Cybercrime Investigation Department Virus/Malware

Släsh · 26.07.2012, 12:44

Hallo Leute,

ich bin neu in diesem Forum zu dem mich leider ein Problem mit Virus/Malware gebracht hat. Wie der Titel schon sagt, habe ich Probleme mit dem Police Cybercrime Investigation Department-Virus.
Ich habe bereits Anweisungen aus einem anderen Thread befolgt für die OLTPE-Boot-CD und habe hier die OLT.txt. Allerdings habe ich, aus welchem Grund auch immer, keine Extra.txt erhalten.

Danke schon mal im Voraus!

Code:

ATTFilter

 OTL logfile created on: 7/26/2012 11:58:06 AM - Run 
OTLPE by OldTimer - Version 3.1.48.0     Folder = X:\Programs\OTLPE
Microsoft Windows XP Service Pack 3 (Version = 5.1.2600) - Type = SYSTEM
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000C07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
 
2.00 Gb Total Physical Memory | 2.00 Gb Available Physical Memory | 84.00% Memory free
2.00 Gb Paging File | 2.00 Gb Available in Paging File | 95.00% Paging File free
Paging file location(s): C:\pagefile.sys 3070 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 127.99 Gb Total Space | 4.83 Gb Free Space | 3.77% Space Free | Partition Type: NTFS
Drive D: | 104.89 Gb Total Space | 9.73 Gb Free Space | 9.28% Space Free | Partition Type: NTFS
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet003
 
========== Win32 Services (SafeList) ==========
 
SRV - File not found [On_Demand] --  -- (getPlusHelper) getPlus(R)
SRV - [2012/07/20 13:53:11 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/07/03 12:21:29 | 000,044,808 | ---- | M] (AVAST Software) [Auto] -- C:\Programme\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012/06/17 02:56:16 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/06/07 13:12:14 | 000,160,944 | R--- | M] (Skype Technologies) [Auto] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/02/02 11:07:22 | 000,215,688 | ---- | M] (SPAMfighter ApS) [Auto] -- C:\Programme\Fighters\SPAMfighter\sfus.exe -- (SPAMfighter Update Service)
SRV - [2012/01/23 08:40:12 | 001,324,680 | ---- | M] (SPAMfighter ApS) [Auto] -- C:\Programme\Fighters\FighterSuiteService.exe -- (Suite Service)
SRV - [2011/04/07 11:33:31 | 003,857,408 | ---- | M] (Native Instruments GmbH) [Auto] -- C:\Programme\Gemeinsame Dateien\Native Instruments\Hardware\NIHardwareService.exe -- (NIHardwareService)
SRV - [2010/03/04 17:38:00 | 000,071,096 | ---- | M] () [Auto] -- C:\Programme\CDBurnerXP\NMSAccessU.exe -- (NMSAccess)
SRV - [2010/02/19 13:43:34 | 000,380,928 | ---- | M] (Spigot, Inc.) [Auto] -- C:\Programme\Application Updater\ApplicationUpdater.exe -- (Application Updater)
SRV - [2003/07/28 06:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand] --  -- (zlportio)
DRV - File not found [Kernel | On_Demand] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand] --  -- (w810obex)
DRV - File not found [Kernel | On_Demand] --  -- (w810mgmt) Sony Ericsson W810 USB WMC Device Management Drivers (WDM)
DRV - File not found [Kernel | On_Demand] --  -- (w810mdm)
DRV - File not found [Kernel | On_Demand] --  -- (w810mdfl)
DRV - File not found [Kernel | On_Demand] --  -- (w810bus) Sony Ericsson W810 Driver driver (WDM)
DRV - File not found [Kernel | On_Demand] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand] --  -- (PDCOMP)
DRV - File not found [Kernel | System] --  -- (PCIDump)
DRV - File not found [Kernel | On_Demand] --  -- (MaplomL)
DRV - File not found [Kernel | On_Demand] --  -- (Maplom)
DRV - File not found [File_System | On_Demand] --  -- (MagixASIODrv)
DRV - File not found [Kernel | System] --  -- (lbrtfdc)
DRV - File not found [Kernel | System] --  -- (i2omgmt)
DRV - File not found [Kernel | On_Demand] --  -- (GMSIPCI)
DRV - File not found [Kernel | System] --  -- (Changer)
DRV - [2012/07/03 12:21:54 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012/07/03 12:21:53 | 000,721,000 | ---- | M] (AVAST Software) [File_System | System] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012/07/03 12:21:53 | 000,353,688 | ---- | M] (AVAST Software) [Kernel | System] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012/07/03 12:21:53 | 000,097,608 | ---- | M] (AVAST Software) [File_System | Auto] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2012/07/03 12:21:53 | 000,035,928 | ---- | M] (AVAST Software) [Kernel | System] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2012/07/03 12:21:53 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2012/07/03 12:21:52 | 000,025,256 | ---- | M] (AVAST Software) [Kernel | System] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2012/05/20 22:09:00 | 000,181,432 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ssudmdm.sys -- (ssudmdm) SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.)
DRV - [2012/05/20 22:09:00 | 000,080,824 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ssudbus.sys -- (dg_ssudbus) SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.)
DRV - [2011/12/01 05:40:16 | 000,056,496 | ---- | M] (Nero AG) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\NBVol.sys -- (NBVol)
DRV - [2011/12/01 05:40:16 | 000,012,464 | ---- | M] (Nero AG) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\NBVolUp.sys -- (NBVolUp)
DRV - [2011/11/29 11:38:04 | 000,020,032 | ---- | M] (Devguru Co., Ltd) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\dgderdrv.sys -- (dgderdrv)
DRV - [2011/11/09 23:42:12 | 007,493,120 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2011/03/18 12:08:54 | 000,025,240 | ---- | M] (Almico Software) [Kernel | Boot] -- C:\WINDOWS\system32\speedfan.sys -- (speedfan)
DRV - [2010/07/21 11:51:42 | 000,044,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\dc3d.sys -- (dc3d)
DRV - [2010/07/04 15:51:26 | 000,004,096 | ---- | M] () [Kernel | Unavailable] -- C:\Programme\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5)
DRV - [2010/01/26 22:09:02 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\npf.sys -- (npf)
DRV - [2009/11/12 08:48:56 | 000,005,504 | ---- | M] () [File_System | Auto] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2009/10/11 09:20:26 | 000,721,904 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2009/08/31 09:13:31 | 000,281,760 | ---- | M] () [Kernel | Auto] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2009/08/31 09:13:30 | 000,025,888 | ---- | M] () [Kernel | Auto] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2009/08/05 16:48:42 | 000,054,752 | ---- | M] (Microsoft Corporation) [Kernel | Auto] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
DRV - [2009/03/31 03:39:36 | 000,036,608 | ---- | M] () [Kernel | On_Demand] -- C:\WINDOWS\system32\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2009/02/24 12:42:14 | 000,116,736 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\mcdbus.sys -- (mcdbus)
DRV - [2008/04/13 19:23:10 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2007/12/14 03:21:32 | 000,009,216 | ---- | M] () [Kernel | On_Demand] -- C:\Programme\MSI\Live Update 4\LU4\FlashSys.sys -- (FLASHSYS)
DRV - [2007/11/09 10:43:48 | 000,053,760 | ---- | M] () [Kernel | System] -- C:\WINDOWS\system32\drivers\SSHDRV76.sys -- (SSHDRV76)
DRV - [2007/09/17 10:53:26 | 000,021,632 | ---- | M] (Nokia) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2006/11/02 10:51:58 | 000,013,560 | ---- | M] (Cyberlink Corp.) [Kernel | Auto] -- C:\Programme\CyberLink\PowerDVD\000.fcl -- ({95808DC4-FA4A-4c74-92FE-5B863F82066B})
DRV - [2006/11/02 02:00:08 | 000,039,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\winusb.sys -- (WinUSB)
DRV - [2006/08/18 01:52:00 | 004,017,536 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM) Service for Realtek AC97 Audio (WDM)
DRV - [2006/07/13 12:04:38 | 000,028,160 | ---- | M] (MICRO-STAR INT'L CO., LTD.) [Kernel | On_Demand] -- C:\Programme\MSI\Core Center\NTGLM7X.sys -- (PCAlertDriver)
DRV - [2006/07/13 05:48:58 | 000,039,936 | ---- | M] (MICRO-STAR INT'L CO., LTD.) [Kernel | On_Demand] -- C:\Programme\MSI\Core Center\RushTop.sys -- (RushTopDevice)
DRV - [2006/06/16 07:56:38 | 000,083,968 | R--- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2006/03/26 08:22:14 | 000,051,200 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV - [2006/03/24 12:27:01 | 000,050,176 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\sfsync04.sys -- (sfsync04) StarForce Protection Synchronization Driver (version 4.x)
DRV - [2006/03/13 05:38:23 | 000,006,656 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2005/02/23 09:58:56 | 000,011,776 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\afc.sys -- (Afc)
DRV - [2005/02/16 01:43:20 | 000,028,800 | ---- | M] (Cypress Semiconductor) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\CyUsbNT.sys -- (CyUsbNT)
DRV - [2004/12/03 06:20:41 | 000,020,544 | ---- | M] (Protection Technology) [Kernel | Boot] -- C:\WINDOWS\system32\drivers\sfsync02.sys -- (sfsync02) StarForce Protection Synchronization Driver (version 2.x)
DRV - [2004/10/24 03:11:00 | 000,028,800 | ---- | M] (Deon van der Westhuysen) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\PPortJoy.sys -- (PPortJoystick)
DRV - [2004/10/24 03:11:00 | 000,013,952 | ---- | M] (Deon van der Westhuysen) [Kernel | On_Demand] -- C:\WINDOWS\system32\drivers\PPJoyBus.sys -- (PPJoyBus)
DRV - [1996/04/03 15:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot] -- C:\WINDOWS\system32\giveio.sys -- (giveio)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\amiina_ON_C\..\URLSearchHook: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Programme\YouTube Downloader Toolbar\SearchSettings.dll (Spigot, Inc.)
IE - HKU\amiina_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\Amina_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\LocalService_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\Me_ON_C\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
IE - HKU\Me_ON_C\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKU\Me_ON_C\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/
IE - HKU\Me_ON_C\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKU\Me_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKU\Me_ON_C\..\URLSearchHook: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Programme\YouTube Downloader Toolbar\SearchSettings.dll (Spigot, Inc.)
IE - HKU\Me_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\NetworkService_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\systemprofile_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledItems: youtubedownloader@mybrowserbar.com:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_265.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@anti-leech.com/Anti-Leech Plugin,version=1.0.2.3:  File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Content Upload Plugin,version=1.0.0:  File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0:  File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Programme\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Programme\Microsoft Silverlight\4.0.60129.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Programme\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.4.53: C:\Programme\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.4.53: C:\Programme\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.4.53: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll ()
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.4.53: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll ()
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.4.53: C:\Programme\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Programme\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKCU\Software\MozillaPlugins\@adobe.com/FlashPlayer:  File not found
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.1: C:\Dokumente und Einstellungen\Me\Anwendungsdaten\Facebook\npfbplugin_1_0_1.dll ( )
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Dokumente und Einstellungen\Me\Anwendungsdaten\Facebook\npfbplugin_1_0_3.dll ( )
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/05/30 06:22:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Programme\Alwil Software\Avast5\WebRep\FF [2012/07/21 16:36:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Programme\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/04/29 15:48:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/05/30 06:22:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Programme\Mozilla Firefox\components [2012/06/17 02:56:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2012/05/30 06:23:09 | 000,000,000 | ---D | M]
 
[2010/11/15 13:26:34 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Me\Anwendungsdaten\Mozilla\Extensions
[2010/04/08 10:15:31 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Me\Anwendungsdaten\Mozilla\Extensions\mozswing@mozswing.org
[2012/05/02 15:47:30 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Me\Anwendungsdaten\Mozilla\Firefox\Profiles\9jq66ctx.default\extensions
[2012/07/26 03:18:41 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
File not found (No name found) -- 
[2012/04/29 15:48:32 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 &lt;video&gt;) -- C:\PROGRAMME\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5
[2012/02/25 09:38:07 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAMME\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2012/06/17 02:56:17 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll
[2006/05/31 11:28:48 | 000,249,856 | ---- | M] (Icenet LLC) -- C:\Programme\mozilla firefox\plugins\npalnn.dll
[2012/02/25 09:38:07 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\mozilla firefox\plugins\npdeployJava1.dll
[2012/05/30 06:22:19 | 000,129,144 | ---- | M] (RealPlayer) -- C:\Programme\mozilla firefox\plugins\nprpplugin.dll
[2012/04/27 13:43:12 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012/04/27 13:43:12 | 000,002,252 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml
[2012/04/27 13:43:12 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2012/04/27 13:43:12 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2012/04/27 13:43:12 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2012/04/27 13:43:12 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2007/10/26 15:04:41 | 000,206,726 | R--- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: 127.0.0.1	007guard.com
O1 - Hosts: 127.0.0.1	www.007guard.com
O1 - Hosts: 127.0.0.1	008i.com
O1 - Hosts: 127.0.0.1	008k.com
O1 - Hosts: 127.0.0.1	www.008k.com
O1 - Hosts: 127.0.0.1	00hq.com
O1 - Hosts: 127.0.0.1	www.00hq.com
O1 - Hosts: 127.0.0.1	010402.com
O1 - Hosts: 127.0.0.1	032439.com
O1 - Hosts: 127.0.0.1	www.032439.com
O1 - Hosts: 127.0.0.1	1001-search.info
O1 - Hosts: 127.0.0.1	www.1001-search.info
O1 - Hosts: 127.0.0.1	100888290cs.com
O1 - Hosts: 127.0.0.1	www.100888290cs.com
O1 - Hosts: 127.0.0.1	100sexlinks.com
O1 - Hosts: 127.0.0.1	www.100sexlinks.com
O1 - Hosts: 127.0.0.1	10sek.com
O1 - Hosts: 127.0.0.1	www.10sek.com
O1 - Hosts: 127.0.0.1	123topsearch.com
O1 - Hosts: 127.0.0.1	www.123topsearch.com
O1 - Hosts: 127.0.0.1	132.com
O1 - Hosts: 127.0.0.1	www.132.com
O1 - Hosts: 127.0.0.1	136136.net
O1 - Hosts: 127.0.0.1	www.136136.net
O1 - Hosts: 7270 more lines...
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll ()
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Programme\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll (Google Inc.)
O2 - BHO: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Programme\YouTube Downloader Toolbar\SearchSettings.dll (Spigot, Inc.)
O2 - BHO: (YouTube Downloader Toolbar) - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Programme\YouTube Downloader Toolbar\IE\1.0\youtubedownloaderToolbarIE.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (YouTube Downloader Toolbar) - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Programme\YouTube Downloader Toolbar\IE\1.0\youtubedownloaderToolbarIE.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\Me_ON_C\..\Toolbar\WebBrowser: (no name) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - No CLSID value found.
O3 - HKU\Me_ON_C\..\Toolbar\WebBrowser: (no name) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No CLSID value found.
O4 - HKLM..\Run: [APSDaemon] C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast5] C:\Programme\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CommonToolkitTray] C:\Programme\Fighters\Tray\FightersTray.exe (SPAMfighter ApS)
O4 - HKLM..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\imekrmig.exe (Microsoft Corporation)
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe ()
O4 - HKLM..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [sfagent] C:\Programme\Fighters\SPAMfighter\sfagent.exe (SPAMfighter ApS)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [TkBellExe] C:\programme\real\realplayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [UnlockerAssistant] C:\Programme\Unlocker\UnlockerAssistant.exe ()
O4 - HKU\Me_ON_C..\Run: [KiesPDLR] C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O4 - HKU\Me_ON_C..\Run: [KiesPreload] C:\Programme\Samsung\Kies\Kies.exe (Samsung)
O4 - HKU\Amina_ON_C..\RunOnce: [NeroHomeFirstStart]  File not found
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\CoreCenter.lnk = C:\Programme\MSI\Core Center\CoreCenter.exe ()
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\HP Image Zone Schnellstart.lnk = C:\Programme\HP\Digital Imaging\bin\hpqthb08.exe (Hewlett-Packard Co.)
O4 - Startup: C:\Dokumente und Einstellungen\Me\Startmenü\Programme\Autostart\ctfmon.lnk = X:\I386\SYSTEM32\RUNDLL32.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\amiina_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Amina_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\Me_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\systemprofile_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Dokumente und Einstellungen\Me\Anwendungsdaten\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} hxxp://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_05-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Programme\Soluto\soluto.exe /userinit) -  File not found
O20 - HKLM Winlogon: GinaDLL - (ginamsi.dll) - C:\WINDOWS\System32\ginamsi.dll ()
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: 
O24 - Desktop BackupWallPaper: 
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/10/04 15:24:30 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{22767298-df21-11dc-ab48-0019db2058e2}\Shell - "" = AutoRun
O33 - MountPoints2\{22767298-df21-11dc-ab48-0019db2058e2}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{22767298-df21-11dc-ab48-0019db2058e2}\Shell\AutoRun\command - "" = G:\Autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012/07/26 03:18:40 | 000,000,000 | ---D | C] -- C:\Programme\Application Updater
[2012/07/25 06:55:53 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft Office Tools
[2012/07/25 06:33:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\MiniDump
[2012/07/25 06:04:36 | 000,000,000 | ---D | C] -- C:\Programme\VS Revo Group
[2012/07/25 06:04:36 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Me\Startmenü\Programme\Revo Uninstaller
[2012/07/25 05:01:55 | 000,012,464 | ---- | C] (Nero AG) -- C:\WINDOWS\System32\drivers\NBVolUp.sys
[2012/07/25 05:01:49 | 000,056,496 | ---- | C] (Nero AG) -- C:\WINDOWS\System32\drivers\NBVol.sys
[2012/07/22 02:57:02 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Me\Recent
[2012/06/28 13:04:09 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\Me\PrivacIE
[2012/06/28 11:02:55 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\Me\IETldCache
[2012/06/28 10:58:22 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\LocalService\IETldCache
[2012/06/28 10:48:25 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates
[2012/06/28 10:45:29 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2012/06/28 10:40:32 | 000,521,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsdbgui.dll
[2012/06/28 10:40:04 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[2012/06/28 03:48:53 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Skype
[2012/06/28 03:48:52 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\Skype
[2012/06/28 03:48:50 | 000,000,000 | R--D | C] -- C:\Programme\Skype
[2012/06/26 12:15:25 | 001,677,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chsbrkr.dll
[2012/06/26 12:15:25 | 001,677,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\chsbrkr.dll
[2012/06/26 12:15:25 | 000,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtbrkr.dll
[2012/06/26 12:15:25 | 000,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\chtbrkr.dll
[2012/06/26 12:15:24 | 001,875,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msir3jp.lex
[2012/06/26 12:15:24 | 001,875,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.lex
[2012/06/26 12:15:24 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\msir3jp.dll
[2012/06/26 12:15:24 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.dll
[2012/06/26 12:15:24 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\korwbrkr.dll
[2012/06/26 12:15:24 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\korwbrkr.dll
[2012/06/26 12:15:19 | 010,096,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxcht.dll
[2012/06/26 12:15:09 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs412.dll
[2012/06/26 12:15:09 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbd101a.dll
[2012/06/26 12:15:09 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101a.dll
[2012/06/26 12:15:06 | 010,129,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxkor.dll
[2012/06/26 12:15:05 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imkrinst.exe
[2012/06/26 12:15:05 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmig.exe
[2012/06/26 12:15:05 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hanjadic.dll
[2012/06/26 12:14:59 | 000,311,359 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsv.exe
[2012/06/26 12:14:59 | 000,102,463 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsm.dll
[2012/06/26 12:14:59 | 000,036,927 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs411.dll
[2012/06/26 12:14:58 | 000,229,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\multibox.dll
[2012/06/26 12:14:58 | 000,143,422 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\softkey.dll
[2012/06/26 12:14:58 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdnecAT.dll
[2012/06/26 12:14:58 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecat.dll
[2012/06/26 12:14:58 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdnecNT.dll
[2012/06/26 12:14:58 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecnt.dll
[2012/06/26 12:14:58 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\kbdnec95.dll
[2012/06/26 12:14:58 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnec95.dll
[2012/06/26 12:14:57 | 000,471,102 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskdic.dll
[2012/06/26 12:14:41 | 000,057,398 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdadm.exe
[2012/06/26 12:14:40 | 000,045,109 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpuex.exe
[2012/06/26 12:14:36 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_is2022.dll
[2012/06/26 12:14:36 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\c_is2022.dll
[2005/05/11 17:36:48 | 000,012,288 | ---- | C] (Hewlett-Packard Co.) -- C:\WINDOWS\Fonts\RandFont.dll
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[4 C:\Dokumente und Einstellungen\Me\Eigene Dateien\*.tmp files -> C:\Dokumente und Einstellungen\Me\Eigene Dateien\*.tmp -> ]
[14 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012/07/26 04:18:46 | 004,503,728 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\z7_0ytr.pad
[2012/07/26 04:18:07 | 000,000,264 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-343818398-1292428093-725345543-1003.job
[2012/07/26 04:18:03 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012/07/26 04:18:01 | 000,000,310 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2012/07/26 04:18:00 | 000,001,086 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012/07/26 04:17:59 | 000,000,486 | ---- | M] () -- C:\WINDOWS\tasks\1-Klick-Wartung.job
[2012/07/26 04:05:07 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012/07/26 03:56:03 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012/07/26 03:53:15 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2012/07/26 03:41:06 | 000,001,602 | ---- | M] () -- C:\Dokumente und Einstellungen\Me\Startmenü\Programme\Autostart\ctfmon.lnk
[2012/07/26 03:22:00 | 000,001,090 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012/07/26 03:12:37 | 000,196,160 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012/07/25 17:52:17 | 000,201,550 | ---- | M] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-System.dat
[2012/07/25 06:56:14 | 000,000,400 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2012/07/25 06:55:53 | 000,002,088 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft Excel.lnk
[2012/07/25 06:55:53 | 000,002,080 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft PowerPoint.lnk
[2012/07/25 06:55:53 | 000,002,050 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft Word.lnk
[2012/07/25 06:55:53 | 000,001,714 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Microsoft Office.lnk
[2012/07/25 06:55:53 | 000,000,000 | R--D | M] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart
[2012/07/25 06:55:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft Office Tools
[2012/07/25 06:24:10 | 000,000,272 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-343818398-1292428093-725345543-1003.job
[2012/07/25 06:06:32 | 000,118,272 | ---- | M] () -- C:\Dokumente und Einstellungen\Me\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/07/25 04:12:37 | 000,084,254 | ---- | M] () -- C:\Dokumente und Einstellungen\Me\Desktop\Honorarnote Selimspahic.pdf
[2012/07/23 08:02:52 | 000,002,243 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Skype.lnk
[2012/07/22 10:40:39 | 001,511,965 | ---- | M] () -- C:\Dokumente und Einstellungen\Me\Desktop\General-CleanTool18.zip
[2012/07/22 09:01:04 | 001,213,035 | ---- | M] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-S-1-5-21-343818398-1292428093-725345543-1003-0.dat
[2012/07/22 08:28:29 | 000,192,810 | ---- | M] () -- C:\Dokumente und Einstellungen\Me\Eigene Dateien\cc_20120722_142818.reg
[2012/07/22 02:59:29 | 000,040,488 | ---- | M] () -- C:\Dokumente und Einstellungen\Me\Eigene Dateien\cc_20120722_085925.reg
[2012/07/21 16:36:52 | 000,003,002 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2012/07/20 13:53:10 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2012/07/20 13:53:10 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2012/07/20 12:26:43 | 000,001,777 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Google Chrome.lnk
[2012/07/06 19:03:10 | 002,416,443 | ---- | M] () -- C:\Dokumente und Einstellungen\Me\Desktop\20120707_010311.jpg
[2012/07/06 19:03:04 | 002,123,427 | ---- | M] () -- C:\Dokumente und Einstellungen\Me\Desktop\20120707_010305.jpg
[2012/07/03 12:21:54 | 000,054,232 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2012/07/03 12:21:53 | 000,721,000 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2012/07/03 12:21:53 | 000,353,688 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2012/07/03 12:21:53 | 000,097,608 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2012/07/03 12:21:53 | 000,089,624 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2012/07/03 12:21:53 | 000,035,928 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2012/07/03 12:21:53 | 000,021,256 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2012/07/03 12:21:52 | 000,025,256 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2012/07/03 12:21:32 | 000,041,224 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2012/07/03 12:21:28 | 000,227,648 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2012/06/29 12:52:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\YTD YouTube Downloader & Converter
[2012/06/28 11:03:02 | 000,000,795 | ---- | M] () -- C:\Dokumente und Einstellungen\Me\Anwendungsdaten\Microsoft\Internet Explorer\Quick Launch\Internet Explorer Browser starten.lnk
[2012/06/28 03:48:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Skype
[6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[4 C:\Dokumente und Einstellungen\Me\Eigene Dateien\*.tmp files -> C:\Dokumente und Einstellungen\Me\Eigene Dateien\*.tmp -> ]
[14 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012/07/26 03:41:06 | 004,503,728 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\z7_0ytr.pad
[2012/07/26 03:41:06 | 000,001,602 | ---- | C] () -- C:\Dokumente und Einstellungen\Me\Startmenü\Programme\Autostart\ctfmon.lnk
[2012/07/25 12:54:56 | 002,123,427 | ---- | C] () -- C:\Dokumente und Einstellungen\Me\Desktop\20120707_010305.jpg
[2012/07/25 12:54:55 | 002,416,443 | ---- | C] () -- C:\Dokumente und Einstellungen\Me\Desktop\20120707_010311.jpg
[2012/07/25 06:55:53 | 000,002,088 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft Excel.lnk
[2012/07/25 06:55:53 | 000,002,080 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft PowerPoint.lnk
[2012/07/25 06:55:53 | 000,002,050 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft Word.lnk
[2012/07/25 06:55:53 | 000,001,714 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Microsoft Office.lnk
[2012/07/25 04:12:37 | 000,084,254 | ---- | C] () -- C:\Dokumente und Einstellungen\Me\Desktop\Honorarnote Selimspahic.pdf
[2012/07/22 10:40:38 | 001,511,965 | ---- | C] () -- C:\Dokumente und Einstellungen\Me\Desktop\General-CleanTool18.zip
[2012/07/22 08:28:19 | 000,192,810 | ---- | C] () -- C:\Dokumente und Einstellungen\Me\Eigene Dateien\cc_20120722_142818.reg
[2012/07/22 02:59:27 | 000,040,488 | ---- | C] () -- C:\Dokumente und Einstellungen\Me\Eigene Dateien\cc_20120722_085925.reg
[2012/07/21 16:36:51 | 000,000,310 | -H-- | C] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2012/06/26 12:15:25 | 000,001,486 | ---- | C] () -- C:\WINDOWS\System32\noise.kor
[2012/06/26 12:15:24 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\korwbrkr.lex
[2012/06/26 12:15:24 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2012/06/26 12:15:24 | 000,002,060 | ---- | C] () -- C:\WINDOWS\System32\noise.jpn
[2012/06/26 12:15:15 | 000,211,938 | ---- | C] () -- C:\WINDOWS\System32\lcphrase.tbl
[2012/06/26 12:15:15 | 000,146,126 | ---- | C] () -- C:\WINDOWS\System32\array30.tab
[2012/06/26 12:15:15 | 000,110,566 | ---- | C] () -- C:\WINDOWS\System32\arphr.tbl
[2012/06/26 12:15:15 | 000,043,242 | ---- | C] () -- C:\WINDOWS\System32\phoncode.tbl
[2012/06/26 12:15:15 | 000,024,114 | ---- | C] () -- C:\WINDOWS\System32\lcptr.tbl
[2012/06/26 12:15:15 | 000,018,600 | ---- | C] () -- C:\WINDOWS\System32\arrayhw.tab
[2012/06/26 12:15:15 | 000,016,312 | ---- | C] () -- C:\WINDOWS\System32\arptr.tbl
[2012/06/26 12:15:15 | 000,004,071 | ---- | C] () -- C:\WINDOWS\System32\phon.tbl
[2012/06/26 12:15:15 | 000,002,714 | ---- | C] () -- C:\WINDOWS\System32\phonptr.tbl
[2012/06/26 12:15:15 | 000,000,520 | ---- | C] () -- C:\WINDOWS\System32\dayiphr.tbl
[2012/06/26 12:15:14 | 000,116,285 | ---- | C] () -- C:\WINDOWS\System32\msdayi.tbl
[2012/06/26 12:15:14 | 000,044,370 | ---- | C] () -- C:\WINDOWS\System32\acode.tbl
[2012/06/26 12:15:14 | 000,044,370 | ---- | C] () -- C:\WINDOWS\System32\a234.tbl
[2012/06/26 12:15:14 | 000,001,460 | ---- | C] () -- C:\WINDOWS\System32\a15.tbl
[2012/06/26 12:15:14 | 000,000,700 | ---- | C] () -- C:\WINDOWS\System32\dayiptr.tbl
[2012/06/26 12:15:10 | 001,783,864 | ---- | C] () -- C:\WINDOWS\System32\WINPY.MB
[2012/06/26 12:15:10 | 001,564,868 | ---- | C] () -- C:\WINDOWS\System32\WINSP.MB
[2012/06/26 12:15:10 | 001,223,500 | ---- | C] () -- C:\WINDOWS\System32\WINZM.MB
[2012/06/26 12:15:06 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2012/06/26 12:15:06 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2012/02/06 15:10:00 | 000,000,040 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ra3.ini
[2012/01/02 15:47:09 | 001,213,035 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-S-1-5-21-343818398-1292428093-725345543-1003-0.dat
[2012/01/02 15:47:08 | 000,201,550 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\WPFFontCache_v0400-System.dat
[2011/11/29 11:38:18 | 000,030,568 | ---- | C] () -- C:\WINDOWS\MusiccityDownload.exe
[2011/11/29 11:38:12 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll
[2011/11/29 11:38:12 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll
[2011/11/29 11:38:12 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll
[2011/11/29 11:38:12 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll
[2011/11/14 16:40:18 | 000,008,014 | ---- | C] () -- C:\Dokumente und Einstellungen\Me\.recently-used.xbel
[2011/11/09 17:39:44 | 000,059,904 | ---- | C] () -- C:\WINDOWS\System32\OpenVideo.dll
[2011/11/09 17:39:32 | 000,054,784 | ---- | C] () -- C:\WINDOWS\System32\OVDecode.dll
[2011/09/25 17:41:03 | 001,956,344 | ---- | C] () -- C:\Dokumente und Einstellungen\LocalService\Lokale Einstellungen\Anwendungsdaten\FontCache3.0.0.0.dat
[2011/09/08 12:26:14 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Sam9_D.INI
[2011/09/08 12:18:10 | 000,120,200 | ---- | C] () -- C:\WINDOWS\System32\DLLDEV32i.dll
[2011/09/08 12:16:28 | 000,006,768 | ---- | C] () -- C:\WINDOWS\mgxoschk.ini
[2011/08/27 12:50:25 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2011/08/27 12:50:25 | 000,000,003 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2011/07/06 16:38:58 | 000,000,016 | ---- | C] () -- C:\WINDOWS\System32\msvcsv60.dll
[2011/07/06 16:38:58 | 000,000,016 | ---- | C] () -- C:\WINDOWS\msocreg32.dat
[2011/04/29 13:35:28 | 000,000,490 | ---- | C] () -- C:\Dokumente und Einstellungen\Me\Anwendungsdaten\Poladroid prefs.plist
[2011/03/29 11:47:19 | 000,021,763 | ---- | C] () -- C:\Dokumente und Einstellungen\Me\Džematlije učestvovale u akciji  čišćenja grada.pdf
[2011/02/20 07:05:22 | 000,000,185 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Microsoft.SqlServer.Compact.351.32.bc
[2011/02/01 14:56:20 | 000,004,157 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\vwmgfbfx.iaf
[2011/02/01 13:34:15 | 000,004,900 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\hvcatrnw.tht
[2010/11/30 12:13:06 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2010/10/29 09:08:05 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/06/14 13:01:22 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\LauncherAccess.dt
[2010/05/05 02:48:01 | 000,000,001 | ---- | C] () -- C:\Dokumente und Einstellungen\Me\SI.bin
[2010/04/11 07:02:51 | 000,022,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2010/04/11 07:02:51 | 000,022,328 | ---- | C] () -- C:\Dokumente und Einstellungen\Me\Anwendungsdaten\PnkBstrK.sys
[2010/04/11 07:02:36 | 000,669,184 | ---- | C] () -- C:\WINDOWS\System32\pbsvc.exe
[2010/04/11 07:02:36 | 000,103,736 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2010/04/11 07:02:36 | 000,066,872 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2010/01/26 22:09:02 | 000,053,299 | ---- | C] () -- C:\WINDOWS\System32\pthreadVC.dll
[2009/12/16 11:48:12 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll
[2009/12/16 11:48:12 | 000,036,608 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys
[2009/12/16 11:48:03 | 000,002,528 | ---- | C] () -- C:\Dokumente und Einstellungen\Me\Anwendungsdaten\$_hpcst$.hpc
[2009/10/09 16:53:18 | 000,054,272 | ---- | C] () -- C:\WINDOWS\msnsmgr.exe
[2009/09/30 12:54:10 | 000,000,230 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2009/08/15 04:40:31 | 000,069,632 | R--- | C] () -- C:\WINDOWS\System32\xmltok.dll
[2009/08/15 04:40:31 | 000,036,864 | R--- | C] () -- C:\WINDOWS\System32\xmlparse.dll
[2009/08/14 11:27:05 | 000,000,139 | ---- | C] () -- C:\Dokumente und Einstellungen\amiina\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2008/10/17 08:54:45 | 000,000,023 | ---- | C] () -- C:\WINDOWS\BlendSettings.ini
[2008/10/07 03:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll
[2008/10/07 03:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll
[2008/10/07 03:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll
[2008/10/07 03:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll
[2008/10/07 03:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll
[2008/10/07 03:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll
[2008/10/07 03:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll
[2008/10/07 03:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll
[2008/10/07 03:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll
[2008/10/06 04:21:33 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\SI.bin
[2008/09/24 09:45:59 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2008/09/13 12:27:30 | 000,000,221 | ---- | C] () -- C:\WINDOWS\NCLogConfig.ini
[2008/07/18 14:58:40 | 000,003,832 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2008/07/12 10:57:23 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Irremote.ini
[2008/07/11 07:19:48 | 000,001,024 | ---- | C] () -- C:\Dokumente und Einstellungen\Me\.rnd
[2008/05/23 06:41:20 | 000,000,138 | ---- | C] () -- C:\Dokumente und Einstellungen\Amina\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2008/02/19 12:21:15 | 000,000,125 | -HS- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\.zreglib
[2008/01/30 06:51:21 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\apache.dll
[2008/01/09 15:36:06 | 000,000,117 | ---- | C] () -- C:\Dokumente und Einstellungen\Me\Anwendungsdaten\gnuplot_history
[2008/01/03 05:26:20 | 000,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat
[2007/12/06 13:54:31 | 000,000,227 | ---- | C] () -- C:\WINDOWS\HP_CounterReport_Update_HPSU.ini
[2007/12/06 13:54:24 | 000,000,214 | ---- | C] () -- C:\WINDOWS\HP_48BitScanUpdatePatch.ini
[2007/12/06 13:46:36 | 000,000,234 | ---- | C] () -- C:\WINDOWS\PrnHlpLogConfig.ini
[2007/12/06 13:46:06 | 000,000,214 | ---- | C] () -- C:\WINDOWS\HP_InstantSHareJPG.ini
[2007/12/06 13:39:58 | 000,000,217 | ---- | C] () -- C:\WINDOWS\HP_IZClosingDiscErrorPatch.ini
[2007/12/06 13:38:55 | 000,000,221 | ---- | C] () -- C:\WINDOWS\HP_RedboxHprblog_HPSU.ini
[2007/11/29 08:23:44 | 000,000,025 | ---- | C] () -- C:\WINDOWS\SW_Win2000X24.DLL
[2007/11/29 08:22:58 | 000,001,666 | ---- | C] () -- C:\WINDOWS\CITP_SearchHistory.INI
[2007/11/09 10:43:48 | 000,053,760 | ---- | C] () -- C:\WINDOWS\System32\drivers\SSHDRV76.sys
[2007/10/25 12:26:10 | 000,005,504 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2007/10/15 09:01:37 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\redmonnt.dll
[2007/10/15 09:01:37 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\unredmon.exe
[2007/10/15 08:54:17 | 000,000,043 | ---- | C] () -- C:\WINDOWS\gswin32.ini
[2007/10/09 11:43:15 | 000,000,200 | ---- | C] () -- C:\Dokumente und Einstellungen\Me\maxout.gnuplot
[2007/10/06 11:12:15 | 000,000,135 | ---- | C] () -- C:\Dokumente und Einstellungen\Me\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2007/10/06 04:35:48 | 000,113,091 | ---- | C] () -- C:\WINDOWS\hpoins07.dat
[2007/10/06 04:35:47 | 000,021,124 | ---- | C] () -- C:\WINDOWS\hpomdl07.dat
[2007/10/05 14:07:29 | 000,118,272 | ---- | C] () -- C:\Dokumente und Einstellungen\Me\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/10/04 22:12:46 | 000,004,328 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2007/10/04 22:12:00 | 000,196,160 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2007/10/04 16:38:31 | 000,281,760 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2007/10/04 16:38:31 | 000,025,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2007/10/04 16:37:07 | 000,001,261 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2007/10/04 16:22:46 | 000,593,920 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2007/10/04 16:14:21 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2007/10/04 16:06:34 | 000,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2007/10/04 15:52:52 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\SUSBKey.dll
[2007/10/04 15:52:52 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\ginamsi.dll
[2007/10/04 15:51:11 | 000,217,088 | ---- | C] () -- C:\WINDOWS\NVGfxOgl.dll
[2007/10/04 15:48:43 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2007/10/04 15:48:23 | 000,143,360 | R--- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll
[2007/10/04 15:48:19 | 000,000,164 | R--- | C] () -- C:\WINDOWS\avrack.ini
[2007/10/04 15:25:48 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2007/10/04 15:22:28 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2007/08/21 21:35:20 | 003,107,788 | ---- | C] () -- C:\WINDOWS\System32\ativvaxx.dat
[2007/08/14 17:11:53 | 000,243,168 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2007/06/28 13:54:10 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2007/06/28 13:52:18 | 000,765,952 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2005/10/15 09:25:20 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\myodbc3i.exe
[2005/10/15 09:25:20 | 000,011,776 | ---- | C] () -- C:\WINDOWS\System32\myodbc3m.exe
[2004/08/02 08:20:40 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2001/08/23 09:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2001/08/23 09:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2001/08/18 08:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2001/08/18 08:00:00 | 000,502,756 | ---- | C] () -- C:\WINDOWS\System32\perfh007.dat
[2001/08/18 08:00:00 | 000,481,450 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2001/08/18 08:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2001/08/18 08:00:00 | 000,269,480 | ---- | C] () -- C:\WINDOWS\System32\perfi007.dat
[2001/08/18 08:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2001/08/18 08:00:00 | 000,095,094 | ---- | C] () -- C:\WINDOWS\System32\perfc007.dat
[2001/08/18 08:00:00 | 000,079,524 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2001/08/18 08:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2001/08/18 08:00:00 | 000,034,478 | ---- | C] () -- C:\WINDOWS\System32\perfd007.dat
[2001/08/18 08:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2001/08/18 08:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2001/08/18 08:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2001/07/06 09:30:00 | 000,003,254 | ---- | C] () -- C:\WINDOWS\System32\HPTCPMON.INI
[1996/04/03 15:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys
 
========== LOP Check ==========
 
[2010/04/08 15:22:15 | 000,000,000 | ---D | M] -- C:\WINDOWS\system32\config\systemprofile\Anwendungsdaten\Application Updater
[2009/08/26 06:37:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\amiina\Anwendungsdaten\Dealio
[2011/06/13 13:37:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\amiina\Anwendungsdaten\Fighters
[2010/07/19 03:27:09 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\amiina\Anwendungsdaten\Search Settings
[2009/08/14 11:27:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\amiina\Anwendungsdaten\Skinux
[2009/08/14 11:27:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\amiina\Anwendungsdaten\SPAMfighter
[2010/07/19 03:27:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\amiina\Anwendungsdaten\YouTube Downloader
[2008/05/23 06:41:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Amina\Anwendungsdaten\SPAMfighter
[2012/02/08 13:28:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\Fighters
[2010/09/23 04:37:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Me\Anwendungsdaten\2K Games
[2011/07/06 16:38:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Me\Anwendungsdaten\Acoustica
[2011/02/01 11:55:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Me\Anwendungsdaten\AnvSoft
[2012/06/24 07:20:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Me\Anwendungsdaten\Audacity
[2011/02/01 14:22:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Me\Anwendungsdaten\avidemux
[2011/12/21 16:03:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Me\Anwendungsdaten\Canneverbe Limited
[2011/08/04 14:07:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Me\Anwendungsdaten\Command & Conquer 3 Kanes Rache
[2011/07/05 11:00:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Me\Anwendungsdaten\Command & Conquer 3 Tiberium Wars
[2011/11/08 05:17:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Me\Anwendungsdaten\DAEMON Tools Lite
[2012/04/29 15:51:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Me\Anwendungsdaten\DDMSettings
[2009/08/24 08:03:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Me\Anwendungsdaten\Dealio
[2010/07/24 13:10:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Me\Anwendungsdaten\DVDVideoSoftIEHelpers
[2010/03/29 15:10:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Me\Anwendungsdaten\Facebook
[2012/02/08 13:29:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Me\Anwendungsdaten\Fighters
[2007/11/25 07:50:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Me\Anwendungsdaten\GetRightToGo
[2009/06/20 06:32:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Me\Anwendungsdaten\GitarreroSoftware
[2011/11/14 16:40:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Me\Anwendungsdaten\gtk-2.0
[2012/07/24 10:02:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Me\Anwendungsdaten\ICQ
[2008/02/13 17:32:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Me\Anwendungsdaten\ICQ Toolbar
[2011/06/23 10:10:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Me\Anwendungsdaten\Imperium Romanum
[2008/09/26 10:30:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Me\Anwendungsdaten\JGoodies
[2008/03/08 13:49:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Me\Anwendungsdaten\Leadertech
[2011/02/01 15:44:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Me\Anwendungsdaten\MOVAVI
[2009/12/16 12:09:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Me\Anwendungsdaten\PC Suite
[2011/04/30 06:44:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Me\Anwendungsdaten\PriceGong
[2011/07/06 13:26:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Me\Anwendungsdaten\REAPER
[2012/02/06 15:10:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Me\Anwendungsdaten\Red Alert 3
[2008/02/19 12:19:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Me\Anwendungsdaten\RipIt4Me
[2012/01/02 15:08:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Me\Anwendungsdaten\Samsung
[2010/04/08 15:31:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Me\Anwendungsdaten\Search Settings
[2011/02/24 06:40:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Me\Anwendungsdaten\SearchmeToolbar
[2010/10/03 06:12:33 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Me\Anwendungsdaten\Shareaza
[2008/01/02 05:36:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Me\Anwendungsdaten\Silver Style Entertainment
[2009/05/21 05:06:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Me\Anwendungsdaten\Skinux
[2009/09/03 09:53:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Me\Anwendungsdaten\Smart S.T.A.L.K.E.R. Mod Manager
[2011/07/06 16:38:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Me\Anwendungsdaten\SynthMaker
[2007/12/18 04:34:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Me\Anwendungsdaten\Teleca
[2012/06/14 11:14:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Me\Anwendungsdaten\temp
[2008/01/21 08:31:57 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Me\Anwendungsdaten\TuneUp Software
[2010/01/30 07:33:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Me\Anwendungsdaten\Ubisoft
[2009/02/04 11:52:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Me\Anwendungsdaten\uTorrent
[2012/01/29 07:40:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Me\Anwendungsdaten\XMedia Recode
[2010/04/08 15:31:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Me\Anwendungsdaten\YouTube Downloader
[2012/02/26 10:02:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\3DMGAME
[2011/07/06 16:33:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Acoustica
[2007/11/02 12:10:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Age of Empires 3 YPack Trial
[2010/03/11 06:59:32 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Alwil Software
[2009/02/15 06:29:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Ashampoo
[2010/07/19 08:31:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\BioWare
[2011/12/21 16:03:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Canneverbe Limited
[2009/10/11 09:24:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DAEMON Tools Lite
[2010/11/14 10:32:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\EA Core
[2009/06/19 09:01:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\EA Logs
[2012/03/26 05:28:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Electronic Arts
[2012/02/08 13:28:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Fighters
[2011/11/07 07:06:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Funcom
[2010/07/24 12:06:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ICQ
[2011/12/18 06:58:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\LightScribe
[2009/09/01 09:02:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Messenger Plus!
[2011/10/31 03:31:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Native Instruments
[2009/12/16 12:09:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PC Suite
[2012/06/21 09:27:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\REVOLT
[2012/01/02 15:01:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Samsung
[2008/02/19 13:23:08 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SlySoft
[2011/10/29 07:12:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Soluto
[2011/07/06 14:44:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Sonoma Wire Works
[2008/01/21 08:31:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TuneUp Software
[2007/10/05 15:02:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\WinZip
[2012/04/22 04:59:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\YouTube Downloader
[2012/06/24 14:09:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\YTD YouTube Downloader & Converter
[2011/10/31 03:36:43 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{1CEDDDD4-56D2-463F-BC4E-C5DFFD3533C9}
[2011/10/31 03:33:12 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{5A23829C-A66E-47B0-AD50-21A3FFE6C325}
[2011/10/31 03:31:41 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{C78336EC-F2EB-4640-99A4-DFE96581B90B}
[2011/10/31 03:33:53 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{CB28D9D3-6B5D-4AFA-BA37-B4AFAAAF71B9}
[2011/10/31 03:32:30 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{DCC412E7-393B-4016-91FB-9307F059AFB6}
[2012/07/26 04:17:59 | 000,000,486 | ---- | M] () -- C:\WINDOWS\Tasks\1-Klick-Wartung.job
[2012/07/26 04:18:01 | 000,000,310 | -H-- | M] () -- C:\WINDOWS\Tasks\avast! Emergency Update.job
 
========== Purity Check ==========
 
 
< End of report >

t'john · 26.07.2012, 16:21

Fixen mit OTLpe

Starte den unbootbaren Computer erneut mit der OTLPE-CD,
warte bis der Reatogo-X-Pe-Desktop erscheint und doppelklicke das OTLPE-Icon.

Kopiere folgendes Skript in das Textfeld unterhalb von Custom Scans/Fixes:
Sollte das mangels Internet-Verbindung nicht möglich sein,
kopiere den Text aus der folgenden Code-Box und speichere ihn als Fix.txt auf einen USB-Stick.
Schließe den USB-Stick an den Computer an und öffne Fix.txt mit dem Explorer auf dem Reatogo-Desktop.
Kopiere den Inhalt von Fix.txt in das Textfeld unterhalb von Custom Scans/Fixes:

Code:

ATTFilter

:Processes
killallprocesses

:OTL
SRV - File not found [On_Demand] -- -- (getPlusHelper) getPlus(R) 
SRV - [2010/03/04 17:38:00 | 000,071,096 | ---- | M] () [Auto] -- C:\Programme\CDBurnerXP\NMSAccessU.exe -- (NMSAccess) 
SRV - [2010/02/19 13:43:34 | 000,380,928 | ---- | M] (Spigot, Inc.) [Auto] -- C:\Programme\Application Updater\ApplicationUpdater.exe -- (Application Updater) 
DRV - File not found [Kernel | On_Demand] -- -- (zlportio) 
DRV - File not found [Kernel | On_Demand] -- -- (WDICA) 
DRV - File not found [Kernel | On_Demand] -- -- (w810obex) 
DRV - File not found [Kernel | On_Demand] -- -- (w810mgmt) Sony Ericsson W810 USB WMC Device Management Drivers (WDM) 
DRV - File not found [Kernel | On_Demand] -- -- (w810mdm) 
DRV - File not found [Kernel | On_Demand] -- -- (w810mdfl) 
DRV - File not found [Kernel | On_Demand] -- -- (w810bus) Sony Ericsson W810 Driver driver (WDM) 
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME) 
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI) 
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME) 
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP) 
DRV - File not found [Kernel | System] -- -- (PCIDump) 
DRV - File not found [Kernel | On_Demand] -- -- (MaplomL) 
DRV - File not found [Kernel | On_Demand] -- -- (Maplom) 
DRV - File not found [File_System | On_Demand] -- -- (MagixASIODrv) 
DRV - File not found [Kernel | System] -- -- (lbrtfdc) 
DRV - File not found [Kernel | System] -- -- (i2omgmt) 
DRV - File not found [Kernel | On_Demand] -- -- (GMSIPCI) 
DRV - File not found [Kernel | System] -- -- (Changer) 
IE - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 
IE - HKU\amiina_ON_C\..\URLSearchHook: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Programme\YouTube Downloader Toolbar\SearchSettings.dll (Spigot, Inc.) 
IE - HKU\amiina_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 
IE - HKU\Amina_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 
IE - HKU\LocalService_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 
IE - HKU\Me_ON_C\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie 
IE - HKU\Me_ON_C\..\URLSearchHook: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Programme\YouTube Downloader Toolbar\SearchSettings.dll (Spigot, Inc.) 
IE - HKU\Me_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 
IE - HKU\NetworkService_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 
IE - HKU\systemprofile_ON_C\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 
FF - prefs.js..extensions.enabledItems: youtubedownloader@mybrowserbar.com:1.0 
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0 
FF - HKLM\Software\MozillaPlugins\@anti-leech.com/Anti-Leech Plugin,version=1.0.2.3: File not found 
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Content Upload Plugin,version=1.0.0: File not found 
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: File not found 
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) 
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.) 
FF - HKCU\Software\MozillaPlugins\@adobe.com/FlashPlayer: File not found 
File not found (No name found) -- 
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. 
O2 - BHO: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Programme\YouTube Downloader Toolbar\SearchSettings.dll (Spigot, Inc.) 
O2 - BHO: (YouTube Downloader Toolbar) - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Programme\YouTube Downloader Toolbar\IE\1.0\youtubedownloaderToolbarIE.dll (Spigot, Inc.) 
O3 - HKLM\..\Toolbar: (YouTube Downloader Toolbar) - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Programme\YouTube Downloader Toolbar\IE\1.0\youtubedownloaderToolbarIE.dll (Spigot, Inc.) 
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. 
O3 - HKU\Me_ON_C\..\Toolbar\WebBrowser: (no name) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - No CLSID value found. 
O3 - HKU\Me_ON_C\..\Toolbar\WebBrowser: (no name) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No CLSID value found. 
O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe () 
O4 - HKLM..\Run: [UnlockerAssistant] C:\Programme\Unlocker\UnlockerAssistant.exe () 
O4 - HKU\Me_ON_C..\Run: [KiesPDLR] C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe () 
O4 - HKU\Amina_ON_C..\RunOnce: [NeroHomeFirstStart] File not found 
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\CoreCenter.lnk = C:\Programme\MSI\Core Center\CoreCenter.exe () 
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\HP Image Zone Schnellstart.lnk = C:\Programme\HP\Digital Imaging\bin\hpqthb08.exe (Hewlett-Packard Co.) 
O4 - Startup: C:\Dokumente und Einstellungen\Me\Startmenü\Programme\Autostart\ctfmon.lnk = X:\I386\SYSTEM32\RUNDLL32.EXE (Microsoft Corporation) 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1 
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 
O7 - HKU\amiina_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 
O7 - HKU\Amina_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 
O7 - HKU\Me_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 
O7 - HKU\systemprofile_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 
O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab (Reg Error: Key error.) 
O16 - DPF: {CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_05-windows-i586.cab (Reg Error: Key error.) 
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Reg Error: Key error.) 
O20 - HKLM Winlogon: UserInit - (C:\Programme\Soluto\soluto.exe /userinit) - File not found 
O20 - HKLM Winlogon: GinaDLL - (ginamsi.dll) - C:\WINDOWS\System32\ginamsi.dll () 
O32 - HKLM CDRom: AutoRun - 1 
O32 - AutoRun File - [2007/10/04 15:24:30 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] 
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ] 
O33 - MountPoints2\{22767298-df21-11dc-ab48-0019db2058e2}\Shell - "" = AutoRun 
O33 - MountPoints2\{22767298-df21-11dc-ab48-0019db2058e2}\Shell\AutoRun - "" = Auto&Play 
O33 - MountPoints2\{22767298-df21-11dc-ab48-0019db2058e2}\Shell\AutoRun\command - "" = G:\Autorun.exe 
O34 - HKLM BootExecute: (autocheck autochk *) - File not found 
[14 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] 

[2012/07/26 04:18:46 | 004,503,728 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\z7_0ytr.pad 
[2012/07/26 04:18:07 | 000,000,264 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-343818398-1292428093-725345543-1003.job 
[2012/07/26 04:18:01 | 000,000,310 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job 
[2012/07/26 04:18:00 | 000,001,086 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job 
[2012/07/26 04:17:59 | 000,000,486 | ---- | M] () -- C:\WINDOWS\tasks\1-Klick-Wartung.job 
[2012/07/26 03:53:15 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job 
[2012/07/26 03:41:06 | 000,001,602 | ---- | M] () -- C:\Dokumente und Einstellungen\Me\Startmenü\Programme\Autostart\ctfmon.lnk 
[2012/07/26 03:22:00 | 000,001,090 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job 
[2012/07/25 06:24:10 | 000,000,272 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-343818398-1292428093-725345543-1003.job 

:Files

ipconfig /flushdns /c
:Commands
[purity]
[emptytemp]
[emptyflash]
[resethosts]
[emptyjava]

Schließe alle Programme.
Klicke auf den Fix Button.
Klick auf .
Kopiere den Inhalt hier in Code-Tags in Deinen Thread.
Nachträglich kannst Du das Logfile hier einsehen => C:\OTLpe\MovedFiles\<datum_nummer.log>
Teste, ob den Computer nun wieder in den normalen Windows-Modus booten kannst und berichte.

Släsh · 27.07.2012, 15:37

Vielen Dank fuer die Antwort!

Das Programm friert aber leider jedes mal bei folgender Zeile ein:

IE - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

Ich hoffe du kannst mir da weiterhelfen

t'john · 27.07.2012, 15:43

Neuer Fix:

Code:

ATTFilter

:OTL
SRV - File not found [On_Demand] -- -- (getPlusHelper) getPlus(R) 
SRV - [2010/03/04 17:38:00 | 000,071,096 | ---- | M] () [Auto] -- C:\Programme\CDBurnerXP\NMSAccessU.exe -- (NMSAccess) 
SRV - [2010/02/19 13:43:34 | 000,380,928 | ---- | M] (Spigot, Inc.) [Auto] -- C:\Programme\Application Updater\ApplicationUpdater.exe -- (Application Updater) 
DRV - File not found [Kernel | On_Demand] -- -- (zlportio) 
DRV - File not found [Kernel | On_Demand] -- -- (WDICA) 
DRV - File not found [Kernel | On_Demand] -- -- (w810obex) 
DRV - File not found [Kernel | On_Demand] -- -- (w810mgmt) Sony Ericsson W810 USB WMC Device Management Drivers (WDM) 
DRV - File not found [Kernel | On_Demand] -- -- (w810mdm) 
DRV - File not found [Kernel | On_Demand] -- -- (w810mdfl) 
DRV - File not found [Kernel | On_Demand] -- -- (w810bus) Sony Ericsson W810 Driver driver (WDM) 
DRV - File not found [Kernel | On_Demand] -- -- (PDRFRAME) 
DRV - File not found [Kernel | On_Demand] -- -- (PDRELI) 
DRV - File not found [Kernel | On_Demand] -- -- (PDFRAME) 
DRV - File not found [Kernel | On_Demand] -- -- (PDCOMP) 
DRV - File not found [Kernel | System] -- -- (PCIDump) 
DRV - File not found [Kernel | On_Demand] -- -- (MaplomL) 
DRV - File not found [Kernel | On_Demand] -- -- (Maplom) 
DRV - File not found [File_System | On_Demand] -- -- (MagixASIODrv) 
DRV - File not found [Kernel | System] -- -- (lbrtfdc) 
DRV - File not found [Kernel | System] -- -- (i2omgmt) 
DRV - File not found [Kernel | On_Demand] -- -- (GMSIPCI) 
DRV - File not found [Kernel | System] -- -- (Changer) 
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. 
O2 - BHO: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Programme\YouTube Downloader Toolbar\SearchSettings.dll (Spigot, Inc.) 
O2 - BHO: (YouTube Downloader Toolbar) - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Programme\YouTube Downloader Toolbar\IE\1.0\youtubedownloaderToolbarIE.dll (Spigot, Inc.) 
O3 - HKLM\..\Toolbar: (YouTube Downloader Toolbar) - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Programme\YouTube Downloader Toolbar\IE\1.0\youtubedownloaderToolbarIE.dll (Spigot, Inc.) 
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. 
O3 - HKU\Me_ON_C\..\Toolbar\WebBrowser: (no name) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - No CLSID value found. 
O3 - HKU\Me_ON_C\..\Toolbar\WebBrowser: (no name) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No CLSID value found. 
O4 - HKU\Amina_ON_C..\RunOnce: [NeroHomeFirstStart] File not found 

O4 - Startup: C:\Dokumente und Einstellungen\Me\Startmenü\Programme\Autostart\ctfmon.lnk = X:\I386\SYSTEM32\RUNDLL32.EXE (Microsoft Corporation) 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1 
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 
O7 - HKU\amiina_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 
O7 - HKU\Amina_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 
O7 - HKU\LocalService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 
O7 - HKU\Me_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 
O7 - HKU\NetworkService_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 
O7 - HKU\systemprofile_ON_C\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 
O16 - DPF: {31435657-9980-0010-8000-00AA00389B71} http://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab (Reg Error: Key error.) 
O16 - DPF: {CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_05-windows-i586.cab (Reg Error: Key error.) 
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Reg Error: Key error.) 
O20 - HKLM Winlogon: UserInit - (C:\Programme\Soluto\soluto.exe /userinit) - File not found 
O20 - HKLM Winlogon: GinaDLL - (ginamsi.dll) - C:\WINDOWS\System32\ginamsi.dll () 
O32 - HKLM CDRom: AutoRun - 1 
O32 - AutoRun File - [2007/10/04 15:24:30 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] 
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ] 
O33 - MountPoints2\{22767298-df21-11dc-ab48-0019db2058e2}\Shell - "" = AutoRun 
O33 - MountPoints2\{22767298-df21-11dc-ab48-0019db2058e2}\Shell\AutoRun - "" = Auto&Play 
O33 - MountPoints2\{22767298-df21-11dc-ab48-0019db2058e2}\Shell\AutoRun\command - "" = G:\Autorun.exe 
O34 - HKLM BootExecute: (autocheck autochk *) - File not found 
[14 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] 

[2012/07/26 04:18:46 | 004,503,728 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\z7_0ytr.pad 
[2012/07/26 04:18:07 | 000,000,264 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-343818398-1292428093-725345543-1003.job 
[2012/07/26 04:18:01 | 000,000,310 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job 
[2012/07/26 04:18:00 | 000,001,086 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job 
[2012/07/26 04:17:59 | 000,000,486 | ---- | M] () -- C:\WINDOWS\tasks\1-Klick-Wartung.job 
[2012/07/26 03:53:15 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job 
[2012/07/26 03:41:06 | 000,001,602 | ---- | M] () -- C:\Dokumente und Einstellungen\Me\Startmenü\Programme\Autostart\ctfmon.lnk 
[2012/07/26 03:22:00 | 000,001,090 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job 
[2012/07/25 06:24:10 | 000,000,272 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-343818398-1292428093-725345543-1003.job 

:Files

ipconfig /flushdns /c
:Commands
[purity]
[emptytemp]
[emptyflash]
[resethosts]
[emptyjava]

t'john · 14.08.2012, 04:52

Fehlende Rückmeldung

Gibt es Probleme beim Abarbeiten obiger Anleitung?

Um Kapazitäten für andere Hilfesuchende freizumachen, lösche ich dieses Thema aus meinen Benachrichtigungen.

Solltest Du weitermachen wollen, schreibe mir eine PN oder eröffne ein neues Thema.
http://www.trojaner-board.de/69886-a...-beachten.html

Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner sauber ist.

Cybercrime Investigation Department Virus/Malware

Log-Analyse und Auswertung: Cybercrime Investigation Department Virus/Malware