| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: 100 Tan TrojanerWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
28.09.2010, 15:27
| #1 |
 |  100 Tan Trojaner Hallo! Ich habe mich hier angemeldet, da ich dringend Hilfe benötige. Ich habe mir den sogenannten 100-Tan Trojaner eingefangen. Beschreibung hier: hxxp://www.datensicherheit.de/aktuelles/100-tan-trojaner-bedroht-online-banking-10815 Genau so ist es bei mir, nach dem einloggen in mein Deutsche-Bank Konto, öffnet sich das Fenster welches mich zur Eingabe all meiner Tans auffordert. Das zudem in schlechtem Deutsch. Schließen lässt sich das Fenster nicht, es hilft nur das Browserfenster ganz zu schließen. Natürlich habe ich sofort meine Bank angerufen und Tanliste und Pin sperren lassen. Aber jetzt muss ich den Trojaner ja wieder loswerden. Ich habe Windows Vista installiert (und immer aktualisiert) und benutze den McAfee Virusscanner, auch auf dem aktuellsten Stand. Zudem habe ich Spybot S&D drüberlaufen lassen, der hat auch ein bisschen was gefunden und gelöscht, das Problem besteht aber weiterhin. Dummerweise habe ich nicht viel Ahnung von Computern, also ich bin eine reine Nutzerin, kann auch ein bisschen Html, aber was wirklich drinsteckt, keine Ahnung! Und wie ich den Trojaner loswerden kann, weiß ich noch weniger, ich habe schon rumgefragt und wie eine Irre gegoogelt, aber außer der Warnung nichts gefunden. Dabei ist die schon vom März, da müsste es doch mittlerweile ein "Gegenmittel" geben, oder? Ich habe OTL drüber laufen lassen und diese Meldung bekommen:OTL Logfile: Code:
ATTFilter OTL logfile created on: 27.09.2010 22:35:39 - Run 1
OTL by OldTimer - Version 3.2.14.1 Folder = C:\Users\Alex\Downloads
Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6001.18000)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 40,00% Memory free
6,00 Gb Paging File | 4,00 Gb Available in Paging File | 67,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 289,59 Gb Total Space | 62,48 Gb Free Space | 21,57% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
Drive E: | 7,80 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
Drive I: | 931,28 Gb Total Space | 407,51 Gb Free Space | 43,76% Space Free | Partition Type: FAT32
Computer Name: ALEX-PC
Current User Name: Alex
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 60 Days
Output = Minimal
========== Processes (SafeList) ==========
PRC - C:\Users\Alex\Downloads\OTL(2).exe (OldTimer Tools)
PRC - C:\Users\Alex\Downloads\stinger10101056.exe ()
PRC - C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files\AVG\AVG8\avgcsrvx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG8\avgrsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG8\avgnsx.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG8\avgemc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\AVG\AVG8\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)
PRC - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe ()
PRC - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
PRC - C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
PRC - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe (Avira GmbH)
PRC - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe (Avira GmbH)
PRC - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe (Avira GmbH)
PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
PRC - C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Windows\System32\agrsmsvc.exe (Agere Systems)
PRC - C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Program Files\HP\HP Officejet Pro K550 Series\Toolbox\HPWUTBX.exe (Hewlett-Packard Company)
========== Modules (SafeList) ==========
MOD - C:\Users\Alex\Downloads\OTL(2).exe (OldTimer Tools)
MOD - C:\Windows\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
MOD - C:\Windows\System32\msscript.ocx (Microsoft Corporation)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18000_none_5cdbaa5a083979cc\comctl32.dll (Microsoft Corporation)
========== Win32 Services (SafeList) ==========
SRV - (DAUpdaterSvc) -- C:\Program Files\Dragon Age\bin_ship\DAUpdaterSvc.Service.exe File not found
SRV - (TeamViewer5) -- C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (WPFFontCache_v0400) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (avg8emc) -- C:\Program Files\AVG\AVG8\avgemc.exe (AVG Technologies CZ, s.r.o.)
SRV - (avg8wd) -- C:\Program Files\AVG\AVG8\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (Fabs) -- C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)
SRV - (OMSI download service) -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe ()
SRV - (Nero BackItUp Scheduler 4.0) -- C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
SRV - (AntiVirScheduler) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe (Avira GmbH)
SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe (Avira GmbH)
SRV - (FirebirdServerMAGIXInstance) -- C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe (MAGIX®)
SRV - (IAANTMON) Intel(R) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation)
SRV - (AgereModemAudio) -- C:\Windows\System32\agrsmsvc.exe (Agere Systems)
SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV - (SANDRA) -- C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2009.SP1\WNt500x86\Sandra.sys File not found
DRV - (NwlnkFwd) -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- C:\Windows\System32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- C:\Windows\System32\DRIVERS\ipinip.sys File not found
DRV - (cpuz132) -- C:\Users\Alex\AppData\Local\Temp\cpuz132\cpuz132_x32.sys File not found
DRV - (seehcri) -- C:\Windows\System32\drivers\seehcri.sys (Sony Ericsson Mobile Communications)
DRV - (ggsemc) -- C:\Windows\System32\drivers\ggsemc.sys (Sony Ericsson Mobile Communications)
DRV - (ggflt) -- C:\Windows\System32\drivers\ggflt.sys (Sony Ericsson Mobile Communications)
DRV - (AvgLdx86) -- C:\Windows\System32\Drivers\avgldx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (AvgMfx86) -- C:\Windows\System32\Drivers\avgmfx86.sys (AVG Technologies CZ, s.r.o.)
DRV - (atksgt) -- C:\Windows\System32\drivers\atksgt.sys ()
DRV - (lirsgt) -- C:\Windows\System32\drivers\lirsgt.sys ()
DRV - (AvgTdiX) -- C:\Windows\System32\Drivers\avgtdix.sys (AVG Technologies CZ, s.r.o.)
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys (Avira GmbH)
DRV - (avgio) -- C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys (Avira GmbH)
DRV - (s1018mdm) -- C:\Windows\System32\drivers\s1018mdm.sys (MCCI Corporation)
DRV - (s1018unic) Sony Ericsson Device 1018 USB Ethernet Emulation (WDM) -- C:\Windows\System32\drivers\s1018unic.sys (MCCI Corporation)
DRV - (s1018mgmt) Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM) -- C:\Windows\System32\drivers\s1018mgmt.sys (MCCI Corporation)
DRV - (s1018obex) -- C:\Windows\System32\drivers\s1018obex.sys (MCCI Corporation)
DRV - (s1018bus) Sony Ericsson Device 1018 driver (WDM) -- C:\Windows\System32\drivers\s1018bus.sys (MCCI Corporation)
DRV - (s1018nd5) Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS) -- C:\Windows\System32\drivers\s1018nd5.sys (MCCI Corporation)
DRV - (s1018mdfl) -- C:\Windows\System32\drivers\s1018mdfl.sys (MCCI Corporation)
DRV - (hamachi) -- C:\Windows\System32\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys ()
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (NVHDA) -- C:\Windows\System32\drivers\nvhda32v.sys (NVIDIA Corporation)
DRV - (RTSTOR) -- C:\Windows\System32\drivers\RTSTOR.sys (Realtek Semiconductor Corp.)
DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation )
DRV - (NETw5v32) Intel(R) -- C:\Windows\System32\drivers\NETw5v32.sys (Intel Corporation)
DRV - (iaStor) -- C:\Windows\system32\DRIVERS\iaStor.sys (Intel Corporation)
DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\Windows\System32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.)
DRV - (WSVD) -- C:\Windows\System32\drivers\WSVD.sys (CyberLink)
DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (Agere Systems)
DRV - (MegaSR) -- C:\Windows\system32\drivers\megasr.sys (LSI Corporation, Inc.)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Corporation)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (E1G60) Intel(R) -- C:\Windows\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (SynTP) -- C:\Windows\System32\drivers\SynTP.sys (Synaptics, Inc.)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (AVIRA GmbH)
DRV - (btwaudio) -- C:\Windows\System32\drivers\btwaudio.sys (Broadcom Corporation.)
DRV - (btwrchid) -- C:\Windows\System32\drivers\btwrchid.sys (Broadcom Corporation.)
DRV - (btwavdt) -- C:\Windows\System32\drivers\btwavdt.sys (Broadcom Corporation.)
DRV - (WimFltr) -- C:\Windows\System32\drivers\WimFltr.sys (Microsoft Corporation)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.lge.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2702442678-3415068308-4257273461-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.lge.com
IE - HKU\S-1-5-21-2702442678-3415068308-4257273461-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKU\S-1-5-21-2702442678-3415068308-4257273461-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.daemon-search.com/startpage
IE - HKU\S-1-5-21-2702442678-3415068308-4257273461-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-2702442678-3415068308-4257273461-1000\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-2702442678-3415068308-4257273461-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2702442678-3415068308-4257273461-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:8.5.0.429
FF - prefs.js..extensions.enabledItems: foxyproxy@eric.h.jung:2.19.1
FF - prefs.js..extensions.enabledItems: {a3b24d40-bac4-11dc-95ff-0800200c9a66}:0.2.2
FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG8\Firefox [2009.12.29 13:28:42 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.04.01 11:53:05 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.19\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.05.14 21:36:48 | 000,000,000 | ---D | M]
[2009.03.19 00:11:14 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\mozilla\Extensions
[2010.09.26 15:02:04 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\mozilla\Firefox\Profiles\5jzetttv.default\extensions
[2009.09.13 12:40:47 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Alex\AppData\Roaming\mozilla\Firefox\Profiles\5jzetttv.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009.06.09 02:29:01 | 000,000,000 | ---D | M] (jDownFF) -- C:\Users\Alex\AppData\Roaming\mozilla\Firefox\Profiles\5jzetttv.default\extensions\{a3b24d40-bac4-11dc-95ff-0800200c9a66}
[2010.05.19 22:56:48 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\mozilla\Firefox\Profiles\5jzetttv.default\extensions\foxyproxy@eric.h.jung
[2009.05.11 20:51:32 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2009.12.21 19:30:30 | 000,001,392 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2009.12.21 19:30:30 | 000,002,344 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-de.xml
[2009.12.21 19:30:30 | 000,006,805 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2009.12.21 19:30:30 | 000,000,986 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2009.12.21 19:30:30 | 000,000,801 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2010.08.01 13:50:44 | 000,000,964 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 static3.cdn.ubi.com
O1 - Hosts: 127.0.0.1 ubisoft-orbit.s3.amazonaws.com
O1 - Hosts: 127.0.0.1 onlineconfigservice.ubi.com
O1 - Hosts: 127.0.0.1 orbitservice.ubi.com
O1 - Hosts: 127.0.0.1 ubisoft-orbit-savegames.s3.amazonaws.com
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll File not found
O3 - HKU\S-1-5-21-2702442678-3415068308-4257273461-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKU\S-1-5-21-2702442678-3415068308-4257273461-1000\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll File not found
O4 - HKLM..\Run: [AVG8_TRAY] C:\Program Files\AVG\AVG8\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [HPWUTOOLBOX] C:\Program Files\HP\HP Officejet Pro K550 Series\Toolbox\HPWUTBX.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [LG Intelligent Update] C:\Program Files\lg_swupdate\giljabistart.exe (BIT LEADER)
O4 - HKLM..\Run: [LG Magnifier] C:\Program Files\LG Software\LG Magnifier\MagnifyingGlass.exe (LG Electronics Inc.)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.DLL (NVIDIA Corporation)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [UCam_Menu] C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-2702442678-3415068308-4257273461-1000..\Run: [{5922F140-477B-367C-3581-9E8A4E0E9892}] C:\Users\Alex\AppData\Roaming\Moqaud\gidux.exe File not found
O4 - HKU\S-1-5-21-2702442678-3415068308-4257273461-1000..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-2702442678-3415068308-4257273461-1000..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKU\S-1-5-21-2702442678-3415068308-4257273461-1000..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O7 - HKU\S-1-5-21-2702442678-3415068308-4257273461-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.)
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe File not found
O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe File not found
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-2702442678-3415068308-4257273461-1000\..Trusted Domains: fritz.repeater ([]* in Lokales Intranet)
O15 - HKU\S-1-5-21-2702442678-3415068308-4257273461-1000\..Trusted Ranges: Range1 ([*] in Lokales Intranet)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab (QuickTime Plugin Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://dl8-cdn-01.sun.com/s/ESD7/JSCDL/jdk/6u12-b04/jinstall-6u12-windows-i586-jc.cab?e=1237055674647&h=49e6986c88dad41bf802c875eb09ed66/&filename=jinstall-6u12-windows-i586-jc.cab (Java Plug-in 1.6.0_12)
O16 - DPF: {C1FDEE68-98D5-4F42-A4DD-D0BECF5077EB} hxxp://tools.ebayimg.com/eps/wl/activex/eBay_Enhanced_Picture_Control_v1-0-27-0.cab (EPUImageControl Class)
O16 - DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab (Java Plug-in 1.6.0_12)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_12-windows-i586.cab (Java Plug-in 1.6.0_12)
O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} hxxp://icq.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab (Oberon Flash Game Host)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL) - C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL File not found
O20 - AppInit_DLLs: (avgrsstx.dll) - C:\Windows\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Alex\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Alex\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2008.11.21 08:38:08 | 000,000,144 | R--- | M] () - E:\Autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2002.10.17 09:56:50 | 000,000,036 | RH-- | M] () - I:\AUTORUN.INF -- [ FAT32 ]
O32 - AutoRun File - [2003.03.21 12:00:56 | 000,000,000 | RH-D | M] - I:\AUTORUN -- [ FAT32 ]
O33 - MountPoints2\{35eaa569-d00e-11dd-9650-001e68a5a781}\Shell\AutoRun\command - "" = E:\FrameworkCheck.exe -- [2008.12.01 10:05:40 | 000,049,152 | R--- | M] ()
O33 - MountPoints2\{536a2a80-4d0f-11de-910e-001e68a5a781}\Shell\AutoRun\command - "" = setup.exe
O33 - MountPoints2\{87d71230-f703-11de-97bd-001e68a5a781}\Shell - "" = AutoRun
O33 - MountPoints2\{87d71230-f703-11de-97bd-001e68a5a781}\Shell\AutoRun\command - "" = G:\Autorun.exe -- File not found
O33 - MountPoints2\{e18773f1-1303-11df-9f8a-000df0563adb}\Shell - "" = AutoRun
O33 - MountPoints2\{e18773f1-1303-11df-9f8a-000df0563adb}\Shell\AutoRun\command - "" = H:\Startme.exe -- File not found
O33 - MountPoints2\{f8622e54-9fb6-11df-b71c-000df0563adb}\Shell - "" = AutoRun
O33 - MountPoints2\{f8622e54-9fb6-11df-b71c-000df0563adb}\Shell\AutoRun\command - "" = H:\Setup.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - File not found
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found
MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe - (Broadcom Corporation.)
MsConfig - StartUpReg: DAEMON Tools Lite - hkey= - key= - C:\Program Files\DAEMON Tools Lite\daemon.exe (DT Soft Ltd)
MsConfig - StartUpReg: DivXUpdate - hkey= - key= - C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
MsConfig - StartUpReg: HP Update 4200C - hkey= - key= - C:\sj655\hpupdate.exe File not found
MsConfig - StartUpReg: ICQ - hkey= - key= - C:\Program Files\ICQ6.5\ICQ.exe (ICQ, LLC.)
MsConfig - StartUpReg: iTunesHelper - hkey= - key= - F:\Programme\I-Tunes\iTunesHelper.exe File not found
MsConfig - StartUpReg: KeybdUtility - hkey= - key= - C:\Program Files\LG Software\LG OSD\HotKey.exe (LG Electronics)
MsConfig - StartUpReg: msnmsgr - hkey= - key= - C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
MsConfig - StartUpReg: Skype - hkey= - key= - C:\Program Files\Skype\Phone\Skype.exe (Skype Technologies S.A.)
MsConfig - StartUpReg: Sony Ericsson PC Suite - hkey= - key= - C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe (Sony Ericsson Mobile Communications AB)
MsConfig - StartUpReg: swg - hkey= - key= - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
MsConfig - StartUpReg: WinampAgent - hkey= - key= - C:\Program Files\Winamp\winampa.exe ()
MsConfig - State: "startup" - 2
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Webordner
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lhacm - C:\Windows\System32\lhacm.acm (Microsoft Corporation)
Drivers32: msacm.siren - C:\Windows\System32\sirenacm.dll (Microsoft Corporation)
Drivers32: msacm.voxacm160 - C:\Windows\System32\vct3216.acm (Voxware, Inc.)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\Windows\System32\ir32_32.dll (Intel(R) Corporation)
Drivers32: vidc.iv32 - C:\Windows\System32\ir32_32.dll (Intel(R) Corporation)
Drivers32: VIDC.MKVC - C:\Windows\System32\KMVIDC32.DLL ()
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 60 Days ==========
[2010.09.23 22:33:24 | 000,000,000 | ---D | C] -- C:\Program Files\Codemasters
[2010.09.23 22:29:53 | 000,000,000 | ---D | C] -- C:\Windows\45235788142C44BE8A4DDDE9A84492E5.TMP
[2010.09.23 20:41:39 | 000,000,000 | ---D | C] -- C:\ProgramData\2DBoy
[2010.09.23 20:40:12 | 000,000,000 | ---D | C] -- C:\Program Files\WorldOfGoo
[2010.09.22 18:49:20 | 000,000,000 | ---D | C] -- C:\Users\Alex\Documents\NinjaBlade
[2010.09.22 18:26:01 | 000,000,000 | ---D | C] -- C:\Program Files\ND Games
[2010.09.21 17:55:33 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\Yrbevy
[2010.09.21 17:55:33 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\Moqaud
[2010.09.19 18:55:29 | 000,000,000 | ---D | C] -- C:\Users\Alex\Desktop\Neuer Ordner (2)
[2010.09.15 16:01:15 | 000,000,000 | ---D | C] -- C:\Users\Alex\Desktop\Neuer Ordner
[2010.09.15 11:36:17 | 000,317,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MP4SDECD.DLL
[2010.09.12 21:41:04 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\LucasArts
[2010.09.12 12:31:59 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Local\storage
[2010.09.12 12:08:01 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_6.dll
[2010.09.12 12:08:01 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_4.dll
[2010.09.12 12:08:00 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_6.dll
[2010.09.12 12:08:00 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_7.dll
[2010.09.04 23:45:53 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent
[2010.09.04 00:23:25 | 000,000,000 | ---D | C] -- C:\Users\Alex\Documents\Games for Windows - LIVE Demos
[2010.09.03 22:12:12 | 000,000,000 | ---D | C] -- C:\Program Files\Warhammer 40000 Dawn of War II - Chaos Rising
[2010.09.01 18:19:27 | 000,000,000 | ---D | C] -- C:\Users\Alex\Documents\Meine Spiele
[2010.09.01 17:54:35 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_39.dll
[2010.09.01 17:54:35 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_39.dll
[2010.09.01 17:54:33 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_39.dll
[2010.09.01 00:09:08 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2010.09.01 00:00:18 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Local\2K Games
[2010.08.31 21:19:30 | 000,000,000 | ---D | C] -- C:\Users\Alex\Documents\Red Alert 3
[2010.08.31 19:44:47 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\Red Alert 3
[2010.08.28 01:03:13 | 000,000,000 | ---D | C] -- C:\Users\Alex\Documents\SpieleEntwicklungsKombinat
[2010.08.28 00:52:28 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\SpieleEntwicklungsKombinat
[2010.08.28 00:52:23 | 000,000,000 | ---D | C] -- C:\ProgramData\SpieleEntwicklungsKombinat
[2010.08.26 18:21:06 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Local\Ironclad Games
[2010.08.26 16:42:47 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\Stardock
[2010.08.26 16:41:39 | 000,000,000 | -H-D | C] -- C:\ProgramData\{6C72D0C5-6D41-4646-A187-62A044E7F55E}
[2010.08.26 16:40:56 | 000,000,000 | ---D | C] -- C:\Program Files\Stardock
[2010.08.26 16:40:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Stardock
[2010.08.26 16:23:48 | 000,000,000 | -H-D | C] -- C:\ProgramData\{6CB64CD5-C014-45A7-88E2-55D8C0DB6489}
[2010.08.26 16:23:48 | 000,000,000 | ---D | C] -- C:\Programme
[2010.08.26 16:23:28 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Local\PackageAware
[2010.08.24 23:23:51 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Local\AliensVsPredator
[2010.08.17 18:52:14 | 000,000,000 | ---D | C] -- C:\Games
[2010.08.15 12:23:18 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2010.08.13 14:10:01 | 000,000,000 | ---D | C] -- C:\Program Files\hp deskjet 940c series
[2010.08.13 14:09:49 | 000,000,000 | ---D | C] -- C:\Program Files\Hewlett-Packard
[2010.08.13 13:44:13 | 000,000,000 | ---D | C] -- C:\Program Files\HP
[2010.08.12 00:14:10 | 000,081,920 | ---- | C] (Radius Inc.) -- C:\Windows\System32\iccvid.dll
[2010.08.12 00:14:05 | 000,380,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2010.08.12 00:14:03 | 000,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2010.08.12 00:14:03 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2010.08.12 00:14:02 | 001,383,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2010.08.12 00:14:02 | 000,458,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2010.08.12 00:14:02 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2010.08.12 00:14:02 | 000,389,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2010.08.12 00:14:02 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2010.08.12 00:14:02 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieencode.dll
[2010.08.12 00:14:02 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2010.08.12 00:13:51 | 003,598,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2010.08.12 00:13:50 | 003,545,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2010.08.12 00:13:46 | 002,036,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2010.08.12 00:13:44 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtutils.dll
[2010.08.06 14:18:48 | 000,000,000 | ---D | C] -- C:\Program Files\Ubisoft
[2010.08.04 15:30:11 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Media Components
[2010.08.04 15:29:43 | 000,348,160 | ---- | C] (eJay AG) -- C:\Windows\System32\eJ_UniDialog.ocx
[2010.08.04 15:29:43 | 000,286,720 | ---- | C] (Ejay AG) -- C:\Windows\System32\EjWaveEditorCtrl.ocx
[2010.08.04 15:29:43 | 000,100,864 | ---- | C] (zwei) -- C:\Windows\System32\eJ_Explorer.ocx
[2010.08.04 15:29:43 | 000,077,824 | ---- | C] (eJay Entertainment GmbH) -- C:\Windows\System32\eJ_Enumerator.dll
[2010.08.04 15:29:42 | 000,236,032 | ---- | C] (Abysmal Software) -- C:\Windows\System32\devil.dll
[2010.08.04 15:29:42 | 000,159,744 | ---- | C] (Dart Communications) -- C:\Windows\System32\DartSock.dll
[2010.08.04 15:29:42 | 000,106,496 | ---- | C] (Dart Communications) -- C:\Windows\System32\DartWeb.dll
[2010.08.04 15:29:41 | 000,036,864 | ---- | C] (eJay) -- C:\Windows\System32\eJayWMExport.dll
[2010.08.04 15:29:35 | 000,000,000 | ---D | C] -- C:\eJay
[2010.08.04 15:29:19 | 000,097,280 | ---- | C] (Common Controls Replacement Project (CCRP)) -- C:\Windows\System32\ccrpbds5.dll
[2010.08.01 13:44:04 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\Ubisoft
[2010.08.01 13:44:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Ubisoft
[2010.02.06 23:15:49 | 000,148,736 | ---- | C] (Avanquest Software) -- C:\ProgramData\hpe4E89.dll
[8 C:\Users\Alex\Desktop\*.tmp files -> C:\Users\Alex\Desktop\*.tmp -> ]
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
========== Files - Modified Within 60 Days ==========
[2010.09.27 22:32:59 | 003,670,016 | -HS- | M] () -- C:\Users\Alex\NTUSER.DAT
[2010.09.27 21:57:00 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.09.27 21:11:23 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.09.27 21:11:22 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.09.27 21:08:59 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.09.27 18:45:10 | 065,362,881 | ---- | M] () -- C:\Windows\System32\drivers\Avg\incavi.avm
[2010.09.27 18:21:00 | 000,001,052 | ---- | M] () -- C:\Windows\tasks\Google Software Updater.job
[2010.09.26 17:41:20 | 000,054,932 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2010.09.26 17:41:20 | 000,054,932 | ---- | M] () -- C:\ProgramData\nvModes.001
[2010.09.26 17:41:14 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.09.25 16:41:59 | 000,247,808 | ---- | M] () -- C:\Users\Alex\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.09.25 00:01:15 | 000,002,033 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2010.09.24 00:07:17 | 000,002,014 | ---- | M] () -- C:\Users\Public\Desktop\Play Rise of the Argonauts.lnk
[2010.09.22 22:24:24 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.09.22 22:23:25 | 3218,288,640 | -HS- | M] () -- C:\hiberfil.sys
[2010.09.16 04:30:45 | 000,524,288 | -HS- | M] () -- C:\Users\Alex\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TMContainer00000000000000000001.regtrans-ms
[2010.09.16 04:30:45 | 000,065,536 | -HS- | M] () -- C:\Users\Alex\NTUSER.DAT{3a539871-6a70-11db-887c-d362bd253390}.TM.blf
[2010.09.16 04:13:23 | 000,000,836 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2010.09.16 04:09:43 | 003,574,303 | -H-- | M] () -- C:\Users\Alex\AppData\Local\IconCache.db
[2010.09.15 16:18:12 | 000,176,230 | ---- | M] () -- C:\Users\Alex\Desktop\iphone3gs_3up.jpg
[2010.09.15 15:00:06 | 002,298,344 | ---- | M] () -- C:\Users\Alex\Desktop\DSC00675.JPG
[2010.09.06 18:02:24 | 001,445,310 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010.09.06 18:02:24 | 000,628,742 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010.09.06 18:02:24 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.09.06 18:02:24 | 000,126,454 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010.09.06 18:02:24 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.09.04 23:45:56 | 000,000,712 | ---- | M] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2010.08.26 14:34:41 | 000,234,381 | ---- | M] () -- C:\Users\Alex\Desktop\Unbenannt.jpg
[2010.08.13 14:25:34 | 000,003,854 | ---- | M] () -- C:\Windows\wsnk.his
[2010.08.13 14:25:34 | 000,001,016 | ---- | M] () -- C:\Windows\wsnk.ini
[2010.08.12 12:44:29 | 000,550,912 | ---- | M] () -- C:\Users\Alex\Documents\Dok1.doc
[2010.08.12 12:37:52 | 000,006,512 | ---- | M] () -- C:\Users\Alex\.recently-used.xbel
[2010.08.12 03:32:30 | 000,420,184 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.08.04 21:37:52 | 000,496,458 | ---- | M] () -- C:\Windows\t_eJay4.inf
[2010.08.04 15:32:19 | 000,001,481 | ---- | M] () -- C:\Users\Alex\Desktop\Techno eJay 4.lnk
[8 C:\Users\Alex\Desktop\*.tmp files -> C:\Users\Alex\Desktop\*.tmp -> ]
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010.09.25 00:01:15 | 000,002,033 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2010.09.24 00:07:17 | 000,002,014 | ---- | C] () -- C:\Users\Public\Desktop\Play Rise of the Argonauts.lnk
[2010.09.15 16:18:04 | 000,176,230 | ---- | C] () -- C:\Users\Alex\Desktop\iphone3gs_3up.jpg
[2010.09.15 16:02:09 | 002,298,344 | ---- | C] () -- C:\Users\Alex\Desktop\DSC00675.JPG
[2010.09.05 21:22:01 | 402,297,213 | ---- | C] () -- C:\Users\Alex\Desktop\sighthd-bodyoflies-720p.mkv
[2010.09.04 23:45:56 | 000,000,712 | ---- | C] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2010.08.26 14:34:38 | 000,234,381 | ---- | C] () -- C:\Users\Alex\Desktop\Unbenannt.jpg
[2010.08.13 14:23:20 | 000,003,854 | ---- | C] () -- C:\Windows\wsnk.his
[2010.08.13 14:23:20 | 000,001,016 | ---- | C] () -- C:\Windows\wsnk.ini
[2010.08.12 12:44:29 | 000,550,912 | ---- | C] () -- C:\Users\Alex\Documents\Dok1.doc
[2010.08.12 12:37:52 | 000,006,512 | ---- | C] () -- C:\Users\Alex\.recently-used.xbel
[2010.08.04 21:37:52 | 000,496,458 | ---- | C] () -- C:\Windows\t_eJay4.inf
[2010.08.04 15:32:19 | 000,001,481 | ---- | C] () -- C:\Users\Alex\Desktop\Techno eJay 4.lnk
[2010.08.04 15:29:42 | 000,029,696 | ---- | C] () -- C:\Windows\System32\pthread.dll
[2010.08.04 15:29:41 | 000,057,344 | ---- | C] () -- C:\Windows\System32\eJayxQuell.ax
[2010.08.04 15:29:41 | 000,045,056 | ---- | C] () -- C:\Windows\System32\eJayxWaveDest.ax
[2010.05.28 19:33:38 | 000,196,096 | ---- | C] () -- C:\Program Files\b1guninst100.exe
[2010.04.02 17:17:34 | 000,179,091 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2010.03.01 15:47:27 | 000,000,871 | ---- | C] () -- C:\Windows\disney.ini
[2010.02.15 00:18:03 | 000,047,104 | ---- | C] () -- C:\Windows\System32\KMVIDC32.DLL
[2010.01.04 17:08:59 | 000,000,032 | ---- | C] () -- C:\Windows\Menu.INI
[2009.11.16 23:19:42 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll
[2009.06.10 01:14:58 | 000,278,984 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
[2009.06.10 01:14:57 | 000,025,416 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
[2009.05.27 23:30:49 | 000,021,840 | ---- | C] () -- C:\Windows\System32\SIntfNT.dll
[2009.05.27 23:30:49 | 000,017,212 | ---- | C] () -- C:\Windows\System32\SIntf32.dll
[2009.05.27 23:30:49 | 000,012,067 | ---- | C] () -- C:\Windows\System32\SIntf16.dll
[2009.05.13 18:27:45 | 000,054,932 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009.05.13 18:27:40 | 000,054,932 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2009.05.12 21:58:48 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009.01.21 20:45:31 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2009.01.19 19:20:29 | 000,306,688 | ---- | C] () -- C:\Windows\System32\Lffpx7.dll
[2009.01.19 19:20:29 | 000,095,232 | ---- | C] () -- C:\Windows\System32\Lfkodak.dll
[2009.01.19 19:19:03 | 000,015,047 | ---- | C] () -- C:\Windows\HPSETUP.INI
[2008.12.28 00:47:39 | 000,247,808 | ---- | C] () -- C:\Users\Alex\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.12.23 23:03:36 | 000,022,328 | ---- | C] () -- C:\Users\Alex\AppData\Roaming\PnkBstrK.sys
[2008.12.22 13:07:33 | 000,004,767 | ---- | C] () -- C:\Windows\Irremote.ini
[2008.12.22 11:42:59 | 000,717,296 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2008.06.24 02:04:30 | 000,000,946 | ---- | C] () -- C:\Windows\lgcenter.ini
[2008.06.24 01:33:11 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2008.06.24 01:23:59 | 000,000,212 | ---- | C] () -- C:\Windows\lgps.ini
[2007.10.02 22:58:12 | 000,389,120 | ---- | C] () -- C:\Windows\System32\btwhidcs.dll
[2006.11.02 14:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 09:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2003.02.20 18:53:42 | 000,005,702 | ---- | C] () -- C:\Windows\System32\OUTLPERF.INI
[2001.11.14 22:56:00 | 001,802,240 | ---- | C] () -- C:\Windows\System32\lcppn21.dll
========== LOP Check ==========
[2008.12.21 00:15:37 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\BITS
[2010.03.29 00:23:16 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\BoneTown
[2008.12.22 11:56:29 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\DAEMON Tools
[2009.01.11 17:57:25 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\DAEMON Tools Lite
[2009.06.08 22:34:21 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\DAEMON Tools Pro
[2009.01.11 14:12:48 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Engelmann Media
[2009.03.23 17:13:46 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\fretsonfire
[2010.08.12 12:37:52 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\gtk-2.0
[2010.09.17 17:12:03 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\ICQ
[2009.04.10 11:30:10 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\IrfanView
[2010.07.17 14:48:48 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Listing Factory 2009
[2010.09.12 21:41:04 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\LucasArts
[2009.11.16 23:22:41 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\MAGIX
[2009.05.06 18:02:23 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Meine Der Herr der Ringe™, Aufstieg des Hexenkönigs™-Dateien
[2009.05.01 12:14:35 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Meine Die Schlacht um Mittelerde™ II-Dateien
[2010.09.26 19:57:56 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Moqaud
[2010.08.31 21:18:35 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Red Alert 3
[2010.02.06 23:18:27 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Sony
[2010.02.06 23:10:56 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Sony Setup
[2010.08.28 00:57:32 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\SpieleEntwicklungsKombinat
[2010.07.30 11:58:02 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\SPORE
[2008.12.21 02:10:12 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\SporeCreatureCreator
[2010.08.26 16:42:47 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Stardock
[2010.05.25 00:41:58 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\TeamViewer
[2009.06.09 14:39:15 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Teeworlds
[2010.03.01 16:42:49 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Touchstone
[2010.08.01 13:44:04 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Ubisoft
[2010.09.05 11:16:04 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\uTorrent
[2010.09.27 22:45:04 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Yrbevy
[2010.03.27 17:29:54 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Zylom
[2010.09.16 04:13:29 | 000,032,636 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2009.01.02 17:45:34 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Adobe
[2009.05.19 22:18:56 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Apple Computer
[2009.08.19 21:47:02 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\AVS4YOU
[2008.12.21 00:15:37 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\BITS
[2010.03.29 00:23:16 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\BoneTown
[2008.12.22 11:56:29 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\DAEMON Tools
[2009.01.11 17:57:25 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\DAEMON Tools Lite
[2009.06.08 22:34:21 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\DAEMON Tools Pro
[2010.02.06 21:18:11 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\dvdcss
[2009.01.11 14:12:48 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Engelmann Media
[2009.03.23 17:13:46 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\fretsonfire
[2008.12.21 10:04:07 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Google
[2010.08.12 12:37:52 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\gtk-2.0
[2009.05.27 17:30:55 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Hamachi
[2010.09.17 17:12:03 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\ICQ
[2010.03.27 17:29:55 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Identities
[2010.03.01 15:46:37 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\InstallShield
[2009.04.10 11:30:10 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\IrfanView
[2010.07.17 14:48:48 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Listing Factory 2009
[2010.09.12 21:41:04 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\LucasArts
[2008.12.12 22:19:24 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Macromedia
[2009.11.16 23:22:41 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\MAGIX
[2006.11.02 14:37:34 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Media Center Programs
[2009.05.06 18:02:23 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Meine Der Herr der Ringe™, Aufstieg des Hexenkönigs™-Dateien
[2009.05.01 12:14:35 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Meine Die Schlacht um Mittelerde™ II-Dateien
[2010.06.04 20:56:24 | 000,000,000 | --SD | M] -- C:\Users\Alex\AppData\Roaming\Microsoft
[2010.09.26 19:57:56 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Moqaud
[2009.03.19 00:11:14 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Mozilla
[2008.12.23 14:05:27 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Nero
[2010.08.31 21:18:35 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Red Alert 3
[2008.12.23 21:00:25 | 000,000,000 | RH-D | M] -- C:\Users\Alex\AppData\Roaming\SecuROM
[2010.06.17 17:37:58 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Skype
[2010.06.17 17:37:55 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\skypePM
[2010.02.06 23:18:27 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Sony
[2010.02.06 23:10:56 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Sony Setup
[2010.08.28 00:57:32 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\SpieleEntwicklungsKombinat
[2010.07.30 11:58:02 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\SPORE
[2008.12.21 02:10:12 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\SporeCreatureCreator
[2010.08.26 16:42:47 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Stardock
[2009.03.24 20:36:11 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\teamspeak2
[2010.05.25 00:41:58 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\TeamViewer
[2009.06.09 14:39:15 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Teeworlds
[2009.06.01 22:35:52 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Toribash
[2010.03.01 16:42:49 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Touchstone
[2010.08.01 13:44:04 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Ubisoft
[2010.09.05 11:16:04 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\uTorrent
[2009.01.19 23:08:36 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\vlc
[2009.02.27 01:50:04 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Winamp
[2008.12.22 04:41:34 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\WinRAR
[2010.09.27 22:45:04 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Yrbevy
[2010.03.27 17:29:54 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Zylom
< %APPDATA%\*.exe /s >
[2010.08.13 13:44:15 | 000,040,960 | R--- | M] (InstallShield Software Corp.) -- C:\Users\Alex\AppData\Roaming\Microsoft\Installer\{2DE5FFD5-6130-4B89-803E-A49986220D55}\Toolbox_80B2BC9F0AAC4D259B78B2C92907081E.exe
[2010.03.29 00:06:45 | 000,003,774 | R--- | M] () -- C:\Users\Alex\AppData\Roaming\Microsoft\Installer\{5E7C721D-B008-4269-A1C4-2CE7E9757983}\BoneTown.exe
[2010.03.29 00:06:45 | 000,003,774 | R--- | M] () -- C:\Users\Alex\AppData\Roaming\Microsoft\Installer\{5E7C721D-B008-4269-A1C4-2CE7E9757983}\controlPanelIcon.exe
[2010.03.29 00:06:45 | 000,010,134 | R--- | M] () -- C:\Users\Alex\AppData\Roaming\Microsoft\Installer\{5E7C721D-B008-4269-A1C4-2CE7E9757983}\SystemFolder_msiexec.exe
[2009.06.04 19:34:14 | 000,000,766 | R--- | M] () -- C:\Users\Alex\AppData\Roaming\Microsoft\Installer\{6FD260BF-5A16-45DB-9E8F-75D25C1D0607}\ARPPRODUCTICON.exe
[2009.06.04 19:34:14 | 000,040,960 | R--- | M] (InstallShield Software Corp.) -- C:\Users\Alex\AppData\Roaming\Microsoft\Installer\{6FD260BF-5A16-45DB-9E8F-75D25C1D0607}\NewShortcut1_3.exe
[2009.06.04 19:34:14 | 000,040,960 | R--- | M] (InstallShield Software Corp.) -- C:\Users\Alex\AppData\Roaming\Microsoft\Installer\{6FD260BF-5A16-45DB-9E8F-75D25C1D0607}\NewShortcut2_1.exe
[2009.06.04 19:34:14 | 000,040,960 | R--- | M] (InstallShield Software Corp.) -- C:\Users\Alex\AppData\Roaming\Microsoft\Installer\{6FD260BF-5A16-45DB-9E8F-75D25C1D0607}\NewShortcut3_3.exe
[2009.06.04 19:34:14 | 000,040,960 | R--- | M] (InstallShield Software Corp.) -- C:\Users\Alex\AppData\Roaming\Microsoft\Installer\{6FD260BF-5A16-45DB-9E8F-75D25C1D0607}\NewShortcut4_1.exe
< %SYSTEMDRIVE%\*.exe >
< MD5 for: AGP440.SYS >
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\drivers\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_f750e484\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2008.01.21 04:23:01 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_bbfe6647bbd2a4c6\AGP440.sys
[2006.11.02 11:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
< MD5 for: ATAPI.SYS >
[2009.04.11 08:32:26 | 000,019,944 | ---- | M] (Microsoft Corporation) MD5=1F05B78AB91C9075565A9D8A4B880BC4 -- C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_df23a1261eab99e8\atapi.sys
[2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\drivers\atapi.sys
[2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_cc18792d\atapi.sys
[2008.01.21 04:23:00 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 11:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
< MD5 for: CNGAUDIT.DLL >
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
< MD5 for: IASTOR.SYS >
[2008.04.21 03:29:56 | 000,394,776 | ---- | M] (Intel Corporation) MD5=8BD53925C5675BC9A5EFE12E2A42BE31 -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver64\IaStor.sys
[2008.04.21 03:29:38 | 000,317,464 | ---- | M] (Intel Corporation) MD5=9F1220113A3A7F4F08042C699324D073 -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver\IaStor.sys
[2008.04.21 03:29:38 | 000,317,464 | ---- | M] (Intel Corporation) MD5=9F1220113A3A7F4F08042C699324D073 -- C:\Windows\System32\drivers\iaStor.sys
[2008.04.21 03:29:38 | 000,317,464 | ---- | M] (Intel Corporation) MD5=9F1220113A3A7F4F08042C699324D073 -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_18bd4575\iaStor.sys
< MD5 for: IASTORV.SYS >
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\drivers\iaStorV.sys
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_c9df7691\iaStorV.sys
[2008.01.21 04:23:23 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006.11.02 11:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
< MD5 for: NETLOGON.DLL >
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_ffa3304f351bb3a3\netlogon.dll
[2008.01.21 04:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\System32\netlogon.dll
[2008.01.21 04:24:05 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
< MD5 for: NVSTOR.SYS >
[2006.11.02 11:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\drivers\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_31c3d71d\nvstor.sys
[2008.01.21 04:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
< MD5 for: SCECLI.DLL >
[2008.01.21 04:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\System32\scecli.dll
[2008.01.21 04:24:50 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_39f95b67d63d3a5e\scecli.dll
< MD5 for: USER32.DLL >
[2009.04.11 08:28:25 | 000,627,712 | ---- | M] (Microsoft Corporation) MD5=75510147B94598407666F4802797C75A -- C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_cf23e54d6a7e4a7e\user32.dll
[2008.01.21 04:24:21 | 000,627,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\user32.dll
[2008.01.21 04:24:21 | 000,627,200 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll
< MD5 for: USERINIT.EXE >
[2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\System32\userinit.exe
[2008.01.21 04:24:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
< MD5 for: WINLOGON.EXE >
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\SoftwareDistribution\Download\cd2b15b1a90e884578188440a1660b12\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008.01.21 04:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\System32\winlogon.exe
[2008.01.21 04:24:49 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
< MD5 for: WS2IFSL.SYS >
[2008.01.21 04:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2008.01.21 04:24:47 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_4f86a0d4c7cda641\ws2ifsl.sys
< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2008.12.22 11:43:00 | 000,717,296 | ---- | M] () Unable to obtain MD5 -- C:\Windows\System32\drivers\sptd.sys
< %systemroot%\System32\config\*.sav >
[2008.01.21 05:14:18 | 016,846,848 | ---- | M] () -- C:\Windows\System32\config\COMPONENTS.SAV
[2008.01.21 05:14:08 | 000,106,496 | ---- | M] () -- C:\Windows\System32\config\DEFAULT.SAV
[2008.01.21 05:14:18 | 000,020,480 | ---- | M] () -- C:\Windows\System32\config\SECURITY.SAV
[2006.11.02 12:34:08 | 010,133,504 | ---- | M] () -- C:\Windows\System32\config\SOFTWARE.SAV
[2006.11.02 12:34:08 | 001,826,816 | ---- | M] () -- C:\Windows\System32\config\SYSTEM.SAV
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[2008.01.21 04:24:42 | 000,242,744 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\rsaenh.dll
[2008.01.21 04:24:38 | 000,225,792 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\SLC.dll
[2 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
< End of report >
Ich hoffe ihr könnt mir helfen! Euer Alex |
Baum-Darstellung