| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: TR/Crypt.XPACK.Gen3Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
02.10.2010, 16:58
| #1 |
 |  TR/Crypt.XPACK.Gen3 Mein Antivir zeigt ständig an, dass ein Trojaner namens TR/Crypt.XPACK.Gen3 gefunden wurde. Er wird dann jedes Mal von mir in Quaratäne geschoben , aber so nach einer Stunde taucht die Meldung wieder auf. Wenn ich einen Komplettscan mache finden weder Antivir, noch Malwarebytes das verdammte ding. Also, kann mir vielleicht jemand helfen? bitteeee  |
|
03.10.2010, 14:36
| #2 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   | TR/Crypt.XPACK.Gen3Zitat:
Aus den Regeln: 5. Beschreibe Dein Problem in einigen Sätzen und arbeite diese Anleitung ab Punkt 2. durch Auch Funde von deiner Sicherheitssoftware bitte im Thema nennen: (z.B. c:\windows\virus.exe) Fehlen diese Angaben, kann und wird dir hier niemand helfen.
__________________ |
|
04.10.2010, 13:12
| #3 |
| | TR/Crypt.XPACK.Gen3 das ist doch der schädlingsname "TR/Crypt.XPACK.Gen3" oder nicht??
__________________und eine genaue Datei kann ich ja auchnicht angeben, da es immer eine andere ist. Letztens war es zum Beispiel eine Namens tmp0000d0ec |
|
04.10.2010, 15:45
| #4 |
| | TR/Crypt.XPACK.Gen3 Hab jetzt den kompletten Pfad rausbekommen C:/Dokumente und Einsstellungen/Michael/Lokale Einstellungen/Temp/tmp000069d9/tmp0000279c aber nützt eigentlich nicht viel, da es jedes mal ein anderer pfad ist, kann mir denn jetzt vielleicht jemand helfen? |
|
04.10.2010, 18:07
| #5 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | TR/Crypt.XPACK.Gen3 Systemscan mit OTL Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
07.10.2010, 18:42
| #6 |
| | TR/Crypt.XPACK.Gen3 danke , das Problem ist aber mittlerweile gelöst. Ich habe die Datei lohalisiert und im abgesicherten Modus geshreddert. Seitdem ist die Meldung nie wieder aufgetaucht. So einfach kanns also gehen :P Danke vielmals trotzdem  |
|
07.10.2010, 21:06
| #7 |
| | TR/Crypt.XPACK.Gen3 Tia schön währe es, leider dochnicht, es ist wieder aufgetaucht, ich werd jetz mal eben das mit den Logfiles machen
__________________ Spittfaia & Rebina - Doppelt aufs Maul DIE FREEDOWNLOAD EP 12 Tracks direkt auf http://spittfaia.lima-city.de/spiitload.html währe cool wenn sie jemand lädt |
|
08.10.2010, 14:24
| #8 |
| | TR/Crypt.XPACK.Gen3 erstmal Entschuldigung dass es so lange gedauert hat und dass ich jetzt zum dritten Mal hintereinander poste aber ich finde hier einfach den Button nicht, mit dem man die vorherige Nachicht wieder löscht, aber egal, hier nun das, was OTL ausgespuckt hat : Die Datei OTL.Txt ------------------------------OTL Logfile: Code:
ATTFilter OTL logfile created on: 08.10.2010 15:05:37 - Run 4 OTL by OldTimer - Version 3.2.14.1 Folder = C:\Dokumente und Einstellungen\Michael\Desktop Windows XP Media Center Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 1.022,00 Mb Total Physical Memory | 531,00 Mb Available Physical Memory | 52,00% Memory free 2,00 Gb Paging File | 2,00 Gb Available in Paging File | 83,00% Paging File free Paging file location(s): C:\pagefile.sys 1536 3072 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme Drive C: | 133,43 Gb Total Space | 105,73 Gb Free Space | 79,24% Space Free | Partition Type: NTFS Drive D: | 15,60 Gb Total Space | 5,45 Gb Free Space | 34,92% Space Free | Partition Type: FAT32 E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: BESITZER-E4905B Current User Name: Michael Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal ========== Processes (SafeList) ========== PRC - C:\Dokumente und Einstellungen\Michael\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Programme\ICQ7.1\ICQ.exe (ICQ, LLC.) PRC - C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) PRC - C:\Programme\Sceneo\Bonavista\Services\PVR\pvrservice.exe (Buhl Data Service GmbH) PRC - C:\Programme\Sceneo\Bonavista\Services\ODSBC\ODSBCApp.exe (ODSoft multimedia) PRC - C:\Programme\Medion\MEDIONbox\Program\GCS.exe (Empolis GmbH) PRC - c:\Programme\Gemeinsame Dateien\Gnab\Service\ServiceController.exe (Empolis GmbH) PRC - C:\Programme\BullGuard Software\BullGuard\BullGuard.exe (BullGuard Software) PRC - C:\Programme\BullGuard Software\BullGuard\BullGuardUpdate.exe (BullGuard Software) PRC - C:\Programme\Intel\Wireless\Bin\EvtEng.exe (Intel Corporation) PRC - C:\Programme\Intel\Wireless\Bin\ZCfgSvc.exe (Intel Corporation) PRC - C:\Programme\Intel\Wireless\Bin\iFrmewrk.exe (Intel Corporation) PRC - C:\Programme\Intel\Wireless\Bin\S24EvMon.exe (Intel Corporation ) PRC - C:\Programme\Intel\Wireless\Bin\RegSrvc.exe (Intel Corporation) PRC - C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe (Hewlett-Packard Company) PRC - C:\WINDOWS\sm56hlpr.exe (Motorola Inc.) PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) PRC - C:\Programme\Gemeinsame Dateien\aol\ACS\AOLacsd.exe (America Online, Inc.) PRC - C:\Programme\AOL 9.0\aoltray.exe (America Online, Inc.) PRC - C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation) PRC - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkUFind.exe (Microsoft® Corporation) PRC - C:\Programme\Common Files\X10\Common\X10nets.exe (X10) ========== Modules (SafeList) ========== MOD - C:\Dokumente und Einstellungen\Michael\Desktop\OTL.exe (OldTimer Tools) MOD - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll (Microsoft Corporation) MOD - C:\WINDOWS\system32\msscript.ocx (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe File not found SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe File not found SRV - (FLEXnet Licensing Service) -- C:\Programme\Gemeinsame Dateien\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.) SRV - (Apple Mobile Device) -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) SRV - (srvcPVR) -- C:\Programme\Sceneo\Bonavista\Services\PVR\pvrservice.exe (Buhl Data Service GmbH) SRV - (GnabService) -- c:\Programme\Gemeinsame Dateien\Gnab\Service\ServiceController.exe (Empolis GmbH) SRV - (BGMainSvc) -- C:\Programme\BullGuard Software\BullGuard\BsMain.dll (BullGuard, Ltd.) SRV - (BGLiveSvc) -- C:\Programme\BullGuard Software\BullGuard\BullGuardUpdate.exe (BullGuard Software) SRV - (BsMailProxy) -- C:\Programme\BullGuard Software\BullGuard\BsMailProxy.dll (BullGuard Ltd.) SRV - (BsFirewall) -- C:\Programme\BullGuard Software\BullGuard\BsFirewall.dll (BullGuard Ltd.) SRV - (BsFileSpy) -- C:\Programme\BullGuard Software\BullGuard\BsFileSpy.dll (BullGuard Ltd.) SRV - (EvtEng) Intel(R) -- C:\Programme\Intel\Wireless\Bin\EvtEng.exe (Intel Corporation) SRV - (S24EventMonitor) Intel(R) -- C:\Programme\Intel\Wireless\Bin\S24EvMon.exe (Intel Corporation ) SRV - (RegSrvc) Intel(R) -- C:\Programme\Intel\Wireless\Bin\RegSrvc.exe (Intel Corporation) SRV - (LightScribeService) -- C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe (Hewlett-Packard Company) SRV - (WMConnectCDS) -- C:\Programme\Windows Media Connect 2\wmccds.exe (Microsoft Corporation) SRV - (IDriverT) -- C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe (Macrovision Corporation) SRV - (AOL ACS) -- C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLAcsd.exe (America Online, Inc.) SRV - (MDM) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE (Microsoft Corporation) SRV - (x10nets) -- C:\Programme\Common Files\X10\Common\X10nets.exe (X10) ========== Driver Services (SafeList) ========== DRV - (avgio) -- C:\Programme\Avira\AntiVir Desktop\avgio.sys File not found DRV - (Netaapl) -- C:\WINDOWS\system32\drivers\netaapl.sys (Apple Inc.) DRV - (ASCTRM) -- C:\WINDOWS\System32\drivers\asctrm.sys (Windows (R) 2000 DDK provider) DRV - (avgntflt) -- C:\WINDOWS\system32\drivers\avgntflt.sys (Avira GmbH) DRV - (PhilCap) -- C:\WINDOWS\system32\drivers\PhilCap.sys (Philips Semiconductors GmbH) DRV - (NETw3x32) Intel(R) -- C:\WINDOWS\system32\drivers\NETw3x32.sys (Intel® Corporation) DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys (Realtek Semiconductor Corp.) DRV - (nv) -- C:\WINDOWS\system32\drivers\nv4_mini.sys (NVIDIA Corporation) DRV - (NWUSBPort) -- C:\WINDOWS\system32\drivers\nwusbser.sys (Novatel Wireless Inc.) DRV - (NWUSBModem) -- C:\WINDOWS\system32\drivers\nwusbmdm.sys (Novatel Wireless Inc.) DRV - (s24trans) -- C:\WINDOWS\system32\drivers\s24trans.sys (Intel Corporation) DRV - (iaStor) -- C:\WINDOWS\system32\DRIVERS\iaStor.sys (Intel Corporation) DRV - (RTLE8023xp) -- C:\WINDOWS\system32\drivers\Rtenicxp.sys (Realtek Semiconductor Corporation ) DRV - (SynTP) -- C:\WINDOWS\system32\drivers\SynTP.sys (Synaptics, Inc.) DRV - (Reconn) -- C:\Programme\BullGuard Software\BullGuard\reconn.sys () DRV - (FileSpy5) -- C:\Programme\BullGuard Software\BullGuard\filespy5.sys (BullGuard Ltd.) DRV - (smserial) -- C:\WINDOWS\system32\drivers\smserial.sys (Motorola Inc.) DRV - (rimsptsk) -- C:\WINDOWS\system32\drivers\rimsptsk.sys (REDC) DRV - (X10Hid) -- C:\WINDOWS\system32\drivers\x10hid.sys (X10 Wireless Technology, Inc.) DRV - (rimmptsk) -- C:\WINDOWS\system32\drivers\rimmptsk.sys (REDC) DRV - (rismxdp) -- C:\WINDOWS\system32\drivers\rixdptsk.sys (REDC) DRV - (AVMUNET) -- C:\WINDOWS\system32\drivers\avmunet.sys (AVM GmbH) DRV - (XUIF) -- C:\WINDOWS\system32\drivers\x10ufx2.sys (X10 Wireless Technology, Inc.) DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\Hdaudbus.sys (Windows (R) Server 2003 DDK provider) DRV - (ATWPKT2) -- C:\Programme\Gemeinsame Dateien\aol\ACS\atwpkt2.sys (America Online) DRV - (MPE) -- C:\WINDOWS\system32\drivers\MPE.sys (Microsoft Corporation) DRV - (pfc) -- C:\WINDOWS\system32\drivers\pfc.sys (Padus, Inc.) DRV - (wg3n) -- C:\WINDOWS\SYSTEM32\Drivers\wg3n.sys (Sygate Technologies, Inc.) DRV - (wpsdrvnt) -- C:\WINDOWS\system32\drivers\wpsdrvnt.sys (Sygate Technologies, Inc.) DRV - (Teefer) -- C:\WINDOWS\SYSTEM32\Drivers\Teefer.sys (Sygate Technologies, Inc.) DRV - (wanatw) WAN Miniport (ATW) -- C:\WINDOWS\system32\drivers\wanatw4.sys (America Online, Inc.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Login :: klamm.de IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found IE - HKCU\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVD1.dll (Conduit Ltd.) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..CommunityToolbar.SearchFromAddressBarSavedUrl: "data:text/plain,keyword.URL=hxxp://de.search.yahoo.com/search?ei=UTF-8&fr=ffpro&type=moz35awe&p=" FF - prefs.js..browser.search.defaultenginename: "ICQ Search" FF - prefs.js..browser.search.defaultthis.engineName: "softonic-de3 Customized Web Search" FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2431245&SearchSource=3&q={searchTerms}" FF - prefs.js..browser.search.order.1: "BearShare Web Search" FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=302398" FF - prefs.js..browser.search.selectedEngine: "ICQ Search" FF - prefs.js..browser.startup.homepage: "hxxp://www.faiatv.tk" FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1 FF - prefs.js..extensions.enabledItems: {e9911ec6-1bcc-40b0-9993-e0eea7f6953f}:2.5.6.0 FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:2.7.0.14 FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:2.0.0.6 FF - prefs.js..extensions.enabledItems: illimitux@illimitux.net:3.5 FF - prefs.js..extensions.enabledItems: {AA994882-F391-4d2e-806F-8908DA4814ED}:2.4.15 FF - prefs.js..extensions.enabledItems: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065}:2.7.2.0 FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.1.20091029021655 FF - prefs.js..extensions.enabledItems: quickstores@quickstores.de:1.1.0 FF - HKLM\software\mozilla\Mozilla Firefox 3.5.11\extensions\\Components: C:\Programme\Mozilla Firefox\components [2010.08.21 18:05:18 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.11\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2010.08.21 18:05:18 | 000,000,000 | ---D | M] [2009.12.19 15:30:23 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Michael\Anwendungsdaten\Mozilla\Extensions [2010.10.07 16:00:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Michael\Anwendungsdaten\Mozilla\Firefox\Profiles\aco7zfjx.default\extensions [2010.08.26 15:04:44 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\Michael\Anwendungsdaten\Mozilla\Firefox\Profiles\aco7zfjx.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010.08.26 15:04:25 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Dokumente und Einstellungen\Michael\Anwendungsdaten\Mozilla\Firefox\Profiles\aco7zfjx.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2010.08.26 15:04:41 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Michael\Anwendungsdaten\Mozilla\Firefox\Profiles\aco7zfjx.default\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2010.09.17 13:03:58 | 000,000,000 | ---D | M] (DVDVideoSoftTB Toolbar) -- C:\Dokumente und Einstellungen\Michael\Anwendungsdaten\Mozilla\Firefox\Profiles\aco7zfjx.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5} [2010.08.26 15:06:10 | 000,000,000 | ---D | M] (kikin plugin) -- C:\Dokumente und Einstellungen\Michael\Anwendungsdaten\Mozilla\Firefox\Profiles\aco7zfjx.default\extensions\{AA994882-F391-4d2e-806F-8908DA4814ED} [2010.06.16 17:44:44 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Michael\Anwendungsdaten\Mozilla\Firefox\Profiles\aco7zfjx.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [2010.08.26 15:04:44 | 000,000,000 | ---D | M] (softonic-de3 Toolbar) -- C:\Dokumente und Einstellungen\Michael\Anwendungsdaten\Mozilla\Firefox\Profiles\aco7zfjx.default\extensions\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065} [2010.01.15 18:10:30 | 000,000,000 | ---D | M] (QuickJava) -- C:\Dokumente und Einstellungen\Michael\Anwendungsdaten\Mozilla\Firefox\Profiles\aco7zfjx.default\extensions\{E6C1199F-E687-42da-8C24-E7770CC3AE66} [2009.12.29 16:22:12 | 000,000,000 | ---D | M] (DVDVideoSoft Toolbar) -- C:\Dokumente und Einstellungen\Michael\Anwendungsdaten\Mozilla\Firefox\Profiles\aco7zfjx.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f} [2010.02.16 15:27:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Michael\Anwendungsdaten\Mozilla\Firefox\Profiles\aco7zfjx.default\extensions\illimitux@illimitux.net [2010.03.28 11:04:34 | 000,002,476 | ---- | M] () -- C:\Dokumente und Einstellungen\Michael\Anwendungsdaten\Mozilla\Firefox\Profiles\aco7zfjx.default\searchplugins\BearShareWebSearch.xml [2010.03.16 11:42:56 | 000,000,927 | ---- | M] () -- C:\Dokumente und Einstellungen\Michael\Anwendungsdaten\Mozilla\Firefox\Profiles\aco7zfjx.default\searchplugins\conduit.xml [2010.09.17 13:27:19 | 000,000,958 | ---- | M] () -- C:\Dokumente und Einstellungen\Michael\Anwendungsdaten\Mozilla\Firefox\Profiles\aco7zfjx.default\searchplugins\icqplugin-1-1-1-1-1-1-1.xml [2010.08.26 15:14:49 | 000,000,958 | ---- | M] () -- C:\Dokumente und Einstellungen\Michael\Anwendungsdaten\Mozilla\Firefox\Profiles\aco7zfjx.default\searchplugins\icqplugin-1-1-1-1-1-1.xml [2010.08.02 11:56:51 | 000,000,958 | ---- | M] () -- C:\Dokumente und Einstellungen\Michael\Anwendungsdaten\Mozilla\Firefox\Profiles\aco7zfjx.default\searchplugins\icqplugin-1-1-1-1-1.xml [2010.07.14 12:02:09 | 000,000,958 | ---- | M] () -- C:\Dokumente und Einstellungen\Michael\Anwendungsdaten\Mozilla\Firefox\Profiles\aco7zfjx.default\searchplugins\icqplugin-1-1-1-1.xml [2010.06.12 17:07:11 | 000,000,958 | ---- | M] () -- C:\Dokumente und Einstellungen\Michael\Anwendungsdaten\Mozilla\Firefox\Profiles\aco7zfjx.default\searchplugins\icqplugin-1-1-1.xml [2010.05.08 16:22:55 | 000,000,958 | ---- | M] () -- C:\Dokumente und Einstellungen\Michael\Anwendungsdaten\Mozilla\Firefox\Profiles\aco7zfjx.default\searchplugins\icqplugin-1-1.xml [2010.04.26 20:41:42 | 000,000,958 | ---- | M] () -- C:\Dokumente und Einstellungen\Michael\Anwendungsdaten\Mozilla\Firefox\Profiles\aco7zfjx.default\searchplugins\icqplugin-1.xml [2010.07.20 14:46:12 | 000,000,961 | ---- | M] () -- C:\Dokumente und Einstellungen\Michael\Anwendungsdaten\Mozilla\Firefox\Profiles\aco7zfjx.default\searchplugins\icqplugin-2-1.xml [2010.07.20 14:46:12 | 000,000,666 | ---- | M] () -- C:\Dokumente und Einstellungen\Michael\Anwendungsdaten\Mozilla\Firefox\Profiles\aco7zfjx.default\searchplugins\icqplugin-2.xml [2010.08.23 15:41:00 | 000,000,961 | ---- | M] () -- C:\Dokumente und Einstellungen\Michael\Anwendungsdaten\Mozilla\Firefox\Profiles\aco7zfjx.default\searchplugins\icqplugin-3.xml [2010.08.28 14:24:27 | 000,000,961 | ---- | M] () -- C:\Dokumente und Einstellungen\Michael\Anwendungsdaten\Mozilla\Firefox\Profiles\aco7zfjx.default\searchplugins\icqplugin-4.xml [2010.04.18 19:41:21 | 000,000,958 | ---- | M] () -- C:\Dokumente und Einstellungen\Michael\Anwendungsdaten\Mozilla\Firefox\Profiles\aco7zfjx.default\searchplugins\icqplugin.xml [2010.10.07 16:00:37 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions [2009.12.19 15:25:00 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Programme\Mozilla Firefox\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2010.10.06 12:53:32 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions\quickstores@quickstores.de [2002.03.15 14:53:24 | 000,679,936 | ---- | M] () -- C:\Programme\Mozilla Firefox\plugins\NPSWF32.dll [2009.12.02 10:31:53 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2010.03.28 11:04:34 | 000,002,476 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\BearShareWebSearch.xml [2009.12.02 10:31:53 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml [2009.12.02 10:31:53 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml [2009.12.02 10:31:53 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml [2009.12.02 10:31:53 | 000,000,801 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2006.03.24 14:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.5.0_09\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVD1.dll (Conduit Ltd.) O2 - BHO: (kikin Plugin) - {E601996F-E400-41CA-804B-CD6373A7EEE2} - C:\Programme\kikin\ie_kikin.dll File not found O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\tbDVD1.dll (Conduit Ltd.) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {00000000-0000-0000-0000-000000000000} - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Programme\DVDVideoSoftTB\tbDVD1.dll (Conduit Ltd.) O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Programme\Gemeinsame Dateien\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe File not found O4 - HKLM..\Run: [BullGuard] C:\Programme\BullGuard Software\BullGuard\bullguard.exe (BullGuard Software) O4 - HKLM..\Run: [InstantOn] C:\Programme\CyberLink\PowerCinema Linux\ion_install.exe () O4 - HKLM..\Run: [IntelWireless] C:\Programme\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation) O4 - HKLM..\Run: [IntelZeroConfig] C:\Programme\Intel\Wireless\bin\ZCfgSvc.exe (Intel Corporation) O4 - HKLM..\Run: [LanguageShortcut] C:\Programme\Home Cinema\PowerDVD\Language\Language.exe () O4 - HKLM..\Run: [Microsoft Works Update Detection] C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkUFind.exe (Microsoft® Corporation) O4 - HKLM..\Run: [NeroFilterCheck] C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroCheck.exe (Nero AG) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [NWEReboot] File not found O4 - HKLM..\Run: [SkyTel] C:\WINDOWS\SkyTel.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [SMSERIAL] C:\WINDOWS\sm56hlpr.exe (Motorola Inc.) O4 - HKLM..\Run: [SynTPEnh] C:\Programme\Synaptics\SynTP\SynTPEnh.exe File not found O4 - HKLM..\Run: [TVBroadcast] C:\Programme\Sceneo\Bonavista\Services\ODSBC\ODSBCApp.exe (ODSoft multimedia) O4 - HKLM..\Run: [UnlockerAssistant] C:\Programme\Unlocker\UnlockerAssistant.exe File not found O4 - HKCU..\Run: [BullGuard] C:\Programme\BullGuard Software\BullGuard\BullGuard.exe (BullGuard Software) O4 - HKCU..\Run: [ICQ] C:\Programme\ICQ7.1\ICQ.exe (ICQ, LLC.) O4 - HKCU..\Run: [Livestation] C:\Programme\Livestation\Livestation.exe File not found O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\AOL 9.0 Tray-Symbol.lnk = C:\Programme\AOL 9.0\aoltray.exe (America Online, Inc.) O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Microsoft Office.lnk = C:\Programme\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme () O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O8 - Extra context menu item: Free YouTube Download - C:\Dokumente und Einstellungen\Michael\Anwendungsdaten\DVDVideoSoftIEHelpers\youtubedownload.htm () O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_09\bin\NPJPI150_09.dll (Sun Microsystems, Inc.) O9 - Extra 'Tools' menuitem : My kikin - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - C:\Programme\kikin\ie_kikin.dll File not found O9 - Extra Button: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Programme\ICQ7.1\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Programme\ICQ7.1\ICQ.exe (ICQ, LLC.) O15 - HKCU\..Trusted Domains: fritz.box ([]* in Local intranet) O15 - HKCU\..Trusted Ranges: Range1 ([*] in Local intranet) O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1163614636698 (WUWebControl Class) O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://go.divx.com/plugin/DivXBrowserPlugin.cab (DivXBrowserPlugin Object) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab (Java Plug-in 1.5.0_09) O16 - DPF: {BF3CD111-6278-11D2-9EA3-00A0C9251384} hxxp://www.o2c.de/download/O2CPlayer.CAB (O2C-Player Version 1.x) O16 - DPF: {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} hxxp://office.microsoft.com/officeupdate/content/opuc4.cab (Office Update Installation Engine) O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab (Java Plug-in 1.5.0_09) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab (Java Plug-in 1.5.0_09) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\MED5_1280x960.bmp O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\MED5_1280x960.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.11.15 19:12:24 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O33 - MountPoints2\{47d149c0-32be-11df-8ff6-00038a000015}\Shell\AutoRun\command - "" = F:\installer.exe -- File not found O33 - MountPoints2\{47d149c0-32be-11df-8ff6-00038a000015}\Shell\verb\command - "" = F:\installer.exe -- File not found O33 - MountPoints2\{d3b658dc-f849-11de-8fb5-00040ed4087d}\Shell - "" = AutoRun O33 - MountPoints2\{d3b658dc-f849-11de-8fb5-00040ed4087d}\Shell\AutoRun - "" = Auto&Play O33 - MountPoints2\{d3b658dc-f849-11de-8fb5-00040ed4087d}\Shell\Open\command - "" = resycled\boot.com f: O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2010.10.07 22:52:44 | 000,000,000 | ---D | C] -- C:\Programme\ASCOMP Software [2010.10.07 22:51:48 | 000,000,000 | ---D | C] -- C:\Programme\Free Screen To Video [2010.10.07 15:46:08 | 000,000,000 | -HSD | C] -- C:\WINDOWS\CSC [2010.10.07 14:48:28 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Michael\Anwendungsdaten\ASCOMP Software [2010.10.07 14:46:28 | 002,989,328 | ---- | C] (ASCOMP Software GmbH ) -- C:\Dokumente und Einstellungen\Michael\Desktop\sEraser_3.201.exe [2010.10.06 12:53:27 | 000,000,000 | ---D | C] -- C:\Programme\Unlocker [2010.10.06 12:53:27 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Michael\Anwendungsdaten\QuickStoresToolbar [2010.10.05 22:01:53 | 000,000,000 | ---D | C] -- C:\video_output [2010.10.05 21:57:24 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Michael\Anwendungsdaten\GetRightToGo [2010.10.05 21:50:34 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Michael\Eigene Dateien\Any Video Converter [2010.10.05 21:10:50 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Michael\Eigene Dateien\ImTOO Software Studio [2010.10.05 16:24:21 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\Michael\IECompatCache [2010.10.04 16:41:38 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Michael\Desktop\OTL.exe [2010.10.02 17:26:18 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Michael\Anwendungsdaten\AnvSoft [2010.10.02 17:26:11 | 000,000,000 | ---D | C] -- C:\Programme\AnvSoft [2010.10.01 17:48:26 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Michael\Anwendungsdaten\Malwarebytes [2010.10.01 17:48:12 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes [2010.09.27 21:44:03 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Michael\Desktop\mp3-player [2010.09.17 13:16:30 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Michael\Anwendungsdaten\FreeScreenToVideo [2010.09.17 13:14:56 | 004,219,209 | ---- | C] (Koyote Soft ) -- C:\Dokumente und Einstellungen\Michael\Desktop\Setup_FreeScreenVideo_1.2.exe [2010.09.17 13:01:39 | 011,405,816 | ---- | C] (DVDVideoSoft Limited. ) -- C:\Dokumente und Einstellungen\Michael\Desktop\FreeVideoDub_1.8.exe [2010.09.10 13:51:07 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\Adobe [2010.09.09 19:31:38 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Michael\Eigene Dateien\Verkaufsbeatz 100% [2010.09.08 20:35:41 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Michael\Anwendungsdaten\IObit [2010.09.08 20:35:40 | 000,000,000 | ---D | C] -- C:\Programme\IObit [2010.09.08 20:34:08 | 007,486,800 | ---- | C] (IObit ) -- C:\Dokumente und Einstellungen\Michael\Desktop\asc-setup-softonic.exe [2010.09.08 20:33:49 | 000,000,000 | ---D | C] -- C:\Programme\MSECache [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2010.10.08 00:08:03 | 010,252,539 | ---- | M] () -- C:\Dokumente und Einstellungen\Michael\Desktop\Murderlinez - Volles Magazin EP Snipped.mp3 [2010.10.07 23:10:25 | 000,051,048 | ---- | M] () -- C:\WINDOWS\System32\nvapps.xml [2010.10.07 23:10:19 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010.10.07 23:10:10 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010.10.07 23:10:07 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010.10.07 23:10:03 | 1071,828,992 | -HS- | M] () -- C:\hiberfil.sys [2010.10.07 23:09:24 | 005,505,024 | -H-- | M] () -- C:\Dokumente und Einstellungen\Michael\NTUSER.DAT [2010.10.07 23:09:24 | 000,000,190 | -HS- | M] () -- C:\Dokumente und Einstellungen\Michael\ntuser.ini [2010.10.07 22:52:45 | 000,001,770 | ---- | M] () -- C:\Dokumente und Einstellungen\Michael\Desktop\Secure Eraser.lnk [2010.10.07 22:51:51 | 000,000,777 | ---- | M] () -- C:\Dokumente und Einstellungen\Michael\Desktop\Free Screen To Video.lnk [2010.10.07 16:13:10 | 000,000,580 | ---- | M] () -- C:\WINDOWS\win.ini [2010.10.07 16:13:10 | 000,000,257 | ---- | M] () -- C:\WINDOWS\system.ini [2010.10.07 14:46:54 | 002,989,328 | ---- | M] (ASCOMP Software GmbH ) -- C:\Dokumente und Einstellungen\Michael\Desktop\sEraser_3.201.exe [2010.10.07 13:34:01 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2010.10.05 22:02:31 | 000,070,144 | ---- | M] () -- C:\Dokumente und Einstellungen\Michael\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.10.05 20:09:06 | 000,000,681 | -H-- | M] () -- C:\Dokumente und Einstellungen\All Users\Dokumente\os245324.bin [2010.10.04 16:41:43 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Michael\Desktop\OTL.exe [2010.10.02 16:53:02 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job [2010.09.29 20:26:03 | 000,022,528 | ---- | M] () -- C:\Dokumente und Einstellungen\Michael\Eigene Dateien\Widerrufung der Musterung.doc [2010.09.17 13:43:53 | 013,570,048 | ---- | M] () -- C:\Dokumente und Einstellungen\Michael\Eigene Dateien\murderlinez.avi [2010.09.17 13:22:28 | 007,309,720 | ---- | M] () -- C:\Dokumente und Einstellungen\Michael\Eigene Dateien\jojojo.flv [2010.09.17 13:15:32 | 004,219,209 | ---- | M] (Koyote Soft ) -- C:\Dokumente und Einstellungen\Michael\Desktop\Setup_FreeScreenVideo_1.2.exe [2010.09.17 13:03:19 | 011,405,816 | ---- | M] (DVDVideoSoft Limited. ) -- C:\Dokumente und Einstellungen\Michael\Desktop\FreeVideoDub_1.8.exe [2010.09.15 12:54:36 | 000,903,837 | ---- | M] () -- C:\Dokumente und Einstellungen\Michael\Eigene Dateien\scaface eier.mp3 [2010.09.13 20:35:55 | 001,534,955 | ---- | M] () -- C:\Dokumente und Einstellungen\Michael\Eigene Dateien\scarface arsch.mp3 [2010.09.13 20:34:23 | 004,005,094 | ---- | M] () -- C:\Dokumente und Einstellungen\Michael\Eigene Dateien\scarface deal.mp3 [2010.09.13 20:31:40 | 000,394,971 | ---- | M] () -- C:\Dokumente und Einstellungen\Michael\Eigene Dateien\scarface reinkomm.mp3 [2010.09.13 20:21:36 | 003,497,273 | ---- | M] () -- C:\Dokumente und Einstellungen\Michael\Eigene Dateien\scarface klamotten skit.mp3 [2010.09.11 13:56:42 | 010,288,065 | ---- | M] () -- C:\Dokumente und Einstellungen\Michael\Eigene Dateien\Immer wenn ich rhyme clubshooter.mp3 [2010.09.11 13:25:56 | 006,615,044 | ---- | M] () -- C:\Standard.wav [2010.09.09 15:51:15 | 001,580,360 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010.09.08 20:35:24 | 007,486,800 | ---- | M] (IObit ) -- C:\Dokumente und Einstellungen\Michael\Desktop\asc-setup-softonic.exe [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files Created - No Company Name ========== [2010.10.08 00:07:35 | 010,252,539 | ---- | C] () -- C:\Dokumente und Einstellungen\Michael\Desktop\Murderlinez - Volles Magazin EP Snipped.mp3 [2010.10.07 23:10:03 | 1071,828,992 | -HS- | C] () -- C:\hiberfil.sys [2010.10.07 22:52:45 | 000,001,770 | ---- | C] () -- C:\Dokumente und Einstellungen\Michael\Desktop\Secure Eraser.lnk [2010.10.07 22:51:51 | 000,000,777 | ---- | C] () -- C:\Dokumente und Einstellungen\Michael\Desktop\Free Screen To Video.lnk [2010.09.28 18:09:18 | 000,022,528 | ---- | C] () -- C:\Dokumente und Einstellungen\Michael\Eigene Dateien\Widerrufung der Musterung.doc [2010.09.17 13:39:14 | 013,570,048 | ---- | C] () -- C:\Dokumente und Einstellungen\Michael\Eigene Dateien\murderlinez.avi [2010.09.17 13:22:27 | 007,309,720 | ---- | C] () -- C:\Dokumente und Einstellungen\Michael\Eigene Dateien\jojojo.flv [2010.09.15 12:54:33 | 000,903,837 | ---- | C] () -- C:\Dokumente und Einstellungen\Michael\Eigene Dateien\scaface eier.mp3 [2010.09.13 20:35:52 | 001,534,955 | ---- | C] () -- C:\Dokumente und Einstellungen\Michael\Eigene Dateien\scarface arsch.mp3 [2010.09.13 20:34:20 | 004,005,094 | ---- | C] () -- C:\Dokumente und Einstellungen\Michael\Eigene Dateien\scarface deal.mp3 [2010.09.13 20:31:40 | 000,394,971 | ---- | C] () -- C:\Dokumente und Einstellungen\Michael\Eigene Dateien\scarface reinkomm.mp3 [2010.09.13 20:21:31 | 003,497,273 | ---- | C] () -- C:\Dokumente und Einstellungen\Michael\Eigene Dateien\scarface klamotten skit.mp3 [2010.09.11 13:56:23 | 010,288,065 | ---- | C] () -- C:\Dokumente und Einstellungen\Michael\Eigene Dateien\Immer wenn ich rhyme clubshooter.mp3 [2010.09.11 13:24:46 | 006,615,044 | ---- | C] () -- C:\Standard.wav [2010.08.11 20:14:50 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest [2010.08.11 20:14:49 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2010.04.12 14:41:05 | 000,076,407 | ---- | C] () -- C:\Dokumente und Einstellungen\Michael\Anwendungsdaten\Smiley.ico [2010.04.03 18:50:53 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\Michael\Anwendungsdaten\Default.PLS [2010.01.07 17:20:23 | 000,000,000 | ---- | C] () -- C:\Dokumente und Einstellungen\Michael\Anwendungsdaten\wklnhst.dat [2010.01.02 00:34:36 | 000,070,144 | ---- | C] () -- C:\Dokumente und Einstellungen\Michael\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009.11.25 22:45:00 | 000,000,140 | ---- | C] () -- C:\Dokumente und Einstellungen\Michael\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat [2006.11.16 03:27:46 | 000,241,664 | ---- | C] () -- C:\WINDOWS\NwtGatewayDLL.dll [2006.11.16 03:27:46 | 000,001,110 | ---- | C] () -- C:\WINDOWS\NwtGatewayConfig.ini [2006.11.16 03:18:47 | 000,038,912 | ---- | C] () -- C:\WINDOWS\System32\mgxasio.dll [2006.11.16 03:15:42 | 000,000,024 | ---- | C] () -- C:\WINDOWS\magix.ini [2006.11.16 03:09:14 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll [2006.11.16 03:09:11 | 000,001,208 | ---- | C] () -- C:\WINDOWS\mgxoschk.ini [2006.11.16 02:03:59 | 000,299,008 | ---- | C] () -- C:\WINDOWS\System32\midas.dll [2006.11.16 02:03:59 | 000,120,320 | ---- | C] () -- C:\WINDOWS\System32\UnzDll.dll [2006.11.16 02:02:37 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2006.11.16 00:49:41 | 000,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2006.11.15 23:46:32 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini [2006.11.15 21:15:44 | 000,000,849 | ---- | C] () -- C:\WINDOWS\orun32.ini [2006.11.15 21:12:35 | 000,004,704 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys [2006.11.15 21:12:35 | 000,000,008 | RHS- | C] () -- C:\WINDOWS\System32\8679CB5C67.sys [2006.11.15 19:49:38 | 000,003,376 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini [2006.11.15 19:37:54 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll [2006.11.15 19:36:37 | 000,003,776 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini [2006.11.15 19:29:15 | 000,016,480 | ---- | C] () -- C:\WINDOWS\System32\rixdicon.dll [2006.11.10 16:29:59 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll [2006.11.10 16:29:58 | 001,662,976 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll [2006.11.10 16:29:57 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll [2006.11.10 16:29:55 | 001,470,464 | ---- | C] () -- C:\WINDOWS\System32\nview.dll [2006.11.10 16:29:54 | 000,098,304 | ---- | C] () -- C:\WINDOWS\System32\nvapi.dll [2006.09.20 09:34:10 | 000,000,000 | ---- | C] () -- C:\WINDOWS\Buhl.ini [2006.03.24 14:00:00 | 000,027,440 | ---- | C] () -- C:\WINDOWS\System32\drivers\secdrv.sys [2006.03.07 19:58:18 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\716xCoInstaller.dll [2005.08.16 14:48:16 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\OrdMen.dll [2005.08.16 14:48:14 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\SOFFICK2.dll [2005.08.16 14:48:00 | 000,070,144 | ---- | C] () -- C:\WINDOWS\System32\ENCODE32.DLL [2005.08.16 14:48:00 | 000,047,104 | ---- | C] () -- C:\WINDOWS\System32\TAL12832.DLL [2005.08.16 14:48:00 | 000,018,944 | ---- | C] () -- C:\WINDOWS\System32\TALDM32A.dll [2005.08.16 14:48:00 | 000,017,408 | ---- | C] () -- C:\WINDOWS\System32\TALDM32.DLL [2005.08.16 14:47:52 | 000,249,856 | ---- | C] () -- C:\WINDOWS\System32\SBSPAIN3.DLL [2005.08.16 14:47:52 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\SBSPAIN2.DLL [2005.08.16 14:47:52 | 000,036,864 | ---- | C] () -- C:\WINDOWS\System32\SBSPAINT.DLL [2005.08.05 15:26:04 | 000,235,008 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll [2004.09.28 23:54:30 | 003,375,104 | ---- | C] () -- C:\WINDOWS\System32\qt-mt331.dll < End of report > Die Datei Extras.txt ----------------------------------OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 08.10.2010 15:05:37 - Run 4
OTL by OldTimer - Version 3.2.14.1 Folder = C:\Dokumente und Einstellungen\Michael\Desktop
Windows XP Media Center Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
1.022,00 Mb Total Physical Memory | 531,00 Mb Available Physical Memory | 52,00% Memory free
2,00 Gb Paging File | 2,00 Gb Available in Paging File | 83,00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 133,43 Gb Total Space | 105,73 Gb Free Space | 79,24% Space Free | Partition Type: NTFS
Drive D: | 15,60 Gb Total Space | 5,45 Gb Free Space | 34,92% Space Free | Partition Type: FAT32
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Computer Name: BESITZER-E4905B
Current User Name: Michael
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 30 Days
Output = Minimal
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Programme\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Programme\Microsoft Office\Office12\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"5353:TCP" = 5353:TCP:*:Enabled:Adobe CSI CS4
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\WINDOWS\system32\fxsclnt.exe" = C:\WINDOWS\system32\fxsclnt.exe:*:enabled:Microsoft Fax -- (Microsoft Corporation)
"C:\Programme\NetMeeting\Conf.exe" = C:\Programme\NetMeeting\Conf.exe:*:enabled:NetMeeting -- (Microsoft Corporation)
"C:\Programme\Nero\Nero 7\Nero MediaHome\NeroMediaHome.exe" = C:\Programme\Nero\Nero 7\Nero MediaHome\NeroMediaHome.exe:*:enabled:Nero MediaHome -- (Nero AG)
"C:\Programme\Nero\Nero 7\Nero Home\NeroHome.exe" = C:\Programme\Nero\Nero 7\Nero Home\NeroHome.exe:*:enabled:Nero Home -- (Nero AG)
"C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroUpgrade.exe" = C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroUpgrade.exe:*:enabled:Nero Upgrade -- (Nero AG)
"C:\Programme\Gemeinsame Dateien\Ahead\Nero Web\SetupX.exe" = C:\Programme\Gemeinsame Dateien\Ahead\Nero Web\SetupX.exe:*:enabled:Nero Setup -- (Nero AG)
"C:\Programme\Sceneo\Bonavista\VMedia\BVD.exe" = C:\Programme\Sceneo\Bonavista\VMedia\BVD.exe:*:enabled:Sceneo Bonavista -- (Buhl Data Service GmbH)
"C:\Programme\BullGuard Software\BullGuard\BullGuard.exe" = C:\Programme\BullGuard Software\BullGuard\BullGuard.exe:*:enabled:BullGuard -- (BullGuard Software)
"C:\Programme\BullGuard Software\BullGuard\BullGuardUpdate.exe" = C:\Programme\BullGuard Software\BullGuard\BullGuardUpdate.exe:*:enabled:BullGuard Update -- (BullGuard Software)
"C:\Programme\Medion\MEDIONbox\Program\GnabClient.exe" = C:\Programme\Medion\MEDIONbox\Program\GnabClient.exe:*:enabled:MEDIONbox Client -- (Empolis GmbH)
"C:\Programme\Sonavis\TVsweeper\\TVsweeper.exe" = C:\Programme\Sonavis\TVsweeper\\TVsweeper.exe:*:enabled:TVsweeper -- (Sonavis GmbH)
"C:\Programme\Gemeinsame Dateien\aol\ACS\AOLacsd.exe" = C:\Programme\Gemeinsame Dateien\aol\ACS\AOLacsd.exe:*:Enabled:AOL -- (America Online, Inc.)
"C:\Programme\Gemeinsame Dateien\aol\ACS\AOLDial.exe" = C:\Programme\Gemeinsame Dateien\aol\ACS\AOLDial.exe:*:Enabled:AOL -- (America Online, Inc)
"C:\Programme\AOL 9.0\waol.exe" = C:\Programme\AOL 9.0\waol.exe:*:Enabled:AOL 9.0 -- (America Online, Inc.)
"C:\Programme\ICQ7.1\ICQ.exe" = C:\Programme\ICQ7.1\ICQ.exe:*:Enabled:ICQ7.1 -- (ICQ, LLC.)
"C:\Programme\ICQ7.1\aolload.exe" = C:\Programme\ICQ7.1\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\WINDOWS\system32\fxsclnt.exe" = C:\WINDOWS\system32\fxsclnt.exe:*:enabled:Microsoft Fax -- (Microsoft Corporation)
"C:\Programme\NetMeeting\Conf.exe" = C:\Programme\NetMeeting\Conf.exe:*:enabled:NetMeeting -- (Microsoft Corporation)
"C:\Programme\Nero\Nero 7\Nero MediaHome\NeroMediaHome.exe" = C:\Programme\Nero\Nero 7\Nero MediaHome\NeroMediaHome.exe:*:enabled:Nero MediaHome -- (Nero AG)
"C:\Programme\Nero\Nero 7\Nero Home\NeroHome.exe" = C:\Programme\Nero\Nero 7\Nero Home\NeroHome.exe:*:enabled:Nero Home -- (Nero AG)
"C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroUpgrade.exe" = C:\Programme\Gemeinsame Dateien\Ahead\Lib\NeroUpgrade.exe:*:enabled:Nero Upgrade -- (Nero AG)
"C:\Programme\Gemeinsame Dateien\Ahead\Nero Web\SetupX.exe" = C:\Programme\Gemeinsame Dateien\Ahead\Nero Web\SetupX.exe:*:enabled:Nero Setup -- (Nero AG)
"C:\Programme\Sceneo\Bonavista\VMedia\BVD.exe" = C:\Programme\Sceneo\Bonavista\VMedia\BVD.exe:*:enabled:Sceneo Bonavista -- (Buhl Data Service GmbH)
"C:\Programme\BullGuard Software\BullGuard\BullGuard.exe" = C:\Programme\BullGuard Software\BullGuard\BullGuard.exe:*:enabled:BullGuard -- (BullGuard Software)
"C:\Programme\BullGuard Software\BullGuard\BullGuardUpdate.exe" = C:\Programme\BullGuard Software\BullGuard\BullGuardUpdate.exe:*:enabled:BullGuard Update -- (BullGuard Software)
"C:\Programme\Medion\MEDIONbox\Program\GnabClient.exe" = C:\Programme\Medion\MEDIONbox\Program\GnabClient.exe:*:enabled:MEDIONbox Client -- (Empolis GmbH)
"C:\Programme\Sonavis\TVsweeper\\TVsweeper.exe" = C:\Programme\Sonavis\TVsweeper\\TVsweeper.exe:*:enabled:TVsweeper -- (Sonavis GmbH)
"C:\Programme\Gemeinsame Dateien\aol\ACS\AOLDial.exe" = C:\Programme\Gemeinsame Dateien\aol\ACS\AOLDial.exe:*:Enabled:AOL -- (America Online, Inc)
"C:\Programme\Gemeinsame Dateien\aol\ACS\AOLacsd.exe" = C:\Programme\Gemeinsame Dateien\aol\ACS\AOLacsd.exe:*:Enabled:AOL -- (America Online, Inc.)
"C:\Programme\AOL 9.0\waol.exe" = C:\Programme\AOL 9.0\waol.exe:*:Enabled:AOL 9.0 -- (America Online, Inc.)
"C:\Programme\Mozilla Firefox\firefox.exe" = C:\Programme\Mozilla Firefox\firefox.exe:*:Disabled:Firefox -- (Mozilla Corporation)
"C:\Programme\ICQ7.1\ICQ.exe" = C:\Programme\ICQ7.1\ICQ.exe:*:Enabled:ICQ7.1 -- (ICQ, LLC.)
"C:\Programme\ICQ7.1\aolload.exe" = C:\Programme\ICQ7.1\aolload.exe:*:Enabled:aolload.exe -- (AOL LLC)
"C:\Programme\BearShare Applications\BearShare\BearShare.exe" = C:\Programme\BearShare Applications\BearShare\BearShare.exe:*:Enabled:BearShare -- File not found
"C:\Programme\Livestation\Livestation.exe" = C:\Programme\Livestation\Livestation.exe:*:Enabled:Livestation -- File not found
"C:\Programme\Bonjour\mDNSResponder.exe" = C:\Programme\Bonjour\mDNSResponder.exe:*:Enabled:Dienst "Bonjour" -- File not found
"C:\Programme\iTunes\iTunes.exe" = C:\Programme\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
"C:\Programme\Gemeinsame Dateien\Adobe\CS4ServiceManager\CS4ServiceManager.exe" = C:\Programme\Gemeinsame Dateien\Adobe\CS4ServiceManager\CS4ServiceManager.exe:*:Enabled:Adobe CSI CS4 -- (Adobe Systems Incorporated)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03440014-3975-4267-9F39-1DC4745090B7}" = Microsoft Encarta Enzyklopädie 2003
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup
"{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}" = mLogView
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{23FB368F-1399-4EAC-817C-4B83ECBE3D83}" = mProSafe
"{2792F12C-3515-4D69-8083-B557AF35F06F}" = LightScribe 1.4.89.1
"{27FDF949-69CE-435A-8372-339F72336AC5}" = MEDIONbox
"{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}" = QuickTime
"{3248F0A8-6813-11D6-A77B-00B0D0150090}" = J2SE Runtime Environment 5.0 Update 9
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{369B36BE-3D64-4641-9AEA-808D436FE132}" = Microsoft Picture It! Foto 7.0
"{3E9D596A-61D4-4239-BD19-2DB984D2A16F}" = mIWA
"{43DCF766-6838-4F9A-8C91-D92DA586DFA8}" = Microsoft Windows-Journal-Viewer
"{47D2103B-FD51-4017-9C20-DD408B17D726}" = Office 2003 Trial Assistant
"{4C73B683-B15D-4B94-AC7A-520B70C4FFE9}" = Sceneo Bonavista
"{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}" = Microsoft Works
"{553255F3-78FD-40F1-A6F8-6882140265FE}" = Apple Application Support
"{5B8072B3-A576-4C0B-99BC-FAA7145A1031}" = Nero 7 Essentials
"{5ECB3A3C-980B-4D12-9724-25DCB07A1F47}" = iTunes
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{71BFC818-0CED-42D6-9C87-5142918957EE}" = ICQ7.1
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76EFFC7C-17A6-479D-9E47-8E658C1695AE}" = Windows-Sicherungsprogramm
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Pro
"{7CDBE27D-87EC-434E-AFE4-D0116AE876BB}" = Microsoft Works Suite-Add-Ins für Microsoft Word
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{86EF9FC4-F209-4520-B7E1-C7FF0EEBDFFF}" = Adobe Audition 1.5
"{8937FCB2-2FC6-4FC3-9FB5-DE2C92DB9C38}" = Microsoft .NET Framework 2.0 Language Pack - DEU
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}" = mPfMgr
"{8C6BB412-D3A8-4AAE-A01B-35B681789D68}" = mHelp
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8DCBD4B1-DD30-4A9A-ADF7-FA3162B596C4}" = Windows Live Messenger
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{90B0D222-8C21-4B35-9262-53B042F18AF9}" = mPfWiz
"{90CC4231-94AC-45CD-991A-0253BFAC0650}" = mDrWiFi
"{911B0407-6000-11D3-8CFE-0050048383C9}" = Microsoft Word 2002
"{94658027-9F16-4509-BBD7-A59FE57C3023}" = mZConfig
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{95120000-003F-0407-0000-0000000FF1CE}" = Microsoft Office Excel Viewer
"{98786147-80E3-41A5-A80C-1F3C028558CF}" = Hearts of Iron 2
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9CC89556-3578-48DD-8408-04E66EBEF401}" = mXML
"{9DE1BE03-AFE2-4CDB-BFEB-D06D736CD01A}" = Apple Mobile Device Support
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AA750D39-2502-40DE-8E2A-2B58E5381D49}" = STAMPIT Home
"{AC76BA86-7AD7-1031-7B44-A70800000002}" = Adobe Reader 7.0.8 - Deutsch
"{B145EC69-66F5-11D8-9D75-000129760D75}" = MakeDisc
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Plus Web Player
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C4BEEB8C-B9D2-4CD9-A2AA-1F3A1F57DF21}" = Works Suite-Betriebssystem-Pack
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0CC1431-915D-4454-A045-232155BFD498}" = TVsweeper
"{D2784EF8-89B9-4992-935B-389F225AD377}" = Vodafone Mobile Connect
"{D5F82F8F-4DE2-11D9-A373-0050BAE317E1}" = PowerCinema Linux 5.0
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{E81667C6-2856-46D6-ABEA-6A2F42166779}" = mCore
"{EDDDC607-91D9-4758-9F57-265FDCD8A772}" = Microsoft Works 7.0
"{F01F79AD-1F47-4685-AE4E-CCFA4EA9FF7C}" = Adobe Setup
"{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}" = mMHouse
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F79A208D-D929-11D9-9D77-000129760D75}" = MagicDirector 1.2
"{F7F2DC0A-C22E-49AD-AD37-797309A54E7B}" = Microsoft AutoRoute 2002
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}" = mWlsSafe
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe_5f143314a5d434c8511097393d17397" = Adobe Photoshop CS3
"Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4
"ALDI Foto Service Nord D" = ALDI Foto Service Nord (D)
"ALDI Online Druck Service (Nord)" = ALDI Online Druck Service (Nord)
"AVMFBox" = FRITZ!Box
"BullGuard" = BullGuard 6.1
"Cool Edit Pro 2.0" = Cool Edit Pro 2.0
"DVDVideoSoftTB Toolbar" = DVDVideoSoftTB Toolbar
"Free Screen To Video_is1" = Free Screen To Video V 1.2
"ie8" = Windows Internet Explorer 8
"InstallShield_{AA750D39-2502-40DE-8E2A-2B58E5381D49}" = STAMPIT
"LetsTrade" = LetsTrade Komponenten
"MAGIX music maker SE" = MAGIX music maker SE
"MEDION Fotos auf CD Nord D" = MEDION Fotos auf CD Nord (D)
"medionmusic-manager gold" = medionmusic-manager gold
"medionmusic-Suite" = medionmusic-Suite
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 2.0 Language Pack - DEU" = Microsoft .NET Framework 2.0 Language Pack - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.5.11)" = Mozilla Firefox (3.5.11)
"NVIDIA Drivers" = NVIDIA Drivers
"Nvu_is1" = Nvu 1.0
"ProInst" = Intel(R) PROSet/Wireless Software
"QuickStores-Toolbar_is1" = QuickStores-Toolbar 1.1.0
"RealPlayer 6.0" = RealPlayer Basic
"Secure Eraser_is1" = Secure Eraser v3.2
"Shockwave" = Shockwave
"SMSERIAL" = Motorola SM56 Data Fax Modem
"ST6UNST #1" = HelloFriendz Ultra
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Tweak UI 2.10" = Tweak UI
"Uninstall_is1" = Uninstall 1.0.0.1
"Wdf01005" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
"WIC" = Windows Imaging Component
"Windows Media Format Runtime" = Windows Media Format Runtime
"Windows XP Media Center Edition Screen Saver Screen Saver" = Windows XP Media Center Edition Screen Saver Screen Saver
"WinGimp-2.0_is1" = GIMP 2.6.8
"WinRAR archiver" = WinRAR
"WMCSetup" = Windows Media Connect
"Works2003Setup" = Microsoft Works 2003-Setup-Start
"X10Hardware" = X10 Hardware(TM)
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"95b48956554fe2e1" = RecordDeal
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 02.10.2010 10:21:11 | Computer Name = BESITZER-E4905B | Source = Bonjour Service | ID = 100
Description =
Error - 02.10.2010 10:21:13 | Computer Name = BESITZER-E4905B | Source = Bonjour Service | ID = 100
Description =
Error - 02.10.2010 10:21:13 | Computer Name = BESITZER-E4905B | Source = Bonjour Service | ID = 100
Description =
Error - 02.10.2010 10:21:13 | Computer Name = BESITZER-E4905B | Source = Bonjour Service | ID = 100
Description =
Error - 04.10.2010 08:25:48 | Computer Name = BESITZER-E4905B | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung moviemk.exe, Version 2.1.4027.0, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error - 04.10.2010 09:04:44 | Computer Name = BESITZER-E4905B | Source = MsiInstaller | ID = 11336
Description = Product: Adobe Device Central CS3 -- Error 1336.Beim Erstellen der
für die Installation erforderlichen temporären Datei ist ein Fehler aufgetreten.
Ordner: C:\Config.Msi\. Systemfehlercode: 1450
Error - 04.10.2010 09:06:54 | Computer Name = BESITZER-E4905B | Source = MsiInstaller | ID = 10005
Description = Product: Adobe Camera Raw 4.0 -- Internal Error 2203. C:\WINDOWS\Installer\335026.ipi,
-2147023446
Error - 04.10.2010 09:33:02 | Computer Name = BESITZER-E4905B | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung chrome.exe, Version 0.0.0.0, fehlgeschlagenes
Modul kernel32.dll, Version 5.1.2600.3541, Fehleradresse 0x00012a6b.
Error - 05.10.2010 15:45:57 | Computer Name = BESITZER-E4905B | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung moviemk.exe, Version 2.1.4027.0, Stillstandmodul
hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
Error - 07.10.2010 16:52:00 | Computer Name = BESITZER-E4905B | Source = .NET Runtime 2.0 Error Reporting | ID = 5000
Description = EventType clr20r3, P1 freescreenvideo.exe, P2 1.2.0.0, P3 4b8bc881,
P4 system, P5 2.0.0.0, P6 4ba85929, P7 2c70, P8 67, P9 system.net.sockets.socket,
P10 NIL.
[ System Events ]
Error - 07.10.2010 17:07:22 | Computer Name = BESITZER-E4905B | Source = Service Control Manager | ID = 7001
Description = Der Dienst "DNS-Client" ist vom Dienst "TCP/IP-Protokolltreiber" abhängig,
der aufgrund folgenden Fehlers nicht gestartet wurde: %%31
Error - 07.10.2010 17:07:22 | Computer Name = BESITZER-E4905B | Source = Service Control Manager | ID = 7001
Description = Der Dienst "TCP/IP-NetBIOS-Hilfsprogramm" ist vom Dienst "AFD" abhängig,
der aufgrund folgenden Fehlers nicht gestartet wurde: %%31
Error - 07.10.2010 17:07:22 | Computer Name = BESITZER-E4905B | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Apple Mobile Device" ist vom Dienst "TCP/IP-Protokolltreiber"
abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%31
Error - 07.10.2010 17:07:22 | Computer Name = BESITZER-E4905B | Source = Service Control Manager | ID = 7001
Description = Der Dienst "IPSEC-Dienste" ist vom Dienst "IPSEC-Treiber" abhängig,
der aufgrund folgenden Fehlers nicht gestartet wurde: %%31
Error - 07.10.2010 17:07:22 | Computer Name = BESITZER-E4905B | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
AFD avgio Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss Tcpip wpsdrvnt
Error - 07.10.2010 17:08:22 | Computer Name = BESITZER-E4905B | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1084" aufgetreten, als der Dienst "StiSvc"
mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
Error - 07.10.2010 17:09:24 | Computer Name = BESITZER-E4905B | Source = DCOM | ID = 10005
Description = Bei DCOM ist der Fehler "%1084" aufgetreten, als der Dienst "EventSystem"
mit den Argumenten "" gestartet wurde, um den folgenden Server zu verwenden: {1BE1F766-5536-11D1-B726-00C04FB926AF}
Error - 07.10.2010 17:10:13 | Computer Name = BESITZER-E4905B | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Avira AntiVir Planer" wurde aufgrund folgenden Fehlers
nicht gestartet: %%3
Error - 07.10.2010 17:10:13 | Computer Name = BESITZER-E4905B | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Avira AntiVir Guard" wurde aufgrund folgenden Fehlers
nicht gestartet: %%3
Error - 07.10.2010 17:10:14 | Computer Name = BESITZER-E4905B | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
avgio
< End of report >
Ich hoffe , dass mir jetzt jemand helfen kann, ich krig hier nemlich wirklich die Kriese ^^
__________________ Spittfaia & Rebina - Doppelt aufs Maul DIE FREEDOWNLOAD EP 12 Tracks direkt auf http://spittfaia.lima-city.de/spiitload.html währe cool wenn sie jemand lädt |
|
08.10.2010, 18:34
| #9 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | TR/Crypt.XPACK.Gen3 Beende alle Programme, starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!) Code:
ATTFilter :OTL
FF - prefs.js..CommunityToolbar.SearchFromAddressBarSavedUrl: "data:text/plain,keyword.URL=http://de.search.yahoo.com/search?ei=UTF-8&fr=ffpro&type=moz35awe&p="
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.defaultthis.engineName: "softonic-de3 Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2431245&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.order.1: "BearShare Web Search"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=302398"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.startup.homepage: "http://www.faiatv.tk"
O33 - MountPoints2\{47d149c0-32be-11df-8ff6-00038a000015}\Shell\AutoRun\command - "" = F:\installer.exe -- File not found
O33 - MountPoints2\{47d149c0-32be-11df-8ff6-00038a000015}\Shell\verb\command - "" = F:\installer.exe -- File not found
O33 - MountPoints2\{d3b658dc-f849-11de-8fb5-00040ed4087d}\Shell - "" = AutoRun
O33 - MountPoints2\{d3b658dc-f849-11de-8fb5-00040ed4087d}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{d3b658dc-f849-11de-8fb5-00040ed4087d}\Shell\Open\command - "" = resycled\boot.com f:
:Commands
[purity]
[resethosts]
[emptytemp]
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
10.10.2010, 11:09
| #10 |
| | TR/Crypt.XPACK.Gen3 Hier die Datei die rausgekommen ist: ---------------------------------------------- All processes killed ========== OTL ========== Prefs.js: "data:text/plain,keyword.URL=hxxp://de.search.yahoo.com/search?ei=UTF-8&fr=ffpro&type=moz35awe&p=" removed from CommunityToolbar.SearchFromAddressBarSavedUrl Prefs.js: "ICQ Search" removed from browser.search.defaultenginename Prefs.js: "softonic-de3 Customized Web Search" removed from browser.search.defaultthis.engineName Prefs.js: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2431245&SearchSource=3&q={searchTerms}" removed from browser.search.defaulturl Prefs.js: "BearShare Web Search" removed from browser.search.order.1 Prefs.js: "chr-greentree_ff&type=302398" removed from browser.search.param.yahoo-fr Prefs.js: "ICQ Search" removed from browser.search.selectedEngine Prefs.js: "hxxp://www.faiatv.tk" removed from browser.startup.homepage Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{47d149c0-32be-11df-8ff6-00038a000015}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{47d149c0-32be-11df-8ff6-00038a000015}\ not found. File F:\installer.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{47d149c0-32be-11df-8ff6-00038a000015}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{47d149c0-32be-11df-8ff6-00038a000015}\ not found. File F:\installer.exe not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d3b658dc-f849-11de-8fb5-00040ed4087d}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d3b658dc-f849-11de-8fb5-00040ed4087d}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d3b658dc-f849-11de-8fb5-00040ed4087d}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d3b658dc-f849-11de-8fb5-00040ed4087d}\ not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d3b658dc-f849-11de-8fb5-00040ed4087d}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d3b658dc-f849-11de-8fb5-00040ed4087d}\ not found. File f:\resycled\boot.com not found. ========== COMMANDS ========== C:\WINDOWS\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully [EMPTYTEMP] User: Administrator ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 435406 bytes ->Flash cache emptied: 348 bytes User: All Users User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 180358 bytes ->Flash cache emptied: 348 bytes User: LocalService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 230006 bytes User: Michael ->Temp folder emptied: 2721295021 bytes ->Temporary Internet Files folder emptied: 226158632 bytes ->Java cache emptied: 4283925 bytes ->FireFox cache emptied: 43304794 bytes ->Flash cache emptied: 64438 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 1346706 bytes User: Siggi ->Temp folder emptied: 1698555 bytes ->Temporary Internet Files folder emptied: 207001340 bytes ->Flash cache emptied: 1412 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 1220821 bytes %systemroot%\System32 .tmp files removed: 2951 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 335725155 bytes RecycleBin emptied: 14565839 bytes Total Files Cleaned = 3.393,00 mb OTL by OldTimer - Version 3.2.14.1 log created on 10102010_114814 Files\Folders moved on Reboot... Registry entries deleted on Reboot... --------------------------------------- hat es was gehofen?
__________________ Spittfaia & Rebina - Doppelt aufs Maul DIE FREEDOWNLOAD EP 12 Tracks direkt auf http://spittfaia.lima-city.de/spiitload.html währe cool wenn sie jemand lädt |
|
10.10.2010, 19:29
| #11 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | TR/Crypt.XPACK.Gen3 Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
13.10.2010, 12:47
| #12 |
| | TR/Crypt.XPACK.Gen3 Hier der Combofix Log --------------------------------- Combofix Logfile: Code:
ATTFilter ComboFix 10-10-12.03 - Michael 13.10.2010 13:03:21.1.2 - x86
Microsoft Windows XP Professional 5.1.2600.2.1252.49.1031.18.1022.546 [GMT 2:00]
ausgeführt von:: c:\dokumente und einstellungen\Michael\Desktop\cofi.exe
AV: BullGuard Antivirus *On-access scanning disabled* (Updated) {7A9BB333-8EDF-4FDC-A2A5-1A30FA021913}
FW: BullGuard Firewall *enabled* {2AEF4CB6-61B5-4E60-AF22-D95E75B63FA1}
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\dokumente und einstellungen\Michael\Anwendungsdaten\PriceGong
c:\dokumente und einstellungen\Michael\Anwendungsdaten\PriceGong\Data\1.xml
c:\dokumente und einstellungen\Michael\Anwendungsdaten\PriceGong\Data\a.xml
c:\dokumente und einstellungen\Michael\Anwendungsdaten\PriceGong\Data\b.xml
c:\dokumente und einstellungen\Michael\Anwendungsdaten\PriceGong\Data\c.xml
c:\dokumente und einstellungen\Michael\Anwendungsdaten\PriceGong\Data\d.xml
c:\dokumente und einstellungen\Michael\Anwendungsdaten\PriceGong\Data\e.xml
c:\dokumente und einstellungen\Michael\Anwendungsdaten\PriceGong\Data\f.xml
c:\dokumente und einstellungen\Michael\Anwendungsdaten\PriceGong\Data\g.xml
c:\dokumente und einstellungen\Michael\Anwendungsdaten\PriceGong\Data\h.xml
c:\dokumente und einstellungen\Michael\Anwendungsdaten\PriceGong\Data\i.xml
c:\dokumente und einstellungen\Michael\Anwendungsdaten\PriceGong\Data\J.xml
c:\dokumente und einstellungen\Michael\Anwendungsdaten\PriceGong\Data\k.xml
c:\dokumente und einstellungen\Michael\Anwendungsdaten\PriceGong\Data\l.xml
c:\dokumente und einstellungen\Michael\Anwendungsdaten\PriceGong\Data\m.xml
c:\dokumente und einstellungen\Michael\Anwendungsdaten\PriceGong\Data\mru.xml
c:\dokumente und einstellungen\Michael\Anwendungsdaten\PriceGong\Data\n.xml
c:\dokumente und einstellungen\Michael\Anwendungsdaten\PriceGong\Data\o.xml
c:\dokumente und einstellungen\Michael\Anwendungsdaten\PriceGong\Data\p.xml
c:\dokumente und einstellungen\Michael\Anwendungsdaten\PriceGong\Data\q.xml
c:\dokumente und einstellungen\Michael\Anwendungsdaten\PriceGong\Data\r.xml
c:\dokumente und einstellungen\Michael\Anwendungsdaten\PriceGong\Data\s.xml
c:\dokumente und einstellungen\Michael\Anwendungsdaten\PriceGong\Data\t.xml
c:\dokumente und einstellungen\Michael\Anwendungsdaten\PriceGong\Data\u.xml
c:\dokumente und einstellungen\Michael\Anwendungsdaten\PriceGong\Data\v.xml
c:\dokumente und einstellungen\Michael\Anwendungsdaten\PriceGong\Data\w.xml
c:\dokumente und einstellungen\Michael\Anwendungsdaten\PriceGong\Data\x.xml
c:\dokumente und einstellungen\Michael\Anwendungsdaten\PriceGong\Data\y.xml
c:\dokumente und einstellungen\Michael\Anwendungsdaten\PriceGong\Data\z.xml
c:\dokumente und einstellungen\Siggi\Anwendungsdaten\PriceGong
c:\dokumente und einstellungen\Siggi\Anwendungsdaten\PriceGong\Data\1.xml
c:\dokumente und einstellungen\Siggi\Anwendungsdaten\PriceGong\Data\a.xml
c:\dokumente und einstellungen\Siggi\Anwendungsdaten\PriceGong\Data\b.xml
c:\dokumente und einstellungen\Siggi\Anwendungsdaten\PriceGong\Data\c.xml
c:\dokumente und einstellungen\Siggi\Anwendungsdaten\PriceGong\Data\d.xml
c:\dokumente und einstellungen\Siggi\Anwendungsdaten\PriceGong\Data\e.xml
c:\dokumente und einstellungen\Siggi\Anwendungsdaten\PriceGong\Data\f.xml
c:\dokumente und einstellungen\Siggi\Anwendungsdaten\PriceGong\Data\g.xml
c:\dokumente und einstellungen\Siggi\Anwendungsdaten\PriceGong\Data\h.xml
c:\dokumente und einstellungen\Siggi\Anwendungsdaten\PriceGong\Data\i.xml
c:\dokumente und einstellungen\Siggi\Anwendungsdaten\PriceGong\Data\J.xml
c:\dokumente und einstellungen\Siggi\Anwendungsdaten\PriceGong\Data\k.xml
c:\dokumente und einstellungen\Siggi\Anwendungsdaten\PriceGong\Data\l.xml
c:\dokumente und einstellungen\Siggi\Anwendungsdaten\PriceGong\Data\m.xml
c:\dokumente und einstellungen\Siggi\Anwendungsdaten\PriceGong\Data\mru.xml
c:\dokumente und einstellungen\Siggi\Anwendungsdaten\PriceGong\Data\n.xml
c:\dokumente und einstellungen\Siggi\Anwendungsdaten\PriceGong\Data\o.xml
c:\dokumente und einstellungen\Siggi\Anwendungsdaten\PriceGong\Data\p.xml
c:\dokumente und einstellungen\Siggi\Anwendungsdaten\PriceGong\Data\q.xml
c:\dokumente und einstellungen\Siggi\Anwendungsdaten\PriceGong\Data\r.xml
c:\dokumente und einstellungen\Siggi\Anwendungsdaten\PriceGong\Data\s.xml
c:\dokumente und einstellungen\Siggi\Anwendungsdaten\PriceGong\Data\t.xml
c:\dokumente und einstellungen\Siggi\Anwendungsdaten\PriceGong\Data\u.xml
c:\dokumente und einstellungen\Siggi\Anwendungsdaten\PriceGong\Data\v.xml
c:\dokumente und einstellungen\Siggi\Anwendungsdaten\PriceGong\Data\w.xml
c:\dokumente und einstellungen\Siggi\Anwendungsdaten\PriceGong\Data\x.xml
c:\dokumente und einstellungen\Siggi\Anwendungsdaten\PriceGong\Data\y.xml
c:\dokumente und einstellungen\Siggi\Anwendungsdaten\PriceGong\Data\z.xml
c:\windows\system32\Settings
c:\windows\system32\Settings\Settings.ini
.
((((((((((((((((((((((((((((((((((((((( Treiber/Dienste )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Legacy_NPF
((((((((((((((((((((((( Dateien erstellt von 2010-09-13 bis 2010-10-13 ))))))))))))))))))))))))))))))
.
2010-10-12 11:48 . 2010-10-12 11:48 -------- d-----w- c:\dokumente und einstellungen\Michael\L
2010-10-10 13:48 . 2010-10-10 13:58 -------- d---a-w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\TEMP
2010-10-10 09:48 . 2010-10-10 09:48 -------- d-----w- C:\_OTL
2010-10-07 20:52 . 2010-10-07 20:52 -------- d-----w- c:\programme\ASCOMP Software
2010-10-07 20:51 . 2010-10-07 20:51 -------- d-----w- c:\programme\Free Screen To Video
2010-10-07 13:45 . 2010-10-07 13:45 -------- d-sh--w- c:\dokumente und einstellungen\Administrator\PrivacIE
2010-10-07 13:43 . 2010-10-07 13:43 -------- d-----w- c:\dokumente und einstellungen\Administrator\Anwendungsdaten\ASCOMP Software
2010-10-07 12:48 . 2010-10-07 12:48 -------- d-----w- c:\dokumente und einstellungen\Michael\Anwendungsdaten\ASCOMP Software
2010-10-06 10:53 . 2010-10-07 13:57 -------- d-----w- c:\programme\Unlocker
2010-10-06 10:53 . 2010-10-06 14:03 -------- d-----w- c:\dokumente und einstellungen\Michael\Anwendungsdaten\QuickStoresToolbar
2010-10-05 19:57 . 2010-10-05 19:58 -------- d-----w- c:\dokumente und einstellungen\Michael\Anwendungsdaten\GetRightToGo
2010-10-05 18:11 . 2010-10-05 18:11 -------- d-sh--w- c:\dokumente und einstellungen\Administrator\IETldCache
2010-10-05 14:24 . 2010-10-05 14:24 -------- d-sh--w- c:\dokumente und einstellungen\Michael\IECompatCache
2010-10-02 15:26 . 2010-10-02 15:26 -------- d-----w- c:\dokumente und einstellungen\Michael\Anwendungsdaten\AnvSoft
2010-10-02 15:26 . 2010-10-02 15:26 -------- d-----w- c:\programme\AnvSoft
2010-10-01 15:48 . 2010-10-01 15:48 -------- d-----w- c:\dokumente und einstellungen\Michael\Anwendungsdaten\Malwarebytes
2010-10-01 15:48 . 2010-10-01 15:48 -------- d-----w- c:\dokumente und einstellungen\All Users\Anwendungsdaten\Malwarebytes
2010-09-19 11:01 . 2010-09-24 17:59 -------- d-----w- c:\dokumente und einstellungen\Siggi
2010-09-17 11:16 . 2010-10-04 13:22 -------- d-----w- c:\dokumente und einstellungen\Michael\Anwendungsdaten\FreeScreenToVideo
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
------- Sigcheck -------
[-] 2008-04-13 . 9F3A2F5AA6875C72BF062C712CFA2674 . 96512 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\atapi.sys
[-] 2006-03-24 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\system32\ReinstallBackups\0007\DriverFiles\i386\atapi.sys
[-] 2004-08-03 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\atapi.sys
[-] 2004-08-03 . CDFE4411A69C224BD1D11B2DA92DAC51 . 95360 . . [5.1.2600.2180] . . c:\windows\system32\drivers\atapi.sys
[-] 2008-04-13 . B153AFFAC761E7F5FCFA822B9C4E97BC . 14336 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\asyncmac.sys
[-] 2006-03-24 . 02000ABF34AF4C218C35D257024807D6 . 14336 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\asyncmac.sys
[-] 2006-03-24 . 02000ABF34AF4C218C35D257024807D6 . 14336 . . [5.1.2600.2180] . . c:\windows\system32\drivers\asyncmac.sys
[-] 2006-03-24 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\dllcache\beep.sys
[-] 2006-03-24 . DA1F27D85E0D1525F6621372E7B685E9 . 4224 . . [5.1.2600.0] . . c:\windows\system32\drivers\beep.sys
[-] 2008-04-14 . 1704D8C4C8807B889E43C649B478A452 . 25216 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\kbdclass.sys
[-] 2006-03-24 . B128FC0A5CD83F669D5DE4B58F77C7D6 . 25216 . . [5.1.2600.2180] . . c:\windows\system32\drivers\kbdclass.sys
[-] 2008-04-13 . 1DF7F42665C94B825322FAE71721130D . 182656 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\ndis.sys
[-] 2006-03-24 . 558635D3AF1C7546D26067D5D9B6959E . 182912 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\ndis.sys
[-] 2006-03-24 . 558635D3AF1C7546D26067D5D9B6959E . 182912 . . [5.1.2600.2180] . . c:\windows\system32\drivers\ndis.sys
[-] 2008-04-13 . 78A08DD6A8D65E697C18E1DB01C5CDCA . 574976 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\ntfs.sys
[-] 2006-03-24 . B78BE402C3F63DD55521F73876951CDD . 574592 . . [5.1.2600.2180] . . c:\windows\I386\NTFS.SYS
[-] 2006-03-24 . B78BE402C3F63DD55521F73876951CDD . 574592 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\ntfs.sys
[-] 2006-03-24 . B78BE402C3F63DD55521F73876951CDD . 574592 . . [5.1.2600.2180] . . c:\windows\system32\drivers\ntfs.sys
[-] 2006-03-24 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\dllcache\null.sys
[-] 2006-03-24 . 73C1E1F395918BC2C6DD67AF7591A3AD . 2944 . . [5.1.2600.0] . . c:\windows\system32\drivers\null.sys
[-] 2008-06-20 . AD978A1B783B5719720CFF204B666C8E . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\tcpip.sys
[-] 2008-06-20 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3GDR\tcpip.sys
[-] 2008-06-20 . 2A5554FC5B1E04E131230E3CE035C3F9 . 360320 . . [5.1.2600.3394] . . c:\windows\system32\dllcache\tcpip.sys
[-] 2008-06-20 . 2A5554FC5B1E04E131230E3CE035C3F9 . 360320 . . [5.1.2600.3394] . . c:\windows\system32\drivers\tcpip.sys
[-] 2008-06-20 . 744E57C99232201AE98C49168B918F48 . 360960 . . [5.1.2600.3394] . . c:\windows\$hf_mig$\KB951748\SP2QFE\tcpip.sys
[-] 2008-04-13 . 93EA8D04EC73A85DB02EB8805988F733 . 361344 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\tcpip.sys
[-] 2006-04-20 . B2220C618B42A2212A59D91EBD6FC4B4 . 360576 . . [5.1.2600.2892] . . c:\windows\$hf_mig$\KB917953\SP2QFE\tcpip.sys
[-] 2006-04-20 . 1DBF125862891817F374F407626967F4 . 359808 . . [5.1.2600.2892] . . c:\windows\$NtUninstallKB951748$\tcpip.sys
[-] 2006-01-13 . 5562CC0A47B2AEF06D3417B733F3C195 . 360448 . . [5.1.2600.2827] . . c:\windows\$hf_mig$\KB913446\SP2QFE\tcpip.sys
[-] 2005-05-25 . 63FDFEA54EB53DE2D863EE454937CE1E . 359936 . . [5.1.2600.2685] . . c:\windows\$hf_mig$\KB893066\SP2QFE\tcpip.sys
[-] 2008-04-14 . B42057F06BBB98B31876C0B3F2B54E33 . 77824 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\browser.dll
[-] 2006-03-24 . D8653DCD80CF2EBB333FC4FCC43A7DEF . 77312 . . [5.1.2600.2180] . . c:\windows\system32\browser.dll
[-] 2006-03-24 . D8653DCD80CF2EBB333FC4FCC43A7DEF . 77312 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\browser.dll
[-] 2008-04-14 . AFB8261B56CBA0D86AEB6DF682AF9785 . 13312 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\lsass.exe
[-] 2006-03-24 . 183805EB05BCA5A1E4AAAED4D2BE3690 . 13312 . . [5.1.2600.2180] . . c:\windows\system32\lsass.exe
[-] 2006-03-24 . 183805EB05BCA5A1E4AAAED4D2BE3690 . 13312 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\lsass.exe
[-] 2008-04-14 . E6D88F1F6745BF00B57E7855A2AB696C . 198144 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\netman.dll
[-] 2005-08-22 . 1E5218FBE323C375B488318950E10FB4 . 197632 . . [5.1.2600.2743] . . c:\windows\system32\netman.dll
[-] 2005-08-22 . 1E5218FBE323C375B488318950E10FB4 . 197632 . . [5.1.2600.2743] . . c:\windows\system32\dllcache\netman.dll
[-] 2005-08-22 . 19D9B6B139F09A72AE71758BDF28308E . 197632 . . [5.1.2600.2743] . . c:\windows\$hf_mig$\KB905414\SP2QFE\netman.dll
[-] 2008-04-14 . D6F603772A789BB3228F310D650B8BD1 . 409088 . . [6.7.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\qmgr.dll
[-] 2006-03-24 . 3A5E54A9AB96EF2D273B58136FB58EFE . 382464 . . [6.6.2600.2180] . . c:\windows\system32\qmgr.dll
[-] 2006-03-24 . 3A5E54A9AB96EF2D273B58136FB58EFE . 382464 . . [6.6.2600.2180] . . c:\windows\system32\dllcache\qmgr.dll
[-] 2009-02-09 . D3D765E8455A961AE567B408F767D4F9 . 401408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\rpcss.dll
[-] 2009-02-09 . 3127AFBF2C1ED0AB14A1BBB7AAECB85B . 401408 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\rpcss.dll
[-] 2009-02-09 . D45BBCDDC74A1B0259A0C4B00C190D20 . 399360 . . [5.1.2600.3520] . . c:\windows\system32\rpcss.dll
[-] 2009-02-09 . D45BBCDDC74A1B0259A0C4B00C190D20 . 399360 . . [5.1.2600.3520] . . c:\windows\system32\dllcache\rpcss.dll
[-] 2009-02-09 . 8AFBC2E1E5555A1C29953AF854F0FCA5 . 401408 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB956572\SP2QFE\rpcss.dll
[-] 2008-04-14 . E970C2296916BF4A2F958680016FE312 . 399360 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\rpcss.dll
[-] 2005-07-26 . 891E3E4537C6DFCAE475073FC49CE9CB . 397824 . . [5.1.2600.2726] . . c:\windows\$NtUninstallKB956572$\rpcss.dll
[-] 2005-07-26 . DBA9F9C00A7A2B45EB8E451C2B6D10E9 . 398336 . . [5.1.2600.2726] . . c:\windows\$hf_mig$\KB902400\SP2QFE\rpcss.dll
[-] 2005-04-28 . 434A27912D53BF3FB6C1CE37BAFA5CF6 . 396288 . . [5.1.2600.2665] . . c:\windows\$hf_mig$\KB894391\SP2QFE\rpcss.dll
[-] 2005-01-14 . 64F7E6B27B790365A910ECE21134A680 . 395776 . . [5.1.2600.2595] . . c:\windows\$hf_mig$\KB873333\SP2QFE\rpcss.dll
[-] 2009-02-09 . A3EDBE9053889FB24AB22492472B39DC . 111104 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\services.exe
[-] 2009-02-09 . F0A7D59AF279326528715B206669B86C . 111104 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\services.exe
[-] 2009-02-09 . 65F6B774819BD727358157CEDEA67B8E . 111104 . . [5.1.2600.3520] . . c:\windows\system32\services.exe
[-] 2009-02-09 . 65F6B774819BD727358157CEDEA67B8E . 111104 . . [5.1.2600.3520] . . c:\windows\system32\dllcache\services.exe
[-] 2009-02-09 . A07CA23EA361A01E627D911CF139B950 . 111104 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB956572\SP2QFE\services.exe
[-] 2008-04-14 . 4BB6A83640F1D1792AD21CE767B621C6 . 109056 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\services.exe
[-] 2006-03-24 . EDB6B81761BD60F32F740BBC40AFB676 . 108544 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB956572$\services.exe
[-] 2008-04-14 . 39356A9CDB6753A6D13A4072A9F5A4BB . 57856 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\spoolsv.exe
[-] 2005-06-11 . AD3D9D191AEA7B5445FE1D82FFBB4788 . 57856 . . [5.1.2600.2696] . . c:\windows\$hf_mig$\KB896423\SP2QFE\spoolsv.exe
[-] 2005-06-10 . DA81EC57ACD4CDC3D4C51CF3D409AF9F . 57856 . . [5.1.2600.2696] . . c:\windows\system32\spoolsv.exe
[-] 2005-06-10 . DA81EC57ACD4CDC3D4C51CF3D409AF9F . 57856 . . [5.1.2600.2696] . . c:\windows\system32\dllcache\spoolsv.exe
[-] 2008-04-14 . F09A527B422E25C478E38CAA0E44417A . 513024 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\winlogon.exe
[-] 2006-03-24 . 2B6A0BAF33A9918F09442D873848FF72 . 507392 . . [5.1.2600.2180] . . c:\windows\system32\winlogon.exe
[-] 2006-03-24 . 2B6A0BAF33A9918F09442D873848FF72 . 507392 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\winlogon.exe
[-] 2008-04-14 . AD28671D1B83A386B070DC451A113C13 . 617472 . . [5.82] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\comctl32.dll
[-] 2008-04-14 . 3C93CE6C6985C55952B7BE6673E9FD15 . 1054208 . . [6.0] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\asms\60\msft\windows\common\controls\comctl32.dll
[-] 2006-08-25 . EE82D1393169AC6BDF6016F4EA8D2B79 . 617472 . . [5.82] . . c:\windows\system32\comctl32.dll
[-] 2006-08-25 . EE82D1393169AC6BDF6016F4EA8D2B79 . 617472 . . [5.82] . . c:\windows\system32\dllcache\comctl32.dll
[-] 2006-08-25 . F64451D07B9368B46AB31172D56D1804 . 1054208 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
[-] 2006-03-24 . 2CF914215226B3F7FA1AE4A47E4D261C . 611328 . . [5.82] . . c:\windows\$NtUninstallKB923191$\comctl32.dll
[-] 2006-03-24 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . c:\windows\I386\ASMS\6000\MSFT\WINDOWS\COMMON\CONTROLS\COMCTL32.DLL
[-] 2006-03-24 . AEF3D788DBF40C7C4D204EA45EB0C505 . 921088 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.0.0_x-ww_1382d70a\comctl32.dll
[-] 2006-03-24 . 9D0F57B9C65BF8A07DB655A9ED6EB2EE . 1050624 . . [6.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2180_x-ww_a84f1ff9\comctl32.dll
[-] 2008-04-14 . 611F824E5C703A5A899F84C5F1699E4D . 62464 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\cryptsvc.dll
[-] 2006-03-24 . 1A5F9DB98DF7955B4C7CBDBF2C638238 . 60416 . . [5.1.2600.2180] . . c:\windows\system32\cryptsvc.dll
[-] 2006-03-24 . 1A5F9DB98DF7955B4C7CBDBF2C638238 . 60416 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\cryptsvc.dll
[-] 2008-07-07 20:30 . D68ED3908C7A0DB446111D34AC40DC18 . 253952 . . [2001.12.4414.320] . . c:\windows\system32\es.dll
[-] 2008-07-07 20:30 . D68ED3908C7A0DB446111D34AC40DC18 . 253952 . . [2001.12.4414.320] . . c:\windows\system32\dllcache\es.dll
[-] 2008-07-07 20:26 . AF4F6B5739D18CA7972AB53E091CBC74 . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3GDR\es.dll
[-] 2008-07-07 20:23 . ADA7241C16F3F42C7F210539FAD5F3AA . 253952 . . [2001.12.4414.706] . . c:\windows\$hf_mig$\KB950974\SP3QFE\es.dll
[-] 2008-07-07 20:16 . 3912BEF896D1D687B6053409E5F5F2A6 . 253952 . . [2001.12.4414.320] . . c:\windows\$hf_mig$\KB950974\SP2QFE\es.dll
[-] 2008-04-14 02:22 . 0F3EDAEE1EF97CF3DB2BE23A7289B78C . 246272 . . [2001.12.4414.701] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\es.dll
[-] 2005-07-26 04:39 . BEBC63622BDC30053A3145EBD90AF450 . 243200 . . [2001.12.4414.308] . . c:\windows\$NtUninstallKB950974$\es.dll
[-] 2005-07-26 04:29 . 0D0F85237E32538F58278D673032676A . 243200 . . [2001.12.4414.308] . . c:\windows\$hf_mig$\KB902400\SP2QFE\es.dll
[-] 2008-04-14 . F9954695D246B33A5BF105029A4C6AB6 . 110080 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\imm32.dll
[-] 2006-03-24 . 94101D13A1818A9D08337EEC12ED277A . 110080 . . [5.1.2600.2180] . . c:\windows\system32\imm32.dll
[-] 2006-03-24 . 94101D13A1818A9D08337EEC12ED277A . 110080 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\imm32.dll
[-] 2009-03-21 . A6F4977F9D2C9506050BFF0EF0B574B5 . 1059840 . . [5.1.2600.3541] . . c:\windows\system32\kernel32.dll
[-] 2009-03-21 . A6F4977F9D2C9506050BFF0EF0B574B5 . 1059840 . . [5.1.2600.3541] . . c:\windows\system32\dllcache\kernel32.dll
[-] 2009-03-21 . B055C64AABC1A3E3DE57EC8025CAD283 . 1063424 . . [5.1.2600.5781] . . c:\windows\$hf_mig$\KB959426\SP3GDR\kernel32.dll
[-] 2009-03-21 . 3EB703BFC2ED26A3D8ACB8626AB2C006 . 1065472 . . [5.1.2600.5781] . . c:\windows\$hf_mig$\KB959426\SP3QFE\kernel32.dll
[-] 2009-03-21 . B6053A5FA67EAC4A292A44F585881FFF . 1062912 . . [5.1.2600.3541] . . c:\windows\$hf_mig$\KB959426\SP2QFE\kernel32.dll
[-] 2008-04-14 . 4C897C69754D88F496339B1A666907C1 . 1063424 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\kernel32.dll
[-] 2006-07-05 . 0BEFE0BF274818EC0785B7B842967313 . 1058816 . . [5.1.2600.2945] . . c:\windows\$hf_mig$\KB917422\SP2QFE\kernel32.dll
[-] 2006-07-05 . E42795D2E7725D378EE2A4BFA6FE9DB3 . 1057792 . . [5.1.2600.2945] . . c:\windows\$NtUninstallKB959426$\kernel32.dll
[-] 2008-04-14 . 5543A9D4A1D0F9F84092482A9373A024 . 19968 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\linkinfo.dll
[-] 2005-09-01 . F2AFE60F01040B23207D8EB7DC26EC96 . 19968 . . [5.1.2600.2751] . . c:\windows\$hf_mig$\KB900725\SP2QFE\linkinfo.dll
[-] 2005-09-01 . 0E2B88912BF78549D5177A84A3375D52 . 19968 . . [5.1.2600.2751] . . c:\windows\system32\linkinfo.dll
[-] 2005-09-01 . 0E2B88912BF78549D5177A84A3375D52 . 19968 . . [5.1.2600.2751] . . c:\windows\system32\dllcache\linkinfo.dll
[-] 2008-04-14 . F38F3C47BBFFD748C1359AB171C3A630 . 22016 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\lpk.dll
[-] 2006-03-24 . B4AD65C79F85C61D32C015B11E03CAAD . 22016 . . [5.1.2600.2180] . . c:\windows\system32\lpk.dll
[-] 2006-03-24 . B4AD65C79F85C61D32C015B11E03CAAD . 22016 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\lpk.dll
[-] 2010-05-06 . 91A9BB7F22F7D21E9C07E995C4E31F74 . 5950976 . . [8.00.6001.18928] . . c:\windows\system32\mshtml.dll
[-] 2010-05-06 . 91A9BB7F22F7D21E9C07E995C4E31F74 . 5950976 . . [8.00.6001.18928] . . c:\windows\system32\dllcache\mshtml.dll
[-] 2010-05-06 . A0091E83B21A4C2627D1DD1A64C1B4B9 . 5953024 . . [8.00.6001.23019] . . c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\mshtml.dll
[-] 2010-02-25 . 0A164AB476D7835335220D7A2AE5578B . 5946880 . . [8.00.6001.22995] . . c:\windows\$hf_mig$\KB980182-IE8\SP3QFE\mshtml.dll
[-] 2009-12-22 . DEBDFEE5D25C43616E0A29092F17F38D . 3092480 . . [6.00.2900.3660] . . c:\windows\ie8\mshtml.dll
[-] 2009-12-22 . 25EDB39CE3473A734476100AB8DE6A15 . 3092480 . . [6.00.2900.5921] . . c:\windows\$hf_mig$\KB978207\SP3GDR\mshtml.dll
[-] 2009-12-22 . 55EBD086581CA985DFB63736ED42629E . 3094528 . . [6.00.2900.5921] . . c:\windows\$hf_mig$\KB978207\SP3QFE\mshtml.dll
[-] 2009-12-21 . DDAAECF8E188A0E2DB93842A7D193641 . 5945856 . . [8.00.6001.22967] . . c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\mshtml.dll
[-] 2009-10-29 . D473C3526B86547643858E40FD096422 . 3091968 . . [6.00.2900.5897] . . c:\windows\$hf_mig$\KB976325\SP3GDR\mshtml.dll
[-] 2009-10-29 . 430315D0CAA115EA42EFDF31A93AB5D0 . 5944320 . . [8.00.6001.22945] . . c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\mshtml.dll
[-] 2009-10-29 . 0B59B93A2524462E02EB2084FEA2E9C1 . 3094016 . . [6.00.2900.5897] . . c:\windows\$hf_mig$\KB976325\SP3QFE\mshtml.dll
[-] 2009-10-29 . A49E11FC06282A68232DE1AF1E9C9CD3 . 3091968 . . [6.00.2900.3640] . . c:\windows\$NtUninstallKB978207$\mshtml.dll
[-] 2009-03-08 . D469A0EBA2EF5C6BEE8065B7E3196E5E . 5937152 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB982381-IE8\mshtml.dll
[-] 2008-04-14 . 72AE55A9FFBC60650339CB12E35C7DD5 . 3066880 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\mshtml.dll
[-] 2006-09-14 . A09E8EEAE6D29E90BC292631528EFCDB . 3079680 . . [6.00.2900.2995] . . c:\windows\$NtUninstallKB976325$\mshtml.dll
[-] 2006-07-28 . A395AD5E6C72F198C8E507BC2B27BC6B . 3079168 . . [6.00.2900.2963] . . c:\windows\$NtUninstallKB922760$\mshtml.dll
[-] 2006-03-24 . 3910C7977DF6C8BCB604350173066D79 . 3070464 . . [6.00.2900.2853] . . c:\windows\$NtUninstallKB911164$\mshtml.dll
[-] 2006-03-24 . 3910C7977DF6C8BCB604350173066D79 . 3070464 . . [6.00.2900.2853] . . c:\windows\I386\MSHTML.DLL
[-] 2006-02-21 . 01432C2102578F0AB9ADDFEC91043D06 . 3073024 . . [6.00.2900.2853] . . c:\windows\$hf_mig$\KB911164\SP2QFE\mshtml.dll
[-] 2005-11-23 . 8ABDBAE6032562F17DCF962847ABB811 . 3016192 . . [6.00.2900.2802] . . c:\windows\$hf_mig$\KB905915\SP2QFE\mshtml.dll
[-] 2005-10-05 . 8898B48E79C56605393FDB7F3A033036 . 3015680 . . [6.00.2900.2769] . . c:\windows\$hf_mig$\KB896688\SP2QFE\mshtml.dll
[-] 2005-07-20 . 2068C163B1FE8BF48FC6174234D0F237 . 3014144 . . [6.00.2900.2722] . . c:\windows\$hf_mig$\KB896727\SP2QFE\mshtml.dll
[-] 2005-05-02 . 083EFE3B8E19213B6C6DAAB6F2F83954 . 3012608 . . [6.00.2900.2668] . . c:\windows\$hf_mig$\KB883939\SP2QFE\mshtml.dll
[-] 2005-03-09 . 243340D137D0B54CC5B440D7E4880B63 . 3011072 . . [6.00.2900.2627] . . c:\windows\$hf_mig$\KB890923\SP2QFE\mshtml.dll
[-] 2005-01-27 . 19F79F718CABBFC3DAD25D7914D5601B . 3008000 . . [6.00.2900.2604] . . c:\windows\$hf_mig$\KB867282\SP2QFE\mshtml.dll
[-] 2004-09-29 . EF245F9603EF899E9A5B3A2D107BC32E . 3004928 . . [6.00.2900.2524] . . c:\windows\$hf_mig$\KB834707\SP2QFE\mshtml.dll
[-] 2008-04-14 . C6A6E53A0C34EC87883137A6CB87AE5E . 343040 . . [7.0.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\msvcrt.dll
[-] 2008-04-14 . C536AAD8A71608FE33CD956214EDD366 . 343040 . . [7.0.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\asms\70\msft\windows\mswincrt\msvcrt.dll
[-] 2006-03-24 . 4200BE3808F6406DBE45A7B88DAE5035 . 322560 . . [7.0.2600.0] . . c:\windows\I386\ASMS\7000\MSFT\WINDOWS\MSWINCRT\MSVCRT.DLL
[-] 2006-03-24 12:00 . E826A484EDE25C3AE19F1B8086511F4B . 267536 . . [4.20.6201] . . c:\windows\I386\WIN9XUPG\MSVCRT.DLL
[-] 2006-03-24 . B30BAA48E5063E71C76280E34E7E4802 . 343040 . . [7.0.2600.2180] . . c:\windows\system32\msvcrt.dll
[-] 2006-03-24 . B30BAA48E5063E71C76280E34E7E4802 . 343040 . . [7.0.2600.2180] . . c:\windows\system32\dllcache\msvcrt.dll
[-] 2006-03-24 . 4200BE3808F6406DBE45A7B88DAE5035 . 322560 . . [7.0.2600.0] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.0.0_x-ww_2726e76a\msvcrt.dll
[-] 2006-03-24 . 365B3C43810E1CF41B3BE1E7180F583B . 343040 . . [7.0.2600.2180] . . c:\windows\WinSxS\x86_Microsoft.Windows.CPlusPlusRuntime_6595b64144ccf1df_7.0.2600.2180_x-ww_b2505ed9\msvcrt.dll
[-] 2008-06-20 . ACD8BD448A74F344D46FCAF21BAB92AF . 247296 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3GDR\mswsock.dll
[-] 2008-06-20 . 4AA50627B01C0E9C6B4C6BD3AF648F12 . 247296 . . [5.1.2600.5625] . . c:\windows\$hf_mig$\KB951748\SP3QFE\mswsock.dll
[-] 2008-06-20 . 774274C487493452DF3B0126DBE7FF3B . 247296 . . [5.1.2600.3394] . . c:\windows\system32\mswsock.dll
[-] 2008-06-20 . 774274C487493452DF3B0126DBE7FF3B . 247296 . . [5.1.2600.3394] . . c:\windows\system32\dllcache\mswsock.dll
[-] 2008-06-20 . EB55B1D9978B61E9913EDCD27EEC4C7C . 247296 . . [5.1.2600.3394] . . c:\windows\$hf_mig$\KB951748\SP2QFE\mswsock.dll
[-] 2008-04-14 . F12B9D9A069331877D006CC81B4735F9 . 247296 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\mswsock.dll
[-] 2006-03-24 . B36E08F680BAE4DFC5C24D00A2DFC9E7 . 247296 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB951748$\mswsock.dll
[-] 2009-02-06 . ED4BBAD725A21632FB205452749FC8F5 . 408064 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB968389\SP2QFE\netlogon.dll
[-] 2009-02-06 . ED4BBAD725A21632FB205452749FC8F5 . 408064 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB975467\SP2QFE\netlogon.dll
[-] 2008-04-14 . 0098D35F91DEAB9C127360A877F2CF84 . 407040 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\netlogon.dll
[-] 2006-03-24 . D27395EDCD3416AFD125A9370DCB585C . 407040 . . [5.1.2600.2180] . . c:\windows\system32\netlogon.dll
[-] 2006-03-24 . D27395EDCD3416AFD125A9370DCB585C . 407040 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\netlogon.dll
[-] 2010-02-17 . 786F98EFD090AD93F03E3BD95FB68714 . 2192256 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3GDR\ntoskrnl.exe
[-] 2010-02-16 . 8E7095FB13BD7B45F679E733E33813DB . 2183680 . . [5.1.2600.3670] . . c:\windows\Driver Cache\i386\ntoskrnl.exe
[-] 2010-02-16 . 8E7095FB13BD7B45F679E733E33813DB . 2183680 . . [5.1.2600.3670] . . c:\windows\system32\dllcache\ntoskrnl.exe
[-] 2010-02-16 . 22FB992849C75B08F3A9BFB19B87935D . 2139648 . . [5.1.2600.3670] . . c:\windows\system32\ntoskrnl.exe
[-] 2010-02-16 . B76CEA13602DC99EE0E655E4798C24AA . 2189184 . . [5.1.2600.3670] . . c:\windows\$hf_mig$\KB979683\SP2QFE\ntoskrnl.exe
[-] 2010-02-16 . 4456016C2FF1A8CCCAC8309C9B76E2F5 . 2192384 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3QFE\ntoskrnl.exe
[-] 2009-12-09 . A97847B2D30F4A299B35239D26BAD948 . 2191616 . . [5.1.2600.5913] . . c:\windows\$hf_mig$\KB977165\SP3QFE\ntoskrnl.exe
[-] 2009-12-09 . F9CAC8B387039065F800D0A25721EAD1 . 2138624 . . [5.1.2600.3654] . . c:\windows\$NtUninstallKB979683$\ntoskrnl.exe
[-] 2009-12-09 . 840D13EAE78CDFC9C272F38BC2E9AC13 . 2188288 . . [5.1.2600.3654] . . c:\windows\$hf_mig$\KB977165\SP2QFE\ntoskrnl.exe
[-] 2009-12-09 . F71185C58C105BDB2BE1AEEAF4198F6E . 2191488 . . [5.1.2600.5913] . . c:\windows\$hf_mig$\KB977165\SP3GDR\ntoskrnl.exe
[-] 2009-08-04 . 121AEDCE2F5A65D63C9D51B9198FA7B3 . 2191488 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3GDR\ntoskrnl.exe
[-] 2009-08-04 . 4B86421F2D85D9A4ECB06885C40B8EEB . 2191616 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3QFE\ntoskrnl.exe
[-] 2009-08-04 . 2D5CFDE135E502FB4290F6C280FDE252 . 2188288 . . [5.1.2600.3610] . . c:\windows\$hf_mig$\KB971486\SP2QFE\ntoskrnl.exe
[-] 2009-08-04 . 5EA5FC2BEA33395C728B920A2DC22AFE . 2138624 . . [5.1.2600.3610] . . c:\windows\$NtUninstallKB977165$\ntoskrnl.exe
[-] 2009-02-10 . D3453310FC92736E674FFDC6E3F455B7 . 2191488 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntoskrnl.exe
[-] 2009-02-09 . E22124EC3A33F40755DCD2F4B1BE8A87 . 2188416 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB956572\SP2QFE\ntoskrnl.exe
[-] 2009-02-09 . FEE1600B76B196D9993CD468DA7524F7 . 2191360 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\ntoskrnl.exe
[-] 2008-04-14 . 354C9291513BCE4D0ED6B0C6A15470F8 . 2191360 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\ntoskrnl.exe
[-] 2005-03-02 . EB5538A452E0E99169E2B6CDB62FF9D2 . 2181888 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE\ntoskrnl.exe
[-] 2005-03-02 . 3DDC2BC3D32B2FC505D09B8B8974D5BB . 2138112 . . [5.1.2600.2622] . . c:\windows\$NtUninstallKB971486$\ntoskrnl.exe
[-] 2008-04-14 . C8C0BDABC966B6C24D337DF0A0A399E1 . 17408 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\powrprof.dll
[-] 2006-03-24 . 5604574D490B798BD9A946B021A766AD . 17408 . . [6.00.2900.2180] . . c:\windows\system32\powrprof.dll
[-] 2006-03-24 . 5604574D490B798BD9A946B021A766AD . 17408 . . [6.00.2900.2180] . . c:\windows\system32\dllcache\powrprof.dll
[-] 2008-04-14 . 5132443DF6FC3771A17AB4AE55DCBC28 . 187904 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\scecli.dll
[-] 2006-03-24 . 64DC26B3CF7BCCAD431CE360A4C625D5 . 186880 . . [5.1.2600.2180] . . c:\windows\system32\scecli.dll
[-] 2006-03-24 . 64DC26B3CF7BCCAD431CE360A4C625D5 . 186880 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\scecli.dll
[-] 2008-04-14 . 44161A59DC33AC2EA9C95438ADFFFB7F . 5120 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\sfc.dll
[-] 2006-03-24 . F62934BC94299083EBFC8810242D8640 . 5120 . . [5.1.2600.2180] . . c:\windows\system32\sfc.dll
[-] 2006-03-24 . F62934BC94299083EBFC8810242D8640 . 5120 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\sfc.dll
[-] 2008-04-14 . 4FBC75B74479C7A6F829E0CA19DF3366 . 14336 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\svchost.exe
[-] 2006-03-24 . 65A819B121EB6FDAB4400EA42BDFFE64 . 14336 . . [5.1.2600.2180] . . c:\windows\system32\svchost.exe
[-] 2006-03-24 . 65A819B121EB6FDAB4400EA42BDFFE64 . 14336 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\svchost.exe
[-] 2008-04-14 . 05903CAC4B98908D55EA5774775B382E . 249856 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\tapisrv.dll
[-] 2005-07-08 . F07061E18613F336A3120229097F7635 . 249344 . . [5.1.2600.2716] . . c:\windows\$hf_mig$\KB893756\SP2QFE\tapisrv.dll
[-] 2005-07-08 . 427D7EB3B453347082C8F4B370065D60 . 249344 . . [5.1.2600.2716] . . c:\windows\system32\tapisrv.dll
[-] 2005-07-08 . 427D7EB3B453347082C8F4B370065D60 . 249344 . . [5.1.2600.2716] . . c:\windows\system32\dllcache\tapisrv.dll
[-] 2008-04-14 . B0050CC5340E3A0760DD8B417FF7AEBD . 580096 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\user32.dll
[-] 2005-03-02 . 4C90159A69A5FD3EB39C71411F28FCFF . 578560 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE\user32.dll
[-] 2005-03-02 . 3751D7CF0E0A113D84414992146BCE6A . 578560 . . [5.1.2600.2622] . . c:\windows\system32\user32.dll
[-] 2005-03-02 . 3751D7CF0E0A113D84414992146BCE6A . 578560 . . [5.1.2600.2622] . . c:\windows\system32\dllcache\user32.dll
[-] 2008-04-14 . 788F95312E26389D596C0FA55834E106 . 26624 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\userinit.exe
[-] 2006-03-24 . D1E53DC57143F2584B1DD53B036C0633 . 25088 . . [5.1.2600.2180] . . c:\windows\system32\userinit.exe
[-] 2006-03-24 . D1E53DC57143F2584B1DD53B036C0633 . 25088 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\userinit.exe
[-] 2010-05-06 . 12C5EEBBC10DB644B44131EE3ECBC430 . 916480 . . [8.00.6001.18923] . . c:\windows\system32\wininet.dll
[-] 2010-05-06 . 12C5EEBBC10DB644B44131EE3ECBC430 . 916480 . . [8.00.6001.18923] . . c:\windows\system32\dllcache\wininet.dll
[-] 2010-05-06 . B5B9887088B8168D52CB28020CF05498 . 919040 . . [8.00.6001.23014] . . c:\windows\$hf_mig$\KB982381-IE8\SP3QFE\wininet.dll
[-] 2010-02-25 . 3C41EB3A0EC8E2606B6C906993E11C29 . 919040 . . [8.00.6001.22995] . . c:\windows\$hf_mig$\KB980182-IE8\SP3QFE\wininet.dll
[-] 2009-12-22 . C8F00B80E215CA7D803D1A932CE01C9E . 674304 . . [6.00.2900.3660] . . c:\windows\ie8\wininet.dll
[-] 2009-12-22 . 352E386B17F08786A7F0D9D9D909E1FA . 672768 . . [6.00.2900.5921] . . c:\windows\$hf_mig$\KB978207\SP3GDR\wininet.dll
[-] 2009-12-22 . 7F7A6BC378B622FDFC90C5A5575A83D0 . 674304 . . [6.00.2900.5921] . . c:\windows\$hf_mig$\KB978207\SP3QFE\wininet.dll
[-] 2009-12-21 . 5E3A3EB3BC5849BE4D5FE2B5F1869783 . 916480 . . [8.00.6001.22967] . . c:\windows\$hf_mig$\KB978207-IE8\SP3QFE\wininet.dll
[-] 2009-10-29 . 0A4248E124C88EDD1E0A93AE93E4DB6A . 916480 . . [8.00.6001.22945] . . c:\windows\$hf_mig$\KB976325-IE8\SP3QFE\wininet.dll
[-] 2009-10-29 . 547B7FF3C91C09E7EE82760DA4323706 . 672768 . . [6.00.2900.5897] . . c:\windows\$hf_mig$\KB976325\SP3GDR\wininet.dll
[-] 2009-10-29 . 132C1D9C2DDCDFF55746D73508250362 . 674304 . . [6.00.2900.5897] . . c:\windows\$hf_mig$\KB976325\SP3QFE\wininet.dll
[-] 2009-10-29 . 66F8DD3C5A2F6B5B839B96F9704B40BA . 674304 . . [6.00.2900.3640] . . c:\windows\$NtUninstallKB978207$\wininet.dll
[-] 2009-03-08 . 6CE32F7778061CCC5814D5E0F282D369 . 914944 . . [8.00.6001.18702] . . c:\windows\ie8updates\KB982381-IE8\wininet.dll
[-] 2008-04-14 . B4AEE98A48917B274FACFB78BBE0BC84 . 671744 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\wininet.dll
[-] 2006-09-14 . C98F3024049AAEAFAE1340D94C16FDC8 . 670208 . . [6.00.2900.2995] . . c:\windows\$NtUninstallKB976325$\wininet.dll
[-] 2006-06-23 . 05E47EA6708BD99DF2D8E4ABD55DF079 . 670208 . . [6.00.2900.2937] . . c:\windows\$NtUninstallKB922760$\wininet.dll
[-] 2005-10-21 . F3118DF4ABD118B11326D1C7A0093867 . 667136 . . [6.00.2900.2781] . . c:\windows\$hf_mig$\KB905915\SP2QFE\wininet.dll
[-] 2005-09-02 . C9ABC4AE17820BFEE9A4307B8A4E6DE9 . 666112 . . [6.00.2900.2753] . . c:\windows\$hf_mig$\KB896688\SP2QFE\wininet.dll
[-] 2005-07-03 . E992695B2D5628154B65FE8DFB0F3CCA . 665088 . . [6.00.2900.2713] . . c:\windows\$hf_mig$\KB896727\SP2QFE\wininet.dll
[-] 2005-05-02 . 8C907B730E9CFCFDF0157F3EA20D4424 . 664576 . . [6.00.2900.2668] . . c:\windows\$hf_mig$\KB883939\SP2QFE\wininet.dll
[-] 2005-03-10 . 235D1D42C2D23FA1BC8A9EDB267FFE86 . 663552 . . [6.00.2900.2627] . . c:\windows\$hf_mig$\KB890923\SP2QFE\wininet.dll
[-] 2005-01-27 . D9460271895ADBB382769AF1FC701169 . 663552 . . [6.00.2900.2598] . . c:\windows\$hf_mig$\KB867282\SP2QFE\wininet.dll
[-] 2004-09-29 . 1C035CB755ED9204176668209A3B498D . 662528 . . [6.00.2900.2518] . . c:\windows\$hf_mig$\KB834707\SP2QFE\wininet.dll
[-] 2008-04-14 . 6A35E2D6F5F052C84EC2CEB296389439 . 82432 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\ws2_32.dll
[-] 2006-03-24 . D569240A22421D5F670BB6FB6DD522B5 . 82944 . . [5.1.2600.2180] . . c:\windows\system32\ws2_32.dll
[-] 2006-03-24 . D569240A22421D5F670BB6FB6DD522B5 . 82944 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\ws2_32.dll
[-] 2008-04-14 . C7D8A0517CBF16B84F657DE87EBE9D4B . 19968 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\ws2help.dll
[-] 2006-03-24 . B3ADA72D1E3E10A8F6430669DFC38ED0 . 19968 . . [5.1.2600.2180] . . c:\windows\system32\ws2help.dll
[-] 2006-03-24 . B3ADA72D1E3E10A8F6430669DFC38ED0 . 19968 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\ws2help.dll
[-] 2008-04-14 . 418045A93CD87A352098AB7DABE1B53E . 1036800 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\explorer.exe
[-] 2006-03-24 . 22FE1BE02EADDE1632E478E4125639E0 . 1035264 . . [6.00.2900.2180] . . c:\windows\explorer.exe
[-] 2006-03-24 . 22FE1BE02EADDE1632E478E4125639E0 . 1035264 . . [6.00.2900.2180] . . c:\windows\system32\dllcache\explorer.exe
[-] 2008-04-14 . E08D638BA3D3DD6DF6E31216AB66AE0B . 1287680 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\ole32.dll
[-] 2005-07-26 . CC50261CA5DC93A47D6CF548C4223F44 . 1285120 . . [5.1.2600.2726] . . c:\windows\system32\ole32.dll
[-] 2005-07-26 . CC50261CA5DC93A47D6CF548C4223F44 . 1285120 . . [5.1.2600.2726] . . c:\windows\system32\dllcache\ole32.dll
[-] 2005-07-25 . 24EDF93FD04CA1A98D32F092DD4F9953 . 1286144 . . [5.1.2600.2726] . . c:\windows\$hf_mig$\KB902400\SP2QFE\ole32.dll
[-] 2005-04-28 . D3653209882B5645223B1EA958EEE3A6 . 1286656 . . [5.1.2600.2665] . . c:\windows\$hf_mig$\KB894391\SP2QFE\ole32.dll
[-] 2005-01-14 . 11565070406B8892149C360A4FB23731 . 1285120 . . [5.1.2600.2595] . . c:\windows\$hf_mig$\KB873333\SP2QFE\ole32.dll
[-] 2008-04-14 . FE77A85495065F3AD59C5C65B6C54182 . 171520 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\srsvc.dll
[-] 2006-03-24 . 015F302C4CF961F20C3F98F3A7CA7917 . 171008 . . [5.1.2600.2180] . . c:\windows\system32\srsvc.dll
[-] 2006-03-24 . 015F302C4CF961F20C3F98F3A7CA7917 . 171008 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\srsvc.dll
[-] 2008-04-14 . EDAFBE25FB6480CE68F688BA691890DC . 13824 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\wscntfy.exe
[-] 2006-03-24 . 7D3E0BEB62799112F5C9FF717D72BF29 . 13824 . . [5.1.2600.2180] . . c:\windows\system32\wscntfy.exe
[-] 2006-03-24 . 7D3E0BEB62799112F5C9FF717D72BF29 . 13824 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\wscntfy.exe
[-] 2008-04-14 . 0ADA34871A2E1CD2CAAFED1237A47750 . 129024 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\xmlprov.dll
[-] 2006-03-24 . 8302DE1C64618D72346DD0034DBC5D9B . 129536 . . [5.1.2600.2180] . . c:\windows\system32\xmlprov.dll
[-] 2006-03-24 . 8302DE1C64618D72346DD0034DBC5D9B . 129536 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\xmlprov.dll
[-] 2008-04-14 . 04955AA695448C181B367D964AF158AA . 56320 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\eventlog.dll
[-] 2006-03-24 . B932C077D5A65B71B4512544AC404CB4 . 55808 . . [5.1.2600.2180] . . c:\windows\system32\eventlog.dll
[-] 2006-03-24 . B932C077D5A65B71B4512544AC404CB4 . 55808 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\eventlog.dll
[-] 2008-04-14 . 5251425B86EA4A3532B8BB8D14044E61 . 1571840 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\sfcfiles.dll
[-] 2006-03-24 . 80F7B7198B869C07C98627AF812D68B6 . 1548288 . . [5.1.2600.2180] . . c:\windows\system32\sfcfiles.dll
[-] 2006-03-24 . 80F7B7198B869C07C98627AF812D68B6 . 1548288 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\sfcfiles.dll
[-] 2008-04-14 . 01B4E6E990B6C5EA8856D96C7FD044B2 . 15360 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\ctfmon.exe
[-] 2006-03-24 . 7CE20569925DF6789C31799F0C538F29 . 15360 . . [5.1.2600.2180] . . c:\windows\system32\ctfmon.exe
[-] 2006-03-24 . 7CE20569925DF6789C31799F0C538F29 . 15360 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\ctfmon.exe
[-] 2008-04-14 . 40602EBFBE06AA075C8E4560743F6883 . 135168 . . [6.00.2900.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\shsvcs.dll
[-] 2006-03-24 . BAC5F7F0C2B8C1B9832594851E0F9914 . 135168 . . [6.00.2900.2180] . . c:\windows\system32\shsvcs.dll
[-] 2006-03-24 . BAC5F7F0C2B8C1B9832594851E0F9914 . 135168 . . [6.00.2900.2180] . . c:\windows\system32\dllcache\shsvcs.dll
[-] 2008-04-14 . E4CD1F3D84E1C2CA0B8CF7501E201593 . 59904 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\regsvc.dll
[-] 2006-03-24 . AE81CF7D7CFA79CD03E8FB99788A7E09 . 59904 . . [5.1.2600.2180] . . c:\windows\system32\regsvc.dll
[-] 2006-03-24 . AE81CF7D7CFA79CD03E8FB99788A7E09 . 59904 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\regsvc.dll
[-] 2008-04-14 . A050194A44D7FA8D7186ED2F4E8367AE . 193536 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\schedsvc.dll
[-] 2006-03-24 . D5E73842F38E24457C63FEF8CEFFBE19 . 192000 . . [5.1.2600.2180] . . c:\windows\system32\schedsvc.dll
[-] 2006-03-24 . D5E73842F38E24457C63FEF8CEFFBE19 . 192000 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\schedsvc.dll
[-] 2008-04-14 . 4DF5B05DFAEC29E13E1ED6F6EE12C500 . 71680 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\ssdpsrv.dll
[-] 2006-03-24 . 6FA03B462B2FFFE2627171B7FE73EE29 . 71680 . . [5.1.2600.2180] . . c:\windows\system32\ssdpsrv.dll
[-] 2006-03-24 . 6FA03B462B2FFFE2627171B7FE73EE29 . 71680 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\ssdpsrv.dll
[-] 2008-04-14 . B7DE02C863D8F5A005A7BF375375A6A4 . 297472 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\termsrv.dll
[-] 2006-03-24 . 1850BC10DE5DCCCEDE063FC2D0F2CEDA . 297472 . . [5.1.2600.2180] . . c:\windows\$NtUninstallKB895961$\termsrv.dll
[-] 2005-03-10 . A0E72E14B0E12B9AA3648FDB31BDE332 . 297472 . . [5.1.2600.2627] . . c:\windows\system32\termsrv.dll
[-] 2005-03-10 . A0E72E14B0E12B9AA3648FDB31BDE332 . 297472 . . [5.1.2600.2627] . . c:\windows\system32\dllcache\termsrv.dll
[-] 2008-04-14 . D45960BE52C3C610D361977057F98C54 . 175616 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\appmgmts.dll
[-] 2006-03-24 . BECD5328E7869807D6557BE4FE60C72F . 175616 . . [5.1.2600.2180] . . c:\windows\system32\appmgmts.dll
[-] 2006-03-24 . BECD5328E7869807D6557BE4FE60C72F . 175616 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\appmgmts.dll
[-] 2006-03-24 . 9E1CA3160DAFB159CA14F83B1E317F75 . 12160 . . [5.1.2600.0] . . c:\windows\system32\drivers\acpiec.sys
[-] 2008-04-13 16:39 . 8BED39E3C35D6A489438B8141717A557 . 142592 . . [5.1.2601.3142] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\aec.sys
[-] 2006-02-15 00:22 . 1EE7B434BA961EF845DE136224C30FEC . 142464 . . [5.1.2601.2180] . . c:\windows\$hf_mig$\KB900485\SP2QFE\aec.sys
[-] 2006-02-15 00:22 . 1EE7B434BA961EF845DE136224C30FEC . 142464 . . [5.1.2601.2180] . . c:\windows\Driver Cache\i386\aec.sys
[-] 2006-02-15 00:22 . 1EE7B434BA961EF845DE136224C30FEC . 142464 . . [5.1.2601.2180] . . c:\windows\system32\dllcache\aec.sys
[-] 2006-02-15 00:22 . 1EE7B434BA961EF845DE136224C30FEC . 142464 . . [5.1.2601.2180] . . c:\windows\system32\drivers\aec.sys
[-] 2008-04-13 . 3BB22519A194418D5FEC05D800A19AD0 . 36608 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\ip6fw.sys
[-] 2006-03-24 . 4448006B6BC60E6C027932CFC38D6855 . 29056 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\ip6fw.sys
[-] 2006-03-24 . 4448006B6BC60E6C027932CFC38D6855 . 29056 . . [5.1.2600.2180] . . c:\windows\system32\drivers\ip6fw.sys
[-] 2008-04-14 02:22 . ACC19BA6876AF18768EE87931CAD14E2 . 927504 . . [4.1.0.61] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\mfc40u.dll
[-] 2006-03-24 12:00 . 31DD27AB47F62D383505F35CA972748B . 924432 . . [4.1.6140] . . c:\windows\system32\mfc40u.dll
[-] 2006-03-24 12:00 . 31DD27AB47F62D383505F35CA972748B . 924432 . . [4.1.6140] . . c:\windows\system32\dllcache\mfc40u.dll
[-] 2008-04-14 . B7550A7107281D170CE85524B1488C98 . 33792 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\msgsvc.dll
[-] 2006-03-24 . E5215AB942C5AC5F7EB0E54871D7A27C . 33792 . . [5.1.2600.2180] . . c:\windows\system32\msgsvc.dll
[-] 2006-03-24 . E5215AB942C5AC5F7EB0E54871D7A27C . 33792 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\msgsvc.dll
[-] 2006-03-24 12:00 . 5FDCCC838CD95F61097D8A637F842AA8 . 25600 . . [10.0.3790.3646] . . c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}$BACKUP$\System\MsPMSNSv.dll
[-] 2005-08-03 17:29 . B9715B9C18BC6C8F4B66733D208CC9F7 . 25088 . . [10.0.3790.4332] . . c:\windows\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}\MsPMSNSv.dll
[-] 2005-08-03 17:29 . B9715B9C18BC6C8F4B66733D208CC9F7 . 25088 . . [10.0.3790.4332] . . c:\windows\system32\MsPMSNSv.dll
[-] 2005-08-03 17:29 . B9715B9C18BC6C8F4B66733D208CC9F7 . 25088 . . [10.0.3790.4332] . . c:\windows\system32\dllcache\mspmsnsv.dll
[-] 2010-02-17 . FEDB0FDF1FE02ECC7A823A690175B876 . 2066048 . . [5.1.2600.3670] . . c:\windows\$hf_mig$\KB979683\SP2QFE\ntkrnlpa.exe
[-] 2010-02-16 . 47F177A955A195B5074FF659AEBDABE0 . 2060672 . . [5.1.2600.3670] . . c:\windows\Driver Cache\i386\ntkrnlpa.exe
[-] 2010-02-16 . 47F177A955A195B5074FF659AEBDABE0 . 2060672 . . [5.1.2600.3670] . . c:\windows\system32\dllcache\ntkrnlpa.exe
[-] 2010-02-16 . 4C56EC495229ABC2F62862A7E145A852 . 2019328 . . [5.1.2600.3670] . . c:\windows\system32\ntkrnlpa.exe
[-] 2010-02-16 . 9F24D01B6027FED0423FD28F1055E3DD . 2069120 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3GDR\ntkrnlpa.exe
[-] 2010-02-16 . CEE28C8C47E52F185F9F8F3A2E31880C . 2069248 . . [5.1.2600.5938] . . c:\windows\$hf_mig$\KB979683\SP3QFE\ntkrnlpa.exe
[-] 2009-12-09 . 2E72317A93EF61138E43DCF7CD423EDF . 2068480 . . [5.1.2600.5913] . . c:\windows\$hf_mig$\KB977165\SP3QFE\ntkrnlpa.exe
[-] 2009-12-09 . B8BA1682234D56276831A7AFEE33A3F2 . 2018304 . . [5.1.2600.3654] . . c:\windows\$NtUninstallKB979683$\ntkrnlpa.exe
[-] 2009-12-09 . 0F0E81D30741E86BCE25AEFEA6CEDF6A . 2065408 . . [5.1.2600.3654] . . c:\windows\$hf_mig$\KB977165\SP2QFE\ntkrnlpa.exe
[-] 2009-12-09 . ADB6D671931D876CD7D53A5E2C147DBB . 2068352 . . [5.1.2600.5913] . . c:\windows\$hf_mig$\KB977165\SP3GDR\ntkrnlpa.exe
[-] 2009-08-04 . C50ED62BB5CDC5AD4F3985ED39C6AE87 . 2068480 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3QFE\ntkrnlpa.exe
[-] 2009-08-04 . 602A85B23E5D9E6402D7205AFBE6FEB4 . 2068352 . . [5.1.2600.5857] . . c:\windows\$hf_mig$\KB971486\SP3GDR\ntkrnlpa.exe
[-] 2009-08-04 . BAA0FD3FF565346D0C5EE3F7F8E10001 . 2065280 . . [5.1.2600.3610] . . c:\windows\$hf_mig$\KB971486\SP2QFE\ntkrnlpa.exe
[-] 2009-08-04 . 3EF0836DBA4B56F6136D60D08737B20B . 2018304 . . [5.1.2600.3610] . . c:\windows\$NtUninstallKB977165$\ntkrnlpa.exe
[-] 2009-02-10 . 321917CFF934663C48C1E91A930E5D71 . 2068352 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3GDR\ntkrnlpa.exe
[-] 2009-02-09 . 84C1C109552E9E276FF004E181B80C25 . 2065280 . . [5.1.2600.3520] . . c:\windows\$hf_mig$\KB956572\SP2QFE\ntkrnlpa.exe
[-] 2009-02-09 . 1F9DA92672B8B5720C5FB1E87D8F249F . 2068480 . . [5.1.2600.5755] . . c:\windows\$hf_mig$\KB956572\SP3QFE\ntkrnlpa.exe
[-] 2008-04-14 . E51980EF65CED4490A7395A06C08DA34 . 2068224 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\ntkrnlpa.exe
[-] 2005-03-02 . A3724446ACB9DE8D890CFABD146CD0AD . 2017792 . . [5.1.2600.2622] . . c:\windows\$NtUninstallKB971486$\ntkrnlpa.exe
[-] 2005-03-02 . AE8364004BBFD70461D2EF34888D3360 . 2059264 . . [5.1.2600.2622] . . c:\windows\$hf_mig$\KB890859\SP2QFE\ntkrnlpa.exe
[-] 2008-04-14 02:22 . 56AF4064996FA5BAC9C449B1514B4770 . 438272 . . [5.1.2400.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\ntmssvc.dll
[-] 2006-03-24 12:00 . 428AA946A8D9F32DBB4260C8E6E13377 . 438272 . . [5.1.2400.2180] . . c:\windows\system32\ntmssvc.dll
[-] 2006-03-24 12:00 . 428AA946A8D9F32DBB4260C8E6E13377 . 438272 . . [5.1.2400.2180] . . c:\windows\system32\dllcache\ntmssvc.dll
[-] 2008-04-14 . 1DFD8975D8C89214B98D9387C1125B49 . 186880 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\upnphost.dll
[-] 2006-03-24 . 09D4A2D7C5A8ABEC227D118765FAADDF . 185856 . . [5.1.2600.2180] . . c:\windows\system32\upnphost.dll
[-] 2006-03-24 . 09D4A2D7C5A8ABEC227D118765FAADDF . 185856 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\upnphost.dll
[-] 2008-04-14 . 9236E736EDB57BE7D1EF6274410E3BAC . 367616 . . [5.3.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\dsound.dll
[-] 2006-03-24 . 7DB3393F98E4211F5CE8F003DE0615CF . 367616 . . [5.3.2600.2180] . . c:\windows\system32\dsound.dll
[-] 2006-03-24 . 7DB3393F98E4211F5CE8F003DE0615CF . 367616 . . [5.3.2600.2180] . . c:\windows\system32\dllcache\dsound.dll
[-] 2008-04-14 . 36969CF86E51EC8ED202B40F2FA80AA6 . 1689088 . . [5.03.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\d3d9.dll
[-] 2006-03-24 . 20AE7889467887B869F30308EEED9A2A . 1689088 . . [5.03.2600.2180] . . c:\windows\system32\d3d9.dll
[-] 2006-03-24 . 20AE7889467887B869F30308EEED9A2A . 1689088 . . [5.03.2600.2180] . . c:\windows\system32\dllcache\d3d9.dll
[-] 2008-04-14 . 4A37188B83B00DD9CFBA049687AD0DAF . 279552 . . [5.03.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\ddraw.dll
[-] 2006-03-24 . CAC545A56482DE01640E6B791DE19944 . 266240 . . [5.03.2600.2180] . . c:\windows\system32\ddraw.dll
[-] 2006-03-24 . CAC545A56482DE01640E6B791DE19944 . 266240 . . [5.03.2600.2180] . . c:\windows\system32\dllcache\ddraw.dll
[-] 2008-04-14 02:22 . 5D7F5A46975D2E59A6FECB6C231D200F . 84992 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\olepro32.dll
[-] 2006-03-24 12:00 . 1404D3DD4ED4F5E2A938B43794049A81 . 83456 . . [5.1.2600.2180] . . c:\windows\system32\olepro32.dll
[-] 2006-03-24 12:00 . 1404D3DD4ED4F5E2A938B43794049A81 . 83456 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\olepro32.dll
[-] 2008-04-14 . C47FD93010649AC0D79022D9B69ADBE4 . 41984 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\perfctrs.dll
[-] 2006-03-24 . 007BFD01772B5202C5CE4F208A2F3F46 . 41984 . . [5.1.2600.2180] . . c:\windows\system32\perfctrs.dll
[-] 2006-03-24 . 007BFD01772B5202C5CE4F208A2F3F46 . 41984 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\perfctrs.dll
[-] 2008-04-14 . F86000634319F71535BCE6B06995EE99 . 18944 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\a746b2abbbec3e139e29152ba22decd1\version.dll
[-] 2006-03-24 . 4EF2FDC0A085C8339ED4D9C59CE8FC60 . 18944 . . [5.1.2600.2180] . . c:\windows\system32\version.dll
[-] 2006-03-24 . 4EF2FDC0A085C8339ED4D9C59CE8FC60 . 18944 . . [5.1.2600.2180] . . c:\windows\system32\dllcache\version.dll
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{872b5b88-9db5-4310-bdd0-ac189557e5f5}"= "c:\programme\DVDVideoSoftTB\tbDVD0.dll" [2010-10-12 2735200]
[HKEY_CLASSES_ROOT\clsid\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
2010-10-12 23:56 2735200 ----a-w- c:\programme\DVDVideoSoftTB\tbDVD0.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{872b5b88-9db5-4310-bdd0-ac189557e5f5}"= "c:\programme\DVDVideoSoftTB\tbDVD0.dll" [2010-10-12 2735200]
[HKEY_CLASSES_ROOT\clsid\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{872B5B88-9DB5-4310-BDD0-AC189557E5F5}"= "c:\programme\DVDVideoSoftTB\tbDVD0.dll" [2010-10-12 2735200]
[HKEY_CLASSES_ROOT\clsid\{872b5b88-9db5-4310-bdd0-ac189557e5f5}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BullGuard"="c:\programme\BullGuard Software\BullGuard\BullGuard.exe" [2006-09-19 102400]
"ICQ"="c:\programme\ICQ7.1\ICQ.exe" [2010-08-22 133432]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-09-29 67584]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-09-06 7585792]
"RTHDCPL"="RTHDCPL.EXE" [2006-09-22 16236032]
"SkyTel"="SkyTel.EXE" [2006-05-16 2879488]
"SMSERIAL"="c:\windows\sm56hlpr.exe" [2006-04-05 565248]
"IntelZeroConfig"="c:\programme\Intel\Wireless\bin\ZCfgSvc.exe" [2006-08-01 802816]
"IntelWireless"="c:\programme\Intel\Wireless\Bin\ifrmewrk.exe" [2006-08-01 696320]
"BullGuard"="c:\programme\BullGuard Software\BullGuard\bullguard.exe" [2006-09-19 102400]
"NeroFilterCheck"="c:\programme\Gemeinsame Dateien\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648]
"LanguageShortcut"="c:\programme\Home Cinema\PowerDVD\Language\Language.exe" [2006-05-18 49152]
"InstantOn"="c:\programme\CyberLink\PowerCinema Linux\ion_install.exe" [2005-09-23 93640]
"TVBroadcast"="c:\programme\Sceneo\Bonavista\Services\ODSBC\ODSBCApp.exe" [2007-08-07 797696]
"Microsoft Works Update Detection"="c:\programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\WkUFind.exe" [2002-07-24 28672]
"QuickTime Task"="c:\programme\QuickTime\qttask.exe" [2010-03-17 421888]
"iTunesHelper"="c:\programme\iTunes\iTunesHelper.exe" [2010-04-28 142120]
"AdobeCS4ServiceManager"="c:\programme\Gemeinsame Dateien\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2008-08-14 611712]
"STAMPIT-Tray"="c:\progra~1\STAMPIT\BINARY\STRAY.EXE" [2005-08-16 57344]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2006-03-24 15360]
c:\dokumente und einstellungen\All Users\Startmen\Programme\Autostart\
AOL 9.0 Tray-Symbol.lnk - c:\programme\AOL 9.0\aoltray.exe [2009-12-19 156784]
Microsoft Office.lnk - c:\programme\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"c:\\WINDOWS\\system32\\sessmgr.exe"=
"c:\\Programme\\Messenger\\msmsgs.exe"=
"c:\\Programme\\MSN Messenger\\msnmsgr.exe"=
"c:\\WINDOWS\\system32\\fxsclnt.exe"=
"c:\\Programme\\NetMeeting\\Conf.exe"=
"c:\\Programme\\Nero\\Nero 7\\Nero MediaHome\\NeroMediaHome.exe"=
"c:\\Programme\\Nero\\Nero 7\\Nero Home\\NeroHome.exe"=
"c:\\Programme\\Gemeinsame Dateien\\Ahead\\Lib\\NeroUpgrade.exe"=
"c:\\Programme\\Gemeinsame Dateien\\Ahead\\Nero Web\\SetupX.exe"=
"c:\\Programme\\Sceneo\\Bonavista\\VMedia\\BVD.exe"=
"c:\\Programme\\BullGuard Software\\BullGuard\\BullGuard.exe"=
"c:\\Programme\\BullGuard Software\\BullGuard\\BullGuardUpdate.exe"=
"c:\\Programme\\Medion\\MEDIONbox\\Program\\GnabClient.exe"=
"c:\\Programme\\Sonavis\\TVsweeper\\\\TVsweeper.exe"=
"c:\\Programme\\Gemeinsame Dateien\\aol\\ACS\\AOLDial.exe"=
"c:\\Programme\\Gemeinsame Dateien\\aol\\ACS\\AOLacsd.exe"=
"c:\\Programme\\AOL 9.0\\waol.exe"=
"c:\\Programme\\Mozilla Firefox\\firefox.exe"=
"c:\\Programme\\ICQ7.1\\ICQ.exe"=
"c:\\Programme\\ICQ7.1\\aolload.exe"=
"c:\\Programme\\iTunes\\iTunes.exe"=
"c:\\Programme\\Gemeinsame Dateien\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5353:TCP"= 5353:TCP:Adobe CSI CS4
R2 BsFileSpy;BullGuard File Monitoring Service;c:\windows\System32\svchost.exe -k bg5 [24.03.2006 14:00 14336]
R2 BsFirewall;BullGuard Firewall Service;c:\windows\System32\svchost.exe -k bg5 [24.03.2006 14:00 14336]
R2 BsMailProxy;BullGuard Email Monitoring Service;c:\windows\System32\svchost.exe -k bg5 [24.03.2006 14:00 14336]
R2 GnabService;GnabService;c:\programme\Gemeinsame Dateien\Gnab\Service\ServiceController.exe [16.11.2006 03:02 36864]
R2 srvcPVR;Sceneo PVR Service;c:\programme\Sceneo\Bonavista\Services\PVR\pvrservice.exe [16.11.2006 02:03 1681408]
R3 AVMUNET;AVM FRITZ!Box;c:\windows\system32\drivers\avmunet.sys [19.12.2009 13:56 15104]
R3 FileSpy5;BullGuard File Monitor;c:\programme\BullGuard Software\BullGuard\filespy5.sys [08.05.2006 13:17 19536]
R3 Reconn;BullGuard Email Monitor;c:\programme\BullGuard Software\BullGuard\reconn.sys [08.05.2006 13:17 12240]
R3 X10Hid;X10 Hid Device;c:\windows\system32\drivers\x10hid.sys [15.11.2006 19:43 7040]
S2 AntiVirSchedulerService;Avira AntiVir Planer;"c:\programme\Avira\AntiVir Desktop\sched.exe" --> c:\programme\Avira\AntiVir Desktop\sched.exe [?]
S3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\drivers\netaapl.sys [16.06.2010 16:35 17408]
S3 PhilCap;PhilCap service;c:\windows\system32\drivers\PhilCap.sys [12.10.2006 14:57 1053824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bg5 REG_MULTI_SZ BGMainSvc BsFileSpy BsMailProxy BsFirewall
.
Inhalt des "geplante Tasks" Ordners
2010-10-02 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\programme\Apple Software Update\SoftwareUpdate.exe [2009-10-22 09:50]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.klamm.de/?id=401875
uInternet Settings,ProxyOverride = *.local
IE: Free YouTube Download - c:\dokumente und einstellungen\Michael\Anwendungsdaten\DVDVideoSoftIEHelpers\youtubedownload.htm
IE: Nach Microsoft &Excel exportieren - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
IE: {{71BFC818-0CED-42D6-9C87-5142918957EE} - c:\programme\ICQ7.1\ICQ.exe
IE: {{0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - {E601996F-E400-41CA-804B-CD6373A7EEE2} - c:\programme\kikin\ie_kikin.dll
DPF: {BF3CD111-6278-11D2-9EA3-00A0C9251384} - hxxp://www.o2c.de/download/O2CPlayer.CAB
FF - ProfilePath - c:\dokumente und einstellungen\Michael\Anwendungsdaten\Mozilla\Firefox\Profiles\aco7zfjx.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - component: c:\dokumente und einstellungen\Michael\Anwendungsdaten\Mozilla\Firefox\Profiles\aco7zfjx.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\components\FFExternalAlert.dll
FF - component: c:\dokumente und einstellungen\Michael\Anwendungsdaten\Mozilla\Firefox\Profiles\aco7zfjx.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\components\RadioWMPCore.dll
FF - component: c:\dokumente und einstellungen\Michael\Anwendungsdaten\Mozilla\Firefox\Profiles\aco7zfjx.default\extensions\{AA994882-F391-4d2e-806F-8908DA4814ED}\components\kikin_3_0.dll
FF - component: c:\dokumente und einstellungen\Michael\Anwendungsdaten\Mozilla\Firefox\Profiles\aco7zfjx.default\extensions\{AA994882-F391-4d2e-806F-8908DA4814ED}\components\kikin_3_6.dll
FF - component: c:\dokumente und einstellungen\Michael\Anwendungsdaten\Mozilla\Firefox\Profiles\aco7zfjx.default\extensions\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}\components\FFExternalAlert.dll
FF - component: c:\dokumente und einstellungen\Michael\Anwendungsdaten\Mozilla\Firefox\Profiles\aco7zfjx.default\extensions\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065}\components\RadioWMPCore.dll
FF - component: c:\dokumente und einstellungen\Michael\Anwendungsdaten\Mozilla\Firefox\Profiles\aco7zfjx.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}\components\FFExternalAlert.dll
FF - component: c:\dokumente und einstellungen\Michael\Anwendungsdaten\Mozilla\Firefox\Profiles\aco7zfjx.default\extensions\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}\components\RadioWMPCore.dll
FF - plugin: c:\dokumente und einstellungen\Michael\Anwendungsdaten\Mozilla\plugins\np-mswmp.dll
FF - plugin: c:\programme\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: c:\programme\Java\jre1.5.0_09\bin\NPJava11.dll
FF - plugin: c:\programme\Java\jre1.5.0_09\bin\NPJava12.dll
FF - plugin: c:\programme\Java\jre1.5.0_09\bin\NPJava13.dll
FF - plugin: c:\programme\Java\jre1.5.0_09\bin\NPJava14.dll
FF - plugin: c:\programme\Java\jre1.5.0_09\bin\NPJava32.dll
FF - plugin: c:\programme\Java\jre1.5.0_09\bin\NPJPI150_09.dll
FF - plugin: c:\programme\Java\jre1.5.0_09\bin\NPOJI610.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
---- FIREFOX Richtlinien ----
c:\programme\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
c:\programme\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
BHO-{E601996F-E400-41CA-804B-CD6373A7EEE2} - c:\programme\kikin\ie_kikin.dll
HKCU-Run-Livestation - c:\programme\Livestation\Livestation.exe
HKLM-Run-SynTPEnh - c:\programme\Synaptics\SynTP\SynTPEnh.exe
HKLM-Run-NWEReboot - (no file)
HKLM-Run-avgnt - c:\programme\Avira\AntiVir Desktop\avgnt.exe
HKLM-Run-UnlockerAssistant - c:\programme\Unlocker\UnlockerAssistant.exe
AddRemove-Shockwave - c:\windows\system32\Macromed\SHOCKW~1\UNWISE.EXE
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe,-101"
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10k_ActiveX.exe"
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
[HKEY_LOCAL_MACHINE\software\Philips]
@DACL=(02 0000)
.
--------------------- Durch laufende Prozesse gestartete DLLs ---------------------
- - - - - - - > 'explorer.exe'(868)
c:\windows\system32\msi.dll
c:\windows\system32\webcheck.dll
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\programme\Intel\Wireless\Bin\EvtEng.exe
c:\programme\Intel\Wireless\Bin\S24EvMon.exe
c:\programme\Gemeinsame Dateien\AOL\ACS\AOLAcsd.exe
c:\programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\programme\BullGuard Software\BullGuard\BullGuardUpdate.exe
c:\windows\eHome\ehRecvr.exe
c:\windows\eHome\ehSched.exe
c:\programme\Medion\MEDIONbox\Program\GCS.exe
c:\programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
c:\programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\windows\system32\nvsvc32.exe
c:\programme\Intel\Wireless\Bin\RegSrvc.exe
c:\programme\CyberLink\Shared Files\RichVideo.exe
c:\progra~1\COMMON~1\X10\Common\x10nets.exe
c:\windows\ehome\mcrdsvc.exe
c:\windows\system32\dllhost.exe
c:\windows\system32\wscntfy.exe
c:\windows\RTHDCPL.EXE
c:\windows\eHome\ehmsas.exe
c:\programme\iPod\bin\iPodService.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2010-10-13 13:30:02 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2010-10-13 11:30
Vor Suchlauf: 12 Verzeichnis(se), 116.697.497.600 Bytes frei
Nach Suchlauf: 14 Verzeichnis(se), 117.074.755.584 Bytes frei
WindowsXP-KB310994-SP2-Pro-BootDisk-DEU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Windows XP Media Center Edition" /noexecute=optin /fastdetect
- - End Of File - - 31CCD9467E7F9195B885589FFEB7AAD7
-------------------------- und jetz ?^^
__________________ Spittfaia & Rebina - Doppelt aufs Maul DIE FREEDOWNLOAD EP 12 Tracks direkt auf http://spittfaia.lima-city.de/spiitload.html währe cool wenn sie jemand lädt |
|
13.10.2010, 16:25
| #13 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | TR/Crypt.XPACK.Gen3 Ok. Bitte nun Logs mit GMER und OSAM erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus Downloade Dir danach bitte MBRCheck (by a_d_13) und speichere die Datei auf dem Desktop.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
24.10.2010, 12:14
| #14 |
| | TR/Crypt.XPACK.Gen3 okkay, schuldiging dass es wieder solangegedauert hat, ich war im Urlaub, werde das jetzt heute alles durchführen, in der Zwischenzeit ist überigends noch eine andere Fehlermeldung aufgetaucht , die folgendes sagt: Die Anweisung in "0x7c928af2" verweist auf Speicher in "0x01cb737a". Der Vorgang "written" konnte nicht auf dem Speicher durchgeführt werden. Was isn das schon wieder ?0o^^
__________________ Spittfaia & Rebina - Doppelt aufs Maul DIE FREEDOWNLOAD EP 12 Tracks direkt auf http://spittfaia.lima-city.de/spiitload.html währe cool wenn sie jemand lädt |
|
24.10.2010, 14:10
| #15 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | TR/Crypt.XPACK.Gen3 Nichtssagend. Irgendein Fehler in irgendeinem Programm oder der Arbeitsspeicher hat nen Schuss. Mach erstmal die Logs.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu TR/Crypt.XPACK.Gen3 |
| antivir, gefunde, malwarebytes, meldung, namens, scan, stunde, taucht, tr/crypt.xpack.ge, tr/crypt.xpack.gen, tr/crypt.xpack.gen3, troja, trojaner, verdammte |
Linear-Darstellung
