Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
gema-trojaner (100 euro-version) win xp

gema-trojaner (100 euro-version) win xp


Plagegeister aller Art und deren Bekämpfung: gema-trojaner (100 euro-version) win xp

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Seite 2 von 2 1 2
Alt 11.03.2012, 02:59   #16
bullahoch2
 
gema-trojaner (100 euro-version) win xp - Standard

gema-trojaner (100 euro-version) win xp


Code:
ATTFilter
ComboFix 12-03-08.01 - flo 11.03.2012   2:46.2.2 - x86
Microsoft Windows XP Professional  5.1.2600.3.1252.49.1031.18.2039.1335 [GMT 1:00]
ausgeführt von:: d:\downloads\ComboFix.exe
Benutzte Befehlsschalter :: c:\dokumente und einstellungen\flo\Desktop\CFScript.txt
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\dokumente und einstellungen\All Users\Anwendungsdaten\1&1
c:\dokumente und einstellungen\All Users\Anwendungsdaten\1&1\1&1 SmartFax\Settings.xml
c:\dokumente und einstellungen\flo\Anwendungsdaten\1&1
c:\dokumente und einstellungen\flo\Anwendungsdaten\1&1\1&1 SmartFax\Settings.xml
.
.
(((((((((((((((((((((((   Dateien erstellt von 2012-02-11 bis 2012-03-11  ))))))))))))))))))))))))))))))
.
.
2012-03-08 05:22 . 2012-03-08 05:22	--------	d-----w-	c:\programme\MSXML 4.0
2012-03-07 10:21 . 2010-08-23 16:11	617472	-c----w-	c:\windows\system32\dllcache\comctl32.dll
2012-03-07 10:20 . 2010-11-02 15:17	40960	-c----w-	c:\windows\system32\dllcache\ndproxy.sys
2012-03-07 10:16 . 2011-12-19 08:53	449536	-c----w-	c:\windows\system32\dllcache\mshtmled.dll
2012-03-07 10:16 . 2011-12-19 08:53	37888	-c----w-	c:\windows\system32\dllcache\url.dll
2012-03-07 10:16 . 2011-12-19 08:53	532480	-c----w-	c:\windows\system32\dllcache\mstime.dll
2012-03-07 10:15 . 2010-02-12 10:03	293376	------w-	c:\windows\system32\browserchoice.exe
2012-03-07 10:12 . 2011-04-29 19:07	852480	-c----w-	c:\windows\system32\dllcache\vgx.dll
2012-03-07 10:11 . 2011-07-08 14:02	10496	-c----w-	c:\windows\system32\dllcache\ndistapi.sys
2012-03-07 10:11 . 2012-01-11 19:06	3072	-c----w-	c:\windows\system32\dllcache\iacenc.dll
2012-03-07 10:11 . 2012-01-11 19:06	3072	------w-	c:\windows\system32\iacenc.dll
2012-03-07 10:09 . 2010-10-11 14:59	45568	-c----w-	c:\windows\system32\dllcache\wab.exe
2012-03-06 12:31 . 2012-03-06 12:31	--------	d-----w-	c:\dokumente und einstellungen\flo\Anwendungsdaten\Malwarebytes
2012-03-06 12:31 . 2012-03-06 12:31	--------	d-----w-	c:\dokumente und einstellungen\All Users\Anwendungsdaten\Malwarebytes
2012-03-06 12:31 . 2012-03-06 12:31	--------	d-----w-	c:\programme\Malwarebytes' Anti-Malware
2012-03-06 12:31 . 2011-12-10 14:24	20464	----a-w-	c:\windows\system32\drivers\mbam.sys
2012-03-06 11:35 . 2012-03-06 16:28	--------	d-----w-	c:\programme\rkfree
2012-03-06 11:35 . 2012-03-06 11:35	--------	d---a-w-	c:\dokumente und einstellungen\All Users\Anwendungsdaten\rkfree
2012-03-06 04:51 . 2011-07-13 02:55	2237440	----a-r-	C:\OTLPE.exe
2012-03-06 04:48 . 2012-03-06 04:48	--------	d-----w-	C:\_OTL
2012-03-05 23:16 . 2012-03-05 23:16	--------	d-----w-	c:\programme\Gemeinsame Dateien\Java
2012-03-05 23:16 . 2012-03-05 23:16	73728	----a-w-	c:\windows\system32\javacpl.cpl
2012-02-29 09:41 . 2012-02-29 09:41	--------	d-----w-	c:\dokumente und einstellungen\flo\Anwendungsdaten\Nokia Suite
2012-02-29 09:25 . 2012-02-29 09:29	--------	d-----w-	c:\dokumente und einstellungen\flo\Lokale Einstellungen\Anwendungsdaten\Nokia
2012-02-29 09:24 . 2012-02-29 09:41	--------	d-----w-	c:\dokumente und einstellungen\flo\Anwendungsdaten\Nokia
2012-02-29 09:24 . 2012-02-29 09:36	--------	d-----w-	c:\dokumente und einstellungen\All Users\Anwendungsdaten\PC Suite
2012-02-29 09:24 . 2012-02-29 09:40	--------	d-----w-	c:\dokumente und einstellungen\flo\Anwendungsdaten\PC Suite
2012-02-29 09:23 . 2012-02-29 09:24	--------	d-----w-	c:\programme\Gemeinsame Dateien\Nokia
2012-02-29 09:23 . 2012-02-29 09:23	--------	d-----w-	c:\dokumente und einstellungen\All Users\Anwendungsdaten\Nokia
2012-02-28 12:18 . 2012-02-28 12:18	--------	d-----w-	c:\programme\Dropbox
2012-02-28 11:40 . 2008-08-26 08:26	18816	----a-w-	c:\windows\system32\drivers\pccsmcfd.sys
2012-02-28 11:40 . 2012-02-28 11:40	--------	d-----w-	c:\programme\PC Connectivity Solution
2012-02-28 11:40 . 2011-11-01 09:07	8192	----a-w-	c:\windows\system32\drivers\usbser_lowerfltj.sys
2012-02-28 11:40 . 2011-11-01 09:07	8192	----a-w-	c:\windows\system32\drivers\usbser_lowerflt.sys
2012-02-28 11:40 . 2011-11-01 09:07	23168	----a-w-	c:\windows\system32\drivers\ccdcmbo.sys
2012-02-28 11:40 . 2011-11-01 09:07	1461992	----a-w-	c:\windows\system32\wdfcoinstaller01009.dll
2012-02-28 11:40 . 2011-11-01 09:07	18176	----a-w-	c:\windows\system32\drivers\ccdcmb.sys
2012-02-28 11:40 . 2011-11-01 09:07	605696	----a-w-	c:\windows\system32\nmwcdcocls.dll
2012-02-28 11:40 . 2011-11-01 09:07	123904	----a-w-	c:\windows\system32\ccdcmbwu.dll
2012-02-28 11:40 . 2011-11-01 09:07	75264	----a-w-	c:\windows\system32\nmwcdcls.dll
2012-02-28 11:38 . 2008-04-14 02:22	221184	----a-w-	c:\windows\system32\wmpns.dll
2012-02-28 11:37 . 2012-02-29 09:37	--------	d-----w-	c:\windows\system32\drivers\UMDF
2012-02-28 11:35 . 2012-02-29 09:23	--------	d-----w-	c:\programme\Nokia
2012-02-14 11:30 . 2012-02-14 11:30	--------	d-----w-	c:\programme\ESET
2012-02-11 21:45 . 2012-02-11 21:45	715038	----a-w-	c:\windows\unins002.exe
2012-02-11 21:45 . 2011-09-23 13:41	2557440	----a-w-	c:\programme\Mozilla Firefox\plugins\NpFp530.dll
2012-02-11 21:27 . 2011-09-23 13:43	1623552	----a-w-	c:\programme\Mozilla Firefox\plugins\NpFv530.dll
2012-02-11 21:27 . 2012-02-11 21:27	715038	----a-w-	c:\windows\unins001.exe
2012-02-11 21:23 . 2009-09-21 10:00	1447328	----a-w-	c:\programme\Mozilla Firefox\plugins\NpFv522.dll
2012-02-11 21:23 . 2012-02-11 21:23	--------	d-----w-	c:\dokumente und einstellungen\flo\Anwendungsdaten\Flatcast
2012-02-11 21:23 . 2012-02-11 21:23	695578	----a-w-	c:\windows\unins000.exe
2012-02-11 10:29 . 2012-02-11 10:29	--------	d-----w-	c:\programme\Karaoke Anything!
2012-02-11 10:27 . 2012-02-11 10:27	--------	d-----w-	c:\dokumente und einstellungen\All Users\Anwendungsdaten\Sibelius Software
2012-02-11 10:27 . 2012-02-11 10:31	--------	d-----w-	c:\dokumente und einstellungen\flo\Anwendungsdaten\Sibelius Software
2012-02-10 11:59 . 2012-02-10 11:59	--------	d-----w-	c:\programme\Sibelius Software
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-03-05 23:16 . 2011-06-19 21:47	472808	-c--a-w-	c:\windows\system32\deployJava1.dll
2012-03-05 23:01 . 2012-03-05 23:01	883431	----a-w-	C:\_OTL.zip
2012-01-14 15:58 . 2012-01-14 15:58	6656	----a-w-	c:\windows\system32\haspvdd.dll
2012-01-14 15:58 . 2012-01-14 15:58	47616	----a-w-	c:\windows\system32\drivers\Haspnt.sys
2012-01-12 17:20 . 2006-02-28 12:00	1860096	----a-w-	c:\windows\system32\win32k.sys
2012-01-07 12:21 . 2012-01-07 12:21	1122304	---h--w-	c:\windows\system32\wodfamop.dll
2012-01-07 12:19 . 2011-11-23 19:45	414368	----a-w-	c:\windows\system32\FlashPlayerCPLApp.cpl
2011-12-19 08:53 . 2006-02-28 12:00	81920	----a-w-	c:\windows\system32\ieencode.dll
2011-12-19 08:53 . 2006-02-28 12:00	672768	----a-w-	c:\windows\system32\wininet.dll
2011-12-19 08:53 . 2006-02-28 12:00	61952	----a-w-	c:\windows\system32\tdc.ocx
2011-12-19 08:52 . 2006-02-28 12:00	371200	----a-w-	c:\windows\system32\html.iec
2009-05-29 12:02 . 2011-04-02 16:11	818176	----a-w-	c:\programme\Kopie von FL Studio VSTi.dll
2012-02-18 11:08 . 2012-01-12 21:38	134104	----a-w-	c:\programme\mozilla firefox\components\browsercomps.dll
2007-02-21 12:47	31232	--sha-r-	c:\windows\system32\msfDX.dll
2008-03-16 14:30	216064	--sha-r-	c:\windows\system32\nbDX.dll
2010-01-06 23:00	107520	--sha-r-	c:\windows\system32\TAKDSDecoder.dll
.
.
(((((((((((((((((((((((((((((   SnapShot@2012-03-08_12.51.21   )))))))))))))))))))))))))))))))))))))))))
.
+ 2012-03-11 01:36 . 2012-03-11 01:36	16384              c:\windows\Temp\Perflib_Perfdata_888.dat
- 2006-02-28 12:00 . 2012-03-08 09:13	67704              c:\windows\system32\perfc009.dat
+ 2006-02-28 12:00 . 2012-03-11 01:40	67704              c:\windows\system32\perfc009.dat
- 2006-02-28 12:00 . 2012-03-08 09:13	80302              c:\windows\system32\perfc007.dat
+ 2006-02-28 12:00 . 2012-03-11 01:40	80302              c:\windows\system32\perfc007.dat
+ 2012-03-09 09:54 . 2012-03-09 09:54	36864              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\31b65443e56a470d199f293085576e05\System.Web.DynamicData.Design.ni.dll
+ 2012-03-09 09:52 . 2012-03-09 09:52	94208              c:\windows\assembly\NativeImages_v2.0.50727_32\System.ComponentMod#\89dfd3999ad1d72c59243d7b4bf40d5a\System.ComponentModel.DataAnnotations.ni.dll
+ 2012-03-08 22:41 . 2012-03-08 22:41	47104              c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\3aa4296d4aa01fe0533de2c15f818d5f\PresentationFontCache.ni.exe
+ 2012-03-08 22:41 . 2012-03-08 22:41	39424              c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCFFRast#\820acb71782d9cd006800b3ac7e1ca53\PresentationCFFRasterizer.ni.dll
+ 2012-03-09 09:53 . 2012-03-09 09:53	55296              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Vsa\d07f0222f62dbed7898a6e2e909d407a\Microsoft.Vsa.ni.dll
+ 2012-03-08 22:40 . 2012-03-08 22:40	77824              c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2012-03-08 06:09 . 2012-03-08 06:09	77824              c:\windows\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
- 2012-03-08 06:09 . 2012-03-08 06:09	81920              c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2012-03-08 22:40 . 2012-03-08 22:40	81920              c:\windows\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
+ 2012-03-08 22:40 . 2012-03-08 22:40	81920              c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2012-03-08 06:09 . 2012-03-08 06:09	81920              c:\windows\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
- 2012-03-08 06:09 . 2012-03-08 06:09	32768              c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2012-03-08 22:40 . 2012-03-08 22:40	32768              c:\windows\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
+ 2012-03-08 22:40 . 2012-03-08 22:40	12800              c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
- 2012-03-08 06:09 . 2012-03-08 06:09	12800              c:\windows\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
+ 2012-03-08 22:40 . 2012-03-08 22:40	28672              c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
- 2012-03-08 06:09 . 2012-03-08 06:09	28672              c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
+ 2012-03-08 22:40 . 2012-03-08 22:40	77824              c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
- 2012-03-08 06:09 . 2012-03-08 06:09	77824              c:\windows\assembly\GAC_MSIL\Microsoft.Build.Utilities\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Utilities.dll
+ 2012-03-08 22:40 . 2012-03-08 22:40	36864              c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2012-03-08 06:09 . 2012-03-08 06:09	36864              c:\windows\assembly\GAC_MSIL\Microsoft.Build.Framework\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Framework.dll
- 2012-03-08 06:09 . 2012-03-08 06:09	77824              c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
+ 2012-03-08 22:40 . 2012-03-08 22:40	77824              c:\windows\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
+ 2012-03-08 22:40 . 2012-03-08 22:40	13312              c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
- 2012-03-08 06:09 . 2012-03-08 06:09	13312              c:\windows\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
+ 2012-03-08 22:40 . 2012-03-08 22:40	10752              c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
- 2012-03-08 06:09 . 2012-03-08 06:09	10752              c:\windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
+ 2012-03-08 22:40 . 2012-03-08 22:40	72192              c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
- 2012-03-08 06:09 . 2012-03-08 06:09	72192              c:\windows\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
+ 2012-03-08 22:40 . 2012-03-08 22:40	69120              c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2012-03-08 06:09 . 2012-03-08 06:09	69120              c:\windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
- 2012-03-08 06:09 . 2012-03-08 06:09	8192              c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
+ 2012-03-08 22:40 . 2012-03-08 22:40	8192              c:\windows\WinSxS\MSIL_IEExecRemote_b03f5f7f11d50a3a_2.0.0.0_x-ww_6e57c34e\IEExecRemote.dll
- 2012-03-08 06:09 . 2012-03-08 06:09	7168              c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2012-03-08 22:40 . 2012-03-08 22:40	7168              c:\windows\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
+ 2012-03-08 22:40 . 2012-03-08 22:40	5632              c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2012-03-08 06:09 . 2012-03-08 06:09	5632              c:\windows\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
- 2012-03-08 06:09 . 2012-03-08 06:09	6656              c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
+ 2012-03-08 22:40 . 2012-03-08 22:40	6656              c:\windows\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
- 2012-03-08 06:09 . 2012-03-08 06:09	8192              c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2012-03-08 22:40 . 2012-03-08 22:40	8192              c:\windows\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
+ 2012-03-08 22:40 . 2012-03-08 22:40	113664              c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
- 2012-03-08 06:09 . 2012-03-08 06:09	113664              c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.Wrapper.dll
+ 2012-03-08 22:40 . 2012-03-08 22:40	258048              c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
- 2012-03-08 06:09 . 2012-03-08 06:09	258048              c:\windows\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_2.0.0.0_x-ww_7d5f3790\System.EnterpriseServices.dll
- 2006-02-28 12:00 . 2012-03-08 09:13	433130              c:\windows\system32\perfh009.dat
+ 2006-02-28 12:00 . 2012-03-11 01:40	433130              c:\windows\system32\perfh009.dat
- 2006-02-28 12:00 . 2012-03-08 09:13	449334              c:\windows\system32\perfh007.dat
+ 2006-02-28 12:00 . 2012-03-11 01:40	449334              c:\windows\system32\perfh007.dat
+ 2008-11-25 03:59 . 2008-11-25 03:59	486400              c:\windows\Microsoft.Net\Framework\v2.0.50727\System.Data.OracleClient.dll
- 2008-07-25 10:17 . 2008-07-25 10:17	486400              c:\windows\Microsoft.Net\Framework\v2.0.50727\System.Data.OracleClient.dll
+ 2008-12-13 08:58 . 2008-12-13 08:58	754688              c:\windows\Installer\1b691c.msp
+ 2009-03-20 10:48 . 2009-03-20 10:48	183808              c:\windows\Installer\1b6900.msp
+ 2012-03-09 09:52 . 2012-03-09 09:52	321536              c:\windows\assembly\NativeImages_v2.0.50727_32\WsatConfig\edc5691acfb65ac37f49de2ec497083a\WsatConfig.ni.exe
+ 2012-03-08 22:43 . 2012-03-08 22:43	240128              c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsFormsIntegra#\4ad8369d6a60765d7e9b43cdf9023f41\WindowsFormsIntegration.ni.dll
+ 2012-03-08 22:43 . 2012-03-08 22:43	447488              c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClient\68f4157e570c77df653057c0583395bd\UIAutomationClient.ni.dll
+ 2012-03-09 09:54 . 2012-03-09 09:54	400896              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\c2a12bd4056b44f8005a7eb3af161e6a\System.Xml.Linq.ni.dll
+ 2012-03-09 09:54 . 2012-03-09 09:54	129536              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Routing\fc63b434b2f253cd27625487f7b02ac0\System.Web.Routing.ni.dll
+ 2012-03-09 09:54 . 2012-03-09 09:54	202240              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\67877f896b2b0e42286e838fe307f3fd\System.Web.RegularExpressions.ni.dll
+ 2012-03-09 09:54 . 2012-03-09 09:54	859648              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\86650d4fb220f94f25bb5da42a03d454\System.Web.Extensions.Design.ni.dll
+ 2012-03-09 09:54 . 2012-03-09 09:54	328704              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity\654465871e547e131668874de7c60b8c\System.Web.Entity.ni.dll
+ 2012-03-09 09:54 . 2012-03-09 09:54	301056              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Entity.D#\f0d6895f6e709d425cb5da6053c603d2\System.Web.Entity.Design.ni.dll
+ 2012-03-09 09:54 . 2012-03-09 09:54	547328              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.DynamicD#\3f3b7dc7208e302e39a2dfb5b2cb953b\System.Web.DynamicData.ni.dll
+ 2012-03-09 09:54 . 2012-03-09 09:54	141312              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Abstract#\e9cddd213343f15d611b14620d649bb0\System.Web.Abstractions.ni.dll
+ 2012-03-09 09:53 . 2012-03-09 09:53	627200              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\f25d114cb629d1f512f98883c6535a75\System.Transactions.ni.dll
+ 2012-03-09 09:53 . 2012-03-09 09:53	212992              c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\11dcb806c92f55111f5fa9f1a90e3bdd\System.ServiceProcess.ni.dll
+ 2012-03-09 09:52 . 2012-03-09 09:52	679936              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\5fb9981f4147b537b53be9d58bf4e9b4\System.Security.ni.dll
+ 2012-03-09 09:53 . 2012-03-09 09:53	311296              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\1335dd98ce5ce22ad1f51cc274ca5a1d\System.Runtime.Serialization.Formatters.Soap.ni.dll
+ 2012-03-09 09:53 . 2012-03-09 09:53	621056              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Net\a4b2b1ee81acd843970d9a81b281f1c1\System.Net.ni.dll
+ 2012-03-09 09:53 . 2012-03-09 09:53	998400              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\a2a14380e8c9149d5b212d0100ef588a\System.Management.ni.dll
+ 2012-03-09 09:53 . 2012-03-09 09:53	330752              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Management.I#\e3436edde657a5111d39d5b2eecf9715\System.Management.Instrumentation.ni.dll
+ 2012-03-09 09:51 . 2012-03-09 09:51	381440              c:\windows\assembly\NativeImages_v2.0.50727_32\System.IO.Log\974ded7dd3bca225a1b90de778846c78\System.IO.Log.ni.dll
+ 2012-03-09 09:52 . 2012-03-09 09:52	212992              c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityMode#\01eba24390736a59c39becd825b5756e\System.IdentityModel.Selectors.ni.dll
+ 2012-03-09 09:53 . 2012-03-09 09:53	280064              c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\c0d15fb6308587fef8744d568e64bcda\System.EnterpriseServices.Wrapper.dll
+ 2012-03-09 09:53 . 2012-03-09 09:53	627712              c:\windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\c0d15fb6308587fef8744d568e64bcda\System.EnterpriseServices.ni.dll
+ 2012-03-08 22:43 . 2012-03-08 22:43	208384              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing.Desi#\e9ae7ae6d1e9edc7aaf819889cd1c692\System.Drawing.Design.ni.dll
+ 2012-03-09 09:53 . 2012-03-09 09:53	455680              c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\78a370dc153011708dd9e4cb0e606bfc\System.DirectoryServices.Protocols.ni.dll
+ 2012-03-09 09:53 . 2012-03-09 09:53	881152              c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\6e644fc7464d9fe23fc9cd6001296f2f\System.DirectoryServices.AccountManagement.ni.dll
+ 2012-03-09 09:53 . 2012-03-09 09:53	939008              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\bac39be66bb9f987c1948b766833f8e6\System.Data.Services.Client.ni.dll
+ 2012-03-09 09:53 . 2012-03-09 09:53	354816              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Service#\2b5ecd231320e57010043c408783d80b\System.Data.Services.Design.ni.dll
+ 2012-03-09 09:53 . 2012-03-09 09:53	756736              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity.#\4ac9ac2326720485aefd4d79d2024945\System.Data.Entity.Design.ni.dll
+ 2012-03-09 09:52 . 2012-03-09 09:52	135680              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.DataSet#\d504d550fd0a6994fcb1466ea7be92af\System.Data.DataSetExtensions.ni.dll
+ 2012-03-09 09:52 . 2012-03-09 09:52	971264              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\94a40f415bfa947e251888bbe88bb973\System.Configuration.ni.dll
+ 2012-03-09 09:53 . 2012-03-09 09:53	141312              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuratio#\28637135c6939e74450bbbf110b12643\System.Configuration.Install.ni.dll
+ 2012-03-09 09:52 . 2012-03-09 09:52	633856              c:\windows\assembly\NativeImages_v2.0.50727_32\System.AddIn\958b5c0114d664ab5ba72575c301e2ea\System.AddIn.ni.dll
+ 2012-03-09 09:52 . 2012-03-09 09:52	366080              c:\windows\assembly\NativeImages_v2.0.50727_32\SMSvcHost\4dcff3b0e79fc27e31549bb2af00efb5\SMSvcHost.ni.exe
+ 2012-03-09 09:52 . 2012-03-09 09:52	256000              c:\windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\bd3bfd5b6ef659dac4d6cccb34577d33\SMDiagnostics.ni.dll
+ 2012-03-09 09:52 . 2012-03-09 09:52	320512              c:\windows\assembly\NativeImages_v2.0.50727_32\ServiceModelReg\edec83be646eb52204c991371751a428\ServiceModelReg.ni.exe
+ 2012-03-09 09:52 . 2012-03-09 09:52	133632              c:\windows\assembly\NativeImages_v2.0.50727_32\MSBuild\7c51497b188c82e2ccbe6315549ce023\MSBuild.ni.exe
+ 2012-03-09 09:52 . 2012-03-09 09:52	386560              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\f0f6dd614d294295c5d8386cc4192034\Microsoft.Transactions.Bridge.Dtc.ni.dll
+ 2012-03-09 09:52 . 2012-03-09 09:52	144384              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\fd1338828beec8737fed8f50f4fcc567\Microsoft.Build.Utilities.ni.dll
+ 2012-03-09 09:52 . 2012-03-09 09:52	175104              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\0d5f999c4b7e51151548c37c676c1b8e\Microsoft.Build.Utilities.v3.5.ni.dll
+ 2012-03-09 09:52 . 2012-03-09 09:52	839680              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\792168ce8fe03a3db43e12cf736cf91e\Microsoft.Build.Engine.ni.dll
+ 2012-03-09 09:52 . 2012-03-09 09:52	222720              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Con#\0a5277c34ddc1f55df1defb4231e814f\Microsoft.Build.Conversion.v3.5.ni.dll
+ 2012-03-09 09:52 . 2012-03-09 09:52	410112              c:\windows\assembly\NativeImages_v2.0.50727_32\ComSvcConfig\a8df37aadb089f1f34d3d2f103966fbc\ComSvcConfig.ni.exe
+ 2012-03-09 09:52 . 2012-03-09 09:52	842240              c:\windows\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\25ce400b547f517258c8afb0480390ea\AspNetMMCExt.ni.dll
+ 2012-03-08 22:40 . 2012-03-08 22:40	839680              c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2012-03-08 06:09 . 2012-03-08 06:09	839680              c:\windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
- 2012-03-08 06:09 . 2012-03-08 06:09	835584              c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2012-03-08 22:40 . 2012-03-08 22:40	835584              c:\windows\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
+ 2012-03-08 22:42 . 2012-03-08 22:42	139264              c:\windows\assembly\GAC_MSIL\System.Web.Entity\3.5.0.0__b77a5c561934e089\System.Web.Entity.dll
- 2011-10-30 16:02 . 2011-10-30 16:02	139264              c:\windows\assembly\GAC_MSIL\System.Web.Entity\3.5.0.0__b77a5c561934e089\System.Web.Entity.dll
+ 2012-03-08 22:42 . 2012-03-08 22:42	229376              c:\windows\assembly\GAC_MSIL\System.Web.DynamicData\3.5.0.0__31bf3856ad364e35\System.Web.DynamicData.dll
+ 2012-03-08 22:40 . 2012-03-08 22:40	114688              c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
- 2012-03-08 06:09 . 2012-03-08 06:09	114688              c:\windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
+ 2012-03-08 22:40 . 2012-03-08 22:40	258048              c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
- 2012-03-08 06:09 . 2012-03-08 06:09	258048              c:\windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
+ 2012-03-08 22:40 . 2012-03-08 22:40	131072              c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2012-03-08 06:09 . 2012-03-08 06:09	131072              c:\windows\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
- 2012-03-08 06:09 . 2012-03-08 06:09	303104              c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
+ 2012-03-08 22:40 . 2012-03-08 22:40	303104              c:\windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
- 2012-03-08 06:09 . 2012-03-08 06:09	258048              c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
+ 2012-03-08 22:40 . 2012-03-08 22:40	258048              c:\windows\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
- 2012-03-08 06:09 . 2012-03-08 06:09	372736              c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
+ 2012-03-08 22:40 . 2012-03-08 22:40	372736              c:\windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
- 2012-03-08 06:09 . 2012-03-08 06:09	626688              c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
+ 2012-03-08 22:40 . 2012-03-08 22:40	626688              c:\windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
- 2012-03-08 06:09 . 2012-03-08 06:09	401408              c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2012-03-08 22:40 . 2012-03-08 22:40	401408              c:\windows\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
+ 2012-03-08 22:40 . 2012-03-08 22:40	188416              c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2012-03-08 06:09 . 2012-03-08 06:09	188416              c:\windows\assembly\GAC_MSIL\System.DirectoryServices.Protocols\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.Protocols.dll
- 2012-03-08 06:09 . 2012-03-08 06:09	970752              c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2012-03-08 22:40 . 2012-03-08 22:40	970752              c:\windows\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
+ 2012-03-08 22:40 . 2012-03-08 22:40	745472              c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
- 2012-03-08 06:09 . 2012-03-08 06:09	745472              c:\windows\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
+ 2012-03-08 22:42 . 2012-03-08 22:42	442368              c:\windows\assembly\GAC_MSIL\System.Data.Services\3.5.0.0__b77a5c561934e089\System.Data.Services.dll
- 2011-10-30 16:02 . 2011-10-30 16:02	442368              c:\windows\assembly\GAC_MSIL\System.Data.Services\3.5.0.0__b77a5c561934e089\System.Data.Services.dll
+ 2012-03-08 22:42 . 2012-03-08 22:42	294912              c:\windows\assembly\GAC_MSIL\System.Data.Services.Client\3.5.0.0__b77a5c561934e089\System.Data.Services.Client.dll
- 2011-10-30 16:02 . 2011-10-30 16:02	294912              c:\windows\assembly\GAC_MSIL\System.Data.Services.Client\3.5.0.0__b77a5c561934e089\System.Data.Services.Client.dll
+ 2012-03-08 22:40 . 2012-03-08 22:40	425984              c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2012-03-08 06:09 . 2012-03-08 06:09	425984              c:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
- 2012-03-08 06:09 . 2012-03-08 06:09	110592              c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
+ 2012-03-08 22:40 . 2012-03-08 22:40	110592              c:\windows\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
- 2012-03-08 06:09 . 2012-03-08 06:09	659456              c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2012-03-08 22:40 . 2012-03-08 22:40	659456              c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
+ 2012-03-08 22:40 . 2012-03-08 22:40	372736              c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
- 2012-03-08 06:09 . 2012-03-08 06:09	372736              c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
+ 2012-03-08 22:40 . 2012-03-08 22:40	110592              c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2012-03-08 06:09 . 2012-03-08 06:09	110592              c:\windows\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
- 2012-03-08 06:09 . 2012-03-08 06:09	749568              c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
+ 2012-03-08 22:40 . 2012-03-08 22:40	749568              c:\windows\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
- 2012-03-08 06:09 . 2012-03-08 06:09	655360              c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
+ 2012-03-08 22:40 . 2012-03-08 22:40	655360              c:\windows\assembly\GAC_MSIL\Microsoft.Build.Tasks\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Tasks.dll
- 2012-03-08 06:09 . 2012-03-08 06:09	348160              c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
+ 2012-03-08 22:40 . 2012-03-08 22:40	348160              c:\windows\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
- 2012-03-08 06:09 . 2012-03-08 06:09	507904              c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2012-03-08 22:39 . 2012-03-08 22:39	507904              c:\windows\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
+ 2012-03-08 22:40 . 2012-03-08 22:40	261632              c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2012-03-08 06:09 . 2012-03-08 06:09	261632              c:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
- 2012-03-08 06:09 . 2012-03-08 06:09	113664              c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
+ 2012-03-08 22:40 . 2012-03-08 22:40	113664              c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
- 2012-03-08 06:09 . 2012-03-08 06:09	258048              c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
+ 2012-03-08 22:40 . 2012-03-08 22:40	258048              c:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
- 2012-03-08 06:09 . 2012-03-08 06:09	486400              c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2012-03-08 22:40 . 2012-03-08 22:40	486400              c:\windows\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
+ 2008-12-05 18:35 . 2008-12-05 18:35	1736528              c:\windows\Microsoft.Net\Framework\v3.0\WPF\wpfgfx_v0300.dll
- 2008-07-25 10:17 . 2008-07-25 10:17	2048000              c:\windows\Microsoft.Net\Framework\v2.0.50727\System.XML.dll
+ 2008-11-25 03:59 . 2008-11-25 03:59	2048000              c:\windows\Microsoft.Net\Framework\v2.0.50727\System.XML.dll
+ 2008-12-13 08:57 . 2008-12-13 08:57	8397824              c:\windows\Installer\1b6909.msp
+ 2012-03-08 22:42 . 2012-03-08 22:42	3325440              c:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\174c2f776741812aed02c337bbcd1dae\WindowsBase.ni.dll
+ 2012-03-08 22:43 . 2012-03-08 22:43	1049600              c:\windows\assembly\NativeImages_v2.0.50727_32\UIAutomationClients#\94f5164ff4f664c5e4e7fb4c3af1abad\UIAutomationClientsideProviders.ni.dll
+ 2012-03-08 22:41 . 2012-03-08 22:41	7953408              c:\windows\assembly\NativeImages_v2.0.50727_32\System\9e3803cd2a11f056291862e306a8e2b2\System.ni.dll
+ 2012-03-08 22:43 . 2012-03-08 22:43	5450752              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\77e1279cbf4eecfb0284b63316fe43fe\System.Xml.ni.dll
+ 2012-03-09 09:54 . 2012-03-09 09:54	1356288              c:\windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\c4c671c737b553db8e07664816475333\System.WorkflowServices.ni.dll
+ 2012-03-09 09:54 . 2012-03-09 09:54	1908224              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Run#\248ea47105ff4af6ee75e6fdd5b450a1\System.Workflow.Runtime.ni.dll
+ 2012-03-09 09:54 . 2012-03-09 09:54	4514304              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Com#\80a288b6611668160334668cc2608e4a\System.Workflow.ComponentModel.ni.dll
+ 2012-03-09 09:54 . 2012-03-09 09:54	2992640              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Workflow.Act#\4c27548df5897320840ee0d65db38742\System.Workflow.Activities.ni.dll
+ 2012-03-09 09:54 . 2012-03-09 09:54	1840640              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\e9ba004858dcdb5958d86f26f043f85a\System.Web.Services.ni.dll
+ 2012-03-09 09:54 . 2012-03-09 09:54	2209280              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\030cde14924eefebc06c240dbfe093a4\System.Web.Mobile.ni.dll
+ 2012-03-09 09:54 . 2012-03-09 09:54	2405888              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web.Extensio#\6379c8ca8ae11effb415139990923ff1\System.Web.Extensions.ni.dll
+ 2012-03-09 09:53 . 2012-03-09 09:53	1917440              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Speech\e456140d5d6c43d7383bd36d3f9e12c6\System.Speech.ni.dll
+ 2012-03-09 09:53 . 2012-03-09 09:53	1706496              c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\285dfbf2380436e187cb624bd1cd4683\System.ServiceModel.Web.ni.dll
+ 2012-03-09 09:51 . 2012-03-09 09:51	2345472              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\f2532204217dc10f152afd077b09927c\System.Runtime.Serialization.ni.dll
+ 2012-03-08 22:43 . 2012-03-08 22:43	1035776              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Printing\d51e6bb07124a1d780d1e024858e0dc1\System.Printing.ni.dll
+ 2012-03-09 09:51 . 2012-03-09 09:51	1070080              c:\windows\assembly\NativeImages_v2.0.50727_32\System.IdentityModel\8ef05061cd205c4f2a8583d97f32a603\System.IdentityModel.ni.dll
+ 2012-03-08 22:43 . 2012-03-08 22:43	1587200              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\9351cf29bb1ba951e45a9b3b0edab937\System.Drawing.ni.dll
+ 2012-03-09 09:53 . 2012-03-09 09:53	1116672              c:\windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\77d0e93f024055d04c07cc2700b4c590\System.DirectoryServices.ni.dll
+ 2012-03-09 09:53 . 2012-03-09 09:53	1801216              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\707a05a7d5a8d99dd56d1d50311a60d2\System.Deployment.ni.dll
+ 2012-03-08 22:43 . 2012-03-08 22:43	6616576              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\ae888f8633fce3ff1de98e32bce0abbf\System.Data.ni.dll
+ 2012-03-09 09:52 . 2012-03-09 09:52	2510336              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\857300fa64d09c69125451fd8894f3da\System.Data.SqlXml.ni.dll
+ 2012-03-09 09:53 . 2012-03-09 09:53	1328128              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Services\e9d4a1fb13572c769ddd9b86e55baab4\System.Data.Services.ni.dll
+ 2012-03-08 22:43 . 2012-03-08 22:43	2516480              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\c3d9c33f71d15a3e2e240092a244eba3\System.Data.Linq.ni.dll
+ 2012-03-09 09:53 . 2012-03-09 09:53	9924096              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Data.Entity\424160369b301ccd1b6fd86265611955\System.Data.Entity.ni.dll
+ 2012-03-08 22:43 . 2012-03-08 22:43	2295296              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Core\0a6d6717e76be12295711ff02c7aa1d4\System.Core.ni.dll
+ 2012-03-08 22:43 . 2012-03-08 22:43	2128896              c:\windows\assembly\NativeImages_v2.0.50727_32\ReachFramework\33cdfb4c322a528260016ac759230501\ReachFramework.ni.dll
+ 2012-03-08 22:43 . 2012-03-08 22:43	1657856              c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationUI\a6def83aee1aaf3336675ce58ac09013\PresentationUI.ni.dll
+ 2012-03-08 22:41 . 2012-03-08 22:41	1451008              c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationBuildTa#\59cd6ce5a254006179eee92952cd2272\PresentationBuildTasks.ni.dll
+ 2012-03-09 09:52 . 2012-03-09 09:52	1712128              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\96e485c02ad346a2bd26a635e7fcb023\Microsoft.VisualBasic.ni.dll
+ 2012-03-09 09:52 . 2012-03-09 09:52	1093120              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Transacti#\f7071f9a1c0523540f6aa7f11c302fb6\Microsoft.Transactions.Bridge.ni.dll
+ 2012-03-09 09:53 . 2012-03-09 09:53	2332160              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.JScript\806b1d127ed3e906db972751e87585c4\Microsoft.JScript.ni.dll
+ 2012-03-09 09:52 . 2012-03-09 09:52	1966080              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\912789fd859e0887e10a935cade08e72\Microsoft.Build.Tasks.v3.5.ni.dll
+ 2012-03-09 09:52 . 2012-03-09 09:52	1620992              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\6c1d3eec78906cc2a2ecffb013114c50\Microsoft.Build.Tasks.ni.dll
+ 2012-03-09 09:52 . 2012-03-09 09:52	1888768              c:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\d6edd4b4619a9052d3dfe50c3067d5e0\Microsoft.Build.Engine.ni.dll
- 2012-03-08 06:09 . 2012-03-08 06:09	3186688              c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
+ 2012-03-08 22:40 . 2012-03-08 22:40	3186688              c:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
- 2012-03-08 06:09 . 2012-03-08 06:09	2048000              c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
+ 2012-03-08 22:40 . 2012-03-08 22:40	2048000              c:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
- 2012-03-08 06:09 . 2012-03-08 06:09	5025792              c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2012-03-08 22:39 . 2012-03-08 22:39	5025792              c:\windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
+ 2012-03-08 22:40 . 2012-03-08 22:40	5062656              c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
- 2012-03-08 06:09 . 2012-03-08 06:09	5062656              c:\windows\assembly\GAC_MSIL\System.Design\2.0.0.0__b03f5f7f11d50a3a\System.Design.dll
+ 2012-03-08 22:39 . 2012-03-08 22:39	5246976              c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
- 2012-03-08 06:09 . 2012-03-08 06:09	5246976              c:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
- 2012-03-08 06:09 . 2012-03-08 06:09	2933248              c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2012-03-08 22:40 . 2012-03-08 22:40	2933248              c:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
+ 2012-03-08 06:09 . 2012-03-08 22:40	4550656              c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
- 2012-03-08 06:09 . 2012-03-08 06:09	4550656              c:\windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
+ 2008-12-13 09:21 . 2008-12-13 09:21	10473472              c:\windows\Installer\1b6911.msp
+ 2012-03-08 22:43 . 2012-03-08 22:43	12430848              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ad99ac6b5666edb8ee742dd64f9578af\System.Windows.Forms.ni.dll
+ 2012-03-09 09:54 . 2012-03-09 09:54	11817472              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\29bdc8352d3c26e3c572ea60639dec3b\System.Web.ni.dll
+ 2012-03-09 09:52 . 2012-03-09 09:52	17403904              c:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\1cdcd6d97627d345d5ff446e6ec88b97\System.ServiceModel.ni.dll
+ 2012-03-08 22:43 . 2012-03-08 22:43	10683392              c:\windows\assembly\NativeImages_v2.0.50727_32\System.Design\7c8f8fb506c32500acc1b6190d054f26\System.Design.ni.dll
+ 2012-03-08 22:42 . 2012-03-08 22:42	14328320              c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\5060105fb9e169399fe45600b1e9215e\PresentationFramework.ni.dll
+ 2012-03-08 22:42 . 2012-03-08 22:42	12215808              c:\windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\0665bba8c9962deadc418881eb3a2a2a\PresentationCore.ni.dll
.
-- Snapshot auf jetziges Datum zurückgesetzt --
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12	94208	----a-w-	c:\dokumente und einstellungen\flo\Anwendungsdaten\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12	94208	----a-w-	c:\dokumente und einstellungen\flo\Anwendungsdaten\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12	94208	----a-w-	c:\dokumente und einstellungen\flo\Anwendungsdaten\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2011-02-18 05:12	94208	----a-w-	c:\dokumente und einstellungen\flo\Anwendungsdaten\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TabletWizard"="c:\windows\help\SplshWrp.exe" [2008-04-14 16384]
"TabletTip"="c:\programme\Gemeinsame Dateien\microsoft shared\ink\tabtip.exe" [2008-04-14 271872]
"SoundMAXPnP"="c:\programme\Analog Devices\Core\smax4pnp.exe" [2007-01-05 872448]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-08-20 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-08-20 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-08-20 137752]
"SynTPEnh"="c:\programme\Synaptics\SynTP\SynTPEnh.exe" [2008-01-18 1028096]
"QlbCtrl.exe"="c:\programme\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-06-03 177456]
"UIExec"="c:\programme\Join Air\UIExec.exe" [2010-04-27 138072]
"Adobe Reader Speed Launcher"="c:\programme\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760]
"Adobe ARM"="c:\programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]
"QuickTime Task"="c:\programme\QuickTime\QTTask.exe" [2010-11-29 421888]
"SunJavaUpdateSched"="c:\programme\Gemeinsame Dateien\Java\Java Update\jusched.exe" [2012-01-18 254696]
"Malwarebytes' Anti-Malware"="c:\programme\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-01-13 460872]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
.
c:\dokumente und einstellungen\flo\Startmenü\Programme\Autostart\
Adobe Gamma.lnk - c:\programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]
OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk - c:\programme\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 98632]
.
c:\dokumente und einstellungen\All Users\Startmenü\Programme\Autostart\
BTTray.lnk - c:\programme\WIDCOMM\Bluetooth Software\BTTray.exe [2006-2-27 581693]
Watch.lnk - c:\programme\4.0M MPEG4 DV\Console\Watch.exe [2011-4-6 208896]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\loginkey]
2008-04-14 02:22	47104	----a-w-	c:\programme\Gemeinsame Dateien\Microsoft Shared\Ink\loginkey.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\TabBtnWL]
2002-08-29 02:43	11776	----a-w-	c:\windows\system32\tabbtnwl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\tpgwlnotify]
2008-04-14 02:22	32256	----a-w-	c:\windows\system32\tpgwlnot.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Programme\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"c:\\Programme\\Orbitdownloader\\orbitdm.exe"=
"c:\\Programme\\Orbitdownloader\\orbitnet.exe"=
"c:\\Programme\\1&1\\1&1 SoftPhone\\IPPHONEUI.EXE"=
"c:\\Programme\\Mozilla Firefox\\firefox.exe"=
"c:\\Programme\\QIP\\qip.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Programme\\Skype\\Phone\\Skype.exe"=
"c:\\Programme\\Sibelius Software\\Sibelius 6\\RegTool.exe"=
"c:\\Programme\\Sibelius Software\\Sibelius 6\\Sibelius.exe"=
"c:\\Dokumente und Einstellungen\\flo\\Anwendungsdaten\\Dropbox\\bin\\Dropbox.exe"=
"c:\\WINDOWS\\system32\\WUAUCLT.EXE"=
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [15.03.2011 12:51 722416]
R2 hasplms;HASP License Manager;c:\windows\system32\hasplms.exe  -run --> c:\windows\system32\hasplms.exe  -run [?]
R2 HPSIService;HP SI Service;c:\windows\system32\HPSIsvc.exe [28.07.2011 18:23 99896]
R2 MBAMService;MBAMService;c:\programme\Malwarebytes' Anti-Malware\mbamservice.exe [06.03.2012 13:31 652360]
R2 UI Assistant Service;UI Assistant Service;c:\programme\Join Air\AssistantServices.exe [27.05.2011 13:34 247152]
R3 CLEDX;Team H2O CLEDX service;c:\windows\system32\drivers\cledx.sys [16.03.2011 11:21 33792]
R3 Com4QLBEx;Com4QLBEx;c:\programme\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [21.04.2011 11:25 193840]
R3 GTIPCI21;GTIPCI21;c:\windows\system32\drivers\gtipci21.sys [09.05.2007 13:27 97280]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [06.03.2012 13:31 20464]
R3 wisdpen;Wacom Penabled MiniDriver;c:\windows\system32\drivers\wisdpen.sys [22.01.2007 13:09 34736]
S2 Ca536av;4.0M MPEG4 DV Video Capture;c:\windows\system32\drivers\Ca536av.sys [06.04.2011 15:58 514155]
S2 gupdate;Google Update Service (gupdate);c:\programme\Google\Update\GoogleUpdate.exe [31.05.2011 10:49 136176]
S3 appliandMP;appliandMP;c:\windows\system32\DRIVERS\appliand.sys --> c:\windows\system32\DRIVERS\appliand.sys [?]
S3 gupdatem;Google Update-Dienst (gupdatem);c:\programme\Google\Update\GoogleUpdate.exe [31.05.2011 10:49 136176]
S3 massfilter;Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [27.05.2011 13:34 9216]
S3 mvusbews;USB EWS Device;c:\windows\system32\drivers\mvusbews.sys [28.07.2011 18:23 17408]
S3 WacomPen;Wacom HID-Treiber für seriellen Stift;c:\windows\system32\drivers\wacompen.sys [15.03.2011 00:44 14208]
.
Inhalt des "geplante Tasks" Ordners
.
2012-03-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\programme\Google\Update\GoogleUpdate.exe [2011-05-31 09:49]
.
2012-03-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\programme\Google\Update\GoogleUpdate.exe [2011-05-31 09:49]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = 
uDefault_Search_URL = 
uInternet Settings,ProxyOverride = <local>
uSearchAssistant = 
IE: &Download by Orbit - c:\programme\Orbitdownloader\orbitmxt.dll/201
IE: &Grab video by Orbit - c:\programme\Orbitdownloader\orbitmxt.dll/204
IE: Do&wnload selected by Orbit - c:\programme\Orbitdownloader\orbitmxt.dll/203
IE: Down&load all by Orbit - c:\programme\Orbitdownloader\orbitmxt.dll/202
IE: In 1&&1 SoftPhone wählen - c:\dokumente und einstellungen\All Users\Anwendungsdaten\1&1\1&1 SoftPhone\ContextMenuHandler.html
IE: Nach Microsoft &Excel exportieren - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Senden an &Bluetooth - c:\programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\dokumente und einstellungen\flo\Anwendungsdaten\Mozilla\Firefox\Profiles\h2h6cuos.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - about:blank
FF - prefs.js: network.proxy.ftp - 10.1.0.0
FF - prefs.js: network.proxy.ftp_port - 8080
FF - prefs.js: network.proxy.http - 10.1.0.0
FF - prefs.js: network.proxy.http_port - 8080
FF - prefs.js: network.proxy.socks - 10.1.0.0
FF - prefs.js: network.proxy.socks_port - 8080
FF - prefs.js: network.proxy.ssl - 10.1.0.0
FF - prefs.js: network.proxy.ssl_port - 8080
FF - prefs.js: network.proxy.type - 0
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2012-03-11 02:53
Windows 5.1.2600 Service Pack 3 NTFS
.
Scanne versteckte Prozesse... 
.
Scanne versteckte Autostarteinträge... 
.
Scanne versteckte Dateien... 
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{BEB3C0C7-B648-4257-96D9-B5D024816E27}\Version*Version]
"Version"=hex:ae,a4,ff,78,f5,77,36,25,7b,67,5f,be,27,c5,3b,b8,27,30,d6,93,5d,
   be,af,75,29,08,7a,a4,4d,3d,36,88,b5,43,c4,03,2f,df,6b,b4,be,ee,6f,a2,76,2c,\
.
[HKEY_LOCAL_MACHINE\software\Minnetonka Audio Software\SurCode Dolby Digital Premiere\Version*Version]
"Version"=hex:ae,a4,ff,78,f5,77,36,25,7b,67,5f,be,27,c5,3b,b8,27,30,d6,93,5d,
   be,af,75,29,08,7a,a4,4d,3d,36,88,b5,43,c4,03,2f,df,6b,b4,be,ee,6f,a2,76,2c,\
.
Zeit der Fertigstellung: 2012-03-11  02:58:16
ComboFix-quarantined-files.txt  2012-03-11 01:58
ComboFix2.txt  2012-03-08 12:56
.
Vor Suchlauf: 743.100.416 Bytes frei
Nach Suchlauf: 733.073.408 Bytes frei
.
- - End Of File - - F9E3E0E7867A676EEE3F689EEB80B1F0

Alt 12.03.2012, 15:00   #17
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
gema-trojaner (100 euro-version) win xp - Standard

gema-trojaner (100 euro-version) win xp


Ok. Bitte nun Logs mit GMER und OSAM erstellen und posten.
GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen.
Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst.

Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM!

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
  • Starte die aswMBR.exe - (aswMBR.exe Anleitung)
    Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten".
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen )
    Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS-Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).

__________________

__________________
Antwort
Seite 2 von 2 1 2

Themen zu gema-trojaner (100 euro-version) win xp
0x00000001, adobe, alternate, bho, bluescreen, conduit, desktop, disabletaskmgr, downloader, einstellungen, error, excel, explorer, firefox, format, google, helper, logfile, microsoft office word, port, registry, rundll, scan, senden, services.exe, software, starten, studio, tablet, windows, windows xp, winlogon.exe


« Bundespolizei-Trojaner | Werde Torrent.exe bzw. den 50 Euro Trojaner nicht los »


Ähnliche Themen: gema-trojaner (100 euro-version) win xp


  1. Verschlüsselungstrojaner eingefangen (Gema 50 Euro Trojaner, Whitescreen nach Anmeldung)
    Log-Analyse und Auswertung - 20.10.2012 (10)
  2. GEMA-Virus aufgetreten, PC bis zur Zahlung von 100 Euro gesperrt
    Plagegeister aller Art und deren Bekämpfung - 11.05.2012 (15)
  3. Virus blockiert PC! Gema Bundestrojaner Virus - 50 euro Ukash?
    Plagegeister aller Art und deren Bekämpfung - 06.05.2012 (4)
  4. Gema / 50 Euro - Trojaner - OTL LOG - bitte auswerten...
    Log-Analyse und Auswertung - 02.05.2012 (3)
  5. Auf Windows Vista: GEMA-Virus will 50 Euro + abnow.com - Weiterleitung bei google
    Log-Analyse und Auswertung - 28.03.2012 (3)
  6. Computer gesperrt!! GEMA verlangt 100 Euro
    Log-Analyse und Auswertung - 24.03.2012 (1)
  7. Trojaner: Aus Sicherheitsgründen wurde Ihre Windows Version gesperrt - 50 euro zahlen!
    Plagegeister aller Art und deren Bekämpfung - 12.03.2012 (21)
  8. Gema Paysafe Trojaner 50 Euro
    Log-Analyse und Auswertung - 21.02.2012 (11)
  9. 100-Euro-wegen-illegaler-Windows-Version
    Plagegeister aller Art und deren Bekämpfung - 11.02.2012 (8)
  10. Windows illegale Version , 100 Euro bezahlen
    Plagegeister aller Art und deren Bekämpfung - 10.02.2012 (11)
  11. 50-Euro-Gema-Dings auf XP-Notebook
    Log-Analyse und Auswertung - 09.02.2012 (8)
  12. Security Center - nicht lizensierte windows version 100 euro strafe
    Plagegeister aller Art und deren Bekämpfung - 06.02.2012 (1)
  13. nicht lizensierte windows version 100 euro strafe
    Log-Analyse und Auswertung - 03.02.2012 (8)
  14. 50 Euro Gema Virus Frage zur Datenrettung
    Plagegeister aller Art und deren Bekämpfung - 28.01.2012 (1)
  15. Gema-Trojaner bzw. Gema Meldung mit blockiertem Rechner
    Log-Analyse und Auswertung - 09.01.2012 (13)
  16. Win 7, gespeert durch die Gema 50 Euro bezahlen
    Log-Analyse und Auswertung - 30.12.2011 (5)
  17. Gema-Trojaner bzw. Gema Meldung mit blockiertem Rechner
    Plagegeister aller Art und deren Bekämpfung - 04.12.2011 (9)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema gema-trojaner (100 euro-version) win xp - Code: Alles auswählen Aufklappen ATTFilter ComboFix 12-03-08.01 - flo 11.03.2012 2:46.2.2 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.49.1031.18.2039.1335 [GMT 1:00] ausgeführt von:: d:\downloads\ComboFix.exe Benutzte Befehlsschalter :: c:\dokumente und einstellungen\flo\Desktop\CFScript.txt . - gema-trojaner (100 euro-version) win xp...
Archiv
Du betrachtest: gema-trojaner (100 euro-version) win xp auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130