Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: 50 Euro Virus

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 25.03.2012, 18:24   #1
vflborussia
 
50 Euro Virus - Standard

50 Euro Virus



Hallo,
Mich hat es leider auch erwischt mit dem "50 Euro Virus"...
Ich hatte Malewarebytes durch laufen lassen und combofix. Die Meldung verschwand danach auch.Jedoch bin ich mir nicht sicher ob wirklich alles gelöscht worden ist von dem Virus...
Währe über Hilfe sehr dankbar
Grüße René
OTL:
Zitat:
OTL logfile created on: 25.03.2012 18:58:33 - Run 2
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\Rene\Downloads
Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

3,00 Gb Total Physical Memory | 1,53 Gb Available Physical Memory | 50,89% Memory free
6,00 Gb Paging File | 4,34 Gb Available in Paging File | 72,31% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 424,66 Gb Total Space | 121,64 Gb Free Space | 28,64% Space Free | Partition Type: NTFS
Drive D: | 40,00 Gb Total Space | 30,87 Gb Free Space | 77,19% Space Free | Partition Type: NTFS

Computer Name: RENE-PC | User Name: Rene | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Rene\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Programme\ICQ7.5\ICQ.exe (ICQ, LLC.)
PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Programme\Ballermann Party-Player\phonostarTimer.exe ()
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Windows\System32\spool\drivers\w32x86\3\E_TATIHTU.EXE (SEIKO EPSON CORPORATION)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Programme\EPSON Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
PRC - C:\Programme\ICQ6Toolbar\ICQ Service.exe ()
PRC - C:\Windows\System32\atieclxx.exe (AMD)
PRC - C:\Windows\System32\atiesrxx.exe (AMD)
PRC - C:\Programme\System Control Manager\MGSysCtrl.exe (Micro-Star International Co., Ltd.)
PRC - C:\Programme\Realtek\Audio\HDA\RtHDVBg.exe (Realtek Semiconductor)
PRC - C:\Programme\OpenOffice.org 3\program\soffice.bin (OpenOffice.org)
PRC - C:\Programme\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
PRC - C:\Programme\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\Programme\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Programme\System Control Manager\MSIService.exe (Micro-Star International Co., Ltd.)
PRC - C:\Programme\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
PRC - c:\Programme\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)


========== Modules (No Company Name) ==========

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\0a894f77b9aa64acbd3ce791916357d8\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\2df79ab909c782d3796e4107d040327d\System.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ff30db6905f8ec024fc808ed8779c0f3\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\a09ee392fa90849f2e9313a1ebbe0279\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\d49f4cb0755ccc34cd35ff96dc2ef9e3\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\15742b3597258ce67cbe219005c197e5\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\1f14b3e1ee0847f8662f513e67f92547\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\1b31ced9bb880d94fff1c6d47c16a81e\mscorlib.ni.dll ()
MOD - C:\Programme\Google\Chrome\Application\17.0.963.83\ppgooglenaclpluginchrome.dll ()
MOD - C:\Programme\Google\Chrome\Application\17.0.963.83\pdf.dll ()
MOD - C:\Programme\Google\Chrome\Application\17.0.963.83\libglesv2.dll ()
MOD - C:\Programme\Google\Chrome\Application\17.0.963.83\libegl.dll ()
MOD - C:\Programme\Google\Chrome\Application\17.0.963.83\avutil-51.dll ()
MOD - C:\Programme\Google\Chrome\Application\17.0.963.83\avformat-53.dll ()
MOD - C:\Programme\Google\Chrome\Application\17.0.963.83\avcodec-53.dll ()
MOD - C:\Programme\Google\Chrome\Application\17.0.963.83\gcswf32.dll ()
MOD - C:\Programme\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Programme\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Programme\Ballermann Party-Player\phonostarTimer.exe ()
MOD - C:\Programme\Ballermann Party-Player\QtCore4.dll ()
MOD - C:\Programme\Ballermann Party-Player\plugins\sqldrivers\qsqlite4.dll ()
MOD - C:\Programme\Ballermann Party-Player\QtGui4.dll ()
MOD - C:\Programme\Ballermann Party-Player\QtSql4.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager2.Graphics.Wizard\2.0.3863.37734__90ba9c70f846762e\CLI.Aspect.DisplaysManager2.Graphics.Wizard. dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3863.37611__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3863.37668__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3863.37632__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Dashboard\2.0.3863.37736__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard\2.0.3863.37702__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard. dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerXpress.Graphics.Dashboard\2.0.3863.37712__90ba9c70f846762e\CLI.Aspect.PowerXpress.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3863.37669__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3863.37683__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3863.37619__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3863.37663__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3863.37704__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3863.37668__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossFireX.Graphics.Dashboard\2.0.3863.37728__90ba9c70f846762e\CLI.Aspect.CrossFireX.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3863.37653__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dl l ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.3863.37701__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3863.37626__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerXpress.Graphics.Runtime\2.0.3863.37712__90ba9c70f846762e\CLI.Aspect.PowerXpress.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3863.37620__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime. dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Runtime\2.0.3863.37736__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Runtime\2.0.3863.37734__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager2.Graphics.Dashboard\2.0.3863.37730__90ba9c70f846762e\CLI.Aspect.DisplaysManager2.Graphics.Dash board.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3863.37656__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3863.37633__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashbo ard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3863.37677__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3863.37654__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3863.37650__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.3863.37662__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.3863.37636__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3863.37632__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3863.37655__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3863.37660__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashbo ard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3863.37654__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3863.37655__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3863.37660__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime. dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3863.37636__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime. dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3863.37662__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3863.37600__90ba9c70f846762e\LOG.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3863.37602__90ba9c70f846762e\NEWAEM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3863.37605__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3863.37602__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3863.37606__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3863.37701__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3863.37604__90ba9c70f846762e\MOM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3863.37708__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3863.37610__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3863.37606__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3863.37604__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3863.37601__90ba9c70f846762e\CLI.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3863.37646__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3863.37683__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3863.37668__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3863.37629__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3863.37654__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3863.37620__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3863.37702__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3863.37663__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3863.37620__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3863.37697__90ba9c70f846762e\CLI.Foundation.XManifest.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.3863.37677__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3863.37620__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dl l ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3863.37629__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3863.37603__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3863.37660__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dl l ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3863.37603__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3863.37610__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dl l ()
MOD - C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.3863.37602__90ba9c70f846762e\APM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0702\2.0.2594.25693__90ba9c70f846762e\DEM.Graphics.I0702.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3863.37626__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3863.37619__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerXpress.Graphics.Shared\2.0.3863.37677__90ba9c70f846762e\CLI.Aspect.PowerXpress.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Shared\2.0.3863.37703__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3863.37602__90ba9c70f846762e\CLI.Component.Client.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3863.37610__90ba9c70f846762e\DEM.Graphics.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3863.37606__90ba9c70f846762e\AEM.Server.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3863.37605__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3863.37616__90ba9c70f846762e\CLI.Component.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Implementation\2.0.3863.37728__90ba9c70f846762e\ResourceManagement.Foundation.Implementatio n.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3863.37692__90ba9c70f846762e\CLI.Component.Systemtray.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3863.37625__90ba9c70f846762e\CLI.Component.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3863.37697__90ba9c70f846762e\MOM.Implementation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3863.37695__90ba9c70f846762e\LOG.Foundation.Implementation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3863.37608__90ba9c70f846762e\CLI.Component.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3863.37609__90ba9c70f846762e\CLI.Component.SkinFactory.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3863.37605__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3863.37709__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3863.37605__90ba9c70f846762e\CLI.Foundation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3863.37614__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3863.37603__90ba9c70f846762e\LOG.Foundation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3863.37604__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3863.37697__90ba9c70f846762e\CCC.Implementation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3863.37625__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3863.37615__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3863.37631__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3863.37608__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3863.37606__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.3863.37608__90ba9c70f846762e\APM.Server.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.3863.37607__90ba9c70f846762e\AEM.Server.dll ()
MOD - C:\Programme\OpenOffice.org 3\program\libxml2.dll ()
MOD - C:\Programme\CyberLink\Power2Go\CLMLSvcPS.dll ()
MOD - C:\Programme\CyberLink\Power2Go\CLMediaLibrary.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll ()


========== Win32 Services (SafeList) ==========

SRV - (MBAMService) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (odserv) -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)
SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (KMService) -- C:\Windows\System32\srvany.exe ()
SRV - (fsssvc) -- C:\Programme\Windows Live\Family Safety\fsssvc.exe (Microsoft Corporation)
SRV - (wlcrasvc) -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV - (ICQ Service) -- C:\Programme\ICQ6Toolbar\ICQ Service.exe ()
SRV - (AMD External Events Utility) -- C:\Windows\System32\atiesrxx.exe (AMD)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (Micro Star SCM) -- C:\Programme\System Control Manager\MSIService.exe (Micro-Star International Co., Ltd.)
SRV - (Microsoft Office Groove Audit Service) -- C:\Programme\Microsoft Office\Office12\GrooveAuditService.exe (Microsoft Corporation)
SRV - (PSI_SVC_2) -- c:\Programme\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
SRV - (ose) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV - (catchme) -- C:\Users\Rene\AppData\Local\Temp\catchme.sys File not found
DRV - (aowco4l2) -- File not found
DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation)
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (sptd) -- C:\Windows\System32\drivers\sptd.sys ()
DRV - (AtiHDAudioService) -- C:\Windows\System32\drivers\AtihdW73.sys (ATI Technologies, Inc.)
DRV - (amdkmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (amdkmdap) -- C:\Windows\System32\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (JMCR) -- C:\Windows\System32\drivers\jmcr.sys (JMicron Technology Corporation)
DRV - (usbfilter) -- C:\Windows\System32\drivers\usbfilter.sys (Advanced Micro Devices)
DRV - (AtiPcie) AMD PCI Express (3GIO) -- C:\Windows\System32\drivers\AtiPcie.sys (Advanced Micro Devices Inc.)
DRV - (rtl8192se) -- C:\Windows\System32\drivers\rtl8192se.sys (Realtek Semiconductor Corporation )
DRV - (RTHDMIAzAudService) -- C:\Windows\System32\drivers\RtHDMIV.sys (Realtek Semiconductor Corp.)
DRV - (vwifimp) -- C:\Windows\System32\drivers\vwifimp.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\URLSearchHook: - No CLSID value found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.aldi.com
IE - HKCU\..\URLSearchHook: - No CLSID value found
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKCU\..\SearchScopes,DefaultScope = {07E80EDF-ECFC-4E5E-9B52-D6E44E663A9A}
IE - HKCU\..\SearchScopes\{07E80EDF-ECFC-4E5E-9B52-D6E44E663A9A}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MDNA_de
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/web/{searchTerms}?babsrc=SP_ss&affID=100489&mntrId=4614a77e0000000000001c4bd6eac098
IE - HKCU\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


========== FireFox ==========

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)



========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{googleriginalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFiel dTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Rene\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\17.0.963.83\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\17.0.963.83\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\17.0.963.83\pdf.dll
CHR - plugin: 20-20 3D Viewer for IKEA (Enabled) = C:\Users\Rene\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnbjlpbcjbhgeeloohnpbcfblhnkhffm\5.0.7.0_0\NP_2020Player_IKEA.dll
CHR - plugin: Intel(R) Threading Building Blocks for Windows (Enabled) = C:\Users\Rene\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnbjlpbcjbhgeeloohnpbcfblhnkhffm\5.0.7.0_0\tbb.dll
CHR - plugin: Intel(R) Threading Building Blocks for Windows (Enabled) = C:\Users\Rene\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnbjlpbcjbhgeeloohnpbcfblhnkhffm\5.0.7.0_0\tbbmalloc.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.300.12 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U30 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\Rene\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google-Suche = C:\Users\Rene\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.18_0\
CHR - Extension: Click to activate/deactivate ProxTube = C:\Users\Rene\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkdbaehcjcomcnnjhlmnfddpgoafpcko\1.0.6_0\
CHR - Extension: Better Pop Up Blocker = C:\Users\Rene\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmpeeekfhbmikbdhlpjbfmnpgcbeggic\2.1.6_0\
CHR - Extension: 20-20 3D Viewer for IKEA = C:\Users\Rene\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnbjlpbcjbhgeeloohnpbcfblhnkhffm\5.0.7.0_0\
CHR - Extension: Google Mail = C:\Users\Rene\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012.03.25 15:29:33 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Programme\BabylonToolbar\BabylonToolbar\1.4.35.10\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Programme\EPSON Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
O2 - BHO: (Windows Live Messenger Companion Helper) - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Programme\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Programme\EPSON Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Programme\BabylonToolbar\BabylonToolbar\1.4.35.10\BabylonToolbarTlbr.dll (Babylon Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [EEventManager] C:\Program Files\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MGSysCtrl] C:\Programme\System Control Manager\MGSysCtrl.exe (Micro-Star International Co., Ltd.)
O4 - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [Ballermann Party-PlayerTimer] C:\Programme\Ballermann Party-Player\phonostarTimer.exe ()
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [EPLTarget\P0000000000000000] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_TATIHTU.EXE (SEIKO EPSON CORPORATION)
O4 - HKCU..\Run: [ICQ] C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.)
O4 - Startup: C:\Users\Rene\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk = C:\Programme\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O4 - Startup: C:\Users\Rene\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk = C:\Programme\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Programme\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found
O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found
O9 - Extra Button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Programme\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Programme\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4961DCA4-7BDF-4CD1-9466-0C8CDEDA8127}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Programme\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2012.03.25 15:29:52 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012.03.25 15:27:09 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\temp
[2012.03.25 15:27:08 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012.03.25 15:00:50 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012.03.25 15:00:50 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012.03.25 15:00:50 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012.03.25 15:00:40 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
[2012.03.25 14:59:59 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012.03.25 14:56:10 | 004,443,082 | R--- | C] (Swearware) -- C:\Users\Rene\Desktop\ComboFix.exe
[2012.03.25 14:17:32 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Roaming\Malwarebytes
[2012.03.25 14:17:23 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.03.25 14:17:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.03.25 14:17:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.03.25 14:17:22 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.03.23 15:23:30 | 000,000,000 | ---D | C] -- C:\Config.Msi
[2012.03.23 08:09:45 | 003,957,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2012.03.23 08:09:39 | 003,902,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2012.03.22 18:58:55 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\prevhost.exe
[2012.03.22 18:58:52 | 000,284,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys
[2012.03.22 18:58:51 | 000,005,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbd.sys
[2012.03.22 18:58:44 | 000,146,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\storport.sys
[2012.03.22 18:58:44 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fsutil.exe
[2012.03.22 18:58:33 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\timedate.cpl
[2012.03.22 18:58:31 | 001,553,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tquery.dll
[2012.03.22 18:58:31 | 001,401,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssrch.dll
[2012.03.22 18:58:30 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssvp.dll
[2012.03.22 18:58:30 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssph.dll
[2012.03.22 18:58:30 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssphtb.dll
[2012.03.22 18:58:30 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscntrs.dll
[2012.03.22 18:58:28 | 000,442,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll
[2012.03.22 18:58:27 | 000,288,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll
[2012.03.22 18:58:25 | 002,614,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2012.03.22 18:58:25 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\Skype
[2012.03.22 18:58:20 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wscapi.dll
[2012.03.22 18:58:20 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\slwga.dll
[2012.03.22 18:58:14 | 000,026,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Diskdump.sys
[2012.03.22 18:58:12 | 000,219,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\dxgmms1.sys
[2012.03.22 18:58:12 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\cdd.dll
[2012.03.22 11:16:15 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{32EFDCAD-0082-41D8-82B2-FEA1CBFAFBDF}
[2012.03.22 11:15:36 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{B411486B-A08B-489A-920D-469001596CF9}
[2012.03.21 13:26:25 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{D61BC5B9-503D-4389-887B-003B1197E44A}
[2012.03.21 13:25:50 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{EEECF00B-5684-4AAF-B53C-B1BE6BF435B8}
[2012.03.20 18:03:35 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{F0F8498B-A0D6-4B94-8F67-393F3A1C60E5}
[2012.03.20 18:03:16 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{101A69E0-B9C7-41DC-AA27-88003C9B9E3B}
[2012.03.20 17:06:53 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{82A013A1-AE1B-4C60-B143-36A623A4CCE8}
[2012.03.20 14:55:19 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{E0EB1D0F-707B-43AF-9BA8-4432B3C92996}
[2012.03.20 14:55:02 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{D597B9A8-2C32-4950-93C3-47A132B2D6CA}
[2012.03.20 06:26:23 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{3EADE7AD-EAB2-4F5F-9869-1ED336DF0E8D}
[2012.03.20 06:25:06 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{CD356679-9E0D-4E29-803A-CB9715E7B017}
[2012.03.19 22:20:47 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{3CB8CE7E-2A33-4684-813C-D4D004DA7E55}
[2012.03.19 22:20:36 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{33C36FBA-18A5-46CA-A996-7F2084274CA1}
[2012.03.19 18:57:53 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{7881AB68-B9EB-43F0-BC0E-A1AE8600E2FA}
[2012.03.19 18:57:41 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{391D4370-F901-46B5-B5D3-6D469625F3AC}
[2012.03.19 16:20:01 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{1EDEF798-CDB9-438A-AA96-C7C610E885A5}
[2012.03.19 16:19:40 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{2EB50064-A785-44A0-8717-41C1015B2479}
[2012.03.19 08:38:23 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{D8EB13D3-D11F-404F-8E35-84713E84FF11}
[2012.03.19 08:37:26 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{10F4E4A8-6494-4DAC-96E6-F086E9B0291F}
[2012.03.19 08:02:09 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{3D4BF202-3413-49A8-84BA-E285835C06CC}
[2012.03.19 08:01:57 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{2AC1571E-2B59-41B1-9A16-63FA12FCFB0A}
[2012.03.19 07:42:38 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{561F9D72-7B59-4F9C-AFDE-AF7D8E10C203}
[2012.03.19 07:42:19 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{88BB0772-DAA2-41FB-BB7F-B5C7F1DC4688}
[2012.03.18 20:44:16 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{9DB83010-E764-46F9-BB31-637D888114D3}
[2012.03.18 20:43:04 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{A7292305-1478-43BC-95DC-C99DEA91841C}
[2012.03.18 08:31:57 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{C7DE36B6-5DE7-440D-B657-A339EA8EB641}
[2012.03.18 08:31:44 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{03B7C7B4-3A20-4C1C-A0A1-A343A5BDF3CE}
[2012.03.18 06:16:26 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{7474ED9A-96D3-4E0B-A0FF-E66DB0040936}
[2012.03.18 06:16:01 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{5449D349-801C-4717-B8D0-46DED2468C99}
[2012.03.17 23:52:03 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{8193C58D-F971-4BEA-9B76-3F3B853FCAD7}
[2012.03.17 23:51:42 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{E3A73B23-5052-4BAD-BC15-F6C082B37C84}
[2012.03.17 20:53:04 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{9DD35814-B9BF-4DF6-A60F-6E91B5EE9053}
[2012.03.17 20:52:42 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{0248ADB3-1738-4AE9-9467-F65BA9447999}
[2012.03.15 12:39:07 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{9A9E393F-B6A1-4F42-9DD7-7C7F8E200B95}
[2012.03.15 12:38:54 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{0F1C2987-AC01-447A-9585-3898CBCA7190}
[2012.03.15 12:30:57 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{F2E26DD4-F95E-43E5-AA84-AEC423C957CA}
[2012.03.15 12:30:36 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{2AF97B02-201C-4D55-8F05-B50CB33A00A3}
[2012.03.15 08:45:48 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{263E7477-4975-4C80-A667-443ED01A5242}
[2012.03.15 08:45:26 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{E049E39D-AD1F-4381-BF01-B9C5A500898C}
[2012.03.14 14:56:34 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{C5956C9E-498A-49CD-A4F8-337E8D908EB1}
[2012.03.14 14:56:22 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{E65C4B83-DED7-40A7-9BFB-FCB0C37F28DC}
[2012.03.14 13:21:32 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{82D48498-3732-4520-A777-4167A8218A91}
[2012.03.14 13:21:19 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{2D3A084B-ECA3-4465-A3A7-7A9E37DF0C4C}
[2012.03.14 12:10:41 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{EEBC9B1B-612B-4980-9A4F-4978FBAF9AE0}
[2012.03.14 12:10:26 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{D9CF349A-9A5D-450A-A922-61EE472DE32C}
[2012.03.14 06:32:05 | 002,341,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012.03.14 06:32:03 | 001,170,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll
[2012.03.14 06:32:03 | 001,074,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2012.03.14 06:32:03 | 000,739,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2012.03.14 06:32:03 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll
[2012.03.14 06:32:03 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll
[2012.03.14 06:31:52 | 000,129,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcorekmts.dll
[2012.03.14 06:31:52 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpwsx.dll
[2012.03.14 06:31:52 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdrmemptylst.exe
[2012.03.14 06:31:33 | 000,826,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpcore.dll
[2012.03.14 06:25:50 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{E2E884C9-9D48-4CFB-929F-3A84DF5857F7}
[2012.03.14 06:25:08 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{C3C9096B-2DD0-4E08-A2D6-6734089F00D3}
[2012.03.13 20:59:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Lunch Design
[2012.03.13 15:38:55 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{C00F8CFC-35BC-42FA-AA43-D550494C850A}
[2012.03.13 15:38:44 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{D01C8C33-87AE-40F8-B24B-55F81585A1EE}
[2012.03.13 14:07:50 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{3316F20E-2D37-4983-A421-DBAEC842BAD6}
[2012.03.13 14:07:38 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{7F4D6A79-9A6B-494F-89DD-EE84BDA1EA1D}
[2012.03.13 13:11:22 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{1B6FB99E-B919-49D2-B232-35377E15793A}
[2012.03.13 13:04:30 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{F438986A-DBC4-4065-98CE-6CC9D2302126}
[2012.03.13 13:04:03 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{53E1D2F7-52DB-4767-8B3B-20226FDB4F50}
[2012.03.13 09:41:53 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{7B3406F2-CF89-4887-9460-E4E8BFD9EDDC}
[2012.03.12 23:50:20 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{30149408-89B1-4B78-9846-B497644832D8}
[2012.03.12 23:50:03 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{CFBAAEFA-3AFA-4584-9A30-D0805A99811A}
[2012.03.12 15:47:37 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{DC4D2454-644B-4D7A-8A03-3426E2895855}
[2012.03.12 15:47:26 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{B9A1368B-6D37-4224-869C-F38BC5ACA08C}
[2012.03.12 10:47:52 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{49F2AEE6-CC70-4C00-96DA-97ED247628F8}
[2012.03.12 10:47:18 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{23CAA896-A8A1-4865-B4C7-FA2CA5328841}
[2012.03.11 22:22:06 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{262B1B16-DE92-4ED9-AE54-A470B1D4655A}
[2012.03.11 22:21:55 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{D9CC88BC-5CF4-41CC-866B-179D8327B4D2}
[2012.03.11 22:10:34 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{1E6D6D7C-BF4E-48E7-9E3A-3C2D02912302}
[2012.03.11 22:10:11 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{8E075464-115F-4E91-9A18-F17D9BB5545B}
[2012.03.11 10:22:37 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{BC9FB9CD-97EB-439E-B71B-87CB8903722A}
[2012.03.11 10:22:21 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{DF521878-AF12-4668-AE27-A37F85CC48A8}
[2012.03.10 16:37:49 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{72498BE4-AC1B-42E1-8426-B6319A4E2D9D}
[2012.03.10 16:37:21 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{2CA2A931-CE19-4D34-853B-9E1F1C8B15F4}
[2012.03.10 12:22:42 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{57C33F1B-F329-4A61-ADB6-70AF9D65A3D3}
[2012.03.10 12:22:23 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{B9F14068-F849-480E-B764-EF7E2D50E6DF}
[2012.03.10 09:08:18 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{09B3AD13-3CB9-41B5-AAF7-F25FB7A9F350}
[2012.03.10 09:07:45 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{2EB7F434-47D3-4509-AE35-2F8E1335D691}
[2012.03.09 22:41:04 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{6C772EEC-7B59-46E9-8603-89507C93290C}
[2012.03.09 22:40:48 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{8F994447-13A0-4F58-94A4-B7613793C958}
[2012.03.09 20:41:40 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{74A592E0-EB77-4621-9422-150D79BE9189}
[2012.03.09 20:40:59 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{66E7B043-3A98-43EF-9E33-310E6E19C2A8}
[2012.03.09 19:22:03 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{2BD4B623-405D-4ACE-9B5E-CBD2C0B4099A}
[2012.03.09 19:21:47 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{D362DD72-B55B-457E-9BE9-DEAE428BE7E5}
[2012.03.09 15:52:38 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{0A37CBF0-C9C6-4EB9-B34D-6DBB185A86B3}
[2012.03.09 15:52:22 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{17238E68-4AB8-46BB-B530-E4354F5054FB}
[2012.03.09 14:05:10 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{AF93F01B-AE12-45DA-9E38-2D9FA5EFFB77}
[2012.03.09 10:59:05 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{DDB8BC5F-A2EC-4EE1-9953-062BEC8BA626}
[2012.03.09 10:58:48 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{502EDDBE-FF65-4D32-A81D-E5443C75EA63}
[2012.03.08 17:50:34 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{C73F4C58-8312-461B-B473-7445BB96A1B3}
[2012.03.08 17:50:13 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{2A4BC6D1-8059-436F-BFC5-9912EB99E67A}
[2012.03.08 10:18:03 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{6E40CA27-A7B0-4BE9-8B88-29ED256928D4}
[2012.03.08 10:17:47 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{F453008B-D84C-443F-B51F-C792444D0D36}
[2012.03.08 09:19:29 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{D8D342A7-344F-403C-B2FA-A79CA83C29C7}
[2012.03.08 09:19:08 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{8D08C362-7E43-4672-B161-F83CB82123F7}
[2012.03.07 23:30:54 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{417597D5-E459-4312-BBA9-0F6062C84E23}
[2012.03.07 23:30:30 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{C9BCE23F-7872-421E-BCB9-588C65EBC231}
[2012.03.07 19:41:49 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{E4DFF90D-CE28-4400-AAAF-46A24EE94C6E}
[2012.03.07 19:39:25 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{C63E58AE-8E5E-4870-80E6-417E5A305277}
[2012.03.07 15:53:27 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{C856F86F-40BE-4277-A709-A51FCDFE56F5}
[2012.03.07 15:51:23 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{5044528A-090D-4366-9112-4BF5CA117F9C}
[2012.03.07 15:18:26 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{6D5EDA74-EB7B-474C-BFCB-5F8796D7788D}
[2012.03.07 15:18:13 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{CAD22401-E6FD-4DF4-927A-C98BA84E2045}
[2012.03.07 10:11:23 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{D927A73A-A536-4D31-BA53-CF4C44518B7D}
[2012.03.07 10:11:02 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{7E4F5F91-9179-4FD8-8768-D874FC666A20}
[2012.03.07 09:11:34 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{76497052-8ADC-49D1-B2D5-717698CAB8B5}
[2012.03.06 23:35:39 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{3290FF80-CDFD-4A15-B737-FCB28E992B9E}
[2012.03.06 23:34:59 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{CA3DD780-9CDB-4A76-B3C5-98674D177B3D}
[2012.03.06 17:31:13 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{C85D607F-79CC-4FED-9244-41045A5C8254}
[2012.03.06 17:30:50 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{56A6E768-32C1-48AD-8E11-7B9AC9BDE4B6}
[2012.03.06 13:25:13 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{AD3B84A0-0505-4E58-9DB0-D86FC71165A0}
[2012.03.06 13:24:53 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{C62E5CC5-5F32-40EA-9AAE-79D6B48D4DF3}
[2012.03.06 10:16:00 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{F710C336-67ED-4229-A50B-CC30F514E194}
[2012.03.06 10:15:46 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{60CFB6E9-0E7B-4A45-913F-A104CCBD8A5B}
[2012.03.06 10:10:17 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{4DAE61E7-05D5-4B94-BC81-0BB7843A4C30}
[2012.03.06 10:09:58 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{6F0868EC-FC92-4388-B702-875A8A6F852A}
[2012.03.06 09:15:34 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{1B186B6C-0874-409A-A019-48777306A842}
[2012.03.06 09:15:16 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{E9EE1C3F-FC1A-46EA-A7FC-1610E13421A8}
[2012.03.05 22:53:37 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{0A3B3B9D-39B9-47B4-A913-4D30569D84AC}
[2012.03.05 15:56:43 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{B6173E1B-1767-46CB-AC47-A981FA5505A3}
[2012.03.05 15:56:19 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{1464E9E7-4639-443D-B6C5-C72F4CE29970}
[2012.03.05 09:03:38 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{BEB9D0EE-45B8-45B3-A2F0-4D2E5FB63F04}
[2012.03.04 18:49:23 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{676FB60E-E75D-4B9D-8401-2C9FE305D85C}
[2012.03.04 18:47:14 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{2BD183AE-02AC-421A-B7BC-8A20D926D224}
[2012.03.04 15:53:23 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{458FC86E-37A3-45D4-8123-225AC589FE3F}
[2012.03.04 15:53:03 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{3057B996-86EA-4DFE-A669-548CA36ABF54}
[2012.03.04 10:55:53 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{895F10B0-49A5-4F6A-98D1-35D1A239A67E}
[2012.03.04 10:55:34 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{094E719F-234B-4A92-999F-1EA6AB3F750C}
[2012.03.04 09:50:45 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{BD32CD2B-8837-490E-B34D-E41D9AA0B945}
[2012.03.04 09:06:38 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{955A0F93-E2A0-406C-8CA7-4EBE6DBEF1E1}
[2012.03.04 09:06:15 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{1CF40C9D-D9F0-4F5E-B657-1B2709061A05}
[2012.03.03 18:06:48 | 000,000,000 | ---D | C] -- C:\Users\Rene\Desktop\BEST OF ROCK
[2012.03.03 12:59:08 | 000,000,000 | ---D | C] -- C:\Users\Rene\Desktop\German Top 100 Single Charts 05.03.2012
[2012.03.03 10:04:58 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{561253B1-451B-4E2D-9A10-9C740ABC7490}
[2012.03.03 10:04:36 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{9DEC82A8-B1E5-4F1D-93B8-AC96B04C7A89}
[2012.03.02 20:39:22 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{5337D0E9-271E-46EE-84C5-236CD4D93C1F}
[2012.03.02 20:39:08 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{21885BA2-7059-4AD5-9110-ECEA1EDF28B5}
[2012.03.01 21:33:19 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{5B46C955-E93D-467D-AEC2-359560E66F67}
[2012.03.01 21:32:44 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{D1620572-C5AB-4E02-80C7-476B1EB52CCA}
[2012.03.01 13:01:23 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{C1F70371-F3D4-4FB1-9905-50AC028095BC}
[2012.03.01 13:01:12 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{14B55CB2-D863-489E-A843-E3EF20396114}
[2012.03.01 10:11:21 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{3E806BF0-1AC1-473E-A938-4D01C0478772}
[2012.03.01 10:09:52 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{3461DEE1-5E77-4468-921E-E6E24A5BDD59}
[2012.02.29 16:05:02 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{392C8014-A074-4518-BA56-83B9499D0936}
[2012.02.29 16:04:30 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{DFAFBD04-58B5-4004-BD5E-8975579F27EF}
[2012.02.29 11:14:02 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{1AFCAE9B-516C-479D-9612-A0539806432B}
[2012.02.29 11:13:51 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{6AB0E1CC-D19E-4CA0-8E89-9EBD4DEE8A16}
[2012.02.29 11:11:18 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{0176FB28-DE67-4EAE-B031-F54565D5FF3C}
[2012.02.29 11:11:04 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{06B4E281-16E6-4BAE-9194-38287B7FA6E9}
[2012.02.29 01:58:55 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2012.02.29 01:58:55 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012.02.29 01:58:55 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2012.02.29 01:58:55 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2012.02.29 01:58:55 | 000,353,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2012.02.29 01:58:55 | 000,353,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2012.02.29 01:58:55 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012.02.29 01:58:55 | 000,223,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2012.02.29 01:58:55 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012.02.29 01:58:55 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2012.02.29 01:58:55 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2012.02.29 01:58:55 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2012.02.29 01:58:55 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2012.02.29 01:58:55 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2012.02.29 01:58:55 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2012.02.29 01:58:55 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2012.02.29 01:58:55 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2012.02.29 01:58:55 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2012.02.29 01:58:55 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012.02.29 01:58:55 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2012.02.29 01:58:55 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2012.02.29 01:58:55 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2012.02.29 01:58:55 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2012.02.29 01:58:55 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2012.02.29 01:58:54 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012.02.29 01:58:54 | 001,798,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012.02.29 01:58:54 | 000,580,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2012.02.29 01:58:54 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2012.02.29 01:58:54 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2012.02.29 01:58:54 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2012.02.29 01:58:54 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2012.02.29 01:58:54 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012.02.29 01:58:54 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2012.02.29 01:58:54 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2012.02.29 01:58:54 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2012.02.29 01:58:54 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2012.02.29 01:58:54 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2012.02.29 01:57:56 | 001,495,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll
[2012.02.29 01:57:56 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll
[2012.02.29 01:15:17 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{65E1ABE3-D032-48B1-A2FE-D625E90AC281}
[2012.02.28 11:19:07 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{F4348CCF-9148-49F3-9049-927D8B4E7C79}
[2012.02.28 11:18:56 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{EA253DDD-BD49-4436-9402-663EE3BA6EEE}
[2012.02.27 23:02:51 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{AF17AF8F-F6C0-4CB2-9BA1-29F5D02449D9}
[2012.02.27 23:02:39 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{D8F4F70C-F059-461E-8E78-0C18208ECFAC}
[2012.02.27 19:27:27 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{E3E45E62-5A58-47B3-A104-3432E5CD7D22}
[2012.02.27 19:27:16 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{35C0834D-9709-4AB8-B2A3-0773310A912E}
[2012.02.27 15:13:41 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{EF161BB7-78F9-4B1C-85B7-1E639B61496C}
[2012.02.27 15:13:30 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{2F387E1A-7148-43C7-AEA4-A9BAB3DD72C7}
[2012.02.27 15:07:36 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{7A8DB5C3-06A4-485E-925B-5652ACC9D8B2}
[2012.02.27 15:07:25 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{EA2E3FDE-DD6A-4868-B397-D7776B6DA6C2}
[2012.02.27 10:35:14 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{198B8585-340A-4C88-A4BE-105ABBA937C5}
[2012.02.27 10:35:03 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{6F539C49-0E51-4B94-9D4D-937583A5C29F}
[2012.02.27 10:20:10 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{47FBF86C-868F-4096-BB36-EE6089D21940}
[2012.02.27 10:19:53 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{4AD0AADF-6D25-4095-8863-A1DEC68B3CBA}
[2012.02.26 23:21:26 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{A21377ED-3B79-4BBA-888D-921DEAC1A5BF}
[2012.02.26 23:21:13 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{FC61F131-7421-47BA-975D-069510EAB200}
[2012.02.26 11:00:37 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{B18D4E36-7EA4-4CBA-A70B-1A517E8CBE2F}
[2012.02.26 11:00:08 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{80877E7E-CC33-4D93-93A6-4048744E98D0}
[2012.02.25 23:33:10 | 000,000,000 | ---D | C] -- C:\Users\Rene\Desktop\Staffel 7
[2012.02.25 23:32:52 | 000,000,000 | ---D | C] -- C:\Users\Rene\Desktop\Staffel 4
[2012.02.25 23:32:40 | 000,000,000 | ---D | C] -- C:\Users\Rene\Desktop\Staffel 5
[2012.02.25 23:32:17 | 000,000,000 | ---D | C] -- C:\Users\Rene\Desktop\How I Met Your Mother
[2012.02.25 19:34:19 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{99933608-09D7-42DE-A451-B8DF71BB9335}
[2012.02.25 19:34:04 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{AEF62568-7D12-4B00-AFBA-3A95CED2947D}
[2012.02.25 19:18:51 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{3A720DC2-106E-4ABD-AA58-0CDA57C68BDE}
[2012.02.25 19:18:36 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{AB426D47-116C-4CE4-9A53-104266D0EF38}
[2012.02.25 16:56:37 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{1DD96F4F-9BF7-4D15-A163-80D245CD24DB}
[2012.02.25 16:56:22 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{F3ABA19B-3D46-44FC-932C-CDE19D4E6FDD}
[2012.02.25 05:53:23 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{2675880B-5C87-4B13-BA91-5DEF953B2620}
[2012.02.25 05:53:03 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{16D0ED28-CE24-440D-B3E0-7BEE7A45CD4B}
[2012.02.24 20:02:21 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{8C3608CF-2FD7-4C72-95F0-F2E6D7C9CA44}
[2012.02.24 20:01:54 | 000,000,000 | ---D | C] -- C:\Users\Rene\AppData\Local\{6422B116-2645-4B6D-ABA5-C865305B4FFF}
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2012.03.25 18:34:02 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.03.25 17:18:41 | 000,009,920 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.03.25 17:18:41 | 000,009,920 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.03.25 15:39:19 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.03.25 15:39:12 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.03.25 15:39:04 | 2415,316,992 | -HS- | M] () -- C:\hiberfil.sys
[2012.03.25 15:29:33 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2012.03.25 14:56:22 | 004,443,082 | R--- | M] (Swearware) -- C:\Users\Rene\Desktop\ComboFix.exe
[2012.03.25 14:17:24 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.03.25 13:01:18 | 000,696,870 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.03.25 13:01:18 | 000,652,148 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.03.25 13:01:18 | 000,148,134 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.03.25 13:01:18 | 000,121,080 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.03.23 13:13:18 | 000,451,960 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.03.15 12:28:54 | 277,033,669 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012.03.13 20:59:08 | 000,000,747 | ---- | M] () -- C:\Users\Rene\Desktop\Icy Tower.lnk
[2012.02.29 01:58:55 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat
[2012.02.29 01:58:55 | 001,427,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012.02.29 01:58:55 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2012.02.29 01:58:55 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2012.02.29 01:58:55 | 000,353,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtmsft.dll
[2012.02.29 01:58:55 | 000,353,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2012.02.29 01:58:55 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012.02.29 01:58:55 | 000,223,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxtrans.dll
[2012.02.29 01:58:55 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012.02.29 01:58:55 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msrating.dll
[2012.02.29 01:58:55 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msls31.dll
[2012.02.29 01:58:55 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakeng.dll
[2012.02.29 01:58:55 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\IEAdvpack.dll
[2012.02.29 01:58:55 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll
[2012.02.29 01:58:55 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\SetIEInstalledDate.exe
[2012.02.29 01:58:55 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe
[2012.02.29 01:58:55 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll
[2012.02.29 01:58:55 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe
[2012.02.29 01:58:55 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2012.02.29 01:58:55 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012.02.29 01:58:55 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtmler.dll
[2012.02.29 01:58:55 | 000,041,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2012.02.29 01:58:55 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll
[2012.02.29 01:58:55 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2012.02.29 01:58:55 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[2012.02.29 01:58:54 | 002,382,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012.02.29 01:58:54 | 001,798,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012.02.29 01:58:54 | 000,580,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2012.02.29 01:58:54 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll
[2012.02.29 01:58:54 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieakui.dll
[2012.02.29 01:58:54 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wextract.exe
[2012.02.29 01:58:54 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iexpress.exe
[2012.02.29 01:58:54 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012.02.29 01:58:54 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2012.02.29 01:58:54 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\admparse.dll
[2012.02.29 01:58:54 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\inseng.dll
[2012.02.29 01:58:54 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\pngfilt.dll
[2012.02.29 01:58:54 | 000,035,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\imgutil.dll
[2012.02.29 01:57:56 | 001,495,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ExplorerFrame.dll
[2012.02.29 01:57:56 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\XpsRasterService.dll
[2012.02.27 12:01:41 | 000,087,494 | ---- | M] () -- C:\Users\Rene\Desktop\LetterBomb.zip
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2012.03.25 15:00:50 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012.03.25 15:00:50 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012.03.25 15:00:50 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012.03.25 15:00:50 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012.03.25 15:00:50 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012.03.25 14:17:24 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.03.13 20:59:08 | 000,000,747 | ---- | C] () -- C:\Users\Rene\Desktop\Icy Tower.lnk
[2012.02.29 01:58:55 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2012.02.27 12:01:40 | 000,087,494 | ---- | C] () -- C:\Users\Rene\Desktop\LetterBomb.zip
[2012.02.03 18:45:12 | 000,069,632 | ---- | C] () -- C:\Windows\System32\GkSui18.EXE
[2011.03.30 17:10:31 | 000,000,952 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2011.01.23 13:58:48 | 000,008,192 | -HS- | C] () -- C:\Windows\System32\srvany.exe
[2010.10.27 07:39:49 | 000,451,072 | ---- | C] () -- C:\Windows\System32\ISSRemoveSP.exe
[2010.10.27 07:38:44 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2010.10.26 17:04:14 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010.10.26 16:54:19 | 000,294,912 | ---- | C] () -- C:\Windows\System32\ATIODE.exe
[2010.10.26 16:54:19 | 000,203,331 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2010.10.26 16:54:19 | 000,045,056 | ---- | C] () -- C:\Windows\System32\ATIODCLI.exe
[2010.10.26 16:54:19 | 000,002,110 | ---- | C] () -- C:\Windows\System32\atipblag.dat

========== LOP Check ==========

[2011.12.09 14:25:05 | 000,000,000 | ---D | M] -- C:\Users\Rene\AppData\Roaming\authorSTREAM
[2011.09.22 19:16:15 | 000,000,000 | ---D | M] -- C:\Users\Rene\AppData\Roaming\Babylon
[2010.12.16 21:06:20 | 000,000,000 | ---D | M] -- C:\Users\Rene\AppData\Roaming\DAEMON Tools Lite
[2012.02.03 18:41:46 | 000,000,000 | ---D | M] -- C:\Users\Rene\AppData\Roaming\DesktopIconForAmazon
[2012.03.20 18:28:47 | 000,000,000 | ---D | M] -- C:\Users\Rene\AppData\Roaming\Dropbox
[2011.12.18 10:07:28 | 000,000,000 | ---D | M] -- C:\Users\Rene\AppData\Roaming\DVDVideoSoft
[2011.12.18 10:07:13 | 000,000,000 | ---D | M] -- C:\Users\Rene\AppData\Roaming\DVDVideoSoftIEHelpers
[2012.02.15 08:53:14 | 000,000,000 | ---D | M] -- C:\Users\Rene\AppData\Roaming\Epson
[2012.03.25 16:45:09 | 000,000,000 | ---D | M] -- C:\Users\Rene\AppData\Roaming\ICQ
[2011.04.15 16:32:20 | 000,000,000 | ---D | M] -- C:\Users\Rene\AppData\Roaming\Nokia
[2011.01.06 13:24:52 | 000,000,000 | ---D | M] -- C:\Users\Rene\AppData\Roaming\OpenOffice.org
[2011.06.22 11:36:56 | 000,000,000 | ---D | M] -- C:\Users\Rene\AppData\Roaming\phonostar GmbH
[2011.12.09 15:11:27 | 000,000,000 | ---D | M] -- C:\Users\Rene\AppData\Roaming\Replay Media Catcher 4
[2011.01.06 13:04:17 | 000,000,000 | ---D | M] -- C:\Users\Rene\AppData\Roaming\SoftGrid Client
[2011.01.06 12:54:58 | 000,000,000 | ---D | M] -- C:\Users\Rene\AppData\Roaming\TP
[2011.08.28 16:36:33 | 000,000,000 | ---D | M] -- C:\Users\Rene\AppData\Roaming\Windows Live Writer
[2012.02.12 10:06:27 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >

Alt 26.03.2012, 19:28   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
50 Euro Virus - Standard

50 Euro Virus



Zitat:
Ich hatte Malewarebytes durch laufen lassen und combofix.
1.) Die Logs sind alle nachzureichen!
2.) Warum führst du CF aus, sind die Hinweise noch nicht deutlich genug?

Einen ganz klaren Hinweis gibt es auch zu http://www.trojaner-board.de/95175-combofix.html
Zitat:

Wichtiger Hinweis:
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.
__________________

__________________

Antwort

Themen zu 50 Euro Virus
antivir, autorun, avira, babylon toolbar, babylontoolbar, bho, bonjour, browser, defender, desktop, ebay, euro, firefox, format, google, helper, home, host.exe, logfile, mbamservice.exe, nicht sicher, nodrives, plug-in, realtek, registry, scan, searchscopes, senden, software, taskhost.exe, temp, version=1.0, virus, windows



Ähnliche Themen: 50 Euro Virus


  1. 100 Euro Virus / IDP.Trojan.4724C1BC / AVG Anti-Virus nicht aktivierbar
    Plagegeister aller Art und deren Bekämpfung - 22.10.2012 (18)
  2. AKM-Virus/50 Euro
    Plagegeister aller Art und deren Bekämpfung - 04.09.2012 (1)
  3. Virus blockiert PC! Gema Bundestrojaner Virus - 50 euro Ukash?
    Plagegeister aller Art und deren Bekämpfung - 06.05.2012 (4)
  4. 50 Euro Virus
    Log-Analyse und Auswertung - 03.04.2012 (10)
  5. GVU-50-Euro-Virus auf PC
    Log-Analyse und Auswertung - 28.03.2012 (15)
  6. AKM 50-Euro Virus
    Plagegeister aller Art und deren Bekämpfung - 17.03.2012 (5)
  7. 50-Euro-Virus
    Plagegeister aller Art und deren Bekämpfung - 19.02.2012 (17)
  8. 50 Euro Virus auf Win XP
    Log-Analyse und Auswertung - 15.02.2012 (21)
  9. 50 euro virus, Otl wurde angewendet! ist der Virus weg? -.-
    Log-Analyse und Auswertung - 15.02.2012 (33)
  10. 50 Euro Virus
    Log-Analyse und Auswertung - 14.02.2012 (14)
  11. 50 Euro Sperre, 50 Euro Virus
    Log-Analyse und Auswertung - 12.02.2012 (14)
  12. Der 50 Euro Virus
    Log-Analyse und Auswertung - 08.02.2012 (3)
  13. 50 euro virus
    Log-Analyse und Auswertung - 06.02.2012 (7)
  14. Windows Systemblock 50 Euro zahlen + BKA Virus 100 Euro zahlen
    Log-Analyse und Auswertung - 29.01.2012 (1)
  15. HARTNÄCKIGER 50 Euro Virus / GEMA Virus
    Log-Analyse und Auswertung - 10.01.2012 (10)
  16. 50 Euro Virus
    Plagegeister aller Art und deren Bekämpfung - 02.01.2012 (5)
  17. 50 euro Virus
    Plagegeister aller Art und deren Bekämpfung - 27.12.2011 (3)

Zum Thema 50 Euro Virus - Hallo, Mich hat es leider auch erwischt mit dem "50 Euro Virus"... Ich hatte Malewarebytes durch laufen lassen und combofix. Die Meldung verschwand danach auch.Jedoch bin ich mir nicht sicher - 50 Euro Virus...
Archiv
Du betrachtest: 50 Euro Virus auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.