Claudia Kl. | 31.05.2013 12:08 | Hi!
OK, hier sind die Files: Code:
Results of screen317's Security Check version 0.99.64
Windows XP Service Pack 3 x86 ``````````````Antivirus/Firewall Check:``````````````
Avira Free Antivirus
Avira successfully updated! `````````Anti-malware/Other Utilities Check:`````````
Java 7 Update 21
Adobe Flash Player 11.7.700.202
Adobe Reader XI ````````Process Check: objlist.exe by Laurent````````
Avira Antivir avgnt.exe
Avira Antivir avguard.exe `````````````````System Health check`````````````````
Total Fragmentation on Drive C:: ````````````````````End of Log`````````````````````` Code:
OTL logfile created on: 31.05.2013 12:22:01 - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Dokumente und Einstellungen\clk\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1023,42 Mb Total Physical Memory | 576,28 Mb Available Physical Memory | 56,31% Memory free
2,41 Gb Paging File | 1,70 Gb Available in Paging File | 70,60% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 74,33 Gb Total Space | 21,95 Gb Free Space | 29,53% Space Free | Partition Type: NTFS
Computer Name: CK | User Name: clk | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013.05.29 10:28:12 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\clk\Desktop\OTL.exe
PRC - [2013.05.23 07:44:09 | 000,825,808 | ---- | M] (Google Inc.) -- C:\Dokumente und Einstellungen\clk\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\chrome.exe
PRC - [2013.01.09 18:34:26 | 001,324,104 | ---- | M] (pdfforge GbR) -- C:\Programme\PDF Architect\HelperService.exe
PRC - [2012.11.12 12:45:18 | 000,309,688 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Programme\Samsung\Kies\KiesTrayAgent.exe
PRC - [2012.11.12 12:45:14 | 000,968,120 | ---- | M] (Samsung) -- C:\Programme\Samsung\Kies\Kies.exe
PRC - [2012.11.01 14:16:42 | 000,577,536 | ---- | M] (Samsung Electronics) -- C:\Programme\Samsung\Kies\KiesAirMessage.exe
PRC - [2012.10.02 13:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012.08.09 20:51:26 | 000,348,664 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.05.02 01:42:28 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2012.05.02 00:34:34 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.04.24 02:11:55 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2012.04.04 07:25:00 | 000,295,584 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Gemeinsame Dateien\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
PRC - [2011.07.31 14:07:18 | 000,189,808 | ---- | M] (Haufe-Lexware GmbH & Co. KG) -- C:\Programme\Gemeinsame Dateien\Lexware\Update Manager\LxUpdateManager.exe
PRC - [2010.01.18 11:51:22 | 000,139,944 | ---- | M] () -- C:\Programme\Lexmark Pro700 Series\ezprint.exe
PRC - [2010.01.18 11:51:20 | 000,770,728 | ---- | M] () -- C:\Programme\Lexmark Pro700 Series\lxeemon.exe
PRC - [2010.01.15 12:53:35 | 000,308,688 | ---- | M] () -- C:\Programme\Verbindungsassistent\WTGService.exe
PRC - [2010.01.07 16:20:28 | 000,598,696 | ---- | M] ( ) -- C:\WINDOWS\system32\lxeecoms.exe
PRC - [2009.07.24 16:05:24 | 000,139,120 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft LifeCam\MSCamS32.exe
PRC - [2009.05.25 11:18:04 | 000,040,960 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\DeviceHelper\DeviceManager.exe
PRC - [2008.08.29 18:56:58 | 000,081,920 | ---- | M] (Prolific Technology Inc.) -- C:\Programme\Nero\Nero BackItUp 4\IoctlSvc.exe
PRC - [2008.08.29 16:20:56 | 000,935,208 | ---- | M] (Nero AG) -- C:\Programme\Gemeinsame Dateien\Nero\Nero BackItUp 4\NBService.exe
PRC - [2008.04.14 04:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2005.08.11 17:30:30 | 000,081,920 | ---- | M] (Macrovision Corporation) -- C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe
PRC - [2005.07.06 17:29:22 | 000,356,352 | ---- | M] (TOSHIBA) -- C:\Programme\Toshiba\TOSHIBA Applet\THotkey.exe
PRC - [2005.07.05 16:08:48 | 000,034,816 | ---- | M] (TOSHIBA Corp.) -- C:\Programme\Toshiba\TOSHIBA Applet\TAPPSRV.exe
PRC - [2005.05.13 11:01:30 | 000,118,784 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\Toshiba\TOSHIBA Zoom-Dienstprogramm\SmoothView.exe
PRC - [2005.04.12 10:05:26 | 000,065,536 | ---- | M] (TOSHIBA) -- C:\Programme\Toshiba\TOSCDSPD\TOSCDSPD.exe
PRC - [2005.04.05 16:25:34 | 000,073,728 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\Toshiba\Tvs\TvsTray.exe
PRC - [2005.01.18 01:38:38 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Programme\Toshiba\ConfigFree\CFSvcs.exe
PRC - [2004.11.17 10:56:10 | 001,077,327 | ---- | M] (TOSHIBA) -- C:\Programme\Toshiba\Touch and Launch\PadExe.exe
PRC - [2004.10.15 00:28:02 | 000,098,394 | ---- | M] (Synaptics, Inc.) -- C:\Programme\Synaptics\SynTP\SynTPLpr.exe
PRC - [2002.09.20 15:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) -- C:\Programme\Analog Devices\SoundMAX\SMAgent.exe
========== Modules (No Company Name) ==========
MOD - [2013.05.28 03:36:24 | 001,114,624 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Podcaster\58d56b6e5f2d64072a30a2e30836c48b\Podcaster.ni.dll
MOD - [2013.05.28 03:36:03 | 001,008,640 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\CPKTMusicPlugin\7d49dbd67986f8d42121998b34f4c117\CPKTMusicPlugin.ni.dll
MOD - [2013.05.28 03:35:57 | 000,941,568 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MusicManager\ea6d01d8b7841d50fd4982c5a8de85c6\MusicManager.ni.dll
MOD - [2013.05.28 03:35:53 | 002,196,992 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.Common.Multime#\1d3881e1208354c3eaf1ea547dbe6e57\Kies.Common.Multimedia.ni.dll
MOD - [2013.05.28 03:35:21 | 000,771,584 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\ce94bdcea014a8a68dcd79ba7bb1dc1d\System.Runtime.Remoting.ni.dll
MOD - [2013.05.23 07:44:07 | 000,393,168 | ---- | M] () -- C:\Dokumente und Einstellungen\clk\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\27.0.1453.94\ppgooglenaclpluginchrome.dll
MOD - [2013.05.23 07:43:59 | 004,051,408 | ---- | M] () -- C:\Dokumente und Einstellungen\clk\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\27.0.1453.94\pdf.dll
MOD - [2013.05.23 07:43:03 | 001,597,392 | ---- | M] () -- C:\Dokumente und Einstellungen\clk\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\27.0.1453.94\ffmpegsumo.dll
MOD - [2013.05.16 23:05:41 | 000,608,768 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\DevicePodcast\5fd169b743c851328f1ce54448cfc598\DevicePodcast.ni.dll
MOD - [2013.05.16 23:05:39 | 000,293,888 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\DeviceVideo\cfa251d13148007a6933b966c042d0d6\DeviceVideo.ni.dll
MOD - [2013.05.16 23:05:38 | 000,371,712 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\DevicePhoto\ce4b607c73d5580c9fc6bee40c7d78bd\DevicePhoto.ni.dll
MOD - [2013.05.16 23:05:36 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\DeviceMusic\6ea65242122082eab20415e24c1ede0f\DeviceMusic.ni.dll
MOD - [2013.05.16 23:05:35 | 000,471,040 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\VideoManager\9d7efff4973160fa60cdf0bea83af5e6\VideoManager.ni.dll
MOD - [2013.05.16 23:05:31 | 001,491,968 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PodcastService\5a89adbbddd7f51ba595f1bd9e55e3b1\PodcastService.ni.dll
MOD - [2013.05.16 23:05:29 | 000,621,568 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PhotoManager\57a9a4a0c4b8ac9e8b320f503c7edd79\PhotoManager.ni.dll
MOD - [2013.05.16 23:05:13 | 006,242,816 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\DeviceHost\9d108adf5c109f98d4facbe7732dacff\DeviceHost.ni.dll
MOD - [2013.05.16 23:04:52 | 001,879,040 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Phonebook\eba357cabe6a4322466c4849723f3f3d\Phonebook.ni.dll
MOD - [2013.05.16 23:04:32 | 000,396,800 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\BATPlugin\b9e8a3df0aabceb08b98d721af9c3c95\BATPlugin.ni.dll
MOD - [2013.05.16 23:04:25 | 000,507,392 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.Common.MediaDB\ceebedcdfa2c2594e97e5b0b06edf53c\Kies.Common.MediaDB.ni.dll
MOD - [2013.05.16 23:04:22 | 000,064,000 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.Common.AllShare\c16d6291f2ba4824d3432098bb5a1a0a\Kies.Common.AllShare.ni.dll
MOD - [2013.05.16 23:04:21 | 000,283,136 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\c660385ceb5c4e62e1735ee758921b77\Kies.Common.DeviceServiceLib.FirmwareUpdate.Common.ni.dll
MOD - [2013.05.16 23:04:19 | 000,569,856 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\f40c49bba92f7ad114be62ad99956d4e\Kies.Common.DeviceServiceLib.FileService.ni.dll
MOD - [2013.05.16 23:04:17 | 000,621,056 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\cac3a4d93b07ea5ffaf37934cd72fad9\Kies.Common.DeviceServiceLib.DeviceDataService.ni.dll
MOD - [2013.05.16 23:04:15 | 000,915,456 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\912fbcd57dc29ab59d795937985d2067\Kies.Common.DeviceServiceLib.DeviceManagement.ni.dll
MOD - [2013.05.16 23:04:12 | 001,057,792 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\7f814507d38f722ea12668601eccdef2\Kies.Common.DeviceService.ni.dll
MOD - [2013.05.16 23:04:02 | 000,200,704 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.Common.MainUI\90d7bfef054a7714225ec62fb1b5bf0e\Kies.Common.MainUI.ni.dll
MOD - [2013.05.16 23:04:01 | 000,066,560 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.Common.DBManag#\b2642b48602b96bf37257e96637cb2c1\Kies.Common.DBManager.ni.dll
MOD - [2013.05.16 23:04:00 | 000,273,408 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.Common.Util\a2e0f8e4559020b73813922ec9e1b490\Kies.Common.Util.ni.dll
MOD - [2013.05.16 23:03:58 | 001,874,944 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.UI\957ef902c5e03f29b3f2c3c243e8f8e6\Kies.UI.ni.dll
MOD - [2013.05.16 23:03:55 | 000,119,296 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\GongSolutions.Wpf.D#\8c3eb2c5125c85b57c7b136e488a277f\GongSolutions.Wpf.DragDrop.ni.dll
MOD - [2013.05.16 23:03:54 | 001,211,392 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.Interface\da94c8d8cd1b08607102ff4d783da070\Kies.Interface.ni.dll
MOD - [2013.05.16 23:03:12 | 001,692,672 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies\8e2a077381fe98ea660ba46f5dd5075a\Kies.ni.exe
MOD - [2013.05.16 21:16:42 | 018,019,328 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\03a2c7d0e26886bf966276d441290257\PresentationFramework.ni.dll
MOD - [2013.05.16 21:15:52 | 011,522,560 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationCore\921404b7803bda0cb1cba2ee458e4c9f\PresentationCore.ni.dll
MOD - [2013.05.16 21:15:33 | 003,880,960 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\WindowsBase\0268fc0c7a4db1850c1c6ba33d980b29\WindowsBase.ni.dll
MOD - [2013.05.16 21:15:11 | 000,980,480 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\88856f5f657eaa34828421b355a5fd76\System.Configuration.ni.dll
MOD - [2013.05.16 21:15:07 | 007,053,824 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Core\56734db07bf2cb287a5f0cf662cc32ef\System.Core.ni.dll
MOD - [2013.05.16 21:14:45 | 013,198,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\40730f817297bb5d791a7101ed9630fe\System.Windows.Forms.ni.dll
MOD - [2013.02.16 01:53:42 | 000,221,696 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\81c0ff81b2ad570ee85d6cd7ce751bba\System.ServiceProcess.ni.dll
MOD - [2013.01.10 11:46:07 | 000,194,048 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\CustomMarshalers\bb7d08d36d2a67c4be33073a14282752\CustomMarshalers.ni.dll
MOD - [2013.01.10 11:45:49 | 012,621,824 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.Theme\ac8efe59a037ffeb38513bdea352da28\Kies.Theme.ni.dll
MOD - [2013.01.10 11:44:59 | 000,036,864 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\0a9aa8a20cf2f935e03e948e5fe7a476\Kies.Common.DeviceServiceLib.FirmwareUpdate.FirmwareUpdateAgentHelper.ni.dll
MOD - [2013.01.10 11:43:15 | 000,029,184 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.Common.StoreMa#\34da4bec626fd6331c6702365be50f28\Kies.Common.StoreManager.ni.dll
MOD - [2013.01.10 11:43:11 | 000,232,960 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\ASF_cSharpAPI\779a065e9d217d3a3aeeb354f9fce387\ASF_cSharpAPI.ni.dll
MOD - [2013.01.10 11:43:08 | 000,043,008 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.FUSCryptLib\7296ee8d41eeb2bcc543df81eea19ebe\Interop.FUSCryptLib.ni.dll
MOD - [2013.01.10 11:43:04 | 000,189,440 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\7504b4d1e0c4f84827a869844fa75ffd\Kies.Common.DeviceServiceLib.FirmwareUpdate.Downloader.ni.dll
MOD - [2013.01.10 11:43:00 | 000,175,616 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.DevFileServ#\9a9a70b72df9ca4a018ffeb43208fac0\Interop.DevFileServiceLib.ni.dll
MOD - [2013.01.10 11:42:52 | 000,018,944 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.DeviceServi#\d89293c7be2f75ca92ddd2efac0dcfad\Interop.DeviceServiceModelDBLib.ni.dll
MOD - [2013.01.10 11:42:50 | 000,184,832 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\c35f66934441c52d7c6f60347751059f\Kies.Common.DeviceServiceLib.Interface.ni.dll
MOD - [2013.01.10 11:42:02 | 000,052,224 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.MP3FileInfo#\5f0b67eb5313c092d5b8b56426dd30e2\Interop.MP3FileInfoCOMLib.ni.dll
MOD - [2013.01.10 11:42:02 | 000,032,256 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.OGGFileInfo#\b2c7788a3e89dfe8758d6184bac1b663\Interop.OGGFileInfoCOMLib.ni.dll
MOD - [2013.01.10 11:42:01 | 000,171,520 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.P3MPINTERFA#\111be4cc197cabb6340170eeb54ae535\Interop.P3MPINTERFACECTRLLib.ni.dll
MOD - [2013.01.10 11:42:01 | 000,030,720 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.PRPLAYERCOR#\0e99d29839b75154cac69d87c6857da7\Interop.PRPLAYERCORELib.ni.dll
MOD - [2013.01.10 10:55:41 | 000,395,776 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\CabLib\af22e5bb6307e2882abe5fbdb3c00c8e\CabLib.ni.dll
MOD - [2013.01.10 10:55:33 | 000,743,424 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\ICSharpCode.SharpZi#\78c73ae3f99d95d788e3690a561a7701\ICSharpCode.SharpZipLib.ni.dll
MOD - [2013.01.10 10:55:28 | 000,052,224 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Interop.DeviceSearc#\4f4243b3bc2e4cdf0ec6e7ad5559aa20\Interop.DeviceSearchLib.ni.dll
MOD - [2013.01.10 10:55:27 | 001,499,136 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.Locale\570e33cc3bc3f82ffc64c06efd1e90d6\Kies.Locale.ni.dll
MOD - [2013.01.10 10:55:26 | 000,078,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Kies.MVVM\495e94c8e04436b65dcb695c969d0d4e\Kies.MVVM.ni.dll
MOD - [2013.01.10 00:08:18 | 001,812,480 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xaml\25732130189e8f468a7d98647edffe8e\System.Xaml.ni.dll
MOD - [2013.01.09 17:29:33 | 005,618,176 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\a23c39d504467a0024e5f20c0f962f3f\System.Xml.ni.dll
MOD - [2013.01.09 17:26:37 | 001,667,584 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\307bb964c6b7dbc20676e8905ec99df9\System.Drawing.ni.dll
MOD - [2013.01.09 17:26:31 | 009,094,656 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\5f79b00e1aaeafcc07907aa61fd3599e\System.ni.dll
MOD - [2013.01.09 17:26:10 | 014,416,896 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\6a1ccc1e1a79ce267d3d1808af382cd6\mscorlib.ni.dll
MOD - [2012.04.16 23:11:02 | 000,398,288 | ---- | M] () -- C:\Programme\Avira\AntiVir Desktop\sqlite3.dll
MOD - [2010.01.18 11:51:22 | 000,139,944 | ---- | M] () -- C:\Programme\Lexmark Pro700 Series\ezprint.exe
MOD - [2010.01.18 11:51:20 | 000,770,728 | ---- | M] () -- C:\Programme\Lexmark Pro700 Series\lxeemon.exe
MOD - [2010.01.15 12:53:35 | 000,308,688 | ---- | M] () -- C:\Programme\Verbindungsassistent\WTGService.exe
MOD - [2009.12.16 13:07:29 | 001,159,168 | ---- | M] () -- C:\Programme\Lexmark Pro700 Series\lxeedrs.dll
MOD - [2009.12.16 13:04:21 | 000,389,120 | ---- | M] () -- C:\Programme\Lexmark Pro700 Series\lxeescw.dll
MOD - [2009.12.12 16:12:03 | 000,141,824 | ---- | M] () -- C:\Programme\WinRAR\RarExt.dll
MOD - [2009.11.04 09:14:38 | 000,165,376 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\lxeedrui.dll
MOD - [2009.11.04 09:14:19 | 000,157,696 | ---- | M] () -- C:\WINDOWS\system32\spool\prtprocs\w32x86\lxeedrpp.dll
MOD - [2009.11.04 09:14:06 | 000,236,032 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\lxeedr.dll
MOD - [2009.06.23 07:11:04 | 000,102,400 | ---- | M] () -- C:\Programme\Lexmark Pro700 Series\epoemdll.dll
MOD - [2009.06.23 07:10:29 | 000,045,056 | ---- | M] () -- C:\Programme\Lexmark Pro700 Series\epstring.dll
MOD - [2009.06.23 07:09:11 | 002,203,648 | ---- | M] () -- C:\Programme\Lexmark Pro700 Series\epwizres.dll
MOD - [2009.06.07 20:40:36 | 000,167,936 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\lxeeprpr.dll
MOD - [2009.05.27 08:16:50 | 000,192,512 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\lxeedatr.dll
MOD - [2009.05.25 11:18:04 | 000,040,960 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\DeviceHelper\DeviceManager.exe
MOD - [2009.05.18 09:29:08 | 000,819,200 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\lxeeptpc.dll
MOD - [2009.04.28 09:56:29 | 000,024,064 | ---- | M] () -- C:\WINDOWS\system32\LXEEsmr.dll
MOD - [2009.04.07 15:25:27 | 000,409,600 | ---- | M] () -- C:\Programme\Lexmark Pro700 Series\iptk.dll
MOD - [2009.03.30 08:37:28 | 000,708,608 | ---- | M] () -- C:\Programme\Lexmark Pro700 Series\epwizard.dll
MOD - [2009.03.30 08:35:40 | 000,159,744 | ---- | M] () -- C:\Programme\Lexmark Pro700 Series\customui.dll
MOD - [2009.03.30 08:35:22 | 000,061,440 | ---- | M] () -- C:\Programme\Lexmark Pro700 Series\epfunct.dll
MOD - [2009.03.30 08:35:17 | 000,118,784 | ---- | M] () -- C:\Programme\Lexmark Pro700 Series\eputil.dll
MOD - [2009.03.30 08:35:05 | 000,139,264 | ---- | M] () -- C:\Programme\Lexmark Pro700 Series\imagutil.dll
MOD - [2009.03.10 01:43:49 | 000,155,648 | ---- | M] () -- C:\Programme\Lexmark Pro700 Series\lxeecaps.dll
MOD - [2009.03.02 10:25:47 | 000,151,552 | ---- | M] () -- C:\Programme\Lexmark Pro700 Series\lxeeptp.dll
MOD - [2009.02.20 10:48:03 | 000,299,008 | ---- | M] () -- C:\WINDOWS\system32\LXEEsm.dll
MOD - [2008.04.14 04:22:16 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2004.07.20 17:04:02 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\TosBtHcrpAPI.dll
========== Services (SafeList) ==========
SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2013.05.15 21:11:18 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.01.09 18:36:06 | 000,795,208 | ---- | M] (pdfforge GbR) [Auto | Stopped] -- C:\Programme\PDF Architect\ConversionService.exe -- (PDF Architect Service)
SRV - [2013.01.09 18:34:26 | 001,324,104 | ---- | M] (pdfforge GbR) [Auto | Running] -- C:\Programme\PDF Architect\HelperService.exe -- (PDF Architect Helper Service)
SRV - [2012.10.02 13:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012.07.13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.05.02 01:42:28 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.05.02 00:34:34 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.07.20 06:18:24 | 000,440,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2010.01.15 12:53:35 | 000,308,688 | ---- | M] () [Auto | Running] -- C:\Programme\Verbindungsassistent\WTGService.exe -- (WTGService)
SRV - [2010.01.07 16:20:28 | 000,598,696 | ---- | M] ( ) [Auto | Running] -- C:\WINDOWS\system32\lxeecoms.exe -- (lxee_device)
SRV - [2010.01.07 16:20:23 | 000,098,984 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxeeserv.exe -- (lxeeCATSCustConnectService)
SRV - [2009.10.20 20:19:48 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Programme\WinPcap\rpcapd.exe -- (rpcapd)
SRV - [2009.07.24 16:05:24 | 000,139,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft LifeCam\MSCamS32.exe -- (MSCamSvc)
SRV - [2009.05.25 11:18:04 | 000,040,960 | ---- | M] () [Auto | Running] -- C:\Programme\Gemeinsame Dateien\DeviceHelper\DeviceManager.exe -- (DeviceManager)
SRV - [2008.08.29 18:56:58 | 000,081,920 | ---- | M] (Prolific Technology Inc.) [Auto | Running] -- C:\Programme\Nero\Nero BackItUp 4\IoctlSvc.exe -- (PLFlash DeviceIoControl Service)
SRV - [2008.08.29 16:20:56 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2006.10.26 15:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2005.07.05 16:08:48 | 000,034,816 | ---- | M] (TOSHIBA Corp.) [Auto | Running] -- C:\Programme\Toshiba\TOSHIBA Applet\TAPPSRV.exe -- (TAPPSRV)
SRV - [2005.01.18 01:38:38 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Programme\Toshiba\ConfigFree\CFSvcs.exe -- (CFSvcs)
SRV - [2004.10.22 02:24:18 | 000,073,728 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2002.09.20 15:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) [Auto | Running] -- C:\Programme\Analog Devices\SoundMAX\SMAgent.exe -- (SoundMAX Agent Service (default)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOKUME~1\clk\LOKALE~1\Temp\catchme.sys -- (catchme)
DRV - [2012.09.20 06:35:36 | 000,181,344 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssudmdm.sys -- (ssudmdm)
DRV - [2012.09.20 06:35:36 | 000,083,168 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssudbus.sys -- (dg_ssudbus)
DRV - [2012.06.27 10:37:56 | 000,132,424 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2012.06.27 10:37:56 | 000,104,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdbus.sys -- (sscdbus)
DRV - [2012.06.27 10:37:56 | 000,014,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2012.04.27 10:20:04 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2012.04.25 00:32:27 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2012.04.16 21:17:40 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2011.08.01 15:57:30 | 000,045,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\dc3d.sys -- (dc3d)
DRV - [2010.11.22 14:25:54 | 000,027,632 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\seehcri.sys -- (seehcri)
DRV - [2010.11.22 14:24:53 | 000,025,512 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggsemc.sys -- (ggsemc)
DRV - [2010.11.22 14:24:53 | 000,013,224 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ggflt.sys -- (ggflt)
DRV - [2010.06.17 15:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.11.04 13:09:32 | 000,763,584 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\UDXTTM6010.sys -- (UDXTTM6010)
DRV - [2009.11.04 13:09:32 | 000,023,104 | ---- | M] (DTV-DVB) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Cinergy_Hybrid-Stick_HID.sys -- (TTHID)
DRV - [2009.10.20 20:19:44 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF)
DRV - [2009.07.24 16:05:24 | 000,030,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nx6000.sys -- (MSHUSBVideo)
DRV - [2009.06.19 16:44:14 | 000,290,816 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21)
DRV - [2009.05.25 11:18:02 | 000,103,552 | ---- | M] (TCT International Mobile Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\qcusbser.sys -- (qcusbser)
DRV - [2008.07.24 12:03:56 | 000,101,760 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2008.04.13 20:56:06 | 000,088,320 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkipx.sys -- (NwlnkIpx)
DRV - [2008.04.13 20:53:09 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2008.04.13 20:46:22 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MPE.sys -- (MPE)
DRV - [2006.07.24 17:05:00 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2005.07.04 15:54:08 | 000,098,176 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TosRfbd.sys -- (Tosrfbd)
DRV - [2005.06.27 18:48:08 | 000,053,504 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TosRfhid.sys -- (Tosrfhid)
DRV - [2005.05.30 18:28:38 | 000,008,576 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Tosrfec.sys -- (tosrfec)
DRV - [2005.05.10 17:50:00 | 000,029,056 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Tvs.sys -- (Tvs)
DRV - [2005.04.15 07:14:58 | 001,130,496 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2005.04.13 00:30:12 | 001,066,278 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2005.03.31 02:18:40 | 000,230,400 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2005.03.30 12:42:54 | 000,047,230 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Tosporte.sys -- (tosporte)
DRV - [2005.03.02 08:45:24 | 000,004,864 | ---- | M] (Toshiba Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NBSMI.sys -- (TVALD)
DRV - [2004.12.21 11:38:12 | 000,034,816 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tosrfusb.sys -- (Tosrfusb)
DRV - [2004.10.29 18:48:10 | 003,222,784 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\w29n51.sys -- (w29n51)
DRV - [2004.10.04 10:33:02 | 000,062,799 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Stopped] -- C:\WINDOWS\system32\drivers\tosrfcom.sys -- (Tosrfcom)
DRV - [2004.08.04 14:00:00 | 000,063,232 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnknb.sys -- (NwlnkNb)
DRV - [2004.08.04 14:00:00 | 000,055,936 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\nwlnkspx.sys -- (NwlnkSpx)
DRV - [2003.01.29 23:35:00 | 000,012,032 | ---- | M] (TOSHIBA Corporation.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\Netdevio.sys -- (Netdevio)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{E649DC79-BD07-46CD-85E1-6D561DA45348}: "URL" = hxxp://www.google.de/search?q={searchTerms}&rlz=1I7ADFA_de
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Programme\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Programme\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Dokumente und Einstellungen\clk\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Dokumente und Einstellungen\clk\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\FFPDFArchitectConverter@pdfarchitect.com: C:\Programme\PDF Architect\FFPDFArchitectExt [2013.02.05 01:26:21 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\lrcfan@fansoft.br: C:\Programme\LyricsFan\FF\ [2013.05.24 01:02:06 | 000,000,000 | ---D | M]
[2012.05.28 21:11:58 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\clk\Anwendungsdaten\Mozilla\Extensions
[2012.05.28 21:11:58 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\clk\Anwendungsdaten\Mozilla\Extensions\ideskbrowser@haufe.de
[2011.03.09 18:58:21 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2010.01.15 10:36:52 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Programme\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2010.10.14 20:03:10 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011.02.18 21:59:45 | 000,000,000 | ---D | M] (Kaspersky URL Advisor) -- C:\Programme\Mozilla Firefox\extensions\linkfilter@kaspersky.ru
[2010.10.14 20:01:57 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\mozilla firefox\plugins\npdeployJava1.dll
[2010.07.12 18:33:56 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Programme\mozilla firefox\plugins\npwachk.dll
[2009.03.24 12:10:44 | 000,114,688 | ---- | M] (Zylom) -- C:\Programme\mozilla firefox\plugins\npzylomgamesplayer.dll
========== Chrome ==========
CHR - default_search_provider: WebSearch (Enabled)
CHR - default_search_provider: search_url = hxxp://websearch.searchrocket.info/?l=1&q={searchTerms}&pid=658&r=2013/05/27&hid=542167775&lg=EN&cc=DE&unqvl=16
CHR - default_search_provider: suggest_url = hxxp://localhost
CHR - plugin: Shockwave Flash (Enabled) = C:\Dokumente und Einstellungen\clk\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\27.0.1453.94\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Dokumente und Einstellungen\clk\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\27.0.1453.94\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Dokumente und Einstellungen\clk\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\Application\27.0.1453.94\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Programme\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Programme\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programme\Windows Media Player\npdrmv2.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Programme\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programme\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Update (Enabled) = C:\Dokumente und Einstellungen\clk\Lokale Einstellungen\Anwendungsdaten\Google\Update\1.3.21.145\npGoogleUpdate3.dll
CHR - plugin: Picasa (Enabled) = C:\Programme\Google\Picasa3\npPicasa3.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Programme\Microsoft\Office Live\npOLW.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll
CHR - plugin: Java Deployment Toolkit 7.0.90.5 (Enabled) = C:\WINDOWS\system32\npDeployJava1.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
O1 HOSTS File: ([2013.05.29 23:58:22 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Lexmark Symbolleiste) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Programme\Lexmark Toolbar\toolband.dll ()
O2 - BHO: (PDF Architect Helper) - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Programme\PDF Architect\PDFIEHelper.dll (pdfforge GbR)
O2 - BHO: (Lyrics Fan) - {A8720491-9558-4C0D-9E35-30EED15DFB2B} - C:\Programme\LyricsFan\lrcfan.dll (FAN Software)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Lexmark ) - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Programme\Lexmark Printable Web\bho.dll ()
O3 - HKLM\..\Toolbar: (Lexmark Symbolleiste) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Programme\Lexmark Toolbar\toolband.dll ()
O3 - HKLM\..\Toolbar: (&TerraTec Home Cinema) - {AD6E6555-FB2C-47D4-8339-3E2965509877} - C:\Programme\TerraTec\TerraTec Home Cinema\THCDeskBand.dll (TerraTec Electronic GmbH)
O3 - HKCU\..\Toolbar\ShellBrowser: (Lexmark Symbolleiste) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Programme\Lexmark Toolbar\toolband.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Lexmark Symbolleiste) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Programme\Lexmark Toolbar\toolband.dll ()
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Programme\Gemeinsame Dateien\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [EzPrint] C:\Programme\Lexmark Pro700 Series\ezprint.exe ()
O4 - HKLM..\Run: [ISUSPM Startup] C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\isuspm.exe (Macrovision Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Programme\Gemeinsame Dateien\InstallShield\UpdateService\issch.exe (Macrovision Corporation)
O4 - HKLM..\Run: [KiesTrayAgent] C:\Programme\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [LexwareInfoService] C:\Programme\Gemeinsame Dateien\Lexware\Update Manager\LxUpdateManager.exe (Haufe-Lexware GmbH & Co. KG)
O4 - HKLM..\Run: [lxeemon.exe] C:\Programme\Lexmark Pro700 Series\lxeemon.exe ()
O4 - HKLM..\Run: [PadTouch] C:\Programme\Toshiba\Touch and Launch\PadExe.exe (TOSHIBA)
O4 - HKLM..\Run: [SmoothView] C:\Programme\Toshiba\TOSHIBA Zoom-Dienstprogramm\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Oracle Corporation)
O4 - HKLM..\Run: [SynTPLpr] C:\Programme\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [THotkey] C:\Programme\Toshiba\TOSHIBA Applet\THotkey.exe (TOSHIBA)
O4 - HKLM..\Run: [Tvs] C:\Programme\Toshiba\Tvs\TvsTray.exe (TOSHIBA Corporation)
O4 - HKCU..\Run: [KiesAirMessage] C:\Programme\Samsung\Kies\KiesAirMessage.exe (Samsung Electronics)
O4 - HKCU..\Run: [KiesPreload] C:\Programme\Samsung\Kies\Kies.exe (Samsung)
O4 - HKCU..\Run: [TOSCDSPD] C:\Programme\Toshiba\TOSCDSPD\TOSCDSPD.exe (TOSHIBA)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_02\bin\NPJPI150_02.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\WINDOWS\system32\nwprovau.dll (Microsoft Corporation)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_02-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_02-windows-i586.cab (Java Plug-in 1.5.0_02)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EE8F664F-9C4B-483B-A8DB-622FC4AD8803}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\haufereader - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\clk\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\clk\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Programme\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005.08.17 14:44:24 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...com [@ = ComFile] -- Reg Error: Key error. File not found
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2013.05.30 23:50:54 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\clk\Desktop\.picasaoriginals
[2013.05.30 19:07:41 | 002,347,384 | ---- | C] (ESET) -- C:\Dokumente und Einstellungen\clk\Desktop\esetsmartinstaller_enu.exe
[2013.05.30 15:58:36 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\clk\Desktop\gesendete Logfiles
[2013.05.30 15:47:50 | 000,000,000 | ---D | C] -- C:\FRST
[2013.05.30 15:47:06 | 001,355,491 | ---- | C] (Farbar) -- C:\Dokumente und Einstellungen\clk\Desktop\FRST.exe
[2013.05.30 01:12:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2013.05.30 01:12:24 | 000,000,000 | ---D | C] -- C:\JRT
[2013.05.30 01:11:57 | 000,545,954 | ---- | C] (Oleg N. Scherbakov) -- C:\Dokumente und Einstellungen\clk\Desktop\JRT.exe
[2013.05.30 00:16:11 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2013.05.30 00:12:54 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\clk\Desktop\RK_Quarantine
[2013.05.29 23:41:04 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2013.05.29 23:37:27 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2013.05.29 23:37:27 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2013.05.29 23:37:27 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2013.05.29 23:37:27 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2013.05.29 23:36:57 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013.05.29 23:34:32 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2013.05.29 10:28:10 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\clk\Desktop\OTL.exe
[2013.05.27 23:54:40 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\StarApp
[2013.05.26 20:38:36 | 000,000,000 | ---D | C] -- C:\Programme\Uninstaller
[2013.05.26 20:34:28 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\clk\Anwendungsdaten\player
[2013.05.25 21:21:13 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\clk\Recent
[2013.05.24 01:02:06 | 000,000,000 | ---D | C] -- C:\Programme\LyricsFan
[2013.05.24 01:01:31 | 000,000,000 | ---D | C] -- C:\Programme\FindLyrics
[2013.05.23 23:49:17 | 000,000,000 | ---D | C] -- C:\Programme\SystemRequirementsLab
[2013.05.13 23:10:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\Lhsp
[2013.05.13 23:09:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\speech
[2013.05.13 23:09:24 | 000,000,000 | ---D | C] -- C:\Programme\MWS Reader 4
[2013.05.08 23:18:53 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\clk\AppData
[2012.06.15 22:11:23 | 000,894,448 | ---- | C] (Oracle Corporation) -- C:\Programme\chromeinstall-7u5.exe
========== Files - Modified Within 30 Days ==========
[2013.05.31 12:14:09 | 000,890,839 | ---- | M] () -- C:\Dokumente und Einstellungen\clk\Desktop\SecurityCheck.exe
[2013.05.31 12:09:02 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013.05.31 08:51:05 | 000,001,202 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2044978897-1172690549-42215457-1007UA.job
[2013.05.31 03:22:28 | 000,556,544 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2013.05.31 03:22:28 | 000,506,084 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013.05.31 03:22:28 | 000,116,942 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2013.05.31 03:22:28 | 000,089,548 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013.05.31 02:00:05 | 000,000,342 | ---- | M] () -- C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-CK-clk.job
[2013.05.31 00:52:09 | 000,000,350 | ---- | M] () -- C:\WINDOWS\tasks\Lyrics Fan Update.job
[2013.05.30 19:07:36 | 002,347,384 | ---- | M] (ESET) -- C:\Dokumente und Einstellungen\clk\Desktop\esetsmartinstaller_enu.exe
[2013.05.30 15:47:02 | 001,355,491 | ---- | M] (Farbar) -- C:\Dokumente und Einstellungen\clk\Desktop\FRST.exe
[2013.05.30 14:32:15 | 000,000,444 | ---- | M] () -- C:\Dokumente und Einstellungen\clk\Desktop\Verknüpfung mit Downloads.lnk
[2013.05.30 14:18:14 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013.05.30 14:18:05 | 1073,201,152 | -HS- | M] () -- C:\hiberfil.sys
[2013.05.30 01:11:53 | 000,545,954 | ---- | M] (Oleg N. Scherbakov) -- C:\Dokumente und Einstellungen\clk\Desktop\JRT.exe
[2013.05.30 00:20:34 | 000,632,031 | ---- | M] () -- C:\Dokumente und Einstellungen\clk\Desktop\adwcleaner.exe
[2013.05.30 00:12:37 | 000,816,128 | ---- | M] () -- C:\Dokumente und Einstellungen\clk\Desktop\RogueKiller_8.5.4.exe
[2013.05.29 23:58:22 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2013.05.29 23:41:16 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2013.05.29 10:28:12 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\clk\Desktop\OTL.exe
[2013.05.29 10:25:19 | 000,000,000 | ---- | M] () -- C:\Dokumente und Einstellungen\clk\defogger_reenable
[2013.05.29 09:51:00 | 000,001,150 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2044978897-1172690549-42215457-1007Core.job
[2013.05.20 20:45:49 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013.05.16 23:19:41 | 003,622,528 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013.05.16 21:06:19 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
========== Files Created - No Company Name ==========
[2013.05.31 12:14:48 | 000,890,839 | ---- | C] () -- C:\Dokumente und Einstellungen\clk\Desktop\SecurityCheck.exe
[2013.05.30 14:32:11 | 000,000,444 | ---- | C] () -- C:\Dokumente und Einstellungen\clk\Desktop\Verknüpfung mit Downloads.lnk
[2013.05.30 00:12:46 | 000,816,128 | ---- | C] () -- C:\Dokumente und Einstellungen\clk\Desktop\RogueKiller_8.5.4.exe
[2013.05.29 23:41:16 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2013.05.29 23:41:13 | 000,262,448 | RHS- | C] () -- C:\cmldr
[2013.05.29 23:37:27 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2013.05.29 23:37:27 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2013.05.29 23:37:27 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2013.05.29 23:37:27 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2013.05.29 23:37:27 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2013.05.29 10:25:19 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\clk\defogger_reenable
[2013.05.28 10:05:22 | 000,632,031 | ---- | C] () -- C:\Dokumente und Einstellungen\clk\Desktop\adwcleaner.exe
[2013.05.24 01:02:08 | 000,000,350 | ---- | C] () -- C:\WINDOWS\tasks\Lyrics Fan Update.job
[2013.03.11 14:25:04 | 000,002,482 | ---- | C] () -- C:\WINDOWS\System32\ASOROSet.bin
[2012.11.27 22:49:46 | 000,774,826 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-S-1-5-21-2044978897-1172690549-42215457-1007-0.dat
[2012.11.27 22:49:31 | 000,275,386 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-System.dat
[2012.10.29 13:09:28 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll
[2012.10.29 13:09:28 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll
[2012.10.29 13:09:28 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll
[2012.10.29 13:09:28 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll
[2012.10.29 13:09:28 | 000,030,568 | ---- | C] () -- C:\WINDOWS\MusiccityDownload.exe
[2012.02.15 14:43:40 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011.08.28 22:05:55 | 000,001,474 | ---- | C] () -- C:\Dokumente und Einstellungen\clk\Anwendungsdaten\CountdownProPrefs.cdp
[2011.08.28 21:57:18 | 000,123,172 | ---- | C] () -- C:\Programme\countdown.sis
[2010.12.31 14:38:46 | 000,036,072 | ---- | C] () -- C:\Dokumente und Einstellungen\clk\Anwendungsdaten\mdbu.bin
[2010.01.16 15:55:23 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\LauncherAccess.dt
[2010.01.14 14:04:33 | 000,007,168 | ---- | C] () -- C:\Dokumente und Einstellungen\clk\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.01.14 14:04:33 | 000,000,136 | ---- | C] () -- C:\Dokumente und Einstellungen\clk\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
========== ZeroAccess Check ==========
[2005.08.17 14:51:55 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008.04.14 04:22:25 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.02.09 12:51:44 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008.04.14 04:22:32 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2010.01.16 00:16:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\BTrieve
[2013.01.13 18:15:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\BVRP Software
[2013.05.28 10:06:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Datamngr
[2012.11.16 12:31:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\FMBackup2
[2012.05.28 18:27:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Haufe
[2011.02.24 12:29:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\IM
[2011.02.24 12:26:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\IncrediMail
[2010.12.22 19:32:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Kestrel
[2010.06.27 22:41:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Lexmark Pro700 Series
[2012.05.28 18:31:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Lexware
[2012.09.24 22:37:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MAGIX
[2012.12.15 00:35:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\regid.1986-12.com.adobe
[2012.11.19 01:30:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Samsung
[2013.05.27 23:54:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\StarApp
[2013.05.28 09:22:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Systweak
[2010.01.15 15:13:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TerraTec
[2013.04.15 20:51:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TVgenial
[2013.05.29 23:56:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Wincert
[2010.02.14 18:21:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Zylom
[2011.02.18 19:33:01 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
[2012.12.14 22:21:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\clk\Anwendungsdaten\com.adobe.downloadassistant.AdobeDownloadAssistant
[2013.04.13 21:17:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\clk\Anwendungsdaten\DriverTurbo
[2013.02.16 23:08:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\clk\Anwendungsdaten\DVDVideoSoft
[2013.03.28 15:07:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\clk\Anwendungsdaten\GlarySoft
[2012.05.28 21:10:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\clk\Anwendungsdaten\Haufe Mediengruppe
[2010.07.25 19:27:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\clk\Anwendungsdaten\InterVideo
[2010.03.18 11:58:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\clk\Anwendungsdaten\IrfanView
[2010.12.22 19:46:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\clk\Anwendungsdaten\Kestrel
[2010.01.15 23:57:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\clk\Anwendungsdaten\Lexware
[2012.01.18 05:09:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\clk\Anwendungsdaten\MAGIX
[2010.01.16 00:45:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\clk\Anwendungsdaten\Marine Aquarium 3
[2012.12.15 00:48:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\clk\Anwendungsdaten\PDAppFlex
[2013.02.17 19:01:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\clk\Anwendungsdaten\PDF Architect
[2013.01.11 15:39:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\clk\Anwendungsdaten\PhotoScape
[2013.05.28 09:18:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\clk\Anwendungsdaten\player
[2013.01.23 22:15:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\clk\Anwendungsdaten\Samsung
[2012.10.14 18:41:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\clk\Anwendungsdaten\Smilebox
[2010.11.20 00:37:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\clk\Anwendungsdaten\Sony
[2010.01.15 15:12:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\clk\Anwendungsdaten\TerraTec
[2005.08.18 10:13:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\clk\Anwendungsdaten\toshiba
[2010.01.31 01:17:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\clk\Anwendungsdaten\Verbindungsassistent
[2010.01.16 01:44:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\clk\Anwendungsdaten\Windows Desktop Search
[2010.01.16 01:45:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\clk\Anwendungsdaten\Windows Search
========== Purity Check ==========
========== Files - Unicode (All) ==========
(C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft ??) -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft 鼠标
< End of report > Liebe Grüße
Claudia |