|
Plagegeister aller Art und deren Bekämpfung: AntiVir Fund tr/dynameter.dtc.562Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
07.11.2010, 13:01 | #1 |
| AntiVir Fund tr/dynameter.dtc.562 Hallo, ich habe Windows 7, Antivir, und ZoneAlarm. Gestern wurde von Antivir der tr/dynameter.dtc.562 gefunden in einer Datei, die ich vor ca. 4 Wochen heruntergeladen habe. Der Fund kam deshalb so spät, weil der Virus erst vor paar Tagen von AntiVir aufgenommen wurde. Bei der Ausführung der befallenen Datei vor ca. 4 Wochen ist mir nicht besonderes aufgefallen. Auch ZoneAlarm hat nicht angeschlagen. Meine Frage ist jetzt ob mein Rechner befallen ist und was dieser Virus in den paar Wochen der Unentdecktheit evtl. angestellt haben könnte. Die Logfiles sind: OTL Code:
ATTFilter OTL logfile created on: 07.11.2010 01:20:07 - Run 1 OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\*******\Desktop An unknown product (Version = 6.1.7600) - Type = NTWorkstation Internet Explorer (Version = 8.0.7600.16385) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 68,00% Memory free 6,00 Gb Paging File | 5,00 Gb Available in Paging File | 81,00% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 223,92 Gb Total Space | 87,94 Gb Free Space | 39,27% Space Free | Partition Type: NTFS Drive D: | 8,97 Gb Total Space | 1,62 Gb Free Space | 18,08% Space Free | Partition Type: NTFS Computer Name: ******* | User Name: ******* | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 90 Days ========== Processes (SafeList) ========== PRC - C:\Users\*******\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH) PRC - C:\Programme\Miranda IM\miranda32.exe ( ) PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Programme\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation) PRC - C:\Windows\System32\ZoneLabs\vsmon.exe (Check Point Software Technologies LTD) PRC - C:\Programme\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD) PRC - C:\Programme\CheckPoint\ZAForceField\ISWSVC.exe (Check Point Software Technologies) PRC - C:\Programme\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies) PRC - C:\Programme\Microsoft Office\Office12\OUTLOOK.EXE (Microsoft Corporation) PRC - C:\Programme\IDT\WDM\sttray.exe (IDT, Inc.) PRC - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\stacsv.exe (IDT, Inc.) PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH) PRC - C:\Programme\Application Updater\ApplicationUpdater.exe (Spigot, Inc.) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Programme\FreePDF_XP\fpassist.exe (shbox.de) PRC - C:\Programme\Mouse Driver\KMProcess.exe (UASSOFT.COM) PRC - C:\Programme\Mouse Driver\KMWDSrv.exe (UASSOFT.COM) PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation) PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation) PRC - C:\Programme\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (Elaborate Bytes AG) PRC - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\AEstSrv.exe (Andrea Electronics Corporation) PRC - C:\Programme\Mouse Driver\KMCONFIG.exe (UASSOFT.COM) PRC - C:\Programme\Mouse Driver\StartAutorun.exe (UASSOFT.COM) ========== Modules (SafeList) ========== MOD - C:\Users\*******\Desktop\OTL.exe (OldTimer Tools) MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation) MOD - C:\Programme\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll (Check Point Software Technologies) MOD - C:\Windows\System32\sspicli.dll (Microsoft Corporation) MOD - C:\Windows\System32\sechost.dll (Microsoft Corporation) MOD - C:\Windows\System32\samcli.dll (Microsoft Corporation) MOD - C:\Windows\System32\profapi.dll (Microsoft Corporation) MOD - C:\Windows\System32\netutils.dll (Microsoft Corporation) MOD - C:\Windows\System32\KernelBase.dll (Microsoft Corporation) MOD - C:\Windows\System32\devobj.dll (Microsoft Corporation) MOD - C:\Windows\System32\cryptbase.dll (Microsoft Corporation) MOD - C:\Windows\System32\cfgmgr32.dll (Microsoft Corporation) MOD - C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4927_none_d08a205e442db5b5\msvcr80.dll (Microsoft Corporation) MOD - C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4927_none_d08a205e442db5b5\msvcp80.dll (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV - (AntiVirService) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe (Avira GmbH) SRV - (AntiVirSchedulerService) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe (Avira GmbH) SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation) SRV - (nosGetPlusHelper) getPlus(R) -- C:\Programme\NOS\bin\getPlus_Helper_3004.dll (NOS Microsystems Ltd.) SRV - (vsmon) -- C:\Windows\System32\ZoneLabs\vsmon.exe (Check Point Software Technologies LTD) SRV - (IswSvc) -- C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe (Check Point Software Technologies) SRV - (STacSV) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\stacsv.exe (IDT, Inc.) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (Application Updater) -- C:\Program Files\Application Updater\ApplicationUpdater.exe (Spigot, Inc.) SRV - (KMWDSERVICE) -- C:\Programme\Mouse Driver\KMWDSrv.exe (UASSOFT.COM) SRV - (WwanSvc) -- C:\Windows\System32\wwansvc.dll (Microsoft Corporation) SRV - (WbioSrvc) -- C:\Windows\System32\wbiosrvc.dll (Microsoft Corporation) SRV - (Power) -- C:\Windows\System32\umpo.dll (Microsoft Corporation) SRV - (Themes) -- C:\Windows\System32\themeservice.dll (Microsoft Corporation) SRV - (sppuinotify) -- C:\Windows\System32\sppuinotify.dll (Microsoft Corporation) SRV - (StorSvc) -- C:\Windows\System32\StorSvc.dll (Microsoft Corporation) SRV - (RpcEptMapper) -- C:\Windows\System32\RpcEpMap.dll (Microsoft Corporation) SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation) SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation) SRV - (PNRPsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation) SRV - (p2pimsvc) -- C:\Windows\System32\pnrpsvc.dll (Microsoft Corporation) SRV - (HomeGroupProvider) -- C:\Windows\System32\provsvc.dll (Microsoft Corporation) SRV - (PNRPAutoReg) -- C:\Windows\System32\pnrpauto.dll (Microsoft Corporation) SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV - (HomeGroupListener) -- C:\Windows\System32\ListSvc.dll (Microsoft Corporation) SRV - (FontCache) -- C:\Windows\System32\FntCache.dll (Microsoft Corporation) SRV - (Dhcp) -- C:\Windows\System32\dhcpcore.dll (Microsoft Corporation) SRV - (defragsvc) -- C:\Windows\System32\defragsvc.dll (Microsoft Corporation) SRV - (BDESVC) -- C:\Windows\System32\bdesvc.dll (Microsoft Corporation) SRV - (AxInstSV) ActiveX-Installer (AxInstSV) -- C:\Windows\System32\AxInstSv.dll (Microsoft Corporation) SRV - (AppIDSvc) -- C:\Windows\System32\appidsvc.dll (Microsoft Corporation) SRV - (sppsvc) -- C:\Windows\System32\sppsvc.exe (Microsoft Corporation) SRV - (AESTFilters) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\AEstSrv.exe (Andrea Electronics Corporation) SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation) SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH) DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH) DRV - (sptd) -- C:\Windows\System32\drivers\sptd.sys (Duplex Secure Ltd.) DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation) DRV - (NVHDA) -- C:\Windows\System32\drivers\nvhda32v.sys (NVIDIA Corporation) DRV - (ISWKL) -- C:\Programme\CheckPoint\ZAForceField\ISWKL.sys (Check Point Software Technologies) DRV - (SynTP) -- C:\Windows\System32\drivers\SynTP.sys (Synaptics Incorporated) DRV - (Vsdatant) -- C:\Windows\System32\drivers\vsdatant.sys (Check Point Software Technologies LTD) DRV - (STHDA) -- C:\Windows\System32\drivers\stwrt.sys (IDT, Inc.) DRV - (NETw5s32) Intel(R) -- C:\Windows\System32\drivers\NETw5s32.sys (Intel Corporation) DRV - (ElbyCDIO) -- C:\Windows\System32\drivers\ElbyCDIO.sys (Elaborate Bytes AG) DRV - (KSecPkg) -- C:\Windows\System32\Drivers\ksecpkg.sys (Microsoft Corporation) DRV - (VClone) -- C:\Windows\System32\drivers\VClone.sys (Elaborate Bytes AG) DRV - (cmdide) -- C:\Windows\system32\DRIVERS\cmdide.sys (CMD Technology, Inc.) DRV - (adpahci) -- C:\Windows\system32\DRIVERS\adpahci.sys (Adaptec, Inc.) DRV - (adp94xx) -- C:\Windows\system32\DRIVERS\adp94xx.sys (Adaptec, Inc.) DRV - (amdsbs) -- C:\Windows\system32\DRIVERS\amdsbs.sys (AMD Technologies Inc.) DRV - (adpu320) -- C:\Windows\system32\DRIVERS\adpu320.sys (Adaptec, Inc.) DRV - (arcsas) -- C:\Windows\system32\DRIVERS\arcsas.sys (Adaptec, Inc.) DRV - (amdsata) -- C:\Windows\system32\DRIVERS\amdsata.sys (Advanced Micro Devices) DRV - (arc) -- C:\Windows\system32\DRIVERS\arc.sys (Adaptec, Inc.) DRV - (amdxata) -- C:\Windows\system32\DRIVERS\amdxata.sys (Advanced Micro Devices) DRV - (aliide) -- C:\Windows\system32\DRIVERS\aliide.sys (Acer Laboratories Inc.) DRV - (nvstor) -- C:\Windows\system32\DRIVERS\nvstor.sys (NVIDIA Corporation) DRV - (nvraid) -- C:\Windows\system32\DRIVERS\nvraid.sys (NVIDIA Corporation) DRV - (nfrd960) -- C:\Windows\system32\DRIVERS\nfrd960.sys (IBM Corporation) DRV - (LSI_SAS) -- C:\Windows\system32\DRIVERS\lsi_sas.sys (LSI Corporation) DRV - (iaStorV) -- C:\Windows\system32\DRIVERS\iaStorV.sys (Intel Corporation) DRV - (MegaSR) -- C:\Windows\system32\DRIVERS\MegaSR.sys (LSI Corporation, Inc.) DRV - (LSI_SCSI) -- C:\Windows\system32\DRIVERS\lsi_scsi.sys (LSI Corporation) DRV - (LSI_FC) -- C:\Windows\system32\DRIVERS\lsi_fc.sys (LSI Corporation) DRV - (LSI_SAS2) -- C:\Windows\system32\DRIVERS\lsi_sas2.sys (LSI Corporation) DRV - (iirsp) -- C:\Windows\system32\DRIVERS\iirsp.sys (Intel Corp./ICP vortex GmbH) DRV - (megasas) -- C:\Windows\system32\DRIVERS\megasas.sys (LSI Corporation) DRV - (hwpolicy) -- C:\Windows\System32\drivers\hwpolicy.sys (Microsoft Corporation) DRV - (elxstor) -- C:\Windows\system32\DRIVERS\elxstor.sys (Emulex) DRV - (aic78xx) -- C:\Windows\system32\DRIVERS\djsvs.sys (Adaptec, Inc.) DRV - (HpSAMD) -- C:\Windows\system32\DRIVERS\HpSAMD.sys (Hewlett-Packard Company) DRV - (FsDepends) -- C:\Windows\System32\drivers\fsdepends.sys (Microsoft Corporation) DRV - (vsmraid) -- C:\Windows\system32\DRIVERS\vsmraid.sys (VIA Technologies Inc.,Ltd) DRV - (vmbus) -- C:\Windows\system32\DRIVERS\vmbus.sys (Microsoft Corporation) DRV - (vhdmp) -- C:\Windows\system32\DRIVERS\vhdmp.sys (Microsoft Corporation) DRV - (storflt) -- C:\Windows\system32\DRIVERS\vmstorfl.sys (Microsoft Corporation) DRV - (vdrvroot) -- C:\Windows\system32\DRIVERS\vdrvroot.sys (Microsoft Corporation) DRV - (storvsc) -- C:\Windows\system32\DRIVERS\storvsc.sys (Microsoft Corporation) DRV - (WIMMount) -- C:\Windows\System32\drivers\wimmount.sys (Microsoft Corporation) DRV - (viaide) -- C:\Windows\system32\DRIVERS\viaide.sys (VIA Technologies, Inc.) DRV - (ql2300) -- C:\Windows\system32\DRIVERS\ql2300.sys (QLogic Corporation) DRV - (rdyboost) -- C:\Windows\System32\drivers\rdyboost.sys (Microsoft Corporation) DRV - (ql40xx) -- C:\Windows\system32\DRIVERS\ql40xx.sys (QLogic Corporation) DRV - (SiSRaid4) -- C:\Windows\system32\DRIVERS\sisraid4.sys (Silicon Integrated Systems) DRV - (pcw) -- C:\Windows\System32\drivers\pcw.sys (Microsoft Corporation) DRV - (SiSRaid2) -- C:\Windows\system32\DRIVERS\SiSRaid2.sys (Silicon Integrated Systems Corp.) DRV - (stexstor) -- C:\Windows\system32\DRIVERS\stexstor.sys (Promise Technology) DRV - (CNG) -- C:\Windows\System32\Drivers\cng.sys (Microsoft Corporation) DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\System32\Drivers\Brserid.sys (Brother Industries Ltd.) DRV - (rdpbus) -- C:\Windows\System32\drivers\rdpbus.sys (Microsoft Corporation) DRV - (RDPREFMP) -- C:\Windows\System32\drivers\RDPREFMP.sys (Microsoft Corporation) DRV - (RasAgileVpn) WAN Miniport (IKEv2) -- C:\Windows\System32\drivers\agilevpn.sys (Microsoft Corporation) DRV - (WfpLwf) -- C:\Windows\System32\drivers\wfplwf.sys (Microsoft Corporation) DRV - (NdisCap) -- C:\Windows\System32\drivers\ndiscap.sys (Microsoft Corporation) DRV - (vwififlt) -- C:\Windows\System32\drivers\vwififlt.sys (Microsoft Corporation) DRV - (vwifibus) -- C:\Windows\System32\drivers\vwifibus.sys (Microsoft Corporation) DRV - (1394ohci) -- C:\Windows\System32\drivers\1394ohci.sys (Microsoft Corporation) DRV - (UmPass) -- C:\Windows\system32\DRIVERS\umpass.sys (Microsoft Corporation) DRV - (usbaudio) USB-Audiotreiber (WDM) -- C:\Windows\System32\drivers\USBAUDIO.sys (Microsoft Corporation) DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation) DRV - (mshidkmdf) -- C:\Windows\System32\drivers\mshidkmdf.sys (Microsoft Corporation) DRV - (MTConfig) -- C:\Windows\system32\DRIVERS\MTConfig.sys (Microsoft Corporation) DRV - (CompositeBus) -- C:\Windows\System32\drivers\CompositeBus.sys (Microsoft Corporation) DRV - (AppID) -- C:\Windows\system32\drivers\appid.sys (Microsoft Corporation) DRV - (scfilter) -- C:\Windows\System32\drivers\scfilter.sys (Microsoft Corporation) DRV - (s3cap) -- C:\Windows\system32\DRIVERS\vms3cap.sys (Microsoft Corporation) DRV - (VMBusHID) -- C:\Windows\system32\DRIVERS\VMBusHID.sys (Microsoft Corporation) DRV - (discache) -- C:\Windows\System32\drivers\discache.sys (Microsoft Corporation) DRV - (AcpiPmi) -- C:\Windows\system32\DRIVERS\acpipmi.sys (Microsoft Corporation) DRV - (AmdPPM) -- C:\Windows\system32\DRIVERS\amdppm.sys (Microsoft Corporation) DRV - (hcw85cir) -- C:\Windows\system32\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV - (BrUsbMdm) -- C:\Windows\System32\Drivers\BrUsbMdm.sys (Brother Industries Ltd.) DRV - (BrUsbSer) -- C:\Windows\System32\Drivers\BrUsbSer.sys (Brother Industries Ltd.) DRV - (BrSerWdm) -- C:\Windows\System32\Drivers\BrSerWdm.sys (Brother Industries Ltd.) DRV - (BrFiltLo) -- C:\Windows\system32\DRIVERS\BrFiltLo.sys (Brother Industries, Ltd.) DRV - (BrFiltUp) -- C:\Windows\system32\DRIVERS\BrFiltUp.sys (Brother Industries, Ltd.) DRV - (netw5v32) Intel(R) -- C:\Windows\System32\drivers\netw5v32.sys (Intel Corporation) DRV - (b57nd60x) -- C:\Windows\System32\drivers\b57nd60x.sys (Broadcom Corporation) DRV - (ebdrv) -- C:\Windows\system32\DRIVERS\evbdx.sys (Broadcom Corporation) DRV - (b06bdrv) -- C:\Windows\system32\DRIVERS\bxvbdx.sys (Broadcom Corporation) DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH) DRV - (KMWDFILTERx86) -- C:\Windows\System32\drivers\KMWDFILTER.sys (Windows (R) Codename Longhorn DDK provider) DRV - (HpqKbFiltr) -- C:\Windows\System32\drivers\HpqKbFiltr.sys (Hewlett-Packard Development Company, L.P.) DRV - (RTL8167) -- C:\Windows\System32\drivers\Rt86win7.sys (Realtek Corporation ) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\URLSearchHook: {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Programme\Winload\tbWinl.dll (Conduit Ltd.) IE - HKLM\..\URLSearchHook: {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Programme\ZoneAlarm-Sicherheit\tbZone.dll (Conduit Ltd.) IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2319825 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 33 55 6A 9D 7A 55 CB 01 [binary data] IE - HKCU\..\URLSearchHook: {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Programme\Winload\tbWinl.dll (Conduit Ltd.) IE - HKCU\..\URLSearchHook: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Programme\pdfforge Toolbar\SearchSettings.dll (Spigot, Inc.) IE - HKCU\..\URLSearchHook: {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Programme\ZoneAlarm-Sicherheit\tbZone.dll (Conduit Ltd.) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.defaultthis.engineName: "Winload Customized Web Search" FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2319825&SearchSource=3&q={searchTerms}" FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=302398" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "https://www.weltkulturerbelauf.de/anmeldung.php" FF - prefs.js..extensions.enabledItems: {FFB96CC1-7EB3-449D-B827-DB661701C6BB}:1.5.232.0 FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1.6.2.91 FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.1 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: {195A3098-0BD5-4e90-AE22-BA1C540AFD1E}:2.9.2 FF - prefs.js..extensions.enabledItems: searchsettings@spigot.com:1.2.3 FF - prefs.js..extensions.enabledItems: {3b56bcc7-54e5-44a2-9b44-66c3ef58c13e}:0.8.6.1 FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6778 FF - HKLM\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\TrustChecker [2010.09.16 09:57:16 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.10.29 21:46:19 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.10.29 21:46:19 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 4.0b6\extensions\\Components: C:\Program Files\Mozilla Firefox 4.0 Beta 6\components [2010.09.17 11:14:22 | 000,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 4.0b6\extensions\\Plugins: C:\Program Files\Mozilla Firefox 4.0 Beta 6\plugins [2010.10.26 19:48:37 | 000,000,000 | ---D | M] -- C:\Users\*******\AppData\Roaming\mozilla\Extensions [2010.10.26 19:48:37 | 000,000,000 | ---D | M] -- C:\Users\*******\AppData\Roaming\mozilla\Extensions\home2@tomtom.com [2010.11.06 09:32:26 | 000,000,000 | ---D | M] -- C:\Users\*******\AppData\Roaming\mozilla\Firefox\Profiles\x47zebei.default\extensions [2010.09.21 12:14:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\*******\AppData\Roaming\mozilla\Firefox\Profiles\x47zebei.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2010.10.04 10:38:09 | 000,000,000 | ---D | M] (Html Validator) -- C:\Users\*******\AppData\Roaming\mozilla\Firefox\Profiles\x47zebei.default\extensions\{3b56bcc7-54e5-44a2-9b44-66c3ef58c13e} [2010.11.03 18:46:47 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\*******\AppData\Roaming\mozilla\Firefox\Profiles\x47zebei.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} [2010.09.16 10:51:22 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus(R))) -- C:\Users\*******\AppData\Roaming\mozilla\Firefox\Profiles\x47zebei.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7} [2010.09.17 11:26:39 | 000,000,000 | ---D | M] -- C:\Users\*******\AppData\Roaming\mozilla\Firefox\Profiles\x47zebei.default\extensions\nostmp [2010.03.24 15:13:02 | 000,000,917 | ---- | M] () -- C:\Users\*******\AppData\Roaming\Mozilla\FireFox\Profiles\x47zebei.default\searchplugins\conduit.xml [2010.09.19 12:58:48 | 000,002,698 | ---- | M] () -- C:\Users\*******\AppData\Roaming\Mozilla\FireFox\Profiles\x47zebei.default\searchplugins\twitter.xml [2010.11.04 20:43:25 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions [2010.11.04 20:43:25 | 000,000,000 | ---D | M] (Skype extension) -- C:\Programme\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2010.09.20 10:37:03 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010.09.20 23:45:13 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2010.07.17 04:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll [2010.08.25 01:44:54 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml [2010.08.25 01:44:54 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml [2010.08.25 01:44:54 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml [2010.08.25 01:44:54 | 000,001,178 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml [2010.08.25 01:44:54 | 000,001,105 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2009.06.10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O2 - BHO: (Winload Toolbar) - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Programme\Winload\tbWinl.dll (Conduit Ltd.) O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O2 - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Programme\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies) O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Programme\pdfforge Toolbar\IE\1.1.2\pdfforgeToolbarIE.dll (Spigot, Inc.) O2 - BHO: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Programme\pdfforge Toolbar\SearchSettings.dll (Spigot, Inc.) O2 - BHO: (ZoneAlarm-Sicherheit Toolbar) - {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Programme\ZoneAlarm-Sicherheit\tbZone.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (Winload Toolbar) - {40c3cc16-7269-4b32-9531-17f2950fb06f} - C:\Programme\Winload\tbWinl.dll (Conduit Ltd.) O3 - HKLM\..\Toolbar: (pdfforge Toolbar) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Programme\pdfforge Toolbar\IE\1.1.2\pdfforgeToolbarIE.dll (Spigot, Inc.) O3 - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Programme\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies) O3 - HKLM\..\Toolbar: (ZoneAlarm-Sicherheit Toolbar) - {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Programme\ZoneAlarm-Sicherheit\tbZone.dll (Conduit Ltd.) O3 - HKCU\..\Toolbar\WebBrowser: (Winload Toolbar) - {40C3CC16-7269-4B32-9531-17F2950FB06F} - C:\Programme\Winload\tbWinl.dll (Conduit Ltd.) O3 - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Programme\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies) O3 - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm-Sicherheit Toolbar) - {FC2B76FC-2132-4D80-A9A3-1F5C6E49066B} - C:\Programme\ZoneAlarm-Sicherheit\tbZone.dll (Conduit Ltd.) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH) O4 - HKLM..\Run: [FreePDF Assistant] C:\Programme\FreePDF_XP\fpassist.exe (shbox.de) O4 - HKLM..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies) O4 - HKLM..\Run: [KMCONFIG] C:\Program Files\Mouse Driver\StartAutorun.exe KMConfig.exe File not found O4 - HKLM..\Run: [SearchSettings] C:\Programme\pdfforge Toolbar\SearchSettings.exe (Spigot, Inc.) O4 - HKLM..\Run: [SysTrayApp] C:\Programme\IDT\WDM\sttray.exe (IDT, Inc.) O4 - HKLM..\Run: [VirtualCloneDrive] C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (Elaborate Bytes AG) O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD) O4 - HKCU..\Run: [TomTomHOME.exe] C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe File not found O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - Startup: C:\Users\*******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office Outlook 2007.lnk = C:\Windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\outicon.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab (Java Plug-in 1.6.0_21) O16 - DPF: Garmin Communicator Plug-In https://static.garmincdn.com/gcp/ie/2.9.2.0/GarminAxControl.CAB (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{007c44b1-c173-11df-95d6-00238b0b7982}\Shell - "" = AutoRun O33 - MountPoints2\{007c44b1-c173-11df-95d6-00238b0b7982}\Shell\AutoRun\command - "" = G:\autorun.exe autorun.dat -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 90 Days ========== [2010.11.07 01:16:12 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\*******\Desktop\OTL.exe [2010.11.07 01:10:10 | 000,000,000 | ---D | C] -- C:\Users\*******\AppData\Roaming\Malwarebytes [2010.11.07 01:10:01 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2010.11.07 01:09:59 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2010.11.07 01:09:59 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware [2010.11.07 01:09:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2010.11.04 21:01:39 | 000,000,000 | ---D | C] -- C:\Users\*******\Documents\Ferchau [2010.11.04 20:45:37 | 000,000,000 | ---D | C] -- C:\Users\*******\AppData\Roaming\skypePM [2010.11.04 20:43:03 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Skype [2010.11.04 20:43:02 | 000,000,000 | R--D | C] -- C:\Programme\Skype [2010.11.04 20:43:02 | 000,000,000 | ---D | C] -- C:\Users\*******\AppData\Roaming\Skype [2010.11.04 20:42:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype [2010.11.01 23:37:46 | 000,000,000 | ---D | C] -- C:\Users\*******\tipp10 [2010.11.01 23:37:41 | 000,000,000 | ---D | C] -- C:\Programme\Tipp10 [2010.10.27 10:50:36 | 000,000,000 | ---D | C] -- C:\Windows\System32\appmgmt [2010.10.27 09:13:33 | 000,641,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CPFilters.dll [2010.10.27 09:13:33 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdri.dll [2010.10.27 09:13:32 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax [2010.10.27 09:13:32 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax [2010.10.27 09:13:21 | 000,026,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Diskdump.sys [2010.10.26 19:50:01 | 000,000,000 | ---D | C] -- C:\ProgramData\TomTom [2010.10.26 19:48:55 | 000,000,000 | ---D | C] -- C:\Users\*******\Documents\TomTom [2010.10.26 19:48:36 | 000,000,000 | ---D | C] -- C:\Users\*******\AppData\Roaming\TomTom [2010.10.26 19:48:36 | 000,000,000 | ---D | C] -- C:\Users\*******\AppData\Local\TomTom [2010.10.19 09:12:29 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft IntelliPoint [2010.10.17 23:46:06 | 000,000,000 | ---D | C] -- C:\Users\*******\AppData\Roaming\Uniblue [2010.10.17 23:45:53 | 000,000,000 | ---D | C] -- C:\Programme\Uniblue [2010.10.17 23:45:41 | 000,000,000 | ---D | C] -- C:\Users\*******\AppData\Roaming\Canneverbe Limited [2010.10.17 23:45:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Canneverbe Limited [2010.10.17 23:45:31 | 000,000,000 | ---D | C] -- C:\Users\*******\AppData\Local\OpenCandy [2010.10.17 23:45:29 | 000,000,000 | ---D | C] -- C:\Users\*******\AppData\Roaming\OpenCandy [2010.10.17 23:45:28 | 000,000,000 | ---D | C] -- C:\Programme\CDBurnerXP [2010.10.17 22:43:36 | 000,000,000 | ---D | C] -- C:\WINXPCD [2010.10.17 22:39:57 | 000,000,000 | ---D | C] -- C:\WinSetupFromUSB [2010.10.17 17:57:48 | 000,000,000 | ---D | C] -- C:\Programme\Mouse Driver [2010.10.15 11:08:06 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Sibelius-Beispielpartituren [2010.10.14 13:44:30 | 000,000,000 | ---D | C] -- C:\Users\*******\Documents\Finale Files [2010.10.14 13:44:29 | 000,000,000 | ---D | C] -- C:\Users\*******\AppData\Roaming\MakeMusic [2010.10.14 13:43:36 | 000,000,000 | ---D | C] -- C:\ProgramData\MakeMusic [2010.10.14 13:43:31 | 000,000,000 | ---D | C] -- C:\PSFONTS [2010.10.14 13:43:31 | 000,000,000 | ---D | C] -- C:\Programme\Finale 2011 Demo [2010.10.14 09:12:39 | 000,000,000 | ---D | C] -- C:\Programme\ASIO4ALL v2 [2010.10.14 00:42:11 | 000,000,000 | ---D | C] -- C:\Users\*******\Documents\Partituren [2010.10.14 00:40:38 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Sibelius-First-Beispielpartituren [2010.10.14 00:38:13 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2010.10.14 00:38:13 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll [2010.10.14 00:38:13 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2010.10.14 00:38:13 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec [2010.10.14 00:38:13 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2010.10.14 00:38:13 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll [2010.10.14 00:38:13 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2010.10.14 00:38:13 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll [2010.10.14 00:38:13 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2010.10.14 00:38:13 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll [2010.10.14 00:38:13 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe [2010.10.14 00:38:10 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll [2010.10.14 00:38:09 | 000,954,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40.dll [2010.10.14 00:38:09 | 000,954,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfc40u.dll [2010.10.14 00:38:03 | 012,625,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL [2010.10.14 00:38:01 | 002,327,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2010.10.14 00:37:59 | 000,738,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll [2010.10.14 00:37:58 | 000,363,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\StructuredQuery.dll [2010.10.13 23:56:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Sibelius Software [2010.10.13 23:56:44 | 000,000,000 | ---D | C] -- C:\Users\*******\AppData\Roaming\Sibelius Software [2010.10.13 23:40:55 | 000,000,000 | ---D | C] -- C:\Users\*******\Documents\Scores [2010.10.13 23:40:04 | 000,000,000 | ---D | C] -- C:\Programme\Sibelius Software [2010.10.13 11:25:22 | 000,000,000 | ---D | C] -- C:\Users\*******\AppData\Roaming\JonDo [2010.10.13 11:23:51 | 000,000,000 | ---D | C] -- C:\Programme\JAP [2010.10.13 10:25:30 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Adobe [2010.10.13 10:25:30 | 000,000,000 | ---D | C] -- C:\Programme\Adobe [2010.10.12 18:48:18 | 000,000,000 | ---D | C] -- C:\Users\*******\AppData\Roaming\Anvil Studio [2010.10.12 18:48:06 | 000,000,000 | ---D | C] -- C:\Programme\Anvil Studio [2010.10.04 12:19:56 | 000,000,000 | ---D | C] -- C:\Users\*******\Desktop\HTML-Seminar [2010.10.04 07:04:05 | 000,000,000 | ---D | C] -- C:\Users\*******\AppData\Roaming\Webocton - Scriptly [2010.10.04 07:04:05 | 000,000,000 | ---D | C] -- C:\Programme\Webocton - Scriptly [2010.09.30 09:04:14 | 000,000,000 | ---D | C] -- C:\Windows\pss [2010.09.30 02:00:51 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ks.sys [2010.09.29 23:26:08 | 000,000,000 | ---D | C] -- C:\Programme\curl [2010.09.29 15:16:48 | 000,000,000 | ---D | C] -- C:\Programme\JDownloader [2010.09.29 14:39:47 | 000,000,000 | ---D | C] -- C:\Downloads [2010.09.29 14:38:56 | 000,000,000 | ---D | C] -- C:\Users\*******\AppData\Roaming\WinRAR [2010.09.29 14:37:23 | 000,000,000 | ---D | C] -- C:\Programme\7-Zip [2010.09.29 13:51:38 | 000,000,000 | ---D | C] -- C:\Users\*******\AppData\Roaming\GoPal Assistant [2010.09.29 13:48:15 | 000,000,000 | ---D | C] -- C:\Programme\Medion GoPal Assistant [2010.09.29 13:36:10 | 000,000,000 | ---D | C] -- C:\Windows\WindowsMobile [2010.09.29 04:27:00 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll [2010.09.29 01:15:19 | 000,000,000 | ---D | C] -- C:\Programme\Synaptics [2010.09.29 01:14:19 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Silverlight [2010.09.24 08:51:02 | 000,000,000 | ---D | C] -- C:\Users\*******\AppData\Local\Diagnostics [2010.09.21 23:29:50 | 000,000,000 | ---D | C] -- C:\Users\*******\AppData\Roaming\stickies [2010.09.21 23:29:50 | 000,000,000 | ---D | C] -- C:\Programme\stickies [2010.09.21 19:36:12 | 000,000,000 | ---D | C] -- C:\Users\*******\AppData\Roaming\NVIDIA [2010.09.21 19:36:08 | 000,000,000 | ---D | C] -- C:\Users\*******\AppData\Local\2K Games [2010.09.21 19:35:31 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_7.dll [2010.09.21 19:35:31 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_5.dll [2010.09.21 19:35:30 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_43.dll [2010.09.21 19:35:30 | 001,868,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_43.dll [2010.09.21 19:35:30 | 000,470,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_43.dll [2010.09.21 19:35:30 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_43.dll [2010.09.21 19:35:30 | 000,239,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_7.dll [2010.09.21 19:35:29 | 001,998,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_43.dll [2010.09.21 19:35:29 | 000,528,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_6.dll [2010.09.21 19:35:29 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_6.dll [2010.09.21 19:35:29 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_4.dll [2010.09.21 19:35:29 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_7.dll [2010.09.21 19:35:28 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_5.dll [2010.09.21 19:35:26 | 005,501,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dcsx_42.dll [2010.09.21 19:35:26 | 001,974,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_42.dll [2010.09.21 19:35:26 | 000,238,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_5.dll [2010.09.21 19:35:25 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_41.dll [2010.09.21 19:35:25 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_42.dll [2010.09.21 19:35:25 | 001,846,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_41.dll [2010.09.21 19:35:25 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_42.dll [2010.09.21 19:35:25 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_41.dll [2010.09.21 19:35:25 | 000,235,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx11_42.dll [2010.09.21 19:35:24 | 002,036,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_40.dll [2010.09.21 19:35:24 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_4.dll [2010.09.21 19:35:24 | 000,452,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_40.dll [2010.09.21 19:35:24 | 000,235,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_4.dll [2010.09.21 19:35:24 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_3.dll [2010.09.21 19:35:24 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_6.dll [2010.09.21 19:35:23 | 004,379,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_40.dll [2010.09.21 19:35:22 | 000,514,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_3.dll [2010.09.21 19:35:22 | 000,235,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_3.dll [2010.09.21 19:35:22 | 000,070,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_2.dll [2010.09.21 19:35:22 | 000,023,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_5.dll [2010.09.21 19:35:21 | 003,851,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_39.dll [2010.09.21 19:35:21 | 001,493,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_39.dll [2010.09.21 19:35:21 | 000,509,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_2.dll [2010.09.21 19:35:21 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_39.dll [2010.09.21 19:35:21 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_2.dll [2010.09.21 19:35:21 | 000,068,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_1.dll [2010.09.21 19:35:20 | 000,507,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_1.dll [2010.09.21 19:35:20 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_1.dll [2010.09.21 19:35:20 | 000,065,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_0.dll [2010.09.21 19:35:19 | 003,850,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_38.dll [2010.09.21 19:35:19 | 001,491,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_38.dll [2010.09.21 19:35:19 | 000,479,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_0.dll [2010.09.21 19:35:19 | 000,467,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_38.dll [2010.09.21 19:35:19 | 000,238,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine3_0.dll [2010.09.21 19:35:19 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_4.dll [2010.09.21 19:35:19 | 000,025,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_3.dll [2010.09.21 19:35:18 | 003,786,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DX9_37.dll [2010.09.21 19:35:18 | 001,420,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_37.dll [2010.09.21 19:35:18 | 000,462,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_37.dll [2010.09.21 19:35:18 | 000,267,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_10.dll [2010.09.21 19:35:17 | 003,734,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_36.dll [2010.09.21 19:35:17 | 001,374,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_36.dll [2010.09.21 19:35:17 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_36.dll [2010.09.21 19:35:16 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_35.dll [2010.09.21 19:35:16 | 001,358,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_35.dll [2010.09.21 19:35:16 | 000,444,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_35.dll [2010.09.21 19:35:16 | 000,267,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_9.dll [2010.09.21 19:35:15 | 003,497,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_34.dll [2010.09.21 19:35:15 | 001,124,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_34.dll [2010.09.21 19:35:15 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_34.dll [2010.09.21 19:35:15 | 000,266,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_8.dll [2010.09.21 19:35:15 | 000,081,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_3.dll [2010.09.21 19:35:15 | 000,017,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\X3DAudio1_2.dll [2010.09.21 19:35:14 | 003,495,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_33.dll [2010.09.21 19:35:14 | 001,123,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\D3DCompiler_33.dll [2010.09.21 19:35:14 | 000,443,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_33.dll [2010.09.21 19:35:14 | 000,261,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_7.dll [2010.09.21 19:35:13 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_32.dll [2010.09.21 19:35:13 | 000,440,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10.dll [2010.09.21 19:35:13 | 000,255,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_6.dll [2010.09.21 19:35:13 | 000,251,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_5.dll [2010.09.21 19:35:12 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_31.dll [2010.09.21 19:35:12 | 000,237,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_4.dll [2010.09.21 19:35:12 | 000,015,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_1.dll [2010.09.21 19:35:11 | 000,236,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_3.dll [2010.09.21 19:35:11 | 000,230,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_2.dll [2010.09.21 19:35:11 | 000,062,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_2.dll [2010.09.21 19:35:11 | 000,062,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xinput1_1.dll [2010.09.21 19:35:10 | 000,229,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_1.dll [2010.09.21 19:35:02 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_30.dll [2010.09.21 19:35:01 | 000,230,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xactengine2_0.dll [2010.09.21 19:35:01 | 000,014,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\x3daudio1_0.dll [2010.09.21 19:35:00 | 002,332,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_29.dll [2010.09.21 19:35:00 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_28.dll [2010.09.21 19:34:59 | 002,337,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_25.dll [2010.09.21 19:34:59 | 002,319,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_27.dll [2010.09.21 19:34:59 | 002,297,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_26.dll [2010.09.21 19:34:58 | 002,222,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_24.dll [2010.09.21 18:36:43 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Steam [2010.09.21 18:36:38 | 000,000,000 | ---D | C] -- C:\Programme\Steam [2010.09.21 18:31:45 | 000,000,000 | ---D | C] -- C:\Programme\FreePDF_XP [2010.09.21 18:31:45 | 000,000,000 | ---D | C] -- C:\ProgramData\FreePDF [2010.09.21 18:31:18 | 000,000,000 | ---D | C] -- C:\Programme\gs [2010.09.21 17:15:46 | 000,000,000 | ---D | C] -- C:\Programme\Application Updater [2010.09.21 17:15:45 | 000,000,000 | ---D | C] -- C:\Programme\pdfforge Toolbar [2010.09.21 17:12:23 | 000,137,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSMAPI32.OCX [2010.09.21 17:12:21 | 000,158,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSCMCDE.DLL [2010.09.21 17:12:21 | 000,125,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VB6DE.DLL [2010.09.21 17:12:21 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSCC2DE.DLL [2010.09.21 17:12:21 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSMPIDE.DLL [2010.09.21 17:12:21 | 000,000,000 | ---D | C] -- C:\Programme\PDFCreator [2010.09.21 15:54:16 | 000,000,000 | ---D | C] -- C:\Users\*******\AppData\Roaming\SportTracksExportToCsvPlugin [2010.09.21 12:41:00 | 000,176,128 | ---- | C] (Brother Industries, Ltd.) -- C:\Windows\System32\BroSNMP.dll [2010.09.21 12:41:00 | 000,073,728 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\BrDctF2.dll [2010.09.21 12:41:00 | 000,005,632 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\BrDctF2L.dll [2010.09.21 12:41:00 | 000,003,072 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\System32\BrDctF2S.dll [2010.09.21 12:40:53 | 000,167,936 | ---- | C] (brother) -- C:\Windows\System32\NSSearch.dll [2010.09.21 12:40:53 | 000,000,000 | ---D | C] -- C:\Programme\Brother [2010.09.21 12:40:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Brother [2010.09.21 12:40:02 | 000,000,000 | ---D | C] -- C:\Users\*******\AppData\Roaming\InstallShield [2010.09.21 12:18:36 | 000,000,000 | ---D | C] -- C:\Users\*******\AppData\Roaming\GARMIN [2010.09.21 00:07:35 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Java [2010.09.20 23:45:11 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe [2010.09.20 23:45:11 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe [2010.09.20 23:45:11 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe [2010.09.20 20:25:21 | 000,000,000 | ---D | C] -- C:\Users\*******\Documents\O-Laufwerk [2010.09.20 10:37:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun [2010.09.20 10:37:00 | 000,423,656 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll [2010.09.20 10:36:24 | 000,000,000 | ---D | C] -- C:\Programme\Java [2010.09.18 13:49:10 | 000,000,000 | ---D | C] -- C:\Users\*******\AppData\Roaming\Avira [2010.09.18 11:14:37 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHost.exe [2010.09.18 11:14:37 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationHostProxy.dll [2010.09.18 11:14:37 | 000,049,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\netfxperf.dll [2010.09.18 10:56:43 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\browserchoice.exe [2010.09.17 16:43:41 | 000,000,000 | ---D | C] -- C:\Users\*******\AppData\Roaming\hpqLog [2010.09.17 16:43:03 | 001,419,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\wdfcoinstaller01005.dll [2010.09.17 16:43:03 | 000,015,872 | ---- | C] (Hewlett-Packard Development Company, L.P.) -- C:\Windows\System32\drivers\HpqKbFiltr.sys [2010.09.17 16:43:01 | 001,885,488 | R--- | C] (Hewlett-Packard Company) -- C:\Windows\System32\BttnCmn.dll [2010.09.17 16:43:00 | 001,885,488 | ---- | C] (Hewlett-Packard Company) -- C:\Windows\System32\BttnCmns.dll [2010.09.17 16:43:00 | 000,000,000 | ---D | C] -- C:\Programme\Hewlett-Packard [2010.09.17 16:36:23 | 000,380,928 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\aestecap.dll [2010.09.17 16:36:23 | 000,140,288 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\aestacap.dll [2010.09.17 16:36:23 | 000,061,440 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\aestaren.dll [2010.09.17 16:36:22 | 012,628,060 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\idtcpl.cpl [2010.09.17 16:36:22 | 003,354,624 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\stlang.dll [2010.09.17 16:36:22 | 000,536,576 | ---- | C] (IDT, Inc.) -- C:\Windows\System32\idtmini1.exe [2010.09.17 16:36:22 | 000,495,708 | ---- | C] (IDT, Inc.) -- C:\Windows\sttray.exe [2010.09.17 16:36:22 | 000,086,016 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AESTCom.dll [2010.09.17 16:36:21 | 000,000,000 | ---D | C] -- C:\Windows\System32\SRSLabs [2010.09.17 16:35:22 | 000,000,000 | ---D | C] -- C:\Programme\IDT [2010.09.17 16:35:21 | 000,000,000 | -H-D | C] -- C:\Programme\InstallShield Installation Information [2010.09.17 16:34:42 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\LightScribe [2010.09.17 11:41:54 | 000,000,000 | ---D | C] -- C:\Users\*******\AppData\Roaming\IrfanView [2010.09.17 11:41:54 | 000,000,000 | ---D | C] -- C:\Programme\IrfanView [2010.09.17 11:14:19 | 000,000,000 | ---D | C] -- C:\Programme\Mozilla Firefox 4.0 Beta 6 [2010.09.17 09:44:37 | 000,427,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vbscript.dll [2010.09.17 09:44:11 | 000,197,632 | ---- | C] (Intel(R) Corporation) -- C:\Windows\System32\ir32_32.dll [2010.09.17 09:44:11 | 000,082,944 | ---- | C] (Radius Inc.) -- C:\Windows\System32\iccvid.dll [2010.09.17 09:44:09 | 002,614,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe [2010.09.17 09:44:03 | 001,037,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsasrv.dll [2010.09.17 09:44:03 | 000,133,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\ksecpkg.sys [2010.09.17 09:43:54 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rtutils.dll [2010.09.17 09:43:37 | 001,320,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CertEnroll.dll [2010.09.17 09:43:36 | 000,507,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winload.exe [2010.09.17 09:43:35 | 000,442,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winresume.exe [2010.09.17 09:43:31 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\asycfilt.dll [2010.09.17 09:43:27 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll [2010.09.17 09:43:25 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript.dll [2010.09.17 09:43:21 | 001,328,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll [2010.09.17 09:43:21 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\avifil32.dll [2010.09.17 09:43:21 | 000,084,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciavi32.dll [2010.09.17 09:43:20 | 003,899,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe [2010.09.17 09:43:19 | 003,955,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe [2010.09.17 09:43:12 | 000,369,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc.dll [2010.09.17 09:43:12 | 000,365,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_isv.dll [2010.09.17 09:43:12 | 000,324,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_isv.exe [2010.09.17 09:43:12 | 000,320,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate.exe [2010.09.17 09:43:12 | 000,280,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp.exe [2010.09.17 09:43:12 | 000,277,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RMActivate_ssp_isv.exe [2010.09.17 09:43:12 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp_isv.dll [2010.09.17 09:43:12 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secproc_ssp.dll [2010.09.17 09:39:10 | 000,293,888 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll [2010.09.17 09:39:10 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll [2010.09.17 09:39:10 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll [2010.09.16 21:08:26 | 000,000,000 | ---D | C] -- C:\Programme\Blade Runner [2010.09.16 21:06:59 | 000,299,008 | ---- | C] (InstallShield Corporation, Inc.) -- C:\Windows\unin0407.exe [2010.09.16 16:10:15 | 000,000,000 | ---D | C] -- C:\Users\*******\AppData\Roaming\Win7codecs [2010.09.16 16:10:07 | 000,000,000 | ---D | C] -- C:\Programme\Win7codecs [2010.09.16 16:09:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Win7codecs [2010.09.16 16:05:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe [2010.09.16 15:47:15 | 000,000,000 | --SD | C] -- C:\Users\*******\Documents\Meine Shapes [2010.09.16 15:42:10 | 000,000,000 | ---D | C] -- C:\Users\*******\AppData\Local\Adobe [2010.09.16 15:16:31 | 000,000,000 | R--D | C] -- C:\Users\*******\Documents\Documents [2010.09.16 13:40:02 | 000,000,000 | ---D | C] -- C:\Users\*******\AppData\Roaming\Miranda [2010.09.16 13:39:19 | 000,000,000 | ---D | C] -- C:\Programme\Miranda IM [2010.09.16 13:17:10 | 000,000,000 | ---D | C] -- C:\Programme\Windows SideShow [2010.09.16 13:12:36 | 000,000,000 | ---D | C] -- C:\Programme\Google [2010.09.16 13:12:31 | 000,000,000 | ---D | C] -- C:\Users\*******\AppData\Local\Google [2010.09.16 12:57:00 | 000,000,000 | ---D | C] -- C:\Users\*******\AppData\Local\ZoneFiveSoftware [2010.09.16 12:54:27 | 000,000,000 | ---D | C] -- C:\Programme\Zone Five Software [2010.09.16 12:54:21 | 000,000,000 | ---D | C] -- C:\ProgramData\ZoneFiveSoftware [2010.09.16 12:52:18 | 000,000,000 | ---D | C] -- C:\Programme\Winload [2010.09.16 11:04:25 | 000,000,000 | ---D | C] -- C:\Users\*******\AppData\Roaming\Macromedia [2010.09.16 11:04:25 | 000,000,000 | ---D | C] -- C:\Users\*******\AppData\Roaming\Adobe [2010.09.16 11:04:11 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed [2010.09.16 10:51:28 | 000,000,000 | ---D | C] -- C:\Programme\NOS [2010.09.16 10:51:28 | 000,000,000 | ---D | C] -- C:\ProgramData\NOS [2010.09.16 10:20:10 | 000,000,000 | ---D | C] -- C:\Programme\Elaborate Bytes [2010.09.16 10:07:22 | 000,691,696 | ---- | C] (Duplex Secure Ltd.) -- C:\Windows\System32\drivers\sptd.sys [2010.09.16 10:06:13 | 000,000,000 | ---D | C] -- C:\Users\*******\AppData\Roaming\DAEMON Tools Lite [2010.09.16 10:06:11 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite [2010.09.16 10:00:11 | 000,032,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msonpmon.dll [2010.09.16 09:59:19 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Works [2010.09.16 09:58:44 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Visual Studio [2010.09.16 09:58:44 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\DESIGNER [2010.09.16 09:58:15 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH [2010.09.16 09:58:15 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft.NET [2010.09.16 09:56:26 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Visual Studio 8 [2010.09.16 09:55:35 | 000,000,000 | ---D | C] -- C:\Users\*******\AppData\Local\Microsoft Help [2010.09.16 09:55:32 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Office [2010.09.16 09:55:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help [2010.09.16 09:54:32 | 000,000,000 | ---D | C] -- C:\Users\*******\AppData\Roaming\Mozilla [2010.09.16 09:54:32 | 000,000,000 | ---D | C] -- C:\Users\*******\AppData\Local\Mozilla [2010.09.16 09:43:07 | 000,000,000 | ---D | C] -- C:\Programme\Mozilla Firefox [2010.09.16 09:39:14 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation [2010.09.16 09:38:28 | 000,000,000 | ---D | C] -- C:\Programme\NVIDIA Corporation [2010.09.16 09:37:14 | 000,232,040 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcohda.dll [2010.09.16 09:37:14 | 000,105,576 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvhda32v.sys [2010.09.16 09:37:14 | 000,064,104 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvapo32v.dll [2010.09.16 09:37:14 | 000,026,216 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvhdap32.dll [2010.09.16 09:37:06 | 011,008,040 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys [2010.09.16 09:37:06 | 000,010,920 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvBridge.kmd [2010.09.16 09:37:05 | 005,107,816 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvwgf2um.dll [2010.09.16 09:37:05 | 000,056,936 | ---- | C] (Khronos Group) -- C:\Windows\System32\OpenCL.dll [2010.09.16 09:37:04 | 014,092,904 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvoglv32.dll [2010.09.16 09:37:04 | 009,818,728 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvd3dum.dll [2010.09.16 09:37:04 | 004,553,832 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuda.dll [2010.09.16 09:37:04 | 002,892,904 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvid.dll [2010.09.16 09:37:04 | 002,506,344 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvenc.dll [2010.09.16 09:37:04 | 000,314,984 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvdecodemft.dll [2010.09.16 09:37:02 | 010,267,240 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcompiler.dll [2010.09.16 09:37:02 | 000,236,136 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcod1922.dll [2010.09.16 09:37:02 | 000,236,136 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcod.dll [2010.09.16 09:36:55 | 000,000,000 | ---D | C] -- C:\NVIDIA [2010.09.16 09:29:01 | 000,000,000 | -HSD | C] -- C:\System Volume Information [2010.09.16 09:28:07 | 000,000,000 | ---D | C] -- C:\Users\*******\Documents\ForceField Shared Files [2010.09.16 09:28:07 | 000,000,000 | ---D | C] -- C:\Users\*******\AppData\Roaming\CheckPoint [2010.09.16 09:27:52 | 000,000,000 | ---D | C] -- C:\Programme\ZoneAlarm-Sicherheit [2010.09.16 09:27:52 | 000,000,000 | ---D | C] -- C:\Programme\Conduit [2010.09.16 09:27:31 | 000,000,000 | ---D | C] -- C:\Programme\CheckPoint [2010.09.16 09:27:29 | 000,046,592 | ---- | C] (Zone Labs Inc.) -- C:\Windows\System32\vsutil_loc0407.dll [2010.09.16 09:27:26 | 000,058,368 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\System32\vsregexp.dll [2010.09.16 09:27:11 | 000,240,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys [2010.09.16 09:27:04 | 000,103,936 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\System32\zlcommdb.dll [2010.09.16 09:27:04 | 000,069,120 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\System32\zlcomm.dll [2010.09.16 09:27:01 | 000,043,008 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\System32\vswmi.dll [2010.09.16 09:26:59 | 001,238,528 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\System32\zpeng25.dll [2010.09.16 09:26:58 | 000,110,080 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\System32\vsxml.dll [2010.09.16 09:26:52 | 000,302,592 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\System32\vspubapi.dll [2010.09.16 09:26:51 | 000,112,128 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\System32\vsdata.dll [2010.09.16 09:26:51 | 000,107,520 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\System32\vsmonapi.dll [2010.09.16 09:26:47 | 000,461,400 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\System32\drivers\vsdatant.sys [2010.09.16 09:26:47 | 000,000,000 | ---D | C] -- C:\Windows\System32\ZoneLabs [2010.09.16 09:26:45 | 000,000,000 | ---D | C] -- C:\Programme\Zone Labs [2010.09.16 09:26:21 | 000,000,000 | ---D | C] -- C:\ProgramData\CheckPoint [2010.09.16 09:26:20 | 000,713,728 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\System32\vsutil.dll [2010.09.16 09:26:20 | 000,228,864 | ---- | C] (Check Point Software Technologies LTD) -- C:\Windows\System32\vsinit.dll [2010.09.16 09:26:20 | 000,000,000 | ---D | C] -- C:\Windows\Internet Logs [2010.09.16 09:24:24 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys [2010.09.16 09:24:23 | 000,126,856 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys [2010.09.16 09:24:23 | 000,060,936 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys [2010.09.16 09:24:23 | 000,051,992 | ---- | C] (AVIRA GmbH) -- C:\Windows\System32\drivers\avgntdd.sys [2010.09.16 09:24:23 | 000,017,016 | ---- | C] (AVIRA GmbH) -- C:\Windows\System32\drivers\avgntmgr.sys [2010.09.16 09:24:23 | 000,000,000 | ---D | C] -- C:\Programme\Avira [2010.09.16 09:24:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira [2010.09.16 09:15:15 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA [2010.09.16 09:12:37 | 000,222,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe [2010.09.16 09:10:19 | 000,000,000 | -HSD | C] -- C:\Windows\Installer [2010.09.16 09:10:11 | 000,604,776 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvuninst.exe [2010.09.16 08:57:43 | 000,000,000 | R--D | C] -- C:\Users\*******\Searches [2010.09.16 08:57:28 | 000,000,000 | ---D | C] -- C:\Users\*******\AppData\Roaming\Identities [2010.09.16 08:57:26 | 000,000,000 | R--D | C] -- C:\Users\*******\Contacts [2010.09.16 08:57:20 | 000,000,000 | ---D | C] -- C:\Users\*******\AppData\Local\VirtualStore [2010.09.16 08:57:18 | 000,000,000 | --SD | C] -- C:\Users\*******\AppData\Roaming\Microsoft [2010.09.16 08:57:18 | 000,000,000 | R--D | C] -- C:\Users\*******\Videos [2010.09.16 08:57:18 | 000,000,000 | R--D | C] -- C:\Users\*******\Saved Games [2010.09.16 08:57:18 | 000,000,000 | R--D | C] -- C:\Users\*******\Pictures [2010.09.16 08:57:18 | 000,000,000 | R--D | C] -- C:\Users\*******\Music [2010.09.16 08:57:18 | 000,000,000 | R--D | C] -- C:\Users\*******\Links [2010.09.16 08:57:18 | 000,000,000 | R--D | C] -- C:\Users\*******\Favorites [2010.09.16 08:57:18 | 000,000,000 | R--D | C] -- C:\Users\*******\Downloads [2010.09.16 08:57:18 | 000,000,000 | R--D | C] -- C:\Users\*******\Documents [2010.09.16 08:57:18 | 000,000,000 | R--D | C] -- C:\Users\*******\Desktop [2010.09.16 08:57:18 | 000,000,000 | -HSD | C] -- C:\Users\*******\Vorlagen [2010.09.16 08:57:18 | 000,000,000 | -HSD | C] -- C:\Users\*******\AppData\Local\Verlauf [2010.09.16 08:57:18 | 000,000,000 | -HSD | C] -- C:\Users\*******\AppData\Local\Temporary Internet Files [2010.09.16 08:57:18 | 000,000,000 | -HSD | C] -- C:\Users\*******\Startmenü [2010.09.16 08:57:18 | 000,000,000 | -HSD | C] -- C:\Users\*******\SendTo [2010.09.16 08:57:18 | 000,000,000 | -HSD | C] -- C:\Users\*******\Recent [2010.09.16 08:57:18 | 000,000,000 | -HSD | C] -- C:\Users\*******\Netzwerkumgebung [2010.09.16 08:57:18 | 000,000,000 | -HSD | C] -- C:\Users\*******\Lokale Einstellungen [2010.09.16 08:57:18 | 000,000,000 | -HSD | C] -- C:\Users\*******\Documents\Eigene Videos [2010.09.16 08:57:18 | 000,000,000 | -HSD | C] -- C:\Users\*******\Documents\Eigene Musik [2010.09.16 08:57:18 | 000,000,000 | -HSD | C] -- C:\Users\*******\Eigene Dateien [2010.09.16 08:57:18 | 000,000,000 | -HSD | C] -- C:\Users\*******\Documents\Eigene Bilder [2010.09.16 08:57:18 | 000,000,000 | -HSD | C] -- C:\Users\*******\Druckumgebung [2010.09.16 08:57:18 | 000,000,000 | -HSD | C] -- C:\Users\*******\Cookies [2010.09.16 08:57:18 | 000,000,000 | -HSD | C] -- C:\Users\*******\AppData\Local\Anwendungsdaten [2010.09.16 08:57:18 | 000,000,000 | -HSD | C] -- C:\Users\*******\Anwendungsdaten [2010.09.16 08:57:18 | 000,000,000 | -H-D | C] -- C:\Users\*******\AppData [2010.09.16 08:57:18 | 000,000,000 | ---D | C] -- C:\Users\*******\AppData\Local\Temp [2010.09.16 08:57:18 | 000,000,000 | ---D | C] -- C:\Users\*******\AppData\Local\Microsoft [2010.09.16 08:57:18 | 000,000,000 | ---D | C] -- C:\Users\*******\AppData\Roaming\Media Center Programs [2010.09.16 08:57:09 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen [2010.09.16 08:57:09 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü [2010.09.16 08:57:09 | 000,000,000 | -HSD | C] -- C:\Recovery [2010.09.16 08:57:09 | 000,000,000 | -HSD | C] -- C:\Programme\Gemeinsame Dateien [2010.09.16 08:57:09 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten [2010.09.16 08:57:09 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos [2010.09.16 08:57:09 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik [2010.09.16 08:57:09 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder [2010.09.16 08:57:09 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente [2010.09.16 08:57:09 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten [2010.09.16 03:45:50 | 000,000,000 | ---D | C] -- C:\Windows\Panther [2010.09.16 02:49:52 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution [2010.09.16 02:46:41 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch [2010.09.16 00:00:16 | 000,000,000 | -HSD | C] -- C:\Programme [2010.09.16 00:00:15 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen [2010.09.15 23:45:00 | 000,000,000 | ---D | C] -- C:\Intel [2010.02.03 23:00:00 | 000,139,264 | ---- | C] ( ) -- C:\Windows\sipr3260.dll ========== Files - Modified Within 90 Days ========== [2010.11.07 01:13:24 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\*******\Desktop\OTL.exe [2010.11.07 01:10:04 | 000,000,979 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010.11.07 00:23:00 | 000,001,090 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2010.11.06 16:52:04 | 000,654,166 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2010.11.06 16:52:04 | 000,616,008 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2010.11.06 16:52:04 | 000,130,006 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2010.11.06 16:52:04 | 000,106,388 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2010.11.06 13:21:21 | 000,014,752 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2010.11.06 13:21:21 | 000,014,752 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2010.11.06 11:07:41 | 000,126,856 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys [2010.11.06 11:07:41 | 000,060,936 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys [2010.11.06 09:05:36 | 000,001,086 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2010.11.06 09:05:23 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2010.11.06 09:05:17 | 2413,719,552 | -HS- | M] () -- C:\hiberfil.sys [2010.11.06 00:23:57 | 000,002,286 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2010.11.04 20:45:41 | 000,000,056 | -H-- | M] () -- C:\ProgramData\ezsidmv.dat [2010.11.04 20:43:03 | 000,002,505 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk [2010.11.01 23:37:43 | 000,000,937 | ---- | M] () -- C:\Users\*******\Desktop\TIPP10.lnk [2010.11.01 21:15:52 | 000,000,984 | ---- | M] () -- C:\Users\*******\Desktop\Miranda IM.lnk [2010.10.29 08:27:53 | 000,014,633 | ---- | M] () -- C:\Users\*******\Documents\Branchenwechsel.docx [2010.10.29 00:26:59 | 000,736,086 | ---- | M] () -- C:\Users\*******\Documents\Unterkünfte Traunreut.xlsx [2010.10.29 00:15:08 | 000,079,204 | ---- | M] () -- C:\Users\*******\Desktop\Unterkünfte Traunreut3.pdf [2010.10.22 22:42:43 | 000,020,992 | ---- | M] () -- C:\Users\*******\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.10.19 13:23:02 | 000,457,248 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2010.10.19 10:41:44 | 000,222,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\MpSigStub.exe [2010.10.19 10:26:47 | 000,057,665 | ---- | M] () -- C:\Users\*******\Documents\Rohrmotor.docx [2010.10.19 09:12:46 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_point32_01009.Wdf [2010.10.18 13:53:18 | 000,056,356 | ---- | M] () -- C:\Users\*******\Documents\Kündigung Privatversicherung.docx [2010.10.18 13:07:51 | 000,057,106 | ---- | M] () -- C:\Users\*******\Documents\FERCHAU Engineering GmbH.docx [2010.10.17 23:45:57 | 000,001,054 | ---- | M] () -- C:\Users\Public\Desktop\RegistryBooster.lnk [2010.10.17 23:45:35 | 000,001,895 | ---- | M] () -- C:\Users\Public\Desktop\CDBurnerXP.lnk [2010.10.17 22:40:01 | 000,001,574 | ---- | M] () -- C:\Users\*******\Desktop\WinSetupFromUSB.lnk [2010.10.15 11:09:53 | 000,001,093 | ---- | M] () -- C:\Users\Public\Desktop\Sibelius 6.lnk [2010.10.14 13:44:07 | 000,001,014 | ---- | M] () -- C:\Users\Public\Desktop\Finale 2011 Demo.lnk [2010.10.14 00:46:40 | 000,000,604 | -H-- | M] () -- C:\Program Files\STFT Notifier [2010.10.14 00:42:11 | 000,001,141 | ---- | M] () -- C:\Users\Public\Desktop\Sibelius 6 First.lnk [2010.10.13 23:56:53 | 000,000,604 | -H-- | M] () -- C:\Program Files\STLL Notifier [2010.10.13 10:25:35 | 000,001,984 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk [2010.10.12 18:48:13 | 000,000,740 | ---- | M] () -- C:\Users\Public\Desktop\Anvil Studio.lnk [2010.10.08 18:44:09 | 000,326,726 | ---- | M] () -- C:\Users\*******\Documents\ERA-schaeffler.pdf [2010.10.04 07:04:16 | 000,001,919 | ---- | M] () -- C:\Users\*******\Desktop\Webocton - Scriptly.lnk [2010.10.03 16:23:23 | 000,319,813 | ---- | M] () -- C:\Users\*******\Documents\20101003_Anleitung_Klavierstimmen.pdf [2010.09.29 15:17:01 | 000,000,985 | ---- | M] () -- C:\Users\*******\Desktop\JDownloader.lnk [2010.09.29 13:36:50 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdRapi2_01_00_00.Wdf [2010.09.29 01:15:31 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01009.Wdf [2010.09.29 01:13:07 | 000,002,795 | ---- | M] () -- C:\Users\*******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office Outlook 2007.lnk [2010.09.21 23:29:50 | 000,000,603 | ---- | M] () -- C:\Windows\uninstallstickies.bat [2010.09.21 18:52:30 | 000,000,875 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk [2010.09.21 13:17:43 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf [2010.09.21 12:41:18 | 000,000,050 | ---- | M] () -- C:\Windows\System32\bridf06a.dat [2010.09.21 12:34:27 | 000,000,425 | ---- | M] () -- C:\Windows\BRWMARK.INI [2010.09.21 12:34:27 | 000,000,027 | ---- | M] () -- C:\Windows\BRPP2KA.INI [2010.09.20 10:32:30 | 000,002,697 | ---- | M] () -- C:\Users\*******\Desktop\Microsoft Office Word 2007.lnk [2010.09.17 11:44:44 | 000,000,136 | ---- | M] () -- C:\Users\*******\Desktop\studiVZ Bist Du schon drin.URL [2010.09.17 11:42:05 | 000,000,972 | ---- | M] () -- C:\Users\Public\Desktop\IrfanView.lnk [2010.09.17 11:14:23 | 000,002,077 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox 4.0 Beta 6.lnk [2010.09.16 21:09:07 | 000,002,272 | ---- | M] () -- C:\Users\*******\Desktop\SportTracks.lnk [2010.09.16 21:06:55 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2010.09.16 21:06:55 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2010.09.16 15:21:19 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf [2010.09.16 13:17:32 | 000,002,242 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk [2010.09.16 11:37:10 | 000,007,626 | ---- | M] () -- C:\Users\*******\AppData\Local\Resmon.ResmonCfg [2010.09.16 10:25:32 | 000,000,162 | ---- | M] () -- C:\Windows\ODBC.INI [2010.09.16 10:07:22 | 000,691,696 | ---- | M] (Duplex Secure Ltd.) -- C:\Windows\System32\drivers\sptd.sys [2010.09.16 09:43:11 | 000,001,885 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2010.09.16 09:28:20 | 000,421,442 | -H-- | M] () -- C:\Windows\System32\drivers\vsconfig.xml [2010.09.16 09:27:29 | 000,005,977 | ---- | M] () -- C:\Windows\System32\vsconfig.xml [2010.09.16 09:27:29 | 000,001,036 | ---- | M] () -- C:\Users\*******\Desktop\ZoneAlarm Security.lnk [2010.09.16 09:24:32 | 000,002,012 | ---- | M] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk [2010.09.16 03:45:38 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK [2010.09.16 02:50:57 | 000,057,035 | ---- | M] () -- C:\Windows\System32\license.rtf [2010.09.16 00:06:28 | 000,000,373 | -H-- | M] () -- C:\IPH.PH [2010.09.08 05:28:53 | 000,606,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll [2010.09.08 05:28:42 | 000,599,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2010.09.08 05:28:42 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll [2010.09.08 05:28:15 | 000,044,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll [2010.09.08 05:28:11 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2010.09.08 05:28:01 | 000,185,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll [2010.09.08 05:28:01 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2010.09.08 05:27:56 | 000,381,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2010.09.08 05:25:58 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe [2010.09.08 04:22:31 | 000,386,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec [2010.09.08 03:48:16 | 001,638,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2010.09.01 05:23:49 | 012,625,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wmploc.DLL [2010.09.01 03:34:52 | 002,327,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2010.08.31 05:32:30 | 000,954,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfc40.dll [2010.08.31 05:32:30 | 000,954,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mfc40u.dll [2010.08.26 05:39:58 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\t2embed.dll [2010.08.21 06:36:33 | 000,738,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wmpmde.dll ========== Files Created - No Company Name ========== [2010.11.07 01:10:04 | 000,000,979 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2010.11.04 20:45:41 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2010.11.04 20:43:03 | 000,002,505 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk [2010.11.01 23:37:43 | 000,000,937 | ---- | C] () -- C:\Users\*******\Desktop\TIPP10.lnk [2010.10.29 08:27:53 | 000,014,633 | ---- | C] () -- C:\Users\*******\Documents\Branchenwechsel.docx [2010.10.29 00:15:08 | 000,079,204 | ---- | C] () -- C:\Users\*******\Desktop\Unterkünfte Traunreut3.pdf [2010.10.22 22:39:04 | 000,736,086 | ---- | C] () -- C:\Users\*******\Documents\Unterkünfte Traunreut.xlsx [2010.10.22 12:38:13 | 2413,719,552 | -HS- | C] () -- C:\hiberfil.sys [2010.10.19 09:12:46 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_point32_01009.Wdf [2010.10.18 18:33:48 | 000,057,665 | ---- | C] () -- C:\Users\*******\Documents\Rohrmotor.docx [2010.10.18 13:53:18 | 000,056,356 | ---- | C] () -- C:\Users\*******\Documents\Kündigung Privatversicherung.docx [2010.10.17 23:45:57 | 000,001,054 | ---- | C] () -- C:\Users\Public\Desktop\RegistryBooster.lnk [2010.10.17 23:45:35 | 000,001,895 | ---- | C] () -- C:\Users\Public\Desktop\CDBurnerXP.lnk [2010.10.17 22:40:01 | 000,001,574 | ---- | C] () -- C:\Users\*******\Desktop\WinSetupFromUSB.lnk [2010.10.16 16:20:18 | 000,057,106 | ---- | C] () -- C:\Users\*******\Documents\FERCHAU Engineering GmbH.docx [2010.10.15 11:09:53 | 000,001,093 | ---- | C] () -- C:\Users\Public\Desktop\Sibelius 6.lnk [2010.10.14 13:44:07 | 000,001,014 | ---- | C] () -- C:\Users\Public\Desktop\Finale 2011 Demo.lnk [2010.10.14 00:46:40 | 000,000,604 | -H-- | C] () -- C:\Programme\STFT Notifier [2010.10.14 00:42:11 | 000,001,141 | ---- | C] () -- C:\Users\Public\Desktop\Sibelius 6 First.lnk [2010.10.13 23:56:53 | 000,000,604 | -H-- | C] () -- C:\Programme\STLL Notifier [2010.10.13 10:25:35 | 000,001,984 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk [2010.10.12 18:48:13 | 000,000,740 | ---- | C] () -- C:\Users\Public\Desktop\Anvil Studio.lnk [2010.10.08 18:44:09 | 000,326,726 | ---- | C] () -- C:\Users\*******\Documents\ERA-schaeffler.pdf [2010.10.04 07:04:16 | 000,001,919 | ---- | C] () -- C:\Users\*******\Desktop\Webocton - Scriptly.lnk [2010.10.03 16:23:23 | 000,319,813 | ---- | C] () -- C:\Users\*******\Documents\20101003_Anleitung_Klavierstimmen.pdf [2010.09.29 15:17:01 | 000,000,985 | ---- | C] () -- C:\Users\*******\Desktop\JDownloader.lnk [2010.09.29 13:36:50 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdRapi2_01_00_00.Wdf [2010.09.29 01:15:31 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_SynTP_01009.Wdf [2010.09.29 01:13:07 | 000,002,795 | ---- | C] () -- C:\Users\*******\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office Outlook 2007.lnk [2010.09.21 23:29:50 | 000,000,603 | ---- | C] () -- C:\Windows\uninstallstickies.bat [2010.09.21 18:36:40 | 000,000,875 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk [2010.09.21 18:31:46 | 000,116,224 | ---- | C] () -- C:\Windows\System32\redmonnt.dll [2010.09.21 18:31:46 | 000,045,056 | ---- | C] () -- C:\Windows\System32\unredmon.exe [2010.09.21 17:12:22 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll [2010.09.21 13:17:43 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf [2010.09.21 12:41:18 | 000,000,050 | ---- | C] () -- C:\Windows\System32\bridf06a.dat [2010.09.21 12:34:27 | 000,000,425 | ---- | C] () -- C:\Windows\BRWMARK.INI [2010.09.21 12:34:27 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI [2010.09.20 10:32:30 | 000,002,697 | ---- | C] () -- C:\Users\*******\Desktop\Microsoft Office Word 2007.lnk [2010.09.18 11:35:25 | 000,000,000 | ---- | C] () -- C:\Users\*******\AppData\Local\QSwitch.txt [2010.09.18 11:35:25 | 000,000,000 | ---- | C] () -- C:\Users\*******\AppData\Local\DSwitch.txt [2010.09.18 11:35:25 | 000,000,000 | ---- | C] () -- C:\Users\*******\AppData\Local\AtStart.txt [2010.09.17 16:36:22 | 000,015,222 | ---- | C] () -- C:\Windows\System32\nbspkrs.ico [2010.09.17 16:36:22 | 000,003,774 | ---- | C] () -- C:\Windows\System32\bltinmic.ico [2010.09.17 16:36:22 | 000,003,774 | ---- | C] () -- C:\Windows\System32\2hps.ico [2010.09.17 11:42:05 | 000,000,972 | ---- | C] () -- C:\Users\Public\Desktop\IrfanView.lnk [2010.09.17 11:35:05 | 000,000,136 | ---- | C] () -- C:\Users\*******\Desktop\studiVZ Bist Du schon drin.URL [2010.09.17 11:14:23 | 000,002,077 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox 4.0 Beta 6.lnk [2010.09.16 21:09:07 | 000,002,272 | ---- | C] () -- C:\Users\*******\Desktop\SportTracks.lnk [2010.09.16 21:06:55 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS [2010.09.16 21:06:55 | 000,000,000 | RHS- | C] () -- C:\IO.SYS [2010.09.16 20:28:19 | 000,020,992 | ---- | C] () -- C:\Users\*******\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.09.16 15:21:19 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf [2010.09.16 13:39:20 | 000,000,984 | ---- | C] () -- C:\Users\*******\Desktop\Miranda IM.lnk [2010.09.16 13:17:50 | 000,002,286 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2010.09.16 13:17:32 | 000,002,242 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk [2010.09.16 13:13:23 | 000,001,090 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2010.09.16 13:12:49 | 000,001,086 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2010.09.16 11:37:10 | 000,007,626 | ---- | C] () -- C:\Users\*******\AppData\Local\Resmon.ResmonCfg [2010.09.16 10:25:32 | 000,000,162 | ---- | C] () -- C:\Windows\ODBC.INI [2010.09.16 09:43:11 | 000,001,885 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2010.09.16 09:37:06 | 000,009,596 | ---- | C] () -- C:\Windows\System32\nvinfo.pb [2010.09.16 09:27:29 | 000,005,977 | ---- | C] () -- C:\Windows\System32\vsconfig.xml [2010.09.16 09:27:29 | 000,001,036 | ---- | C] () -- C:\Users\*******\Desktop\ZoneAlarm Security.lnk [2010.09.16 09:26:47 | 000,421,442 | -H-- | C] () -- C:\Windows\System32\drivers\vsconfig.xml [2010.09.16 09:24:32 | 000,002,012 | ---- | C] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk [2010.09.16 02:35:30 | 000,008,192 | RHS- | C] () -- C:\BOOTSECT.BAK [2010.09.16 00:05:59 | 000,000,373 | -H-- | C] () -- C:\IPH.PH [2010.07.26 09:13:40 | 000,108,032 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll [2010.06.23 11:35:52 | 000,790,528 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2010.06.23 11:35:52 | 000,134,144 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2009.08.16 09:08:36 | 000,178,176 | ---- | C] () -- C:\Windows\System32\unrar.dll [2009.07.14 00:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll [2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll [2007.02.05 19:05:26 | 000,000,038 | ---- | C] () -- C:\Windows\AviSplitter.INI [2002.06.06 01:01:58 | 000,029,696 | ---- | C] () -- C:\Windows\System32\asutl8.dll ========== LOP Check ========== [2010.10.12 19:17:05 | 000,000,000 | ---D | M] -- C:\Users\*******\AppData\Roaming\Anvil Studio [2010.10.17 23:45:41 | 000,000,000 | ---D | M] -- C:\Users\*******\AppData\Roaming\Canneverbe Limited [2010.09.16 09:28:07 | 000,000,000 | ---D | M] -- C:\Users\*******\AppData\Roaming\CheckPoint [2010.09.16 10:06:13 | 000,000,000 | ---D | M] -- C:\Users\*******\AppData\Roaming\DAEMON Tools Lite [2010.09.21 13:01:20 | 000,000,000 | ---D | M] -- C:\Users\*******\AppData\Roaming\GARMIN [2010.09.29 14:09:41 | 000,000,000 | ---D | M] -- C:\Users\*******\AppData\Roaming\GoPal Assistant [2010.09.17 11:41:54 | 000,000,000 | ---D | M] -- C:\Users\*******\AppData\Roaming\IrfanView [2010.10.13 11:25:42 | 000,000,000 | ---D | M] -- C:\Users\*******\AppData\Roaming\JonDo [2010.10.14 13:44:30 | 000,000,000 | ---D | M] -- C:\Users\*******\AppData\Roaming\MakeMusic [2010.09.16 13:40:02 | 000,000,000 | ---D | M] -- C:\Users\*******\AppData\Roaming\Miranda [2010.10.17 23:45:29 | 000,000,000 | ---D | M] -- C:\Users\*******\AppData\Roaming\OpenCandy [2010.09.21 15:55:04 | 000,000,000 | ---D | M] -- C:\Users\*******\AppData\Roaming\SportTracksExportToCsvPlugin [2010.09.30 23:43:42 | 000,000,000 | ---D | M] -- C:\Users\*******\AppData\Roaming\stickies [2010.10.26 19:48:36 | 000,000,000 | ---D | M] -- C:\Users\*******\AppData\Roaming\TomTom [2010.10.17 23:46:06 | 000,000,000 | ---D | M] -- C:\Users\*******\AppData\Roaming\Uniblue [2010.10.04 07:04:13 | 000,000,000 | ---D | M] -- C:\Users\*******\AppData\Roaming\Webocton - Scriptly [2010.09.16 16:10:15 | 000,000,000 | ---D | M] -- C:\Users\*******\AppData\Roaming\Win7codecs [2009.07.14 05:53:46 | 000,019,780 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT ========== Purity Check ========== < End of report > Code:
ATTFilter Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Datenbank Version: 5064 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 07.11.2010 01:31:56 mbam-log-2010-11-07 (01-31-56).txt Art des Suchlaufs: Quick-Scan Durchsuchte Objekte: 144254 Laufzeit: 5 Minute(n), 43 Sekunde(n) Infizierte Speicherprozesse: 0 Infizierte Speichermodule: 0 Infizierte Registrierungsschlüssel: 0 Infizierte Registrierungswerte: 0 Infizierte Dateiobjekte der Registrierung: 0 Infizierte Verzeichnisse: 0 Infizierte Dateien: 0 Infizierte Speicherprozesse: (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: (Keine bösartigen Objekte gefunden) Infizierte Dateien: (Keine bösartigen Objekte gefunden) mfg kaff |
08.11.2010, 00:01 | #2 | |
/// Winkelfunktion /// TB-Süch-Tiger™ | AntiVir Fund tr/dynameter.dtc.562Zitat:
Welchen Sinn und Zweck hat diese Datei, aus welcher Quelle stammt sie?
__________________ |
08.11.2010, 00:13 | #3 |
| AntiVir Fund tr/dynameter.dtc.562 Es war ein PhysX Patch für meine GForce Grafikkarte. Hab ich für das Spiel Mafia 2 gebraucht um noch mehr aus dem Spiel herauszuholen. Ich bin mir allerdings nicht sicher woher ich den Patch habe. Kann sein, dass ich ihn nicht von der original NVIDEA homepage habe. Den genauen Pfad weiß ich nicht mehr. Hab den Patch aber normalerweise von meinem Downloadordner aus geöffnet.
__________________Gruß kaff |
08.11.2010, 00:16 | #4 |
/// Winkelfunktion /// TB-Süch-Tiger™ | AntiVir Fund tr/dynameter.dtc.562 Poste mal das Log von AntiVir.
__________________ Logfiles bitte immer in CODE-Tags posten |
08.11.2010, 00:39 | #5 |
| AntiVir Fund tr/dynameter.dtc.562 ah ok, da stehts. im logfile von antivir: Code:
ATTFilter Die Datei 'C:\Users\*******\Downloads\physxp_240_en.exe' enthielt einen Virus oder unerwünschtes Programm 'TR/Dynamer.dtc.562' [trojan]. Durchgeführte Aktion(en): Die Datei wurde gelöscht. |
08.11.2010, 00:58 | #6 |
/// Winkelfunktion /// TB-Süch-Tiger™ | AntiVir Fund tr/dynameter.dtc.562 Und du hast keinen blassen Schimmer woher die Datei stammt? Gibt es noch weitere Logs von malwarebytes? Pro Durchgang gibt es nämlich ein Log. Wenn Du nur einen Scan gemacht hast, dann gibts auch nur ein Log. Aber vllt hast Du zuvor schon Scans gemacht.
__________________ --> AntiVir Fund tr/dynameter.dtc.562 |
08.11.2010, 18:56 | #7 |
| AntiVir Fund tr/dynameter.dtc.562 hab leider keinen scan davor gemacht. hab malewarebytes erst aufgrund des forums runtergeladen. kann man feststellen, ob der virus ne verbindung mit dem internet hergestellt hat? |
09.11.2010, 01:33 | #8 |
/// Winkelfunktion /// TB-Süch-Tiger™ | AntiVir Fund tr/dynameter.dtc.562 Im Nachhinein lässt sich sowas garnicht feststellen wenn nichts protokolliert wurde. Bitte routinemäßig einen Vollscan mit Malwarebytes machen und Log posten. Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!
__________________ Logfiles bitte immer in CODE-Tags posten |
Themen zu AntiVir Fund tr/dynameter.dtc.562 |
.com, .dll, adblock, adobe, antivir, avg, avgntflt.sys, avira, bho, checkpoint, components, conduit, conhost.exe, corp./icp, defender, error, excel.exe, explorer, firefox, firefox.exe, fontcache, format, frage, installation, langs, location, media center, microsoft office word, mozilla, msvcr80.dll, nvlddmkm.sys, nvstor.sys, oldtimer, otl.exe, pdfforge toolbar, plug-in, port, programdata, realtek, registry, scan, sched.exe, searchplugins, searchsettings.dll, security, senden, software, spigot, sptd.sys, start menu, sttray.exe, taskhost.exe, virus, webcheck, windows, winload toolbar |