otl logs. Virus? bekomme ständig ein fenster geöfnett kriege es nicht mehr weg

Boobbii · 22.02.2011, 18:09

Das ist der Scan den ich von Otl. bekommen habe:
OTL Logfile:

Code:

ATTFilter

OTL logfile created on: 21.02.2011 20:57:45 - Run 2
OTL by OldTimer - Version 3.2.20.6     Folder = c:\Users\BH-ANATICOS\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19019)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 45,00% Memory free
4,00 Gb Paging File | 3,00 Gb Available in Paging File | 68,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 143,79 Gb Total Space | 26,89 Gb Free Space | 18,70% Space Free | Partition Type: NTFS
Drive D: | 5,26 Gb Total Space | 1,20 Gb Free Space | 22,75% Space Free | Partition Type: NTFS
 
Computer Name: BH-ANATICOS-PC | User Name: BH-ANATICOS | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\BH-ANA~1\AppData\Local\Temp\PMc8MbaT4.exe (Microsoft)
PRC - C:\Users\BH-ANA~1\AppData\Local\Temp\Rnzj1V59G.exe (Microsoft)
PRC - c:\Users\BH-ANATICOS\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Users\BH-ANATICOS\AppData\Roaming\AutoChks.exe ()
PRC - C:\Programme\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
PRC - C:\Programme\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
PRC - C:\Programme\Verbindungsassistent\WTGService.exe ()
PRC - C:\Users\BH-ANATICOS\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Programme\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe (TuneUp Software)
PRC - C:\Programme\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe (TuneUp Software)
PRC - C:\ProgramData\{722D8884-F460-431D-AAAA-F508F3062631}\Server.exe (SlySoft Inc.)
PRC - C:\Programme\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\WINDOWS\System32\FsUsbExService.Exe (Teruten)
PRC - C:\Programme\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
PRC - C:\Programme\Windows Defender\MSASCui.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
PRC - C:\Programme\HP\QuickPlay\Kernel\TV\CLSched.exe ()
PRC - C:\Programme\HP\QuickPlay\Kernel\TV\CLCapSvc.exe ()
 
 
========== Modules (SafeList) ==========
 
MOD - c:\Users\BH-ANATICOS\Downloads\OTL.exe (OldTimer Tools)
MOD - C:\Programme\Alwil Software\Avast5\snxhk.dll (AVAST Software)
MOD - C:\WINDOWS\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll (Microsoft Corporation)
MOD - C:\WINDOWS\System32\vbscript.dll (Microsoft Corporation)
MOD - C:\WINDOWS\System32\wbem\wmiutils.dll (Microsoft Corporation)
MOD - C:\WINDOWS\System32\wbem\wbemsvc.dll (Microsoft Corporation)
MOD - C:\WINDOWS\System32\wbem\wbemprox.dll (Microsoft Corporation)
MOD - C:\WINDOWS\System32\wbem\fastprox.dll (Microsoft Corporation)
MOD - C:\WINDOWS\System32\rsaenh.dll (Microsoft Corporation)
MOD - C:\WINDOWS\System32\wbem\wbemdisp.dll (Microsoft Corporation)
MOD - C:\WINDOWS\System32\wbemcomn.dll (Microsoft Corporation)
MOD - C:\WINDOWS\System32\sxs.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV - (LiveUpdate Notice Ex) --  File not found
SRV - (CLTNetCnService) --  File not found
SRV - (FontCache) -- C:\WINDOWS\System32\FntCache.dll (Microsoft Corporation)
SRV - (avast! Antivirus) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe (AVAST Software)
SRV - (WTGService) -- C:\Programme\Verbindungsassistent\WTGService.exe ()
SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe (TuneUp Software)
SRV - (UxTuneUp) -- C:\WINDOWS\System32\uxtuneup.dll (TuneUp Software)
SRV - (WinHttpAutoProxySvc) -- winhttp.dll (Microsoft Corporation)
SRV - (GJService) -- C:\ProgramData\{722D8884-F460-431D-AAAA-F508F3062631}\Server.exe (SlySoft Inc.)
SRV - (WPFFontCache_v0400) -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (Fabs) -- C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)
SRV - (FsUsbExService) -- C:\WINDOWS\System32\FsUsbExService.Exe (Teruten)
SRV - (YahooAUService) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
SRV - (FirebirdServerMAGIXInstance) -- C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe (MAGIX®)
SRV - (LiveUpdate Notice Service) -- C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (LiveUpdate) -- C:\Programme\Symantec\LiveUpdate\LuComServer_3_2.EXE (Symantec Corporation)
SRV - (Automatisches LiveUpdate - Scheduler) -- C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (Symantec Corporation)
SRV - (CLSched) CyberLink Task Scheduler (CTS) -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe ()
SRV - (CLCapSvc) CyberLink Background Capture Service (CBCS) -- C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe ()
SRV - (AddFiltr) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe (Hewlett-Packard Development Company, L.P.)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (sptd) -- C:\Windows\System32\Drivers\sptd.sys ()
DRV - (aswSP) -- C:\Windows\System32\drivers\aswSP.sys (AVAST Software)
DRV - (aswTdi) -- C:\Windows\System32\drivers\aswTdi.sys (AVAST Software)
DRV - (aswRdr) -- C:\Windows\System32\drivers\aswRdr.sys (AVAST Software)
DRV - (aswMonFlt) -- C:\WINDOWS\System32\drivers\aswMonFlt.sys (AVAST Software)
DRV - (aswFsBlk) -- C:\Windows\System32\drivers\aswFsBlk.sys (AVAST Software)
DRV - (TuneUpUtilitiesDrv) -- C:\Programme\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys (TuneUp Software)
DRV - (Maplom) -- C:\Windows\System32\drivers\maplom.sys (SlySoft Inc.)
DRV - (MaplomL) -- C:\Windows\System32\drivers\maploml.sys (SlySoft Inc.)
DRV - (acedrv11) -- C:\WINDOWS\System32\drivers\acedrv11.sys (Protect Software GmbH)
DRV - (FsUsbExDisk) -- C:\WINDOWS\System32\FsUsbExDisk.Sys ()
DRV - (hwdatacard) -- C:\WINDOWS\System32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV - (SynTP) -- C:\WINDOWS\System32\drivers\SynTP.sys (Synaptics, Inc.)
DRV - (sscdmdm) -- C:\WINDOWS\System32\drivers\sscdmdm.sys (MCCI Corporation)
DRV - (sscdmdfl) -- C:\WINDOWS\System32\drivers\sscdmdfl.sys (MCCI Corporation)
DRV - (sscdbus) SAMSUNG USB Composite Device driver (WDM) -- C:\WINDOWS\System32\drivers\sscdbus.sys (MCCI Corporation)
DRV - (nvstor) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation)
DRV - (XAudio) -- C:\WINDOWS\System32\drivers\XAudio.sys (Conexant Systems, Inc.)
DRV - (HSF_DPV) -- C:\WINDOWS\System32\drivers\HSX_DPV.sys (Conexant Systems, Inc.)
DRV - (HSXHWAZL) -- C:\WINDOWS\System32\drivers\HSXHWAZL.sys (Conexant Systems, Inc.)
DRV - (winachsf) -- C:\WINDOWS\System32\drivers\HSX_CNXT.sys (Conexant Systems, Inc.)
DRV - (NVENETFD) -- C:\WINDOWS\System32\drivers\nvmfdx32.sys (NVIDIA Corporation)
DRV - (R5U870FLx86) -- C:\WINDOWS\System32\drivers\R5U870FLx86.sys (Ricoh)
DRV - (R5U870FUx86) -- C:\WINDOWS\System32\drivers\R5U870FUx86.sys (Ricoh)
DRV - (nvlddmkm) -- C:\WINDOWS\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (HdAudAddService) -- C:\WINDOWS\System32\drivers\CHDART.sys (Conexant Systems Inc.)
DRV - (BCM43XX) -- C:\WINDOWS\System32\drivers\BCMWL6.SYS (Broadcom Corporation)
DRV - (BCM43XV) -- C:\WINDOWS\System32\drivers\BCMWL6.SYS (Broadcom Corporation)
DRV - (rimmptsk) -- C:\WINDOWS\System32\drivers\rimmptsk.sys (REDC)
DRV - (rimsptsk) -- C:\WINDOWS\System32\drivers\rimsptsk.sys (REDC)
DRV - (rismxdp) -- C:\WINDOWS\System32\drivers\rixdptsk.sys (REDC)
DRV - (ql2300) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation)
DRV - (adp94xx) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.)
DRV - (elxstor) -- C:\Windows\system32\drivers\elxstor.sys (Emulex)
DRV - (adpahci) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.)
DRV - (uliahci) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.)
DRV - (iaStorV) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation)
DRV - (adpu320) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.)
DRV - (ulsata2) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.)
DRV - (vsmraid) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd)
DRV - (ql40xx) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation)
DRV - (UlSata) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.)
DRV - (adpu160m) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.)
DRV - (nvraid) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation)
DRV - (nfrd960) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation)
DRV - (iirsp) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH)
DRV - (SiSRaid4) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems)
DRV - (aic78xx) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.)
DRV - (arcsas) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.)
DRV - (LSI_SCSI) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic)
DRV - (SiSRaid2) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.)
DRV - (HpCISSs) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company)
DRV - (arc) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.)
DRV - (iteraid) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.)
DRV - (iteatapi) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.)
DRV - (LSI_SAS) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic)
DRV - (Symc8xx) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic)
DRV - (LSI_FC) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic)
DRV - (Sym_u3) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic)
DRV - (Mraid35x) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation)
DRV - (Sym_hi) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic)
DRV - (megasas) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation)
DRV - (viaide) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.)
DRV - (cmdide) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.)
DRV - (aliide) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.)
DRV - (Brserid) Brother MFC Serial Port Interface Driver (WDM) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.)
DRV - (BrUsbSer) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.)
DRV - (BrFiltUp) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.)
DRV - (BrFiltLo) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.)
DRV - (BrSerWdm) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.)
DRV - (BrUsbMdm) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.)
DRV - (HSFHWAZL) -- C:\WINDOWS\System32\drivers\VSTAZL3.SYS (Conexant Systems, Inc.)
DRV - (ntrigdigi) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies)
DRV - (E1G60) Intel(R) -- C:\WINDOWS\System32\drivers\E1G60I32.sys (Intel Corporation)
DRV - (ialm) -- C:\WINDOWS\System32\drivers\igdkmd32.sys (Intel Corporation)
DRV - (nvsmu) -- C:\WINDOWS\System32\drivers\nvsmu.sys (NVIDIA Corporation)
DRV - (eabfiltr) -- C:\WINDOWS\System32\drivers\eabfiltr.sys (Hewlett-Packard Development Company, L.P.)
DRV - (HBtnKey) -- C:\WINDOWS\System32\drivers\CPQBttn.sys (Hewlett-Packard Development Company, L.P.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = HPNoteBook | MSN
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = HPNoteBook | MSN
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://start.facemoods.com/?a=stonicde&s={searchTerms}&f=4
IE - HKLM\..\URLSearchHook: {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Programme\MyAshampoo\tbMyAs.dll (Conduit Ltd.)
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-1649050749-3500846142-1385654425-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2475029
IE - HKU\S-1-5-21-1649050749-3500846142-1385654425-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-1649050749-3500846142-1385654425-1000\..\URLSearchHook: {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Programme\MyAshampoo\tbMyAs.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-1649050749-3500846142-1385654425-1000\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
IE - HKU\S-1-5-21-1649050749-3500846142-1385654425-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.selectedEngine: "Search"
FF - prefs.js..browser.startup.homepage: "hxxp://start.facemoods.com/?a=stonicde"
FF - prefs.js..keyword.URL: "hxxp://start.facemoods.com/results.php?f=5&a=stonicde&q="
 
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010.11.29 11:04:56 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 4.0b11\extensions\\Components: C:\Program Files\Mozilla Firefox 4.0 Beta 8\components [2011.02.15 18:10:21 | 000,000,000 | ---D | M]
 
[2011.01.04 21:59:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\BH-ANATICOS\AppData\Roaming\mozilla\Extensions
[2011.02.20 19:57:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\BH-ANATICOS\AppData\Roaming\mozilla\Firefox\Profiles\u1x4m2zj.default\extensions
[2011.02.20 13:08:41 | 000,000,000 | ---D | M] (MyAshampoo Toolbar) -- C:\Users\BH-ANATICOS\AppData\Roaming\mozilla\Firefox\Profiles\u1x4m2zj.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}
[2011.02.20 19:57:34 | 000,000,000 | ---D | M] (VMN Toolbar) -- C:\Users\BH-ANATICOS\AppData\Roaming\mozilla\Firefox\Profiles\u1x4m2zj.default\extensions\{fbc8441e-a153-45b0-8e93-87521a5812a1}
[2011.02.12 01:16:04 | 000,000,000 | ---D | M] (Facemoods) -- C:\Users\BH-ANATICOS\AppData\Roaming\mozilla\Firefox\Profiles\u1x4m2zj.default\extensions\ffxtlbr@Facemoods.com
File not found (No name found) -- 
[2010.11.29 11:04:56 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\PROGRAMDATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT
() (No name found) -- C:\USERS\BH-ANATICOS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\U1X4M2ZJ.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\USERS\BH-ANATICOS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\U1X4M2ZJ.DEFAULT\EXTENSIONS\TESTPILOT@LABS.MOZILLA.COM.XPI
[2010.09.01 19:24:52 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2010.09.28 17:14:06 | 000,002,040 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\fcmdSrchstonicde.xml
 
O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\WINDOWS\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Programme\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (CescrtHlpr Object) - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Programme\facemoods.com\facemoods\1.4.17.3\bh\facemoods.dll (facemoods.com BHO)
O2 - BHO: (VMN Toolbar Astro Gemini) - {A057A204-BACC-4D26-8287-79A187E26987} - C:\Programme\vmntoolbar\vmntoolbar.dll (Visicom Media Inc.                           )
O2 - BHO: (MyAshampoo Toolbar) - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Programme\MyAshampoo\tbMyAs.dll (Conduit Ltd.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Programme\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (VMN Toolbar Astro Gemini) - {A057A204-BACC-4D26-8287-79A187E26987} - C:\Programme\vmntoolbar\vmntoolbar.dll (Visicom Media Inc.                           )
O3 - HKLM\..\Toolbar: (MyAshampoo Toolbar) - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Programme\MyAshampoo\tbMyAs.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (facemoods Toolbar) - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Programme\facemoods.com\facemoods\1.4.17.3\facemoodsTlbr.dll (facemoods.com)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programme\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
O3 - HKU\S-1-5-21-1649050749-3500846142-1385654425-1000\..\Toolbar\WebBrowser: (no name) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - No CLSID value found.
O3 - HKU\S-1-5-21-1649050749-3500846142-1385654425-1000\..\Toolbar\WebBrowser: (MyAshampoo Toolbar) - {A1E75A0E-4397-4BA8-BB50-E19FB66890F4} - C:\Programme\MyAshampoo\tbMyAs.dll (Conduit Ltd.)
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [facemoods] C:\Program Files\facemoods.com\facemoods\1.4.17.3\facemoodssrv.exe (facemoods.com)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvSvc] C:\Windows\System32\nvsvc.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [Symantec PIF AlertEng] C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe (Symantec Corporation)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-1649050749-3500846142-1385654425-1000..\Run: [Auto Check Utility] C:\Users\BH-ANATICOS\AppData\Roaming\AutoChks.exe ()
O4 - HKU\S-1-5-21-1649050749-3500846142-1385654425-1000..\Run: [Windows Audio Service] C:\Users\BH-ANA~1\AppData\Local\Temp\audio.exe (Microsoft)
O4 - HKU\S-1-5-21-1649050749-3500846142-1385654425-1000..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: [Launcher] C:\WINDOWS\SMINST\Launcher.exe (soft thinks)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-1649050749-3500846142-1385654425-1000\..Trusted Domains: conduit.com ([search] http in Lokales Intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab (Java Plug-in 1.6.0)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 193.189.250.99 193.189.244.205
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\BH-ANATICOS\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\BH-ANATICOS\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O27 - HKLM IFEO\hpwucli.exe: Debugger - "C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe" (TuneUp Software)
O27 - HKLM IFEO\pifsvc.exe: Debugger - "C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe" (TuneUp Software)
O27 - HKLM IFEO\stax.exe: Debugger - "C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe" (TuneUp Software)
O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2005.09.11 16:18:54 | 000,000,340 | -HS- | M] () - D:\AUTOMODE -- [ NTFS ]
O33 - MountPoints2\{055e3545-061e-11e0-851a-a128879cc8c6}\Shell - "" = AutoRun
O33 - MountPoints2\{055e3545-061e-11e0-851a-a128879cc8c6}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{055e3593-061e-11e0-851a-bfe009580507}\Shell - "" = AutoRun
O33 - MountPoints2\{055e3593-061e-11e0-851a-bfe009580507}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{055e3595-061e-11e0-851a-bfe009580507}\Shell - "" = AutoRun
O33 - MountPoints2\{055e3595-061e-11e0-851a-bfe009580507}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{055e3597-061e-11e0-851a-bfe009580507}\Shell - "" = AutoRun
O33 - MountPoints2\{055e3597-061e-11e0-851a-bfe009580507}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{49a342c4-9ab8-11df-9c9d-001b243c6844}\Shell - "" = AutoRun
O33 - MountPoints2\{49a342c4-9ab8-11df-9c9d-001b243c6844}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{49a342c5-9ab8-11df-9c9d-001b243c6844}\Shell - "" = AutoRun
O33 - MountPoints2\{49a342c5-9ab8-11df-9c9d-001b243c6844}\Shell\AutoRun\command - "" = I:\AutoRun.exe
O33 - MountPoints2\{63ee2bdd-a498-11df-8604-001b243c6844}\Shell - "" = AutoRun
O33 - MountPoints2\{63ee2bdd-a498-11df-8604-001b243c6844}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{63ee2bdf-a498-11df-8604-001b243c6844}\Shell - "" = AutoRun
O33 - MountPoints2\{63ee2bdf-a498-11df-8604-001b243c6844}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{8fa4b402-9b38-11df-93a1-001b243c6844}\Shell - "" = AutoRun
O33 - MountPoints2\{8fa4b402-9b38-11df-93a1-001b243c6844}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{8fa4b462-9b38-11df-93a1-001b243c6844}\Shell - "" = AutoRun
O33 - MountPoints2\{8fa4b462-9b38-11df-93a1-001b243c6844}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{9eab63b1-f657-11df-8cf8-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{9eab63b1-f657-11df-8cf8-806e6f6e6963}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{c07effeb-9a85-11df-8105-001b243c6844}\Shell - "" = AutoRun
O33 - MountPoints2\{c07effeb-9a85-11df-8105-001b243c6844}\Shell\AutoRun\command - "" = I:\LaunchU3.exe -a
O33 - MountPoints2\{f46b9162-f7dc-11df-bb16-e6e8b5163f58}\Shell - "" = AutoRun
O33 - MountPoints2\{f46b9162-f7dc-11df-bb16-e6e8b5163f58}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O33 - MountPoints2\I\Shell - "" = AutoRun
O33 - MountPoints2\I\Shell\AutoRun\command - "" = I:\AutoRun.exe
O33 - MountPoints2\J\Shell - "" = AutoRun
O33 - MountPoints2\J\Shell\AutoRun\command - "" = J:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.02.21 20:35:09 | 000,000,000 | ---D | C] -- C:\_OTL
[2011.02.21 07:44:26 | 000,000,000 | ---D | C] -- C:\Users\BH-ANATICOS\AppData\Local\SkinSoft
[2011.02.21 07:44:13 | 000,000,000 | -H-D | C] -- C:\Users\BH-ANATICOS\AppData\Local\{3A7C3760-0067-4DFD-914C-018D63CF006A}
[2011.02.21 07:43:44 | 000,000,000 | ---D | C] -- C:\Programme\Eziriz
[2011.02.21 07:43:44 | 000,000,000 | ---D | C] -- C:\Users\BH-ANATICOS\Documents\.NET Reactor SDK Test Apps
[2011.02.21 07:43:44 | 000,000,000 | ---D | C] -- C:\Users\BH-ANATICOS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\.NET Reactor
[2011.02.20 22:57:07 | 000,000,000 | ---D | C] -- C:\Users\BH-ANATICOS\AppData\Roaming\Uniblue
[2011.02.20 22:53:16 | 000,000,000 | ---D | C] -- C:\Users\BH-ANATICOS\AppData\Local\PackageAware
[2011.02.20 19:49:54 | 000,722,944 | ---- | C] (Digital Minds Software) -- C:\Windows\System32\Sea Storm 3D Screensaver.scr
[2011.02.20 19:33:27 | 000,092,728 | ---- | C] (Un4seen Developments) -- C:\Windows\System32\attach.bass
[2011.02.20 19:13:16 | 000,000,000 | ---D | C] -- C:\Users\BH-ANATICOS\AppData\Roaming\TERMINAL Studio
[2011.02.20 18:51:06 | 000,000,000 | ---D | C] -- C:\Programme\CA VMN Anti-Spyware
[2011.02.20 18:50:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Astro Gemini Software
[2011.02.20 18:50:30 | 001,056,768 | ---- | C] (FreeImage) -- C:\Windows\System32\FreeImage.dll
[2011.02.20 17:43:42 | 000,000,000 | ---D | C] -- C:\Users\BH-ANATICOS\Documents\MAGIX_MusicEditor
[2011.02.20 17:36:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX
[2011.02.20 17:35:19 | 000,000,000 | ---D | C] -- C:\Programme\MAGIX
[2011.02.20 17:34:19 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\MAGIX Services
[2011.02.20 17:13:13 | 000,000,000 | ---D | C] -- C:\Users\BH-ANATICOS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Talisman 3
[2011.02.20 17:13:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Talisman 3
[2011.02.20 17:11:37 | 000,000,000 | ---D | C] -- C:\Programme\Talisman 3
[2011.02.20 13:08:47 | 000,000,000 | ---D | C] -- C:\Programme\MyAshampoo
[2011.02.20 13:07:57 | 000,000,000 | ---D | C] -- C:\Windows\RegisteredPackages
[2011.02.20 13:07:56 | 000,000,000 | -H-D | C] -- C:\Windows\msdownld.tmp
[2011.02.20 13:07:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media
[2011.02.20 13:07:52 | 000,000,000 | ---D | C] -- C:\Programme\Windows Media Components
[2011.02.20 13:07:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
[2011.02.20 13:07:07 | 000,000,000 | ---D | C] -- C:\Programme\Ashampoo
[2011.02.20 12:28:25 | 000,000,000 | ---D | C] -- C:\Users\BH-ANATICOS\AppData\Roaming\Ashampoo
[2011.02.20 12:28:12 | 000,000,000 | ---D | C] -- C:\Users\BH-ANATICOS\AppData\Local\ashampoo
[2011.02.20 12:28:12 | 000,000,000 | ---D | C] -- C:\ProgramData\ashampoo
[2011.02.17 20:33:26 | 000,000,000 | ---D | C] -- C:\ProgramData\WindowsSearch
[2011.02.14 21:08:03 | 000,000,000 | ---D | C] -- C:\Users\BH-ANATICOS\Desktop\rpc_v1.2-1
[2011.02.12 19:12:59 | 000,000,000 | ---D | C] -- C:\Programme\Silabs
[2011.02.12 19:04:21 | 000,000,000 | ---D | C] -- C:\SiLabs
[2011.02.12 09:29:48 | 000,000,000 | ---D | C] -- C:\Programme\MSECache
[2011.02.12 01:16:02 | 000,000,000 | ---D | C] -- C:\Programme\facemoods.com
[2011.02.12 01:15:40 | 000,559,918 | ---- | C] (Michael Scrivo                                              ) -- C:\Users\BH-ANATICOS\Desktop\ootd-1.6.0.exe
[2011.02.11 20:45:41 | 000,000,000 | ---D | C] -- C:\Users\BH-ANATICOS\AppData\Roaming\UseNeXT
[2011.02.11 20:45:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UseNeXT
[2011.02.11 20:45:28 | 000,000,000 | ---D | C] -- C:\Programme\UseNeXT
[2011.02.09 18:56:10 | 002,039,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2011.02.09 18:56:05 | 003,602,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2011.02.09 18:56:05 | 003,550,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2011.02.09 18:55:51 | 001,172,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2011.02.09 18:55:51 | 001,068,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2011.02.09 18:55:51 | 000,797,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\FntCache.dll
[2011.02.09 18:55:50 | 000,979,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFH264Dec.dll
[2011.02.09 18:55:50 | 000,683,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2011.02.09 18:55:49 | 000,876,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2011.02.09 18:55:49 | 000,288,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2011.02.09 18:55:49 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll
[2011.02.09 18:55:48 | 001,554,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xpsservices.dll
[2011.02.09 18:55:48 | 000,357,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MFHEAACdec.dll
[2011.02.09 18:55:48 | 000,302,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfmp4src.dll
[2011.02.09 18:55:48 | 000,261,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfreadwrite.dll
[2011.02.09 18:55:47 | 002,873,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll
[2011.02.09 18:55:47 | 000,847,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\OpcServices.dll
[2011.02.09 18:55:47 | 000,478,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll
[2011.02.09 18:55:47 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2011.02.09 18:55:46 | 001,029,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll
[2011.02.09 18:55:46 | 000,667,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe
[2011.02.09 18:55:46 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2011.02.09 18:55:45 | 000,486,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll
[2011.02.09 18:55:45 | 000,209,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfplat.dll
[2011.02.09 18:55:45 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll
[2011.02.09 18:55:44 | 000,098,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfps.dll
[2011.02.09 18:55:44 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2011.02.09 18:55:43 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll
[2011.02.09 18:53:58 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2011.02.09 18:53:58 | 000,602,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011.02.09 18:53:57 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2011.02.09 18:53:57 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011.02.09 18:53:56 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2011.02.09 18:53:56 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011.02.09 18:53:56 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011.02.09 18:53:55 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2011.02.09 18:53:55 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2011.02.09 18:53:55 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2011.02.09 18:53:55 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2011.02.09 18:53:55 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2011.02.09 18:53:55 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2011.02.09 18:53:55 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011.02.09 18:53:53 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011.02.09 18:53:53 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2011.02.09 18:53:53 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2011.02.09 18:53:43 | 000,292,352 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2011.02.09 18:53:42 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2011.02.01 21:38:34 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller
[2011.01.25 23:33:27 | 000,000,000 | ---D | C] -- C:\MFT 144768
[2011.01.25 23:32:09 | 000,000,000 | ---D | C] -- C:\MFT 85826
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2011.02.21 19:42:51 | 000,013,307 | ---- | M] () -- C:\Users\BH-ANATICOS\AppData\Roaming\nvModes.dat
[2011.02.21 19:42:51 | 000,013,307 | ---- | M] () -- C:\Users\BH-ANATICOS\AppData\Roaming\nvModes.001
[2011.02.21 19:38:16 | 000,000,044 | -HS- | M] () -- C:\ProgramData\.zreglib
[2011.02.21 19:38:05 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.02.21 19:38:05 | 000,003,168 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.02.21 19:37:56 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.02.20 21:52:42 | 000,000,396 | ---- | M] () -- C:\Windows\tasks\SmartDefrag.job
[2011.02.20 21:52:36 | 000,359,864 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011.02.20 20:33:06 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.02.20 20:33:05 | 000,628,742 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.02.20 20:33:05 | 000,126,260 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.02.20 20:33:05 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.02.20 19:57:03 | 000,001,991 | ---- | M] () -- C:\Users\BH-ANATICOS\Desktop\Sun 3D Screensaver.lnk
[2011.02.20 19:57:03 | 000,001,893 | ---- | M] () -- C:\Users\BH-ANATICOS\Desktop\More Great 3D Screensavers.lnk
[2011.02.20 19:55:33 | 000,002,057 | ---- | M] () -- C:\Users\BH-ANATICOS\Desktop\Star Wars 3D Screensaver.lnk
[2011.02.20 19:53:46 | 000,002,066 | ---- | M] () -- C:\Users\BH-ANATICOS\Desktop\Solar System 3D Screensaver.lnk
[2011.02.20 19:49:56 | 000,002,031 | ---- | M] () -- C:\Users\BH-ANATICOS\Desktop\Sea Storm 3D Screensaver.lnk
[2011.02.20 19:46:58 | 000,002,058 | ---- | M] () -- C:\Users\BH-ANATICOS\Desktop\Planet Earth 3D Screensaver.lnk
[2011.02.20 19:44:38 | 000,002,044 | ---- | M] () -- C:\Users\BH-ANATICOS\Desktop\Night City 3D Screensaver.lnk
[2011.02.20 19:37:36 | 000,002,121 | ---- | M] () -- C:\Users\BH-ANATICOS\Desktop\Egyptian Pyramids 3D Screensaver.lnk
[2011.02.20 19:35:43 | 000,002,029 | ---- | M] () -- C:\Users\BH-ANATICOS\Desktop\3D Formula 1 Screensaver.lnk
[2011.02.20 19:34:46 | 000,000,271 | ---- | M] () -- C:\Windows\WinterTunnel-2007.set
[2011.02.20 19:33:33 | 000,002,077 | ---- | M] () -- C:\Users\BH-ANATICOS\Desktop\Space Tunnels 3D Screensaver.lnk
[2011.02.20 19:30:58 | 000,002,066 | ---- | M] () -- C:\Users\BH-ANATICOS\Desktop\Winter Night 3D Screensaver.lnk
[2011.02.20 19:28:58 | 000,002,024 | ---- | M] () -- C:\Users\BH-ANATICOS\Desktop\Winter 3D Screensaver.lnk
[2011.02.20 19:21:40 | 000,002,055 | ---- | M] () -- C:\Users\BH-ANATICOS\Desktop\Marine Life 3D Screensaver.lnk
[2011.02.20 19:20:02 | 000,002,044 | ---- | M] () -- C:\Users\BH-ANATICOS\Desktop\Lighthouse 3D Screensaver.lnk
[2011.02.20 19:16:52 | 000,002,087 | ---- | M] () -- C:\Users\BH-ANATICOS\Desktop\Golden Autumn 3D Screensaver.lnk
[2011.02.20 19:14:55 | 000,002,045 | ---- | M] () -- C:\Users\BH-ANATICOS\Desktop\Forest Life 3D Screensaver.lnk
[2011.02.20 19:13:03 | 000,002,000 | ---- | M] () -- C:\Users\BH-ANATICOS\Desktop\Easter 3D Screensaver.lnk
[2011.02.20 19:10:39 | 000,001,963 | ---- | M] () -- C:\Users\BH-ANATICOS\Desktop\More 3D Screensavers.lnk
[2011.02.20 19:10:39 | 000,000,780 | ---- | M] () -- C:\Users\BH-ANATICOS\Desktop\Christmas Eve 3D Screensaver.lnk
[2011.02.20 19:09:57 | 000,001,883 | ---- | M] () -- C:\Users\BH-ANATICOS\Desktop\Astro Gemini Screensaver Manager.lnk
[2011.02.20 19:08:05 | 000,002,046 | ---- | M] () -- C:\Users\BH-ANATICOS\Desktop\Atlantis 3D Screensaver.lnk
[2011.02.20 19:05:18 | 000,002,070 | ---- | M] () -- C:\Users\BH-ANATICOS\Desktop\Around the World - London.lnk
[2011.02.20 19:02:48 | 000,002,120 | ---- | M] () -- C:\Users\BH-ANATICOS\Desktop\3D Spooky Halloween Screensaver.lnk
[2011.02.20 19:00:51 | 000,002,087 | ---- | M] () -- C:\Users\BH-ANATICOS\Desktop\3D Merry Christmas Screensaver.lnk
[2011.02.20 18:58:50 | 000,002,024 | ---- | M] () -- C:\Users\BH-ANATICOS\Desktop\3D Matrix Screensaver.lnk
[2011.02.20 18:57:08 | 000,002,121 | ---- | M] () -- C:\Users\BH-ANATICOS\Desktop\3D Haunted Halloween Screensaver.lnk
[2011.02.20 18:55:23 | 000,002,121 | ---- | M] () -- C:\Users\BH-ANATICOS\Desktop\3D Grandfather Clock Screensaver.lnk
[2011.02.20 18:50:36 | 000,002,120 | ---- | M] () -- C:\Users\BH-ANATICOS\Desktop\3D Matrix Corridors Screensaver.lnk
[2011.02.20 17:43:12 | 000,001,007 | ---- | M] () -- C:\Users\Public\Desktop\MAGIX Music Maker 17 Premium Download-Version.lnk
[2011.02.20 17:35:45 | 000,048,128 | ---- | M] () -- C:\Users\BH-ANATICOS\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.02.20 17:13:13 | 000,000,762 | ---- | M] () -- C:\Users\BH-ANATICOS\Desktop\Talisman Desktop.lnk
[2011.02.20 13:23:47 | 000,000,889 | ---- | M] () -- C:\Users\Public\Desktop\Ashampoo Snap 4.lnk
[2011.02.20 13:09:18 | 000,001,066 | ---- | M] () -- C:\Users\Public\Desktop\Ashampoo Burning Studio 2010 Advanced.lnk
[2011.02.20 13:07:14 | 000,000,889 | ---- | M] () -- C:\Users\Public\Desktop\Ashampoo Snap 3.lnk
[2011.02.19 13:06:16 | 000,096,768 | -H-- | M] () -- C:\Users\BH-ANATICOS\AppData\Roaming\AutoChks.exe
[2011.02.17 23:44:55 | 000,000,319 | ---- | M] () -- C:\Windows\game.ini
[2011.02.13 18:47:30 | 000,001,887 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 8.lnk
[2011.02.12 01:15:41 | 000,559,918 | ---- | M] (Michael Scrivo                                              ) -- C:\Users\BH-ANATICOS\Desktop\ootd-1.6.0.exe
[2011.02.11 20:45:33 | 000,001,642 | ---- | M] () -- C:\Users\BH-ANATICOS\Desktop\UseNeXT.lnk
[2011.02.09 18:55:30 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2011.02.20 21:06:46 | 000,096,768 | -H-- | C] () -- C:\Users\BH-ANATICOS\AppData\Roaming\AutoChks.exe
[2011.02.20 19:57:03 | 000,001,991 | ---- | C] () -- C:\Users\BH-ANATICOS\Desktop\Sun 3D Screensaver.lnk
[2011.02.20 19:56:56 | 003,694,592 | ---- | C] () -- C:\Windows\System32\Sun 3D Screensaver.scr
[2011.02.20 19:55:33 | 000,002,057 | ---- | C] () -- C:\Users\BH-ANATICOS\Desktop\Star Wars 3D Screensaver.lnk
[2011.02.20 19:55:26 | 007,069,696 | ---- | C] () -- C:\Windows\System32\Star Wars 3D Screensaver.scr
[2011.02.20 19:51:57 | 000,002,066 | ---- | C] () -- C:\Users\BH-ANATICOS\Desktop\Solar System 3D Screensaver.lnk
[2011.02.20 19:51:48 | 014,663,680 | ---- | C] () -- C:\Windows\System32\Solar System 3D Screensaver.scr
[2011.02.20 19:49:56 | 000,002,031 | ---- | C] () -- C:\Users\BH-ANATICOS\Desktop\Sea Storm 3D Screensaver.lnk
[2011.02.20 19:46:58 | 000,002,058 | ---- | C] () -- C:\Users\BH-ANATICOS\Desktop\Planet Earth 3D Screensaver.lnk
[2011.02.20 19:46:50 | 007,942,144 | ---- | C] () -- C:\Windows\System32\Planet Earth 3D Screensaver.scr
[2011.02.20 19:44:38 | 000,002,044 | ---- | C] () -- C:\Users\BH-ANATICOS\Desktop\Night City 3D Screensaver.lnk
[2011.02.20 19:44:27 | 012,435,456 | ---- | C] () -- C:\Windows\System32\Night City 3D Screensaver.scr
[2011.02.20 19:37:36 | 000,002,121 | ---- | C] () -- C:\Users\BH-ANATICOS\Desktop\Egyptian Pyramids 3D Screensaver.lnk
[2011.02.20 19:37:25 | 019,968,000 | ---- | C] () -- C:\Windows\System32\Egyptian Pyramids 3D Screensaver.scr
[2011.02.20 19:35:43 | 000,002,029 | ---- | C] () -- C:\Users\BH-ANATICOS\Desktop\3D Formula 1 Screensaver.lnk
[2011.02.20 19:35:33 | 016,228,352 | ---- | C] () -- C:\Windows\System32\3D Formula 1 Screensaver.scr
[2011.02.20 19:33:33 | 000,002,077 | ---- | C] () -- C:\Users\BH-ANATICOS\Desktop\Space Tunnels 3D Screensaver.lnk
[2011.02.20 19:33:27 | 007,078,912 | ---- | C] () -- C:\Windows\System32\Space Tunnels 3D Screensaver.scr
[2011.02.20 19:30:58 | 000,002,066 | ---- | C] () -- C:\Users\BH-ANATICOS\Desktop\Winter Night 3D Screensaver.lnk
[2011.02.20 19:30:45 | 022,495,232 | ---- | C] () -- C:\Windows\System32\Winter Night 3D Screensaver.scr
[2011.02.20 19:28:58 | 000,002,024 | ---- | C] () -- C:\Users\BH-ANATICOS\Desktop\Winter 3D Screensaver.lnk
[2011.02.20 19:28:54 | 010,379,264 | ---- | C] () -- C:\Windows\System32\Winter 3D Screensaver.scr
[2011.02.20 19:21:40 | 000,002,055 | ---- | C] () -- C:\Users\BH-ANATICOS\Desktop\Marine Life 3D Screensaver.lnk
[2011.02.20 19:21:28 | 016,277,504 | ---- | C] () -- C:\Windows\System32\Marine Life 3D Screensaver.scr
[2011.02.20 19:20:02 | 000,002,044 | ---- | C] () -- C:\Users\BH-ANATICOS\Desktop\Lighthouse 3D Screensaver.lnk
[2011.02.20 19:19:58 | 005,214,208 | ---- | C] () -- C:\Windows\System32\Lighthouse 3D Screensaver.scr
[2011.02.20 19:16:52 | 000,002,087 | ---- | C] () -- C:\Users\BH-ANATICOS\Desktop\Golden Autumn 3D Screensaver.lnk
[2011.02.20 19:16:41 | 021,139,456 | ---- | C] () -- C:\Windows\System32\Golden Autumn 3D Screensaver.scr
[2011.02.20 19:14:55 | 000,002,045 | ---- | C] () -- C:\Users\BH-ANATICOS\Desktop\Forest Life 3D Screensaver.lnk
[2011.02.20 19:14:47 | 004,747,264 | ---- | C] () -- C:\Windows\System32\Forest Life 3D Screensaver.scr
[2011.02.20 19:13:03 | 000,002,000 | ---- | C] () -- C:\Users\BH-ANATICOS\Desktop\Easter 3D Screensaver.lnk
[2011.02.20 19:12:55 | 025,534,464 | ---- | C] () -- C:\Windows\System32\Easter 3D Screensaver.scr
[2011.02.20 19:09:53 | 000,001,963 | ---- | C] () -- C:\Users\BH-ANATICOS\Desktop\More 3D Screensavers.lnk
[2011.02.20 19:09:53 | 000,000,780 | ---- | C] () -- C:\Users\BH-ANATICOS\Desktop\Christmas Eve 3D Screensaver.lnk
[2011.02.20 19:09:45 | 009,011,200 | ---- | C] () -- C:\Windows\System32\Christmas Eve 3D Screensaver.scr
[2011.02.20 19:08:05 | 000,002,046 | ---- | C] () -- C:\Users\BH-ANATICOS\Desktop\Atlantis 3D Screensaver.lnk
[2011.02.20 19:08:01 | 015,482,880 | ---- | C] () -- C:\Windows\System32\Atlantis 3D Screensaver.scr
[2011.02.20 19:05:18 | 000,002,070 | ---- | C] () -- C:\Users\BH-ANATICOS\Desktop\Around the World - London.lnk
[2011.02.20 19:05:12 | 006,316,032 | ---- | C] () -- C:\Windows\System32\Around the World - London.scr
[2011.02.20 19:02:48 | 000,002,120 | ---- | C] () -- C:\Users\BH-ANATICOS\Desktop\3D Spooky Halloween Screensaver.lnk
[2011.02.20 19:02:39 | 008,429,568 | ---- | C] () -- C:\Windows\System32\3D Spooky Halloween Screensaver.scr
[2011.02.20 19:00:51 | 000,002,087 | ---- | C] () -- C:\Users\BH-ANATICOS\Desktop\3D Merry Christmas Screensaver.lnk
[2011.02.20 19:00:38 | 033,787,904 | ---- | C] () -- C:\Windows\System32\3D Merry Christmas Screensaver.scr
[2011.02.20 18:58:50 | 000,002,024 | ---- | C] () -- C:\Users\BH-ANATICOS\Desktop\3D Matrix Screensaver.lnk
[2011.02.20 18:58:46 | 002,678,784 | ---- | C] () -- C:\Windows\System32\3D Matrix Screensaver.scr
[2011.02.20 18:57:08 | 000,002,121 | ---- | C] () -- C:\Users\BH-ANATICOS\Desktop\3D Haunted Halloween Screensaver.lnk
[2011.02.20 18:56:59 | 008,998,912 | ---- | C] () -- C:\Windows\System32\3D Haunted Halloween Screensaver.scr
[2011.02.20 18:54:42 | 000,002,121 | ---- | C] () -- C:\Users\BH-ANATICOS\Desktop\3D Grandfather Clock Screensaver.lnk
[2011.02.20 18:54:34 | 010,407,936 | ---- | C] () -- C:\Windows\System32\3D Grandfather Clock Screensaver.scr
[2011.02.20 18:50:45 | 000,106,496 | ---- | C] () -- C:\Windows\System32\Astro Gemini Screensaver Manager.scr
[2011.02.20 18:50:36 | 000,002,120 | ---- | C] () -- C:\Users\BH-ANATICOS\Desktop\3D Matrix Corridors Screensaver.lnk
[2011.02.20 18:50:36 | 000,001,893 | ---- | C] () -- C:\Users\BH-ANATICOS\Desktop\More Great 3D Screensavers.lnk
[2011.02.20 18:50:36 | 000,001,883 | ---- | C] () -- C:\Users\BH-ANATICOS\Desktop\Astro Gemini Screensaver Manager.lnk
[2011.02.20 18:50:36 | 000,001,093 | ---- | C] () -- C:\Users\BH-ANATICOS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\View My Screensavers.lnk
[2011.02.20 18:50:31 | 004,452,352 | ---- | C] () -- C:\Windows\System32\3D Matrix Corridors Screensaver.scr
[2011.02.20 18:50:31 | 000,245,760 | ---- | C] () -- C:\Windows\System32\ImxEx.dll
[2011.02.20 17:43:12 | 000,001,007 | ---- | C] () -- C:\Users\Public\Desktop\MAGIX Music Maker 17 Premium Download-Version.lnk
[2011.02.20 17:13:13 | 000,000,762 | ---- | C] () -- C:\Users\BH-ANATICOS\Desktop\Talisman Desktop.lnk
[2011.02.20 13:23:47 | 000,000,889 | ---- | C] () -- C:\Users\Public\Desktop\Ashampoo Snap 4.lnk
[2011.02.20 13:09:18 | 000,001,066 | ---- | C] () -- C:\Users\Public\Desktop\Ashampoo Burning Studio 2010 Advanced.lnk
[2011.02.20 13:07:14 | 000,000,889 | ---- | C] () -- C:\Users\Public\Desktop\Ashampoo Snap 3.lnk
[2011.02.17 23:44:55 | 000,000,319 | ---- | C] () -- C:\Windows\game.ini
[2011.02.15 18:10:25 | 000,001,944 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox 4.0 Beta 11.lnk
[2011.02.11 20:45:33 | 000,001,642 | ---- | C] () -- C:\Users\BH-ANATICOS\Desktop\UseNeXT.lnk
[2011.01.20 22:29:08 | 000,420,920 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
[2011.01.20 21:48:29 | 000,000,044 | -HS- | C] () -- C:\ProgramData\.zreglib
[2010.12.22 19:56:27 | 000,000,000 | ---- | C] () -- C:\Windows\System32\drivers\sscdcmnt.sys
[2010.12.22 19:54:59 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll
[2010.12.22 19:54:59 | 000,036,608 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys
[2010.09.29 06:57:26 | 000,048,128 | ---- | C] () -- C:\Users\BH-ANATICOS\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.09.17 12:10:25 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2010.09.15 19:32:05 | 000,008,999 | ---- | C] () -- C:\ProgramData\LUUnInstall.LiveUpdate
[2010.08.17 17:43:03 | 000,001,932 | ---- | C] () -- C:\Users\BH-ANATICOS\AppData\Roaming\wklnhst.dat
[2010.08.17 11:54:49 | 000,053,299 | ---- | C] () -- C:\Windows\System32\pthreadVC.dll
[2010.08.01 06:38:00 | 000,000,680 | ---- | C] () -- C:\Users\BH-ANATICOS\AppData\Local\d3d9caps.dat
[2010.07.29 14:40:32 | 000,000,000 | ---- | C] () -- C:\Windows\WinInit.ini
[2010.07.29 14:10:41 | 000,013,307 | ---- | C] () -- C:\Users\BH-ANATICOS\AppData\Roaming\nvModes.001
[2010.07.29 12:19:17 | 000,013,307 | ---- | C] () -- C:\Users\BH-ANATICOS\AppData\Roaming\nvModes.dat
[2010.07.28 19:25:30 | 000,000,000 | ---- | C] () -- C:\Users\BH-ANATICOS\AppData\Local\QSwitch.txt
[2010.07.28 19:25:30 | 000,000,000 | ---- | C] () -- C:\Users\BH-ANATICOS\AppData\Local\DSwitch.txt
[2010.07.28 19:25:30 | 000,000,000 | ---- | C] () -- C:\Users\BH-ANATICOS\AppData\Local\AtStart.txt
[2007.10.25 17:26:10 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys
[2007.04.27 09:43:58 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll
[2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 11:25:21 | 000,061,440 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll
[2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.03.10 00:58:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2005.05.07 13:06:00 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll
 
========== LOP Check ==========
 
[2011.02.20 12:29:02 | 000,000,000 | ---D | M] -- C:\Users\BH-ANATICOS\AppData\Roaming\Ashampoo
[2010.12.10 00:28:17 | 000,000,000 | ---D | M] -- C:\Users\BH-ANATICOS\AppData\Roaming\Astro Gemini Software
[2010.12.05 11:09:25 | 000,000,000 | ---D | M] -- C:\Users\BH-ANATICOS\AppData\Roaming\Canneverbe Limited
[2011.01.20 21:24:33 | 000,000,000 | ---D | M] -- C:\Users\BH-ANATICOS\AppData\Roaming\DAEMON Tools Pro
[2010.08.01 11:38:05 | 000,000,000 | ---D | M] -- C:\Users\BH-ANATICOS\AppData\Roaming\IObit
[2010.09.05 17:22:18 | 000,000,000 | ---D | M] -- C:\Users\BH-ANATICOS\AppData\Roaming\MAGIX
[2011.01.20 17:38:57 | 000,000,000 | ---D | M] -- C:\Users\BH-ANATICOS\AppData\Roaming\ProtectDISC
[2010.12.22 19:54:15 | 000,000,000 | ---D | M] -- C:\Users\BH-ANATICOS\AppData\Roaming\Samsung
[2010.08.17 17:43:04 | 000,000,000 | ---D | M] -- C:\Users\BH-ANATICOS\AppData\Roaming\Template
[2011.02.20 19:13:16 | 000,000,000 | ---D | M] -- C:\Users\BH-ANATICOS\AppData\Roaming\TERMINAL Studio
[2011.01.16 01:10:16 | 000,000,000 | ---D | M] -- C:\Users\BH-ANATICOS\AppData\Roaming\TuneUp Software
[2011.02.20 22:57:07 | 000,000,000 | ---D | M] -- C:\Users\BH-ANATICOS\AppData\Roaming\Uniblue
[2011.02.20 21:10:06 | 000,000,000 | ---D | M] -- C:\Users\BH-ANATICOS\AppData\Roaming\UseNeXT
[2011.01.29 01:20:19 | 000,000,000 | ---D | M] -- C:\Users\BH-ANATICOS\AppData\Roaming\Verbindungsassistent
[2010.08.01 07:55:22 | 000,000,000 | ---D | M] -- C:\Users\BH-ANATICOS\AppData\Roaming\Vodafone
[2011.02.05 19:42:17 | 000,000,000 | ---D | M] -- C:\Users\Uschi\AppData\Roaming\DAEMON Tools Pro
[2011.02.05 20:00:02 | 000,000,000 | ---D | M] -- C:\Users\Uschi\AppData\Roaming\TuneUp Software
[2011.02.05 20:19:21 | 000,000,000 | ---D | M] -- C:\Users\Uschi\AppData\Roaming\Verbindungsassistent
[2011.02.21 00:16:27 | 000,032,518 | ---- | M] () -- C:\WINDOWS\Tasks\SCHEDLGU.TXT
[2011.02.20 21:52:42 | 000,000,396 | ---- | M] () -- C:\WINDOWS\Tasks\SmartDefrag.job
 
========== Purity Check ==========
 
 

< End of report >

--- --- ---

otl logs. Virus? bekomme ständig ein fenster geöfnett kriege es nicht mehr weg

Plagegeister aller Art und deren Bekämpfung: otl logs. Virus? bekomme ständig ein fenster geöfnett kriege es nicht mehr weg

otl logs. Virus? bekomme ständig ein fenster geöfnett kriege es nicht mehr weg

Ähnliche Themen: otl logs. Virus? bekomme ständig ein fenster geöfnett kriege es nicht mehr weg