Home » Viren, Trojaner & Malware Forum » Win XP.....sehr langsam...und Virus gefunden » Themenansicht

Win XP.....sehr langsam...und Virus gefunden
#0
07.01.2014, 17:20
lupe
...neu hier

Beiträge: 3
#1 Hallo zusammen..
ich habe ein großes Problem.
Der PC startet seit einigen Wochen sehr langsam.Es dauert manchmal ca10-15 Min. bis er startet.
Das gleiche passiert beim runtefahren.
Der heutige Scan mit Avira Antivirus Suite hat etwas gefunden.
Ich hänge den Berichtmal an.


Avira Antivirus Suite
Erstellungsdatum der Reportdatei: Dienstag, 7. Januar 2014 00:19


Das Programm läuft als uneingeschränkte Vollversion.
Online-Dienste stehen zur Verfügung.

Lizenznehmer : ilse
Seriennummer : 2228025180-PEPWE-0000001
Plattform : Microsoft Windows XP
Windowsversion : (Service Pack 3) [5.1.2600]
Boot Modus : Abgesicherter Modus
Benutzername : ilse
Computername : ILSES

Versionsinformationen:
BUILD.DAT : 14.0.2.286 57857 Bytes 09.12.2013 11:37:00
AVSCAN.EXE : 14.0.2.254 1032760 Bytes 18.12.2013 08:03:12
AVSCANRC.DLL : 14.0.2.180 62008 Bytes 18.12.2013 08:03:12
LUKE.DLL : 14.0.2.234 65592 Bytes 18.12.2013 08:03:35
AVSCPLR.DLL : 14.0.2.254 124472 Bytes 18.12.2013 08:03:21
AVREG.DLL : 14.0.2.212 250424 Bytes 18.12.2013 08:03:12
avlode.dll : 14.0.2.254 540216 Bytes 18.12.2013 08:03:11
avlode.rdf : 13.0.1.62 56973 Bytes 10.12.2013 08:25:03
VBASE000.VDF : 7.11.70.0 66736640 Bytes 04.04.2013 14:28:16
VBASE001.VDF : 7.11.74.226 2201600 Bytes 30.04.2013 20:08:16
VBASE002.VDF : 7.11.80.60 2751488 Bytes 28.05.2013 17:12:50
VBASE003.VDF : 7.11.85.214 2162688 Bytes 21.06.2013 10:29:11
VBASE004.VDF : 7.11.91.176 3903488 Bytes 23.07.2013 15:43:30
VBASE005.VDF : 7.11.98.186 6822912 Bytes 29.08.2013 01:23:06
VBASE006.VDF : 7.11.103.230 2293248 Bytes 24.09.2013 19:20:46
VBASE007.VDF : 7.11.116.38 5485568 Bytes 28.11.2013 12:59:44
VBASE008.VDF : 7.11.120.140 1154560 Bytes 19.12.2013 18:54:46
VBASE009.VDF : 7.11.120.141 2048 Bytes 19.12.2013 18:54:46
VBASE010.VDF : 7.11.120.142 2048 Bytes 19.12.2013 18:54:46
VBASE011.VDF : 7.11.120.143 2048 Bytes 19.12.2013 18:54:46
VBASE012.VDF : 7.11.120.144 2048 Bytes 19.12.2013 18:54:47
VBASE013.VDF : 7.11.120.145 2048 Bytes 19.12.2013 18:54:47
VBASE014.VDF : 7.11.121.19 126976 Bytes 21.12.2013 18:54:47
VBASE015.VDF : 7.11.121.147 122880 Bytes 24.12.2013 06:24:04
VBASE016.VDF : 7.11.121.233 115712 Bytes 25.12.2013 15:07:43
VBASE017.VDF : 7.11.122.57 325120 Bytes 27.12.2013 11:21:45
VBASE018.VDF : 7.11.122.123 199680 Bytes 28.12.2013 11:29:55
VBASE019.VDF : 7.11.122.219 368640 Bytes 01.01.2014 18:22:16
VBASE020.VDF : 7.11.123.39 182272 Bytes 03.01.2014 18:27:18
VBASE021.VDF : 7.11.123.141 124416 Bytes 05.01.2014 12:18:25
VBASE022.VDF : 7.11.123.142 2048 Bytes 05.01.2014 12:18:25
VBASE023.VDF : 7.11.123.143 2048 Bytes 05.01.2014 12:18:25
VBASE024.VDF : 7.11.123.144 2048 Bytes 05.01.2014 12:18:25
VBASE025.VDF : 7.11.123.145 2048 Bytes 05.01.2014 12:18:25
VBASE026.VDF : 7.11.123.146 2048 Bytes 05.01.2014 12:18:25
VBASE027.VDF : 7.11.123.147 2048 Bytes 05.01.2014 12:18:25
VBASE028.VDF : 7.11.123.148 2048 Bytes 05.01.2014 12:18:25
VBASE029.VDF : 7.11.123.149 2048 Bytes 05.01.2014 12:18:25
VBASE030.VDF : 7.11.123.150 2048 Bytes 05.01.2014 12:18:25
VBASE031.VDF : 7.11.123.202 165376 Bytes 06.01.2014 15:49:39
Engineversion : 8.2.12.166
AEVDF.DLL : 8.1.3.4 102774 Bytes 14.06.2013 20:02:24
AESCRIPT.DLL : 8.1.4.176 520574 Bytes 23.12.2013 18:54:55
AESCN.DLL : 8.1.10.6 131447 Bytes 23.12.2013 18:54:55
AESBX.DLL : 8.2.16.26 1245560 Bytes 24.08.2013 05:34:04
AERDL.DLL : 8.2.0.138 704888 Bytes 02.12.2013 22:21:02
AEPACK.DLL : 8.3.3.8 762232 Bytes 23.12.2013 18:54:55
AEOFFICE.DLL : 8.1.2.76 205181 Bytes 08.08.2013 15:44:56
AEHEUR.DLL : 8.1.4.830 6386042 Bytes 23.12.2013 18:54:53
AEHELP.DLL : 8.1.27.10 266618 Bytes 24.11.2013 10:15:21
AEGEN.DLL : 8.1.7.20 446839 Bytes 24.11.2013 10:15:20
AEEXP.DLL : 8.4.1.138 418168 Bytes 23.12.2013 18:54:56
AEEMU.DLL : 8.1.3.2 393587 Bytes 13.07.2012 17:37:20
AECORE.DLL : 8.1.33.0 225657 Bytes 23.12.2013 18:54:50
AEBB.DLL : 8.1.1.4 53619 Bytes 05.11.2012 15:53:04
AVWINLL.DLL : 14.0.2.180 23608 Bytes 18.12.2013 08:02:58
AVPREF.DLL : 14.0.2.180 48696 Bytes 18.12.2013 08:03:11
AVREP.DLL : 14.0.2.180 175672 Bytes 18.12.2013 08:03:12
AVARKT.DLL : 14.0.2.254 256056 Bytes 18.12.2013 08:03:03
AVEVTLOG.DLL : 14.0.2.180 165944 Bytes 18.12.2013 08:03:07
SQLITE3.DLL : 3.7.0.1 394808 Bytes 09.12.2013 10:37:21
AVSMTP.DLL : 14.0.2.180 60472 Bytes 18.12.2013 08:03:22
NETNT.DLL : 14.0.2.180 13368 Bytes 18.12.2013 08:03:35
RCIMAGE.DLL : 14.0.2.180 4784696 Bytes 09.12.2013 10:37:21
RCTEXT.DLL : 14.0.2.270 73272 Bytes 09.12.2013 10:37:21

Konfiguration für den aktuellen Suchlauf:
Job Name..............................: Vollständige Systemprüfung
Konfigurationsdatei...................: C:\Programme\Avira\AntiVir Desktop\sysscan.avp
Protokollierung.......................: standard
Primäre Aktion........................: Reparieren
Sekundäre Aktion......................: Ignorieren
Durchsuche Masterbootsektoren.........: ein
Durchsuche Bootsektoren...............: ein
Bootsektoren..........................: C:, D:, E:,
Durchsuche aktive Programme...........: ein
Laufende Programme erweitert..........: ein
Durchsuche Registrierung..............: ein
Suche nach Rootkits...................: ein
Integritätsprüfung von Systemdateien..: aus
Prüfe alle Dateien....................: Alle Dateien
Durchsuche Archive....................: ein
Rekursionstiefe einschränken..........: 20
Archiv Smart Extensions...............: ein
Makrovirenheuristik...................: ein
Dateiheuristik........................: erweitert

Beginn des Suchlaufs: Dienstag, 7. Januar 2014 00:19

Der Suchlauf über die Bootsektoren wird begonnen:
Bootsektor 'HDD0(C:, D:, E;)'
[INFO] Es wurde kein Virus gefunden!

Der Suchlauf nach versteckten Objekten wird begonnen.
Der Treiber konnte nicht initialisiert werden.

Der Suchlauf über gestartete Prozesse wird begonnen:
Durchsuche Prozess 'avscan.exe' - '86' Modul(e) wurden durchsucht
Durchsuche Prozess 'avcenter.exe' - '80' Modul(e) wurden durchsucht
Durchsuche Prozess 'Explorer.EXE' - '76' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '65' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '39' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '32' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsass.exe' - '48' Modul(e) wurden durchsucht
Durchsuche Prozess 'services.exe' - '27' Modul(e) wurden durchsucht
Durchsuche Prozess 'winlogon.exe' - '58' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '12' Modul(e) wurden durchsucht
Durchsuche Prozess 'smss.exe' - '2' Modul(e) wurden durchsucht

Der Suchlauf auf Verweise zu ausführbaren Dateien (Registry) wird begonnen:
Die Registry wurde durchsucht ( '2773' Dateien ).


Der Suchlauf über die ausgewählten Dateien wird begonnen:

Beginne mit der Suche in 'C:\' <BOOT>
Beginne mit der Suche in 'D:\' <BACKUP>
[0] Archivtyp: RSRC
--> C:\Dokumente und Einstellungen\ilse\Eigene Dateien\filter\jre-7u10-windows-i586-iftw.exe
[1] Archivtyp: Runtime Packed
--> C:\Dokumente und Einstellungen\ilse\Eigene Dateien\filterPI&PSP\harrys\harrysfilters2.exe
[2] Archivtyp: OVL
--> D:\behalten\Eigene Downloads\eye-ca\Eyecandy_4000_Full_with_crack.exe
[3] Archivtyp: ZIP SFX (self extracting)
--> E_EC4000.EXE
[FUND] Ist das Trojanische Pferd TR/Offend.4634714
[WARNUNG] Infizierte Dateien in Archiven können nicht repariert werden
D:\behalten\Eigene Downloads\eye-ca\Eyecandy_4000_Full_with_crack.exe
[FUND] Ist das Trojanische Pferd TR/Offend.4634714
[HINWEIS] Eine Sicherungskopie wurde unter dem Namen 5e080016.qua erstellt ( QUARANTÄNE )
[WARNUNG] Die Datei wurde ignoriert.
Beginne mit der Suche in 'E:\' <RECOVER>


Ende des Suchlaufs: Dienstag, 7. Januar 2014 09:30
Benötigte Zeit: 9:10:55 Stunde(n)

Der Suchlauf wurde vollständig durchgeführt.

19603 Verzeichnisse wurden überprüft
1033698 Dateien wurden geprüft
2 Viren bzw. unerwünschte Programme wurden gefunden
0 Dateien wurden als verdächtig eingestuft
0 Dateien wurden gelöscht
0 Viren bzw. unerwünschte Programme wurden repariert
1 Dateien wurden in die Quarantäne verschoben
0 Dateien wurden umbenannt
0 Dateien konnten nicht durchsucht werden
1033696 Dateien ohne Befall
40029 Archive wurden durchsucht
2 Warnungen
1 Hinweise

-------------------------------------------------------------------------------------------
Ich hoffe das Ihr mir helfen könnt.Bin nicht mehr die jüngste (74)und habe keine Ahnung von der Technik.

LG......Ilse
Seitenanfang Seitenende
07.01.2014, 18:52
lupe
...neu hier

Themenstarter

Beiträge: 3
#2 Hallo..
war mir nicht sicher mit OTL.
Habe auf Scan geklickt.
Hier das Ergebnis:
OTL logfile created on: 07.01.2014 18:19:25 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Dokumente und Einstellungen\ilse\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

511,48 Mb Total Physical Memory | 334,05 Mb Available Physical Memory | 65,31% Memory free
1,25 Gb Paging File | 0,78 Gb Available in Paging File | 62,43% Paging File free
Paging file location(s): C:\pagefile.sys 800 800 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 74,53 Gb Total Space | 29,76 Gb Free Space | 39,94% Space Free | Partition Type: NTFS
Drive D: | 65,73 Gb Total Space | 37,35 Gb Free Space | 56,81% Space Free | Partition Type: NTFS
Drive E: | 8,78 Gb Total Space | 5,57 Gb Free Space | 63,49% Space Free | Partition Type: FAT32

Computer Name: ILSES | User Name: ilse | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2014.01.07 17:28:32 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\ilse\Desktop\OTL.exe
PRC - [2013.12.18 09:03:37 | 000,440,376 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2013.12.18 09:03:23 | 001,011,768 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe
PRC - [2013.12.18 09:03:22 | 000,431,672 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2013.12.18 09:03:08 | 000,684,600 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2013.12.09 11:37:19 | 000,896,056 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avmailc.exe
PRC - [2013.12.04 23:14:30 | 000,223,112 | ---- | M] (Google Inc.) -- C:\Programme\Google\Update\1.3.22.3\GoogleCrashHandler.exe
PRC - [2013.11.28 08:04:16 | 000,440,376 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2008.04.14 03:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.06.05 12:20:32 | 000,177,704 | ---- | M] () -- C:\WINDOWS\system32\PSIService.exe
PRC - [2005.05.27 11:24:52 | 000,310,272 | ---- | M] (shbox.de) -- C:\Programme\FreePDF_XP\fpassist.exe
PRC - [2003.06.19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe
PRC - [2003.03.01 18:57:34 | 000,057,344 | ---- | M] () -- C:\Programme\Medion Home CinemaXL\PowerCinema\PCMService.exe
PRC - [2002.08.28 13:43:26 | 000,073,728 | ---- | M] () -- C:\WINDOWS\Dit.exe
PRC - [2002.07.24 18:43:46 | 000,028,672 | ---- | M] (Microsoft® Corporation) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkUFind.exe
PRC - [2002.07.12 10:29:24 | 000,065,536 | ---- | M] () -- C:\WINDOWS\DitExp.exe
PRC - [2001.11.12 13:31:48 | 000,020,480 | ---- | M] (X10) -- C:\Programme\Common Files\X10\Common\X10nets.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2013.12.09 11:37:21 | 000,394,808 | ---- | M] () -- C:\Programme\Avira\AntiVir Desktop\sqlite3.dll
MOD - [2007.06.05 12:20:32 | 000,177,704 | ---- | M] () -- C:\WINDOWS\system32\PSIService.exe
MOD - [2005.01.06 18:33:30 | 000,116,224 | ---- | M] () -- C:\WINDOWS\system32\redmonnt.dll
MOD - [2003.03.01 18:57:34 | 000,057,344 | ---- | M] () -- C:\Programme\Medion Home CinemaXL\PowerCinema\PCMService.exe
MOD - [2002.08.28 13:43:26 | 000,073,728 | ---- | M] () -- C:\WINDOWS\Dit.exe
MOD - [2002.07.12 10:29:24 | 000,065,536 | ---- | M] () -- C:\WINDOWS\DitExp.exe


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2013.12.18 09:03:37 | 000,440,376 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2013.12.18 09:03:23 | 001,011,768 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe -- (AntiVirWebService)
SRV - [2013.12.11 13:07:31 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.12.09 11:37:19 | 000,896,056 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avmailc.exe -- (AntiVirMailService)
SRV - [2013.11.28 08:04:16 | 000,440,376 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2007.06.05 12:20:32 | 000,177,704 | ---- | M] () [Auto | Start_Pending] -- C:\WINDOWS\system32\PSIService.exe -- (ProtexisLicensing)
SRV - [2005.11.17 14:18:52 | 001,527,900 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Programme\MAGIX\Common\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
SRV - [2005.04.04 00:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2003.07.28 12:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2003.06.19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe -- (MDM)
SRV - [2002.08.29 13:00:00 | 000,010,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\doskey.exe -- (Catcaudserp)
SRV - [2001.11.12 13:31:48 | 000,020,480 | ---- | M] (X10) [On_Demand | Running] -- C:\Programme\Common Files\X10\Common\X10nets.exe -- (x10nets)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\DRIVERS\wanatw4.sys -- (wanatw)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Programme\FreshDevices\FreshDiagnose\FreshIO.sys -- (FreshIO)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOKUME~1\ilse\LOKALE~1\Temp\cpuz132\cpuz132_x32.sys -- (cpuz132)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOKUME~1\ilse\LOKALE~1\Temp\catchme.sys -- (catchme)
DRV - [2013.12.18 09:03:39 | 000,135,648 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2013.12.18 09:03:39 | 000,090,400 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2013.11.28 08:04:38 | 000,037,352 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2013.08.06 16:57:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.01.19 21:00:38 | 000,717,296 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2008.04.13 19:45:29 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2007.09.17 14:06:20 | 000,028,672 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CO_Mon.sys -- (CO_Mon)
DRV - [2007.01.23 23:11:19 | 000,108,768 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ACEDRV08.sys -- (ACEDRV08)
DRV - [2005.09.12 11:10:18 | 000,019,840 | ---- | M] (Compro Technology, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PhTVTune.sys -- (PhTVTune)
DRV - [2004.08.04 07:38:58 | 000,701,952 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2003.03.25 17:50:46 | 000,004,096 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\siside.sys -- (SiSide)
DRV - [2002.11.04 15:29:42 | 000,422,976 | ---- | M] (Philips Semiconductors) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Cap7134.sys -- (Cap7134)
DRV - [2002.10.31 11:58:42 | 000,030,848 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\SISAGPX.SYS -- (SISAGP)
DRV - [2002.10.28 07:38:06 | 000,947,884 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM)
DRV - [2002.07.10 16:39:34 | 000,032,256 | ---- | M] (SiS Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sisnic.sys -- (SISNIC)
DRV - [2002.07.01 15:10:40 | 000,638,366 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctxs51.sys -- (Intels51)
DRV - [2002.04.19 10:15:46 | 000,013,780 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2002.04.17 20:27:02 | 000,011,264 | ---- | M] (VOB Computersysteme GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\asapiW2k.sys -- (asapiW2k)
DRV - [2002.03.20 17:38:20 | 000,019,140 | ---- | M] (America Online) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\atwpkt.sys -- (ATWPKT)
DRV - [2001.11.14 18:07:42 | 000,010,761 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\x10uif.sys -- (X10UIF)
DRV - [2001.08.17 14:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401)
DRV - [2000.11.08 09:47:38 | 000,027,484 | R--- | M] (DeTeWe Berlin) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ulisa.sys -- (ulisa)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 7A CA 1D 9B 98 03 CE 01 [binary data]
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {136AF01C-A5C2-4E25-AA78-D749E2BDD82D}
IE - HKCU\..\SearchScopes\{136AF01C-A5C2-4E25-AA78-D749E2BDD82D}: "URL" = http://www.google.de/search?q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.defaultenginename: "Search Results"
FF - prefs.js..browser.search.order.1: "Search Results"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.startup.homepage: "http://www.google.de/"
FF - prefs.js..extensions.enabledAddons: %7Bf34c9277-6577-4dff-b2d7-7d58092f272f%7D:1.0.0.12
FF - prefs.js..extensions.enabledAddons: exif_viewer%40mozilla.doslash.org:2.00
FF - prefs.js..extensions.enabledAddons: fdm_ffext%40freedownloadmanager.org:1.5.7.6
FF - prefs.js..extensions.enabledAddons: %7B1FD91A9C-410C-4090-BBCC-55D3450EF433%7D:1.0
FF - prefs.js..extensions.enabledAddons: %7B11483926-db67-4190-91b1-ef20fcec5f33%7D:0.4.7.1
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0
FF - prefs.js..extensions.enabledItems: {11483926-db67-4190-91b1-ef20fcec5f33}:0.4.2
FF - prefs.js..extensions.enabledItems: exif_viewer@mozilla.doslash.org:1.82
FF - prefs.js..extensions.enabledItems: {1FD91A9C-410C-4090-BBCC-55D3450EF433}:1.0
FF - prefs.js..extensions.enabledItems: {f34c9277-6577-4dff-b2d7-7d58092f272f}:1.0.0.12
FF - prefs.js..keyword.URL: "http://dts.search-results.com/sr?src=ffb&gct=ds&appid=342&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&apn_uid=3105995475244225&o=APN10645&q="
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Programme\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll File not found


[2012.11.23 22:42:49 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\ilse\Anwendungsdaten\Mozilla\Extensions
[2013.11.24 01:53:23 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\ilse\Anwendungsdaten\Mozilla\Firefox\Profiles\ykm7b32h.default\extensions
[2012.11.23 22:42:02 | 000,000,000 | ---D | M] (Search-Results Toolbar) -- C:\Dokumente und Einstellungen\ilse\Anwendungsdaten\Mozilla\Firefox\Profiles\ykm7b32h.default\extensions\{f34c9277-6577-4dff-b2d7-7d58092f272f}
[2013.01.11 23:49:29 | 000,000,000 | ---D | M] (Free Download Manager plugin) -- C:\Dokumente und Einstellungen\ilse\Anwendungsdaten\Mozilla\Firefox\Profiles\ykm7b32h.default\extensions\fdm_ffext@freedownloadmanager.org
[2013.01.06 02:18:56 | 000,230,013 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\ilse\Anwendungsdaten\Mozilla\Firefox\Profiles\ykm7b32h.default\extensions\exif_viewer@mozilla.doslash.org.xpi
[2013.11.09 22:23:07 | 000,078,359 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\ilse\Anwendungsdaten\Mozilla\Firefox\Profiles\ykm7b32h.default\extensions\{11483926-db67-4190-91b1-ef20fcec5f33}.xpi
[2012.11.23 22:41:12 | 000,002,687 | ---- | M] () -- C:\Dokumente und Einstellungen\ilse\Anwendungsdaten\Mozilla\Firefox\Profiles\ykm7b32h.default\searchplugins\Search_Results.xml
[2013.12.03 21:31:45 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
File not found (No name found) -- C:\PROGRAMME\SEARCH RESULTS TOOLBAR\DATAMNGR\FIREFOXEXTENSION
[2007.12.04 22:21:36 | 000,364,544 | ---- | M] (Microsoft Corporation (written by Digital Renaissance Inc.)) -- C:\Programme\mozilla firefox\plugins\npdsplay.dll
[2012.11.23 22:41:12 | 000,002,687 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\Search_Results.xml

[color=#E56717]========== Chrome ==========[/color]

CHR - homepage: http://www.searchnu.com/406
CHR - default_search_provider: Search Results (Enabled)
CHR - default_search_provider: search_url = http://dts.search-results.com/sr?src=crb&gct=ds&appid=342&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&o=APN10645&apn_uid=3105995475244225&q={searchTerms}
CHR - default_search_provider: suggest_url =
CHR - homepage: http://www.searchnu.com/406
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Programme\Google\Chrome\Application\24.0.1312.56\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Programme\Google\Chrome\Application\24.0.1312.56\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Programme\Google\Chrome\Application\24.0.1312.56\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Programme\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Programme\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: QuickTime Plug-in 6.5.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 6.5.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 6.5.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 6.5.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 6.5.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 6.5.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 6.5.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programme\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programme\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Programme\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Programme\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin

Hosts file not found
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Dit] C:\WINDOWS\Dit.exe ()
O4 - HKLM..\Run: [FreePDF Assistant] C:\Programme\FreePDF_XP\fpassist.exe (shbox.de)
O4 - HKLM..\Run: [Microsoft Works Update Detection] C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkUFind.exe (Microsoft® Corporation)
O4 - HKLM..\Run: [PCMService] C:\Programme\Medion Home CinemaXL\PowerCinema\PCMService.exe ()
O4 - HKLM..\Run: [PSDrvCheck] C:\WINDOWS\system32\PSDrvCheck.exe ()
O4 - HKLM..\Run: [VOBRegCheck] C:\WINDOWS\System32\VOBREGCheck.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: ImTranslator - C:\Programme\Smart Link\ImTranslator for IE\startup.html ()
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000 File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O15 - HKCU\..Trusted Domains: ([]msn in My Computer)
O15 - HKCU\..Trusted Domains: abnehmen-mit-genuss.de ([www] https in Vertrauenswürdige Sites)
O15 - HKCU\..Trusted Domains: ekartenwelt.de ([www] https in Vertrauenswürdige Sites)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Programme\Yahoo!\Common\Yinsthelper200711281.dll (Installation Support)
O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1265552139703 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1363168635453 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: Yahoo! Chat http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/c381/chat.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AA602B3B-3FD7-4E05-ADB2-CFA7FB4D6F19}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\livecall - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim - No CLSID value found
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\ilse\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\ilse\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2003.02.05 08:31:27 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2014.01.07 17:28:29 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\ilse\Desktop\OTL.exe
[2014.01.07 11:33:09 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\ilse\Recent
[2014.01.04 18:51:13 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\ilse\UserData
[2014.01.04 18:02:01 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\ilse\Cookies
[2014.01.03 19:54:02 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\ilse\Lokale Einstellungen\Anwendungsdaten\SearchProtect
[2014.01.03 00:19:50 | 000,642,632 | ---- | C] (EFD Software ) -- C:\Dokumente und Einstellungen\ilse\Eigene Dateien\hdtune_255.exe
[2013.12.31 14:59:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\Downloaded Program Files
[2013.12.30 23:45:08 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\ilse\Eigene Dateien\Eigene Videos
[2013.12.27 19:57:37 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\ilse\Anwendungsdaten\DriverCure
[2013.12.27 19:57:35 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\ilse\Anwendungsdaten\ParetoLogic
[2013.12.27 19:57:01 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\ilse\Startmenü\Programme\ParetoLogic
[2013.12.27 19:56:36 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\ParetoLogic
[2013.12.27 19:56:24 | 000,000,000 | ---D | C] -- C:\Programme\ParetoLogic
[2013.12.27 19:56:24 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ParetoLogic
[2013.12.27 19:35:53 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\ilse\Desktop\reinigen
[2013.12.27 14:37:10 | 001,734,994 | ---- | C] (7Byte Computers ) -- C:\Dokumente und Einstellungen\ilse\Eigene Dateien\hotcpu.exe
[2013.12.24 10:28:47 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidserv.dll
[2013.12.24 10:28:42 | 000,010,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidusb.sys
[2013.12.23 19:25:39 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Avira
[2013.12.23 17:23:44 | 000,004,096 | ---- | C] (Silicon Integrated Systems Corp.) -- C:\WINDOWS\System32\drivers\siside.sys
[2013.12.23 14:58:45 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\ilse\Lokale Einstellungen\Anwendungsdaten\DriverTuner
[2013.12.23 14:57:52 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\DriverTuner
[2013.12.23 14:57:46 | 000,000,000 | ---D | C] -- C:\Programme\DriverTuner
[2013.12.23 14:56:28 | 002,816,072 | ---- | C] (LionSea SoftWare ) -- C:\Dokumente und Einstellungen\ilse\Eigene Dateien\setup.exe
[2013.12.23 14:51:50 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DriverGenius
[2013.12.23 14:48:10 | 011,360,472 | ---- | C] (Driver-Soft Inc. ) -- C:\Dokumente und Einstellungen\ilse\Eigene Dateien\Driver_Genius_Professional_DE_PPC_Content.exe
[2013.12.18 10:37:47 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\ilse\Anwendungsdaten\Steinberg
[2013.12.18 10:15:45 | 000,000,000 | ---D | C] -- C:\Programme\VOB
[2013.12.18 10:13:57 | 001,441,792 | ---- | C] (Intel Corp.) -- C:\WINDOWS\System32\nspw7.dll
[2013.12.18 10:13:56 | 001,429,504 | ---- | C] (Intel Corp.) -- C:\WINDOWS\System32\nspa6.dll
[2013.12.18 10:13:56 | 001,404,928 | ---- | C] (Intel Corp.) -- C:\WINDOWS\System32\nspm6.dll
[2013.12.18 10:13:56 | 001,335,296 | ---- | C] (Intel Corp.) -- C:\WINDOWS\System32\nspm5.dll
[2013.12.18 10:13:56 | 001,318,912 | ---- | C] (Intel Corp.) -- C:\WINDOWS\System32\nspp6.dll
[2013.12.18 10:13:56 | 001,306,624 | ---- | C] (Intel Corp.) -- C:\WINDOWS\System32\nsppx.dll
[2013.12.18 10:13:56 | 000,114,688 | ---- | C] (Intel Corp.) -- C:\WINDOWS\System32\nsp.dll
[2013.12.17 05:25:33 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Google Earth
[2007.10.25 05:28:20 | 000,266,240 | ---- | C] (Pando) -- C:\Programme\Uninstall Pando Toolbar.dll
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2014.01.07 18:46:00 | 000,000,416 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{70D49D3E-CE23-4300-A3CC-B345903512E9}.job
[2014.01.07 18:07:11 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2014.01.07 18:00:23 | 000,000,450 | ---- | M] () -- C:\WINDOWS\tasks\ParetoLogic Registration3.job
[2014.01.07 17:28:32 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\ilse\Desktop\OTL.exe
[2014.01.07 11:40:15 | 000,001,082 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014.01.07 11:40:08 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014.01.07 11:40:06 | 536,399,872 | -HS- | M] () -- C:\hiberfil.sys
[2014.01.05 01:18:45 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2014.01.03 22:31:34 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2014.01.03 07:38:05 | 000,000,340 | ---- | M] () -- C:\WINDOWS\tasks\PC Health Advisor.job
[2014.01.03 00:20:11 | 000,642,632 | ---- | M] (EFD Software ) -- C:\Dokumente und Einstellungen\ilse\Eigene Dateien\hdtune_255.exe
[2014.01.02 00:42:05 | 000,000,424 | ---- | M] () -- C:\WINDOWS\tasks\ParetoLogic Update Version3.job
[2013.12.31 01:57:19 | 000,000,675 | ---- | M] () -- C:\WINDOWS\Clean! presets.set
[2013.12.27 20:26:32 | 000,000,055 | ---- | M] () -- C:\0.bak
[2013.12.27 19:57:01 | 000,000,830 | ---- | M] () -- C:\Dokumente und Einstellungen\ilse\Desktop\ParetoLogic PC Health Advisor.lnk
[2013.12.27 19:56:59 | 000,000,358 | ---- | M] () -- C:\WINDOWS\tasks\PC Health Advisor Defrag.job
[2013.12.27 14:37:44 | 001,734,994 | ---- | M] (7Byte Computers ) -- C:\Dokumente und Einstellungen\ilse\Eigene Dateien\hotcpu.exe
[2013.12.24 12:00:14 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\Msft_User_WpdMtpDr_01_00_00.Wdf
[2013.12.23 19:25:39 | 000,001,675 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Avira Control Center.lnk
[2013.12.23 17:08:03 | 000,000,694 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\DriverTuner.lnk
[2013.12.23 16:05:03 | 002,816,072 | ---- | M] (LionSea SoftWare ) -- C:\Dokumente und Einstellungen\ilse\Eigene Dateien\setup.exe
[2013.12.23 14:49:53 | 011,360,472 | ---- | M] (Driver-Soft Inc. ) -- C:\Dokumente und Einstellungen\ilse\Eigene Dateien\Driver_Genius_Professional_DE_PPC_Content.exe
[2013.12.20 15:51:27 | 000,002,486 | ---- | M] () -- C:\WINDOWS\System32\ASOROSet.bin
[2013.12.19 19:39:48 | 000,000,073 | ---- | M] () -- C:\Dokumente und Einstellungen\ilse\default.pls
[2013.12.18 10:22:57 | 000,487,496 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013.12.18 09:03:39 | 000,135,648 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2013.12.18 09:03:39 | 000,090,400 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2013.12.17 05:25:34 | 000,001,891 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Google Earth.lnk
[2013.12.13 01:59:11 | 000,001,941 | ---- | M] () -- C:\Dokumente und Einstellungen\ilse\Desktop\Windows Live Mail.lnk
[2013.12.12 23:47:46 | 000,043,520 | ---- | M] () -- C:\Dokumente und Einstellungen\ilse\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.12.11 13:07:31 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013.12.11 13:07:31 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013.12.11 13:03:32 | 000,600,962 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2013.12.11 13:03:32 | 000,560,128 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013.12.11 13:03:32 | 000,147,458 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2013.12.11 13:03:32 | 000,121,934 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2014.01.07 11:40:06 | 536,399,872 | -HS- | C] () -- C:\hiberfil.sys
[2013.12.27 20:26:27 | 000,000,055 | ---- | C] () -- C:\0.bak
[2013.12.27 19:58:28 | 000,000,450 | ---- | C] () -- C:\WINDOWS\tasks\ParetoLogic Registration3.job
[2013.12.27 19:57:00 | 000,000,830 | ---- | C] () -- C:\Dokumente und Einstellungen\ilse\Desktop\ParetoLogic PC Health Advisor.lnk
[2013.12.27 19:56:59 | 000,000,424 | ---- | C] () -- C:\WINDOWS\tasks\ParetoLogic Update Version3.job
[2013.12.27 19:56:58 | 000,000,358 | ---- | C] () -- C:\WINDOWS\tasks\PC Health Advisor Defrag.job
[2013.12.27 19:56:57 | 000,000,340 | ---- | C] () -- C:\WINDOWS\tasks\PC Health Advisor.job
[2013.12.23 17:08:03 | 000,000,694 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\DriverTuner.lnk
[2013.12.20 15:36:38 | 000,002,486 | ---- | C] () -- C:\WINDOWS\System32\ASOROSet.bin
[2013.12.18 10:55:00 | 000,000,675 | ---- | C] () -- C:\WINDOWS\Clean! presets.set
[2013.12.18 10:15:45 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\IWUninstall.exe
[2013.12.18 10:14:55 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\PSDrvCheck.NLD
[2013.12.18 10:14:55 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\PSDrvCheck.NL
[2013.12.18 10:14:55 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\PSDrvCheck.ITA
[2013.12.18 10:14:55 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\PSDrvCheck.IT
[2013.12.18 10:14:55 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\PSDrvCheck.FRA
[2013.12.18 10:14:55 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\PSDrvCheck.FR
[2013.12.18 10:14:55 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\PSDrvCheck.DEU
[2013.12.18 10:14:55 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\PSDrvCheck.DE
[2013.12.18 10:14:55 | 000,026,112 | ---- | C] () -- C:\WINDOWS\System32\PSDrvCheck.CHT
[2013.12.18 10:14:55 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\PSDrvCheck.KOR
[2013.12.18 10:14:55 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\PSDrvCheck.ESP
[2013.12.18 10:14:55 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\PSDrvCheck.ES
[2013.12.18 10:14:55 | 000,016,384 | ---- | C] () -- C:\WINDOWS\System32\PSDrvCheck.CHS
[2013.12.18 10:14:54 | 000,396,800 | ---- | C] () -- C:\WINDOWS\System32\PSDrvCheck.exe
[2013.12.18 10:13:56 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\Cpuinf32.dll
[2013.12.17 05:25:34 | 000,001,891 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Google Earth.lnk
[2013.12.13 01:59:11 | 000,001,941 | ---- | C] () -- C:\Dokumente und Einstellungen\ilse\Desktop\Windows Live Mail.lnk
[2012.02.16 09:11:30 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012.01.25 22:33:46 | 000,010,593 | ---- | C] () -- C:\WINDOWS\CSTBox.INI
[2008.09.25 16:57:53 | 000,003,486 | ---- | C] () -- C:\Dokumente und Einstellungen\ilse\.recently-used.xbel
[2007.10.21 15:30:29 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\ilse\.gtk-bookmarks
[2007.10.21 15:25:06 | 000,352,995 | ---- | C] () -- C:\Dokumente und Einstellungen\ilse\.fonts.cache-1
[2006.08.27 17:15:07 | 000,192,506 | ---- | C] () -- C:\Dokumente und Einstellungen\ilse\~
[2006.07.07 17:06:51 | 000,120,286 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\firstlsp.reg.dat
[2006.04.24 16:59:44 | 000,000,073 | ---- | C] () -- C:\Dokumente und Einstellungen\ilse\default.pls
[2006.02.19 07:06:47 | 000,000,305 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\addr_file.html
[2003.06.01 20:58:58 | 000,043,520 | ---- | C] () -- C:\Dokumente und Einstellungen\ilse\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2003.03.28 11:42:18 | 000,000,137 | ---- | C] () -- C:\Dokumente und Einstellungen\ilse\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2003.02.05 08:38:52 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\System32\shdocvw.dll -- [2008.04.14 03:22:25 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\System32\wbem\fastprox.dll -- [2009.02.09 11:51:44 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\System32\wbem\wbemess.dll -- [2008.04.14 03:22:32 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[color=#E56717]========== Files - Unicode (All) ==========[/color]
[2013.11.23 16:34:34 | 105,869,762 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\霆ை囌6
[2013.11.23 16:34:34 | 105,869,762 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\霆ை囌6
[2013.11.22 16:53:46 | 105,660,331 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\�儔囌6
[2013.11.22 16:53:46 | 105,660,331 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\�儔囌6
[2013.11.16 17:43:42 | 104,559,818 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\⯯悡囌6
[2013.11.16 17:43:42 | 104,559,818 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\⯯悡囌6
[2013.11.16 08:55:11 | 104,513,208 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\䊊㋳囌6
[2013.11.16 08:55:11 | 104,513,208 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\䊊㋳囌6
[2013.11.10 10:59:59 | 103,467,942 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\᜷醲囌6
[2013.11.10 10:59:59 | 103,467,942 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\᜷醲囌6

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 88 bytes -> C:\WINDOWS\System32\mshtmold.dll:SummaryInformation
@Alternate Data Stream - 88 bytes -> C:\WINDOWS\System32\comres(3).dll:SummaryInformation

< End of report >
OTL logfile created on: 07.01.2014 18:19:25 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Dokumente und Einstellungen\ilse\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

511,48 Mb Total Physical Memory | 334,05 Mb Available Physical Memory | 65,31% Memory free
1,25 Gb Paging File | 0,78 Gb Available in Paging File | 62,43% Paging File free
Paging file location(s): C:\pagefile.sys 800 800 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 74,53 Gb Total Space | 29,76 Gb Free Space | 39,94% Space Free | Partition Type: NTFS
Drive D: | 65,73 Gb Total Space | 37,35 Gb Free Space | 56,81% Space Free | Partition Type: NTFS
Drive E: | 8,78 Gb Total Space | 5,57 Gb Free Space | 63,49% Space Free | Partition Type: FAT32

Computer Name: ILSES | User Name: ilse | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2014.01.07 17:28:32 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\ilse\Desktop\OTL.exe
PRC - [2013.12.18 09:03:37 | 000,440,376 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2013.12.18 09:03:23 | 001,011,768 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe
PRC - [2013.12.18 09:03:22 | 000,431,672 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2013.12.18 09:03:08 | 000,684,600 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2013.12.09 11:37:19 | 000,896,056 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avmailc.exe
PRC - [2013.12.04 23:14:30 | 000,223,112 | ---- | M] (Google Inc.) -- C:\Programme\Google\Update\1.3.22.3\GoogleCrashHandler.exe
PRC - [2013.11.28 08:04:16 | 000,440,376 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2008.04.14 03:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.06.05 12:20:32 | 000,177,704 | ---- | M] () -- C:\WINDOWS\system32\PSIService.exe
PRC - [2005.05.27 11:24:52 | 000,310,272 | ---- | M] (shbox.de) -- C:\Programme\FreePDF_XP\fpassist.exe
PRC - [2003.06.19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe
PRC - [2003.03.01 18:57:34 | 000,057,344 | ---- | M] () -- C:\Programme\Medion Home CinemaXL\PowerCinema\PCMService.exe
PRC - [2002.08.28 13:43:26 | 000,073,728 | ---- | M] () -- C:\WINDOWS\Dit.exe
PRC - [2002.07.24 18:43:46 | 000,028,672 | ---- | M] (Microsoft® Corporation) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkUFind.exe
PRC - [2002.07.12 10:29:24 | 000,065,536 | ---- | M] () -- C:\WINDOWS\DitExp.exe
PRC - [2001.11.12 13:31:48 | 000,020,480 | ---- | M] (X10) -- C:\Programme\Common Files\X10\Common\X10nets.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2013.12.09 11:37:21 | 000,394,808 | ---- | M] () -- C:\Programme\Avira\AntiVir Desktop\sqlite3.dll
MOD - [2007.06.05 12:20:32 | 000,177,704 | ---- | M] () -- C:\WINDOWS\system32\PSIService.exe
MOD - [2005.01.06 18:33:30 | 000,116,224 | ---- | M] () -- C:\WINDOWS\system32\redmonnt.dll
MOD - [2003.03.01 18:57:34 | 000,057,344 | ---- | M] () -- C:\Programme\Medion Home CinemaXL\PowerCinema\PCMService.exe
MOD - [2002.08.28 13:43:26 | 000,073,728 | ---- | M] () -- C:\WINDOWS\Dit.exe
MOD - [2002.07.12 10:29:24 | 000,065,536 | ---- | M] () -- C:\WINDOWS\DitExp.exe


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2013.12.18 09:03:37 | 000,440,376 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2013.12.18 09:03:23 | 001,011,768 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe -- (AntiVirWebService)
SRV - [2013.12.11 13:07:31 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.12.09 11:37:19 | 000,896,056 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avmailc.exe -- (AntiVirMailService)
SRV - [2013.11.28 08:04:16 | 000,440,376 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2007.06.05 12:20:32 | 000,177,704 | ---- | M] () [Auto | Start_Pending] -- C:\WINDOWS\system32\PSIService.exe -- (ProtexisLicensing)
SRV - [2005.11.17 14:18:52 | 001,527,900 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Programme\MAGIX\Common\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
SRV - [2005.04.04 00:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2003.07.28 12:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2003.06.19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe -- (MDM)
SRV - [2002.08.29 13:00:00 | 000,010,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\doskey.exe -- (Catcaudserp)
SRV - [2001.11.12 13:31:48 | 000,020,480 | ---- | M] (X10) [On_Demand | Running] -- C:\Programme\Common Files\X10\Common\X10nets.exe -- (x10nets)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\DRIVERS\wanatw4.sys -- (wanatw)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Programme\FreshDevices\FreshDiagnose\FreshIO.sys -- (FreshIO)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOKUME~1\ilse\LOKALE~1\Temp\cpuz132\cpuz132_x32.sys -- (cpuz132)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOKUME~1\ilse\LOKALE~1\Temp\catchme.sys -- (catchme)
DRV - [2013.12.18 09:03:39 | 000,135,648 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2013.12.18 09:03:39 | 000,090,400 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2013.11.28 08:04:38 | 000,037,352 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2013.08.06 16:57:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.01.19 21:00:38 | 000,717,296 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2008.04.13 19:45:29 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2007.09.17 14:06:20 | 000,028,672 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CO_Mon.sys -- (CO_Mon)
DRV - [2007.01.23 23:11:19 | 000,108,768 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ACEDRV08.sys -- (ACEDRV08)
DRV - [2005.09.12 11:10:18 | 000,019,840 | ---- | M] (Compro Technology, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PhTVTune.sys -- (PhTVTune)
DRV - [2004.08.04 07:38:58 | 000,701,952 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2003.03.25 17:50:46 | 000,004,096 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\siside.sys -- (SiSide)
DRV - [2002.11.04 15:29:42 | 000,422,976 | ---- | M] (Philips Semiconductors) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Cap7134.sys -- (Cap7134)
DRV - [2002.10.31 11:58:42 | 000,030,848 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\SISAGPX.SYS -- (SISAGP)
DRV - [2002.10.28 07:38:06 | 000,947,884 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM)
DRV - [2002.07.10 16:39:34 | 000,032,256 | ---- | M] (SiS Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sisnic.sys -- (SISNIC)
DRV - [2002.07.01 15:10:40 | 000,638,366 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctxs51.sys -- (Intels51)
DRV - [2002.04.19 10:15:46 | 000,013,780 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2002.04.17 20:27:02 | 000,011,264 | ---- | M] (VOB Computersysteme GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\asapiW2k.sys -- (asapiW2k)
DRV - [2002.03.20 17:38:20 | 000,019,140 | ---- | M] (America Online) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\atwpkt.sys -- (ATWPKT)
DRV - [2001.11.14 18:07:42 | 000,010,761 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\x10uif.sys -- (X10UIF)
DRV - [2001.08.17 14:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401)
DRV - [2000.11.08 09:47:38 | 000,027,484 | R--- | M] (DeTeWe Berlin) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ulisa.sys -- (ulisa)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 7A CA 1D 9B 98 03 CE 01 [binary data]
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {136AF01C-A5C2-4E25-AA78-D749E2BDD82D}
IE - HKCU\..\SearchScopes\{136AF01C-A5C2-4E25-AA78-D749E2BDD82D}: "URL" = http://www.google.de/search?q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.defaultenginename: "Search Results"
FF - prefs.js..browser.search.order.1: "Search Results"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.startup.homepage: "http://www.google.de/"
FF - prefs.js..extensions.enabledAddons: %7Bf34c9277-6577-4dff-b2d7-7d58092f272f%7D:1.0.0.12
FF - prefs.js..extensions.enabledAddons: exif_viewer%40mozilla.doslash.org:2.00
FF - prefs.js..extensions.enabledAddons: fdm_ffext%40freedownloadmanager.org:1.5.7.6
FF - prefs.js..extensions.enabledAddons: %7B1FD91A9C-410C-4090-BBCC-55D3450EF433%7D:1.0
FF - prefs.js..extensions.enabledAddons: %7B11483926-db67-4190-91b1-ef20fcec5f33%7D:0.4.7.1
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0
FF - prefs.js..extensions.enabledItems: {11483926-db67-4190-91b1-ef20fcec5f33}:0.4.2
FF - prefs.js..extensions.enabledItems: exif_viewer@mozilla.doslash.org:1.82
FF - prefs.js..extensions.enabledItems: {1FD91A9C-410C-4090-BBCC-55D3450EF433}:1.0
FF - prefs.js..extensions.enabledItems: {f34c9277-6577-4dff-b2d7-7d58092f272f}:1.0.0.12
FF - prefs.js..keyword.URL: "http://dts.search-results.com/sr?src=ffb&gct=ds&appid=342&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&apn_uid=3105995475244225&o=APN10645&q="
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Programme\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll File not found


[2012.11.23 22:42:49 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\ilse\Anwendungsdaten\Mozilla\Extensions
[2013.11.24 01:53:23 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\ilse\Anwendungsdaten\Mozilla\Firefox\Profiles\ykm7b32h.default\extensions
[2012.11.23 22:42:02 | 000,000,000 | ---D | M] (Search-Results Toolbar) -- C:\Dokumente und Einstellungen\ilse\Anwendungsdaten\Mozilla\Firefox\Profiles\ykm7b32h.default\extensions\{f34c9277-6577-4dff-b2d7-7d58092f272f}
[2013.01.11 23:49:29 | 000,000,000 | ---D | M] (Free Download Manager plugin) -- C:\Dokumente und Einstellungen\ilse\Anwendungsdaten\Mozilla\Firefox\Profiles\ykm7b32h.default\extensions\fdm_ffext@freedownloadmanager.org
[2013.01.06 02:18:56 | 000,230,013 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\ilse\Anwendungsdaten\Mozilla\Firefox\Profiles\ykm7b32h.default\extensions\exif_viewer@mozilla.doslash.org.xpi
[2013.11.09 22:23:07 | 000,078,359 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\ilse\Anwendungsdaten\Mozilla\Firefox\Profiles\ykm7b32h.default\extensions\{11483926-db67-4190-91b1-ef20fcec5f33}.xpi
[2012.11.23 22:41:12 | 000,002,687 | ---- | M] () -- C:\Dokumente und Einstellungen\ilse\Anwendungsdaten\Mozilla\Firefox\Profiles\ykm7b32h.default\searchplugins\Search_Results.xml
[2013.12.03 21:31:45 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
File not found (No name found) -- C:\PROGRAMME\SEARCH RESULTS TOOLBAR\DATAMNGR\FIREFOXEXTENSION
[2007.12.04 22:21:36 | 000,364,544 | ---- | M] (Microsoft Corporation (written by Digital Renaissance Inc.)) -- C:\Programme\mozilla firefox\plugins\npdsplay.dll
[2012.11.23 22:41:12 | 000,002,687 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\Search_Results.xml

[color=#E56717]========== Chrome ==========[/color]

CHR - homepage: http://www.searchnu.com/406
CHR - default_search_provider: Search Results (Enabled)
CHR - default_search_provider: search_url = http://dts.search-results.com/sr?src=crb&gct=ds&appid=342&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&o=APN10645&apn_uid=3105995475244225&q={searchTerms}
CHR - default_search_provider: suggest_url =
CHR - homepage: http://www.searchnu.com/406
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Programme\Google\Chrome\Application\24.0.1312.56\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Programme\Google\Chrome\Application\24.0.1312.56\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Programme\Google\Chrome\Application\24.0.1312.56\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Programme\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Programme\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: QuickTime Plug-in 6.5.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 6.5.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 6.5.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 6.5.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 6.5.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 6.5.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 6.5.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programme\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programme\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Programme\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Programme\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin

Hosts file not found
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Dit] C:\WINDOWS\Dit.exe ()
O4 - HKLM..\Run: [FreePDF Assistant] C:\Programme\FreePDF_XP\fpassist.exe (shbox.de)
O4 - HKLM..\Run: [Microsoft Works Update Detection] C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkUFind.exe (Microsoft® Corporation)
O4 - HKLM..\Run: [PCMService] C:\Programme\Medion Home CinemaXL\PowerCinema\PCMService.exe ()
O4 - HKLM..\Run: [PSDrvCheck] C:\WINDOWS\system32\PSDrvCheck.exe ()
O4 - HKLM..\Run: [VOBRegCheck] C:\WINDOWS\System32\VOBREGCheck.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: ImTranslator - C:\Programme\Smart Link\ImTranslator for IE\startup.html ()
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000 File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O15 - HKCU\..Trusted Domains: ([]msn in My Computer)
O15 - HKCU\..Trusted Domains: abnehmen-mit-genuss.de ([www] https in Vertrauenswürdige Sites)
O15 - HKCU\..Trusted Domains: ekartenwelt.de ([www] https in Vertrauenswürdige Sites)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Programme\Yahoo!\Common\Yinsthelper200711281.dll (Installation Support)
O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1265552139703 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1363168635453 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: Yahoo! Chat http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/c381/chat.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AA602B3B-3FD7-4E05-ADB2-CFA7FB4D6F19}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\livecall - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim - No CLSID value found
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\ilse\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\ilse\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2003.02.05 08:31:27 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2014.01.07 17:28:29 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\ilse\Desktop\OTL.exe
[2014.01.07 11:33:09 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\ilse\Recent
[2014.01.04 18:51:13 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\ilse\UserData
[2014.01.04 18:02:01 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\ilse\Cookies
[2014.01.03 19:54:02 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\ilse\Lokale Einstellungen\Anwendungsdaten\SearchProtect
[2014.01.03 00:19:50 | 000,642,632 | ---- | C] (EFD Software ) -- C:\Dokumente und Einstellungen\ilse\Eigene Dateien\hdtune_255.exe
[2013.12.31 14:59:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\Downloaded Program Files
[2013.12.30 23:45:08 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\ilse\Eigene Dateien\Eigene Videos
[2013.12.27 19:57:37 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\ilse\Anwendungsdaten\DriverCure
[2013.12.27 19:57:35 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\ilse\Anwendungsdaten\ParetoLogic
[2013.12.27 19:57:01 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\ilse\Startmenü\Programme\ParetoLogic
[2013.12.27 19:56:36 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\ParetoLogic
[2013.12.27 19:56:24 | 000,000,000 | ---D | C] -- C:\Programme\ParetoLogic
[2013.12.27 19:56:24 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ParetoLogic
[2013.12.27 19:35:53 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\ilse\Desktop\reinigen
[2013.12.27 14:37:10 | 001,734,994 | ---- | C] (7Byte Computers ) -- C:\Dokumente und Einstellungen\ilse\Eigene Dateien\hotcpu.exe
[2013.12.24 10:28:47 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidserv.dll
[2013.12.24 10:28:42 | 000,010,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidusb.sys
[2013.12.23 19:25:39 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Avira
[2013.12.23 17:23:44 | 000,004,096 | ---- | C] (Silicon Integrated Systems Corp.) -- C:\WINDOWS\System32\drivers\siside.sys
[2013.12.23 14:58:45 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\ilse\Lokale Einstellungen\Anwendungsdaten\DriverTuner
[2013.12.23 14:57:52 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\DriverTuner
[2013.12.23 14:57:46 | 000,000,000 | ---D | C] -- C:\Programme\DriverTuner
[2013.12.23 14:56:28 | 002,816,072 | ---- | C] (LionSea SoftWare ) -- C:\Dokumente und Einstellungen\ilse\Eigene Dateien\setup.exe
[2013.12.23 14:51:50 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DriverGenius
[2013.12.23 14:48:10 | 011,360,472 | ---- | C] (Driver-Soft Inc. ) -- C:\Dokumente und Einstellungen\ilse\Eigene Dateien\Driver_Genius_Professional_DE_PPC_Content.exe
[2013.12.18 10:37:47 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\ilse\Anwendungsdaten\Steinberg
[2013.12.18 10:15:45 | 000,000,000 | ---D | C] -- C:\Programme\VOB
[2013.12.18 10:13:57 | 001,441,792 | ---- | C] (Intel Corp.) -- C:\WINDOWS\System32\nspw7.dll
[2013.12.18 10:13:56 | 001,429,504 | ---- | C] (Intel Corp.) -- C:\WINDOWS\System32\nspa6.dll
[2013.12.18 10:13:56 | 001,404,928 | ---- | C] (Intel Corp.) -- C:\WINDOWS\System32\nspm6.dll
[2013.12.18 10:13:56 | 001,335,296 | ---- | C] (Intel Corp.) -- C:\WINDOWS\System32\nspm5.dll
[2013.12.18 10:13:56 | 001,318,912 | ---- | C] (Intel Corp.) -- C:\WINDOWS\System32\nspp6.dll
[2013.12.18 10:13:56 | 001,306,624 | ---- | C] (Intel Corp.) -- C:\WINDOWS\System32\nsppx.dll
[2013.12.18 10:13:56 | 000,114,688 | ---- | C] (Intel Corp.) -- C:\WINDOWS\System32\nsp.dll
[2013.12.17 05:25:33 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Google Earth
[2007.10.25 05:28:20 | 000,266,240 | ---- | C] (Pando) -- C:\Programme\Uninstall Pando Toolbar.dll
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2014.01.07 18:46:00 | 000,000,416 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{70D49D3E-CE23-4300-A3CC-B345903512E9}.job
[2014.01.07 18:07:11 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2014.01.07 18:00:23 | 000,000,450 | ---- | M] () -- C:\WINDOWS\tasks\ParetoLogic Registration3.job
[2014.01.07 17:28:32 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\ilse\Desktop\OTL.exe
[2014.01.07 11:40:15 | 000,001,082 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014.01.07 11:40:08 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014.01.07 11:40:06 | 536,399,872 | -HS- | M] () -- C:\hiberfil.sys
[2014.01.05 01:18:45 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2014.01.03 22:31:34 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2014.01.03 07:38:05 | 000,000,340 | ---- | M] () -- C:\WINDOWS\tasks\PC Health Advisor.job
[2014.01.03 00:20:11 | 000,642,632 | ---- | M] (EFD Software ) -- C:\Dokumente und Einstellungen\ilse\Eigene Dateien\hdtune_255.exe
[2014.01.02 00:42:05 | 000,000,424 | ---- | M] () -- C:\WINDOWS\tasks\ParetoLogic Update Version3.job
[2013.12.31 01:57:19 | 000,000,675 | ---- | M] () -- C:\WINDOWS\Clean! presets.set
[2013.12.27 20:26:32 | 000,000,055 | ---- | M] () -- C:\0.bak
[2013.12.27 19:57:01 | 000,000,830 | ---- | M] () -- C:\Dokumente und Einstellungen\ilse\Desktop\ParetoLogic PC Health Advisor.lnk
[2013.12.27 19:56:59 | 000,000,358 | ---- | M] () -- C:\WINDOWS\tasks\PC Health Advisor Defrag.job
[2013.12.27 14:37:44 | 001,734,994 | ---- | M] (7Byte Computers ) -- C:\Dokumente und Einstellungen\ilse\Eigene Dateien\hotcpu.exe
[2013.12.24 12:00:14 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\Msft_User_WpdMtpDr_01_00_00.Wdf
[2013.12.23 19:25:39 | 000,001,675 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Avira Control Center.lnk
[2013.12.23 17:08:03 | 000,000,694 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\DriverTuner.lnk
[2013.12.23 16:05:03 | 002,816,072 | ---- | M] (LionSea SoftWare ) -- C:\Dokumente und Einstellungen\ilse\Eigene Dateien\setup.exe
[2013.12.23 14:49:53 | 011,360,472 | ---- | M] (Driver-Soft Inc. ) -- C:\Dokumente und Einstellungen\ilse\Eigene Dateien\Driver_Genius_Professional_DE_PPC_Content.exe
[2013.12.20 15:51:27 | 000,002,486 | ---- | M] () -- C:\WINDOWS\System32\ASOROSet.bin
[2013.12.19 19:39:48 | 000,000,073 | ---- | M] () -- C:\Dokumente und Einstellungen\ilse\default.pls
[2013.12.18 10:22:57 | 000,487,496 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013.12.18 09:03:39 | 000,135,648 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2013.12.18 09:03:39 | 000,090,400 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2013.12.17 05:25:34 | 000,001,891 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Google Earth.lnk
[2013.12.13 01:59:11 | 000,001,941 | ---- | M] () -- C:\Dokumente und Einstellungen\ilse\Desktop\Windows Live Mail.lnk
[2013.12.12 23:47:46 | 000,043,520 | ---- | M] () -- C:\Dokumente und Einstellungen\ilse\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.12.11 13:07:31 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013.12.11 13:07:31 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013.12.11 13:03:32 | 000,600,962 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2013.12.11 13:03:32 | 000,560,128 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013.12.11 13:03:32 | 000,147,458 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2013.12.11 13:03:32 | 000,121,934 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2014.01.07 11:40:06 | 536,399,872 | -HS- | C] () -- C:\hiberfil.sys
[2013.12.27 20:26:27 | 000,000,055 | ---- | C] () -- C:\0.bak
[2013.12.27 19:58:28 | 000,000,450 | ---- | C] () -- C:\WINDOWS\tasks\ParetoLogic Registration3.job
[2013.12.27 19:57:00 | 000,000,830 | ---- | C] () -- C:\Dokumente und Einstellungen\ilse\Desktop\ParetoLogic PC Health Advisor.lnk
[2013.12.27 19:56:59 | 000,000,424 | ---- | C] () -- C:\WINDOWS\tasks\ParetoLogic Update Version3.job
[2013.12.27 19:56:58 | 000,000,358 | ---- | C] () -- C:\WINDOWS\tasks\PC Health Advisor Defrag.job
[2013.12.27 19:56:57 | 000,000,340 | ---- | C] () -- C:\WINDOWS\tasks\PC Health Advisor.job
[2013.12.23 17:08:03 | 000,000,694 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\DriverTuner.lnk
[2013.12.20 15:36:38 | 000,002,486 | ---- | C] () -- C:\WINDOWS\System32\ASOROSet.bin
[2013.12.18 10:55:00 | 000,000,675 | ---- | C] () -- C:\WINDOWS\Clean! presets.set
[2013.12.18 10:15:45 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\IWUninstall.exe
[2013.12.18 10:14:55 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\PSDrvCheck.NLD
[2013.12.18 10:14:55 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\PSDrvCheck.NL
[2013.12.18 10:14:55 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\PSDrvCheck.ITA
[2013.12.18 10:14:55 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\PSDrvCheck.IT
[2013.12.18 10:14:55 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\PSDrvCheck.FRA
[2013.12.18 10:14:55 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\PSDrvCheck.FR
[2013.12.18 10:14:55 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\PSDrvCheck.DEU
[2013.12.18 10:14:55 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\PSDrvCheck.DE
[2013.12.18 10:14:55 | 000,026,112 | ---- | C] () -- C:\WINDOWS\System32\PSDrvCheck.CHT
[2013.12.18 10:14:55 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\PSDrvCheck.KOR
[2013.12.18 10:14:55 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\PSDrvCheck.ESP
[2013.12.18 10:14:55 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\PSDrvCheck.ES
[2013.12.18 10:14:55 | 000,016,384 | ---- | C] () -- C:\WINDOWS\System32\PSDrvCheck.CHS
[2013.12.18 10:14:54 | 000,396,800 | ---- | C] () -- C:\WINDOWS\System32\PSDrvCheck.exe
[2013.12.18 10:13:56 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\Cpuinf32.dll
[2013.12.17 05:25:34 | 000,001,891 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Google Earth.lnk
[2013.12.13 01:59:11 | 000,001,941 | ---- | C] () -- C:\Dokumente und Einstellungen\ilse\Desktop\Windows Live Mail.lnk
[2012.02.16 09:11:30 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012.01.25 22:33:46 | 000,010,593 | ---- | C] () -- C:\WINDOWS\CSTBox.INI
[2008.09.25 16:57:53 | 000,003,486 | ---- | C] () -- C:\Dokumente und Einstellungen\ilse\.recently-used.xbel
[2007.10.21 15:30:29 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\ilse\.gtk-bookmarks
[2007.10.21 15:25:06 | 000,352,995 | ---- | C] () -- C:\Dokumente und Einstellungen\ilse\.fonts.cache-1
[2006.08.27 17:15:07 | 000,192,506 | ---- | C] () -- C:\Dokumente und Einstellungen\ilse\~
[2006.07.07 17:06:51 | 000,120,286 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\firstlsp.reg.dat
[2006.04.24 16:59:44 | 000,000,073 | ---- | C] () -- C:\Dokumente und Einstellungen\ilse\default.pls
[2006.02.19 07:06:47 | 000,000,305 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\addr_file.html
[2003.06.01 20:58:58 | 000,043,520 | ---- | C] () -- C:\Dokumente und Einstellungen\ilse\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2003.03.28 11:42:18 | 000,000,137 | ---- | C] () -- C:\Dokumente und Einstellungen\ilse\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2003.02.05 08:38:52 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\System32\shdocvw.dll -- [2008.04.14 03:22:25 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\System32\wbem\fastprox.dll -- [2009.02.09 11:51:44 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\System32\wbem\wbemess.dll -- [2008.04.14 03:22:32 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[color=#E56717]========== Files - Unicode (All) ==========[/color]
[2013.11.23 16:34:34 | 105,869,762 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\霆ை囌6
[2013.11.23 16:34:34 | 105,869,762 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\霆ை囌6
[2013.11.22 16:53:46 | 105,660,331 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\�儔囌6
[2013.11.22 16:53:46 | 105,660,331 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\�儔囌6
[2013.11.16 17:43:42 | 104,559,818 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\⯯悡囌6
[2013.11.16 17:43:42 | 104,559,818 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\⯯悡囌6
[2013.11.16 08:55:11 | 104,513,208 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\䊊㋳囌6
[2013.11.16 08:55:11 | 104,513,208 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\䊊㋳囌6
[2013.11.10 10:59:59 | 103,467,942 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\᜷醲囌6
[2013.11.10 10:59:59 | 103,467,942 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\᜷醲囌6

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 88 bytes -> C:\WINDOWS\System32\mshtmold.dll:SummaryInformation
@Alternate Data Stream - 88 bytes -> C:\WINDOWS\System32\comres(3).dll:SummaryInformation

< End of report >
Seitenanfang Seitenende
07.01.2014, 19:11
lupe
...neu hier

Themenstarter

Beiträge: 3
#3 Hier ist der Quick Scan

OTL logfile created on: 07.01.2014 19:03:56 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Dokumente und Einstellungen\ilse\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

511,48 Mb Total Physical Memory | 278,13 Mb Available Physical Memory | 54,38% Memory free
1,25 Gb Paging File | 0,73 Gb Available in Paging File | 58,14% Paging File free
Paging file location(s): C:\pagefile.sys 800 800 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 74,53 Gb Total Space | 29,76 Gb Free Space | 39,93% Space Free | Partition Type: NTFS
Drive D: | 65,73 Gb Total Space | 37,35 Gb Free Space | 56,81% Space Free | Partition Type: NTFS
Drive E: | 8,78 Gb Total Space | 5,57 Gb Free Space | 63,49% Space Free | Partition Type: FAT32

Computer Name: ILSES | User Name: ilse | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2014.01.07 17:28:32 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\ilse\Desktop\OTL.exe
PRC - [2013.12.18 09:03:37 | 000,440,376 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2013.12.18 09:03:23 | 001,011,768 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe
PRC - [2013.12.18 09:03:22 | 000,431,672 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2013.12.18 09:03:08 | 000,684,600 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2013.12.18 09:03:04 | 000,661,048 | ---- | M] (Avira Operations GmbH & Co. KG) -- c:\Programme\Avira\AntiVir Desktop\avcenter.exe
PRC - [2013.12.09 11:37:19 | 000,896,056 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avmailc.exe
PRC - [2013.12.04 23:14:30 | 000,223,112 | ---- | M] (Google Inc.) -- C:\Programme\Google\Update\1.3.22.3\GoogleCrashHandler.exe
PRC - [2013.11.28 08:04:16 | 000,440,376 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2008.04.14 03:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.06.05 12:20:32 | 000,177,704 | ---- | M] () -- C:\WINDOWS\system32\PSIService.exe
PRC - [2005.05.27 11:24:52 | 000,310,272 | ---- | M] (shbox.de) -- C:\Programme\FreePDF_XP\fpassist.exe
PRC - [2003.06.19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe
PRC - [2003.03.01 18:57:34 | 000,057,344 | ---- | M] () -- C:\Programme\Medion Home CinemaXL\PowerCinema\PCMService.exe
PRC - [2002.08.28 13:43:26 | 000,073,728 | ---- | M] () -- C:\WINDOWS\Dit.exe
PRC - [2002.07.24 18:43:46 | 000,028,672 | ---- | M] (Microsoft® Corporation) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkUFind.exe
PRC - [2002.07.12 10:29:24 | 000,065,536 | ---- | M] () -- C:\WINDOWS\DitExp.exe
PRC - [2001.11.12 13:31:48 | 000,020,480 | ---- | M] (X10) -- C:\Programme\Common Files\X10\Common\X10nets.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2013.12.09 11:37:21 | 000,394,808 | ---- | M] () -- C:\Programme\Avira\AntiVir Desktop\sqlite3.dll
MOD - [2007.06.05 12:20:32 | 000,177,704 | ---- | M] () -- C:\WINDOWS\system32\PSIService.exe
MOD - [2005.01.06 18:33:30 | 000,116,224 | ---- | M] () -- C:\WINDOWS\system32\redmonnt.dll
MOD - [2003.03.01 18:57:34 | 000,057,344 | ---- | M] () -- C:\Programme\Medion Home CinemaXL\PowerCinema\PCMService.exe
MOD - [2002.08.28 13:43:26 | 000,073,728 | ---- | M] () -- C:\WINDOWS\Dit.exe
MOD - [2002.07.12 10:29:24 | 000,065,536 | ---- | M] () -- C:\WINDOWS\DitExp.exe


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt)
SRV - [2013.12.18 09:03:37 | 000,440,376 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2013.12.18 09:03:23 | 001,011,768 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe -- (AntiVirWebService)
SRV - [2013.12.11 13:07:31 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.12.09 11:37:19 | 000,896,056 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avmailc.exe -- (AntiVirMailService)
SRV - [2013.11.28 08:04:16 | 000,440,376 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2007.06.05 12:20:32 | 000,177,704 | ---- | M] () [Auto | Start_Pending] -- C:\WINDOWS\system32\PSIService.exe -- (ProtexisLicensing)
SRV - [2005.11.17 14:18:52 | 001,527,900 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Programme\MAGIX\Common\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
SRV - [2005.04.04 00:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2003.07.28 12:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2003.06.19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe -- (MDM)
SRV - [2002.08.29 13:00:00 | 000,010,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\doskey.exe -- (Catcaudserp)
SRV - [2001.11.12 13:31:48 | 000,020,480 | ---- | M] (X10) [On_Demand | Running] -- C:\Programme\Common Files\X10\Common\X10nets.exe -- (x10nets)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\DRIVERS\wanatw4.sys -- (wanatw)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Programme\FreshDevices\FreshDiagnose\FreshIO.sys -- (FreshIO)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOKUME~1\ilse\LOKALE~1\Temp\cpuz132\cpuz132_x32.sys -- (cpuz132)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOKUME~1\ilse\LOKALE~1\Temp\catchme.sys -- (catchme)
DRV - [2013.12.18 09:03:39 | 000,135,648 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2013.12.18 09:03:39 | 000,090,400 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2013.11.28 08:04:38 | 000,037,352 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2013.08.06 16:57:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.01.19 21:00:38 | 000,717,296 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2008.04.13 19:45:29 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2007.09.17 14:06:20 | 000,028,672 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CO_Mon.sys -- (CO_Mon)
DRV - [2007.01.23 23:11:19 | 000,108,768 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ACEDRV08.sys -- (ACEDRV08)
DRV - [2005.09.12 11:10:18 | 000,019,840 | ---- | M] (Compro Technology, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PhTVTune.sys -- (PhTVTune)
DRV - [2004.08.04 07:38:58 | 000,701,952 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2003.03.25 17:50:46 | 000,004,096 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\siside.sys -- (SiSide)
DRV - [2002.11.04 15:29:42 | 000,422,976 | ---- | M] (Philips Semiconductors) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Cap7134.sys -- (Cap7134)
DRV - [2002.10.31 11:58:42 | 000,030,848 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\SISAGPX.SYS -- (SISAGP)
DRV - [2002.10.28 07:38:06 | 000,947,884 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM)
DRV - [2002.07.10 16:39:34 | 000,032,256 | ---- | M] (SiS Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sisnic.sys -- (SISNIC)
DRV - [2002.07.01 15:10:40 | 000,638,366 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctxs51.sys -- (Intels51)
DRV - [2002.04.19 10:15:46 | 000,013,780 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc)
DRV - [2002.04.17 20:27:02 | 000,011,264 | ---- | M] (VOB Computersysteme GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\asapiW2k.sys -- (asapiW2k)
DRV - [2002.03.20 17:38:20 | 000,019,140 | ---- | M] (America Online) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\atwpkt.sys -- (ATWPKT)
DRV - [2001.11.14 18:07:42 | 000,010,761 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\x10uif.sys -- (X10UIF)
DRV - [2001.08.17 14:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401)
DRV - [2000.11.08 09:47:38 | 000,027,484 | R--- | M] (DeTeWe Berlin) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ulisa.sys -- (ulisa)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 7A CA 1D 9B 98 03 CE 01 [binary data]
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {136AF01C-A5C2-4E25-AA78-D749E2BDD82D}
IE - HKCU\..\SearchScopes\{136AF01C-A5C2-4E25-AA78-D749E2BDD82D}: "URL" = http://www.google.de/search?q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.defaultenginename: "Search Results"
FF - prefs.js..browser.search.order.1: "Search Results"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.startup.homepage: "http://www.google.de/"
FF - prefs.js..extensions.enabledAddons: %7Bf34c9277-6577-4dff-b2d7-7d58092f272f%7D:1.0.0.12
FF - prefs.js..extensions.enabledAddons: exif_viewer%40mozilla.doslash.org:2.00
FF - prefs.js..extensions.enabledAddons: fdm_ffext%40freedownloadmanager.org:1.5.7.6
FF - prefs.js..extensions.enabledAddons: %7B1FD91A9C-410C-4090-BBCC-55D3450EF433%7D:1.0
FF - prefs.js..extensions.enabledAddons: %7B11483926-db67-4190-91b1-ef20fcec5f33%7D:0.4.7.1
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0
FF - prefs.js..extensions.enabledItems: {11483926-db67-4190-91b1-ef20fcec5f33}:0.4.2
FF - prefs.js..extensions.enabledItems: exif_viewer@mozilla.doslash.org:1.82
FF - prefs.js..extensions.enabledItems: {1FD91A9C-410C-4090-BBCC-55D3450EF433}:1.0
FF - prefs.js..extensions.enabledItems: {f34c9277-6577-4dff-b2d7-7d58092f272f}:1.0.0.12
FF - prefs.js..keyword.URL: "http://dts.search-results.com/sr?src=ffb&gct=ds&appid=342&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&apn_uid=3105995475244225&o=APN10645&q="
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Programme\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll File not found


[2012.11.23 22:42:49 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\ilse\Anwendungsdaten\Mozilla\Extensions
[2013.11.24 01:53:23 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\ilse\Anwendungsdaten\Mozilla\Firefox\Profiles\ykm7b32h.default\extensions
[2012.11.23 22:42:02 | 000,000,000 | ---D | M] (Search-Results Toolbar) -- C:\Dokumente und Einstellungen\ilse\Anwendungsdaten\Mozilla\Firefox\Profiles\ykm7b32h.default\extensions\{f34c9277-6577-4dff-b2d7-7d58092f272f}
[2013.01.11 23:49:29 | 000,000,000 | ---D | M] (Free Download Manager plugin) -- C:\Dokumente und Einstellungen\ilse\Anwendungsdaten\Mozilla\Firefox\Profiles\ykm7b32h.default\extensions\fdm_ffext@freedownloadmanager.org
[2013.01.06 02:18:56 | 000,230,013 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\ilse\Anwendungsdaten\Mozilla\Firefox\Profiles\ykm7b32h.default\extensions\exif_viewer@mozilla.doslash.org.xpi
[2013.11.09 22:23:07 | 000,078,359 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\ilse\Anwendungsdaten\Mozilla\Firefox\Profiles\ykm7b32h.default\extensions\{11483926-db67-4190-91b1-ef20fcec5f33}.xpi
[2012.11.23 22:41:12 | 000,002,687 | ---- | M] () -- C:\Dokumente und Einstellungen\ilse\Anwendungsdaten\Mozilla\Firefox\Profiles\ykm7b32h.default\searchplugins\Search_Results.xml
[2013.12.03 21:31:45 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
File not found (No name found) -- C:\PROGRAMME\SEARCH RESULTS TOOLBAR\DATAMNGR\FIREFOXEXTENSION
[2007.12.04 22:21:36 | 000,364,544 | ---- | M] (Microsoft Corporation (written by Digital Renaissance Inc.)) -- C:\Programme\mozilla firefox\plugins\npdsplay.dll
[2012.11.23 22:41:12 | 000,002,687 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\Search_Results.xml

[color=#E56717]========== Chrome ==========[/color]

CHR - homepage: http://www.searchnu.com/406
CHR - default_search_provider: Search Results (Enabled)
CHR - default_search_provider: search_url = http://dts.search-results.com/sr?src=crb&gct=ds&appid=342&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&o=APN10645&apn_uid=3105995475244225&q={searchTerms}
CHR - default_search_provider: suggest_url =
CHR - homepage: http://www.searchnu.com/406
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Programme\Google\Chrome\Application\24.0.1312.56\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Programme\Google\Chrome\Application\24.0.1312.56\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Programme\Google\Chrome\Application\24.0.1312.56\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Programme\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Programme\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: QuickTime Plug-in 6.5.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 6.5.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 6.5.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 6.5.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 6.5.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 6.5.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 6.5.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programme\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programme\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Programme\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Programme\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin

Hosts file not found
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found.
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Dit] C:\WINDOWS\Dit.exe ()
O4 - HKLM..\Run: [FreePDF Assistant] C:\Programme\FreePDF_XP\fpassist.exe (shbox.de)
O4 - HKLM..\Run: [Microsoft Works Update Detection] C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkUFind.exe (Microsoft® Corporation)
O4 - HKLM..\Run: [PCMService] C:\Programme\Medion Home CinemaXL\PowerCinema\PCMService.exe ()
O4 - HKLM..\Run: [PSDrvCheck] C:\WINDOWS\system32\PSDrvCheck.exe ()
O4 - HKLM..\Run: [VOBRegCheck] C:\WINDOWS\System32\VOBREGCheck.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: ImTranslator - C:\Programme\Smart Link\ImTranslator for IE\startup.html ()
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000 File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O15 - HKCU\..Trusted Domains: ([]msn in My Computer)
O15 - HKCU\..Trusted Domains: abnehmen-mit-genuss.de ([www] https in Vertrauenswürdige Sites)
O15 - HKCU\..Trusted Domains: ekartenwelt.de ([www] https in Vertrauenswürdige Sites)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Programme\Yahoo!\Common\Yinsthelper200711281.dll (Installation Support)
O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1265552139703 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1363168635453 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)
O16 - DPF: Microsoft XML Parser for Java Reg Error: Value error. (Reg Error: Key error.)
O16 - DPF: Yahoo! Chat http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/c381/chat.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AA602B3B-3FD7-4E05-ADB2-CFA7FB4D6F19}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\livecall - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim - No CLSID value found
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\ilse\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\ilse\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2003.02.05 08:31:27 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2014.01.07 17:28:29 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\ilse\Desktop\OTL.exe
[2014.01.07 11:33:09 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\ilse\Recent
[2014.01.04 18:51:13 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\ilse\UserData
[2014.01.04 18:02:01 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\ilse\Cookies
[2014.01.03 19:54:02 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\ilse\Lokale Einstellungen\Anwendungsdaten\SearchProtect
[2014.01.03 00:19:50 | 000,642,632 | ---- | C] (EFD Software ) -- C:\Dokumente und Einstellungen\ilse\Eigene Dateien\hdtune_255.exe
[2013.12.31 14:59:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\Downloaded Program Files
[2013.12.30 23:45:08 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\ilse\Eigene Dateien\Eigene Videos
[2013.12.27 19:57:37 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\ilse\Anwendungsdaten\DriverCure
[2013.12.27 19:57:35 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\ilse\Anwendungsdaten\ParetoLogic
[2013.12.27 19:57:01 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\ilse\Startmenü\Programme\ParetoLogic
[2013.12.27 19:56:36 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\ParetoLogic
[2013.12.27 19:56:24 | 000,000,000 | ---D | C] -- C:\Programme\ParetoLogic
[2013.12.27 19:56:24 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ParetoLogic
[2013.12.27 19:35:53 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\ilse\Desktop\reinigen
[2013.12.27 14:37:10 | 001,734,994 | ---- | C] (7Byte Computers ) -- C:\Dokumente und Einstellungen\ilse\Eigene Dateien\hotcpu.exe
[2013.12.23 19:25:39 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Avira
[2013.12.23 14:58:45 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\ilse\Lokale Einstellungen\Anwendungsdaten\DriverTuner
[2013.12.23 14:57:52 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\DriverTuner
[2013.12.23 14:57:46 | 000,000,000 | ---D | C] -- C:\Programme\DriverTuner
[2013.12.23 14:56:28 | 002,816,072 | ---- | C] (LionSea SoftWare ) -- C:\Dokumente und Einstellungen\ilse\Eigene Dateien\setup.exe
[2013.12.23 14:51:50 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DriverGenius
[2013.12.23 14:48:10 | 011,360,472 | ---- | C] (Driver-Soft Inc. ) -- C:\Dokumente und Einstellungen\ilse\Eigene Dateien\Driver_Genius_Professional_DE_PPC_Content.exe
[2013.12.18 10:37:47 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\ilse\Anwendungsdaten\Steinberg
[2013.12.18 10:15:45 | 000,000,000 | ---D | C] -- C:\Programme\VOB
[2013.12.17 05:25:33 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Google Earth
[2007.10.25 05:28:20 | 000,266,240 | ---- | C] (Pando) -- C:\Programme\Uninstall Pando Toolbar.dll
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2014.01.07 19:11:00 | 000,000,416 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{70D49D3E-CE23-4300-A3CC-B345903512E9}.job
[2014.01.07 19:07:00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2014.01.07 18:00:23 | 000,000,450 | ---- | M] () -- C:\WINDOWS\tasks\ParetoLogic Registration3.job
[2014.01.07 17:28:32 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\ilse\Desktop\OTL.exe
[2014.01.07 11:40:15 | 000,001,082 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014.01.07 11:40:08 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014.01.07 11:40:06 | 536,399,872 | -HS- | M] () -- C:\hiberfil.sys
[2014.01.05 01:18:45 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2014.01.03 22:31:34 | 000,000,281 | RHS- | M] () -- C:\boot.ini
[2014.01.03 07:38:05 | 000,000,340 | ---- | M] () -- C:\WINDOWS\tasks\PC Health Advisor.job
[2014.01.03 00:20:11 | 000,642,632 | ---- | M] (EFD Software ) -- C:\Dokumente und Einstellungen\ilse\Eigene Dateien\hdtune_255.exe
[2014.01.02 00:42:05 | 000,000,424 | ---- | M] () -- C:\WINDOWS\tasks\ParetoLogic Update Version3.job
[2013.12.31 01:57:19 | 000,000,675 | ---- | M] () -- C:\WINDOWS\Clean! presets.set
[2013.12.27 20:26:32 | 000,000,055 | ---- | M] () -- C:\0.bak
[2013.12.27 19:57:01 | 000,000,830 | ---- | M] () -- C:\Dokumente und Einstellungen\ilse\Desktop\ParetoLogic PC Health Advisor.lnk
[2013.12.27 19:56:59 | 000,000,358 | ---- | M] () -- C:\WINDOWS\tasks\PC Health Advisor Defrag.job
[2013.12.27 14:37:44 | 001,734,994 | ---- | M] (7Byte Computers ) -- C:\Dokumente und Einstellungen\ilse\Eigene Dateien\hotcpu.exe
[2013.12.24 12:00:14 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\Msft_User_WpdMtpDr_01_00_00.Wdf
[2013.12.23 19:25:39 | 000,001,675 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Avira Control Center.lnk
[2013.12.23 17:08:03 | 000,000,694 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\DriverTuner.lnk
[2013.12.23 16:05:03 | 002,816,072 | ---- | M] (LionSea SoftWare ) -- C:\Dokumente und Einstellungen\ilse\Eigene Dateien\setup.exe
[2013.12.23 14:49:53 | 011,360,472 | ---- | M] (Driver-Soft Inc. ) -- C:\Dokumente und Einstellungen\ilse\Eigene Dateien\Driver_Genius_Professional_DE_PPC_Content.exe
[2013.12.20 15:51:27 | 000,002,486 | ---- | M] () -- C:\WINDOWS\System32\ASOROSet.bin
[2013.12.19 19:39:48 | 000,000,073 | ---- | M] () -- C:\Dokumente und Einstellungen\ilse\default.pls
[2013.12.18 10:22:57 | 000,487,496 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013.12.18 09:03:39 | 000,135,648 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2013.12.18 09:03:39 | 000,090,400 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2013.12.17 05:25:34 | 000,001,891 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Google Earth.lnk
[2013.12.13 01:59:11 | 000,001,941 | ---- | M] () -- C:\Dokumente und Einstellungen\ilse\Desktop\Windows Live Mail.lnk
[2013.12.12 23:47:46 | 000,043,520 | ---- | M] () -- C:\Dokumente und Einstellungen\ilse\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.12.11 13:03:32 | 000,600,962 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2013.12.11 13:03:32 | 000,560,128 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013.12.11 13:03:32 | 000,147,458 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2013.12.11 13:03:32 | 000,121,934 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2014.01.07 11:40:06 | 536,399,872 | -HS- | C] () -- C:\hiberfil.sys
[2013.12.27 20:26:27 | 000,000,055 | ---- | C] () -- C:\0.bak
[2013.12.27 19:58:28 | 000,000,450 | ---- | C] () -- C:\WINDOWS\tasks\ParetoLogic Registration3.job
[2013.12.27 19:57:00 | 000,000,830 | ---- | C] () -- C:\Dokumente und Einstellungen\ilse\Desktop\ParetoLogic PC Health Advisor.lnk
[2013.12.27 19:56:59 | 000,000,424 | ---- | C] () -- C:\WINDOWS\tasks\ParetoLogic Update Version3.job
[2013.12.27 19:56:58 | 000,000,358 | ---- | C] () -- C:\WINDOWS\tasks\PC Health Advisor Defrag.job
[2013.12.27 19:56:57 | 000,000,340 | ---- | C] () -- C:\WINDOWS\tasks\PC Health Advisor.job
[2013.12.23 17:08:03 | 000,000,694 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\DriverTuner.lnk
[2013.12.20 15:36:38 | 000,002,486 | ---- | C] () -- C:\WINDOWS\System32\ASOROSet.bin
[2013.12.18 10:55:00 | 000,000,675 | ---- | C] () -- C:\WINDOWS\Clean! presets.set
[2013.12.18 10:15:45 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\IWUninstall.exe
[2013.12.18 10:14:55 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\PSDrvCheck.NLD
[2013.12.18 10:14:55 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\PSDrvCheck.NL
[2013.12.18 10:14:55 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\PSDrvCheck.ITA
[2013.12.18 10:14:55 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\PSDrvCheck.IT
[2013.12.18 10:14:55 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\PSDrvCheck.FRA
[2013.12.18 10:14:55 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\PSDrvCheck.FR
[2013.12.18 10:14:55 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\PSDrvCheck.DEU
[2013.12.18 10:14:55 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\PSDrvCheck.DE
[2013.12.18 10:14:55 | 000,026,112 | ---- | C] () -- C:\WINDOWS\System32\PSDrvCheck.CHT
[2013.12.18 10:14:55 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\PSDrvCheck.KOR
[2013.12.18 10:14:55 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\PSDrvCheck.ESP
[2013.12.18 10:14:55 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\PSDrvCheck.ES
[2013.12.18 10:14:55 | 000,016,384 | ---- | C] () -- C:\WINDOWS\System32\PSDrvCheck.CHS
[2013.12.18 10:14:54 | 000,396,800 | ---- | C] () -- C:\WINDOWS\System32\PSDrvCheck.exe
[2013.12.18 10:13:56 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\Cpuinf32.dll
[2013.12.17 05:25:34 | 000,001,891 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Google Earth.lnk
[2013.12.13 01:59:11 | 000,001,941 | ---- | C] () -- C:\Dokumente und Einstellungen\ilse\Desktop\Windows Live Mail.lnk
[2012.02.16 09:11:30 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012.01.25 22:33:46 | 000,010,593 | ---- | C] () -- C:\WINDOWS\CSTBox.INI
[2008.09.25 16:57:53 | 000,003,486 | ---- | C] () -- C:\Dokumente und Einstellungen\ilse\.recently-used.xbel
[2007.10.21 15:30:29 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\ilse\.gtk-bookmarks
[2007.10.21 15:25:06 | 000,352,995 | ---- | C] () -- C:\Dokumente und Einstellungen\ilse\.fonts.cache-1
[2006.08.27 17:15:07 | 000,192,506 | ---- | C] () -- C:\Dokumente und Einstellungen\ilse\~
[2006.07.07 17:06:51 | 000,120,286 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\firstlsp.reg.dat
[2006.04.24 16:59:44 | 000,000,073 | ---- | C] () -- C:\Dokumente und Einstellungen\ilse\default.pls
[2006.02.19 07:06:47 | 000,000,305 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\addr_file.html
[2003.06.01 20:58:58 | 000,043,520 | ---- | C] () -- C:\Dokumente und Einstellungen\ilse\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2003.03.28 11:42:18 | 000,000,137 | ---- | C] () -- C:\Dokumente und Einstellungen\ilse\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2003.02.05 08:38:52 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\System32\shdocvw.dll -- [2008.04.14 03:22:25 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\System32\wbem\fastprox.dll -- [2009.02.09 11:51:44 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\System32\wbem\wbemess.dll -- [2008.04.14 03:22:32 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[color=#E56717]========== LOP Check ==========[/color]

[2010.03.13 00:21:33 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Age of Empires 3
[2004.10.07 14:37:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Autodesk
[2012.11.23 22:41:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\boost_interprocess
[2013.12.23 14:52:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DriverGenius
[2007.09.23 10:48:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Grisoft
[2009.01.19 20:24:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MAGIX
[2013.12.27 19:56:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ParetoLogic
[2010.04.06 15:54:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PC Drivers HeadQuarters
[2009.12.27 02:27:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PixelPlanet
[2013.12.05 14:43:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ScanSoft
[2007.11.23 11:35:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Sync App Settings
[2010.04.06 15:49:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TuneUp Software
[2004.09.04 13:14:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\UDL
[2006.10.27 23:44:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Ulead Systems
[2006.03.31 03:03:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Viewpoint
[2007.09.14 08:13:33 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\WEB.DE
[2010.04.03 01:07:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\WinZip
[2011.08.27 15:57:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{3C0AACBF-B491-4BE5-BAF9-AA46E0629E42}
[2012.04.15 00:29:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\ilse\Anwendungsdaten\Absoon
[2010.01.29 20:33:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\ilse\Anwendungsdaten\Acronis
[2005.11.21 17:15:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\ilse\Anwendungsdaten\Alien Skin
[2005.03.09 22:48:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\ilse\Anwendungsdaten\AquaSoft
[2004.10.05 19:15:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\ilse\Anwendungsdaten\Autodesk
[2009.02.28 12:46:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\ilse\Anwendungsdaten\Canon
[2012.04.20 15:41:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\ilse\Anwendungsdaten\Dae
[2009.01.19 22:05:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\ilse\Anwendungsdaten\DemoPlugin
[2009.01.19 22:05:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\ilse\Anwendungsdaten\DiashowManager
[2013.12.27 19:57:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\ilse\Anwendungsdaten\DriverCure
[2013.12.03 01:17:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\ilse\Anwendungsdaten\Eusing
[2009.03.06 20:27:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\ilse\Anwendungsdaten\FreshDiagnose
[2008.02.14 01:07:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\ilse\Anwendungsdaten\GMX
[2007.09.23 10:49:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\ilse\Anwendungsdaten\Grisoft
[2008.09.25 17:02:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\ilse\Anwendungsdaten\gtk-2.0
[2003.02.05 09:15:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\ilse\Anwendungsdaten\InterTrust
[2003.06.24 14:32:21 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\ilse\Anwendungsdaten\Jasc
[2007.06.24 19:12:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\ilse\Anwendungsdaten\Leadertech
[2009.01.19 12:48:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\ilse\Anwendungsdaten\MAGIX
[2009.09.22 22:41:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\ilse\Anwendungsdaten\NewSoft
[2013.12.05 01:33:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\ilse\Anwendungsdaten\Nico Mak Computing
[2013.12.27 19:57:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\ilse\Anwendungsdaten\ParetoLogic
[2009.12.27 02:27:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\ilse\Anwendungsdaten\PixelPlanet
[2013.12.18 10:37:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\ilse\Anwendungsdaten\Steinberg
[2007.11.23 11:37:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\ilse\Anwendungsdaten\Sync App Settings
[2014.01.03 20:05:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\ilse\Anwendungsdaten\Systweak
[2009.11.05 14:20:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\ilse\Anwendungsdaten\Thunderbird
[2006.08.22 13:35:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\ilse\Anwendungsdaten\TuneUp Software
[2007.02.15 22:20:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\ilse\Anwendungsdaten\uk.co.planetside
[2005.10.09 12:22:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\ilse\Anwendungsdaten\Ulead Systems
[2007.11.02 12:52:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\ilse\Anwendungsdaten\Ultra Fractal 4
[2013.12.04 02:54:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\ilse\Anwendungsdaten\Ultra Fractal 5
[2007.09.14 08:13:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\ilse\Anwendungsdaten\WEB.DE
[2005.10.15 23:39:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\ilse\Anwendungsdaten\WEBDE

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]

[color=#A23BEC]< OTL logfile created on: 07.01.2014 18:19:25 - Run 1 >[/color]
[2003.02.05 08:31:20 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2003.02.05 16:23:20 | 000,000,065 | RH-- | C] () -- C:\WINDOWS\Tasks\desktop.ini
[2010.09.09 16:59:58 | 000,001,082 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2013.01.11 23:26:57 | 000,000,884 | ---- | C] () -- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
[2013.09.28 12:01:58 | 000,000,416 | -H-- | C] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{70D49D3E-CE23-4300-A3CC-B345903512E9}.job
[2013.12.27 19:56:57 | 000,000,340 | ---- | C] () -- C:\WINDOWS\Tasks\PC Health Advisor.job
[2013.12.27 19:56:58 | 000,000,358 | ---- | C] () -- C:\WINDOWS\Tasks\PC Health Advisor Defrag.job
[2013.12.27 19:56:59 | 000,000,424 | ---- | C] () -- C:\WINDOWS\Tasks\ParetoLogic Update Version3.job
[2013.12.27 19:58:28 | 000,000,450 | ---- | C] () -- C:\WINDOWS\Tasks\ParetoLogic Registration3.job

[color=#A23BEC]< OTL by OldTimer - Version 3.2.69.0 Folder = C:\Dokumente und Einstellungen\ilse\Desktop >[/color]

[color=#A23BEC]< Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation >[/color]

[color=#A23BEC]< Internet Explorer (Version = 8.0.6001.18702) >[/color]

[color=#A23BEC]< Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< 511,48 Mb Total Physical Memory | 334,05 Mb Available Physical Memory | 65,31% Memory free >[/color]

[color=#A23BEC]< 1,25 Gb Paging File | 0,78 Gb Available in Paging File | 62,43% Paging File free >[/color]

[color=#A23BEC]< Paging file location(s): C:\pagefile.sys 800 800 [binary data] >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme >[/color]

[color=#A23BEC]< Drive C: | 74,53 Gb Total Space | 29,76 Gb Free Space | 39,94% Space Free | Partition Type: NTFS >[/color]

[color=#A23BEC]< Drive D: | 65,73 Gb Total Space | 37,35 Gb Free Space | 56,81% Space Free | Partition Type: NTFS >[/color]

[color=#A23BEC]< Drive E: | 8,78 Gb Total Space | 5,57 Gb Free Space | 63,49% Space Free | Partition Type: FAT32 >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< Computer Name: ILSES | User Name: ilse | Logged in as Administrator. >[/color]

[color=#A23BEC]< Boot Mode: Normal | Scan Mode: Current user >[/color]

[color=#A23BEC]< Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< [color=#E56717]========== Processes (SafeList) ==========[/color] >[/color]
Invalid Switch: color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< PRC - [2014.01.07 17:28:32 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\ilse\Desktop\OTL.exe >[/color]

[color=#A23BEC]< PRC - [2013.12.18 09:03:37 | 000,440,376 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe >[/color]

[color=#A23BEC]< PRC - [2013.12.18 09:03:23 | 001,011,768 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe >[/color]

[color=#A23BEC]< PRC - [2013.12.18 09:03:22 | 000,431,672 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe >[/color]

[color=#A23BEC]< PRC - [2013.12.18 09:03:08 | 000,684,600 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe >[/color]

[color=#A23BEC]< PRC - [2013.12.09 11:37:19 | 000,896,056 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avmailc.exe >[/color]

[color=#A23BEC]< PRC - [2013.12.04 23:14:30 | 000,223,112 | ---- | M] (Google Inc.) -- C:\Programme\Google\Update\1.3.22.3\GoogleCrashHandler.exe >[/color]

[color=#A23BEC]< PRC - [2013.11.28 08:04:16 | 000,440,376 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe >[/color]

[color=#A23BEC]< PRC - [2008.04.14 03:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe >[/color]

[color=#A23BEC]< PRC - [2007.06.05 12:20:32 | 000,177,704 | ---- | M] () -- C:\WINDOWS\system32\PSIService.exe >[/color]

[color=#A23BEC]< PRC - [2005.05.27 11:24:52 | 000,310,272 | ---- | M] (shbox.de) -- C:\Programme\FreePDF_XP\fpassist.exe >[/color]

[color=#A23BEC]< PRC - [2003.06.19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe >[/color]

[color=#A23BEC]< PRC - [2003.03.01 18:57:34 | 000,057,344 | ---- | M] () -- C:\Programme\Medion Home CinemaXL\PowerCinema\PCMService.exe >[/color]

[color=#A23BEC]< PRC - [2002.08.28 13:43:26 | 000,073,728 | ---- | M] () -- C:\WINDOWS\Dit.exe >[/color]

[color=#A23BEC]< PRC - [2002.07.24 18:43:46 | 000,028,672 | ---- | M] (Microsoft® Corporation) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkUFind.exe >[/color]

[color=#A23BEC]< PRC - [2002.07.12 10:29:24 | 000,065,536 | ---- | M] () -- C:\WINDOWS\DitExp.exe >[/color]

[color=#A23BEC]< PRC - [2001.11.12 13:31:48 | 000,020,480 | ---- | M] (X10) -- C:\Programme\Common Files\X10\Common\X10nets.exe >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< [color=#E56717]========== Modules (No Company Name) ==========[/color] >[/color]
Invalid Switch: color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< MOD - [2013.12.09 11:37:21 | 000,394,808 | ---- | M] () -- C:\Programme\Avira\AntiVir Desktop\sqlite3.dll >[/color]

[color=#A23BEC]< MOD - [2007.06.05 12:20:32 | 000,177,704 | ---- | M] () -- C:\WINDOWS\system32\PSIService.exe >[/color]

[color=#A23BEC]< MOD - [2005.01.06 18:33:30 | 000,116,224 | ---- | M] () -- C:\WINDOWS\system32\redmonnt.dll >[/color]

[color=#A23BEC]< MOD - [2003.03.01 18:57:34 | 000,057,344 | ---- | M] () -- C:\Programme\Medion Home CinemaXL\PowerCinema\PCMService.exe >[/color]

[color=#A23BEC]< MOD - [2002.08.28 13:43:26 | 000,073,728 | ---- | M] () -- C:\WINDOWS\Dit.exe >[/color]

[color=#A23BEC]< MOD - [2002.07.12 10:29:24 | 000,065,536 | ---- | M] () -- C:\WINDOWS\DitExp.exe >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< [color=#E56717]========== Services (SafeList) ==========[/color] >[/color]
Invalid Switch: color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< SRV - File not found [On_Demand | Stopped] -- %SystemRoot%\System32\appmgmts.dll -- (AppMgmt) >[/color]

[color=#A23BEC]< SRV - [2013.12.18 09:03:37 | 000,440,376 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService) >[/color]

[color=#A23BEC]< SRV - [2013.12.18 09:03:23 | 001,011,768 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe -- (AntiVirWebService) >[/color]

[color=#A23BEC]< SRV - [2013.12.11 13:07:31 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) >[/color]

[color=#A23BEC]< SRV - [2013.12.09 11:37:19 | 000,896,056 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avmailc.exe -- (AntiVirMailService) >[/color]

[color=#A23BEC]< SRV - [2013.11.28 08:04:16 | 000,440,376 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService) >[/color]

[color=#A23BEC]< SRV - [2007.06.05 12:20:32 | 000,177,704 | ---- | M] () [Auto | Start_Pending] -- C:\WINDOWS\system32\PSIService.exe -- (ProtexisLicensing) >[/color]

[color=#A23BEC]< SRV - [2005.11.17 14:18:52 | 001,527,900 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Programme\MAGIX\Common\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance) >[/color]

[color=#A23BEC]< SRV - [2005.04.04 00:41:10 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT) >[/color]

[color=#A23BEC]< SRV - [2003.07.28 12:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose) >[/color]

[color=#A23BEC]< SRV - [2003.06.19 23:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe -- (MDM) >[/color]

[color=#A23BEC]< SRV - [2002.08.29 13:00:00 | 000,010,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\doskey.exe -- (Catcaudserp) >[/color]

[color=#A23BEC]< SRV - [2001.11.12 13:31:48 | 000,020,480 | ---- | M] (X10) [On_Demand | Running] -- C:\Programme\Common Files\X10\Common\X10nets.exe -- (x10nets) >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< [color=#E56717]========== Driver Services (SafeList) ==========[/color] >[/color]
Invalid Switch: color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA) >[/color]

[color=#A23BEC]< DRV - File not found [Kernel | On_Demand | Stopped] -- System32\DRIVERS\wanatw4.sys -- (wanatw) >[/color]

[color=#A23BEC]< DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME) >[/color]

[color=#A23BEC]< DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI) >[/color]

[color=#A23BEC]< DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME) >[/color]

[color=#A23BEC]< DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP) >[/color]

[color=#A23BEC]< DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump) >[/color]

[color=#A23BEC]< DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc) >[/color]

[color=#A23BEC]< DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt) >[/color]

[color=#A23BEC]< DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Programme\FreshDevices\FreshDiagnose\FreshIO.sys -- (FreshIO) >[/color]

[color=#A23BEC]< DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOKUME~1\ilse\LOKALE~1\Temp\cpuz132\cpuz132_x32.sys -- (cpuz132) >[/color]

[color=#A23BEC]< DRV - File not found [Kernel | System | Stopped] -- -- (Changer) >[/color]

[color=#A23BEC]< DRV - File not found [Kernel | On_Demand | Stopped] -- C:\DOKUME~1\ilse\LOKALE~1\Temp\catchme.sys -- (catchme) >[/color]

[color=#A23BEC]< DRV - [2013.12.18 09:03:39 | 000,135,648 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb) >[/color]

[color=#A23BEC]< DRV - [2013.12.18 09:03:39 | 000,090,400 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt) >[/color]

[color=#A23BEC]< DRV - [2013.11.28 08:04:38 | 000,037,352 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr) >[/color]

[color=#A23BEC]< DRV - [2013.08.06 16:57:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv) >[/color]

[color=#A23BEC]< DRV - [2009.01.19 21:00:38 | 000,717,296 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd) >[/color]

[color=#A23BEC]< DRV - [2008.04.13 19:45:29 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum) >[/color]

[color=#A23BEC]< DRV - [2007.09.17 14:06:20 | 000,028,672 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\CO_Mon.sys -- (CO_Mon) >[/color]

[color=#A23BEC]< DRV - [2007.01.23 23:11:19 | 000,108,768 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ACEDRV08.sys -- (ACEDRV08) >[/color]

[color=#A23BEC]< DRV - [2005.09.12 11:10:18 | 000,019,840 | ---- | M] (Compro Technology, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PhTVTune.sys -- (PhTVTune) >[/color]

[color=#A23BEC]< DRV - [2004.08.04 07:38:58 | 000,701,952 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag) >[/color]

[color=#A23BEC]< DRV - [2003.03.25 17:50:46 | 000,004,096 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\siside.sys -- (SiSide) >[/color]

[color=#A23BEC]< DRV - [2002.11.04 15:29:42 | 000,422,976 | ---- | M] (Philips Semiconductors) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Cap7134.sys -- (Cap7134) >[/color]

[color=#A23BEC]< DRV - [2002.10.31 11:58:42 | 000,030,848 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\SISAGPX.SYS -- (SISAGP) >[/color]

[color=#A23BEC]< DRV - [2002.10.28 07:38:06 | 000,947,884 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM) >[/color]

[color=#A23BEC]< DRV - [2002.07.10 16:39:34 | 000,032,256 | ---- | M] (SiS Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sisnic.sys -- (SISNIC) >[/color]

[color=#A23BEC]< DRV - [2002.07.01 15:10:40 | 000,638,366 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctxs51.sys -- (Intels51) >[/color]

[color=#A23BEC]< DRV - [2002.04.19 10:15:46 | 000,013,780 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\pfc.sys -- (pfc) >[/color]

[color=#A23BEC]< DRV - [2002.04.17 20:27:02 | 000,011,264 | ---- | M] (VOB Computersysteme GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\asapiW2k.sys -- (asapiW2k) >[/color]

[color=#A23BEC]< DRV - [2002.03.20 17:38:20 | 000,019,140 | ---- | M] (America Online) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\atwpkt.sys -- (ATWPKT) >[/color]

[color=#A23BEC]< DRV - [2001.11.14 18:07:42 | 000,010,761 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\x10uif.sys -- (X10UIF) >[/color]

[color=#A23BEC]< DRV - [2001.08.17 14:00:04 | 000,002,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\msmpu401.sys -- (ms_mpu401) >[/color]

[color=#A23BEC]< DRV - [2000.11.08 09:47:38 | 000,027,484 | R--- | M] (DeTeWe Berlin) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ulisa.sys -- (ulisa) >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< [color=#E56717]========== Standard Registry (SafeList) ==========[/color] >[/color]
Invalid Switch: color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< [color=#E56717]========== Internet Explorer ==========[/color] >[/color]
Invalid Switch: color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} >[/color]

[color=#A23BEC]< IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/ >[/color]
Invalid Switch:

[color=#A23BEC]< IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://de.msn.com/?ocid=iehp >[/color]
Invalid Switch: ?ocid=iehp

[color=#A23BEC]< IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de >[/color]

[color=#A23BEC]< IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 7A CA 1D 9B 98 03 CE 01 [binary data] >[/color]

[color=#A23BEC]< IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found >[/color]

[color=#A23BEC]< IE - HKCU\..\SearchScopes,DefaultScope = {136AF01C-A5C2-4E25-AA78-D749E2BDD82D} >[/color]

[color=#A23BEC]< IE - HKCU\..\SearchScopes\{136AF01C-A5C2-4E25-AA78-D749E2BDD82D}: "URL" = http://www.google.de/search?q={searchTerms} >[/color]

[color=#A23BEC]< IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< [color=#E56717]========== FireFox ==========[/color] >[/color]
Invalid Switch: color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< FF - prefs.js..browser.search.defaultenginename: "Search Results" >[/color]

[color=#A23BEC]< FF - prefs.js..browser.search.order.1: "Search Results" >[/color]

[color=#A23BEC]< FF - prefs.js..browser.search.selectedEngine: "Google" >[/color]

[color=#A23BEC]< FF - prefs.js..browser.search.suggest.enabled: false >[/color]

[color=#A23BEC]< FF - prefs.js..browser.startup.homepage: "http://www.google.de/" >[/color]

[color=#A23BEC]< FF - prefs.js..extensions.enabledAddons: %7Bf34c9277-6577-4dff-b2d7-7d58092f272f%7D:1.0.0.12 >[/color]

[color=#A23BEC]< FF - prefs.js..extensions.enabledAddons: exif_viewer%40mozilla.doslash.org:2.00 >[/color]

[color=#A23BEC]< FF - prefs.js..extensions.enabledAddons: fdm_ffext%40freedownloadmanager.org:1.5.7.6 >[/color]

[color=#A23BEC]< FF - prefs.js..extensions.enabledAddons: %7B1FD91A9C-410C-4090-BBCC-55D3450EF433%7D:1.0 >[/color]

[color=#A23BEC]< FF - prefs.js..extensions.enabledAddons: %7B11483926-db67-4190-91b1-ef20fcec5f33%7D:0.4.7.1 >[/color]

[color=#A23BEC]< FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0 >[/color]

[color=#A23BEC]< FF - prefs.js..extensions.enabledItems: {11483926-db67-4190-91b1-ef20fcec5f33}:0.4.2 >[/color]

[color=#A23BEC]< FF - prefs.js..extensions.enabledItems: exif_viewer@mozilla.doslash.org:1.82 >[/color]

[color=#A23BEC]< FF - prefs.js..extensions.enabledItems: {1FD91A9C-410C-4090-BBCC-55D3450EF433}:1.0 >[/color]

[color=#A23BEC]< FF - prefs.js..extensions.enabledItems: {f34c9277-6577-4dff-b2d7-7d58092f272f}:1.0.0.12 >[/color]

[color=#A23BEC]< FF - prefs.js..keyword.URL: "http://dts.search-results.com/sr?src=ffb&gct=ds&appid=342&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&apn_uid=3105995475244225&o=APN10645&q=" >[/color]

[color=#A23BEC]< FF - user.js - File not found >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll () >[/color]
Invalid Switch: FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()

[color=#A23BEC]< FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google) >[/color]
Invalid Switch: GoogleEarthPlugin: C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google)

[color=#A23BEC]< FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Programme\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) >[/color]
Invalid Switch: OfficeLive,version=1.5: C:\Programme\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)

[color=#A23BEC]< FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) >[/color]
Invalid Switch: WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

[color=#A23BEC]< FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) >[/color]
Invalid Switch: Google Update;version=3: C:\Programme\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)

[color=#A23BEC]< FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.) >[/color]
Invalid Switch: Google Update;version=9: C:\Programme\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)

[color=#A23BEC]< FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) >[/color]

[color=#A23BEC]< FF - HKCU\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll File not found >[/color]
Invalid Switch: FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll File not found

[color=#A23BEC]< >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< [2012.11.23 22:42:49 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\ilse\Anwendungsdaten\Mozilla\Extensions >[/color]

[color=#A23BEC]< [2013.11.24 01:53:23 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\ilse\Anwendungsdaten\Mozilla\Firefox\Profiles\ykm7b32h.default\extensions >[/color]

[color=#A23BEC]< [2012.11.23 22:42:02 | 000,000,000 | ---D | M] (Search-Results Toolbar) -- C:\Dokumente und Einstellungen\ilse\Anwendungsdaten\Mozilla\Firefox\Profiles\ykm7b32h.default\extensions\{f34c9277-6577-4dff-b2d7-7d58092f272f} >[/color]

[color=#A23BEC]< [2013.01.11 23:49:29 | 000,000,000 | ---D | M] (Free Download Manager plugin) -- C:\Dokumente und Einstellungen\ilse\Anwendungsdaten\Mozilla\Firefox\Profiles\ykm7b32h.default\extensions\fdm_ffext@freedownloadmanager.org >[/color]

[color=#A23BEC]< [2013.01.06 02:18:56 | 000,230,013 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\ilse\Anwendungsdaten\Mozilla\Firefox\Profiles\ykm7b32h.default\extensions\exif_viewer@mozilla.doslash.org.xpi >[/color]

[color=#A23BEC]< [2013.11.09 22:23:07 | 000,078,359 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\ilse\Anwendungsdaten\Mozilla\Firefox\Profiles\ykm7b32h.default\extensions\{11483926-db67-4190-91b1-ef20fcec5f33}.xpi >[/color]

[color=#A23BEC]< [2012.11.23 22:41:12 | 000,002,687 | ---- | M] () -- C:\Dokumente und Einstellungen\ilse\Anwendungsdaten\Mozilla\Firefox\Profiles\ykm7b32h.default\searchplugins\Search_Results.xml >[/color]

[color=#A23BEC]< [2013.12.03 21:31:45 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions >[/color]

[color=#A23BEC]< File not found (No name found) -- C:\PROGRAMME\SEARCH RESULTS TOOLBAR\DATAMNGR\FIREFOXEXTENSION >[/color]

[color=#A23BEC]< [2007.12.04 22:21:36 | 000,364,544 | ---- | M] (Microsoft Corporation (written by Digital Renaissance Inc.)) -- C:\Programme\mozilla firefox\plugins\npdsplay.dll >[/color]

[color=#A23BEC]< [2012.11.23 22:41:12 | 000,002,687 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\Search_Results.xml >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< [color=#E56717]========== Chrome ==========[/color] >[/color]
Invalid Switch: color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< CHR - homepage: http://www.searchnu.com/406 >[/color]

[color=#A23BEC]< CHR - default_search_provider: Search Results (Enabled) >[/color]

[color=#A23BEC]< CHR - default_search_provider: search_url = http://dts.search-results.com/sr?src=crb&gct=ds&appid=342&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&o=APN10645&apn_uid=3105995475244225&q={searchTerms} >[/color]
Invalid Switch: sr?src=crb&gct=ds&appid=342&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&o=APN10645&apn_uid=3105995475244225&q={searchTerms}

[color=#A23BEC]< CHR - default_search_provider: suggest_url = >[/color]

[color=#A23BEC]< CHR - homepage: http://www.searchnu.com/406 >[/color]

[color=#A23BEC]< CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer >[/color]

[color=#A23BEC]< CHR - plugin: Native Client (Enabled) = C:\Programme\Google\Chrome\Application\24.0.1312.56\ppGoogleNaClPluginChrome.dll >[/color]

[color=#A23BEC]< CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Programme\Google\Chrome\Application\24.0.1312.56\pdf.dll >[/color]

[color=#A23BEC]< CHR - plugin: Shockwave Flash (Enabled) = C:\Programme\Google\Chrome\Application\24.0.1312.56\gcswf32.dll >[/color]

[color=#A23BEC]< CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll >[/color]

[color=#A23BEC]< CHR - plugin: Adobe Acrobat (Enabled) = C:\Programme\Adobe\Reader 8.0\Reader\Browser\nppdf32.dll >[/color]

[color=#A23BEC]< CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Programme\Mozilla Firefox\plugins\np-mswmp.dll >[/color]

[color=#A23BEC]< CHR - plugin: QuickTime Plug-in 6.5.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin.dll >[/color]

[color=#A23BEC]< CHR - plugin: QuickTime Plug-in 6.5.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin2.dll >[/color]

[color=#A23BEC]< CHR - plugin: QuickTime Plug-in 6.5.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin3.dll >[/color]

[color=#A23BEC]< CHR - plugin: QuickTime Plug-in 6.5.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin4.dll >[/color]

[color=#A23BEC]< CHR - plugin: QuickTime Plug-in 6.5.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin5.dll >[/color]

[color=#A23BEC]< CHR - plugin: QuickTime Plug-in 6.5.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin6.dll >[/color]

[color=#A23BEC]< CHR - plugin: QuickTime Plug-in 6.5.1 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npqtplugin7.dll >[/color]

[color=#A23BEC]< CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programme\Windows Media Player\npdrmv2.dll >[/color]

[color=#A23BEC]< CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Programme\Windows Media Player\npwmsdrm.dll >[/color]

[color=#A23BEC]< CHR - plugin: Google Earth Plugin (Enabled) = C:\Programme\Google\Google Earth\plugin\npgeplugin.dll >[/color]

[color=#A23BEC]< CHR - plugin: Google Update (Enabled) = C:\Programme\Google\Update\1.3.21.79\npGoogleUpdate3.dll >[/color]

[color=#A23BEC]< CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll >[/color]

[color=#A23BEC]< CHR - plugin: Default Plug-in (Enabled) = default_plugin >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< Hosts file not found >[/color]

[color=#A23BEC]< O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) >[/color]

[color=#A23BEC]< O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. >[/color]

[color=#A23BEC]< O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) >[/color]

[color=#A23BEC]< O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found. >[/color]

[color=#A23BEC]< O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found. >[/color]

[color=#A23BEC]< O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) >[/color]

[color=#A23BEC]< O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) >[/color]

[color=#A23BEC]< O4 - HKLM..\Run: [Dit] C:\WINDOWS\Dit.exe () >[/color]

[color=#A23BEC]< O4 - HKLM..\Run: [FreePDF Assistant] C:\Programme\FreePDF_XP\fpassist.exe (shbox.de) >[/color]

[color=#A23BEC]< O4 - HKLM..\Run: [Microsoft Works Update Detection] C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkUFind.exe (Microsoft® Corporation) >[/color]

[color=#A23BEC]< O4 - HKLM..\Run: [PCMService] C:\Programme\Medion Home CinemaXL\PowerCinema\PCMService.exe () >[/color]

[color=#A23BEC]< O4 - HKLM..\Run: [PSDrvCheck] C:\WINDOWS\system32\PSDrvCheck.exe () >[/color]

[color=#A23BEC]< O4 - HKLM..\Run: [VOBRegCheck] C:\WINDOWS\System32\VOBREGCheck.exe () >[/color]

[color=#A23BEC]< O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 0 >[/color]

[color=#A23BEC]< O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0 >[/color]

[color=#A23BEC]< O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 >[/color]

[color=#A23BEC]< O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 >[/color]

[color=#A23BEC]< O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 >[/color]

[color=#E56717]========== Drive Information ==========[/color]

Physical Drives
---------------

Drive: \\\\.\\PHYSICALDRIVE0 - Fixed\thard disk media
Interface type: IDE
Media Type: Fixed\thard disk media
Model: ST3160021A
Partitions: 3
Status: OK
Status Info: 0

Drive: \\\\.\\PHYSICALDRIVE1 -
Interface type: USB
Media Type:
Model: Medion Flash XL CF USB Device
Partitions: 0
Status: OK
Status Info: 0

Drive: \\\\.\\PHYSICALDRIVE2 -
Interface type: USB
Media Type:
Model: Medion Flash XL MS USB Device
Partitions: 0
Status: OK
Status Info: 0

Drive: \\\\.\\PHYSICALDRIVE3 -
Interface type: USB
Media Type:
Model: Medion Flash XL MMC/SD USB Device
Partitions: 0
Status: OK
Status Info: 0

Drive: \\\\.\\PHYSICALDRIVE4 -
Interface type: USB
Media Type:
Model: Medion Flash XL SM USB Device
Partitions: 0
Status: OK
Status Info: 0

Partitions
---------------

DeviceID: Disk #0, Partition #0
PartitionType: Installable File System
Bootable: True
BootPartition: True
PrimaryPartition: True
Size: 75,00GB
Starting Offset: 32256
Hidden sectors: 0


DeviceID: Disk #0, Partition #1
PartitionType: Extended w/Extended Int 13
Bootable: False
BootPartition: False
PrimaryPartition: False
Size: 75,00GB
Starting Offset: 80023749120
Hidden sectors: 0


[color=#A23BEC]< O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present >[/color]

[color=#A23BEC]< O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 >[/color]

[color=#A23BEC]< O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 1 >[/color]

[color=#A23BEC]< O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 >[/color]

[color=#E56717]========== Drive Information ==========[/color]

Physical Drives
---------------

Drive: \\\\.\\PHYSICALDRIVE0 - Fixed\thard disk media
Interface type: IDE
Media Type: Fixed\thard disk media
Model: ST3160021A
Partitions: 3
Status: OK
Status Info: 0

Drive: \\\\.\\PHYSICALDRIVE1 -
Interface type: USB
Media Type:
Model: Medion Flash XL CF USB Device
Partitions: 0
Status: OK
Status Info: 0

Drive: \\\\.\\PHYSICALDRIVE2 -
Interface type: USB
Media Type:
Model: Medion Flash XL MS USB Device
Partitions: 0
Status: OK
Status Info: 0

Drive: \\\\.\\PHYSICALDRIVE3 -
Interface type: USB
Media Type:
Model: Medion Flash XL MMC/SD USB Device
Partitions: 0
Status: OK
Status Info: 0

Drive: \\\\.\\PHYSICALDRIVE4 -
Interface type: USB
Media Type:
Model: Medion Flash XL SM USB Device
Partitions: 0
Status: OK
Status Info: 0

Partitions
---------------

DeviceID: Disk #0, Partition #0
PartitionType: Installable File System
Bootable: True
BootPartition: True
PrimaryPartition: True
Size: 75,00GB
Starting Offset: 32256
Hidden sectors: 0


DeviceID: Disk #0, Partition #1
PartitionType: Extended w/Extended Int 13
Bootable: False
BootPartition: False
PrimaryPartition: False
Size: 75,00GB
Starting Offset: 80023749120
Hidden sectors: 0


[color=#A23BEC]< O8 - Extra context menu item: ImTranslator - C:\Programme\Smart Link\ImTranslator for IE\startup.html () >[/color]

[color=#A23BEC]< O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000 File not found >[/color]
Invalid Switch: 3000 File not found

[color=#A23BEC]< O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) >[/color]

[color=#A23BEC]< O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) >[/color]

[color=#A23BEC]< O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) >[/color]

[color=#A23BEC]< O15 - HKCU\..Trusted Domains: ([]msn in My Computer) >[/color]

[color=#A23BEC]< O15 - HKCU\..Trusted Domains: abnehmen-mit-genuss.de ([www] https in Vertrauenswürdige Sites) >[/color]

[color=#A23BEC]< O15 - HKCU\..Trusted Domains: ekartenwelt.de ([www] https in Vertrauenswürdige Sites) >[/color]

[color=#A23BEC]< O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Programme\Yahoo!\Common\Yinsthelper200711281.dll (Installation Support) >[/color]

[color=#A23BEC]< O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} Reg Error: Value error. (Reg Error: Key error.) >[/color]

[color=#A23BEC]< O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1265552139703 (WUWebControl Class) >[/color]
Invalid Switch: wuweb_site.cab?1265552139703 (WUWebControl Class)

[color=#A23BEC]< O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1363168635453 (MUWebControl Class) >[/color]
Invalid Switch: muweb_site.cab?1363168635453 (MUWebControl Class)

[color=#A23BEC]< O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Reg Error: Value error.) >[/color]
Invalid Switch: jinstall-1_7_0_09-windows-i586.cab (Reg Error: Value error.)

[color=#A23BEC]< O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.) >[/color]
Invalid Switch: ultrashim.cab (Reg Error: Key error.)

[color=#A23BEC]< O16 - DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Reg Error: Key error.) >[/color]
Invalid Switch: jinstall-1_7_0_09-windows-i586.cab (Reg Error: Key error.)

[color=#A23BEC]< O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Reg Error: Key error.) >[/color]
Invalid Switch: jinstall-1_7_0_09-windows-i586.cab (Reg Error: Key error.)

[color=#A23BEC]< O16 - DPF: DirectAnimation Java Classes file://C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.) >[/color]
Invalid Switch: C:\WINDOWS\Java\classes\dajava.cab (Reg Error: Key error.)

[color=#A23BEC]< O16 - DPF: Microsoft XML Parser for Java Reg Error: Value error. (Reg Error: Key error.) >[/color]

[color=#A23BEC]< O16 - DPF: Yahoo! Chat http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/c381/chat.cab (Reg Error: Key error.) >[/color]
Invalid Switch: chat.cab (Reg Error: Key error.)

[color=#A23BEC]< O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 >[/color]

[color=#A23BEC]< O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AA602B3B-3FD7-4E05-ADB2-CFA7FB4D6F19}: DhcpNameServer = 192.168.2.1 >[/color]

[color=#A23BEC]< O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) >[/color]

[color=#A23BEC]< O18 - Protocol\Handler\livecall - No CLSID value found >[/color]

[color=#A23BEC]< O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) >[/color]

[color=#A23BEC]< O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) >[/color]

[color=#A23BEC]< O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation) >[/color]

[color=#A23BEC]< O18 - Protocol\Handler\msnim - No CLSID value found >[/color]

[color=#A23BEC]< O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation) >[/color]

[color=#A23BEC]< O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) >[/color]

[color=#A23BEC]< O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation) >[/color]

[color=#A23BEC]< O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home >[/color]

[color=#A23BEC]< O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\ilse\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp >[/color]

[color=#A23BEC]< O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\ilse\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp >[/color]

[color=#A23BEC]< O32 - HKLM CDRom: AutoRun - 1 >[/color]

[color=#A23BEC]< O32 - AutoRun File - [2003.02.05 08:31:27 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] >[/color]

[color=#A23BEC]< O34 - HKLM BootExecute: (autocheck autochk *) >[/color]

[color=#A23BEC]< O35 - HKLM\..comfile [open] -- "%1" %* >[/color]

[color=#A23BEC]< O35 - HKLM\..exefile [open] -- "%1" %* >[/color]

[color=#A23BEC]< O37 - HKLM\...com [@ = ComFile] -- "%1" %* >[/color]

[color=#A23BEC]< O37 - HKLM\...exe [@ = exefile] -- "%1" %* >[/color]

[color=#A23BEC]< O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) >[/color]

[color=#A23BEC]< O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color] >[/color]
Invalid Switch: color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< [2014.01.07 17:28:29 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\ilse\Desktop\OTL.exe >[/color]

[color=#A23BEC]< [2014.01.07 11:33:09 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\ilse\Recent >[/color]

[color=#A23BEC]< [2014.01.04 18:51:13 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\ilse\UserData >[/color]

[color=#A23BEC]< [2014.01.04 18:02:01 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\ilse\Cookies >[/color]

[color=#A23BEC]< [2014.01.03 19:54:02 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\ilse\Lokale Einstellungen\Anwendungsdaten\SearchProtect >[/color]

[color=#A23BEC]< [2014.01.03 00:19:50 | 000,642,632 | ---- | C] (EFD Software ) -- C:\Dokumente und Einstellungen\ilse\Eigene Dateien\hdtune_255.exe >[/color]

[color=#A23BEC]< [2013.12.31 14:59:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\Downloaded Program Files >[/color]

[color=#A23BEC]< [2013.12.30 23:45:08 | 000,000,000 | R--D | C] -- C:\Dokumente und Einstellungen\ilse\Eigene Dateien\Eigene Videos >[/color]

[color=#A23BEC]< [2013.12.27 19:57:37 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\ilse\Anwendungsdaten\DriverCure >[/color]

[color=#A23BEC]< [2013.12.27 19:57:35 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\ilse\Anwendungsdaten\ParetoLogic >[/color]

[color=#A23BEC]< [2013.12.27 19:57:01 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\ilse\Startmenü\Programme\ParetoLogic >[/color]

[color=#A23BEC]< [2013.12.27 19:56:36 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\ParetoLogic >[/color]

[color=#A23BEC]< [2013.12.27 19:56:24 | 000,000,000 | ---D | C] -- C:\Programme\ParetoLogic >[/color]

[color=#A23BEC]< [2013.12.27 19:56:24 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ParetoLogic >[/color]

[color=#A23BEC]< [2013.12.27 19:35:53 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\ilse\Desktop\reinigen >[/color]

[color=#A23BEC]< [2013.12.27 14:37:10 | 001,734,994 | ---- | C] (7Byte Computers ) -- C:\Dokumente und Einstellungen\ilse\Eigene Dateien\hotcpu.exe >[/color]

[color=#A23BEC]< [2013.12.24 10:28:47 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidserv.dll >[/color]

[color=#A23BEC]< [2013.12.24 10:28:42 | 000,010,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hidusb.sys >[/color]

[color=#A23BEC]< [2013.12.23 19:25:39 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Avira >[/color]

[color=#A23BEC]< [2013.12.23 17:23:44 | 000,004,096 | ---- | C] (Silicon Integrated Systems Corp.) -- C:\WINDOWS\System32\drivers\siside.sys >[/color]

[color=#A23BEC]< [2013.12.23 14:58:45 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\ilse\Lokale Einstellungen\Anwendungsdaten\DriverTuner >[/color]

[color=#A23BEC]< [2013.12.23 14:57:52 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\DriverTuner >[/color]

[color=#A23BEC]< [2013.12.23 14:57:46 | 000,000,000 | ---D | C] -- C:\Programme\DriverTuner >[/color]

[color=#A23BEC]< [2013.12.23 14:56:28 | 002,816,072 | ---- | C] (LionSea SoftWare ) -- C:\Dokumente und Einstellungen\ilse\Eigene Dateien\setup.exe >[/color]

[color=#A23BEC]< [2013.12.23 14:51:50 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DriverGenius >[/color]

[color=#A23BEC]< [2013.12.23 14:48:10 | 011,360,472 | ---- | C] (Driver-Soft Inc. ) -- C:\Dokumente und Einstellungen\ilse\Eigene Dateien\Driver_Genius_Professional_DE_PPC_Content.exe >[/color]

[color=#A23BEC]< [2013.12.18 10:37:47 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\ilse\Anwendungsdaten\Steinberg >[/color]

[color=#A23BEC]< [2013.12.18 10:15:45 | 000,000,000 | ---D | C] -- C:\Programme\VOB >[/color]

[color=#A23BEC]< [2013.12.18 10:13:57 | 001,441,792 | ---- | C] (Intel Corp.) -- C:\WINDOWS\System32\nspw7.dll >[/color]

[color=#A23BEC]< [2013.12.18 10:13:56 | 001,429,504 | ---- | C] (Intel Corp.) -- C:\WINDOWS\System32\nspa6.dll >[/color]

[color=#A23BEC]< [2013.12.18 10:13:56 | 001,404,928 | ---- | C] (Intel Corp.) -- C:\WINDOWS\System32\nspm6.dll >[/color]

[color=#A23BEC]< [2013.12.18 10:13:56 | 001,335,296 | ---- | C] (Intel Corp.) -- C:\WINDOWS\System32\nspm5.dll >[/color]

[color=#A23BEC]< [2013.12.18 10:13:56 | 001,318,912 | ---- | C] (Intel Corp.) -- C:\WINDOWS\System32\nspp6.dll >[/color]

[color=#A23BEC]< [2013.12.18 10:13:56 | 001,306,624 | ---- | C] (Intel Corp.) -- C:\WINDOWS\System32\nsppx.dll >[/color]

[color=#A23BEC]< [2013.12.18 10:13:56 | 000,114,688 | ---- | C] (Intel Corp.) -- C:\WINDOWS\System32\nsp.dll >[/color]

[color=#A23BEC]< [2013.12.17 05:25:33 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Google Earth >[/color]

[color=#A23BEC]< [2007.10.25 05:28:20 | 000,266,240 | ---- | C] (Pando) -- C:\Programme\Uninstall Pando Toolbar.dll >[/color]

[color=#A23BEC]< [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] >[/color]

[color=#A23BEC]< [3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< [color=#E56717]========== Files - Modified Within 30 Days ==========[/color] >[/color]
Invalid Switch: color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< [2014.01.07 18:46:00 | 000,000,416 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{70D49D3E-CE23-4300-A3CC-B345903512E9}.job >[/color]

[color=#A23BEC]< [2014.01.07 18:07:11 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job >[/color]

[color=#A23BEC]< [2014.01.07 18:00:23 | 000,000,450 | ---- | M] () -- C:\WINDOWS\tasks\ParetoLogic Registration3.job >[/color]

[color=#A23BEC]< [2014.01.07 17:28:32 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\ilse\Desktop\OTL.exe >[/color]

[color=#A23BEC]< [2014.01.07 11:40:15 | 000,001,082 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job >[/color]

[color=#A23BEC]< [2014.01.07 11:40:08 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat >[/color]

[color=#A23BEC]< [2014.01.07 11:40:06 | 536,399,872 | -HS- | M] () -- C:\hiberfil.sys >[/color]

[color=#A23BEC]< [2014.01.05 01:18:45 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl >[/color]

[color=#A23BEC]< [2014.01.03 22:31:34 | 000,000,281 | RHS- | M] () -- C:\boot.ini >[/color]

[color=#A23BEC]< [2014.01.03 07:38:05 | 000,000,340 | ---- | M] () -- C:\WINDOWS\tasks\PC Health Advisor.job >[/color]

[color=#A23BEC]< [2014.01.03 00:20:11 | 000,642,632 | ---- | M] (EFD Software ) -- C:\Dokumente und Einstellungen\ilse\Eigene Dateien\hdtune_255.exe >[/color]

[color=#A23BEC]< [2014.01.02 00:42:05 | 000,000,424 | ---- | M] () -- C:\WINDOWS\tasks\ParetoLogic Update Version3.job >[/color]

[color=#A23BEC]< [2013.12.31 01:57:19 | 000,000,675 | ---- | M] () -- C:\WINDOWS\Clean! presets.set >[/color]

[color=#A23BEC]< [2013.12.27 20:26:32 | 000,000,055 | ---- | M] () -- C:\0.bak >[/color]

[color=#A23BEC]< [2013.12.27 19:57:01 | 000,000,830 | ---- | M] () -- C:\Dokumente und Einstellungen\ilse\Desktop\ParetoLogic PC Health Advisor.lnk >[/color]

[color=#A23BEC]< [2013.12.27 19:56:59 | 000,000,358 | ---- | M] () -- C:\WINDOWS\tasks\PC Health Advisor Defrag.job >[/color]

[color=#A23BEC]< [2013.12.27 14:37:44 | 001,734,994 | ---- | M] (7Byte Computers ) -- C:\Dokumente und Einstellungen\ilse\Eigene Dateien\hotcpu.exe >[/color]

[color=#A23BEC]< [2013.12.24 12:00:14 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\Msft_User_WpdMtpDr_01_00_00.Wdf >[/color]

[color=#A23BEC]< [2013.12.23 19:25:39 | 000,001,675 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Avira Control Center.lnk >[/color]

[color=#A23BEC]< [2013.12.23 17:08:03 | 000,000,694 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\DriverTuner.lnk >[/color]

[color=#A23BEC]< [2013.12.23 16:05:03 | 002,816,072 | ---- | M] (LionSea SoftWare ) -- C:\Dokumente und Einstellungen\ilse\Eigene Dateien\setup.exe >[/color]

[color=#A23BEC]< [2013.12.23 14:49:53 | 011,360,472 | ---- | M] (Driver-Soft Inc. ) -- C:\Dokumente und Einstellungen\ilse\Eigene Dateien\Driver_Genius_Professional_DE_PPC_Content.exe >[/color]

[color=#A23BEC]< [2013.12.20 15:51:27 | 000,002,486 | ---- | M] () -- C:\WINDOWS\System32\ASOROSet.bin >[/color]

[color=#A23BEC]< [2013.12.19 19:39:48 | 000,000,073 | ---- | M] () -- C:\Dokumente und Einstellungen\ilse\default.pls >[/color]

[color=#A23BEC]< [2013.12.18 10:22:57 | 000,487,496 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT >[/color]

[color=#A23BEC]< [2013.12.18 09:03:39 | 000,135,648 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avipbb.sys >[/color]

[color=#A23BEC]< [2013.12.18 09:03:39 | 000,090,400 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\WINDOWS\System32\drivers\avgntflt.sys >[/color]

[color=#A23BEC]< [2013.12.17 05:25:34 | 000,001,891 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Google Earth.lnk >[/color]

[color=#A23BEC]< [2013.12.13 01:59:11 | 000,001,941 | ---- | M] () -- C:\Dokumente und Einstellungen\ilse\Desktop\Windows Live Mail.lnk >[/color]

[color=#A23BEC]< [2013.12.12 23:47:46 | 000,043,520 | ---- | M] () -- C:\Dokumente und Einstellungen\ilse\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini >[/color]

[color=#A23BEC]< [2013.12.11 13:07:31 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe >[/color]

[color=#A23BEC]< [2013.12.11 13:07:31 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl >[/color]

[color=#A23BEC]< [2013.12.11 13:03:32 | 000,600,962 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat >[/color]

[color=#A23BEC]< [2013.12.11 13:03:32 | 000,560,128 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat >[/color]

[color=#A23BEC]< [2013.12.11 13:03:32 | 000,147,458 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat >[/color]

[color=#A23BEC]< [2013.12.11 13:03:32 | 000,121,934 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat >[/color]

[color=#A23BEC]< [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] >[/color]

[color=#A23BEC]< [3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< [color=#E56717]========== Files Created - No Company Name ==========[/color] >[/color]
Invalid Switch: color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< [2014.01.07 11:40:06 | 536,399,872 | -HS- | C] () -- C:\hiberfil.sys >[/color]

[color=#A23BEC]< [2013.12.27 20:26:27 | 000,000,055 | ---- | C] () -- C:\0.bak >[/color]

[color=#A23BEC]< [2013.12.27 19:58:28 | 000,000,450 | ---- | C] () -- C:\WINDOWS\tasks\ParetoLogic Registration3.job >[/color]

[color=#A23BEC]< [2013.12.27 19:57:00 | 000,000,830 | ---- | C] () -- C:\Dokumente und Einstellungen\ilse\Desktop\ParetoLogic PC Health Advisor.lnk >[/color]

[color=#A23BEC]< [2013.12.27 19:56:59 | 000,000,424 | ---- | C] () -- C:\WINDOWS\tasks\ParetoLogic Update Version3.job >[/color]

[color=#A23BEC]< [2013.12.27 19:56:58 | 000,000,358 | ---- | C] () -- C:\WINDOWS\tasks\PC Health Advisor Defrag.job >[/color]

[color=#A23BEC]< [2013.12.27 19:56:57 | 000,000,340 | ---- | C] () -- C:\WINDOWS\tasks\PC Health Advisor.job >[/color]

[color=#A23BEC]< [2013.12.23 17:08:03 | 000,000,694 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\DriverTuner.lnk >[/color]

[color=#A23BEC]< [2013.12.20 15:36:38 | 000,002,486 | ---- | C] () -- C:\WINDOWS\System32\ASOROSet.bin >[/color]

[color=#A23BEC]< [2013.12.18 10:55:00 | 000,000,675 | ---- | C] () -- C:\WINDOWS\Clean! presets.set >[/color]

[color=#A23BEC]< [2013.12.18 10:15:45 | 000,153,088 | ---- | C] () -- C:\WINDOWS\System32\IWUninstall.exe >[/color]

[color=#A23BEC]< [2013.12.18 10:14:55 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\PSDrvCheck.NLD >[/color]

[color=#A23BEC]< [2013.12.18 10:14:55 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\PSDrvCheck.NL >[/color]

[color=#A23BEC]< [2013.12.18 10:14:55 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\PSDrvCheck.ITA >[/color]

[color=#A23BEC]< [2013.12.18 10:14:55 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\PSDrvCheck.IT >[/color]

[color=#A23BEC]< [2013.12.18 10:14:55 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\PSDrvCheck.FRA >[/color]

[color=#A23BEC]< [2013.12.18 10:14:55 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\PSDrvCheck.FR >[/color]

[color=#A23BEC]< [2013.12.18 10:14:55 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\PSDrvCheck.DEU >[/color]

[color=#A23BEC]< [2013.12.18 10:14:55 | 000,026,624 | ---- | C] () -- C:\WINDOWS\System32\PSDrvCheck.DE >[/color]

[color=#A23BEC]< [2013.12.18 10:14:55 | 000,026,112 | ---- | C] () -- C:\WINDOWS\System32\PSDrvCheck.CHT >[/color]

[color=#A23BEC]< [2013.12.18 10:14:55 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\PSDrvCheck.KOR >[/color]

[color=#A23BEC]< [2013.12.18 10:14:55 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\PSDrvCheck.ESP >[/color]

[color=#A23BEC]< [2013.12.18 10:14:55 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\PSDrvCheck.ES >[/color]

[color=#A23BEC]< [2013.12.18 10:14:55 | 000,016,384 | ---- | C] () -- C:\WINDOWS\System32\PSDrvCheck.CHS >[/color]

[color=#A23BEC]< [2013.12.18 10:14:54 | 000,396,800 | ---- | C] () -- C:\WINDOWS\System32\PSDrvCheck.exe >[/color]

[color=#A23BEC]< [2013.12.18 10:13:56 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\Cpuinf32.dll >[/color]

[color=#A23BEC]< [2013.12.17 05:25:34 | 000,001,891 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Google Earth.lnk >[/color]

[color=#A23BEC]< [2013.12.13 01:59:11 | 000,001,941 | ---- | C] () -- C:\Dokumente und Einstellungen\ilse\Desktop\Windows Live Mail.lnk >[/color]

[color=#A23BEC]< [2012.02.16 09:11:30 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll >[/color]

[color=#A23BEC]< [2012.01.25 22:33:46 | 000,010,593 | ---- | C] () -- C:\WINDOWS\CSTBox.INI >[/color]

[color=#A23BEC]< [2008.09.25 16:57:53 | 000,003,486 | ---- | C] () -- C:\Dokumente und Einstellungen\ilse\.recently-used.xbel >[/color]

[color=#A23BEC]< [2007.10.21 15:30:29 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\ilse\.gtk-bookmarks >[/color]

[color=#A23BEC]< [2007.10.21 15:25:06 | 000,352,995 | ---- | C] () -- C:\Dokumente und Einstellungen\ilse\.fonts.cache-1 >[/color]

[color=#A23BEC]< [2006.08.27 17:15:07 | 000,192,506 | ---- | C] () -- C:\Dokumente und Einstellungen\ilse\~ >[/color]

[color=#A23BEC]< [2006.07.07 17:06:51 | 000,120,286 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\firstlsp.reg.dat >[/color]

[color=#A23BEC]< [2006.04.24 16:59:44 | 000,000,073 | ---- | C] () -- C:\Dokumente und Einstellungen\ilse\default.pls >[/color]

[color=#A23BEC]< [2006.02.19 07:06:47 | 000,000,305 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\addr_file.html >[/color]

[color=#A23BEC]< [2003.06.01 20:58:58 | 000,043,520 | ---- | C] () -- C:\Dokumente und Einstellungen\ilse\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini >[/color]

[color=#A23BEC]< [2003.03.28 11:42:18 | 000,000,137 | ---- | C] () -- C:\Dokumente und Einstellungen\ilse\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< [color=#E56717]========== ZeroAccess Check ==========[/color] >[/color]
Invalid Switch: color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< [2003.02.05 08:38:52 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] >[/color]

[color=#A23BEC]< "" = %SystemRoot%\System32\shdocvw.dll -- [2008.04.14 03:22:25 | 001,499,136 | ---- | M] (Microsoft Corporation) >[/color]

[color=#A23BEC]< "ThreadingModel" = Apartment >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] >[/color]

[color=#A23BEC]< "" = C:\WINDOWS\System32\wbem\fastprox.dll -- [2009.02.09 11:51:44 | 000,473,600 | ---- | M] (Microsoft Corporation) >[/color]

[color=#A23BEC]< "ThreadingModel" = Free >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] >[/color]

[color=#A23BEC]< "" = C:\WINDOWS\System32\wbem\wbemess.dll -- [2008.04.14 03:22:32 | 000,273,920 | ---- | M] (Microsoft Corporation) >[/color]

[color=#A23BEC]< "ThreadingModel" = Both >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< [color=#E56717]========== Files - Unicode (All) ==========[/color] >[/color]
Invalid Switch: color]

[color=#A23BEC]< [2013.11.23 16:34:34 | 105,869,762 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\霆ை囌6 >[/color]

[color=#A23BEC]< [2013.11.23 16:34:34 | 105,869,762 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\霆ை囌6 >[/color]

[color=#A23BEC]< [2013.11.22 16:53:46 | 105,660,331 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\�儔囌6 >[/color]

[color=#A23BEC]< [2013.11.22 16:53:46 | 105,660,331 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\�儔囌6 >[/color]

[color=#A23BEC]< [2013.11.16 17:43:42 | 104,559,818 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\⯯悡囌6 >[/color]

[color=#A23BEC]< [2013.11.16 17:43:42 | 104,559,818 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\⯯悡囌6 >[/color]

[color=#A23BEC]< [2013.11.16 08:55:11 | 104,513,208 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\䊊㋳囌6 >[/color]

[color=#A23BEC]< [2013.11.16 08:55:11 | 104,513,208 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\䊊㋳囌6 >[/color]

[color=#A23BEC]< [2013.11.10 10:59:59 | 103,467,942 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\᜷醲囌6 >[/color]

[color=#A23BEC]< [2013.11.10 10:59:59 | 103,467,942 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\᜷醲囌6 >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< [color=#E56717]========== Alternate Data Streams ==========[/color] >[/color]
Invalid Switch: color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< @Alternate Data Stream - 88 bytes -> C:\WINDOWS\System32\mshtmold.dll:SummaryInformation >[/color]

[color=#A23BEC]< @Alternate Data Stream - 88 bytes -> C:\WINDOWS\System32\comres(3).dll:SummaryInformation >[/color]

[color=#A23BEC]< >[/color]

[color=#A23BEC]< < End of report > >[/color]

[color=#E56717]========== Files - Unicode (All) ==========[/color]
[2013.11.23 16:34:34 | 105,869,762 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\霆ை囌6
[2013.11.23 16:34:34 | 105,869,762 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\霆ை囌6
[2013.11.22 16:53:46 | 105,660,331 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\�儔囌6
[2013.11.22 16:53:46 | 105,660,331 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\�儔囌6
[2013.11.16 17:43:42 | 104,559,818 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\⯯悡囌6
[2013.11.16 17:43:42 | 104,559,818 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\⯯悡囌6
[2013.11.16 08:55:11 | 104,513,208 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\䊊㋳囌6
[2013.11.16 08:55:11 | 104,513,208 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\䊊㋳囌6
[2013.11.10 10:59:59 | 103,467,942 | ---- | M] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\᜷醲囌6
[2013.11.10 10:59:59 | 103,467,942 | ---- | C] ()(C:\WINDOWS\System32\???6) -- C:\WINDOWS\System32\᜷醲囌6

[color=#E56717]========== Alternate Data Streams ==========[/color]

@Alternate Data Stream - 88 bytes -> C:\WINDOWS\System32\mshtmold.dll:SummaryInformation
@Alternate Data Stream - 88 bytes -> C:\WINDOWS\System32\comres(3).dll:SummaryInformation

< End of report >
Seitenanfang Seitenende
08.01.2014, 14:27
Gool
Member
Avatar Gool

Beiträge: 4730
#4 Na ja, da Du offenbar gecrackte Software nutzt ("Eyecandy_4000_Full_with_crack.exe"), nur ein Hinweis:
Der Virenscanner hat in dieser gecrackten Software etwas schadhaftes entdeckt. Kann auch ein Fehlalarm sein, aber man weiß das bei illegalen Softwaredownloads nie. Soweit ich beim Überfliegen aber sehe, ist Dein PC sauber. Ich würde Dir trotzdem empfehlen, den PC komplett neu aufzusetzen, da die Geschwindigkeitsprobleme auch einfach davon kommen können, dass der PC vermutlich etliche Jahre alt ist und noch nie neu installiert wurde.

Meine Empfehlung bei älteren PCs mit Windows XP ist sowieso: kauf Dir nen neuen!
__________
Dies ist eine Signatur! Persönlicher Service: Du kommst aus Berlin? Dann melde Dich per PN bei mir, evtl. können wir einen Termin vereinbaren.
Der Grabsteinschubser
Seitenanfang Seitenende
Um auf dieses Thema zu ANTWORTEN
bitte erst » hier kostenlos registrieren!!

Folgende Themen könnten Dich auch interessieren:
Seite(n): 1