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107}\ not found.
Registry value HKEY_USERS\S-1-5-21-2688999502-884777346-3256751407-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA}\ not found.
========== FILES ==========
C:\Externe Festplatte 1\Eigene Dateien\Software\registrybooster.exe moved successfully.
C:\Externe Festplatte 1\Software\jdprof2009.exe moved successfully.
C:\Externe Festplatte 1\Software\wgo-winload.exe moved successfully.
C:\Program Files\Glary Utilities\v9gls.exe moved successfully.
C:\Program Files\WebSite X5 v9 - Smart\imRegister.exe moved successfully.
C:\Users\zr7driver\Downloads\Babylon8_setup.exe moved successfully.
C:\Users\zr7driver\Downloads\gusetup.exe moved successfully.
C:\Users\zr7driver\Downloads\wsx5_sm.exe moved successfully.
< ipconfig /flushdns /c >
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
C:\Users\zr7driver\Desktop\cmd.bat deleted successfully.
C:\Users\zr7driver\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: Administrator
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Public
 
User: zr7driver
->Temp folder emptied: 770897 bytes
->Temporary Internet Files folder emptied: 8382330 bytes
->Java cache emptied: 5544911 bytes
->FireFox cache emptied: 320650131 bytes
->Google Chrome cache emptied: 390395424 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 200704 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 2595475 bytes
RecycleBin emptied: 2374620 bytes
 
Total Files Cleaned = 697,00 mb
 
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
OTL by OldTimer - Version 3.2.69.0 log created on 10162012_203317

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

cosinus 17.10.2012 13:46
Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.

Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

http://saved.im/mtg4nzy0ywy5/settings_2012-09-04.png

zr7driver 17.10.2012 19:24
Code:
20:18:51.0730 8128  TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47
20:18:53.0779 8128  ============================================================
20:18:53.0779 8128  Current date / time: 2012/10/17 20:18:53.0779
20:18:53.0779 8128  SystemInfo:
20:18:53.0779 8128 
20:18:53.0779 8128  OS Version: 6.1.7601 ServicePack: 1.0
20:18:53.0779 8128  Product type: Workstation
20:18:53.0779 8128  ComputerName: ZR7DRIVER-PC
20:18:53.0779 8128  UserName: zr7driver
20:18:53.0779 8128  Windows directory: C:\Windows
20:18:53.0780 8128  System windows directory: C:\Windows
20:18:53.0780 8128  Processor architecture: Intel x86
20:18:53.0780 8128  Number of processors: 2
20:18:53.0780 8128  Page size: 0x1000
20:18:53.0780 8128  Boot type: Normal boot
20:18:53.0780 8128  ============================================================
20:18:55.0654 8128  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
20:18:55.0657 8128  ============================================================
20:18:55.0657 8128  \Device\Harddisk0\DR0:
20:18:55.0658 8128  MBR partitions:
20:18:55.0658 8128  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
20:18:55.0658 8128  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x71CD3000
20:18:55.0658 8128  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x71D05800, BlocksNum 0x2800000
20:18:55.0658 8128  ============================================================
20:18:55.0683 8128  C: <-> \Device\Harddisk0\DR0\Partition2
20:18:55.0729 8128  D: <-> \Device\Harddisk0\DR0\Partition3
20:18:55.0813 8128  ============================================================
20:18:55.0814 8128  Initialize success
20:18:55.0814 8128  ============================================================
20:20:26.0491 6872  ============================================================
20:20:26.0492 6872  Scan started
20:20:26.0492 6872  Mode: Manual; SigCheck; TDLFS;
20:20:26.0492 6872  ============================================================
20:20:27.0133 6872  ================ Scan system memory ========================
20:20:27.0133 6872  System memory - ok
20:20:27.0134 6872  ================ Scan services =============================
20:20:27.0306 6872  [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
20:20:27.0459 6872  1394ohci - ok
20:20:27.0544 6872  [ 7EEB488346FBFA3731276C3EE8A8FD9E ] AAV UpdateService C:\Program Files\AAVUpdateManager\aavus.exe
20:20:27.0571 6872  AAV UpdateService - ok
20:20:27.0641 6872  [ EC818AED40E3359FE49DDB1700151E56 ] ACEDRV09        C:\Windows\system32\drivers\ACEDRV09.sys
20:20:27.0713 6872  ACEDRV09 - ok
20:20:27.0741 6872  [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
20:20:27.0768 6872  ACPI - ok
20:20:27.0785 6872  [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi        C:\Windows\system32\drivers\acpipmi.sys
20:20:27.0865 6872  AcpiPmi - ok
20:20:27.0913 6872  [ 2C41AE09BB51EA074069135F183DAA9C ] AcrSch2Svc      C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
20:20:27.0941 6872  AcrSch2Svc - ok
20:20:28.0000 6872  [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
20:20:28.0021 6872  AdobeARMservice - ok
20:20:28.0085 6872  [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
20:20:28.0103 6872  AdobeFlashPlayerUpdateSvc - ok
20:20:28.0142 6872  [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx        C:\Windows\system32\DRIVERS\adp94xx.sys
20:20:28.0170 6872  adp94xx - ok
20:20:28.0202 6872  [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci        C:\Windows\system32\DRIVERS\adpahci.sys
20:20:28.0226 6872  adpahci - ok
20:20:28.0248 6872  [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320        C:\Windows\system32\DRIVERS\adpu320.sys
20:20:28.0269 6872  adpu320 - ok
20:20:28.0296 6872  [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc    C:\Windows\System32\aelupsvc.dll
20:20:28.0332 6872  AeLookupSvc - ok
20:20:28.0390 6872  [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD            C:\Windows\system32\drivers\afd.sys
20:20:28.0432 6872  AFD - ok
20:20:28.0450 6872  [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440          C:\Windows\system32\drivers\agp440.sys
20:20:28.0469 6872  agp440 - ok
20:20:28.0488 6872  [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx        C:\Windows\system32\DRIVERS\djsvs.sys
20:20:28.0508 6872  aic78xx - ok
20:20:28.0524 6872  [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG            C:\Windows\System32\alg.exe
20:20:28.0582 6872  ALG - ok
20:20:28.0597 6872  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide          C:\Windows\system32\drivers\aliide.sys
20:20:28.0616 6872  aliide - ok
20:20:28.0626 6872  [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
20:20:28.0646 6872  amdagp - ok
20:20:28.0656 6872  [ CD5914170297126B6266860198D1D4F0 ] amdide          C:\Windows\system32\drivers\amdide.sys
20:20:28.0675 6872  amdide - ok
20:20:28.0733 6872  [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8          C:\Windows\system32\DRIVERS\amdk8.sys
20:20:28.0789 6872  AmdK8 - ok
20:20:28.0800 6872  [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
20:20:28.0837 6872  AmdPPM - ok
20:20:28.0857 6872  [ D320BF87125326F996D4904FE24300FC ] amdsata        C:\Windows\system32\drivers\amdsata.sys
20:20:28.0876 6872  amdsata - ok
20:20:28.0899 6872  [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
20:20:28.0922 6872  amdsbs - ok
20:20:28.0939 6872  [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata        C:\Windows\system32\drivers\amdxata.sys
20:20:28.0959 6872  amdxata - ok
20:20:28.0983 6872  [ 3E59DF4984FBD6800D6621480B38A34E ] Andbus          C:\Windows\system32\DRIVERS\lgandbus.sys
20:20:29.0049 6872  Andbus - ok
20:20:29.0072 6872  [ 8E0BF6F3B2C9C292BC7CE0DE727CDD56 ] AndDiag        C:\Windows\system32\DRIVERS\lganddiag.sys
20:20:29.0091 6872  AndDiag - ok
20:20:29.0105 6872  [ 1D2C90E25483363D54B652898BBC8F2A ] AndGps          C:\Windows\system32\DRIVERS\lgandgps.sys
20:20:29.0146 6872  AndGps - ok
20:20:29.0165 6872  [ B1B06A95DA2CAC7FA19832C60C348C85 ] ANDModem        C:\Windows\system32\DRIVERS\lgandmodem.sys
20:20:29.0199 6872  ANDModem - ok
20:20:29.0235 6872  [ A991EE642E225DC3072C06A7D3895F8A ] andnetadb      C:\Windows\system32\Drivers\lgandnetadb.sys
20:20:29.0256 6872  andnetadb - ok
20:20:29.0284 6872  [ AEA177F783E20150ACE5383EE368DA19 ] AppID          C:\Windows\system32\drivers\appid.sys
20:20:29.0319 6872  AppID - ok
20:20:29.0337 6872  [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
20:20:29.0369 6872  AppIDSvc - ok
20:20:29.0390 6872  [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo        C:\Windows\System32\appinfo.dll
20:20:29.0433 6872  Appinfo - ok
20:20:29.0452 6872  [ 2932004F49677BD84DBC72EDB754FFB3 ] arc            C:\Windows\system32\DRIVERS\arc.sys
20:20:29.0473 6872  arc - ok
20:20:29.0480 6872  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
20:20:29.0502 6872  arcsas - ok
20:20:29.0612 6872  [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
20:20:29.0639 6872  aspnet_state - ok
20:20:29.0676 6872  [ F5DC168BF77572D51BE28BA261B30CB4 ] aswFsBlk        C:\Windows\system32\drivers\aswFsBlk.sys
20:20:29.0692 6872  aswFsBlk - ok
20:20:29.0725 6872  [ F76E51561562AC4105DBBE53FC99BC10 ] aswMonFlt      C:\Windows\system32\drivers\aswMonFlt.sys
20:20:29.0742 6872  aswMonFlt - ok
20:20:29.0774 6872  [ 924819669AFD0EDF5C067193D371FAB0 ] aswRdr          C:\Windows\System32\Drivers\aswrdr2.sys
20:20:29.0791 6872  aswRdr - ok
20:20:29.0828 6872  [ 30E45AF8B4D83176CA850FC9699E860B ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
20:20:29.0857 6872  aswSnx - ok
20:20:29.0881 6872  [ F04BDBCB965C05C51F4A7DE7B62063D6 ] aswSP          C:\Windows\system32\drivers\aswSP.sys
20:20:29.0904 6872  aswSP - ok
20:20:29.0933 6872  [ DFE9152ABFA89BB8CFDC057409B2D4DA ] aswTdi          C:\Windows\system32\drivers\aswTdi.sys
20:20:29.0949 6872  aswTdi - ok
20:20:29.0976 6872  [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
20:20:30.0024 6872  AsyncMac - ok
20:20:30.0079 6872  [ 338C86357871C167A96AB976519BF59E ] atapi          C:\Windows\system32\drivers\atapi.sys
20:20:30.0101 6872  atapi - ok
20:20:30.0127 6872  [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:20:30.0183 6872  AudioEndpointBuilder - ok
20:20:30.0194 6872  [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
20:20:30.0231 6872  Audiosrv - ok
20:20:30.0273 6872  [ 04AC21E821F259845BD7367CEE057290 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
20:20:30.0290 6872  avast! Antivirus - ok
20:20:30.0315 6872  [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
20:20:30.0404 6872  AxInstSV - ok
20:20:30.0430 6872  [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv        C:\Windows\system32\DRIVERS\bxvbdx.sys
20:20:30.0481 6872  b06bdrv - ok
20:20:30.0490 6872  [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
20:20:30.0521 6872  b57nd60x - ok
20:20:30.0588 6872  [ 483F1162EEEBD10BF77FBB32DB963370 ] BBSvc          C:\Program Files\Microsoft\BingBar\BBSvc.EXE
20:20:30.0611 6872  BBSvc - ok
20:20:30.0646 6872  [ 78779EE07231C658B483B1F38B5088DF ] BBUpdate        C:\Program Files\Microsoft\BingBar\SeaPort.EXE
20:20:30.0669 6872  BBUpdate - ok
20:20:30.0697 6872  [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC          C:\Windows\System32\bdesvc.dll
20:20:30.0759 6872  BDESVC - ok
20:20:30.0787 6872  [ 505506526A9D467307B3C393DEDAF858 ] Beep            C:\Windows\system32\drivers\Beep.sys
20:20:30.0841 6872  Beep - ok
20:20:30.0871 6872  [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE            C:\Windows\System32\bfe.dll
20:20:30.0923 6872  BFE - ok
20:20:30.0952 6872  [ E585445D5021971FAE10393F0F1C3961 ] BITS            C:\Windows\System32\qmgr.dll
20:20:31.0042 6872  BITS - ok
20:20:31.0065 6872  [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
20:20:31.0109 6872  blbdrive - ok
20:20:31.0162 6872  [ 8BC053CD1F5F11F79C80BE85BC289258 ] BlueletAudio    C:\Windows\system32\DRIVERS\blueletaudio.sys
20:20:31.0182 6872  BlueletAudio - ok
20:20:31.0237 6872  [ BD91AFC523FD59F881E1763C38FB772F ] BlueletSCOAudio C:\Windows\system32\DRIVERS\BlueletSCOAudio.sys
20:20:31.0255 6872  BlueletSCOAudio - ok
20:20:31.0310 6872  [ 2072720F0848312C40E01C2AEC8ED439 ] BlueSoleil Hid Service C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
20:20:31.0329 6872  BlueSoleil Hid Service - ok
20:20:31.0415 6872  [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
20:20:31.0519 6872  bowser - ok
20:20:31.0607 6872  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
20:20:31.0748 6872  BrFiltLo - ok
20:20:31.0766 6872  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
20:20:31.0808 6872  BrFiltUp - ok
20:20:31.0842 6872  [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser        C:\Windows\System32\browser.dll
20:20:31.0886 6872  Browser - ok
20:20:31.0917 6872  [ 845B8CE732E67F3B4133164868C666EA ] Brserid        C:\Windows\system32\Drivers\Brserid.sys
20:20:31.0987 6872  Brserid - ok
20:20:32.0007 6872  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
20:20:32.0046 6872  BrSerWdm - ok
20:20:32.0066 6872  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
20:20:32.0109 6872  BrUsbMdm - ok
20:20:32.0129 6872  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\Windows\system32\Drivers\BrUsbSer.sys
20:20:32.0152 6872  BrUsbSer - ok
20:20:32.0173 6872  [ C5CCE2B26F73F8CF7F3C82159E79AA08 ] BT              C:\Windows\system32\DRIVERS\btnetdrv.sys
20:20:32.0195 6872  BT - ok
20:20:32.0230 6872  [ 4813DF77EDE536A52E3737971F910BAA ] BTCFilterService C:\Windows\system32\DRIVERS\motfilt.sys
20:20:32.0284 6872  BTCFilterService - ok
20:20:32.0318 6872  [ E5FDCB01AF073A653C55A77AD8AC8ECB ] Btcsrusb        C:\Windows\system32\Drivers\btcusb.sys
20:20:32.0332 6872  Btcsrusb - ok
20:20:32.0340 6872  [ CE643D0918123D76A5CAAB008FCA9663 ] BTHidEnum      C:\Windows\system32\Drivers\vbtenum.sys
20:20:32.0355 6872  BTHidEnum - ok
20:20:32.0363 6872  [ DFCA4FE4C8AEC786B4D0F432EB730F48 ] BTHidMgr        C:\Windows\system32\Drivers\BTHidMgr.sys
20:20:32.0378 6872  BTHidMgr - ok
20:20:32.0393 6872  [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
20:20:32.0424 6872  BTHMODEM - ok
20:20:32.0457 6872  [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv        C:\Windows\system32\bthserv.dll
20:20:32.0506 6872  bthserv - ok
20:20:32.0514 6872  [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
20:20:32.0577 6872  cdfs - ok
20:20:32.0632 6872  [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom          C:\Windows\system32\DRIVERS\cdrom.sys
20:20:32.0665 6872  cdrom - ok
20:20:32.0755 6872  [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc    C:\Windows\System32\certprop.dll
20:20:32.0791 6872  CertPropSvc - ok
20:20:32.0827 6872  [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
20:20:32.0854 6872  circlass - ok
20:20:32.0881 6872  [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS            C:\Windows\system32\CLFS.sys
20:20:32.0906 6872  CLFS - ok
20:20:33.0336 6872  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:20:33.0370 6872  clr_optimization_v2.0.50727_32 - ok
20:20:33.0400 6872  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:20:33.0460 6872  clr_optimization_v4.0.30319_32 - ok
20:20:33.0479 6872  [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
20:20:33.0500 6872  CmBatt - ok
20:20:33.0509 6872  [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
20:20:33.0529 6872  cmdide - ok
20:20:33.0553 6872  [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG            C:\Windows\system32\Drivers\cng.sys
20:20:33.0607 6872  CNG - ok
20:20:33.0619 6872  [ A6023D3823C37043986713F118A89BEE ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
20:20:33.0640 6872  Compbatt - ok
20:20:33.0697 6872  [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
20:20:33.0732 6872  CompositeBus - ok
20:20:33.0738 6872  COMSysApp - ok
20:20:33.0803 6872  [ 0283B43C6BC965175A1C92B255D39556 ] cpuz135        C:\Program Files\CPUID\PC Wizard 2012\pcwiz_x32.sys
20:20:33.0819 6872  cpuz135 - ok
20:20:33.0840 6872  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk        C:\Windows\system32\DRIVERS\crcdisk.sys
20:20:33.0858 6872  crcdisk - ok
20:20:33.0892 6872  [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc        C:\Windows\system32\cryptsvc.dll
20:20:33.0938 6872  CryptSvc - ok
20:20:33.0974 6872  [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch      C:\Windows\system32\rpcss.dll
20:20:34.0050 6872  DcomLaunch - ok
20:20:34.0085 6872  [ 65C7122D1115A4E1DB3E8C11DF919A40 ] DefragFS        C:\Windows\system32\drivers\DefragFS.sys
20:20:34.0102 6872  DefragFS - ok
20:20:34.0135 6872  [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc      C:\Windows\System32\defragsvc.dll
20:20:34.0190 6872  defragsvc - ok
20:20:34.0240 6872  [ 893A82D118833A850459DD470FFA48D9 ] DeviceMonitorService C:\Program Files\Motorola Media Link\NServiceEntry.exe
20:20:34.0254 6872  DeviceMonitorService ( UnsignedFile.Multi.Generic ) - warning
20:20:34.0254 6872  DeviceMonitorService - detected UnsignedFile.Multi.Generic (1)
20:20:34.0286 6872  [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
20:20:34.0382 6872  DfsC - ok
20:20:34.0482 6872  [ 92AE26F2CAF4A67E24A0BA6DDF32CC3C ] DfSdkS          C:\Program Files\Ashampoo\Ashampoo WinOptimizer 2012\DfsdkS.exe
20:20:34.0506 6872  DfSdkS ( UnsignedFile.Multi.Generic ) - warning
20:20:34.0506 6872  DfSdkS - detected UnsignedFile.Multi.Generic (1)
20:20:34.0543 6872  [ 7BEF2E2159EDB03105BC7A8BABE04726 ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
20:20:34.0561 6872  dg_ssudbus - ok
20:20:34.0603 6872  [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp            C:\Windows\system32\dhcpcore.dll
20:20:34.0653 6872  Dhcp - ok
20:20:34.0688 6872  [ 1A050B0274BFB3890703D490F330C0DA ] discache        C:\Windows\system32\drivers\discache.sys
20:20:34.0740 6872  discache - ok
20:20:34.0773 6872  [ 565003F326F99802E68CA78F2A68E9FF ] Disk            C:\Windows\system32\DRIVERS\disk.sys
20:20:34.0792 6872  Disk - ok
20:20:34.0819 6872  [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
20:20:34.0841 6872  Dnscache - ok
20:20:34.0856 6872  [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc        C:\Windows\System32\dot3svc.dll
20:20:34.0907 6872  dot3svc - ok
20:20:34.0941 6872  [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS            C:\Windows\system32\dps.dll
20:20:35.0006 6872  DPS - ok
20:20:35.0045 6872  [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud        C:\Windows\system32\drivers\drmkaud.sys
20:20:35.0076 6872  drmkaud - ok
20:20:35.0160 6872  [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl        C:\Windows\System32\drivers\dxgkrnl.sys
20:20:35.0191 6872  DXGKrnl - ok
20:20:35.0210 6872  [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost        C:\Windows\System32\eapsvc.dll
20:20:35.0261 6872  EapHost - ok
20:20:35.0344 6872  [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv          C:\Windows\system32\DRIVERS\evbdx.sys
20:20:35.0451 6872  ebdrv - ok
20:20:35.0481 6872  [ 81951F51E318AECC2D68559E47485CC4 ] EFS            C:\Windows\System32\lsass.exe
20:20:35.0515 6872  EFS - ok
20:20:35.0589 6872  [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr        C:\Windows\ehome\ehRecvr.exe
20:20:35.0658 6872  ehRecvr - ok
20:20:35.0683 6872  [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched        C:\Windows\ehome\ehsched.exe
20:20:35.0711 6872  ehSched - ok
20:20:35.0735 6872  [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor        C:\Windows\system32\DRIVERS\elxstor.sys
20:20:35.0763 6872  elxstor - ok
20:20:35.0778 6872  [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
20:20:35.0798 6872  ErrDev - ok
20:20:35.0820 6872  [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem    C:\Windows\system32\es.dll
20:20:35.0876 6872  EventSystem - ok
20:20:35.0905 6872  [ 2DC9108D74081149CC8B651D3A26207F ] exfat          C:\Windows\system32\drivers\exfat.sys
20:20:35.0954 6872  exfat - ok
20:20:36.0032 6872  Fabs - ok
20:20:36.0063 6872  [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat        C:\Windows\system32\drivers\fastfat.sys
20:20:36.0114 6872  fastfat - ok
20:20:36.0155 6872  [ 967EA5B213E9984CBE270205DF37755B ] Fax            C:\Windows\system32\fxssvc.exe
20:20:36.0193 6872  Fax - ok
20:20:36.0214 6872  [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc            C:\Windows\system32\DRIVERS\fdc.sys
20:20:36.0235 6872  fdc - ok
20:20:36.0244 6872  [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost        C:\Windows\system32\fdPHost.dll
20:20:36.0280 6872  fdPHost - ok
20:20:36.0296 6872  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub        C:\Windows\system32\fdrespub.dll
20:20:36.0344 6872  FDResPub - ok
20:20:36.0365 6872  [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
20:20:36.0386 6872  FileInfo - ok
20:20:36.0450 6872  [ 142A7AE58BD1ED496DC063196DB1527E ] FileMonitor    C:\Program Files\IObit\IObit Malware Fighter\Drivers\win7_x86\FileMonitor.sys
20:20:36.0478 6872  FileMonitor - ok
20:20:36.0499 6872  [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace      C:\Windows\system32\drivers\filetrace.sys
20:20:36.0535 6872  Filetrace - ok
20:20:36.0592 6872  [ B84D31AC5AE8372CE60204920E8F98E2 ] FirebirdGuardianDefaultInstance C:\Program Files\Firebird\Firebird_2_1\bin\fbguard.exe
20:20:36.0611 6872  FirebirdGuardianDefaultInstance ( UnsignedFile.Multi.Generic ) - warning
20:20:36.0611 6872  FirebirdGuardianDefaultInstance - detected UnsignedFile.Multi.Generic (1)
20:20:36.0677 6872  [ E83398B97959086265B7FEE2BFAF1343 ] FirebirdServerDefaultInstance C:\Program Files\Firebird\Firebird_2_1\bin\fbserver.exe
20:20:36.0841 6872  FirebirdServerDefaultInstance ( UnsignedFile.Multi.Generic ) - warning
20:20:36.0841 6872  FirebirdServerDefaultInstance - detected UnsignedFile.Multi.Generic (1)
20:20:36.0984 6872  [ 5BD96D8C5411ACE71A7EAACAF0EF2903 ] FirebirdServerMAGIXInstance C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe
20:20:37.0134 6872  FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - warning
20:20:37.0134 6872  FirebirdServerMAGIXInstance - detected UnsignedFile.Multi.Generic (1)
20:20:37.0177 6872  [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
20:20:37.0200 6872  flpydisk - ok
20:20:37.0223 6872  [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
20:20:37.0247 6872  FltMgr - ok
20:20:37.0285 6872  [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache      C:\Windows\system32\FntCache.dll
20:20:37.0322 6872  FontCache - ok
20:20:37.0373 6872  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
20:20:37.0402 6872  FontCache3.0.0.0 - ok
20:20:37.0425 6872  [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends      C:\Windows\system32\drivers\FsDepends.sys
20:20:37.0446 6872  FsDepends - ok
20:20:37.0470 6872  [ 491E9D9A26A745F6AE7D570849F4BD87 ] fssfltr        C:\Windows\system32\DRIVERS\fssfltr.sys
20:20:37.0486 6872  fssfltr - ok
20:20:37.0533 6872  [ 45B52394F9624237F33A8A3D73C0B221 ] fsssvc          C:\Program Files\Windows Live\Family Safety\fsssvc.exe
20:20:37.0563 6872  fsssvc - ok
20:20:37.0580 6872  [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
20:20:37.0602 6872  Fs_Rec - ok
20:20:37.0668 6872  [ 8A73E79089B282100B9393B644CB853B ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
20:20:37.0702 6872  fvevol - ok
20:20:37.0722 6872  [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
20:20:37.0742 6872  gagp30kx - ok
20:20:37.0783 6872  [ 93CA4D9A0433BE0EDD0B9F2F26D5E54C ] ggflt          C:\Windows\system32\DRIVERS\ggflt.sys
20:20:37.0798 6872  ggflt - ok
20:20:37.0811 6872  [ 17E678AAB82CCDFB80E7614504933895 ] ggsemc          C:\Windows\system32\DRIVERS\ggsemc.sys
20:20:37.0826 6872  ggsemc - ok
20:20:37.0852 6872  [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc          C:\Windows\System32\gpsvc.dll
20:20:37.0915 6872  gpsvc - ok
20:20:37.0950 6872  [ F02A533F517EB38333CB12A9E8963773 ] gupdate        C:\Program Files\Google\Update\GoogleUpdate.exe
20:20:37.0970 6872  gupdate - ok
20:20:38.0006 6872  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
20:20:38.0028 6872  gupdatem - ok
20:20:38.0062 6872  [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
20:20:38.0110 6872  hcw85cir - ok
20:20:38.0150 6872  [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:20:38.0185 6872  HdAudAddService - ok
20:20:38.0203 6872  [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
20:20:38.0240 6872  HDAudBus - ok
20:20:38.0246 6872  [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt        C:\Windows\system32\DRIVERS\HidBatt.sys
20:20:38.0277 6872  HidBatt - ok
20:20:38.0306 6872  [ 89448F40E6DF260C206A193A4683BA78 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
20:20:38.0348 6872  HidBth - ok
20:20:38.0380 6872  [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr          C:\Windows\system32\DRIVERS\hidir.sys
20:20:38.0405 6872  HidIr - ok
20:20:38.0429 6872  [ 1FAB2540C1BD6DA847CCD292F4EEE48A ] hidkmdf        C:\Windows\system32\DRIVERS\hidkmdf.sys
20:20:38.0445 6872  hidkmdf - ok
20:20:38.0471 6872  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv        C:\Windows\system32\hidserv.dll
20:20:38.0523 6872  hidserv - ok
20:20:38.0538 6872  [ 25072FB35AC90B25F9E4E3BACF774102 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
20:20:38.0577 6872  HidUsb - ok
20:20:38.0613 6872  [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc          C:\Windows\system32\kmsvc.dll
20:20:38.0647 6872  hkmsvc - ok
20:20:38.0673 6872  [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:20:38.0705 6872  HomeGroupListener - ok
20:20:38.0730 6872  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:20:38.0766 6872  HomeGroupProvider - ok
20:20:38.0793 6872  [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
20:20:38.0813 6872  HpSAMD - ok
20:20:38.0823 6872  [ 950CC1E6AE3A6CD23E0945CDE089B02C ] HTCAND32        C:\Windows\system32\Drivers\ANDROIDUSB.sys
20:20:38.0851 6872  HTCAND32 - ok
20:20:38.0870 6872  [ 339ADEFAD60353F960E3CA67CE468C24 ] htcnprot        C:\Windows\system32\DRIVERS\htcnprot.sys
20:20:38.0897 6872  htcnprot - ok
20:20:38.0934 6872  [ 871917B07A141BFF43D76D8844D48106 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
20:20:38.0974 6872  HTTP - ok
20:20:39.0002 6872  [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
20:20:39.0027 6872  hwpolicy - ok
20:20:39.0058 6872  [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
20:20:39.0093 6872  i8042prt - ok
20:20:39.0128 6872  [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV        C:\Windows\system32\drivers\iaStorV.sys
20:20:39.0152 6872  iaStorV - ok
20:20:39.0226 6872  [ DAF66902F08796F9C694901660E5A64A ] IDriverT        C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
20:20:39.0235 6872  IDriverT ( UnsignedFile.Multi.Generic ) - warning
20:20:39.0235 6872  IDriverT - detected UnsignedFile.Multi.Generic (1)
20:20:39.0278 6872  [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc          C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:20:39.0311 6872  idsvc - ok
20:20:39.0407 6872  [ 506801C7D47BE8CD1CF342BF28EB17EC ] IGDCTRL        C:\Program Files\FRITZ!DSL\IGDCTRL.EXE
20:20:39.0424 6872  IGDCTRL - ok
20:20:39.0457 6872  [ 4173FF5708F3236CF25195FECD742915 ] iirsp          C:\Windows\system32\DRIVERS\iirsp.sys
20:20:39.0475 6872  iirsp - ok
20:20:39.0545 6872  [ AD5DF6F4FBBC798636EDC66BFEC7D0DE ] IJPLMSVC        C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
20:20:39.0562 6872  IJPLMSVC - ok
20:20:39.0584 6872  [ F95622F161474511B8D80D6B093AA610 ] IKEEXT          C:\Windows\System32\ikeext.dll
20:20:39.0643 6872  IKEEXT - ok
20:20:39.0701 6872  [ 8AE99EBE30E8338907361018D9030835 ] IMFservice      C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
20:20:39.0731 6872  IMFservice - ok
20:20:39.0885 6872  [ 4E3F36F7704CBBCD1B32657491A1944F ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
20:20:39.0960 6872  IntcAzAudAddService - ok
20:20:39.0974 6872  [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide        C:\Windows\system32\drivers\intelide.sys
20:20:39.0993 6872  intelide - ok
20:20:40.0028 6872  [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
20:20:40.0071 6872  intelppm - ok
20:20:40.0116 6872  [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum      C:\Windows\system32\ipbusenum.dll
20:20:40.0152 6872  IPBusEnum - ok
20:20:40.0166 6872  [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:20:40.0222 6872  IpFilterDriver - ok
20:20:40.0299 6872  [ 4D65A07B795D6674312F879D09AA7663 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
20:20:40.0341 6872  iphlpsvc - ok
20:20:40.0379 6872  [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV        C:\Windows\system32\drivers\IPMIDrv.sys
20:20:40.0435 6872  IPMIDRV - ok
20:20:40.0454 6872  [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT          C:\Windows\system32\drivers\ipnat.sys
20:20:40.0492 6872  IPNAT - ok
20:20:40.0501 6872  [ 42996CFF20A3084A56017B7902307E9F ] IRENUM          C:\Windows\system32\drivers\irenum.sys
20:20:40.0526 6872  IRENUM - ok
20:20:40.0551 6872  [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
20:20:40.0571 6872  isapnp - ok
20:20:40.0595 6872  [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
20:20:40.0619 6872  iScsiPrt - ok
20:20:40.0634 6872  [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
20:20:40.0653 6872  kbdclass - ok
20:20:40.0668 6872  [ 3D9F0EBF350EDCFD6498057301455964 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
20:20:40.0690 6872  kbdhid - ok
20:20:40.0703 6872  [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso          C:\Windows\system32\lsass.exe
20:20:40.0726 6872  KeyIso - ok
20:20:40.0753 6872  [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
20:20:40.0775 6872  KSecDD - ok
20:20:40.0792 6872  [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg        C:\Windows\system32\Drivers\ksecpkg.sys
20:20:40.0814 6872  KSecPkg - ok
20:20:40.0838 6872  [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm          C:\Windows\system32\msdtckrm.dll
20:20:40.0880 6872  KtmRm - ok
20:20:40.0904 6872  [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer    C:\Windows\system32\srvsvc.dll
20:20:40.0958 6872  LanmanServer - ok
20:20:40.0988 6872  [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:20:41.0052 6872  LanmanWorkstation - ok
20:20:41.0091 6872  Lbd - ok
20:20:41.0106 6872  lgbusenum - ok
20:20:41.0123 6872  [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
20:20:41.0159 6872  lltdio - ok
20:20:41.0186 6872  [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc        C:\Windows\System32\lltdsvc.dll
20:20:41.0236 6872  lltdsvc - ok
20:20:41.0253 6872  [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts        C:\Windows\System32\lmhsvc.dll
20:20:41.0291 6872  lmhosts - ok
20:20:41.0337 6872  [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
20:20:41.0357 6872  LSI_FC - ok
20:20:41.0366 6872  [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS        C:\Windows\system32\DRIVERS\lsi_sas.sys
20:20:41.0387 6872  LSI_SAS - ok
20:20:41.0405 6872  [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
20:20:41.0425 6872  LSI_SAS2 - ok
20:20:41.0443 6872  [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
20:20:41.0463 6872  LSI_SCSI - ok
20:20:41.0487 6872  [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv          C:\Windows\system32\drivers\luafv.sys
20:20:41.0527 6872  luafv - ok
20:20:41.0559 6872  [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc        C:\Windows\system32\Mcx2Svc.dll
20:20:41.0584 6872  Mcx2Svc - ok
20:20:41.0599 6872  [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas        C:\Windows\system32\DRIVERS\megasas.sys
20:20:41.0619 6872  megasas - ok
20:20:41.0638 6872  [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
20:20:41.0661 6872  MegaSR - ok
20:20:41.0682 6872  MEMSWEEP2 - ok
20:20:41.0743 6872  MFE_RR - ok
20:20:41.0761 6872  [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS          C:\Windows\system32\mmcss.dll
20:20:41.0815 6872  MMCSS - ok
20:20:41.0840 6872  [ F001861E5700EE84E2D4E52C712F4964 ] Modem          C:\Windows\system32\drivers\modem.sys
20:20:41.0892 6872  Modem - ok
20:20:41.0921 6872  [ 79D10964DE86B292320E9DFE02282A23 ] monitor        C:\Windows\system32\DRIVERS\monitor.sys
20:20:41.0966 6872  monitor - ok
20:20:41.0973 6872  motandroidusb - ok
20:20:42.0012 6872  [ F55572B150DB90CDBD95038ED287EB50 ] motccgp        C:\Windows\system32\DRIVERS\motccgp.sys
20:20:42.0135 6872  motccgp - ok
20:20:42.0197 6872  [ 1B3720C4D16904756D49EF306706B978 ] motccgpfl      C:\Windows\system32\DRIVERS\motccgpfl.sys
20:20:42.0248 6872  motccgpfl - ok
20:20:42.0261 6872  MotDev - ok
20:20:42.0282 6872  [ B5DF98B8FD04204F4571FE0161288B98 ] motmodem        C:\Windows\system32\DRIVERS\motmodem.sys
20:20:42.0347 6872  motmodem - ok
20:20:42.0399 6872  [ A8FD4605AACF006BBA3B2B90AC9565B2 ] Motorola Device Manager C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
20:20:42.0416 6872  Motorola Device Manager - ok
20:20:42.0436 6872  [ 140176B235722B6B92B56910ACDF3CC0 ] MotoSwitchService C:\Windows\system32\DRIVERS\motswch.sys
20:20:42.0459 6872  MotoSwitchService - ok
20:20:42.0469 6872  [ 28938D6403C55289B7670798C075EF02 ] Motousbnet      C:\Windows\system32\DRIVERS\Motousbnet.sys
20:20:42.0505 6872  Motousbnet - ok
20:20:42.0523 6872  [ F780C53D98A0AAD28F5B7403B184AEA1 ] motusbdevice    C:\Windows\system32\DRIVERS\motusbdevice.sys
20:20:42.0581 6872  motusbdevice - ok
20:20:42.0600 6872  [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass        C:\Windows\system32\drivers\mouclass.sys
20:20:42.0620 6872  mouclass - ok
20:20:42.0637 6872  [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
20:20:42.0662 6872  mouhid - ok
20:20:42.0680 6872  [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
20:20:42.0698 6872  mountmgr - ok
20:20:42.0732 6872  [ 4D7F2682D29B92A6251B17957AA0B985 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
20:20:42.0750 6872  MozillaMaintenance - ok
20:20:42.0771 6872  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio            C:\Windows\system32\drivers\mpio.sys
20:20:42.0792 6872  mpio - ok
20:20:42.0813 6872  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
20:20:42.0848 6872  mpsdrv - ok
20:20:42.0886 6872  [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc          C:\Windows\system32\mpssvc.dll
20:20:43.0065 6872  MpsSvc - ok
20:20:43.0103 6872  [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
20:20:43.0129 6872  MRxDAV - ok
20:20:43.0152 6872  [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
20:20:43.0176 6872  mrxsmb - ok
20:20:43.0204 6872  [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:20:43.0246 6872  mrxsmb10 - ok
20:20:43.0264 6872  [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:20:43.0285 6872  mrxsmb20 - ok
20:20:43.0295 6872  [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci          C:\Windows\system32\drivers\msahci.sys
20:20:43.0315 6872  msahci - ok
20:20:43.0344 6872  [ 55055F8AD8BE27A64C831322A780A228 ] msdsm          C:\Windows\system32\drivers\msdsm.sys
20:20:43.0467 6872  msdsm - ok
20:20:43.0490 6872  [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC          C:\Windows\System32\msdtc.exe
20:20:43.0729 6872  MSDTC - ok
20:20:43.0779 6872  [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs            C:\Windows\system32\drivers\Msfs.sys
20:20:43.0816 6872  Msfs - ok
20:20:43.0830 6872  [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf      C:\Windows\System32\drivers\mshidkmdf.sys
20:20:43.0866 6872  mshidkmdf - ok
20:20:43.0876 6872  [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
20:20:43.0895 6872  msisadrv - ok
20:20:43.0930 6872  [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI        C:\Windows\system32\iscsiexe.dll
20:20:43.0967 6872  MSiSCSI - ok
20:20:43.0977 6872  msiserver - ok
20:20:44.0003 6872  [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV        C:\Windows\system32\drivers\MSKSSRV.sys
20:20:44.0060 6872  MSKSSRV - ok
20:20:44.0066 6872  [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
20:20:44.0102 6872  MSPCLOCK - ok
20:20:44.0131 6872  [ F456E973590D663B1073E9C463B40932 ] MSPQM          C:\Windows\system32\drivers\MSPQM.sys
20:20:44.0166 6872  MSPQM - ok
20:20:44.0185 6872  [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC          C:\Windows\system32\drivers\MsRPC.sys
20:20:44.0207 6872  MsRPC - ok
20:20:44.0227 6872  [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
20:20:44.0249 6872  mssmbios - ok
20:20:44.0256 6872  [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE          C:\Windows\system32\drivers\MSTEE.sys
20:20:44.0291 6872  MSTEE - ok
20:20:44.0322 6872  [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
20:20:44.0343 6872  MTConfig - ok
20:20:44.0361 6872  [ 159FAD02F64E6381758C990F753BCC80 ] Mup            C:\Windows\system32\Drivers\mup.sys
20:20:44.0380 6872  Mup - ok
20:20:44.0410 6872  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent        C:\Windows\system32\qagentRT.dll
20:20:44.0468 6872  napagent - ok
20:20:44.0522 6872  [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP    C:\Windows\system32\DRIVERS\nwifi.sys
20:20:44.0565 6872  NativeWifiP - ok
20:20:44.0605 6872  [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS            C:\Windows\system32\drivers\ndis.sys
20:20:44.0637 6872  NDIS - ok
20:20:44.0656 6872  [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap        C:\Windows\system32\DRIVERS\ndiscap.sys
20:20:44.0691 6872  NdisCap - ok
20:20:44.0719 6872  [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
20:20:44.0752 6872  NdisTapi - ok
20:20:44.0780 6872  [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio        C:\Windows\system32\DRIVERS\ndisuio.sys
20:20:44.0815 6872  Ndisuio - ok
20:20:44.0828 6872  [ 38FBE267E7E6983311179230FACB1017 ] NdisWan        C:\Windows\system32\DRIVERS\ndiswan.sys
20:20:44.0875 6872  NdisWan - ok
20:20:44.0910 6872  [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy        C:\Windows\system32\drivers\NDProxy.sys
20:20:44.0992 6872  NDProxy - ok
20:20:45.0026 6872  [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS        C:\Windows\system32\DRIVERS\netbios.sys
20:20:45.0111 6872  NetBIOS - ok
20:20:45.0138 6872  [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT          C:\Windows\system32\DRIVERS\netbt.sys
20:20:45.0194 6872  NetBT - ok
20:20:45.0209 6872  [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon        C:\Windows\system32\lsass.exe
20:20:45.0254 6872  Netlogon - ok
20:20:45.0309 6872  [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman          C:\Windows\System32\netman.dll
20:20:45.0376 6872  Netman - ok
20:20:45.0417 6872  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:20:45.0451 6872  NetMsmqActivator - ok
20:20:45.0458 6872  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:20:45.0476 6872  NetPipeActivator - ok
20:20:45.0500 6872  [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm        C:\Windows\System32\netprofm.dll
20:20:45.0610 6872  netprofm - ok
20:20:45.0622 6872  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:20:45.0642 6872  NetTcpActivator - ok
20:20:45.0648 6872  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
20:20:45.0678 6872  NetTcpPortSharing - ok
20:20:45.0717 6872  [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960        C:\Windows\system32\DRIVERS\nfrd960.sys
20:20:45.0748 6872  nfrd960 - ok
20:20:45.0774 6872  [ 912084381D30D8B89EC4E293053F4710 ] NlaSvc          C:\Windows\System32\nlasvc.dll
20:20:45.0829 6872  NlaSvc - ok
20:20:45.0881 6872  [ 712BC0C22BA00B2BA324C6B8DF668EE7 ] nmwcd          C:\Windows\system32\drivers\ccdcmb.sys
20:20:45.0933 6872  nmwcd - ok
20:20:45.0980 6872  [ 7312987B6CCDE6F6CEE32C14BED1CA2E ] nmwcdc          C:\Windows\system32\drivers\ccdcmbo.sys
20:20:46.0030 6872  nmwcdc - ok
20:20:46.0042 6872  [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
20:20:46.0080 6872  Npfs - ok
20:20:46.0113 6872  [ BA387E955E890C8A88306D9B8D06BF17 ] nsi            C:\Windows\system32\nsisvc.dll
20:20:46.0153 6872  nsi - ok
20:20:46.0161 6872  [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
20:20:46.0196 6872  nsiproxy - ok
20:20:46.0242 6872  [ 0D87503986BB3DFED58E343FE39DDE13 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
20:20:46.0295 6872  Ntfs - ok
20:20:46.0310 6872  [ F9756A98D69098DCA8945D62858A812C ] Null            C:\Windows\system32\drivers\Null.sys
20:20:46.0345 6872  Null - ok
20:20:46.0366 6872  [ DD1D4DBA6223A8F512AC4301D4270A7A ] nvamacpi        C:\Windows\system32\DRIVERS\NVAMACPI.sys
20:20:46.0382 6872  nvamacpi - ok
20:20:46.0585 6872  [ 73A70F1D89C942EEDD99A3F10459B051 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
20:20:46.0983 6872  nvlddmkm - ok
20:20:47.0038 6872  [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
20:20:47.0065 6872  nvraid - ok
20:20:47.0096 6872  [ F13618F0CB1E95232F4C2401592A59E9 ] nvsmu          C:\Windows\system32\DRIVERS\nvsmu.sys
20:20:47.0141 6872  nvsmu - ok
20:20:47.0161 6872  [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
20:20:47.0182 6872  nvstor - ok
20:20:47.0208 6872  [ 032EF66DD96692AD3A9D36160F467F67 ] nvstor32        C:\Windows\system32\DRIVERS\nvstor32.sys
20:20:47.0227 6872  nvstor32 - ok
20:20:47.0245 6872  [ 538A52E480C816D1990579A8FAAFFA20 ] nvsvc          C:\Windows\system32\nvvsvc.exe
20:20:47.0274 6872  nvsvc - ok
20:20:47.0299 6872  [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
20:20:47.0324 6872  nv_agp - ok
20:20:47.0356 6872  [ F1A718C6C6CD3EDF157FA3D459ADFEF7 ] NW1950          C:\Windows\system32\DRIVERS\NW1950.sys
20:20:47.0372 6872  NW1950 - ok
20:20:47.0589 6872  [ 953E08D5CA0B02697A8145AAA0CA28BE ] NxpCap          C:\Windows\system32\DRIVERS\NxpCap.sys
20:20:47.0698 6872  NxpCap - ok
20:20:47.0714 6872  [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
20:20:47.0751 6872  ohci1394 - ok
20:20:47.0788 6872  [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose            C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:20:47.0806 6872  ose - ok
20:20:47.0848 6872  [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
20:20:47.0907 6872  p2pimsvc - ok
20:20:47.0949 6872  [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc          C:\Windows\system32\p2psvc.dll
20:20:47.0992 6872  p2psvc - ok
20:20:48.0014 6872  [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport        C:\Windows\system32\DRIVERS\parport.sys
20:20:48.0041 6872  Parport - ok
20:20:48.0069 6872  [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr        C:\Windows\system32\drivers\partmgr.sys
20:20:48.0091 6872  partmgr - ok
20:20:48.0115 6872  [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm          C:\Windows\system32\DRIVERS\parvdm.sys
20:20:48.0149 6872  Parvdm - ok
20:20:48.0216 6872  [ AFADA8B97BE3C9398DC6C770409C3544 ] PassThru Service C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
20:20:48.0225 6872  PassThru Service ( UnsignedFile.Multi.Generic ) - warning
20:20:48.0225 6872  PassThru Service - detected UnsignedFile.Multi.Generic (1)
20:20:48.0244 6872  [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc          C:\Windows\System32\pcasvc.dll
20:20:48.0271 6872  PcaSvc - ok
20:20:48.0300 6872  [ FD2041E9BA03DB7764B2248F02475079 ] pccsmcfd        C:\Windows\system32\DRIVERS\pccsmcfd.sys
20:20:48.0331 6872  pccsmcfd - ok
20:20:48.0361 6872  [ 673E55C3498EB970088E812EA820AA8F ] pci            C:\Windows\system32\drivers\pci.sys
20:20:48.0382 6872  pci - ok
20:20:48.0396 6872  [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide          C:\Windows\system32\drivers\pciide.sys
20:20:48.0414 6872  pciide - ok
20:20:48.0435 6872  [ F396431B31693E71E8A80687EF523506 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
20:20:48.0457 6872  pcmcia - ok
20:20:48.0487 6872  [ 250F6B43D2B613172035C6747AEEB19F ] pcw            C:\Windows\system32\drivers\pcw.sys
20:20:48.0506 6872  pcw - ok
20:20:48.0578 6872  [ 20025B31C1FC8FFEA50711C85E1A9859 ] PDAgent        C:\Program Files\Raxco\PerfectDisk10\PDAgent.exe
20:20:48.0617 6872  PDAgent - ok
20:20:48.0657 6872  [ 0B2CF6201D0BB6D156A1957742828207 ] PDEngine        C:\Program Files\Raxco\PerfectDisk10\PDEngine.exe
20:20:48.0690 6872  PDEngine - ok
20:20:48.0715 6872  [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
20:20:48.0766 6872  PEAUTH - ok
20:20:48.0830 6872  [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla            C:\Windows\system32\pla.dll
20:20:48.0911 6872  pla - ok
20:20:48.0942 6872  [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
20:20:48.0982 6872  PlugPlay - ok
20:20:49.0006 6872  [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg    C:\Windows\system32\pnrpauto.dll
20:20:49.0035 6872  PNRPAutoReg - ok
20:20:49.0051 6872  [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc        C:\Windows\system32\pnrpsvc.dll
20:20:49.0081 6872  PNRPsvc - ok
20:20:49.0109 6872  [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent    C:\Windows\System32\ipsecsvc.dll
20:20:49.0149 6872  PolicyAgent - ok
20:20:49.0177 6872  [ F87D30E72E03D579A5199CCB3831D6EA ] Power          C:\Windows\system32\umpo.dll
20:20:49.0216 6872  Power - ok
20:20:49.0226 6872  [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
20:20:49.0269 6872  PptpMiniport - ok
20:20:49.0286 6872  [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor      C:\Windows\system32\DRIVERS\processr.sys
20:20:49.0344 6872  Processor - ok
20:20:49.0387 6872  [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc        C:\Windows\system32\profsvc.dll
20:20:49.0425 6872  ProfSvc - ok
20:20:49.0436 6872  [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
20:20:49.0461 6872  ProtectedStorage - ok
20:20:49.0481 6872  [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
20:20:49.0528 6872  Psched - ok
20:20:49.0561 6872  [ D24DFD16A1E2A76034DF5AA18125C35D ] PSI            C:\Windows\system32\DRIVERS\psi_mf.sys
20:20:49.0578 6872  PSI - ok
20:20:49.0633 6872  [ EA735BF6DF13A857A83C99BF27A422AD ] PST Service    C:\Program Files\Motorola\MotForwardDaemon\ForwardDaemon.exe
20:20:49.0660 6872  PST Service ( UnsignedFile.Multi.Generic ) - warning
20:20:49.0660 6872  PST Service - detected UnsignedFile.Multi.Generic (1)
20:20:49.0688 6872  [ E42E3433DBB4CFFE8FDD91EAB29AEA8E ] PxHelp20        C:\Windows\system32\Drivers\PxHelp20.sys
20:20:49.0711 6872  PxHelp20 - ok
20:20:49.0747 6872  [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
20:20:49.0791 6872  ql2300 - ok
20:20:49.0809 6872  [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
20:20:49.0830 6872  ql40xx - ok
20:20:49.0854 6872  [ 31AC809E7707EB580B2BDB760390765A ] QWAVE          C:\Windows\system32\qwave.dll
20:20:49.0883 6872  QWAVE - ok
20:20:49.0899 6872  [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
20:20:49.0923 6872  QWAVEdrv - ok
20:20:49.0961 6872  [ 8F97D374AD1857E1EED85A79F29A1D3D ] RapiMgr        C:\Windows\WindowsMobile\rapimgr.dll
20:20:49.0981 6872  RapiMgr - ok
20:20:49.0989 6872  [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
20:20:50.0029 6872  RasAcd - ok
20:20:50.0051 6872  [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn    C:\Windows\system32\DRIVERS\AgileVpn.sys
20:20:50.0087 6872  RasAgileVpn - ok
20:20:50.0095 6872  [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto        C:\Windows\System32\rasauto.dll
20:20:50.0134 6872  RasAuto - ok
20:20:50.0164 6872  [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp        C:\Windows\system32\DRIVERS\rasl2tp.sys
20:20:50.0200 6872  Rasl2tp - ok
20:20:50.0228 6872  [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan          C:\Windows\System32\rasmans.dll
20:20:50.0282 6872  RasMan - ok
20:20:50.0306 6872  [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
20:20:50.0358 6872  RasPppoe - ok
20:20:50.0384 6872  [ 44101F495A83EA6401D886E7FD70096B ] RasSstp        C:\Windows\system32\DRIVERS\rassstp.sys
20:20:50.0418 6872  RasSstp - ok
20:20:50.0440 6872  [ D528BC58A489409BA40334EBF96A311B ] rdbss          C:\Windows\system32\DRIVERS\rdbss.sys
20:20:50.0476 6872  rdbss - ok
20:20:50.0502 6872  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
20:20:50.0525 6872  rdpbus - ok
20:20:50.0542 6872  [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
20:20:50.0593 6872  RDPCDD - ok
20:20:50.0632 6872  [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
20:20:50.0665 6872  RDPENCDD - ok
20:20:50.0676 6872  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
20:20:50.0709 6872  RDPREFMP - ok
20:20:50.0732 6872  [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD          C:\Windows\system32\drivers\RDPWD.sys
20:20:50.0754 6872  RDPWD - ok
20:20:50.0780 6872  [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
20:20:50.0802 6872  rdyboost - ok
20:20:50.0871 6872  [ 169C4D45DFCFC2E1027CFBFC2015F142 ] RegFilter      C:\Program Files\IObit\IObit Malware Fighter\drivers\win7_x86\regfilter.sys
20:20:50.0891 6872  RegFilter - ok
20:20:50.0911 6872  [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess    C:\Windows\System32\mprdim.dll
20:20:50.0966 6872  RemoteAccess - ok
20:20:50.0986 6872  [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
20:20:51.0047 6872  RemoteRegistry - ok
20:20:51.0117 6872  [ F12A68ED55053940CADD59CA5E3468DD ] RichVideo      C:\Program Files\CyberLink\Shared files\RichVideo.exe
20:20:51.0141 6872  RichVideo ( UnsignedFile.Multi.Generic ) - warning
20:20:51.0142 6872  RichVideo - detected UnsignedFile.Multi.Generic (1)
20:20:51.0156 6872  [ 564297827D213F52C7A3A2FF749568CA ] ROOTMODEM      C:\Windows\system32\Drivers\RootMdm.sys
20:20:51.0208 6872  ROOTMODEM - ok
20:20:51.0231 6872  [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
20:20:51.0270 6872  RpcEptMapper - ok
20:20:51.0290 6872  [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator      C:\Windows\system32\locator.exe
20:20:51.0314 6872  RpcLocator - ok
20:20:51.0329 6872  [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs          C:\Windows\system32\rpcss.dll
20:20:51.0376 6872  RpcSs - ok
20:20:51.0384 6872  [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
20:20:51.0420 6872  rspndr - ok
20:20:51.0455 6872  [ 5283B9A27FF230F2FF70D92451FF409A ] RTL8167        C:\Windows\system32\DRIVERS\Rt86win7.sys
20:20:51.0478 6872  RTL8167 - ok
20:20:51.0519 6872  [ B5E9979FBB26FC059BD87A81F763D5DA ] rtl8192se      C:\Windows\system32\DRIVERS\rtl8192se.sys
20:20:51.0553 6872  rtl8192se - ok
20:20:51.0570 6872  [ 81951F51E318AECC2D68559E47485CC4 ] SamSs          C:\Windows\system32\lsass.exe
20:20:51.0594 6872  SamSs - ok
20:20:51.0681 6872  [ 230FD3749904CA045EA5EC0AA14006E9 ] SANDRA          C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011b\WNt500x86\Sandra.sys
20:20:51.0710 6872  SANDRA - ok
20:20:51.0740 6872  [ A740F0412A3C994FB3BC1871B79E46CF ] SandraAgentSrv  C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011b\RpcAgentSrv.exe
20:20:51.0750 6872  SandraAgentSrv ( UnsignedFile.Multi.Generic ) - warning
20:20:51.0751 6872  SandraAgentSrv - detected UnsignedFile.Multi.Generic (1)
20:20:51.0790 6872  [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
20:20:51.0810 6872  sbp2port - ok
20:20:51.0827 6872  SBRE - ok
20:20:51.0886 6872  [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService  C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
20:20:51.0922 6872  SBSDWSCService - ok
20:20:51.0945 6872  [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
20:20:51.0983 6872  SCardSvr - ok
20:20:52.0012 6872  [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
20:20:52.0059 6872  scfilter - ok
20:20:52.0094 6872  [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule        C:\Windows\system32\schedsvc.dll
20:20:52.0159 6872  Schedule - ok
20:20:52.0188 6872  [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc    C:\Windows\System32\certprop.dll
20:20:52.0224 6872  SCPolicySvc - ok
20:20:52.0259 6872  [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
20:20:52.0309 6872  SDRSVC - ok
20:20:52.0338 6872  [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
20:20:52.0387 6872  secdrv - ok
20:20:52.0441 6872  [ A59B3A4442C52060CC7A85293AA3546F ] seclogon        C:\Windows\system32\seclogon.dll
20:20:52.0528 6872  seclogon - ok
20:20:52.0631 6872  [ 456B0B5844575714DB0370742CBB7A88 ] Secunia PSI Agent C:\Program Files\Secunia\PSI\PSIA.exe
20:20:52.0675 6872  Secunia PSI Agent - ok
20:20:52.0719 6872  [ E5C9695967B022317BB1D96BC15CFDA0 ] Secunia Update Agent C:\Program Files\Secunia\PSI\sua.exe
20:20:52.0739 6872  Secunia Update Agent - ok
20:20:52.0817 6872  [ DCB7FCDCC97F87360F75D77425B81737 ] SENS            C:\Windows\System32\sens.dll
20:20:53.0227 6872  SENS - ok
20:20:53.0253 6872  [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc        C:\Windows\system32\sensrsvc.dll
20:20:53.0415 6872  SensrSvc - ok
20:20:53.0450 6872  [ AC1F2A09B76B57356F906EEDA43CCC2A ] Ser2pl          C:\Windows\system32\DRIVERS\ser2pl.sys
20:20:53.0503 6872  Ser2pl - ok
20:20:53.0522 6872  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum        C:\Windows\system32\DRIVERS\serenum.sys
20:20:53.0565 6872  Serenum - ok
20:20:53.0600 6872  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
20:20:53.0631 6872  Serial - ok
20:20:53.0650 6872  [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
20:20:53.0670 6872  sermouse - ok
20:20:53.0710 6872  [ 12B41D84A4D058ADC60853C365DBFCCA ] ServiceLayer    C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
20:20:53.0728 6872  ServiceLayer ( UnsignedFile.Multi.Generic ) - warning
20:20:53.0728 6872  ServiceLayer - detected UnsignedFile.Multi.Generic (1)
20:20:53.0769 6872  [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv      C:\Windows\system32\sessenv.dll
20:20:53.0827 6872  SessionEnv - ok
20:20:53.0850 6872  [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk        C:\Windows\system32\drivers\sffdisk.sys
20:20:53.0870 6872  sffdisk - ok
20:20:53.0877 6872  [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
20:20:53.0898 6872  sffp_mmc - ok
20:20:53.0907 6872  [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd        C:\Windows\system32\drivers\sffp_sd.sys
20:20:53.0929 6872  sffp_sd - ok
20:20:53.0953 6872  [ DB96666CC8312EBC45032F30B007A547 ] sfloppy        C:\Windows\system32\DRIVERS\sfloppy.sys
20:20:53.0977 6872  sfloppy - ok
20:20:54.0003 6872  [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
20:20:54.0066 6872  SharedAccess - ok
20:20:54.0095 6872  [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:20:54.0146 6872  ShellHWDetection - ok
20:20:54.0175 6872  [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp          C:\Windows\system32\drivers\sisagp.sys
20:20:54.0197 6872  sisagp - ok
20:20:54.0245 6872  [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
20:20:54.0280 6872  SiSRaid2 - ok
20:20:54.0293 6872  [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
20:20:54.0313 6872  SiSRaid4 - ok
20:20:54.0466 6872  [ 753D254205E0A62100A050BD8B458D06 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
20:20:54.0647 6872  Skype C2C Service - ok
20:20:54.0716 6872  [ EA396139541706B4B433641D62EA53CE ] SkypeUpdate    C:\Program Files\Skype\Updater\Updater.exe
20:20:54.0746 6872  SkypeUpdate - ok
20:20:54.0767 6872  [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb            C:\Windows\system32\DRIVERS\smb.sys
20:20:54.0802 6872  Smb - ok
20:20:54.0831 6872  [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
20:20:54.0856 6872  SNMPTRAP - ok
20:20:54.0897 6872  [ 5177D14A78E60FD61DCFC6B388E7E971 ] Sony PC Companion C:\Program Files\Sony\Sony PC Companion\PCCService.exe
20:20:54.0914 6872  Sony PC Companion - ok
20:20:54.0920 6872  [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr          C:\Windows\system32\drivers\spldr.sys
20:20:54.0942 6872  spldr - ok
20:20:54.0972 6872  [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler        C:\Windows\System32\spoolsv.exe
20:20:55.0001 6872  Spooler - ok
20:20:55.0071 6872  [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc          C:\Windows\system32\sppsvc.exe
20:20:55.0143 6872  sppsvc - ok
20:20:55.0173 6872  [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify    C:\Windows\system32\sppuinotify.dll
20:20:55.0226 6872  sppuinotify - ok
20:20:55.0262 6872  [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv            C:\Windows\system32\DRIVERS\srv.sys
20:20:55.0287 6872  srv - ok
20:20:55.0309 6872  [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
20:20:55.0346 6872  srv2 - ok
20:20:55.0407 6872  [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
20:20:55.0430 6872  srvnet - ok
20:20:55.0447 6872  [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV        C:\Windows\System32\ssdpsrv.dll
20:20:55.0488 6872  SSDPSRV - ok
20:20:55.0504 6872  [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc        C:\Windows\system32\sstpsvc.dll
20:20:55.0545 6872  SstpSvc - ok
20:20:55.0575 6872  [ BCB4E273147AFCAFDFC0DA59AF9E6E25 ] ssudmdm        C:\Windows\system32\DRIVERS\ssudmdm.sys
20:20:55.0595 6872  ssudmdm - ok
20:20:55.0633 6872  [ A651B8D404FB1C0DA03FDC6549E35750 ] ssudserd        C:\Windows\system32\DRIVERS\ssudserd.sys
20:20:55.0652 6872  ssudserd - ok
20:20:55.0701 6872  [ 329EBFCE6BA46C29EA1B8624E7823CAD ] Start BT in service C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe
20:20:55.0728 6872  Start BT in service - ok
20:20:55.0756 6872  [ DB32D325C192B801DF274BFD12A7E72B ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
20:20:55.0774 6872  stexstor - ok
20:20:55.0804 6872  [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc          C:\Windows\System32\wiaservc.dll
20:20:55.0856 6872  StiSvc - ok
20:20:55.0888 6872  [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum          C:\Windows\system32\drivers\swenum.sys
20:20:55.0907 6872  swenum - ok
20:20:55.0921 6872  [ A28BD92DF340E57B024BA433165D34D7 ] swprv          C:\Windows\System32\swprv.dll
20:20:55.0973 6872  swprv - ok
20:20:56.0015 6872  [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain        C:\Windows\system32\sysmain.dll
20:20:56.0079 6872  SysMain - ok
20:20:56.0099 6872  [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:20:56.0137 6872  TabletInputService - ok
20:20:56.0171 6872  [ 613BF4820361543956909043A265C6AC ] TapiSrv        C:\Windows\System32\tapisrv.dll
20:20:56.0214 6872  TapiSrv - ok
20:20:56.0232 6872  [ B799D9FDB26111737F58288D8DC172D9 ] TBS            C:\Windows\System32\tbssvc.dll
20:20:56.0282 6872  TBS - ok
20:20:56.0340 6872  [ A5EBB8F648000E88B7D9390B514976BF ] Tcpip          C:\Windows\system32\drivers\tcpip.sys
20:20:56.0386 6872  Tcpip - ok
20:20:56.0417 6872  [ A5EBB8F648000E88B7D9390B514976BF ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
20:20:56.0455 6872  TCPIP6 - ok
20:20:56.0475 6872  [ CCA24162E055C3714CE5A88B100C64ED ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
20:20:56.0509 6872  tcpipreg - ok
20:20:56.0541 6872  [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
20:20:56.0579 6872  TDPIPE - ok
20:20:56.0603 6872  [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP          C:\Windows\system32\drivers\tdtcp.sys
20:20:56.0641 6872  TDTCP - ok
20:20:56.0672 6872  [ B459575348C20E8121D6039DA063C704 ] tdx            C:\Windows\system32\DRIVERS\tdx.sys
20:20:56.0723 6872  tdx - ok
20:20:56.0730 6872  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD          C:\Windows\system32\drivers\termdd.sys
20:20:56.0750 6872  TermDD - ok
20:20:56.0786 6872  [ 382C804C92811BE57829D8E550A900E2 ] TermService    C:\Windows\System32\termsrv.dll
20:20:56.0845 6872  TermService - ok
20:20:56.0864 6872  [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes          C:\Windows\system32\themeservice.dll
20:20:56.0909 6872  Themes - ok
20:20:56.0939 6872  [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER    C:\Windows\system32\mmcss.dll
20:20:56.0975 6872  THREADORDER - ok
20:20:57.0032 6872  [ 3199A477F0F06EEDE41BD55179F8EB05 ] TomTomHOMEService C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
20:20:57.0050 6872  TomTomHOMEService - ok
20:20:57.0069 6872  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks          C:\Windows\System32\trkwks.dll
20:20:57.0122 6872  TrkWks - ok
20:20:57.0172 6872  [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:20:57.0219 6872  TrustedInstaller - ok
20:20:57.0234 6872  [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
20:20:57.0267 6872  tssecsrv - ok
20:20:57.0288 6872  [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
20:20:57.0319 6872  TsUsbFlt - ok
20:20:57.0357 6872  [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
20:20:57.0410 6872  tunnel - ok
20:20:57.0445 6872  [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
20:20:57.0468 6872  uagp35 - ok
20:20:57.0497 6872  [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
20:20:57.0542 6872  udfs - ok
20:20:57.0567 6872  [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect      C:\Windows\system32\UI0Detect.exe
20:20:57.0596 6872  UI0Detect - ok
20:20:57.0625 6872  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
20:20:57.0645 6872  uliagpkx - ok
20:20:57.0652 6872  [ D295BED4B898F0FD999FCFA9B32B071B ] umbus          C:\Windows\system32\DRIVERS\umbus.sys
20:20:57.0689 6872  umbus - ok
20:20:57.0712 6872  [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
20:20:57.0732 6872  UmPass - ok
20:20:57.0748 6872  [ 833FBB672460EFCE8011D262175FAD33 ] upnphost        C:\Windows\System32\upnphost.dll
20:20:57.0789 6872  upnphost - ok
20:20:57.0815 6872  [ 7062ED67A10F1C83B2AB951736E24F11 ] upperdev        C:\Windows\system32\DRIVERS\usbser_lowerflt.sys
20:20:57.0867 6872  upperdev - ok
20:20:57.0902 6872  [ BAD56000F6F64C8E98F67DAFE6EB7444 ] UrlFilter      C:\Program Files\IObit\IObit Malware Fighter\drivers\win7_x86\UrlFilter.sys
20:20:57.0919 6872  UrlFilter - ok
20:20:57.0927 6872  usbbus - ok
20:20:57.0946 6872  [ 8455C4ED038EFD09E99327F9D2D48FFA ] usbccgp        C:\Windows\system32\DRIVERS\usbccgp.sys
20:20:57.0992 6872  usbccgp - ok
20:20:58.0020 6872  [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
20:20:58.0086 6872  usbcir - ok
20:20:58.0094 6872  UsbDiag - ok
20:20:58.0136 6872  [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci        C:\Windows\system32\DRIVERS\usbehci.sys
20:20:58.0157 6872  usbehci - ok
20:20:58.0196 6872  [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
20:20:58.0222 6872  usbhub - ok
20:20:58.0239 6872  USBModem - ok
20:20:58.0262 6872  [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci        C:\Windows\system32\DRIVERS\usbohci.sys
20:20:58.0282 6872  usbohci - ok
20:20:58.0321 6872  [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
20:20:58.0344 6872  usbprint - ok
20:20:58.0372 6872  [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan        C:\Windows\system32\DRIVERS\usbscan.sys
20:20:58.0422 6872  usbscan - ok
20:20:58.0496 6872  [ B76D8039F5B595C4CA551B3D5DD15A98 ] UsbserFilt      C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys
20:20:58.0603 6872  UsbserFilt - ok
20:20:58.0629 6872  [ D8889D56E0D27E57ED4591837FE71D27 ] USBSTOR        C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:20:58.0656 6872  USBSTOR - ok
20:20:58.0675 6872  [ 78780C3EBCE17405B1CCD07A3A8A7D72 ] usbuhci        C:\Windows\system32\DRIVERS\usbuhci.sys
20:20:58.0696 6872  usbuhci - ok
20:20:58.0718 6872  [ F642A7E4BF78CFA359CCA0A3557C28D7 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
20:20:58.0743 6872  usbvideo - ok
20:20:58.0772 6872  [ D82F43D15FDAA666856C0190CB73E7C9 ] usb_rndisx      C:\Windows\system32\drivers\usb8023x.sys
20:20:58.0793 6872  usb_rndisx - ok
20:20:58.0812 6872  [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms          C:\Windows\System32\uxsms.dll
20:20:58.0850 6872  UxSms - ok
20:20:58.0869 6872  [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc        C:\Windows\system32\lsass.exe
20:20:58.0891 6872  VaultSvc - ok
20:20:58.0913 6872  [ 025C2A8CBA0AB595D3461D278EFF5793 ] VComm          C:\Windows\system32\DRIVERS\VComm.sys
20:20:58.0929 6872  VComm - ok
20:20:58.0963 6872  [ 95DDF14292354887D7D8C8A0881C7485 ] VcommMgr        C:\Windows\system32\Drivers\VcommMgr.sys
20:20:58.0978 6872  VcommMgr - ok
20:20:59.0010 6872  [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
20:20:59.0036 6872  vdrvroot - ok
20:20:59.0073 6872  [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds            C:\Windows\System32\vds.exe
20:20:59.0132 6872  vds - ok
20:20:59.0158 6872  [ 17C408214EA61696CEC9C66E388B14F3 ] vga            C:\Windows\system32\DRIVERS\vgapnp.sys
20:20:59.0181 6872  vga - ok
20:20:59.0198 6872  [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave        C:\Windows\System32\drivers\vga.sys
20:20:59.0233 6872  VgaSave - ok
20:20:59.0253 6872  [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp          C:\Windows\system32\drivers\vhdmp.sys
20:20:59.0275 6872  vhdmp - ok
20:20:59.0306 6872  [ C829317A37B4BEA8F39735D4B076E923 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
20:20:59.0325 6872  viaagp - ok
20:20:59.0344 6872  [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7          C:\Windows\system32\DRIVERS\viac7.sys
20:20:59.0370 6872  ViaC7 - ok
20:20:59.0381 6872  [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide          C:\Windows\system32\drivers\viaide.sys
20:20:59.0407 6872  viaide - ok
20:20:59.0423 6872  [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
20:20:59.0450 6872  volmgr - ok
20:20:59.0474 6872  [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx        C:\Windows\system32\drivers\volmgrx.sys
20:20:59.0505 6872  volmgrx - ok
20:20:59.0525 6872  [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap        C:\Windows\system32\drivers\volsnap.sys
20:20:59.0551 6872  volsnap - ok
20:20:59.0568 6872  [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid        C:\Windows\system32\DRIVERS\vsmraid.sys
20:20:59.0593 6872  vsmraid - ok
20:20:59.0632 6872  [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS            C:\Windows\system32\vssvc.exe
20:20:59.0684 6872  VSS - ok
20:20:59.0693 6872  [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
20:20:59.0728 6872  vwifibus - ok
20:20:59.0755 6872  [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
20:20:59.0779 6872  vwififlt - ok
20:20:59.0807 6872  [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time        C:\Windows\system32\w32time.dll
20:20:59.0851 6872  W32Time - ok
20:20:59.0886 6872  [ DE3721E89C653AA281428C8A69745D90 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
20:20:59.0921 6872  WacomPen - ok
20:20:59.0955 6872  [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
20:21:00.0011 6872  WANARP - ok
20:21:00.0032 6872  [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
20:21:00.0090 6872  Wanarpv6 - ok
20:21:00.0127 6872  [ 691E3285E53DCA558E1A84667F13E15A ] wbengine        C:\Windows\system32\wbengine.exe
20:21:00.0183 6872  wbengine - ok
20:21:00.0208 6872  [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
20:21:00.0240 6872  WbioSrvc - ok
20:21:00.0271 6872  [ 59E19BD13C3BDB857646B9E436BA27F7 ] WcesComm        C:\Windows\WindowsMobile\wcescomm.dll
20:21:00.0295 6872  WcesComm - ok
20:21:00.0328 6872  [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc        C:\Windows\System32\wcncsvc.dll
20:21:00.0372 6872  wcncsvc - ok
20:21:00.0396 6872  [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:21:00.0475 6872  WcsPlugInService - ok
20:21:00.0482 6872  [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd              C:\Windows\system32\DRIVERS\wd.sys
20:21:00.0502 6872  Wd - ok
20:21:00.0515 6872  [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
20:21:00.0545 6872  Wdf01000 - ok
20:21:00.0561 6872  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
20:21:00.0590 6872  WdiServiceHost - ok
20:21:00.0597 6872  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost  C:\Windows\system32\wdi.dll
20:21:00.0625 6872  WdiSystemHost - ok
20:21:00.0650 6872  [ A9D880F97530D5B8FEE278923349929D ] WebClient      C:\Windows\System32\webclnt.dll
20:21:00.0700 6872  WebClient - ok
20:21:00.0710 6872  [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc          C:\Windows\system32\wecsvc.dll
20:21:00.0751 6872  Wecsvc - ok
20:21:00.0775 6872  [ AC804569BB2364FB6017370258A4091B ] wercplsupport  C:\Windows\System32\wercplsupport.dll
20:21:00.0812 6872  wercplsupport - ok
20:21:00.0833 6872  [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc          C:\Windows\System32\WerSvc.dll
20:21:00.0873 6872  WerSvc - ok
20:21:00.0901 6872  [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
20:21:00.0936 6872  WfpLwf - ok
20:21:00.0957 6872  [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
20:21:00.0976 6872  WIMMount - ok
20:21:01.0048 6872  [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend      C:\Program Files\Windows Defender\mpsvc.dll
20:21:01.0102 6872  WinDefend - ok
20:21:01.0119 6872  WinHttpAutoProxySvc - ok
20:21:01.0187 6872  [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt        C:\Windows\system32\wbem\WMIsvc.dll
20:21:01.0223 6872  Winmgmt - ok
20:21:01.0269 6872  [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM          C:\Windows\system32\WsmSvc.dll
20:21:01.0342 6872  WinRM - ok
20:21:01.0398 6872  [ A67E5F9A400F3BD1BE3D80613B45F708 ] WINUSB          C:\Windows\system32\DRIVERS\WinUSB.SYS
20:21:01.0424 6872  WINUSB - ok
20:21:01.0492 6872  [ F514C1C9D814F3DB46A17C59EA8214B2 ] WiseBootAssistant C:\Program Files\Wise\Wise Care 365\BootTime.exe
20:21:01.0518 6872  WiseBootAssistant - ok
20:21:01.0547 6872  [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc        C:\Windows\System32\wlansvc.dll
20:21:01.0594 6872  Wlansvc - ok
20:21:01.0671 6872  [ 5144AE67D60EC653F97DDF3FEED29E77 ] wlidsvc        C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:21:01.0731 6872  wlidsvc - ok
20:21:01.0747 6872  [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi        C:\Windows\system32\drivers\wmiacpi.sys
20:21:01.0776 6872  WmiAcpi - ok
20:21:01.0799 6872  [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
20:21:01.0836 6872  wmiApSrv - ok
20:21:01.0887 6872  [ 36ED6F108DFA7C7DD329CF103B02C74B ] WMI_Hook_Service C:\Program Files\msi\OSD hot keys\WMI_Hook_Service.exe
20:21:01.0908 6872  WMI_Hook_Service - ok
20:21:01.0956 6872  [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc  C:\Program Files\Windows Media Player\wmpnetwk.exe
20:21:02.0008 6872  WMPNetworkSvc - ok
20:21:02.0036 6872  [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc          C:\Windows\System32\wpcsvc.dll
20:21:02.0079 6872  WPCSvc - ok
20:21:02.0107 6872  [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
20:21:02.0163 6872  WPDBusEnum - ok
20:21:02.0180 6872  [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl        C:\Windows\system32\drivers\ws2ifsl.sys
20:21:02.0230 6872  ws2ifsl - ok
20:21:02.0248 6872  [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc          C:\Windows\System32\wscsvc.dll
20:21:02.0282 6872  wscsvc - ok
20:21:02.0292 6872  WSearch - ok
20:21:02.0346 6872  [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv        C:\Windows\system32\wuaueng.dll
20:21:02.0397 6872  wuauserv - ok
20:21:02.0413 6872  [ E714A1C0354636837E20CCBF00888EE7 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
20:21:02.0448 6872  WudfPf - ok
20:21:02.0493 6872  [ 1023EE888C9B47178C5293ED5336AB69 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
20:21:02.0532 6872  WUDFRd - ok
20:21:02.0577 6872  [ 8D1E1E529A2C9E9B6A85B55A345F7629 ] wudfsvc        C:\Windows\System32\WUDFSvc.dll
20:21:02.0634 6872  wudfsvc - ok
20:21:02.0658 6872  [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc        C:\Windows\System32\wwansvc.dll
20:21:02.0688 6872  WwanSvc - ok
20:21:02.0746 6872  [ DD0042F0C3B606A6A8B92D49AFB18AD6 ] YahooAUService  C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
20:21:02.0773 6872  YahooAUService - ok
20:21:02.0845 6872  ================ Scan global ===============================
20:21:02.0885 6872  [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
20:21:02.0908 6872  [ 48CB4FDBCAAEAC7BCE2F5941545FF071 ] C:\Windows\system32\winsrv.dll
20:21:02.0921 6872  [ 48CB4FDBCAAEAC7BCE2F5941545FF071 ] C:\Windows\system32\winsrv.dll
20:21:02.0947 6872  [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
20:21:02.0967 6872  [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
20:21:02.0974 6872  [Global] - ok
20:21:02.0974 6872  ================ Scan MBR ==================================
20:21:02.0985 6872  [ C79B30CB8852157F6F908E4698CFE0D0 ] \Device\Harddisk0\DR0
20:21:06.0218 6872  \Device\Harddisk0\DR0 - ok
20:21:06.0219 6872  ================ Scan VBR ==================================
20:21:06.0224 6872  [ 8C423774BD921C6392827BB35F660F35 ] \Device\Harddisk0\DR0\Partition1
20:21:06.0226 6872  \Device\Harddisk0\DR0\Partition1 - ok
20:21:06.0252 6872  [ BDC934EC8AB62F0F5E2026458B54D8CA ] \Device\Harddisk0\DR0\Partition2
20:21:06.0255 6872  \Device\Harddisk0\DR0\Partition2 - ok
20:21:06.0285 6872  [ CFCC77A5DB7DF5EF2B976DE0E9E1FABC ] \Device\Harddisk0\DR0\Partition3
20:21:06.0287 6872  \Device\Harddisk0\DR0\Partition3 - ok
20:21:06.0293 6872  ============================================================
20:21:06.0293 6872  Scan finished
20:21:06.0293 6872  ============================================================
20:21:06.0318 4264  Detected object count: 11
20:21:06.0318 4264  Actual detected object count: 11
20:21:24.0619 4264  DeviceMonitorService ( UnsignedFile.Multi.Generic ) - skipped by user
20:21:24.0619 4264  DeviceMonitorService ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:21:24.0622 4264  DfSdkS ( UnsignedFile.Multi.Generic ) - skipped by user
20:21:24.0622 4264  DfSdkS ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:21:24.0625 4264  FirebirdGuardianDefaultInstance ( UnsignedFile.Multi.Generic ) - skipped by user
20:21:24.0625 4264  FirebirdGuardianDefaultInstance ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:21:24.0628 4264  FirebirdServerDefaultInstance ( UnsignedFile.Multi.Generic ) - skipped by user
20:21:24.0628 4264  FirebirdServerDefaultInstance ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:21:24.0632 4264  FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - skipped by user
20:21:24.0632 4264  FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:21:24.0634 4264  IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
20:21:24.0634 4264  IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:21:24.0637 4264  PassThru Service ( UnsignedFile.Multi.Generic ) - skipped by user
20:21:24.0637 4264  PassThru Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:21:24.0639 4264  PST Service ( UnsignedFile.Multi.Generic ) - skipped by user
20:21:24.0640 4264  PST Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:21:24.0643 4264  RichVideo ( UnsignedFile.Multi.Generic ) - skipped by user
20:21:24.0643 4264  RichVideo ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:21:24.0646 4264  SandraAgentSrv ( UnsignedFile.Multi.Generic ) - skipped by user
20:21:24.0646 4264  SandraAgentSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:21:24.0649 4264  ServiceLayer ( UnsignedFile.Multi.Generic ) - skipped by user
20:21:24.0649 4264  ServiceLayer ( UnsignedFile.Multi.Generic ) - User select action: Skip

cosinus 17.10.2012 20:04
Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  • Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.
  • Starte combofix.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
    Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.
  • Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.
Wichtiger Hinweis:
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!

Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie

Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
startest du Windows dann manuell neu und die Fehlermeldungen sollten nicht mehr auftauchen.

zr7driver 18.10.2012 03:18
Fehler! Also ComboFix hat alles funktioniert wie beschrieben, nur am Ende als das Log geschrieben werden sollte hat es nicht mehr reagiert und der PC wurde schwarz... Hab ihn über Nacht laufen lassen aber es hat sich nichts geändert! Jetzt hab ich ihn manuell Neu gestartet und finde aber leider kein Combofix.txt! Was nun??

cosinus 18.10.2012 10:04
Starte Windows neu, lösch die alte combofix.exe, lade CF neu runter und probier es bitte nochmal.

zr7driver 18.10.2012 18:18
Combofix.exe funktioniert nicht mehr?? Alles gemacht wie beschrieben!! Combofix gestartet, beginnt und das wars, Curser blinkt aber es passiert Stundenlang absolut nichts!! Rechner manuell neu gestartet, Symbol Combofix.exe ist verschwunden! :O Und was nun? PC startet und läuft normal...

Code:
Kannst du das auch mal bitte durchschauen?!

Advanced SystemCare Diagnosebericht v1.0
Datum: 2012.10.18 19:48:03

----------------------------------
01 - Betriebssystem
----------------------------------

0101 - Betriebssystem          : Windows 7 Home Premium 32-bit (6.1, Build 7601) Service Pack 1 (7601.win7sp1_gdr.120830-0333)
0102 - Sprache                  : German (Regional Setting: German)
0103 - BIOS                    : Default System BIOS
0104 - Prozessor                : Pentium(R) Dual-Core CPU      T4500  @ 2.30GHz (2 CPUs), ~2.3GHz
0105 - Speicher                : 4096MB RAM
0106 - Verfügbarer BS Speicher  : 3328MB RAM
0107 - Page File                : 3474MB used, 3178MB available
0108 - Windows Dir              : C:\Windows
0109 - DirectX Version          : DirectX 11
0110 - DX Setup Parameter      : Not found
0111 - DPI Einstellungen: Nutzer: 96 DPI (100 percent)
0112 - DPI  Einstellungen: System: 120 DPI (125 percent)
0113 - DWM DPI Skalierung      : Disabled
0114 - DxDiag Version          : 6.01.7601.17514

----------------------------------
02 - Prozessor
----------------------------------

0201 - Überschrift              : Pentium(R) Dual-Core CPU      T4500  @ 2.30GHz x2 ~2300MHz
0202 - Jetzige Taktfrequenz    : 2300MHz
0203 - L1-Cache                : 64,00 KB
0204 - L2-Cache                : 1,00 MB

----------------------------------
03 - Videoadapter
----------------------------------

0301 - Kartenname              : NVIDIA GeForce 9100M G   
0302 - Hedrsteller              : NVIDIA
0303 - Chip Typ                : GeForce 9100M G
0304 - DAC Typ                  : Integrated RAMDAC
0305 - Geräteschlüssel          : Enum\PCI\VEN_10DE&DEV_086E&SUBSYS_76211462&REV_B1
0306 - Speicher anzeigen        : 1647 MB
0307 - AdapterRAM              : 256,00 MB
0308 - Jetziger Modus          : 1920 x 1080 (32 bit) (60Hz)
0309 - Monitorname              : PnP-Monitor (Standard)
0310 - Treibername              : nvd3dum.dll,nvwgf2um.dll,nvwgf2um.dll
0311 - Treiberversion          : 8.17.0012.6658
0312 - Treiber Sprache          : English
0313 - DDI Version              : 10
0314 - Treiber Model            : WDDM 1.1
0315 - Treiber Beta            : False
0316 - Treiber Debug            : False
0317 - Treiberdatum            : 1/8/2011 05:27:00
0318 - Treibergröße            : 10078312
0319 - VDD                      : Nicht zutreffend
0320 - Mini VDD                : Nicht zutreffend
0321 - Mini VDD Datum          : n/a
0322 - Mini VDD Größe          : 0
0323 - Geräteidntifikation      : {D7B71E3E-4B2E-11CF-D06D-2D560FC2C535}
0324 - Anbieter ID              : 0x10DE
0325 - Geräte ID                : 0x086E
0326 - SubSys ID                : 0x76211462
0327 - Revision ID              : 0x00B1
0328 - Driver Strong Name      : oem139.inf:NVIDIA_SetA_Devices.NTx86.6.1:Section012:8.17.12.6658:pci\ven_10de&dev_086e&subsys_76211462
0329 - Rank of Driver          : 00E60001
0330 - Video Beschleunigung    : ModeMPEG2_A ModeMPEG2_C ModeVC1_C ModeWMV9_C
0331 - Deinterlace Caps        : {6CB69578-7617-4637-91E5-1C02DB810285}: Format(In/Out)=(YUY2,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_PixelAdaptive
                                  {F9F19DA5-3B09-4B2F-9D89-C64753E3EAAB}: Format(In/Out)=(YUY2,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY
                                  {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(YUY2,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY
                                  {335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(YUY2,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_BOBVerticalStretch
                                  {6CB69578-7617-4637-91E5-1C02DB810285}: Format(In/Out)=(UYVY,UYVY) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_PixelAdaptive
                                  {F9F19DA5-3B09-4B2F-9D89-C64753E3EAAB}: Format(In/Out)=(UYVY,UYVY) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY
                                  {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(UYVY,UYVY) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY
                                  {335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(UYVY,UYVY) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_BOBVerticalStretch
                                  {6CB69578-7617-4637-91E5-1C02DB810285}: Format(In/Out)=(YV12,0x32315659) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_PixelAdaptive
                                  {F9F19DA5-3B09-4B2F-9D89-C64753E3EAAB}: Format(In/Out)=(YV12,0x32315659) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY
                                  {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(YV12,0x32315659) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY
                                  {335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(YV12,0x32315659) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_BOBVerticalStretch
                                  {6CB69578-7617-4637-91E5-1C02DB810285}: Format(In/Out)=(NV12,0x3231564e) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_PixelAdaptive
                                  {F9F19DA5-3B09-4B2F-9D89-C64753E3EAAB}: Format(In/Out)=(NV12,0x3231564e) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY
                                  {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(NV12,0x3231564e) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY
                                  {335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(NV12,0x3231564e) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_BOBVerticalStretch
                                  {6CB69578-7617-4637-91E5-1C02DB810285}: Format(In/Out)=(IMC1,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                                  {F9F19DA5-3B09-4B2F-9D89-C64753E3EAAB}: Format(In/Out)=(IMC1,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                                  {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(IMC1,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                                  {335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(IMC1,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                                  {6CB69578-7617-4637-91E5-1C02DB810285}: Format(In/Out)=(IMC2,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                                  {F9F19DA5-3B09-4B2F-9D89-C64753E3EAAB}: Format(In/Out)=(IMC2,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                                  {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(IMC2,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                                  {335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(IMC2,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                                  {6CB69578-7617-4637-91E5-1C02DB810285}: Format(In/Out)=(IMC3,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                                  {F9F19DA5-3B09-4B2F-9D89-C64753E3EAAB}: Format(In/Out)=(IMC3,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                                  {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(IMC3,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                                  {335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(IMC3,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                                  {6CB69578-7617-4637-91E5-1C02DB810285}: Format(In/Out)=(IMC4,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                                  {F9F19DA5-3B09-4B2F-9D89-C64753E3EAAB}: Format(In/Out)=(IMC4,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                                  {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(IMC4,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                                  {335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(IMC4,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                                  {6CB69578-7617-4637-91E5-1C02DB810285}: Format(In/Out)=(S340,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                                  {F9F19DA5-3B09-4B2F-9D89-C64753E3EAAB}: Format(In/Out)=(S340,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                                  {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(S340,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                                  {335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(S340,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                                  {6CB69578-7617-4637-91E5-1C02DB810285}: Format(In/Out)=(S342,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                                  {F9F19DA5-3B09-4B2F-9D89-C64753E3EAAB}: Format(In/Out)=(S342,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                                  {5A54A0C9-C7EC-4BD9-8EDE-F3C75DC4393B}: Format(In/Out)=(S342,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
                                  {335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(S342,UNKNOWN) Frames(Prev/Fwd/Back)=(0,0,0) Caps=
0332 - D3D9 Overlay            : Supported
0333 - DXVA-HD                  : Supported
0334 - DDraw Status            : Enabled
0335 - D3D Status              : Enabled
0336 - ABG Status              : Enabled
0337 - Bemerkungen              : No problems found.

0338 - OpenGL                  : 6.1.7600.16385 (win7_rtm.090713-1255)

----------------------------------
04 - Speicher
----------------------------------

0401 - Gesamtspeicher          : 3,25 GB
0402 - Freier Speicher          : 787,83 MB
0403 - Pagefile gesamt          : 6,50 GB
0404 - Pagefile frei            : 3,10 GB

0405 - Bank Label              : BANK0
0406 - Geschwindigkeit          : 4199 MHz
0407 - Gesamtbreite            : 64 Bits
0408 - Kapazität                : 2,00 GB

0405 - Bank Label              : BANK2
0406 - Geschwindigkeit          : 4199 MHz
0407 - Gesamtbreite            : 64 Bits
0408 - Kapazität                : 2,00 GB

----------------------------------
05 - Netzwerk
----------------------------------

0501 - Beschreibung            : Realtek PCIe GBE Family Controller
0502 - Treiberdatum            : 6-10-2011
0503 - Treiberversion          : 7.46.610.2011

0501 - Beschreibung            : Bluetooth PAN Network Adapter
0502 - Treiberdatum            : 3-5-2007
0503 - Treiberversion          : 6.0.12.56

----------------------------------
06 - Mainboard
----------------------------------

0601 - Model                    : MS-7621
0602 - Hedrsteller              : MEDIONPC

----------------------------------
07 - Soung-Gerät
----------------------------------

0701 - Beschreibung            : Lautsprecher (Realtek High Definition Audio)
0702 - Sound-Playback voreingestellt: True
0703 - Stimm-Playback voreingestellt: True
0704 - Hardware ID              : HDAUDIO\FUNC_01&VEN_10EC&DEV_0889&SUBSYS_14627621&REV_1000
0705 - Hersteller ID            : 1
0706 - Produkt ID              : 100
0707 - Typ                      : WDM
0708 - Treibername              : RTKVHDA.sys
0709 - Treiberversion          : 6.00.0001.5978
0710 - Treiberattribute        : Final Retail
0711 - Datum und Größe          : 11/10/2009 20:43:32
0713 - Treiberanbieter          : Realtek Semiconductor Corp.
0714 - Min./Max. Sampl-Rate    : 4642746, 4642746
0715 - Static/Strm HW Mix Puffer: 4642746, 4642746
0716 - Static/Strm HW 3D Puffer : 4642746, 4642746
0717 - HW Speicher              : 4642754
0718 - Stimm-Management        : False
0719 - EAX (tm) 2.0 Listen/Src  : False, False
0720 - I3DL2(tm) Listen/Src    : False, False
0721 - Bemerkungen              : No problems found.

0701 - Beschreibung            : Lautsprecher (Bluetooth SCO Audio)
0702 - Sound-Playback voreingestellt: False
0703 - Stimm-Playback voreingestellt: False
0704 - Hardware ID              : {F12D3CF8-B11D-457e-8641-BE2AF2D6D204}\BLUELETSCOAUDIO
0705 - Hersteller ID            : 1
0706 - Produkt ID              : 100
0707 - Typ                      : WDM
0708 - Treibername              : BlueletSCOAudio.sys
0709 - Treiberversion          : 6.00.0015.0063
0710 - Treiberattribute        : Final Retail
0711 - Datum und Größe          : 6/24/2007 21:56:40
0713 - Treiberanbieter          : IVT Corporation
0714 - Min./Max. Sampl-Rate    : 4642746, 4642746
0715 - Static/Strm HW Mix Puffer: 4642746, 4642746
0716 - Static/Strm HW 3D Puffer : 4642746, 4642746
0717 - HW Speicher              : 4642754
0718 - Stimm-Management        : False
0719 - EAX (tm) 2.0 Listen/Src  : False, False
0720 - I3DL2(tm) Listen/Src    : False, False
0721 - Bemerkungen              : No problems found.

0701 - Beschreibung            : Realtek Digital Output (Realtek High Definition Audio)
0702 - Sound-Playback voreingestellt: False
0703 - Stimm-Playback voreingestellt: False
0704 - Hardware ID              : HDAUDIO\FUNC_01&VEN_10EC&DEV_0889&SUBSYS_14627621&REV_1000
0705 - Hersteller ID            : 1
0706 - Produkt ID              : 100
0707 - Typ                      : WDM
0708 - Treibername              : RTKVHDA.sys
0709 - Treiberversion          : 6.00.0001.5978
0710 - Treiberattribute        : Final Retail
0711 - Datum und Größe          : 11/10/2009 20:43:32
0713 - Treiberanbieter          : Realtek Semiconductor Corp.
0714 - Min./Max. Sampl-Rate    : 4642746, 4642746
0715 - Static/Strm HW Mix Puffer: 4642746, 4642746
0716 - Static/Strm HW 3D Puffer : 4642746, 4642746
0717 - HW Speicher              : 4642754
0718 - Stimm-Management        : False
0719 - EAX (tm) 2.0 Listen/Src  : False, False
0720 - I3DL2(tm) Listen/Src    : False, False
0721 - Bemerkungen              : No problems found.


----------------------------------
08 - Festplatte
----------------------------------

0801 - Model                    : WDC WD10 EARS-00Y5B1 SCSI Disk Device(Western Digital)
0802 - Medientyp                : Fixed hard disk media
0803 - Größe                    : 931,51 GB
0804 - Schnittstellentyp        : Serial ATA
0805 - Treiberdatum            : 6-21-2006
0806 - Treiberversion          : 6.1.7600.16385

0807 - Überschrift              : C:\
0808 - Kapazität                : 910,41 GB
0809 - Freier Speicher          : 583,94 GB
0810 - Laufwerktyp              : 3-Fest
0811 - Dateisystem              : NTFS

0807 - Überschrift              : D:\
0808 - Kapazität                : 20,00 GB
0809 - Freier Speicher          : 10,35 GB
0810 - Laufwerktyp              : 3-Fest
0811 - Dateisystem              : NTFS

----------------------------------
09 - Prozess
----------------------------------

0901 - 0000 Idle                      0 0    0               
0901 - 0004 System                    0 0    0               
0901 - 013c smss.exe                  0 0    0  normal      C:\Windows\system32
0901 - 01d0 csrss.exe                  0 0    0  normal      C:\Windows\system32
0901 - 0224 wininit.exe                0 0    0  high        C:\Windows\system32
0901 - 0230 csrss.exe                  1 174  83  normal      C:\Windows\system32
0901 - 0258 services.exe              0 0    0  normal      C:\Windows\system32
0901 - 026c lsass.exe                  0 0    0  normal      C:\Windows\system32
0901 - 0274 lsm.exe                    0 0    0  normal      C:\Windows\system32
0901 - 02d8 svchost.exe                0 0    0  normal      C:\Windows\system32
0901 - 0310 ascsvc.exe                0 0    0  high        C:\Program Files\IObit\Advanced SystemCare with Antivirus 2013
0901 - 0328 winlogon.exe              1 7    0  high        C:\Windows\system32
0901 - 03c8 svchost.exe                0 0    0  normal      C:\Windows\system32
0901 - 0418 svchost.exe                0 0    0  normal      C:\Windows\System32
0901 - 0454 svchost.exe                0 0    0  normal      C:\Windows\System32
0901 - 0478 svchost.exe                0 0    0  normal      C:\Windows\system32
0901 - 0528 svchost.exe                0 0    0  normal      C:\Windows\system32
0901 - 0550 svchost.exe                0 0    0  normal      C:\Windows\system32
0901 - 05b4 AvastSvc.exe              0 0    0  normal      C:\Program Files\AVAST Software\Avast
0901 - 0628 spoolsv.exe                0 0    0  normal      C:\Windows\System32
0901 - 06b4 Dwm.exe                    1 17  2  high        C:\Windows\system32
0901 - 06cc taskhost.exe              1 83  40  normal      C:\Windows\system32
0901 - 07d8 Explorer.EXE              1 285  206 normal      C:\Windows
0901 - 01b0 svchost.exe                0 0    0  normal      C:\Windows\system32
0901 - 021c IMFsrv.exe                0 0    0  normal      C:\Program Files\IObit\IObit Malware Fighter
0901 - 0414 GoogleCrashHandler.exe    0 0    0  idle        C:\Program Files\Google\Update\1.3.21.123
0901 - 06a4 aavus.exe                  0 0    0  normal      C:\Program Files\AAVUpdateManager
0901 - 0794 schedul2.exe              0 0    0  normal      C:\Program Files\Common Files\Acronis\Schedule2
0901 - 073c armsvc.exe                0 0    0  normal      C:\Program Files\Common Files\Adobe\ARM\1.0
0901 - 0688 schedhlp.exe              1 9    4  normal      C:\Program Files\Common Files\Acronis\Schedule2
0901 - 0804 SeaPort.EXE                0 0    0  normal      C:\Program Files\Microsoft\BingBar
0901 - 0830 BTNtService.exe            0 0    0  high        C:\Program Files\IVT Corporation\BlueSoleil
0901 - 0864 NServiceEntry.exe          0 0    0  normal      C:\Program Files\Motorola Media Link
0901 - 0884 svchost.exe                0 0    0  normal      C:\Windows\system32
0901 - 08a8 fbguard.exe                0 0    0  normal      C:\Program Files\Firebird\Firebird_2_1\bin
0901 - 08d4 PresentationFontCache.exe  0 0    0  normal      C:\Windows\Microsoft.Net\Framework\v3.0\WPF
0901 - 092c IGDCTRL.EXE                0 0    0  normal      C:\Program Files\FRITZ!DSL
0901 - 094c IJPLMSVC.EXE              0 0    0  normal      C:\Program Files\Canon\IJPLM
0901 - 096c MotoHelperService.exe      0 0    0  normal      C:\Program Files\Motorola Mobility\Motorola Device Manager
0901 - 09e8 PassThruSvr.exe            0 0    0  normal      C:\Program Files\HTC\Internet Pass-Through
0901 - 0a10 PDAgent.exe                0 0    0  normal      C:\Program Files\Raxco\PerfectDisk10
0901 - 0a5c ForwardDaemon.exe          0 0    0  normal      C:\Program Files\Motorola\MotForwardDaemon
0901 - 0a84 RichVideo.exe              0 0    0  normal      C:\Program Files\CyberLink\Shared files
0901 - 0aa8 PSIA.exe                  0 0    0  normal      C:\Program Files\Secunia\PSI
0901 - 0ab0 MotoHelperAgent.exe        1 19  21  normal      C:\Program Files\Motorola Mobility\Motorola Device Manager
0901 - 0af0 c2c_service.exe            0 0    0  normal      C:\ProgramData\Skype\Toolbars\Skype C2C Service
0901 - 0b40 StartSkysolSvc.exe        0 0    0  normal      C:\Program Files\IVT Corporation\BlueSoleil
0901 - 0b60 svchost.exe                0 0    0  normal      C:\Windows\system32
0901 - 0b80 TomTomHOMEService.exe      0 0    0  normal      C:\Program Files\TomTom HOME 2
0901 - 0ba4 svchost.exe                0 0    0  normal      C:\Windows\System32
0901 - 0c44 WLIDSVC.EXE                0 0    0  normal      C:\Program Files\Common Files\Microsoft Shared\Windows Live
0901 - 0c60 WMI_Hook_Service.exe      0 0    0  normal      C:\Program Files\msi\OSD hot keys
0901 - 0c98 YahooAUService.exe        0 0    0  normal      C:\Program Files\Yahoo!\SoftwareUpdate
0901 - 0d04 SDWinSec.exe              0 0    0  normal      C:\Program Files\Spybot - Search & Destroy
0901 - 0e70 WLIDSvcM.exe              0 0    0  normal      C:\Program Files\Common Files\Microsoft Shared\Windows Live
0901 - 0f0c CLMLSvc.exe                1 15  6  normal      C:\Program Files\CyberLink\Power2Go
0901 - 0f14 RtHDVCpl.exe              1 54  20  normal      C:\Program Files\Realtek\Audio\HDA
0901 - 0f24 pptd40nt.exe              1 13  4  normal      C:\Program Files\ScanSoft\PaperPort
0901 - 0f48 wmdc.exe                  1 9    3  normal      C:\Windows\WindowsMobile
0901 - 0f6c BJMYPRT.EXE                1 18  13  normal      C:\Program Files\Canon\MyPrinter
0901 - 0f7c CNSEMAIN.EXE              1 115  23  normal      C:\Program Files\Canon\Solution Menu EX
0901 - 0c2c svchost.exe                0 0    0  normal      C:\Windows\system32
0901 - 1044 SearchIndexer.exe          0 0    0  normal      C:\Windows\system32
0901 - 10a0 fbserver.exe              0 0    0  normal      C:\Program Files\Firebird\Firebird_2_1\bin
0901 - 115c PDAgentS1.exe              1 9    4  normal      C:\Program Files\Raxco\PerfectDisk10
0901 - 1208 unsecapp.exe              0 0    0  normal      C:\Windows\system32\wbem
0901 - 1210 AvastUI.exe                1 141  44  normal      C:\Program Files\AVAST Software\Avast
0901 - 12f4 wmiprvse.exe              0 0    0  normal      C:\Windows\system32\wbem
0901 - 1370 adm_tray.exe              1 25  10  normal      C:\Program Files\Acronis\DriveMonitor
0901 - 13d4 wmpnetwk.exe              0 0    0  normal      C:\Program Files\Windows Media Player
0901 - 1498 jusched.exe                1 9    2  normal      C:\Program Files\Common Files\Java\Java Update
0901 - 14b0 sidebar.exe                1 115  181 normal      C:\Program Files\Windows Sidebar
0901 - 155c KiesPDLR.exe              1 10  13  normal      C:\Program Files\Samsung\Kies\External\FirmwareUpdate
0901 - 15bc Kies.exe                  1 9    8  normal      C:\Program Files\Samsung\Kies
0901 - 15e0 svchost.exe                0 0    0  normal      C:\Windows\System32
0901 - 16a0 ASCTray.exe                1 76  56  normal      C:\Program Files\IObit\Advanced SystemCare with Antivirus 2013
0901 - 16e8 StCenter.exe              1 217  72  normal      C:\Program Files\FRITZ!DSL
0901 - 1700 Dropbox.exe                1 55  30  normal      C:\Users\zr7driver\AppData\Roaming\Dropbox\bin
0901 - 1714 FritzDsl.exe              1 158  40  normal      C:\Program Files\FRITZ!DSL
0901 - 1738 FwebProt.exe              1 509  169 normal      C:\Program Files\FRITZ!DSL
0901 - 1768 BlueSoleil.exe            1 96  52  high        C:\Program Files\IVT Corporation\BlueSoleil
0901 - 1444 sua.exe                    0 0    0  normal      C:\Program Files\Secunia\PSI
0901 - 14d8 BlueSoleil VoIP Plugin.exe 1 16  27  normal      C:\Program Files\IVT Corporation\BlueSoleil
0901 - 0094 IMF.exe                    1 1759 227 normal      C:\Program Files\IObit\IObit Malware Fighter
0901 - 00c4 DllHost.exe                0 0    0  normal      C:\Windows\system32
0901 - 1e6c InputPersonalization.exe  1 9    5  below normal C:\Program Files\Common Files\Microsoft Shared\Ink
0901 - 1ec4 FABS.exe                  0 0    0  normal      C:\Program Files\Common Files\MAGIX Services\Database\bin
0901 - 0c18 WISPTIS.EXE                1 431  165 high        C:\Windows\SYSTEM32
0901 - 0e64 chrome.exe                1 152  79  normal      C:\Program Files\Google\Chrome\Application
0901 - 0dc0 chrome.exe                1 14  4  normal      C:\Program Files\Google\Chrome\Application
0901 - 1964 chrome.exe                1 9    1  normal      C:\Program Files\Google\Chrome\Application
0901 - 1aa8 chrome.exe                1 10  1  normal      C:\Program Files\Google\Chrome\Application
0901 - 1ab8 chrome.exe                1 12  1  normal      C:\Program Files\Google\Chrome\Application
0901 - 1a9c chrome.exe                1 10  1  normal      C:\Program Files\Google\Chrome\Application
0901 - 1a88 chrome.exe                1 10  1  normal      C:\Program Files\Google\Chrome\Application
0901 - 1ae4 chrome.exe                1 12  1  normal      C:\Program Files\Google\Chrome\Application
0901 - 1ae0 chrome.exe                1 10  1  normal      C:\Program Files\Google\Chrome\Application
0901 - 0e3c chrome.exe                1 499  1  normal      C:\Program Files\Google\Chrome\Application
0901 - 0854 chrome.exe                1 11  8  normal      C:\Program Files\Google\Chrome\Application
0901 - 0720 chrome.exe                1 546  1  normal      C:\Program Files\Google\Chrome\Application
0901 - 0334 chrome.exe                1 164  1  below normal C:\Program Files\Google\Chrome\Application
0901 - 0d78 chrome.exe                1 241  1  normal      C:\Program Files\Google\Chrome\Application
0901 - 1998 audiodg.exe                0 0    0               
0901 - 0b48 Asc.exe                    1 1734 297 normal      C:\Program Files\IObit\Advanced SystemCare with Antivirus 2013
0901 - 05bc ToolBox.exe                1 403  107 normal      C:\Program Files\IObit\Advanced SystemCare with Antivirus 2013
0901 - 19a4 chrome.exe                1 20  1  normal      C:\Program Files\Google\Chrome\Application
0901 - 0ef4 taskeng.exe                1 9    3  normal      C:\Windows\system32
0901 - 0824 svchost.exe                0 0    0  normal      C:\Windows\System32
0901 - 1740 Sus10_SysExplorer.exe      1 102  49  normal      C:\Program Files\IObit\Advanced SystemCare with Antivirus 2013
0901 - 1924 wmiprvse.exe              0 0    0  normal      C:\Windows\system32\wbem


----------------------------------
10 - Dienst
----------------------------------

1001 - AAV UpdateService - ["C:\Program Files\AAVUpdateManager\aavus.exe"]
1001 - Acronis Scheduler2 Service - ["C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe"]
1001 - Adobe Acrobat Update Service - ["C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe"]
1001 - Advanced SystemCare Service 5 - [C:\Program Files\IObit\Advanced SystemCare with Antivirus 2013\ascsvc.exe]
1001 - Anwendungserfahrung - [C:\Windows\system32\svchost.exe -k netsvcs]
1001 - Anwendungsinformationen - [C:\Windows\system32\svchost.exe -k netsvcs]
1001 - Windows-Audio-Endpunkterstellung - [C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted]
1001 - Windows-Audio - [C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted]
1001 - avast! Antivirus - ["C:\Program Files\AVAST Software\Avast\AvastSvc.exe"]
1001 - BBUpdate - ["C:\Program Files\Microsoft\BingBar\SeaPort.EXE"]
1001 - Basisfiltermodul - [C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork]
1001 - Intelligenter Hintergrundübertragungsdienst - [C:\Windows\System32\svchost.exe -k netsvcs]
1001 - BlueSoleil Hid Service - [C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe]
1001 - Computerbrowser - [C:\Windows\system32\svchost.exe -k netsvcs]
1001 - Kryptografiedienste - [C:\Windows\system32\svchost.exe -k NetworkService]
1001 - DeviceMonitorService - ["C:\Program Files\Motorola Media Link\NServiceEntry.exe"]
1001 - DHCP-Client - [C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted]
1001 - DNS-Client - [C:\Windows\system32\svchost.exe -k NetworkService]
1001 - Extensible Authentication-Protokoll - [C:\Windows\System32\svchost.exe -k netsvcs]
1001 - Windows-Ereignisprotokoll - [C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted]
1001 - COM+-Ereignissystem - [C:\Windows\system32\svchost.exe -k LocalService]
1001 - Funktionssuchanbieter-Host - [C:\Windows\system32\svchost.exe -k LocalService]
1001 - Funktionssuche-Ressourcenveröffentlichung - [C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation]
1001 - Firebird Guardian - DefaultInstance - ["C:\Program Files\Firebird\Firebird_2_1\bin\fbguard.exe" -s DefaultInstance]
1001 - Firebird Server - DefaultInstance - ["C:\Program Files\Firebird\Firebird_2_1\bin\fbserver.exe" -s DefaultInstance]
1001 - Windows-Dienst für Schriftartencache - [C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation]
1001 - Windows Presentation Foundation-Schriftartcache 3.0.0.0 - [C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe]
1001 - Zugriff auf Eingabegeräte - [C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted]
1001 - Heimnetzgruppen-Listener - [C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted]
1001 - Heimnetzgruppen-Anbieter - [C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted]
1001 - AVM IGD CTRL Service - ["C:\Program Files\FRITZ!DSL\IGDCTRL.EXE"]
1001 - Canon Inkjet Printer/Scanner/Fax Extended Survey Program - [C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE]
1001 - IKE- und AuthIP IPsec-Schlüsselerstellungsmodule - [C:\Windows\system32\svchost.exe -k netsvcs]
1001 - IMF Service - [C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe]
1001 - PnP-X-IP-Busenumerator - [C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted]
1001 - IP-Hilfsdienst - [C:\Windows\System32\svchost.exe -k NetSvcs]
1001 - CNG-Schlüsselisolation - [C:\Windows\system32\lsass.exe]
1001 - Server - [C:\Windows\system32\svchost.exe -k netsvcs]
1001 - Arbeitsstationsdienst - [C:\Windows\System32\svchost.exe -k NetworkService]
1001 - TCP/IP-NetBIOS-Hilfsdienst - [C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted]
1001 - Multimediaklassenplaner - [C:\Windows\system32\svchost.exe -k netsvcs]
1001 - Motorola Device Manager Service - [C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe]
1001 - Windows-Firewall - [C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork]
1001 - Netzwerkverbindungen - [C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted]
1001 - Netzwerklistendienst - [C:\Windows\System32\svchost.exe -k LocalService]
1001 - NLA (Network Location Awareness) - [C:\Windows\System32\svchost.exe -k NetworkService]
1001 - Netzwerkspeicher-Schnittstellendienst - [C:\Windows\system32\svchost.exe -k LocalService]
1001 - Peernetzwerkidentitäts-Manager - [C:\Windows\System32\svchost.exe -k LocalServicePeerNet]
1001 - Peernetzwerk-Gruppenzuordnung - [C:\Windows\System32\svchost.exe -k LocalServicePeerNet]
1001 - Internet Pass-Through Service - [C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe]
1001 - Programmkompatibilitäts-Assistent-Dienst - [C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted]
1001 - PDAgent - ["C:\Program Files\Raxco\PerfectDisk10\PDAgent.exe"]
1001 - Plug & Play - [C:\Windows\system32\svchost.exe -k DcomLaunch]
1001 - Peer Name Resolution-Protokoll - [C:\Windows\System32\svchost.exe -k LocalServicePeerNet]
1001 - Stromversorgung - [C:\Windows\system32\svchost.exe -k DcomLaunch]
1001 - Benutzerprofildienst - [C:\Windows\system32\svchost.exe -k netsvcs]
1001 - PST Service - [C:\Program Files\Motorola\MotForwardDaemon\ForwardDaemon.exe]
1001 - Windows Mobile-basierte Geräteverbindungen - [C:\Windows\system32\svchost.exe -k WindowsMobile]
1001 - RAS-Verbindungsverwaltung - [C:\Windows\System32\svchost.exe -k netsvcs]
1001 - Cyberlink RichVideo Service(CRVS) - ["C:\Program Files\CyberLink\Shared files\RichVideo.exe"]
1001 - Sicherheitskonto-Manager - [C:\Windows\system32\lsass.exe]
1001 - SBSD Security Center Service - [C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe]
1001 - Sekundäre Anmeldung - [C:\Windows\system32\svchost.exe -k netsvcs]
1001 - Secunia PSI Agent - ["C:\Program Files\Secunia\PSI\PSIA.exe" --start-service]
1001 - Secunia Update Agent - ["C:\Program Files\Secunia\PSI\sua.exe" --start-service]
1001 - Shellhardwareerkennung - [C:\Windows\System32\svchost.exe -k netsvcs]
1001 - Skype C2C Service - ["C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe"]
1001 - Druckwarteschlange - [C:\Windows\System32\spoolsv.exe]
1001 - SSDP-Suche - [C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation]
1001 - SSTP-Dienst - [C:\Windows\system32\svchost.exe -k LocalService]
1001 - Start BT in service - [C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe]
1001 - Windows-Bilderfassung (WIA) - [C:\Windows\system32\svchost.exe -k imgsvc]
1001 - Superfetch - [C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted]
1001 - Telefonie - [C:\Windows\System32\svchost.exe -k NetworkService]
1001 - Designs - [C:\Windows\System32\svchost.exe -k netsvcs]
1001 - TomTomHOMEService - [C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe]
1001 - Überwachung verteilter Verknüpfungen (Client) - [C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted]
1001 - UPnP-Gerätehost - [C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation]
1001 - Sitzungs-Manager für Desktopfenster-Manager - [C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted]
1001 - Windows Mobile 2003-basierte Gerätekonnektivität - [C:\Windows\system32\svchost.exe -k WindowsMobile]
1001 - Windows-Fehlerberichterstattungsdienst - [C:\Windows\System32\svchost.exe -k WerSvcGroup]
1001 - Windows Defender - [C:\Windows\System32\svchost.exe -k secsvcs]
1001 - Windows-Verwaltungsinstrumentation - [C:\Windows\system32\svchost.exe -k netsvcs]
1001 - Automatische WLAN-Konfiguration - [C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted]
1001 - Windows Live ID Sign-in Assistant - ["C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"]
1001 - WMI_Hook_Service - ["C:\Program Files\msi\OSD hot keys\WMI_Hook_Service.exe"]
1001 - Windows Media Player-Netzwerkfreigabedienst - ["C:\Program Files\Windows Media Player\wmpnetwk.exe"]
1001 - Sicherheitscenter - [C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted]
1001 - Windows Search - [C:\Windows\system32\SearchIndexer.exe /Embedding]
1001 - Windows Update - [C:\Windows\system32\svchost.exe -k netsvcs]
1001 - Windows Driver Foundation - Benutzermodus-Treiberframework - [C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted]
1001 - Yahoo! Updater - ["C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe"]

----------------------------------
11 - Windows Express
----------------------------------

1101 - System-Score            : 4.1
1102 - Speicher-Score          : 5.6
1103 - CPU Score                : 5.6
1104 - Grafik-Score            : 4.1
1105 - Gaming Score            : 5.2
1106 - Disk Score              : 5.9

----------------------------------
12 - Ereignislog
----------------------------------

1201 - Zeit                    : 18.10.2012 11:51:44
1202 - Quelle                  : SideBySide
1203 - Beschreibung            : Fehler beim Generieren des Aktivierungskontextes für "c:\program files\freecommander\DelZip179.dll". Fehler in Manifest- oder Richtliniendatei "c:\program files\freecommander\DelZip179.dll" in Zeile 8. Der Wert "*" des "language"-Attributs im assemblyIdentity-Element ist ungültig.

1201 - Zeit                    : 18.10.2012 11:48:51
1202 - Quelle                  : SideBySide
1203 - Beschreibung            : Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\HTC\HTC Sync 3.0\FDAgentForOutlook64.exe". Die abhängige Assemblierung "Microsoft.VC90.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

1201 - Zeit                    : 18.10.2012 11:41:23
1202 - Quelle                  : SideBySide
1203 - Beschreibung            : Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\Motorola Media Link\NMDllHost.exe.Manifest". Die abhängige Assemblierung "NeroAPIFiles,processorArchitecture="x86",type="win32",version="9.0.0.0"" konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

1201 - Zeit                    : 18.10.2012 02:22:35
1202 - Quelle                  : Application Error
1203 - Beschreibung            : Name der fehlerhaften Anwendung: tdsskiller.exe, Version: 2.8.13.0, Zeitstempel: 0x50781aa9 Name des fehlerhaften Moduls: WLDAP32.dll, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7ba62 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0000176c ID des fehlerhaften Prozesses: 0xf38 Startzeit der fehlerhaften Anwendung: 0x01cdac93dbe3bdf0 Pfad der fehlerhaften Anwendung: C:\Users\zr7driver\Downloads\tdsskiller.exe Pfad des fehlerhaften Moduls: C:\Windows\system32\WLDAP32.dll Berichtskennung: 9f1d7e50-1887-11e2-85df-001583096ec8

1201 - Zeit                    : 19.10.2012 01:08:45
1202 - Quelle                  : Service Control Manager
1203 - Beschreibung            : Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:  Lbd SBRE

1201 - Zeit                    : 19.10.2012 01:08:08
1202 - Quelle                  : EventLog
1203 - Beschreibung            : Das System wurde zuvor am ‎18.‎10.‎2012 um 11:44:52 unerwartet heruntergefahren.

1201 - Zeit                    : 18.10.2012 17:37:48
1202 - Quelle                  : Service Control Manager
1203 - Beschreibung            : Dienst "Skype C2C Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

1201 - Zeit                    : 18.10.2012 10:12:24
1202 - Quelle                  : Service Control Manager
1203 - Beschreibung            : Der Dienst "Advanced SystemCare Service 5" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

1201 - Zeit                    : 18.10.2012 10:06:12
1202 - Quelle                  : Service Control Manager
1203 - Beschreibung            : Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:  Lbd SBRE

1201 - Zeit                    : 18.10.2012 10:03:43
1202 - Quelle                  : EventLog
1203 - Beschreibung            : Das System wurde zuvor am ‎18.‎10.‎2012 um 04:02:08 unerwartet heruntergefahren.

1201 - Zeit                    : 18.10.2012 03:37:00
1202 - Quelle                  : Service Control Manager
1203 - Beschreibung            : Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:  Lbd SBRE

1201 - Zeit                    : 18.10.2012 03:36:47
1202 - Quelle                  : Service Control Manager
1203 - Beschreibung            : Der Dienst "SBSD Security Center Service" wurde aufgrund folgenden Fehlers nicht gestartet:  Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

1201 - Zeit                    : 18.10.2012 03:36:47
1202 - Quelle                  : Service Control Manager
1203 - Beschreibung            : Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst SBSD Security Center Service erreicht.

1201 - Zeit                    : 18.10.2012 03:36:02
1202 - Quelle                  : EventLog
1203 - Beschreibung            : Das System wurde zuvor am ‎17.‎10.‎2012 um 21:35:08 unerwartet heruntergefahren.

----------------------------------
Dateiende - 40138 Bytes

cosinus 18.10.2012 20:14
Warum soll ich mir irgendein Log durchsehen? Lass mich das bitte auf meinem Weg erledigen

Letzter Versuch mit Combofix, lade es nochmal neu runter und probier es im abgesicherten Modus mit Netzwerktreibern

zr7driver 18.10.2012 21:07
Combofix Logfile:
Code:
ComboFix 12-10-18.03 - zr7driver 18.10.2012  21:49:48.2.2 - x86 NETWORK
Microsoft Windows 7 Home Premium  6.1.7601.1.1252.49.1031.18.3327.2667 [GMT 2:00]
ausgeführt von:: c:\users\zr7driver\Desktop\ComboFix.exe
AV: Advanced SystemCare with Antivirus *Disabled/Updated* {1C304DC4-1D72-5DB9-B33A-43B638ECFD30}
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: IObit Malware Fighter *Enabled/Updated* {A751AC20-3B48-5237-898A-78C4436BB78D}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Vorheriger Suchlauf -------
.
c:\users\ZR7DRI~1\AppData\Local\Temp\fbe2808e-2380-4f14-a1fa-3fa9c3a364e8\CliSecureRT.dll
c:\users\zr7driver\AppData\Local\Temp\fbe2808e-2380-4f14-a1fa-3fa9c3a364e8\CliSecureRT.dll
c:\windows\IsUn0407.exe
c:\windows\system32\DEBUG.log
c:\windows\system32\msstdfmt.dll
c:\windows\system32\muzapp.exe
c:\windows\system32\pt\Lagoon.resources.dll
c:\windows\system32\spool\prtprocs\w32x86\ppbiPr.dll
c:\windows\system32\System32\MASetupCleaner.exe
c:\windows\system32\System32\muzapp.exe
c:\windows\system32\URTTemp\regtlib.exe
.
.
(((((((((((((((((((((((((((((((((((((((  Treiber/Dienste  )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_nvsvc
.
.
(((((((((((((((((((((((  Dateien erstellt von 2012-09-18 bis 2012-10-18  ))))))))))))))))))))))))))))))
.
.
2012-10-18 19:58 . 2012-10-18 19:58        --------        d-----w-        c:\users\Default\AppData\Local\temp
2012-10-18 03:37 . 2012-10-18 03:37        56200        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{F1D3BA1D-F1E1-4967-9614-7CC8F9E400B8}\offreg.dll
2012-10-18 02:21 . 2012-10-12 05:56        6918632        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{F1D3BA1D-F1E1-4967-9614-7CC8F9E400B8}\mpengine.dll
2012-10-18 02:12 . 2011-11-21 16:58        340624        ----a-w-        c:\windows\system32\drivers\trufos.sys
2012-10-18 02:12 . 2012-03-15 12:16        353096        ----a-w-        c:\windows\system32\drivers\bdfsfltr.sys
2012-10-18 02:12 . 2012-10-18 02:12        --------        d-----w-        c:\programdata\{D76294E6-03B8-4971-AF2E-3F846161A690}
2012-10-18 02:12 . 2012-10-18 02:12        --------        d-----w-        c:\programdata\{6F2F3866-38AD-4f48-852C-2FF5DE7A7588}
2012-10-18 02:12 . 2012-10-18 02:12        --------        d-----w-        c:\programdata\iobit
2012-10-17 19:34 . 2012-10-18 19:58        --------        d-----w-        c:\users\zr7driver\AppData\Local\temp
2012-10-16 18:33 . 2012-10-16 18:33        --------        d-----w-        C:\_OTL
2012-10-13 08:43 . 2012-10-17 19:33        --------        d-----w-        c:\users\zr7driver\AppData\Local\assembly
2012-10-12 19:16 . 2012-10-12 19:16        --------        d-----w-        c:\program files\SmartTools
2012-10-12 19:14 . 2012-10-12 19:14        --------        d-----w-        c:\users\zr7driver\AppData\Roaming\SmartTools
2012-10-12 13:18 . 2012-10-11 01:05        96224        ----a-w-        c:\program files\Mozilla Firefox\webapprt-stub.exe
2012-10-12 13:18 . 2012-10-11 01:05        157272        ----a-w-        c:\program files\Mozilla Firefox\webapp-uninstaller.exe
2012-10-11 21:02 . 2012-10-11 21:02        --------        d-----w-        c:\program files\VS Revo Group
2012-10-10 23:05 . 2012-08-24 16:57        172544        ----a-w-        c:\windows\system32\wintrust.dll
2012-10-10 23:05 . 2012-09-14 18:28        2048        ----a-w-        c:\windows\system32\tzres.dll
2012-10-10 23:05 . 2012-08-20 17:40        293376        ----a-w-        c:\windows\system32\KernelBase.dll
2012-10-10 23:03 . 2012-06-02 04:36        1159680        ----a-w-        c:\windows\system32\crypt32.dll
2012-10-10 23:03 . 2012-06-02 04:36        140288        ----a-w-        c:\windows\system32\cryptsvc.dll
2012-10-10 23:03 . 2012-06-02 04:36        103936        ----a-w-        c:\windows\system32\cryptnet.dll
2012-10-10 23:03 . 2012-08-31 17:18        1211760        ----a-w-        c:\windows\system32\drivers\ntfs.sys
2012-10-10 23:03 . 2012-08-10 23:56        542208        ----a-w-        c:\windows\system32\kerberos.dll
2012-10-10 23:03 . 2012-08-30 17:12        3914096        ----a-w-        c:\windows\system32\ntoskrnl.exe
2012-10-10 23:03 . 2012-08-30 17:12        3968880        ----a-w-        c:\windows\system32\ntkrnlpa.exe
2012-10-08 07:41 . 2012-10-08 07:41        --------        d-----w-        c:\program files\ESET
2012-10-06 23:11 . 2012-10-06 23:11        --------        d-----w-        c:\program files\Malwarebytes' Anti-Malware
2012-10-06 23:11 . 2012-09-07 15:04        22856        ----a-w-        c:\windows\system32\drivers\mbam.sys
2012-10-05 16:48 . 2012-10-13 19:57        --------        d-----w-        c:\programdata\Avira
2012-09-29 14:19 . 2012-09-29 14:19        --------        d-----w-        c:\users\zr7driver\AppData\Roaming\Lexware
2012-09-29 14:14 . 2012-09-29 14:20        --------        d-----w-        c:\programdata\Lexware
2012-09-29 14:14 . 2012-09-29 14:14        --------        d-----w-        c:\program files\Lexware
2012-09-29 14:11 . 2012-09-29 14:15        --------        d-----w-        c:\program files\Common Files\Lexware
2012-09-29 14:11 . 2012-09-29 14:19        --------        d-----w-        c:\users\zr7driver\AppData\Local\Lexware
2012-09-28 19:41 . 2012-10-18 17:08        --------        d-----w-        c:\users\zr7driver\AppData\Roaming\Wise Care 365
2012-09-28 19:41 . 2012-09-28 19:41        --------        d-----w-        c:\program files\Wise
2012-09-26 06:42 . 2012-08-21 20:12        245760        ----a-w-        c:\windows\system32\OxpsConverter.exe
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-09 09:34 . 2012-03-30 02:45        696760        ----a-w-        c:\windows\system32\FlashPlayerApp.exe
2012-10-09 09:34 . 2011-05-23 02:41        73656        ----a-w-        c:\windows\system32\FlashPlayerCPLApp.cpl
2012-09-01 21:01 . 2012-09-01 21:01        93672        ----a-w-        c:\windows\system32\WindowsAccessBridge.dll
2012-09-01 21:01 . 2010-11-20 11:50        746984        ----a-w-        c:\windows\system32\deployJava1.dll
2012-08-28 17:41 . 2012-08-28 17:41        25200        ----a-w-        c:\windows\system32\drivers\ggsemc.sys
2012-08-28 17:41 . 2012-08-28 17:41        12400        ----a-w-        c:\windows\system32\drivers\ggflt.sys
2012-08-22 17:16 . 2012-09-12 12:10        1292144        ----a-w-        c:\windows\system32\drivers\tcpip.sys
2012-08-22 17:16 . 2012-09-12 12:10        712048        ----a-w-        c:\windows\system32\drivers\ndis.sys
2012-08-22 17:16 . 2012-09-12 12:10        240496        ----a-w-        c:\windows\system32\drivers\netio.sys
2012-08-22 17:16 . 2012-09-12 12:10        187760        ----a-w-        c:\windows\system32\drivers\FWPKCLNT.SYS
2012-08-21 09:13 . 2012-02-26 11:56        355632        ----a-w-        c:\windows\system32\drivers\aswSP.sys
2012-08-21 09:13 . 2012-02-26 11:56        54232        ----a-w-        c:\windows\system32\drivers\aswTdi.sys
2012-08-21 09:13 . 2012-02-26 11:56        729752        ----a-w-        c:\windows\system32\drivers\aswSnx.sys
2012-08-21 09:13 . 2012-02-26 11:56        58680        ----a-w-        c:\windows\system32\drivers\aswMonFlt.sys
2012-08-21 09:13 . 2012-02-24 23:09        44784        ----a-w-        c:\windows\system32\drivers\aswRdr2.sys
2012-08-21 09:13 . 2012-02-26 11:56        21256        ----a-w-        c:\windows\system32\drivers\aswFsBlk.sys
2012-08-21 09:12 . 2011-12-13 10:33        41224        ----a-w-        c:\windows\avastSS.scr
2012-08-21 09:12 . 2012-02-26 11:56        227648        ----a-w-        c:\windows\system32\aswBoot.exe
2012-08-02 16:57 . 2012-09-12 12:10        490496        ----a-w-        c:\windows\system32\d3d10level9.dll
2012-07-31 10:42 . 2012-09-15 14:55        181344        ----a-w-        c:\windows\system32\drivers\ssudserd.sys
2012-07-31 10:42 . 2012-09-15 14:55        181344        ----a-w-        c:\windows\system32\drivers\ssudmdm.sys
2012-07-31 10:42 . 2012-09-15 14:55        83168        ----a-w-        c:\windows\system32\drivers\ssudbus.sys
2012-10-11 01:05 . 2012-09-07 16:31        261600        ----a-w-        c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-08-21 09:12        121528        ----a-w-        c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-06-30 04:19        94208        ----a-w-        c:\users\zr7driver\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-06-30 04:19        94208        ----a-w-        c:\users\zr7driver\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-06-30 04:19        94208        ----a-w-        c:\users\zr7driver\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1174016]
"KiesPDLR"="c:\program files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2012-08-31 21432]
"KiesPreload"="c:\program files\Samsung\Kies\Kies.exe" [2012-08-31 964024]
"Advanced SystemCare 5"="c:\program files\IObit\Advanced SystemCare with Antivirus 2013\ASCTray.exe" [2012-07-26 299392]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CLMLServer"="c:\program files\CyberLink\Power2Go\CLMLSvc.exe" [2009-06-03 103720]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-11-10 7866912]
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-10-14 155648]
"PaperPort PTD"="c:\program files\ScanSoft\PaperPort\pptd40nt.exe" [2004-03-09 57393]
"IndexSearch"="c:\program files\ScanSoft\PaperPort\IndexSearch.exe" [2004-03-09 40960]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 648072]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2010-03-25 2516296]
"CanonSolutionMenuEx"="c:\program files\Canon\Solution Menu EX\CNSEMAIN.EXE" [2010-04-02 1185112]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-08-21 4282728]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-04-18 421888]
"adm_tray.exe"="c:\program files\Acronis\DriveMonitor\adm_tray.exe" [2011-02-24 470120]
"Acronis Scheduler2 Service"="c:\program files\Common Files\Acronis\Schedule2\schedhlp.exe" [2011-02-12 365632]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"mumservice"="c:\program files\Motorola\Software Update\mumservice.exe" [2011-06-03 1066304]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"IObit Malware Fighter"="c:\program files\IObit\IObit Malware Fighter\IMF.exe" [2012-09-28 4473728]
.
c:\users\zr7driver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\zr7driver\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-7-25 26909544]
FRITZ!DSL Internet.lnk - c:\program files\FRITZ!DSL\FritzDsl.exe [2009-7-27 987960]
FRITZ!DSL Protect.lnk - c:\program files\FRITZ!DSL\FwebProt.exe [2009-4-9 1061688]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
BlueSoleil.lnk - c:\program files\IVT Corporation\BlueSoleil\gprs.exe [2007-12-27 43608]
FRITZ!DSL Startcenter.lnk - c:\windows\Installer\{74A929E2-FBD8-4736-A84E-2ABBB2ABADF2}\Icon2457326B4.exe [2010-9-14 29184]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
DSL-Manager.lnk - c:\program files\DSL-Manager\DslMgr.exe [N/A]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)
"NoFileAssociate"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute        REG_MULTI_SZ          pdboot.exe\0autocheck autochk *
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages        REG_MULTI_SZ          kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]
@="Service"
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^PHOTOfunSTUDIO 5.2 HD Edition.lnk]
backup=c:\windows\pss\PHOTOfunSTUDIO 5.2 HD Edition.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Secunia PSI Tray.lnk]
backup=c:\windows\pss\Secunia PSI Tray.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaMServer]
c:\program files\Common Files\Nokia\MPlatform\NokiaMServer [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-07-27 20:51        919008        ----a-w-        c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AndroidSync]
2011-06-17 01:41        4401152        ----a-w-        c:\program files\Android-Sync\AndroidSync.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\B2C_AGENT]
2012-03-28 00:53        404568        ----a-w-        c:\programdata\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Badoo Desktop]
2010-10-29 12:55        983552        ----a-w-        c:\programdata\Badoo\Badoo Desktop\1.2.22.828\Badoo.Desktop.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HTC Sync Loader]
2012-04-17 13:05        651264        ----a-w-        c:\program files\HTC\HTC Sync 3.0\htcUPCTLoader.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPDLR]
2012-08-31 00:52        21432        ----a-w-        c:\program files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent]
2012-08-31 00:52        3524536        ----a-w-        c:\program files\Samsung\Kies\KiesTrayAgent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LexwareInfoService]
2010-09-15 08:11        339312        ----a-w-        c:\program files\Common Files\Lexware\Update Manager\LxUpdateManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Messenger (Yahoo!)]
2012-05-25 02:25        6595928        ----a-w-        c:\progra~1\Yahoo!\Messenger\YahooMessenger.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Miranda Fusion]
2011-03-28 19:22        967508        ----a-w-        c:\program files\MirandaFusion\fusiontools\mfstart.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mumservice]
2011-06-03 13:58        1066304        ----a-w-        c:\program files\Motorola\Software Update\mumservice.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NokiaOviSuite2]
2011-05-11 19:55        724536        ----a-w-        c:\program files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2012-02-28 16:48        296056        ----a-w-        c:\program files\Real\RealPlayer\Update\realsched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
2012-01-23 04:43        247728        ----a-w-        c:\program files\TomTom HOME 2\TomTomHOMERunner.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
2010-12-09 10:45        74752        ----a-w-        c:\program files\Winamp\winampa.exe
.
R0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [x]
R1 aswSnx;aswSnx; [x]
R1 aswSP;aswSP; [x]
R1 SBRE;SBRE;c:\windows\system32\drivers\SBREdrv.sys [x]
R2 AAV UpdateService;AAV UpdateService;c:\program files\AAVUpdateManager\aavus.exe [x]
R2 ACEDRV09;ACEDRV09;c:\windows\system32\drivers\ACEDRV09.sys [x]
R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [x]
R2 AdvancedSystemCareService5;Advanced SystemCare Service 5;c:\program files\IObit\Advanced SystemCare with Antivirus 2013\ascsvc.exe [x]
R2 aswFsBlk;aswFsBlk; [x]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [x]
R2 BBUpdate;BBUpdate;c:\program files\Microsoft\BingBar\SeaPort.EXE [x]
R2 DeviceMonitorService;DeviceMonitorService;c:\program files\Motorola Media Link\NServiceEntry.exe [x]
R2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files\Common Files\MAGIX Services\Database\bin\FABS.exe [x]
R2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance;c:\program files\Firebird\Firebird_2_1\bin\fbguard.exe [x]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [x]
R2 IGDCTRL;AVM IGD CTRL Service;c:\program files\FRITZ!DSL\IGDCTRL.EXE [x]
R2 IMFservice;IMF Service;c:\program files\IObit\IObit Malware Fighter\IMFsrv.exe [x]
R2 Motorola Device Manager;Motorola Device Manager Service;c:\program files\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [x]
R2 PassThru Service;Internet Pass-Through Service;c:\program files\HTC\Internet Pass-Through\PassThruSvr.exe [x]
R2 PST Service;PST Service;c:\program files\Motorola\MotForwardDaemon\ForwardDaemon.exe [x]
R2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [x]
R2 Secunia PSI Agent;Secunia PSI Agent;c:\program files\Secunia\PSI\PSIA.exe [x]
R2 Secunia Update Agent;Secunia Update Agent;c:\program files\Secunia\PSI\sua.exe [x]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [x]
R2 Start BT in service;Start BT in service;c:\program files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe [x]
R2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [x]
R2 WiseBootAssistant;Wise Boot Assistant;c:\program files\Wise\Wise Care 365\BootTime.exe [x]
R2 WMI_Hook_Service;WMI_Hook_Service;c:\program files\msi\OSD hot keys\WMI_Hook_Service.exe [x]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x]
R3 Andbus;LGE Android Platform Composite USB Device;c:\windows\system32\DRIVERS\lgandbus.sys [x]
R3 AndDiag;LGE Android Platform USB Serial Port;c:\windows\system32\DRIVERS\lganddiag.sys [x]
R3 AndGps;LGE Android Platform USB GPS NMEA Port;c:\windows\system32\DRIVERS\lgandgps.sys [x]
R3 ANDModem;LGE Android Platform USB Modem;c:\windows\system32\DRIVERS\lgandmodem.sys [x]
R3 andnetadb;ADB Interface DriverNet;c:\windows\system32\Drivers\lgandnetadb.sys [x]
R3 ASCAntivirusSrv;AdvancedSystemCareAntivirus;c:\program files\IObit\Advanced SystemCare with Antivirus 2013\ascavsvc.exe [x]
R3 BBSvc;Bing Bar Update Service;c:\program files\Microsoft\BingBar\BBSvc.EXE [x]
R3 BTCFilterService;USB Networking Driver Filter Service;c:\windows\system32\DRIVERS\motfilt.sys [x]
R3 cpuz135;cpuz135;c:\program files\CPUID\PC Wizard 2012\pcwiz_x32.sys [x]
R3 DfSdkS;Defragmentation-Service;c:\program files\Ashampoo\Ashampoo WinOptimizer 2012\DfsdkS.exe [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [x]
R3 FileMonitor;FileMonitor;c:\program files\IObit\IObit Malware Fighter\Drivers\win7_x86\FileMonitor.sys [x]
R3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;c:\program files\Firebird\Firebird_2_1\bin\fbserver.exe [x]
R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\Common Files\MAGIX Services\Database\bin\fbserver.exe [x]
R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [x]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [x]
R3 HTCAND32;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [x]
R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys [x]
R3 lgbusenum;LG Bluetooth Bus Enumerator;c:\windows\system32\DRIVERS\lgbtbus.sys [x]
R3 MEMSWEEP2;MEMSWEEP2;c:\windows\system32\C10F.tmp [x]
R3 MFE_RR;MFE_RR;c:\users\ZR7DRI~1\AppData\Local\Temp\mfe_rr.sys [x]
R3 motandroidusb;Mot ADB Interface Driver;c:\windows\system32\Drivers\motoandroid.sys [x]
R3 motccgp;Motorola USB Composite Device Driver;c:\windows\system32\DRIVERS\motccgp.sys [x]
R3 motccgpfl;MotCcgpFlService;c:\windows\system32\DRIVERS\motccgpfl.sys [x]
R3 MotDev;Motorola Inc. USB Device;c:\windows\system32\DRIVERS\motodrv.sys [x]
R3 Motousbnet;Motorola USB Networking Driver Service;c:\windows\system32\DRIVERS\Motousbnet.sys [x]
R3 motusbdevice;Motorola USB Dev Driver;c:\windows\system32\DRIVERS\motusbdevice.sys [x]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [x]
R3 NxpCap;CTX capture service;c:\windows\system32\DRIVERS\NxpCap.sys [x]
R3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf.sys [x]
R3 RegFilter;RegFilter;c:\program files\IObit\IObit Malware Fighter\drivers\win7_x86\regfilter.sys [x]
R3 SandraAgentSrv;SiSoftware Deployment Agent Service;c:\program files\SiSoftware\SiSoftware Sandra Lite 2011b\RpcAgentSrv.exe [x]
R3 Sony PC Companion;Sony PC Companion;c:\program files\Sony\Sony PC Companion\PCCService.exe [x]
R3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [x]
R3 ssudserd;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudserd.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 UrlFilter;UrlFilter;c:\program files\IObit\IObit Malware Fighter\drivers\win7_x86\UrlFilter.sys [x]
S0 nvamacpi;NVIDIA Away Mode System;c:\windows\system32\DRIVERS\NVAMACPI.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S3 hidkmdf;Microsoft HID Class Shim for KMDF;c:\windows\system32\DRIVERS\hidkmdf.sys [x]
S3 NW1950;NextWindow 1950 Touch Screen;c:\windows\system32\DRIVERS\NW1950.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [x]
S3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;c:\windows\system32\DRIVERS\rtl8192se.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
WindowsMobile        REG_MULTI_SZ          wcescomm rapimgr
LocalServiceRestricted        REG_MULTI_SZ          WcesComm RapiMgr
.
Inhalt des "geplante Tasks" Ordners
.
2012-10-18 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-30 09:34]
.
2012-10-18 c:\windows\Tasks\GlaryInitialize.job
- c:\program files\Glary Utilities\initialize.exe [2010-09-24 21:31]
.
2012-10-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-09-12 00:11]
.
2012-10-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-09-12 00:11]
.
2012-10-18 c:\windows\Tasks\Wise Care 365.job
- c:\program files\Wise\Wise Care 365\WiseTray.exe [2012-09-28 15:24]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = about:blank
mStart Page = about:blank
IE: {{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - c:\program files\ICQ7.7\ICQ.exe
LSP: c:\program files\FRITZ!DSL\\sarah.dll
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\zr7driver\AppData\Roaming\Mozilla\Firefox\Profiles\fdux24z8.Ralf\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/
FF - ExtSQL: 2012-08-31 03:53; {d37dc5d0-431d-44e5-8c91-49419370caa1}; c:\users\zr7driver\AppData\Roaming\Mozilla\Firefox\Profiles\fdux24z8.Ralf\extensions\{d37dc5d0-431d-44e5-8c91-49419370caa1}
FF - ExtSQL: 2012-09-07 18:31; {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}; c:\program files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF - ExtSQL: 2012-09-10 14:08; {635abd67-4fe9-1b23-4f01-e679fa7484c1}; c:\users\zr7driver\AppData\Roaming\Mozilla\Firefox\Profiles\fdux24z8.Ralf\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
FF - ExtSQL: 2012-09-15 11:41; info@convert2mp3.net; c:\users\zr7driver\AppData\Roaming\Mozilla\Firefox\Profiles\fdux24z8.Ralf\extensions\info@convert2mp3.net.xpi
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.urlbar.autofill - true
FF - user.js: browser.xul.error_pages.enabled - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 3000000
FF - user.js: content.maxtextrun - 8191
FF - user.js: content.notify.backoffcount - 5
FF - user.js: content.notify.interval - 750000
FF - user.js: content.notify.ontimer - true
FF - user.js: content.notify.ontimer - true
FF - user.js: content.switch.threshold - 750000
FF - user.js: network.http.max-connections - 32
FF - user.js: network.http.max-connections-per-server - 8
FF - user.js: network.http.max-persistent-connections-per-proxy - 8
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: nglayout.initialpaint.delay - 0
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKU-Default-Run-FRITZ!protect - FwebProt.exe
MSConfigStartUp-Guard.Mail.ru - c:\program files\Guard-ICQ\GuardICQ.exe
MSConfigStartUp-KiesAirMessage - c:\program files\Samsung\Kies\KiesAirMessage.exe
MSConfigStartUp-KiesHelper - c:\program files\Samsung\Kies\KiesHelper.exe
AddRemove-FRITZ! 2.0 - c:\windows\IsUn0407.exe
AddRemove-01_Simmental - c:\program files\Samsung\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-02_Siberian - c:\program files\Samsung\USB Drivers\02_Siberian\Uninstall.exe
AddRemove-03_Swallowtail - c:\program files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - c:\program files\Samsung\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-05_Sloan - c:\program files\Samsung\USB Drivers\05_Sloan\Uninstall.exe
AddRemove-06_Spencer - c:\program files\Samsung\USB Drivers\06_Spencer\Uninstall.exe
AddRemove-07_Schorl - c:\program files\Samsung\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-08_EMPChipset - c:\program files\Samsung\USB Drivers\08_EMPChipset\Uninstall.exe
AddRemove-09_Hsp - c:\program files\Samsung\USB Drivers\09_Hsp\Uninstall.exe
AddRemove-11_HSP_Plus_Default - c:\program files\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe
AddRemove-16_Shrewsbury - c:\program files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe
AddRemove-17_EMP_Chipset2 - c:\program files\Samsung\USB Drivers\17_EMP_Chipset2\Uninstall.exe
AddRemove-18_Zinia_Serial_Driver - c:\program files\Samsung\USB Drivers\18_Zinia_Serial_Driver\Uninstall.exe
AddRemove-19_VIA_driver - c:\program files\Samsung\USB Drivers\19_VIA_driver\Uninstall.exe
AddRemove-20_NXP_Driver - c:\program files\Samsung\USB Drivers\20_NXP_Driver\Uninstall.exe
AddRemove-21_Searsburg - c:\program files\Samsung\USB Drivers\21_Searsburg\Uninstall.exe
AddRemove-22_WiBro_WiMAX - c:\program files\Samsung\USB Drivers\22_WiBro_WiMAX\Uninstall.exe
AddRemove-24_flashusbdriver - c:\program files\Samsung\USB Drivers\24_flashusbdriver\Uninstall.exe
AddRemove-25_escape - c:\program files\Samsung\USB Drivers\25_escape\Uninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MEMSWEEP2]
"ImagePath"="\??\c:\windows\system32\C10F.tmp"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System*]
"OOSAFEERASE04.00.00.01MSWINDOWS"="DBBDE485235254DA409CBF48BE3C1F1BD86E5899A5F2553E33D4006CC7C97065BAA1FEA54662FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C5D575E7D6A3B9808A2D97226D213B555A2D97226D213B5558EDD5E5BE2F6E66734B006E3C3B66076731806CE860A1F6B6FC2A0539A21BA6173BC5FC22C1322E6C00AF44FD9E51076621278C4823976BAE299F9D9D29132E6434FDE0F2BA4179B4861969E54BDC7E0192D98740532DB282979B44637615BE5F63AB529C7C8873696754EC670256F150FA3DD1689A35DA587B27E30202B8A82420A65295725AB2D6A2992029F67C77DB1CF5625BD235EAB363A19F497E9E666CAEA05EDE0BD9079F78370508834DF815F32A05F042997B5E3A9D8B4DE81ECBE2B2EBE9721FE1699E42F85F0039E9E11ECEC7149F211904430BDA7D168366BBA70CB510B89B5720ECDFA85EC9E9E3E9EA1CA11A8561BA859305603755D3086109C5C8E713E942D5EBF5A380D9A10CBA13B36DC0A2B6C157D6C79FB8D97FEB676271EDBB898B2A3123FE378DEEDB02993E7BE43BB258ED93DE3D0B7C6A613C62BF7F23512230A8638C15335B5C2A40CF2CD98CA51296BD3270627EE984FC1D7EF6F60A7712079DA623485F127F4747EC4031D89215355B0CEB76F6FB807445B875D12569103C278A57400C78D16895E0C14C52C4872FE724C53BC9A247CB81CBA89D2F5EDF50C8C1CD5E6DD07ED355D5780B374238603713AA449669B0C9F33D6AC96D24952E019639F87F775F2A90132BDAAB4D6C8DBD83AECF0DAA3CADE12ADF473C9A82DAF719C8CCEE67FD4FD24303393D7CAA26B25EE62B515828041FB910622CD53C6C83FED4BD1128E752F72E83CF757A833F4AA7F2C3CC7C427F0085DF381E4D71A647E01FE46F4D1E79B6F76A98AC4604CA1109868CB383D7002A2EBC9922A87521D0104BF861F3BF707F0F6BF1DC326F47D50E8A8D33DFCBE698C9E857CCA77D0EF6A279812347FA1181F0E35A78EEE67F839A46FE3C65D29FE585B98880900AA4134A1860CEA1B98DAF9E0B7C76EF61168EE04B931D57A7C82EC8869A3BBBF27D42BAB7E3B0EC93FBE519BE53C463D97846741F094FDB3B6940894D161CC1743D7EE04660A7D10B296CBEB54E809064EE8EC9C788A69AF8CB8386E20F63BAA3056756B1987ACB13D9A63050BD43FD6C1969ED924B5D5D265DAE28C973E196350C409A867E623BA6266E41E862E06FB2FF27041BC58944C5C47BD666B358BEFBF78438413FE7B78D6F7F37036C28B8389C4A71D015C0A8BC0AFD5F8C7FCCEC0C7AB17CDD34BE4FC043384BBFE0916C1F738E0BE20CFB0C316A889C4C9DC2F8A6AFC4754D269A39F88E06142B795FC4E54608878BF6215ED15AC8ECE83BD10C6DBEE6FEE319C0EF8B42A28CAAC26"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
.
- - - - - - - > 'Explorer.exe'(1420)
c:\users\zr7driver\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
c:\program files\Sophos\Windows Shortcut Exploit Protection Tool\SophosLinkIconHandler32.dll
.
Zeit der Fertigstellung: 2012-10-18  22:00:48
ComboFix-quarantined-files.txt  2012-10-18 20:00
.
Vor Suchlauf: 26 Verzeichnis(se), 626.661.556.224 Bytes frei
Nach Suchlauf: 27 Verzeichnis(se), 626.544.930.816 Bytes frei
.
- - End Of File - - 4B103CB85B42C32C8CB4BDF81CA030B9
--- --- ---

cosinus 18.10.2012 21:18
Bitte nun Logs mit GMER und OSAM erstellen und posten.
GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen.
Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst.

Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM!

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
  • Starte die aswMBR.exe - (aswMBR.exe Anleitung)
    Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten".
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen )
    Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS-Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).



Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes:
Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.

zr7driver 19.10.2012 03:05
Code:
GMER 1.0.15.15641 - hxxp://www.gmer.net
Rootkit quick scan 2012-10-19 04:04:12
Windows 6.1.7601 Service Pack 1 Harddisk0\DR0 -> \Device\00000079 WDC_WD10 rev.80.0
Running: pzn62xhh.exe; Driver: C:\Users\ZR7DRI~1\AppData\Local\Temp\ugtyruog.sys


---- System - GMER 1.0.15 ----

Code            \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)  ZwCreateProcessEx [0x9203E966]
Code            \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software)  ObMakeTemporaryObject

---- Devices - GMER 1.0.15 ----

Device                                                                                                aswSP.SYS (avast! self protection module/AVAST Software)
Device                                                                                                Ntfs.sys (NT-Dateisystemtreiber/Microsoft Corporation)

AttachedDevice  \Driver\tdx \Device\Tcp                                                                aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
AttachedDevice  \Driver\tdx \Device\Udp                                                                aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)

---- EOF - GMER 1.0.15 ----
OSAM Logfile:
Code:
Report of OSAM: Autorun Manager v5.0.11926.0
hxxp://www.online-solutions.ru/en/
Saved at 04:10:51 on 19.10.2012

OS: Windows 7 Home Premium Edition Service Pack 1 (Build 7601), 32-bit
Default Browser: Google Inc. Google Chrome 22.0.1229.94

Scanner Settings
[x] Rootkits detection (hidden registry)
[x] Rootkits detection (hidden files)
[x] Retrieve files information
[x] Check Microsoft signatures

Filters
[ ] Trusted entries
[ ] Empty entries
[x] Hidden registry entries (rootkit activity)
[x] Exclusively opened files
[x] Not found files
[x] Files without detailed information
[x] Existing files
[ ] Non-startable services
[ ] Non-startable drivers
[x] Active entries
[x] Disabled entries


[Boot Execute]
-----( HKLM\SYSTEM\CurrentControlSet\Control\Session Manager )-----
"BootExecute" - "Raxco Software, Inc." - C:\Windows\system32\pdboot.exe

[Common]
-----( %SystemRoot%\Tasks )-----
"Wise Care 365.job" - "WiseCleaner.com" - C:\Program Files\Wise\Wise Care 365\WiseTray.exe
"GlaryInitialize.job" - "Glarysoft Ltd" - C:\Program Files\Glary Utilities\initialize.exe
"GoogleUpdateTaskMachineCore.job" - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe
"GoogleUpdateTaskMachineUA.job" - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe
"Adobe Flash Player Updater.job" - "Adobe Systems Incorporated" - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

[Control Panel Objects]
-----( %SystemRoot%\system32 )-----
"Firebird2Control.cpl" - "IBPhoenix" - C:\Windows\system32\Firebird2Control.cpl
"FlashPlayerCPLApp.cpl" - "Adobe Systems Incorporated" - C:\Windows\system32\FlashPlayerCPLApp.cpl
"PCWizard.cpl" - "CPUID" - C:\Windows\system32\PCWizard.cpl
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )-----
"QuickTime" - "Apple Inc." - C:\Program Files\QuickTime\QTSystem\QuickTime.cpl

[Drivers]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"ACEDRV09" (ACEDRV09) - "Protect Software GmbH" - C:\Windows\system32\drivers\ACEDRV09.sys
"aswFsBlk" (aswFsBlk) - "AVAST Software" - C:\Windows\system32\drivers\aswFsBlk.sys
"aswMonFlt" (aswMonFlt) - "AVAST Software" - C:\Windows\system32\drivers\aswMonFlt.sys
"aswRdr" (aswRdr) - "AVAST Software" - C:\Windows\System32\Drivers\aswrdr2.sys
"aswSnx" (aswSnx) - "AVAST Software" - C:\Windows\system32\drivers\aswSnx.sys
"aswSP" (aswSP) - "AVAST Software" - C:\Windows\system32\drivers\aswSP.sys
"avast! Network Shield Support" (aswTdi) - "AVAST Software" - C:\Windows\system32\drivers\aswTdi.sys
"bdfsfltr" (bdfsfltr) - "BitDefender" - C:\Windows\System32\DRIVERS\bdfsfltr.sys
"catchme" (catchme) - ? - C:\Users\ZR7DRI~1\AppData\Local\Temp\catchme.sys  (File not found)
"cpuz135" (cpuz135) - "CPUID" - C:\Program Files\CPUID\PC Wizard 2012\pcwiz_x32.sys
"DefragFS" (DefragFS) - "Raxco Software, Inc." - C:\Windows\system32\drivers\DefragFS.sys
"FileMonitor" (FileMonitor) - "IObit" - C:\Program Files\IObit\IObit Malware Fighter\Drivers\win7_x86\FileMonitor.sys
"FssFltr" (fssfltr) - "Microsoft Corporation" - C:\Windows\System32\DRIVERS\fssfltr.sys
"Lbd" (Lbd) - ? - C:\Windows\System32\DRIVERS\Lbd.sys  (File not found)
"LG Bluetooth Bus Enumerator" (lgbusenum) - ? - C:\Windows\System32\DRIVERS\lgbtbus.sys  (File not found)
"LGE Mobile Composite USB Device" (usbbus) - ? - C:\Windows\System32\DRIVERS\lgusbbus.sys  (File not found)
"LGE Mobile USB Modem" (USBModem) - ? - C:\Windows\System32\DRIVERS\lgusbmodem.sys  (File not found)
"LGE Mobile USB Serial Port" (UsbDiag) - ? - C:\Windows\System32\DRIVERS\lgusbdiag.sys  (File not found)
"MEMSWEEP2" (MEMSWEEP2) - ? - C:\Windows\system32\C10F.tmp  (File not found)
"MFE_RR" (MFE_RR) - ? - C:\Users\ZR7DRI~1\AppData\Local\Temp\mfe_rr.sys  (File not found)
"Mot ADB Interface Driver" (motandroidusb) - ? - C:\Windows\System32\Drivers\motoandroid.sys  (File not found)
"Motorola Inc. USB Device" (MotDev) - ? - C:\Windows\System32\DRIVERS\motodrv.sys  (File not found)
"PSI" (PSI) - "Secunia" - C:\Windows\System32\DRIVERS\psi_mf.sys
"RegFilter" (RegFilter) - "IObit.com" - C:\Program Files\IObit\IObit Malware Fighter\drivers\win7_x86\regfilter.sys
"SANDRA" (SANDRA) - "SiSoftware" - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011b\WNt500x86\Sandra.sys
"SBRE" (SBRE) - ? - C:\Windows\system32\drivers\SBREdrv.sys  (File not found)
"Trufos" (Trufos) - "BitDefender S.R.L." - C:\Windows\System32\DRIVERS\TRUFOS.sys
"ugtyruog" (ugtyruog) - ? - C:\Users\ZR7DRI~1\AppData\Local\Temp\ugtyruog.sys  (Hidden registry entry, rootkit activity | File not found)
"UrlFilter" (UrlFilter) - "IObit.com" - C:\Program Files\IObit\IObit Malware Fighter\drivers\win7_x86\UrlFilter.sys

[Explorer]
-----( HKCU\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----
{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt" - ? -  (File not found | COM-object registry key not found)
{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt" - ? -  (File not found | COM-object registry key not found)
{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt" - ? -  (File not found | COM-object registry key not found)
{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} "DropboxExt" - ? -  (File not found | COM-object registry key not found)
-----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )-----
{F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
-----( HKLM\Software\Classes\Protocols\Filter )-----
{807553E5-5146-11D5-A672-00B0D022E945} "text/xml" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL
-----( HKLM\Software\Classes\Protocols\Handler )-----
{32505114-5902-49B2-880A-1F7738E5A384} "Data Page Plugable Protocal mso-offdap11 Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL
{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} "IEProtocolHandler Class" - "Skype Technologies" - C:\PROGRA~1\COMMON~1\Skype\Skype4COM.dll
{828030A1-22C1-4009-854F-8E305202313F} "livecall" - "Microsoft Corporation" - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL
{0A9007C0-4076-11D3-8789-0000F8105754} "Microsoft Infotech Storage Protocol for IE 4.0" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll
{828030A1-22C1-4009-854F-8E305202313F} "msnim" - "Microsoft Corporation" - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL
{91774881-D725-4E58-B298-07617B9B86A8} "Skype IE add-on Pluggable Protocol" - "Skype Technologies S.A." - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
{03C514A3-1EFB-4856-9F99-10D7BE1653C0} "Windows Live Mail HTML Asynchronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\Program Files\Windows Live\Mail\mailcomm.dll
{C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} "WOT Protocol" - "WOT Services Oy" - C:\Program Files\WOT\WOT.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----
{23170F69-40C1-278A-1000-000100020000} "7-Zip Shell Extension" - "Igor Pavlov" - C:\Program Files\7-Zip\7-zip.dll
{472083B0-C522-11CF-8763-00608CC02F24} "avast" - "AVAST Software" - C:\Program Files\AVAST Software\Avast\ashShell.dll
{DE902992-61FC-4A01-8091-53E1895C9775} "CDR Icon Handler" - "Corel Corporation" - c:\Program Files\Common Files\Corel\Shared\Shell Extension\ShellXP.dll
{7AD101F2-0B93-4D66-A1CA-DF73F3C4377B} "CDR preview provider" - "Corel Corporation" - c:\Program Files\Common Files\Corel\Shared\Shell Extension\ShellVista.dll
{7FA63AC0-F5BC-4F3B-A9CF-94328D812B62} "CDR Property Handler" - "Corel Corporation" - c:\Program Files\Common Files\Corel\Shared\Shell Extension\ShellVista.dll
{1462EBAA-96E7-4D93-9A66-0E4068DE4FCF} "CDR Thumbnail provider" - "Corel Corporation" - c:\Program Files\Common Files\Corel\Shared\Shell Extension\ShellXP.dll
{0563DB41-F538-4B37-A92D-4659049B7766} "CLSID_WLMCMimeFilter" - "Microsoft Corporation" - C:\Program Files\Windows Live\Mail\mailcomm.dll
{DE902994-61FC-4A01-8091-53E1895C9775} "CMX Icon Handler" - "Corel Corporation" - c:\Program Files\Common Files\Corel\Shared\Shell Extension\ShellXP.dll
{1462EBAC-96E7-4D93-9A66-0E4068DE4FCF} "CMX Thumbnail provider" - "Corel Corporation" - c:\Program Files\Common Files\Corel\Shared\Shell Extension\ShellXP.dll
{DE902993-61FC-4A01-8091-53E1895C9775} "CPT Icon Handler" - "Corel Corporation" - c:\Program Files\Common Files\Corel\Shared\Shell Extension\ShellXP.dll
{7FA63AC1-F5BC-4F3B-A9CF-94328D812B62} "CPT Property Handler" - "Corel Corporation" - c:\Program Files\Common Files\Corel\Shared\Shell Extension\ShellVista.dll
{1462EBAB-96E7-4D93-9A66-0E4068DE4FCF} "CPT Thumbnail provider" - "Corel Corporation" - c:\Program Files\Common Files\Corel\Shared\Shell Extension\ShellXP.dll
{A70C977A-BF00-412C-90B7-034C51DA2439} "DesktopContext Class" - "NVIDIA Corporation" - C:\Program Files\NVIDIA Corporation\Display\nvui.dll
{7506374C-A693-427B-8DDD-99DAFB79433D} "GeoSetterShellExt" - "Friedemann Schmidt" - C:\PROGRA~1\GeoSetter\GeoSetterShellExt.dll
{72923739-5A47-40A3-9895-25AF0DFBB9E4} "Glary Utilities Context Menu Shell Extension" - "Glarysoft Ltd" - C:\PROGRA~1\GLARYU~1\CONTEX~1.DLL
{8D1636FD-CA49-4B4E-90E4-0A20E03A15E8} "JetFlExt Class" - "JetAudio" - C:\Program Files\JetAudio\JetFlExt.dll
{CD05BB5B-F022-4FA0-946F-3FF62896BED7} "LinkIconHandler Class" - "Sophos Plc" - C:\Program Files\Sophos\Windows Shortcut Exploit Protection Tool\SophosLinkIconHandler32.dll
{42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Program Files\Microsoft Office\OFFICE11\msohev.dll
{993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll
{00020D75-0000-0000-C000-000000000046} "Microsoft Office Outlook" - "Microsoft Corporation" - C:\PROGRA~1\MIF5BA~1\OFFICE11\MLSHEXT.DLL
{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll
{3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} "NVIDIA CPL Context Menu Extension" - "NVIDIA Corporation" - C:\Windows\system32\nvshext.dll
{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "OpenOffice.org Column Handler" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
{087B3AE3-E237-4467-B8DB-5A38AB959AC9} "OpenOffice.org Infotip Handler" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
{AE424E85-F6DF-4910-A6A9-438797986431} "OpenOffice.org Property Handler" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\propertyhdl.dll
{63542C48-9552-494A-84F7-73AA6A7C99C1} "OpenOffice.org Property Sheet Handler" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
{3B092F0C-7696-40E3-A80F-68D74DA84210} "OpenOffice.org Thumbnail Viewer" - ? - C:\Program Files\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
{0006F045-0000-0000-C000-000000000046} "Outlook-Dateisymbolerweiterung" - "Microsoft Corporation" - C:\PROGRA~1\MIF5BA~1\OFFICE11\OLKFSTUB.DLL
{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} "RealOne Player Context Menu Class" - "RealNetworks, Inc." - c:\program files\real\realplayer\rpshell.dll
{E8D43C7E-EFA1-41A2-9AD9-0CFECD1678B7} "SafeEraseObj Class" - "O&O Software GmbH" - C:\Program Files\OO Software\SafeErase\oosesh.dll
{45AC2688-0253-4ED8-97DE-B5370FA7D48A} "Shell Extension for Malware scanning" - ? -  (File not found | COM-object registry key not found)
{BDEADF00-C265-11D0-BCED-00A0C90AB50F} "Webordner" - "Microsoft Corporation" - C:\PROGRA~1\COMMON~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL
{2BE99FD4-A181-4996-BFA9-58C5FFD11F6C} "Windows Live Photo Gallery Autoplay Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe
{00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C} "Windows Live Photo Gallery Editor Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe
{00F3712A-CA79-45B4-9E4D-D7891E7F8B9D} "Windows Live Photo Gallery Editor Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
{00F30F90-3E96-453B-AFCD-D71989ECC2C7} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
{00F33137-EE26-412F-8D71-F84E4C2C6625} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
{00F374B7-B390-4884-B372-2FC349F2172B} "Windows Live Photo Gallery Viewer Drop Target" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoGallery.exe
{00F346CB-35A4-465B-8B8F-65A29DBAB1F6} "Windows Live Photo Gallery Viewer Shim" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
{B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - "Alexander Roshal" - C:\Program Files\WinRAR\rarext.dll
{06A2568A-CED6-4187-BB20-400B8C02BE5A} "{06A2568A-CED6-4187-BB20-400B8C02BE5A}" - "Microsoft Corporation" - C:\Program Files\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe

[Internet Explorer]
-----( HKCU\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars )-----
{21347690-EC41-4F9A-8887-1F4AEE672439} "Canon Easy-WebPrint EX" - "CANON INC." - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll
{D0D54496-CDFE-4B7E-AC72-08F5E5E3FFC8} "{D0D54496-CDFE-4B7E-AC72-08F5E5E3FFC8}" - ? -  (File not found | COM-object registry key not found)
-----( HKCU\SOFTWARE\Microsoft\Internet Explorer\Extensions )-----
"eBay - Der weltweite Online-Marktplatz" - ? - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4  (HTTP value)
-----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )-----
<binary data> "Canon Easy-WebPrint EX" - "CANON INC." - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll
ITBar7Height "ITBar7Height" - ? -  (File not found | COM-object registry key not found)
<binary data> "ITBar7Layout" - ? -  (File not found | COM-object registry key not found)
<binary data> "WOT" - "WOT Services Oy" - C:\Program Files\WOT\WOT.dll
<binary data> "{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107}" - ? -  (File not found | COM-object registry key not found)
-----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )-----
{30528230-99f7-4bb4-88d8-fa1d4f56a2ab} "Installation Support" - "Yahoo! Inc." - C:\Program Files\Yahoo!\Common\Yinsthelper.dll / C:\Program Files\Yahoo!\Common\Yinsthelper.dll
{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} "Java Plug-in 1.6.0_22" - "Oracle Corporation" - C:\Program Files\Java\jre7\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 10.7.2" - "Oracle Corporation" - C:\Program Files\Java\jre7\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
{1E3F1348-4370-4BBE-A67A-CC7ED824CA85} "Microsoft Genuine Advantage Self Support Tool" - "Microsoft Corporation" - C:\Windows\system32\SelfHelpControl.DLL / hxxp://download.microsoft.com/download/7/4/9/749b0dc5-2175-4d5b-a6dd-9c4bc923683e/Selfhelpcontrol.cab
{17492023-C23A-453E-A040-C7C580BBF700} "Windows Genuine Advantage Validation Tool" - "Microsoft Corporation" - C:\Windows\system32\LegitCheckControl.DLL / hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab
{8AD9C840-044E-11D1-B3E9-00805F499D93} "{8AD9C840-044E-11D1-B3E9-00805F499D93}" - "Oracle Corporation" - C:\Program Files\Java\jre7\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
{C345E174-3E87-4F41-A01C-B066A90A49B4} "{C345E174-3E87-4F41-A01C-B066A90A49B4}" - ? -  (File not found | COM-object registry key not found) / hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )-----
{2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} "@C:\Windows\WindowsMobile\INetRepl.dll,-222" - "Microsoft Corporation" - C:\Windows\WindowsMobile\INetRepl.dll
{68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} "AVG Do Not Track" - ? -  (File not found | COM-object registry key not found)
{2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} "ClsidExtension" - "Microsoft Corporation" - C:\Windows\WindowsMobile\INetRepl.dll
{53707962-6F74-2D53-2644-206D7942484F} "ClsidExtension" - "Safer Networking Limited" - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
"ICQ7.7" - "ICQ, LLC." - C:\Program Files\ICQ7.7\ICQ.exe
{5F7B1267-94A9-47F5-98DB-E99415F33AEC} "In Blog veröffentlichen" - "Microsoft Corporation" - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
{FF059E31-CC5A-4E2E-BF3B-96E929D65503} "Recherchieren" - "Microsoft Corporation" - C:\PROGRA~1\MIF5BA~1\OFFICE11\REFIEBAR.DLL
{898EA8C8-E7FF-479B-8935-AEC46303B9E5} "Skype Click to Call" - "Skype Technologies S.A." - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )-----
<binary data> "avast! WebRep" - "AVAST Software" - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
{8dcb7100-df86-4384-8842-8fa844297b3f} "Bing Bar" - "Microsoft Corporation." - C:\Program Files\Microsoft\BingBar\BingExt.dll
{759D9886-0C6F-4498-BAB6-4A5F47C6C72F} "Canon Easy-WebPrint EX" - "CANON INC." - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll
{71576546-354D-41c9-AAE8-31F2EC22BF0D} "WOT" - "WOT Services Oy" - C:\Program Files\WOT\WOT.dll
<binary data> "Yahoo! Toolbar" - "Yahoo! Inc." - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )-----
{02478D38-C3F9-4efb-9B51-7695ECA05670} "&Yahoo! Toolbar Helper" - "Yahoo! Inc." - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
{18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} "avast! WebRep" - "AVAST Software" - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
{d2ce3e00-f94a-4740-988e-03dc2f38c34f} "Bing Bar Helper" - "Microsoft Corporation." - C:\Program Files\Microsoft\BingBar\BingExt.dll
{3785D0AD-BFFF-47F6-BF5B-A587C162FED9} "Canon Easy-WebPrint EX BHO" - "CANON INC." - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll
{DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Oracle Corporation" - C:\Program Files\Java\jre7\bin\jp2ssv.dll
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} "Java(tm) Plug-In SSV Helper" - "Oracle Corporation" - C:\Program Files\Java\jre7\bin\ssv.dll
{3049C3E9-B461-4BC5-8870-4C09146192CA} "RealPlayer Download and Record Plugin for Internet Explorer" - "RealPlayer" - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} "Skype Browser Helper" - "Skype Technologies S.A." - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
{53707962-6F74-2D53-2644-206D7942484F} "Spybot-S&D IE Protection" - "Safer Networking Limited" - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
{9030D464-4C02-4ABF-8ECC-5164760863C6} "Windows Live ID-Anmelde-Hilfsprogramm" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
{C920E44A-7F78-4E64-BDD7-A57026E7FEB7} "WOT Helper" - "WOT Services Oy" - C:\Program Files\WOT\WOT.dll

[Known DLLs]
-----( HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\KnownDLLs )-----
"advapi32" - "Microsoft Corporation" - C:\Windows\system32\advapi32.dll  (Hidden registry entry, rootkit activity | File signed by Microsoft)
"clbcatq" - "Microsoft Corporation" - C:\Windows\system32\clbcatq.dll  (Hidden registry entry, rootkit activity | File signed by Microsoft)
"COMDLG32" - "Microsoft Corporation" - C:\Windows\system32\COMDLG32.dll  (Hidden registry entry, rootkit activity | File signed by Microsoft)
"DifxApi" - "Microsoft Corporation" - C:\Windows\system32\difxapi.dll  (Hidden registry entry, rootkit activity | File signed by Microsoft)
"gdi32" - "Microsoft Corporation" - C:\Windows\system32\gdi32.dll  (Hidden registry entry, rootkit activity | File signed by Microsoft)
"IERTUTIL" - "Microsoft Corporation" - C:\Windows\system32\IERTUTIL.dll  (Hidden registry entry, rootkit activity | File signed by Microsoft)
"IMAGEHLP" - "Microsoft Corporation" - C:\Windows\system32\IMAGEHLP.dll  (Hidden registry entry, rootkit activity | File signed by Microsoft)
"IMM32" - "Microsoft Corporation" - C:\Windows\system32\IMM32.dll  (Hidden registry entry, rootkit activity | File signed by Microsoft)
"kernel32" - "Microsoft Corporation" - C:\Windows\system32\kernel32.dll  (Hidden registry entry, rootkit activity | File signed by Microsoft)
"LPK" - "Microsoft Corporation" - C:\Windows\system32\LPK.dll  (Hidden registry entry, rootkit activity | File signed by Microsoft)
"MSCTF" - "Microsoft Corporation" - C:\Windows\system32\MSCTF.dll  (Hidden registry entry, rootkit activity | File signed by Microsoft)
"MSVCRT" - "Microsoft Corporation" - C:\Windows\system32\MSVCRT.dll  (Hidden registry entry, rootkit activity | File signed by Microsoft)
"NORMALIZ" - "Microsoft Corporation" - C:\Windows\system32\NORMALIZ.dll  (Hidden registry entry, rootkit activity | File signed by Microsoft)
"NSI" - "Microsoft Corporation" - C:\Windows\system32\NSI.dll  (Hidden registry entry, rootkit activity | File signed by Microsoft)
"ole32" - "Microsoft Corporation" - C:\Windows\system32\ole32.dll  (Hidden registry entry, rootkit activity | File signed by Microsoft)
"OLEAUT32" - "Microsoft Corporation" - C:\Windows\system32\OLEAUT32.dll  (Hidden registry entry, rootkit activity | File signed by Microsoft)
"PSAPI" - "Microsoft Corporation" - C:\Windows\system32\PSAPI.DLL  (Hidden registry entry, rootkit activity | File signed by Microsoft)
"rpcrt4" - "Microsoft Corporation" - C:\Windows\system32\rpcrt4.dll  (Hidden registry entry, rootkit activity | File signed by Microsoft)
"sechost" - "Microsoft Corporation" - C:\Windows\system32\sechost.dll  (Hidden registry entry, rootkit activity | File signed by Microsoft)
"Setupapi" - "Microsoft Corporation" - C:\Windows\system32\Setupapi.dll  (Hidden registry entry, rootkit activity | File signed by Microsoft)
"SHELL32" - "Microsoft Corporation" - C:\Windows\system32\SHELL32.dll  (Hidden registry entry, rootkit activity | File signed by Microsoft)
"SHLWAPI" - "Microsoft Corporation" - C:\Windows\system32\SHLWAPI.dll  (Hidden registry entry, rootkit activity | File signed by Microsoft)
"URLMON" - "Microsoft Corporation" - C:\Windows\system32\URLMON.dll  (Hidden registry entry, rootkit activity | File signed by Microsoft)
"user32" - "Microsoft Corporation" - C:\Windows\system32\user32.dll  (Hidden registry entry, rootkit activity | File signed by Microsoft)
"USP10" - "Microsoft Corporation" - C:\Windows\system32\USP10.dll  (Hidden registry entry, rootkit activity | File signed by Microsoft)
"WININET" - "Microsoft Corporation" - C:\Windows\system32\WININET.dll  (Hidden registry entry, rootkit activity | File signed by Microsoft)
"WLDAP32" - "Microsoft Corporation" - C:\Windows\system32\WLDAP32.dll  (Hidden registry entry, rootkit activity | File signed by Microsoft)
"WS2_32" - "Microsoft Corporation" - C:\Windows\system32\WS2_32.dll  (Hidden registry entry, rootkit activity | File signed by Microsoft)

[LSA Providers]
-----( HKLM\SYSTEM\CurrentControlSet\Control\Lsa )-----
"Security Packages" - "Microsoft Corporation" - C:\Windows\system32\livessp.dll

[Logon]
-----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"desktop.ini" - ? - C:\Users\zr7driver\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
"Dropbox.lnk" - "Dropbox, Inc." - C:\Users\zr7driver\AppData\Roaming\Dropbox\bin\Dropbox.exe  (Shortcut exists | File exists)
"FRITZ!DSL Internet.lnk" - "AVM Berlin" - C:\Program Files\FRITZ!DSL\FritzDsl.exe  (Shortcut exists | File exists)
"FRITZ!DSL Protect.lnk" - "AVM Berlin" - C:\Program Files\FRITZ!DSL\FwebProt.exe  (Shortcut exists | File exists)
-----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"BlueSoleil.lnk" - "IVT Corporation." - C:\Program Files\IVT Corporation\BlueSoleil\gprs.exe  (Shortcut exists | File exists)
"desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
"FRITZ!DSL Startcenter.lnk" - "AVM Berlin" - C:\Program Files\FRITZ!DSL\StCenter.exe  (Shortcut exists | File exists)
-----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )-----
"Advanced SystemCare 5" - "IObit" - "C:\Program Files\IObit\Advanced SystemCare with Antivirus 2013\ASCTray.exe" /AutoStart
"KiesPDLR" - ? - C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
"KiesPreload" - "Samsung" - C:\Program Files\Samsung\Kies\Kies.exe /preload
-----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )-----
"StartupPrograms" - ? - rdpclip  (File not found)
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )-----
"Acronis Scheduler2 Service" - "Acronis" - "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe"
"adm_tray.exe" - ? - C:\Program Files\Acronis\DriveMonitor\adm_tray.exe
"Adobe ARM" - "Adobe Systems Incorporated" - "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"APSDaemon" - "Apple Inc." - "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"avast" - "AVAST Software" - "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
"CanonMyPrinter" - "CANON INC." - C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
"CanonSolutionMenuEx" - "CANON INC." - C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
"CLMLServer" - "CyberLink" - "C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe"
"IndexSearch" - "ScanSoft, Inc." - C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
"IObit Malware Fighter" - "IObit" - "C:\Program Files\IObit\IObit Malware Fighter\IMF.exe" /autostart
"mumservice" - "Motorola" - C:\Program Files\Motorola\Software Update\mumservice.exe
"PaperPort PTD" - "ScanSoft, Inc." - C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
"QuickTime Task" - "Apple Inc." - "C:\Program Files\QuickTime\QTTask.exe" -atboottime
"SSBkgdUpdate" - "Scansoft, Inc." - "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
"SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

[Print Monitors]
-----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )-----
"FRITZ!fax Color Monitor" - "AVM Berlin" - C:\Windows\system32\FritzVistaColorMon.dll
"FRITZ!fax Port Monitor" - "AVM Berlin" - C:\Windows\system32\FritzVistaMon.dll
"Microsoft Document Imaging Writer Monitor" - "Microsoft Corporation" - C:\Windows\system32\mdimon.dll
"PDFCreator" - ? - C:\Windows\system32\pdfcmnnt.dll  (File found, but it contains no detailed information)

[Services]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"AAV UpdateService" (AAV UpdateService) - ? - C:\Program Files\AAVUpdateManager\aavus.exe
"Acronis Scheduler2 Service" (AcrSch2Svc) - "Acronis" - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
"Adobe Acrobat Update Service" (AdobeARMservice) - "Adobe Systems Incorporated" - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
"Adobe Flash Player Update Service" (AdobeFlashPlayerUpdateSvc) - "Adobe Systems Incorporated" - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
"Advanced SystemCare Service 5" (AdvancedSystemCareService5) - "IObit" - C:\Program Files\IObit\Advanced SystemCare with Antivirus 2013\ascsvc.exe
"AdvancedSystemCareAntivirus" (ASCAntivirusSrv) - "IOBit" - C:\Program Files\IObit\Advanced SystemCare with Antivirus 2013\ascavsvc.exe
"ASP.NET-Zustandsdienst" (aspnet_state) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
"avast! Antivirus" (avast! Antivirus) - "AVAST Software" - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
"AVM IGD CTRL Service" (IGDCTRL) - "AVM Berlin" - C:\Program Files\FRITZ!DSL\IGDCTRL.EXE
"BBUpdate" (BBUpdate) - "Microsoft Corporation" - C:\Program Files\Microsoft\BingBar\SeaPort.EXE
"Bing Bar Update Service" (BBSvc) - "Microsoft Corporation." - C:\Program Files\Microsoft\BingBar\BBSvc.EXE
"BlueSoleil Hid Service" (BlueSoleil Hid Service) - ? - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe  (File found, but it contains no detailed information)
"Canon Inkjet Printer/Scanner/Fax Extended Survey Program" (IJPLMSVC) - ? - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
"Cyberlink RichVideo Service(CRVS)" (RichVideo) - ? - C:\Program Files\CyberLink\Shared files\RichVideo.exe
"Defragmentation-Service" (DfSdkS) - "mst software GmbH, Germany" - C:\Program Files\Ashampoo\Ashampoo WinOptimizer 2012\DfsdkS.exe
"DeviceMonitorService" (DeviceMonitorService) - "Nero AG" - C:\Program Files\Motorola Media Link\NServiceEntry.exe
"FABS - Helping agent for MAGIX media database" (Fabs) - "MAGIX AG" - C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
"Firebird Guardian - DefaultInstance" (FirebirdGuardianDefaultInstance) - "Firebird Project" - C:\Program Files\Firebird\Firebird_2_1\bin\fbguard.exe
"Firebird Server - DefaultInstance" (FirebirdServerDefaultInstance) - "Firebird Project" - C:\Program Files\Firebird\Firebird_2_1\bin\fbserver.exe
"Firebird Server - MAGIX Instance" (FirebirdServerMAGIXInstance) - "MAGIX®" - C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe
"Google Update Service (gupdate)" (gupdate) - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe
"Google Update-Dienst (gupdatem)" (gupdatem) - "Google Inc." - C:\Program Files\Google\Update\GoogleUpdate.exe
"IMF Service" (IMFservice) - "IObit" - C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
"InstallDriver Table Manager" (IDriverT) - "Macrovision Corporation" - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
"Internet Pass-Through Service" (PassThru Service) - ? - C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
"Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
"Motorola Device Manager Service" (Motorola Device Manager) - ? - C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
"Mozilla Maintenance Service" (MozillaMaintenance) - "Mozilla Foundation" - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
"Office Source Engine" (ose) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
"PDAgent" (PDAgent) - "Raxco Software, Inc." - C:\Program Files\Raxco\PerfectDisk10\PDAgent.exe
"PDEngine" (PDEngine) - "Raxco Software, Inc." - C:\Program Files\Raxco\PerfectDisk10\PDEngine.exe
"PST Service" (PST Service) - "Motorola" - C:\Program Files\Motorola\MotForwardDaemon\ForwardDaemon.exe
"SBSD Security Center Service" (SBSDWSCService) - "Safer Networking Ltd." - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
"Secunia PSI Agent" (Secunia PSI Agent) - "Secunia" - C:\Program Files\Secunia\PSI\PSIA.exe
"Secunia Update Agent" (Secunia Update Agent) - "Secunia" - C:\Program Files\Secunia\PSI\sua.exe
"ServiceLayer" (ServiceLayer) - "Nokia" - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
"SiSoftware Deployment Agent Service" (SandraAgentSrv) - "SiSoftware" - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011b\RpcAgentSrv.exe
"Skype C2C Service" (Skype C2C Service) - "Skype Technologies S.A." - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
"Skype Updater" (SkypeUpdate) - "Skype Technologies" - C:\Program Files\Skype\Updater\Updater.exe
"Sony PC Companion" (Sony PC Companion) - "Avanquest Software" - C:\Program Files\Sony\Sony PC Companion\PCCService.exe
"Start BT in service" (Start BT in service) - ? - C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe  (File found, but it contains no detailed information)
"TomTomHOMEService" (TomTomHOMEService) - "TomTom" - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
"Windows Live Family Safety-Dienst" (fsssvc) - "Microsoft Corporation" - C:\Program Files\Windows Live\Family Safety\fsssvc.exe
"Windows Live ID Sign-in Assistant" (wlidsvc) - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
"Wise Boot Assistant" (WiseBootAssistant) - "WiseCleaner.com" - C:\Program Files\Wise\Wise Care 365\BootTime.exe
"WMI_Hook_Service" (WMI_Hook_Service) - "MICRO-STAR INT'L,.LTD." - C:\Program Files\msi\OSD hot keys\WMI_Hook_Service.exe
"Yahoo! Updater" (YahooAUService) - "Yahoo! Inc." - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

[Winsock Providers]
-----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )-----
"Sarah NSP" - "AVM Berlin" - C:\Program Files\FRITZ!DSL\sarah.dll
"WindowsLive Local NSP" - "Microsoft Corporation" - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
-----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries )-----
"SARAH LSP" - "AVM Berlin" - C:\Program Files\FRITZ!DSL\sarah.dll

===[ Logfile end ]=========================================[ Logfile end ]===
--- --- ---
If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru
[/code]

Code:
aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-10-19 04:12:12
-----------------------------
04:12:12.297    OS Version: Windows 6.1.7601 Service Pack 1
04:12:12.297    Number of processors: 2 586 0x170A
04:12:12.301    ComputerName: ZR7DRIVER-PC  UserName: zr7driver
04:12:14.830    Initialize success
04:12:14.966    AVAST engine defs: 12101802
04:13:11.623    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000079
04:13:11.629    Disk 0 Vendor: WDC_WD10 80.0 Size: 953869MB BusType: 3
04:13:11.645    Disk 0 MBR read successfully
04:13:11.648    Disk 0 MBR scan
04:13:11.653    Disk 0 unknown MBR code
04:13:11.656    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS          100 MB offset 2048
04:13:11.666    Disk 0 Partition 2 00    07    HPFS/NTFS NTFS      932262 MB offset 206848
04:13:11.688    Disk 0 Partition 3 00    07    HPFS/NTFS NTFS        20480 MB offset 1909479424
04:13:11.710    Disk 0 Partition 4 00    12  Compaq diag NTFS        1025 MB offset 1951422464
04:13:11.717    Disk 0 scanning sectors +1953521664
04:13:11.773    Disk 0 scanning C:\Windows\system32\drivers
04:13:19.516    Service scanning
04:13:34.796    Modules scanning
04:13:49.341    Disk 0 trace - called modules:
04:13:49.365    ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll storport.sys nvstor32.sys
04:13:49.372    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8687a380]
04:13:49.377    3 CLASSPNP.SYS[8c40559e] -> nt!IofCallDriver -> [0x862cea80]
04:13:49.384    5 ACPI.sys[8bca03d4] -> nt!IofCallDriver -> \Device\00000079[0x86797a30]
04:13:52.413    AVAST engine scan C:\Windows
04:13:59.442    AVAST engine scan C:\Windows\system32
04:16:08.579    AVAST engine scan C:\Windows\system32\drivers
04:16:23.370    AVAST engine scan C:\Users\zr7driver
04:55:30.569    AVAST engine scan C:\ProgramData
05:15:19.977    Scan finished successfully
08:30:46.375    Disk 0 MBR has been saved successfully to "C:\Users\zr7driver\Desktop\MBR.dat"
08:30:46.394    The log file has been saved successfully to "C:\Users\zr7driver\Desktop\aswMBR.txt"

cosinus 19.10.2012 10:32
Wir sollten den MBR fixen, sichere für den Fall der Fälle ALLE wichtigen Daten, auch wenn meistens alles glatt geht.

Hinweis: Mach bitte NICHT den MBR-Fix, wenn du noch andere Betriebssysteme wie zB Ubuntu installiert hast, ein MBR-Fix mit Windows-Tools macht ein parallel installiertes (Dualboot) Linux unbootbar.
Mach den Fix auch dann nicht, wenn du zB mit TrueCrypt oder anderen Verschlüsselungsprogrammen eine Vollverschlüsselung der Windowspartition bzw. gesamten Festplatte hast

Starte nach der Datensicherung aswmbr erneut und klick auf den Button FIXMBR.

Hinweis: Bitte den Virenscanner abstellen bevor du aswMBR ausführst, denn v.a. Avira meldet darin oft einen Fehalalrm!

Anschließend Windows neu starten und ein neues Log mit aswMBR machen.

zr7driver 19.10.2012 17:29
Code:
aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-10-19 11:52:45
-----------------------------
11:52:45.591    OS Version: Windows 6.1.7601 Service Pack 1
11:52:45.592    Number of processors: 2 586 0x170A
11:52:45.603    ComputerName: ZR7DRIVER-PC  UserName: zr7driver
11:52:49.105    Initialize success
11:52:49.205    AVAST engine defs: 12101802
11:53:03.314    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000079
11:53:03.318    Disk 0 Vendor: WDC_WD10 80.0 Size: 953869MB BusType: 3
11:53:03.344    Disk 0 MBR read successfully
11:53:03.348    Disk 0 MBR scan
11:53:03.353    Disk 0 Windows 7 default MBR code
11:53:03.358    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS          100 MB offset 2048
11:53:03.366    Disk 0 Partition 2 00    07    HPFS/NTFS NTFS      932262 MB offset 206848
11:53:03.388    Disk 0 Partition 3 00    07    HPFS/NTFS NTFS        20480 MB offset 1909479424
11:53:03.399    Disk 0 Partition 4 00    12  Compaq diag NTFS        1025 MB offset 1951422464
11:53:03.406    Disk 0 scanning sectors +1953521664
11:53:03.518    Disk 0 scanning C:\Windows\system32\drivers
11:53:17.491    Service scanning
11:53:35.618    Modules scanning
11:53:39.974    Disk 0 trace - called modules:
11:53:39.998    ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll afd.sys storport.sys nvstor32.sys
11:53:40.004    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8687a358]
11:53:40.012    3 CLASSPNP.SYS[8c47e59e] -> nt!IofCallDriver -> [0x862d0930]
11:53:40.020    5 ACPI.sys[8bc943d4] -> nt!IofCallDriver -> \Device\00000079[0x86797030]
11:53:43.072    AVAST engine scan C:\Windows
11:53:46.715    AVAST engine scan C:\Windows\system32
11:56:55.090    AVAST engine scan C:\Windows\system32\drivers
11:57:19.788    AVAST engine scan C:\Users\zr7driver
12:38:25.805    AVAST engine scan C:\ProgramData
12:57:38.901    Scan finished successfully
18:29:01.124    Disk 0 MBR has been saved successfully to "C:\Users\zr7driver\Desktop\MBR.dat"
18:29:01.134    The log file has been saved successfully to "C:\Users\zr7driver\Desktop\aswMBR.txt"

cosinus 21.10.2012 10:48
Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SASW und poste die Logs.
Denk dran beide Tools zu updaten vor dem Scan!!

zr7driver 21.10.2012 18:58
Code:
SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com

Generated 10/21/2012 at 07:53 PM

Application Version : 5.6.1012

Core Rules Database Version : 9446
Trace Rules Database Version: 7258

Scan type      : Complete Scan
Total Scan Time : 03:44:09

Operating System Information
Windows 7 Home Premium 32-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Limited User

Memory items scanned      : 916
Memory threats detected  : 0
Registry items scanned    : 41953
Registry threats detected : 0
File items scanned        : 187729
File threats detected    : 249

Adware.Tracking Cookie
        C:\Users\zr7driver\AppData\Roaming\Microsoft\Windows\Cookies\2JV3GWBL.txt [ /zanox.com ]
        C:\Users\zr7driver\AppData\Roaming\Microsoft\Windows\Cookies\VSCP2AP6.txt [ /track.adform.net ]
        C:\Users\zr7driver\AppData\Roaming\Microsoft\Windows\Cookies\PW3OVB23.txt [ /ad.zanox.com ]
        C:\Users\zr7driver\AppData\Roaming\Microsoft\Windows\Cookies\4IXXMIES.txt [ /adform.net ]
        C:\Users\zr7driver\AppData\Roaming\Microsoft\Windows\Cookies\D0B2WPM3.txt [ /xiti.com ]
        C:\USERS\ZR7DRIVER\AppData\Roaming\Microsoft\Windows\Cookies\Low\NRH2LLM1.txt [ Cookie:zr7driver@im.banner.t-online.de/ ]
        C:\USERS\ZR7DRIVER\Cookies\2JV3GWBL.txt [ Cookie:zr7driver@zanox.com/ ]
        C:\USERS\ZR7DRIVER\Cookies\VSCP2AP6.txt [ Cookie:zr7driver@track.adform.net/ ]
        C:\USERS\ZR7DRIVER\Cookies\PW3OVB23.txt [ Cookie:zr7driver@ad.zanox.com/ ]
        C:\USERS\ZR7DRIVER\Cookies\4IXXMIES.txt [ Cookie:zr7driver@adform.net/ ]
        accounts.google.com [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        accounts.google.com [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .doubleclick.net [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .lfstmedia.com [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .invitemedia.com [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        ad.yieldmanager.com [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .invitemedia.com [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .imrworldwide.com [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .imrworldwide.com [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        in.getclicky.com [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        www.etracker.de [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .invitemedia.com [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .xiti.com [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        partners.webmasterplan.com [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .stats.paypal.com [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        fr.sitestat.com [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        fr.sitestat.com [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .4stats.de [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .4stats.de [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .4stats.de [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        stat.onestat.com [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        stat.onestat.com [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        traffic.brand-wall.net [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .downloads.netmediaeurope.de [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .downloads.netmediaeurope.de [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .downloads.netmediaeurope.de [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .invitemedia.com [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        www.etracker.de [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .tracker.vinsight.de [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .tuiinteractive.122.2o7.net [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .chartstats.com [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .chartstats.com [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .chartstats.com [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .statcounter.com [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .histats.com [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .histats.com [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        c0.histats.12mlbe.com [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        www.etracker.de [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .xiti.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .invitemedia.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        www.xxxlmoebelhaeuser.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        www.xxxlmoebelhaeuser.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .xxxlmoebelhaeuser.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .xxxlmoebelhaeuser.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .homestore.122.2o7.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .homefinder.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .homefinder.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .homefinder.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        de.sitestat.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .flagcounter.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .mediafire.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .mediafire.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .mediafire.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .122.2o7.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        de.sitestat.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        de.sitestat.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .2o7.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        in.getclicky.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .liveperson.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .histats.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .histats.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .countomat.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .adtech.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .liveperson.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .imrworldwide.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .imrworldwide.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        tracking.sim-technik.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        de.sitestat.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .gmcnglobal.112.2o7.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        tracking.mobile.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .generaltracking.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .generaltracking.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .generaltracking.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .generaltracking.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .generaltracking.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .dealtime.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        stat.dealtime.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        ad.zanox.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .msnportal.112.2o7.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .tuiinteractive.122.2o7.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        de.sitestat.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        de.sitestat.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        stat.onestat.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        stat.onestat.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .panthermedia.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        de.sitestat.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .mmstat.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        de.sitestat.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .geoclickr.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .geoclickr.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .invitemedia.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        www.active-tracking.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        www.active-tracking.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        www.active-tracking.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        tracking.tchibo.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        media4.tchibo-content.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        media1.tchibo-content.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        media2.tchibo-content.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .mmstat.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        www.etracker.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        www.etracker.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        www.etracker.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .rambler.ru [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .sonyeurope.112.2o7.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .liveperson.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .tracking.quisma.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        tracking.quisma.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        tracking.quisma.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .guj.122.2o7.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .reifendiscount.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .serving-sys.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .serving-sys.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .invitemedia.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        www.etracker.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        www.etracker.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        www.etracker.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .ssl-account.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .autoscout24.112.2o7.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .dailymotionpoc.112.2o7.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .2o7.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .2o7.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .2o7.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .petfinder.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .petfinder.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        www.etracker.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .opodo.122.2o7.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        ad.dyntracker.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        partners.webmasterplan.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .liveperson.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .mediamarkt.es [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        wstat.wibiya.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        www.etracker.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        webstat.delti.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .e-2dj6wdlyeodzaeo.stats.esomniture.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        int.sitestat.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        int.sitestat.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        www.etracker.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .e-2dj6aekokhdzmdp.stats.esomniture.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .e-2dj6wfk4undpico.stats.esomniture.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        www.banner-farm.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        www.etracker.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .tracking.hermesworld.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .tracking.hermesworld.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        stats.bmw.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        stat.coches.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        www.mediamarkt.es [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        www.etracker.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        www.etracker.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        www.etracker.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        www.etracker.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .olympiaverlag.122.2o7.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .conrad.122.2o7.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .dominionenterprises.112.2o7.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .invitemedia.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        www.etracker.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .telefonicaes.122.2o7.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .lfstmedia.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .e-2dj6wjkowmdpigp.stats.esomniture.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .deutschepostag.112.2o7.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .revsci.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        ad3.adfarm1.adition.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .webmasterplan.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .webmasterplan.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .zanox.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .zanox.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        ad.zanox.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .lfstmedia.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        www.sfxxxplace.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        accounts.youtube.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .accounts.google.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .accounts.google.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .accounts.google.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        accounts.google.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        accounts.google.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .panthermedia.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .panthermedia.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .panthermedia.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .panthermedia.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .panthermedia.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .panthermedia.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .panthermedia.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .panthermedia.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .panthermedia.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .panthermedia.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        www.etracker.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .tracker.vinsight.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .stats.paypal.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .paypal.112.2o7.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .2o7.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        partners.webmasterplan.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        www.etracker.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        www.etracker.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]

Trojan.Agent/CDesc[Generic]
        C:\EXTERNE FESTPLATTE 1\EIGENE DATEIEN\SOFTWARE\ZIPS\ANM24I\ANTWAIN.DLL
        C:\EXTERNE FESTPLATTE 1\SOFTWARE\ZIPS\ANM24I\ANTWAIN.DLL
        ZIP ARCHIVE( C:\EXTERNE FESTPLATTE 1\SOFTWARE\ZIPS\ANM24I.ZIP )/ANTWAIN.DLL
        C:\EXTERNE FESTPLATTE 1\SOFTWARE\ZIPS\ANM24I.ZIP

Trojan.Agent/Gen-Sisproc
        C:\USERS\ZR7DRIVER\DOWNLOADS\LOCRGPSPHOTO124.EXE
Code:
Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Datenbank Version: v2012.10.21.05

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
zr7driver :: ZR7DRIVER-PC [Administrator]

21.10.2012 20:01:51
mbam-log-2012-10-21 (20-01-51).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 581782
Laufzeit: 3 Stunde(n), 32 Minute(n), 57 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

cosinus 22.10.2012 09:31
Code:
UAC On - Limited User
Wie hast du sasw gestartet? Einfach per Doppelklick?

Bitte so wie es in der Anleitung steht auch ausführen!

Zitat:
Zitat von cosinus (Beitrag 324870)
Teil 2: Programm ausführen
Das Programm wurde nun installiert, eine Verknüpfung auf dem Desktop sollte erstellt worden sein. Nachdem du es gestartet hast, wird es sich erstmalig beim Updateserver nach neuen Schädlingssignaturen umsehen und Updates installieren. Diesen Vorgang NICHT abbrechen!

Benutzer mit Windows Vista und Windows 7 starten das Tool bitte wieder per Rechtsklick => als Administrator ausführen!

zr7driver 23.10.2012 02:54
Code:
SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com

Generated 10/23/2012 at 03:32 AM

Application Version : 5.6.1012

Core Rules Database Version : 9451
Trace Rules Database Version: 7263

Scan type      : Complete Scan
Total Scan Time : 05:10:09

Operating System Information
Windows 7 Home Premium 32-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Administrator

Memory items scanned      : 979
Memory threats detected  : 0
Registry items scanned    : 42065
Registry threats detected : 0
File items scanned        : 534550
File threats detected    : 253

Adware.Tracking Cookie
        C:\Users\zr7driver\AppData\Roaming\Microsoft\Windows\Cookies\2JV3GWBL.txt [ /zanox.com ]
        C:\Users\zr7driver\AppData\Roaming\Microsoft\Windows\Cookies\VSCP2AP6.txt [ /track.adform.net ]
        C:\Users\zr7driver\AppData\Roaming\Microsoft\Windows\Cookies\PW3OVB23.txt [ /ad.zanox.com ]
        C:\Users\zr7driver\AppData\Roaming\Microsoft\Windows\Cookies\4IXXMIES.txt [ /adform.net ]
        C:\Users\zr7driver\AppData\Roaming\Microsoft\Windows\Cookies\B4DL0M4N.txt [ /xiti.com ]
        C:\USERS\ZR7DRIVER\AppData\Roaming\Microsoft\Windows\Cookies\Low\NRH2LLM1.txt [ Cookie:zr7driver@im.banner.t-online.de/ ]
        C:\USERS\ZR7DRIVER\Cookies\2JV3GWBL.txt [ Cookie:zr7driver@zanox.com/ ]
        C:\USERS\ZR7DRIVER\Cookies\VSCP2AP6.txt [ Cookie:zr7driver@track.adform.net/ ]
        C:\USERS\ZR7DRIVER\Cookies\PW3OVB23.txt [ Cookie:zr7driver@ad.zanox.com/ ]
        C:\USERS\ZR7DRIVER\Cookies\4IXXMIES.txt [ Cookie:zr7driver@adform.net/ ]
        accounts.google.com [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        accounts.google.com [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .doubleclick.net [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .lfstmedia.com [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .invitemedia.com [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        ad.yieldmanager.com [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .invitemedia.com [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .imrworldwide.com [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .imrworldwide.com [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        in.getclicky.com [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        www.etracker.de [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .invitemedia.com [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .xiti.com [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        partners.webmasterplan.com [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .stats.paypal.com [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        fr.sitestat.com [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        fr.sitestat.com [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .4stats.de [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .4stats.de [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .4stats.de [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        stat.onestat.com [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        stat.onestat.com [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        traffic.brand-wall.net [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .downloads.netmediaeurope.de [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .downloads.netmediaeurope.de [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .downloads.netmediaeurope.de [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .invitemedia.com [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        www.etracker.de [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .tuiinteractive.122.2o7.net [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .chartstats.com [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .chartstats.com [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .chartstats.com [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .statcounter.com [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .histats.com [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .histats.com [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        www.etracker.de [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .tracker.vinsight.de [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        de.sitestat.com [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        de.sitestat.com [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        de.sitestat.com [ C:\USERS\ZR7DRIVER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
        .xiti.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .invitemedia.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        www.xxxlmoebelhaeuser.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        www.xxxlmoebelhaeuser.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .xxxlmoebelhaeuser.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .xxxlmoebelhaeuser.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .homestore.122.2o7.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .homefinder.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .homefinder.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .homefinder.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        de.sitestat.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .flagcounter.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .mediafire.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .mediafire.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .mediafire.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .122.2o7.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        de.sitestat.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        de.sitestat.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .2o7.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        in.getclicky.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .liveperson.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .histats.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .histats.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .countomat.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .adtech.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .liveperson.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .imrworldwide.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .imrworldwide.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        tracking.sim-technik.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        de.sitestat.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .gmcnglobal.112.2o7.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        tracking.mobile.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .generaltracking.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .generaltracking.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .generaltracking.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .generaltracking.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .generaltracking.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .dealtime.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        stat.dealtime.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        ad.zanox.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .msnportal.112.2o7.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .tuiinteractive.122.2o7.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        de.sitestat.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        de.sitestat.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        stat.onestat.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        stat.onestat.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .panthermedia.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        de.sitestat.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .mmstat.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        de.sitestat.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .geoclickr.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .geoclickr.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .invitemedia.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        www.active-tracking.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        www.active-tracking.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        www.active-tracking.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        tracking.tchibo.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        media4.tchibo-content.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        media1.tchibo-content.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        media2.tchibo-content.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .mmstat.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        www.etracker.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        www.etracker.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        www.etracker.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .rambler.ru [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .sonyeurope.112.2o7.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .liveperson.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .tracking.quisma.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        tracking.quisma.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        tracking.quisma.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .guj.122.2o7.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .reifendiscount.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .serving-sys.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .serving-sys.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .invitemedia.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        www.etracker.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        www.etracker.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        www.etracker.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .ssl-account.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .autoscout24.112.2o7.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .dailymotionpoc.112.2o7.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .2o7.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .2o7.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .2o7.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .petfinder.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .petfinder.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        www.etracker.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .opodo.122.2o7.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        ad.dyntracker.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        partners.webmasterplan.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .liveperson.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .mediamarkt.es [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        wstat.wibiya.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        www.etracker.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        webstat.delti.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .e-2dj6wdlyeodzaeo.stats.esomniture.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        int.sitestat.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        int.sitestat.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        www.etracker.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .e-2dj6aekokhdzmdp.stats.esomniture.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .e-2dj6wfk4undpico.stats.esomniture.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        www.banner-farm.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        www.etracker.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .tracking.hermesworld.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .tracking.hermesworld.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        stats.bmw.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        stat.coches.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        www.mediamarkt.es [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        www.etracker.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        www.etracker.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        www.etracker.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        www.etracker.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .olympiaverlag.122.2o7.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .conrad.122.2o7.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .dominionenterprises.112.2o7.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .invitemedia.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        www.etracker.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .telefonicaes.122.2o7.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .lfstmedia.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .e-2dj6wjkowmdpigp.stats.esomniture.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .deutschepostag.112.2o7.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .revsci.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        ad3.adfarm1.adition.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .webmasterplan.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .webmasterplan.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .zanox.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .zanox.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        ad.zanox.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .lfstmedia.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        www.sfxxxplace.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        accounts.youtube.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .accounts.google.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .accounts.google.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .accounts.google.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        accounts.google.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        accounts.google.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .panthermedia.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .panthermedia.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .panthermedia.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .panthermedia.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .panthermedia.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .panthermedia.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .panthermedia.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .panthermedia.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .panthermedia.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .panthermedia.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        www.etracker.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .tracker.vinsight.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .stats.paypal.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .paypal.112.2o7.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        .2o7.net [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        partners.webmasterplan.com [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        www.etracker.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]
        www.etracker.de [ C:\USERS\ZR7DRIVER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FDUX24Z8.RALF\COOKIES.SQLITE ]

Trojan.Agent/CDesc[Generic]
        C:\EXTERNE FESTPLATTE 1\EIGENE DATEIEN\SOFTWARE\ZIPS\ANM24I\ANTWAIN.DLL
        C:\EXTERNE FESTPLATTE 1\SOFTWARE\ZIPS\ANM24I\ANTWAIN.DLL
        ZIP ARCHIVE( C:\EXTERNE FESTPLATTE 1\SOFTWARE\ZIPS\ANM24I.ZIP )/ANTWAIN.DLL
        C:\EXTERNE FESTPLATTE 1\SOFTWARE\ZIPS\ANM24I.ZIP

Trojan.Downloader-Gen/Loader
        ZIP ARCHIVE( C:\EXTERNE FESTPLATTE 1\SOFTWARE\ZIPS\527537_PN2050_070417.ZIP )/NAVI/BOOT/LOADER.EXE
        C:\EXTERNE FESTPLATTE 1\SOFTWARE\ZIPS\527537_PN2050_070417.ZIP

Trojan.Agent/Gen-Sisproc
        C:\USERS\ZR7DRIVER\DOWNLOADS\LOCRGPSPHOTO124.EXE

cosinus 23.10.2012 19:34
Mal wieder eine Menge Cookies

Zitat:
Trojan.Agent/CDesc[Generic]
C:\EXTERNE FESTPLATTE 1\EIGENE DATEIEN\SOFTWARE\ZIPS\ANM24I\ANTWAIN.DLL
C:\EXTERNE FESTPLATTE 1\SOFTWARE\ZIPS\ANM24I\ANTWAIN.DLL
ZIP ARCHIVE( C:\EXTERNE FESTPLATTE 1\SOFTWARE\ZIPS\ANM24I.ZIP )/ANTWAIN.DLL
C:\EXTERNE FESTPLATTE 1\SOFTWARE\ZIPS\ANM24I.ZIP

Trojan.Downloader-Gen/Loader
ZIP ARCHIVE( C:\EXTERNE FESTPLATTE 1\SOFTWARE\ZIPS\527537_PN2050_070417.ZIP )/NAVI/BOOT/LOADER.EXE
C:\EXTERNE FESTPLATTE 1\SOFTWARE\ZIPS\527537_PN2050_070417.ZIP

Trojan.Agent/Gen-Sisproc
C:\USERS\ZR7DRIVER\DOWNLOADS\LOCRGPSPHOTO124.EXE
Diese Dateien sind dir ein Begriff?

zr7driver 23.10.2012 19:45
Nein nicht wirklich! Festplatte 1 sind Dateien von einem alten Rechner, können gelöscht werden! LOCRGPSPHOTO124.EXE ist eigentlich ein Programm um GPS Daten aus Bildern auszulesen usw...

cosinus 23.10.2012 19:46
Na dann alles weg damit.
Wie siehts denn mit dem ursprünglichen Problem aus? => In jedem Textfeld erscheinen ständig unendlich viele *x*

zr7driver 23.10.2012 19:48
Ist absolut nichts mehr aufgetreten! Was haben wir jetzt eigentlich alles gelöscht bis jetzt?? Die Cookies aber nicht löschen?

cosinus 23.10.2012 21:18
Doch die Cookies können weg ;)

Cookies sind keine Schädlinge direkt, aber es besteht die Gefahr der missbräuchlichen Verwendung (eindeutige Wiedererkennung zB für gezielte Werbung o.ä. => HTTP-Cookie )


Wegen Cookies und anderer Dinge im Web: Um die Pest von vornherein zu blocken (also TrackingCookies, Werbebanner etc.) müsstest du dir mal sowas wie MVPS Hosts File anschauen => Blocking Unwanted Parasites with a Hosts File - sinnvollerweise solltest du alle 4 Wochen mal bei MVPS nachsehen, ob er eine neue Hosts Datei herausgebracht hat.

Ansonsten gibt es noch gute Cookiemanager, Erweiterungen für den Firefox zB wäre da CookieCuller http://filepony.de/download-cookie_culler/
Wenn du aber damit leben kannst, dich bei jeder Browsersession überall neu einzuloggen (zB Facebook, Ebay, GMX, oder auch Trojaner-Board) dann stell den Browser einfach so ein, dass einfach alles beim Beenden des Browser inkl. Cookies gelöscht wird.

Ich halte es so, dass ich zum "wilden Surfen" den Opera-Browser oder Chromium unter meinem Linux verwende. Mein Hauptbrowser (Firefox) speichert nur die Cookies von den Sites die ich auch will, alles andere lehne ich manuell ab (der FF fragt mich immer) - die anderen Browser nehmen alles an Cookies zwar an, aber spätestens beim nächsten Start von Opera oder Chromium sind keine Cookies mehr da.

Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?

zr7driver 24.10.2012 09:08
OK! ;) Ich habe nochmals Superantispyware und Avast laufen lassen, hat nichts mehr gefunden! Was haben wir eigentlich alles so gelöscht deiner Meinung nach? Möchte mich schon mal bedanken für die schnelle und ausführliche Hilfe!!

cosinus 24.10.2012 15:41
Dann wären wir durch! :abklatsch:

Die Programme, die hier zum Einsatz kamen, können alle wieder runter. Malwarebytes zu behalten ist zu empfehlen. Kannst ja 1x im Monat damit einen Vollscan machen, aber immer vorher ans Update denken.

Bitte abschließend die Updates prüfen, unten mein Leitfaden dazu. Um in Zukunft die Aktualität der installierten Programme besser im Überblick zu halten, kannst du zB Secunia PSI verwenden.
Für noch mehr Sicherheit solltest Du nach der beseitigten Infektion auch möglichst alle Passwörter ändern.


Microsoftupdate

Windows XP: Besuch mit dem IE die MS-Updateseite und lass Dir alle wichtigen Updates installieren.

Windows Vista/7: Anleitung Windows-Update


PDF-Reader aktualisieren
Ein veralteter AdobeReader stellt ein großes Sicherheitsrisiko dar. Du solltest daher besser alte Versionen vom AdobeReader über Systemsteuerung => Software bzw. Programme und Funktionen deinstallieren, indem Du dort auf "Adobe Reader x.0" klickst und das Programm entfernst. (falls du AdobeReader installiert hast)

Ich empfehle einen alternativen PDF-Reader wie PDF Xchange Viewer, SumatraPDF oder Foxit PDF Reader, die sind sehr viel schlanker und flotter als der AdobeReader.

Bitte überprüf bei der Gelegenheit auch die Aktualität des Flashplayers:
Prüfen => Adobe - Flash Player
Downloadlinks => Adobe Flash Player Distribution | Adobe

Natürlich auch darauf achten, dass andere installierte Browser wie zB Firefox, Opera oder Chrome aktuell sind.


Java-Update
Veraltete Java-Installationen sind ein Sicherheitsrisiko, daher solltest Du die alten Versionen löschen (falls vorhanden, am besten mit JavaRa) und auf die neuste aktualisieren. Beende dazu alle Programme (v.a. die Browser), klick danach auf Start, Systemsteuerung, Software und deinstalliere darüber alle aufgelisteten Java-Versionen. Lad Dir danach von hier das aktuelle Java SE Runtime Environment (JRE) herunter und installiere es.

zr7driver 26.10.2012 19:54
Hallo cosinus,
habe heute Malwarebytes laufen lassen und sofort kamen viele Funde! Ist das was bösartiges?

Code:
Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Datenbank Version: v2012.10.26.09

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
zr7driver :: ZR7DRIVER-PC [Administrator]

26.10.2012 20:00:24
mbam-log-2012-10-26 (20-53-20).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 232411
Laufzeit: 24 Minute(n), 55 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 2
HKCR\CLSID\{DFEFCDEE-CF1A-4FC8-88AD-129872198372} (PUP.LoadTubes) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\loadtbs-3.0 (PUP.LoadTubes) -> Keine Aktion durchgeführt.

Infizierte Registrierungswerte: 2
HKCU\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser|{DFEFCDEE-CF1A-4FC8-88AD-129872198372} (PUP.LoadTubes) -> Daten: îÍïßÏÈOˆ*˜rƒr -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{DFEFCDEE-CF1A-4FC8-88AD-129872198372} (PUP.LoadTubes) -> Daten:  -> Keine Aktion durchgeführt.

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 3
C:\Users\zr7driver\AppData\Roaming\loadtbs (PUP.LoadTubes) -> Keine Aktion durchgeführt.
C:\Users\zr7driver\AppData\Roaming\loadtbs\chrome@loadtubes.com (PUP.LoadTubes) -> Keine Aktion durchgeführt.
C:\Users\zr7driver\AppData\Roaming\loadtbs\html (PUP.LoadTubes) -> Keine Aktion durchgeführt.

Infizierte Dateien: 22
C:\Users\zr7driver\AppData\Roaming\loadtbs\toolbar.dll (PUP.LoadTubes) -> Keine Aktion durchgeführt.
C:\Users\zr7driver\AppData\Roaming\loadtbs\ytdl.exe (PUP.LoadTubes) -> Keine Aktion durchgeführt.
C:\Program Files\Mozilla Firefox\plugins\npmieze.dll (PUP.LoadTubes) -> Keine Aktion durchgeführt.
C:\Users\zr7driver\AppData\Local\temp\1a3d9b37655eeb2f9bea641ce230178f\data\npm.dll (PUP.LoadTubes) -> Keine Aktion durchgeführt.
C:\Users\zr7driver\AppData\Local\temp\1a3d9b37655eeb2f9bea641ce230178f\data\tb.dll (PUP.LoadTubes) -> Keine Aktion durchgeführt.
C:\Users\zr7driver\AppData\Local\temp\1a3d9b37655eeb2f9bea641ce230178f\data\ytdl.exe (PUP.LoadTubes) -> Keine Aktion durchgeführt.
C:\Users\zr7driver\AppData\Roaming\loadtbs\keyHash.txt (PUP.LoadTubes) -> Keine Aktion durchgeführt.
C:\Users\zr7driver\AppData\Roaming\loadtbs\config.txt (PUP.LoadTubes) -> Keine Aktion durchgeführt.
C:\Users\zr7driver\AppData\Roaming\loadtbs\domHash.txt (PUP.LoadTubes) -> Keine Aktion durchgeführt.
C:\Users\zr7driver\AppData\Roaming\loadtbs\evHash.txt (PUP.LoadTubes) -> Keine Aktion durchgeführt.
C:\Users\zr7driver\AppData\Roaming\loadtbs\license.txt (PUP.LoadTubes) -> Keine Aktion durchgeführt.
C:\Users\zr7driver\AppData\Roaming\loadtbs\uninstall.exe (PUP.LoadTubes) -> Keine Aktion durchgeführt.
C:\Users\zr7driver\AppData\Roaming\loadtbs\updateHash.txt (PUP.LoadTubes) -> Keine Aktion durchgeführt.
C:\Users\zr7driver\AppData\Roaming\loadtbs\chrome@loadtubes.com\background.html (PUP.LoadTubes) -> Keine Aktion durchgeführt.
C:\Users\zr7driver\AppData\Roaming\loadtbs\chrome@loadtubes.com\background.js (PUP.LoadTubes) -> Keine Aktion durchgeführt.
C:\Users\zr7driver\AppData\Roaming\loadtbs\chrome@loadtubes.com\download.js (PUP.LoadTubes) -> Keine Aktion durchgeführt.
C:\Users\zr7driver\AppData\Roaming\loadtbs\chrome@loadtubes.com\fire.js (PUP.LoadTubes) -> Keine Aktion durchgeführt.
C:\Users\zr7driver\AppData\Roaming\loadtbs\chrome@loadtubes.com\manifest.json (PUP.LoadTubes) -> Keine Aktion durchgeführt.
C:\Users\zr7driver\AppData\Roaming\loadtbs\html\dimensions.ini (PUP.LoadTubes) -> Keine Aktion durchgeführt.
C:\Users\zr7driver\AppData\Roaming\loadtbs\html\install.html (PUP.LoadTubes) -> Keine Aktion durchgeführt.
C:\Users\zr7driver\AppData\Roaming\loadtbs\html\uninstall.html (PUP.LoadTubes) -> Keine Aktion durchgeführt.
C:\Users\zr7driver\AppData\Roaming\loadtbs\html\uninstallComplete.html (PUP.LoadTubes) -> Keine Aktion durchgeführt.

(Ende)
Hat sich erledigt, ist ja eine Erweiterung die ich selbst installiert habe und behalten möchte!! :))

cosinus 27.10.2012 14:21
Diese Mist willst du wirklich behalten? Warum?

zr7driver 27.10.2012 18:14
Ok dann fliegt es halt runter ;)

Jetzt wollt ich die Einträge löschen, aber Malwarebytes findet plötzlich nichts mehr? :(
Code:
Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Datenbank Version: v2012.10.26.09

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
zr7driver :: ZR7DRIVER-PC [Administrator]

27.10.2012 19:08:56
mbam-log-2012-10-27 (19-08-56).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 232123
Laufzeit: 28 Minute(n), 1 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

cosinus 27.10.2012 20:07
Wurde wohl schon gelöscht

zr7driver 27.10.2012 20:23
Ja ne ich habe ja nichts gelöscht? Das ist ja das verwunderliche?!

Was hältst du eigentlich von Spybot bzw. IObit? Bei Avast sind wir uns ja schon einig! :)

cosinus 27.10.2012 20:33
Dann wurde es über andere Wege gelöscht oder du kannst dich nicht daran erinnern es mit MBAM entfernt zu haben

Zitat:
Datenbank Version: v2012.10.26.09
Du hast Malwarebytes vorher nicht aktualisiert. Bitte updaten und einen neuen Scan machen.

zr7driver 27.10.2012 21:03
Code:
Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Datenbank Version: v2012.10.27.06

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
zr7driver :: ZR7DRIVER-PC [Administrator]

27.10.2012 21:39:21
mbam-log-2012-10-27 (21-39-21).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 232305
Laufzeit: 23 Minute(n), 49 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

cosinus 27.10.2012 22:43
Nichts mehr an Funden zu sehen


Alle Zeitangaben in WEZ +1. Es ist jetzt 15:14 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131