Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   komischer Ordner? (https://www.trojaner-board.de/103319-komischer-ordner.html)

br0ken 11.09.2011 09:49
komischer Ordner?
 
Letztens hab ich im Ordner WINDOWS einen Ordner entdeckt, dessen Name mich etwas verunsichert? Der Ordner heißt VIRUS. Darin sind auch relativ viele Dateien enthalten, von unteschiedlichsten Dateiendungen.
Ist dieser Ordner normal? Kann man den löschen? Oder ist er für das System wichtig?

br0ken

cosinus 11.09.2011 14:01
Zitat:
Der Ordner heißt VIRUS. Darin sind auch relativ viele Dateien enthalten, von unteschiedlichsten Dateiendungen.
Normal ist das nicht. Welche Dateien genau sind da drin?
Welche Größe hat dieser Ordner?

br0ken 11.09.2011 18:27
Der Ordner ist 3,31 MB groß,
Darin enthalten sind Dateien von dll, bin, cpl, exe, ocx..
hier sind typische Dateinamen die in diesem Ordner sind:

1z5469troj554.dll, oder 3t2spywa5e594.cpl

und 364 Dateien sind darin..
Ist der schädlich? Kann ich den löschen?

Danke für die Hilfe..

cosinus 11.09.2011 18:59
Bitte nun routinemäßig einen Vollscan mit malwarebytes machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!


Danach OTL-Custom im normalen Windows-Modus (kein OTLPE!)


CustomScan mit OTL

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
Code:
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT

br0ken 11.09.2011 19:34
OTL Logfile:
Code:
OTL logfile created on: 11.09.2011 20:18:10 - Run 1
OTL by OldTimer - Version 3.2.27.0    Folder = C:\Dokumente und Einstellungen\angelika\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.5512)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1022,42 Mb Total Physical Memory | 592,91 Mb Available Physical Memory | 57,99% Memory free
2,40 Gb Paging File | 1,77 Gb Available in Paging File | 73,86% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 74,53 Gb Total Space | 43,26 Gb Free Space | 58,04% Space Free | Partition Type: NTFS
 
Computer Name: BR0KEN | User Name: angelika | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2011.09.11 20:10:45 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\angelika\Desktop\OTL.exe
PRC - [2011.08.31 02:23:02 | 000,573,104 | ---- | M] (Crawler.com) -- C:\Programme\Spyware Terminator\st_rsser.exe
PRC - [2011.08.31 02:22:56 | 003,608,240 | ---- | M] (Crawler.com) -- C:\Programme\Spyware Terminator\SpywareTerminatorUpdate.exe
PRC - [2011.08.31 02:22:46 | 002,775,728 | ---- | M] (Crawler.com) -- C:\Programme\Spyware Terminator\SpywareTerminatorShield.exe
PRC - [2011.08.01 14:35:42 | 000,114,992 | R--- | M] (SweetIM Technologies Ltd.) -- C:\Programme\SweetIM\Messenger\SweetIM.exe
PRC - [2011.05.25 14:06:20 | 000,037,664 | ---- | M] (Apple Inc.) -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2011.04.08 12:59:52 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
PRC - [2011.03.21 20:56:16 | 001,230,704 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdate.exe
PRC - [2009.11.29 20:12:00 | 000,185,089 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2009.11.29 20:12:00 | 000,108,289 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2009.03.02 13:08:43 | 000,209,153 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2008.09.25 01:47:00 | 000,094,208 | ---- | M] () -- C:\Programme\ThinkPad\Utilities\PWMDBSVC.exe
PRC - [2008.07.03 16:17:56 | 000,118,784 | ---- | M] (Synaptics, Inc.) -- C:\Programme\Synaptics\SynTP\SynTPLpr.exe
PRC - [2008.05.10 07:15:28 | 000,282,624 | ---- | M] (Eastman Kodak Company) -- C:\Programme\Kodak\Kodak EasyShare software\bin\EasyShare.exe
PRC - [2008.04.14 14:00:00 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.05.17 23:45:33 | 000,271,720 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft LifeCam\MSCamS32.exe
PRC - [2007.04.10 23:46:52 | 000,709,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\vVX1000.exe
PRC - [2007.03.06 10:35:02 | 000,198,168 | ---- | M] (InterVideo Inc.) -- C:\Programme\Gemeinsame Dateien\InterVideo\DeviceService\DevSvc.exe
PRC - [2006.05.30 15:05:42 | 000,086,016 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Lenovo\PkgMgr\HOTKEY_1\TpScrex.exe
PRC - [2005.07.05 14:57:12 | 000,077,824 | ---- | M] () -- C:\Programme\Lenovo\PkgMgr\HOTKEY\TPONSCR.exe
PRC - [2004.10.14 09:11:10 | 001,388,544 | ---- | M] (Analog Devices, Inc.) -- C:\Programme\Analog Devices\SoundMAX\SMax4PNP.exe
PRC - [2003.06.20 00:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE
PRC - [2002.09.20 14:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) -- C:\Programme\Analog Devices\SoundMAX\SMAgent.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2011.09.06 13:07:46 | 000,771,584 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b7e0214a811f81e09041864081139641\System.Runtime.Remoting.ni.dll
MOD - [2011.09.06 13:07:39 | 011,800,576 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\40893760431f8f0dcce3e18630e45b23\System.Web.ni.dll
MOD - [2011.09.06 07:25:32 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\10154dcad2d62f226af2fd4211460a4b\System.Xml.ni.dll
MOD - [2011.09.06 07:25:03 | 012,430,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d00cc387e462e4c3cdcd112b137cac87\System.Windows.Forms.ni.dll
MOD - [2011.09.06 07:23:59 | 001,587,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\7ed09623172a292eaee51e2e3bcaf784\System.Drawing.ni.dll
MOD - [2011.09.06 07:18:00 | 007,950,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e6c79e1d71b0c9000afd7e5e439b5c54\System.ni.dll
MOD - [2011.09.06 07:17:36 | 011,490,816 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\0309936a8e1672d39b9cf14463ce69f9\mscorlib.ni.dll
MOD - [2011.08.11 07:58:08 | 000,372,736 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
MOD - [2011.05.28 22:04:56 | 000,140,288 | ---- | M] () -- C:\Programme\WinRAR\RarExt.dll
MOD - [2011.03.21 20:57:34 | 000,096,112 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011.03.21 20:56:16 | 001,230,704 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdate.exe
MOD - [2010.10.15 20:27:22 | 000,315,392 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010.10.15 20:27:07 | 000,430,080 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll
MOD - [2010.08.19 17:43:24 | 000,034,088 | ---- | M] () -- C:\Programme\CyberLink\Shared files\RichVideops.dll
MOD - [2010.03.15 16:57:20 | 000,067,872 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\zlib1.dll
MOD - [2009.06.10 21:20:44 | 002,236,416 | ---- | M] () -- C:\Programme\Kodak\Kodak EasyShare software\bin\SkinuxCmpV.dll
MOD - [2009.06.10 21:20:44 | 001,396,736 | ---- | M] () -- C:\Programme\Kodak\Kodak EasyShare software\bin\SkinuxCommonV.dll
MOD - [2009.06.10 21:20:44 | 000,872,448 | ---- | M] () -- C:\Programme\Kodak\Kodak EasyShare software\bin\SkinuxBaseV.dll
MOD - [2009.06.10 21:20:44 | 000,798,720 | ---- | M] () -- C:\Programme\Kodak\Kodak EasyShare software\bin\SkinuxXML2V.dll
MOD - [2009.06.10 21:20:44 | 000,786,432 | ---- | M] () -- C:\Programme\Kodak\Kodak EasyShare software\bin\SkinuxImV.dll
MOD - [2009.06.10 21:20:44 | 000,688,128 | ---- | M] () -- C:\Programme\Kodak\Kodak EasyShare software\bin\VPrintOnline.dll
MOD - [2009.06.10 21:20:44 | 000,528,384 | ---- | M] () -- C:\Programme\Kodak\Kodak EasyShare software\bin\SkinuxProcV.dll
MOD - [2009.06.10 21:20:44 | 000,462,848 | ---- | M] () -- C:\Programme\Kodak\Kodak EasyShare software\bin\SkinuxFFV.dll
MOD - [2009.06.10 21:20:44 | 000,233,472 | ---- | M] () -- C:\Programme\Kodak\Kodak EasyShare software\bin\SpiffyExt.dll
MOD - [2009.06.10 21:20:44 | 000,159,744 | ---- | M] () -- C:\Programme\Kodak\Kodak EasyShare software\bin\SkinuxZipV.dll
MOD - [2009.06.10 21:20:44 | 000,143,360 | ---- | M] () -- C:\Programme\Kodak\Kodak EasyShare software\bin\VPrintOnlineHelper40.dll
MOD - [2009.06.10 21:20:43 | 001,564,672 | ---- | M] () -- C:\Programme\Kodak\Kodak EasyShare software\bin\areaifdll.dll
MOD - [2009.06.10 21:20:43 | 001,229,312 | ---- | M] () -- C:\Programme\Kodak\Kodak EasyShare software\bin\ESSkin.esx
MOD - [2009.06.10 21:20:43 | 000,757,760 | ---- | M] () -- C:\Programme\Kodak\Kodak EasyShare software\bin\ESCliWicMDRW.esx
MOD - [2009.06.10 21:20:43 | 000,688,128 | ---- | M] () -- C:\Programme\Kodak\Kodak EasyShare software\bin\LocVistaControls.dll
MOD - [2009.06.10 21:20:43 | 000,675,840 | ---- | M] () -- C:\Programme\Kodak\Kodak EasyShare software\bin\ESEmail.esx
MOD - [2009.06.10 21:20:43 | 000,466,944 | ---- | M] () -- C:\Programme\Kodak\Kodak EasyShare software\bin\ESCom.dll
MOD - [2009.06.10 21:20:43 | 000,403,968 | ---- | M] () -- C:\Programme\Kodak\Kodak EasyShare software\bin\KFx.dll
MOD - [2009.06.10 21:20:43 | 000,354,816 | ---- | M] () -- C:\Programme\Kodak\Kodak EasyShare software\bin\Atlas.dll
MOD - [2009.06.10 21:20:43 | 000,339,968 | ---- | M] () -- C:\Programme\Kodak\Kodak EasyShare software\bin\VistaAdapter.esx
MOD - [2009.06.10 21:20:43 | 000,311,296 | ---- | M] () -- C:\Programme\Kodak\Kodak EasyShare software\bin\VistaPrintOnline.esx
MOD - [2009.06.10 21:20:43 | 000,258,560 | ---- | M] () -- C:\Programme\Kodak\Kodak EasyShare software\bin\AppCore.dll
MOD - [2009.06.10 21:20:43 | 000,232,448 | ---- | M] () -- C:\Programme\Kodak\Kodak EasyShare software\bin\VistaControls.esx
MOD - [2009.06.10 21:20:43 | 000,171,008 | ---- | M] () -- C:\Programme\Kodak\Kodak EasyShare software\bin\Pcd.esx
MOD - [2009.06.10 21:20:43 | 000,163,840 | ---- | M] () -- C:\Programme\Kodak\Kodak EasyShare software\bin\LocESEmail.dll
MOD - [2009.06.10 21:20:43 | 000,151,552 | ---- | M] () -- C:\Programme\Kodak\Kodak EasyShare software\bin\LocVistaCDBackup.dll
MOD - [2009.06.10 21:20:43 | 000,128,512 | ---- | M] () -- C:\Programme\Kodak\Kodak EasyShare software\bin\kpries40.dll
MOD - [2009.06.10 21:20:43 | 000,117,760 | ---- | M] () -- C:\Programme\Kodak\Kodak EasyShare software\bin\IStorageMediaStore.esx
MOD - [2009.06.10 21:20:43 | 000,096,256 | ---- | M] () -- C:\Programme\Kodak\Kodak EasyShare software\bin\VistaCDBackup.esx
MOD - [2009.06.10 21:20:43 | 000,094,208 | ---- | M] () -- C:\Programme\Kodak\Kodak EasyShare software\bin\LocVistaPrintOnLine.dll
MOD - [2009.06.10 21:20:43 | 000,090,112 | ---- | M] () -- C:\Programme\Kodak\Kodak EasyShare software\bin\LocAcqMod.dll
MOD - [2009.06.10 21:20:43 | 000,084,480 | ---- | M] () -- C:\Programme\Kodak\Kodak EasyShare software\bin\keml40.dll
MOD - [2009.06.10 21:20:43 | 000,083,968 | ---- | M] () -- C:\Programme\Kodak\Kodak EasyShare software\bin\UpdateChecker.esx
MOD - [2009.06.10 21:20:43 | 000,077,312 | ---- | M] () -- C:\Programme\Kodak\Kodak EasyShare software\bin\DXRawFormatHandler.esx
MOD - [2009.06.10 21:20:43 | 000,062,464 | ---- | M] () -- C:\Programme\Kodak\Kodak EasyShare software\bin\DibLibIP.dll
MOD - [2009.06.10 21:20:43 | 000,052,224 | ---- | M] () -- C:\Programme\Kodak\Kodak EasyShare software\bin\KPCDInterface.dll
MOD - [2009.06.10 21:20:43 | 000,044,544 | ---- | M] () -- C:\Programme\Kodak\Kodak EasyShare software\bin\LocCamBack.dll
MOD - [2009.06.10 21:20:43 | 000,010,752 | ---- | M] () -- C:\Programme\Kodak\Kodak EasyShare software\bin\LocVistaAdapter.dll
MOD - [2009.06.10 21:20:43 | 000,009,728 | ---- | M] () -- C:\Programme\Kodak\Kodak EasyShare software\bin\LocUpdateCheck.dll
MOD - [2009.06.10 21:20:43 | 000,009,728 | ---- | M] () -- C:\Programme\Kodak\Kodak EasyShare software\bin\locPcd.dll
MOD - [2009.06.08 09:55:56 | 001,675,264 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.2756.37527__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll
MOD - [2009.06.08 09:55:56 | 000,360,448 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Wizard\2.0.2756.37783__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Wizard.dll
MOD - [2009.06.08 09:55:56 | 000,233,472 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.2756.37480__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
MOD - [2009.06.08 09:55:56 | 000,184,320 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.2756.37542__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
MOD - [2009.06.08 09:55:56 | 000,073,728 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.2756.37773__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
MOD - [2009.06.08 09:55:56 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.2756.37725__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
MOD - [2009.06.08 09:55:56 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.2756.37518__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
MOD - [2009.06.08 09:55:56 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Runtime\2.0.2756.37541__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Runtime.dll
MOD - [2009.06.08 09:55:56 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.2756.37651__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
MOD - [2009.06.08 09:55:56 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.2756.37502__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
MOD - [2009.06.08 09:55:55 | 000,483,328 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.2756.37817__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
MOD - [2009.06.08 09:55:40 | 000,135,168 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.2756.37825__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
MOD - [2009.06.08 09:55:40 | 000,102,400 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Dashboard\2.0.2756.37534__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Dashboard.dll
MOD - [2009.06.08 09:55:40 | 000,090,112 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.2756.37742__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
MOD - [2009.06.08 09:55:40 | 000,073,728 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.2756.37495__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
MOD - [2009.06.08 09:55:40 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Runtime\2.0.2756.37533__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Runtime.dll
MOD - [2009.06.08 09:55:39 | 000,331,776 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.2756.37735__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
MOD - [2009.06.08 09:55:39 | 000,167,936 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.PowerPlay3.Graphics.Dashboard\2.0.2756.37719__90ba9c70f846762e\CLI.Aspect.PowerPlay3.Graphics.Dashboard.dll
MOD - [2009.06.08 09:55:39 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.2756.37734__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
MOD - [2009.06.08 09:55:39 | 000,049,152 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.PowerPlay3.Graphics.Runtime\2.0.2756.37724__90ba9c70f846762e\CLI.Aspect.PowerPlay3.Graphics.Runtime.dll
MOD - [2009.06.08 09:55:38 | 000,667,648 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.2756.37663__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
MOD - [2009.06.08 09:55:38 | 000,401,408 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.2756.37757__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
MOD - [2009.06.08 09:55:38 | 000,208,896 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.2756.37549__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
MOD - [2009.06.08 09:55:38 | 000,118,784 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.2756.37687__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
MOD - [2009.06.08 09:55:38 | 000,049,152 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.2756.37660__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
MOD - [2009.06.08 09:55:38 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.2756.37685__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
MOD - [2009.06.08 09:55:37 | 000,917,504 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Dashboard\2.0.2756.37776__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Dashboard.dll
MOD - [2009.06.08 09:55:37 | 000,585,728 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.2756.37555__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll
MOD - [2009.06.08 09:55:37 | 000,475,136 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.2756.37654__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
MOD - [2009.06.08 09:55:37 | 000,438,272 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.2756.37504__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll
MOD - [2009.06.08 09:55:37 | 000,401,408 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.2756.37711__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll
MOD - [2009.06.08 09:55:37 | 000,323,584 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.2756.37645__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll
MOD - [2009.06.08 09:55:37 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.2756.37563__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll
MOD - [2009.06.08 09:55:37 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.2756.37652__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
MOD - [2009.06.08 09:55:37 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.2756.37561__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
MOD - [2009.06.08 09:55:37 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.2756.37659__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
MOD - [2009.06.08 09:55:37 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.2756.37710__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
MOD - [2009.06.08 09:55:36 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation\2.0.2665.42149__90ba9c70f846762e\LOG.Foundation.dll
MOD - [2009.06.08 09:55:36 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.2665.42151__90ba9c70f846762e\NEWAEM.Foundation.dll
MOD - [2009.06.08 09:55:36 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.2665.42157__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
MOD - [2009.06.08 09:55:36 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\MOM.Foundation\2.0.2665.42168__90ba9c70f846762e\MOM.Foundation.dll
MOD - [2009.06.08 09:55:36 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.2665.42187__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
MOD - [2009.06.08 09:55:36 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.2665.42196__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
MOD - [2009.06.08 09:55:36 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.2665.42166__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
MOD - [2009.06.08 09:55:36 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.2665.42196__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
MOD - [2009.06.08 09:55:36 | 000,006,656 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
MOD - [2009.06.08 09:55:35 | 000,049,152 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation\2.0.2665.42152__90ba9c70f846762e\CLI.Foundation.dll
MOD - [2009.06.08 09:55:35 | 000,049,152 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.2665.42162__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
MOD - [2009.06.08 09:55:35 | 000,049,152 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.2665.42186__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
MOD - [2009.06.08 09:55:35 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
MOD - [2009.06.08 09:55:35 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.2665.42198__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
MOD - [2009.06.08 09:55:35 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.2665.42240__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MOD - [2009.06.08 09:55:35 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.PowerPlay3.Graphics.Shared\2.0.2665.42186__90ba9c70f846762e\CLI.Aspect.PowerPlay3.Graphics.Shared.dll
MOD - [2009.06.08 09:55:35 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.OS.I0602\2.0.2665.42178__90ba9c70f846762e\DEM.OS.I0602.dll
MOD - [2009.06.08 09:55:35 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.2665.42166__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
MOD - [2009.06.08 09:55:35 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.2665.42161__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
MOD - [2009.06.08 09:55:35 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.2665.42156__90ba9c70f846762e\CLI.Component.Client.Shared.dll
MOD - [2009.06.08 09:55:35 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Shared\2.0.2665.42181__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Shared.dll
MOD - [2009.06.08 09:55:35 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.OS\2.0.2665.42177__90ba9c70f846762e\DEM.OS.dll
MOD - [2009.06.08 09:55:35 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics\2.0.2665.42179__90ba9c70f846762e\DEM.Graphics.dll
MOD - [2009.06.08 09:55:35 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
MOD - [2009.06.08 09:55:35 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.2665.42164__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
MOD - [2009.06.08 09:55:35 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.2665.42181__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
MOD - [2009.06.08 09:55:35 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.2665.42180__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
MOD - [2009.06.08 09:55:34 | 000,057,344 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.2665.42187__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
MOD - [2009.06.08 09:55:34 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Shared\2.0.2665.42182__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Shared.dll
MOD - [2009.06.08 09:55:34 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.2665.42184__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
MOD - [2009.06.08 09:55:34 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.2665.42184__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
MOD - [2009.06.08 09:55:34 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.2665.42186__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
MOD - [2009.06.08 09:55:34 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.2665.42184__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
MOD - [2009.06.08 09:55:34 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.2665.42182__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
MOD - [2009.06.08 09:55:34 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.2665.42167__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
MOD - [2009.06.08 09:55:34 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.2665.42180__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
MOD - [2009.06.08 09:55:34 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.2665.42185__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
MOD - [2009.06.08 09:55:34 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.2665.42166__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
MOD - [2009.06.08 09:55:34 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\APM.Foundation\2.0.2665.42187__90ba9c70f846762e\APM.Foundation.dll
MOD - [2009.06.08 09:55:34 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Foundation\2.0.2665.42150__90ba9c70f846762e\AEM.Foundation.dll
MOD - [2009.06.08 09:55:34 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll
MOD - [2009.06.08 09:55:34 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.2665.42181__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
MOD - [2009.06.08 09:55:34 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Server.Shared\2.0.2665.42160__90ba9c70f846762e\AEM.Server.Shared.dll
MOD - [2009.06.08 09:55:30 | 000,036,864 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.2756.37851__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
MOD - [2009.06.08 09:55:30 | 000,013,312 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Systemtray.resources\2.0.2756.37789_de_90ba9c70f846762e\CLI.Component.Systemtray.resources.dll
MOD - [2009.06.08 09:55:30 | 000,006,656 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.2756.37475__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
MOD - [2009.06.08 09:55:29 | 000,102,400 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\MOM.Implementation\2.0.2756.37799__90ba9c70f846762e\MOM.Implementation.dll
MOD - [2009.06.08 09:55:29 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.2665.42158__90ba9c70f846762e\LOG.Foundation.Private.dll
MOD - [2009.06.08 09:55:28 | 000,466,944 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.2756.37512__90ba9c70f846762e\CLI.Component.Wizard.dll
MOD - [2009.06.08 09:55:28 | 000,397,312 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.2756.37789__90ba9c70f846762e\CLI.Component.Systemtray.dll
MOD - [2009.06.08 09:55:28 | 000,098,304 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.2756.37478__90ba9c70f846762e\CLI.Component.Runtime.dll
MOD - [2009.06.08 09:55:28 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.2756.37796__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MOD - [2009.06.08 09:55:28 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.2665.42165__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
MOD - [2009.06.08 09:55:28 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.2665.42196__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
MOD - [2009.06.08 09:55:28 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.2665.42169__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MOD - [2009.06.08 09:55:28 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.2665.42154__90ba9c70f846762e\CLI.Foundation.Private.dll
MOD - [2009.06.08 09:55:28 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.2665.42167__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
MOD - [2009.06.08 09:55:27 | 001,503,232 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.2756.37489__90ba9c70f846762e\CLI.Component.Dashboard.dll
MOD - [2009.06.08 09:55:27 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ATIDEMOS\2.0.2756.37479__90ba9c70f846762e\ATIDEMOS.dll
MOD - [2009.06.08 09:55:27 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Server\2.0.2756.37476__90ba9c70f846762e\AEM.Server.dll
MOD - [2009.06.08 09:55:27 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.2665.42160__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
MOD - [2009.06.08 09:55:27 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CCC.Implementation\2.0.2756.37798__90ba9c70f846762e\CCC.Implementation.dll
MOD - [2009.06.08 09:55:27 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
MOD - [2009.06.08 09:55:27 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.2665.42188__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
MOD - [2009.01.28 16:03:49 | 000,326,401 | ---- | M] () -- C:\Programme\Avira\AntiVir Desktop\sqlite3.dll
MOD - [2008.09.25 01:47:00 | 000,094,208 | ---- | M] () -- C:\Programme\ThinkPad\Utilities\PWRMGRIF.DLL
MOD - [2008.09.25 01:47:00 | 000,094,208 | ---- | M] () -- C:\Programme\ThinkPad\Utilities\PWMDBSVC.exe
MOD - [2008.09.25 01:47:00 | 000,049,152 | ---- | M] () -- C:\Programme\ThinkPad\Utilities\GR\PWRMGRRT.DLL
MOD - [2008.04.14 14:00:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2007.03.06 17:03:08 | 000,016,384 | ---- | M] () -- C:\Programme\ATI Technologies\ATI.ACE\Branding\Branding.dll
MOD - [2007.03.02 11:44:34 | 000,073,728 | ---- | M] () -- C:\Programme\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll
MOD - [2005.11.30 20:16:02 | 000,024,576 | ---- | M] () -- C:\WINDOWS\system32\tphklock.dll
MOD - [2005.10.28 20:29:52 | 000,208,896 | ---- | M] () -- C:\Programme\Lenovo\PkgMgr\HOTKEY\tpfnf7.dll
MOD - [2005.07.05 14:57:12 | 000,077,824 | ---- | M] () -- C:\Programme\Lenovo\PkgMgr\HOTKEY\TPONSCR.exe
MOD - [2003.07.03 23:49:30 | 000,024,576 | ---- | M] () -- C:\Programme\Lenovo\PkgMgr\HOTKEY_2\tphk_2k.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - File not found [Disabled | Stopped] --  -- (HidServ)
SRV - [2011.08.31 02:23:02 | 000,573,104 | ---- | M] (Crawler.com) [Auto | Running] -- C:\Programme\Spyware Terminator\st_rsser.exe -- (ST2012_Svc)
SRV - [2011.05.25 14:06:20 | 000,037,664 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010.09.12 10:57:49 | 000,072,704 | ---- | M] (Adobe Systems) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe -- (Adobe LM Service)
SRV - [2009.11.29 20:12:00 | 000,185,089 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2009.11.29 20:12:00 | 000,108,289 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2008.09.25 01:47:00 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Programme\ThinkPad\Utilities\PWMDBSVC.exe -- (Power Manager DBC Service)
SRV - [2007.05.17 23:45:33 | 000,271,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft LifeCam\MSCamS32.exe -- (MSCamSvc)
SRV - [2007.03.06 10:35:02 | 000,198,168 | ---- | M] (InterVideo Inc.) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\InterVideo\DeviceService\DevSvc.exe -- (Capture Device Service)
SRV - [2003.07.28 13:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2003.06.20 00:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE -- (MDM)
SRV - [2002.09.20 14:50:10 | 000,045,056 | ---- | M] (Analog Devices, Inc.) [Auto | Running] -- C:\Programme\Analog Devices\SoundMAX\SMAgent.exe -- (SoundMAX Agent Service (default))
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2011.06.21 11:24:06 | 000,032,768 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\sp_rsdrv2.sys -- (sp_rsdrv2)
DRV - [2010.08.21 12:26:13 | 000,138,184 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PnkBstrK.sys -- (PnkBstrK)
DRV - [2009.12.07 20:42:01 | 000,056,816 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009.11.29 20:12:00 | 000,096,104 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2009.11.29 20:12:00 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.08.05 23:48:42 | 000,054,752 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\fssfltr_tdi.sys -- (fssfltr)
DRV - [2009.02.13 12:35:01 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Programme\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2008.09.25 01:47:00 | 000,004,442 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\TPPWRIF.SYS -- (TPPWRIF)
DRV - [2008.05.27 10:34:44 | 000,101,120 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2008.05.14 16:21:16 | 000,114,728 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\Apsx86.sys -- (Shockprf)
DRV - [2008.05.14 16:21:16 | 000,019,496 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\ApsHM86.sys -- (TPDIGIMN)
DRV - [2008.01.06 22:36:16 | 002,216,064 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\w29n51.sys -- (w29n51) Intel(R)
DRV - [2007.06.21 17:26:20 | 002,156,032 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2007.05.02 11:34:32 | 000,161,792 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2007.04.10 23:46:53 | 001,966,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\VX1000.sys -- (VX1000)
DRV - [2007.03.09 02:57:02 | 000,007,168 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\TSMAPIP.SYS -- (TSMAPIP)
DRV - [2005.10.18 16:53:24 | 000,998,656 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2005.10.18 16:52:38 | 000,242,304 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWICH.sys -- (HSFHWICH)
DRV - [2005.10.18 16:52:30 | 000,721,280 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2005.10.09 21:35:28 | 000,017,792 | ---- | M] (Winbond Electronics Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tpm.sys -- (TPM)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://home.sweetim.com/?st=1&barid={A75A7048-DBDC-11E0-831B-00166F044154}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://start.facemoods.com/?a=bf2&s={searchTerms}&f=4
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://de.rd.yahoo.com/customize/ycomp/defaults/sb/*hxxp://de.docs.yahoo.com/info/ie6.html
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://de.rd.yahoo.com/customize/ycomp/defaults/sp/*hxxp://de.yahoo.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://home.sweetim.com/?st=1&barid={A75A7048-DBDC-11E0-831B-00166F044154}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKCU\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {00A6FAF6-072E-44cf-8957-5838F569A31D} - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgHelper.dll (SweetIM Technologies Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = :
 
========== FireFox ==========
 
FF - prefs.js..browser.search.selectedEngine: "SweetIM Search"
FF - prefs.js..extensions.enabledItems: battlefieldheroespatcher@ea.com:5.0.23.0
FF - prefs.js..keyword.URL: "hxxp://www.mywebsearch.com/jsp/cfg_redir2.jsp?id=ZCxdm924YYAT&fl=0&ptb=qamy9wpKAQqdSy26.bjgfg&url=hxxp://search.mywebsearch.com/mywebsearch/dft_redir.jhtml&st=kwd&searchfor="
FF - prefs.js..browser.startup.homepage: "hxxp://home.sweetim.com"
FF - prefs.js..browser.startup.homepage: ""
FF - prefs.js..browser.search.defaultenginename: "SweetIM Search"
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: ""
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "MyWebSearch"
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaulturl: ""
FF - prefs.js..browser.search.defaultenginename: "Google"
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Programme\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Programme\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Programme\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Programme\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Programme\CheckPoint\ZAForceField\TrustChecker
 
[2010.07.13 20:08:07 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\angelika\Anwendungsdaten\Mozilla\Extensions
[2010.06.13 13:02:35 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\angelika\Anwendungsdaten\Mozilla\Extensions\IMVUClientXUL@imvu.com
[2011.09.10 21:12:23 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\angelika\Anwendungsdaten\Mozilla\Firefox\Profiles\mo7ejlk6.default\extensions
[2010.07.13 20:17:57 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Dokumente und Einstellungen\angelika\Anwendungsdaten\Mozilla\Firefox\Profiles\mo7ejlk6.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.11.13 12:12:18 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Dokumente und Einstellungen\angelika\Anwendungsdaten\Mozilla\Firefox\Profiles\mo7ejlk6.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2010.07.13 20:17:57 | 000,000,000 | ---D | M] (Battlefield Heroes Updater) -- C:\Dokumente und Einstellungen\angelika\Anwendungsdaten\Mozilla\Firefox\Profiles\mo7ejlk6.default\extensions\battlefieldheroespatcher@ea.com
[2010.07.14 15:53:54 | 000,009,949 | ---- | M] () -- C:\Dokumente und Einstellungen\angelika\Anwendungsdaten\Mozilla\Firefox\Profiles\mo7ejlk6.default\searchplugins\mywebsearch.xml
[2011.09.10 20:43:09 | 000,003,910 | ---- | M] () -- C:\Dokumente und Einstellungen\angelika\Anwendungsdaten\Mozilla\Firefox\Profiles\mo7ejlk6.default\searchplugins\sweetim.xml
[2009.09.19 10:29:29 | 000,024,684 | ---- | M] (MyWebSearch.com) -- C:\Programme\mozilla firefox\plugins\NPMyWebS.dll
[2011.09.10 20:56:27 | 000,002,046 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\fcmdSrch.xml
 
O1 HOSTS File: ([2008.04.14 14:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1      localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (kikin Plugin) - {E601996F-E400-41CA-804B-CD6373A7EEE2} - C:\Programme\kikin\ie_kikin.dll (kikin)
O2 - BHO: (SweetIM Toolbar Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Programme\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [BLOG] C:\Programme\ThinkPad\Utilities\BATLOGEX.DLL ()
O4 - HKLM..\Run: [DivXUpdate] C:\Programme\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [LifeCam] C:\Programme\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [NWEReboot]  File not found
O4 - HKLM..\Run: [PWRMGRTR] C:\Programme\ThinkPad\Utilities\PWRMGRTR.DLL (Lenovo Group Limited)
O4 - HKLM..\Run: [SoundMAXPnP] C:\Programme\Analog Devices\SoundMAX\SMax4PNP.exe (Analog Devices, Inc.)
O4 - HKLM..\Run: [SpywareTerminatorShield] C:\Programme\Spyware Terminator\SpywareTerminatorShield.exe (Crawler.com)
O4 - HKLM..\Run: [SpywareTerminatorUpdater] C:\Programme\Spyware Terminator\SpywareTerminatorUpdate.exe (Crawler.com)
O4 - HKLM..\Run: [StartCCC] C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ()
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SweetIM] C:\Programme\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [UpdatePDRShortCut] C:\Programme\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [VX1000] C:\WINDOWS\vVX1000.exe (Microsoft Corporation)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Kodak EasyShare Software.lnk = C:\Programme\Kodak\Kodak EasyShare software\bin\EasyShare.exe (Eastman Kodak Company)
O4 - Startup: C:\Dokumente und Einstellungen\angelika\Startmenü\Programme\Autostart\IMVU.lnk =  File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 95
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Dokumente und Einstellungen\angelika\Anwendungsdaten\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Web-Suche - C:\Programme\SweetIM\Toolbars\Internet Explorer\resources\MenuExt.html ()
O9 - Extra 'Tools' menuitem : My kikin - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - C:\Programme\kikin\ie_kikin.dll (kikin)
O9 - Extra Button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} -  File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Reg Error: Key error.)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} hxxp://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei-4/CursorManiaInitialSetup1.0.1.1.cab (Reg Error: Key error.)
O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} https://www.battlefieldheroes.com/static/updater/BFHUpdater_5.0.26.0.cab (Battlefield Heroes Updater)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F8E8D24A-1607-4740-A3E7-716D45660F5C}: DhcpNameServer = 10.0.0.138 10.0.0.138
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\tpfnf2: DllName - notifyf2.dll - C:\WINDOWS\System32\notifyf2.dll ()
O20 - Winlogon\Notify\tphotkey: DllName - tphklock.dll - C:\WINDOWS\System32\tphklock.dll ()
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper:
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\angelika\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.09.11 18:37:19 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O32 - AutoRun File - [2009.05.25 16:04:45 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{4a51b6b7-49f7-11de-8011-dbbaf3e96729}\Shell - "" = AutoRun
O33 - MountPoints2\{4a51b6b7-49f7-11de-8011-dbbaf3e96729}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{4a51b6b7-49f7-11de-8011-dbbaf3e96729}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{4a51b6b9-49f7-11de-8011-dbbaf3e96729}\Shell - "" = AutoRun
O33 - MountPoints2\{4a51b6b9-49f7-11de-8011-dbbaf3e96729}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{4a51b6b9-49f7-11de-8011-dbbaf3e96729}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{663a1f18-4a76-11de-8012-a3ac4ae7086b}\Shell - "" = AutoRun
O33 - MountPoints2\{663a1f18-4a76-11de-8012-a3ac4ae7086b}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{663a1f18-4a76-11de-8012-a3ac4ae7086b}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{663a1f19-4a76-11de-8012-a3ac4ae7086b}\Shell - "" = AutoRun
O33 - MountPoints2\{663a1f19-4a76-11de-8012-a3ac4ae7086b}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{663a1f19-4a76-11de-8012-a3ac4ae7086b}\Shell\AutoRun\command - "" = E:\AutoRun.exe
O33 - MountPoints2\{bedf57f0-cec9-11de-812c-00166f044154}\Shell\AutoRun\command - "" = E:\hbcd\wintools\autorun.exe
O33 - MountPoints2\{bedf57f0-cec9-11de-812c-00166f044154}\Shell\Option1\Command - "" = E:\hbcd\wintools\autorun.exe
O33 - MountPoints2\{e6b8496e-4935-11de-800f-e4c62195bd6c}\Shell - "" = AutoRun
O33 - MountPoints2\{e6b8496e-4935-11de-800f-e4c62195bd6c}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{e6b8496e-4935-11de-800f-e4c62195bd6c}\Shell\AutoRun\command - "" = E:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.09.11 20:10:40 | 000,581,120 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\angelika\Desktop\OTL.exe
[2011.09.11 00:08:52 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\CyberLink
[2011.09.11 00:08:16 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\angelika\Eigene Dateien\CyberLink
[2011.09.11 00:06:11 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\angelika\Anwendungsdaten\CyberLink
[2011.09.11 00:06:08 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\CyberLink
[2011.09.10 23:47:50 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\angelika\Startmenü\Programme\CyberLink PowerDirector
[2011.09.10 23:39:42 | 000,000,000 | ---D | C] -- C:\Programme\CyberLink
[2011.09.10 23:38:19 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Temp
[2011.09.10 21:55:06 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\angelika\Anwendungsdaten\WinRAR
[2011.09.10 21:55:06 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\WinRAR
[2011.09.10 21:55:05 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\angelika\Startmenü\Programme\WinRAR
[2011.09.10 21:54:54 | 000,000,000 | ---D | C] -- C:\Programme\WinRAR
[2011.09.10 20:42:31 | 000,000,000 | ---D | C] -- C:\Programme\SweetIM
[2011.09.10 20:42:30 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SweetIM
[2011.09.10 20:41:20 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Premium
[2011.09.10 20:41:17 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\InstallMate
[2011.09.08 14:04:08 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\angelika\Recent
[2011.09.06 17:28:38 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\angelika\Lokale Einstellungen\Anwendungsdaten\MAGIX
[2011.09.06 17:28:31 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\angelika\Lokale Einstellungen\Anwendungsdaten\Xara
[2011.09.06 17:25:04 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\MAGIX Shared
[2011.09.06 17:20:55 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MAGIX
[2011.09.06 16:03:23 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\angelika\Anwendungsdaten\MAGIX
[2011.09.05 09:58:11 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\angelika\Desktop\Neuer Ordner
[2011.09.02 10:07:22 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\boost_interprocess
[2011.09.02 09:59:02 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\angelika\Anwendungsdaten\Spyware Terminator
[2011.09.02 09:59:01 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spyware Terminator
[2011.09.02 09:58:57 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Spyware Terminator 2012
[2011.09.02 09:57:51 | 000,000,000 | ---D | C] -- C:\Programme\Spyware Terminator
[2011.09.01 20:48:10 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\angelika\Desktop\HM
[2011.09.01 13:53:16 | 000,000,000 | ---D | C] -- C:\Programme\Windows Installer Clean Up
[2011.09.01 13:43:28 | 000,000,000 | ---D | C] -- C:\Programme\MSECACHE
[2011.09.01 13:36:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2011.09.01 13:21:55 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\378C
[2011.09.01 13:21:02 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\angelika\Eigene Dateien\My Received Files
[2011.09.01 13:19:55 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\iMesh
[2011.09.01 13:18:20 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{A9673E80-81F2-43CB-AC03-29F47370B98A}
[2011.09.01 13:16:56 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\angelika\Lokale Einstellungen\Anwendungsdaten\PackageAware
[2011.09.01 09:44:34 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\angelika\Eigene Dateien\hm
[2011.08.31 12:20:15 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\angelika\Anwendungsdaten\DVDVideoSoft
[2011.08.28 11:27:21 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\angelika\Desktop\itunes
[2011.08.27 20:46:25 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\iTunes
[2011.08.27 20:44:54 | 000,000,000 | ---D | C] -- C:\Programme\iPod
[2011.08.27 20:44:34 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2011.08.27 20:44:33 | 000,000,000 | ---D | C] -- C:\Programme\iTunes
[2011.08.27 20:42:52 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\QuickTime
[2011.08.27 20:42:23 | 000,000,000 | ---D | C] -- C:\Programme\QuickTime
[2011.08.27 20:39:46 | 000,000,000 | ---D | C] -- C:\Programme\Apple Software Update
[2011.08.27 20:38:16 | 000,000,000 | ---D | C] -- C:\Programme\Bonjour
[2011.08.24 13:00:55 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Skype
[7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2011.09.11 20:21:15 | 000,000,306 | ---- | M] () -- C:\WINDOWS\tasks\PMTask.job
[2011.09.11 20:10:45 | 000,581,120 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\angelika\Desktop\OTL.exe
[2011.09.11 19:55:05 | 000,001,090 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011.09.11 18:49:43 | 000,129,700 | ---- | M] () -- C:\Dokumente und Einstellungen\angelika\Desktop\jjj.pds
[2011.09.11 17:20:00 | 000,154,898 | ---- | M] () -- C:\Dokumente und Einstellungen\angelika\Eigene Dateien\PDR.dmp
[2011.09.11 15:31:05 | 000,000,280 | ---- | M] () -- C:\WINDOWS\tasks\wavepadShakeIcon.job
[2011.09.11 13:59:13 | 000,001,086 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011.09.11 13:59:01 | 000,002,048 | ---- | M] () -- C:\WINDOWS\bootstat.dat
[2011.09.11 13:58:57 | 1072,156,672 | -HS- | M] () -- C:\hiberfil.sys
[2011.09.11 13:09:26 | 003,978,910 | ---- | M] () -- C:\Dokumente und Einstellungen\angelika\Desktop\My heart will go on - Punisher *‹3.mp3
[2011.09.10 23:58:55 | 000,001,153 | ---- | M] () -- C:\Dokumente und Einstellungen\angelika\Desktop\CyberLink PowerDirector.lnk
[2011.09.10 23:57:54 | 000,368,096 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011.09.10 21:54:37 | 001,531,359 | ---- | M] () -- C:\Dokumente und Einstellungen\angelika\Eigene Dateien\wrar401d.exe
[2011.09.10 16:23:53 | 000,209,408 | ---- | M] () -- C:\Dokumente und Einstellungen\angelika\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.09.10 00:09:57 | 000,002,241 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Skype.lnk
[2011.09.09 22:22:06 | 000,002,509 | ---- | M] () -- C:\Dokumente und Einstellungen\angelika\Desktop\Microsoft Office Word 2003.lnk
[2011.09.09 17:39:36 | 000,058,243 | ---- | M] () -- C:\Dokumente und Einstellungen\angelika\Desktop\schönes love.jpg
[2011.09.09 12:41:19 | 002,693,299 | ---- | M] () -- C:\Dokumente und Einstellungen\angelika\Desktop\01 -  - kkkkkkkkkk.mp3
[2011.09.09 12:33:14 | 001,074,084 | ---- | M] () -- C:\Dokumente und Einstellungen\angelika\Desktop\Skor - Lass mich hier raus.mp3
[2011.09.09 12:30:29 | 000,914,773 | ---- | M] () -- C:\Dokumente und Einstellungen\angelika\Desktop\JanniX - Regentag.mp3
[2011.09.09 10:52:07 | 000,002,278 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011.09.09 00:27:44 | 008,821,983 | ---- | M] () -- C:\Dokumente und Einstellungen\angelika\Desktop\dein herzschlag ist das schönste liebeslied.wmv
[2011.09.08 23:30:15 | 000,301,056 | ---- | M] () -- C:\Dokumente und Einstellungen\angelika\Desktop\Unbenannt.MSWMM
[2011.09.06 07:12:44 | 000,518,110 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2011.09.06 07:12:44 | 000,494,646 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011.09.06 07:12:44 | 000,101,978 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2011.09.06 07:12:44 | 000,085,190 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011.09.05 12:33:18 | 000,001,426 | ---- | M] () -- C:\Dokumente und Einstellungen\angelika\Desktop\ttHr3zk_schwarz.GIF
[2011.09.05 12:11:35 | 000,274,590 | ---- | M] () -- C:\Dokumente und Einstellungen\angelika\Desktop\schönes.png
[2011.09.05 09:59:05 | 002,314,980 | ---- | M] () -- C:\Dokumente und Einstellungen\angelika\Desktop\03 Blutende Wunden.mp3
[2011.09.04 08:52:18 | 000,001,777 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Google Chrome.lnk
[2011.09.03 20:32:40 | 003,679,262 | ---- | M] () -- C:\Dokumente und Einstellungen\angelika\Desktop\Shox - Ich hasse mich (feat TJ) [Lyrics].mp3
[2011.09.03 13:30:39 | 005,129,216 | R--- | M] () -- C:\Dokumente und Einstellungen\All Users\Dokumente\ESBK.mbb
[2011.09.03 13:30:38 | 002,931,712 | R--- | M] () -- C:\Dokumente und Einstellungen\All Users\Dokumente\ESBK.mb
[2011.09.02 13:25:46 | 007,462,560 | ---- | M] () -- C:\Dokumente und Einstellungen\angelika\Desktop\bOoka - Siehst du nicht.mp3
[2011.09.02 09:58:58 | 000,000,705 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Spyware Terminator 2012.lnk
[2011.08.31 12:19:44 | 000,001,023 | ---- | M] () -- C:\Dokumente und Einstellungen\angelika\Desktop\Free YouTube to MP3 Converter.lnk
[2011.08.28 20:07:22 | 000,001,500 | ---- | M] () -- C:\Dokumente und Einstellungen\angelika\Lokale Einstellungen\Anwendungsdaten\RecConfig.xml
[2011.08.27 20:46:25 | 000,001,522 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\iTunes.lnk
[2011.08.27 20:42:52 | 000,001,584 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\QuickTime Player.lnk
[2011.08.27 20:39:59 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[7 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2011.09.11 18:39:01 | 000,129,700 | ---- | C] () -- C:\Dokumente und Einstellungen\angelika\Desktop\jjj.pds
[2011.09.11 17:19:35 | 000,154,898 | ---- | C] () -- C:\Dokumente und Einstellungen\angelika\Eigene Dateien\PDR.dmp
[2011.09.11 15:31:03 | 000,000,280 | ---- | C] () -- C:\WINDOWS\tasks\wavepadShakeIcon.job
[2011.09.11 11:49:17 | 003,978,910 | ---- | C] () -- C:\Dokumente und Einstellungen\angelika\Desktop\My heart will go on - Punisher *‹3.mp3
[2011.09.10 23:47:50 | 000,001,153 | ---- | C] () -- C:\Dokumente und Einstellungen\angelika\Desktop\CyberLink PowerDirector.lnk
[2011.09.10 21:54:28 | 001,531,359 | ---- | C] () -- C:\Dokumente und Einstellungen\angelika\Eigene Dateien\wrar401d.exe
[2011.09.09 17:39:50 | 000,058,243 | ---- | C] () -- C:\Dokumente und Einstellungen\angelika\Desktop\schönes love.jpg
[2011.09.09 12:30:24 | 000,914,773 | ---- | C] () -- C:\Dokumente und Einstellungen\angelika\Desktop\JanniX - Regentag.mp3
[2011.09.09 00:23:43 | 008,821,983 | ---- | C] () -- C:\Dokumente und Einstellungen\angelika\Desktop\dein herzschlag ist das schönste liebeslied.wmv
[2011.09.08 21:18:03 | 000,301,056 | ---- | C] () -- C:\Dokumente und Einstellungen\angelika\Desktop\Unbenannt.MSWMM
[2011.09.05 12:33:33 | 000,001,426 | ---- | C] () -- C:\Dokumente und Einstellungen\angelika\Desktop\ttHr3zk_schwarz.GIF
[2011.09.05 12:11:45 | 000,274,590 | ---- | C] () -- C:\Dokumente und Einstellungen\angelika\Desktop\schönes.png
[2011.09.04 21:26:02 | 002,314,980 | ---- | C] () -- C:\Dokumente und Einstellungen\angelika\Desktop\03 Blutende Wunden.mp3
[2011.09.04 21:22:12 | 001,074,084 | ---- | C] () -- C:\Dokumente und Einstellungen\angelika\Desktop\Skor - Lass mich hier raus.mp3
[2011.09.03 20:31:49 | 003,679,262 | ---- | C] () -- C:\Dokumente und Einstellungen\angelika\Desktop\Shox - Ich hasse mich (feat TJ) [Lyrics].mp3
[2011.09.02 13:25:22 | 007,462,560 | ---- | C] () -- C:\Dokumente und Einstellungen\angelika\Desktop\bOoka - Siehst du nicht.mp3
[2011.09.02 09:59:03 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\drivers\sp_rsdrv2.sys
[2011.09.02 09:58:58 | 000,000,705 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Spyware Terminator 2012.lnk
[2011.09.01 13:53:16 | 000,002,325 | ---- | C] () -- C:\Dokumente und Einstellungen\angelika\Startmenü\Programme\Windows Install Clean Up.lnk
[2011.08.31 12:19:44 | 000,001,023 | ---- | C] () -- C:\Dokumente und Einstellungen\angelika\Desktop\Free YouTube to MP3 Converter.lnk
[2011.08.30 21:59:42 | 1072,156,672 | -HS- | C] () -- C:\hiberfil.sys
[2011.08.27 20:46:25 | 000,001,522 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\iTunes.lnk
[2011.08.27 20:42:52 | 000,001,584 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\QuickTime Player.lnk
[2011.08.27 20:39:58 | 000,000,276 | ---- | C] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011.08.24 13:00:55 | 000,002,241 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Skype.lnk
[2011.07.26 12:31:14 | 000,101,817 | ---- | C] () -- C:\Dokumente und Einstellungen\angelika\Anwendungsdaten\WavePad.dmp
[2011.01.07 10:10:19 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010.07.14 16:41:36 | 000,138,184 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2010.07.14 16:41:35 | 000,138,056 | ---- | C] () -- C:\Dokumente und Einstellungen\angelika\Anwendungsdaten\PnkBstrK.sys
[2010.07.14 16:41:18 | 000,215,016 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2010.07.14 16:41:16 | 000,075,064 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2010.07.14 16:41:15 | 002,427,248 | ---- | C] () -- C:\WINDOWS\System32\pbsvc_heroes.exe
[2010.07.13 20:07:56 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010.05.21 15:05:13 | 000,001,500 | ---- | C] () -- C:\Dokumente und Einstellungen\angelika\Lokale Einstellungen\Anwendungsdaten\RecConfig.xml
[2009.12.24 23:58:46 | 000,000,056 | ---- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2009.12.24 23:42:26 | 000,015,498 | ---- | C] () -- C:\WINDOWS\VX1000.ini
[2009.11.11 22:00:54 | 000,004,212 | ---- | C] () -- C:\WINDOWS\System32\zllictbl.dat
[2009.11.07 23:09:25 | 000,016,974 | ---- | C] () -- C:\WINDOWS\System32\ez7down5oa9er1821.bin
[2009.08.19 00:23:09 | 000,000,151 | ---- | C] () -- C:\WINDOWS\PhotoSnapViewer.INI
[2009.08.03 15:07:42 | 000,403,816 | ---- | C] () -- C:\WINDOWS\System32\OGACheckControl.dll
[2009.08.03 15:07:42 | 000,230,768 | ---- | C] () -- C:\WINDOWS\System32\OGAEXEC.exe
[2009.06.27 18:19:37 | 000,209,408 | ---- | C] () -- C:\Dokumente und Einstellungen\angelika\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.06.10 08:22:06 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2009.06.08 10:04:58 | 000,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2009.06.08 09:45:48 | 000,016,384 | ---- | C] () -- C:\WINDOWS\PWMBTHLP.EXE
[2009.06.08 09:45:47 | 000,004,442 | ---- | C] () -- C:\WINDOWS\System32\drivers\TPPWRIF.SYS
[2009.05.25 16:52:07 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2009.05.25 16:50:40 | 000,368,096 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009.05.25 16:07:58 | 000,002,048 | ---- | C] () -- C:\WINDOWS\bootstat.dat
[2009.05.25 16:01:14 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2009.02.11 09:04:31 | 000,015,262 | ---- | C] () -- C:\WINDOWS\de89hz5f1616.exe
[2009.02.01 05:49:27 | 000,017,248 | ---- | C] () -- C:\WINDOWS\System32\e14spyware191z5.bin
[2009.01.04 04:17:52 | 000,010,712 | ---- | C] () -- C:\WINDOWS\System32\f19v5r90z.bin
[2008.09.04 09:11:57 | 000,011,377 | ---- | C] () -- C:\WINDOWS\System32\ee8t5reaz7969.exe
[2008.08.22 19:43:06 | 000,004,177 | ---- | C] () -- C:\WINDOWS\System32\b0zthre5t2988.exe
[2008.07.16 16:25:50 | 000,010,682 | ---- | C] () -- C:\WINDOWS\System32\d24downloader95z.exe
[2008.04.14 14:00:00 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2008.04.14 14:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2008.04.14 14:00:00 | 000,518,110 | ---- | C] () -- C:\WINDOWS\System32\perfh007.dat
[2008.04.14 14:00:00 | 000,494,646 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2008.04.14 14:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2008.04.14 14:00:00 | 000,269,480 | ---- | C] () -- C:\WINDOWS\System32\perfi007.dat
[2008.04.14 14:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2008.04.14 14:00:00 | 000,101,978 | ---- | C] () -- C:\WINDOWS\System32\perfc007.dat
[2008.04.14 14:00:00 | 000,085,190 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2008.04.14 14:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2008.04.14 14:00:00 | 000,034,478 | ---- | C] () -- C:\WINDOWS\System32\perfd007.dat
[2008.04.14 14:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2008.04.14 14:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2008.04.14 14:00:00 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2008.04.14 14:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2008.04.14 14:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2008.03.03 16:59:41 | 000,015,065 | ---- | C] () -- C:\WINDOWS\d79spyzar5632.dll
[2007.06.21 17:01:40 | 003,107,788 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2007.06.21 17:01:40 | 000,972,072 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2007.06.21 17:01:38 | 003,107,788 | ---- | C] () -- C:\WINDOWS\System32\ativvaxx.dat
[2007.04.27 10:43:58 | 000,120,200 | ---- | C] () -- C:\WINDOWS\System32\DLLDEV32i.dll
[2007.04.05 14:15:54 | 000,144,357 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2007.02.12 22:05:38 | 000,121,344 | ---- | C] () -- C:\WINDOWS\System32\SCLS.DLL
[2005.11.30 20:16:02 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\tphklock.dll
[2005.07.05 23:45:08 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\notifyf2.dll
[2003.02.20 18:53:42 | 000,005,702 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
[2002.03.17 02:00:00 | 000,007,420 | ---- | C] () -- C:\WINDOWS\UA000079.DLL
 
========== LOP Check ==========
 
[2011.09.01 13:21:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\378C
[2010.09.11 18:50:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Alias
[2011.09.02 10:07:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\boost_interprocess
[2011.05.16 18:01:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Electronic Arts
[2009.12.09 17:06:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\ICQ
[2009.10.16 23:45:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\IM
[2011.09.01 13:20:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\iMesh
[2009.10.16 23:42:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\IncrediMail
[2011.09.10 20:56:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\InstallMate
[2009.07.28 18:34:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\m2backup
[2011.09.06 17:58:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\MAGIX
[2009.07.28 18:34:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\mquadr.at
[2010.10.26 09:56:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\NCH Swift Sound
[2009.05.27 08:23:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PC Drivers HeadQuarters
[2010.10.24 14:19:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Pinnacle
[2011.09.10 20:41:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Premium
[2011.09.09 17:08:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spyware Terminator
[2011.09.10 21:13:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\SweetIM
[2011.09.10 23:49:33 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Temp
[2010.10.24 13:24:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Ulead Systems
[2011.08.27 20:46:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009.07.28 18:31:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{80C3F9E7-8577-4A5B-8D5B-47540BCF34FD}
[2009.07.28 18:34:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{855D7DEE-765C-488F-BCF4-308528E4047D}
[2009.05.26 15:16:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2011.09.01 13:22:46 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{A9673E80-81F2-43CB-AC03-29F47370B98A}
[2010.09.11 18:40:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\angelika\Anwendungsdaten\Autodesk
[2009.11.11 22:01:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\angelika\Anwendungsdaten\CheckPoint
[2011.08.31 12:20:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\angelika\Anwendungsdaten\DVDVideoSoft
[2011.08.31 12:19:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\angelika\Anwendungsdaten\DVDVideoSoftIEHelpers
[2011.05.22 16:15:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\angelika\Anwendungsdaten\FreeScreenToVideo
[2010.09.26 13:46:23 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\angelika\Anwendungsdaten\gtk-2.0
[2010.05.21 14:57:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\angelika\Anwendungsdaten\kikin
[2011.09.06 17:36:44 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\angelika\Anwendungsdaten\MAGIX
[2009.07.28 18:34:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\angelika\Anwendungsdaten\mquadr.at
[2011.07.09 16:18:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\angelika\Anwendungsdaten\NCH Swift Sound
[2009.06.10 21:29:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\angelika\Anwendungsdaten\Skinux
[2011.09.02 09:59:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\angelika\Anwendungsdaten\Spyware Terminator
[2010.10.24 13:18:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\angelika\Anwendungsdaten\Ulead Systems
[2010.06.13 15:06:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\angelika\Anwendungsdaten\Vivox
[2011.09.11 20:21:15 | 000,000,306 | ---- | M] () -- C:\WINDOWS\Tasks\PMTask.job
[2011.07.23 16:18:10 | 000,000,280 | ---- | M] () -- C:\WINDOWS\Tasks\wavepadDowngrade.job
[2011.09.11 15:31:05 | 000,000,280 | ---- | M] () -- C:\WINDOWS\Tasks\wavepadShakeIcon.job
 
========== Purity Check ==========
 
 

< End of report >


Und.. was kann man daraus lesen?

cosinus 11.09.2011 20:08
Malwarebytes hast du vergessen...
Außerdem hast du meine OTL-Anleitung nicht umgesetzt! Das war kein CustomScan! Ist das so schwierig das umzusetzen?


Alle Zeitangaben in WEZ +1. Es ist jetzt 16:19 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27