Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Dateien Verschlüsselt Bundestrojaner noch auf dem Rechner

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 12.06.2012, 20:46   #1
Heike28
 
Dateien Verschlüsselt Bundestrojaner noch auf dem Rechner - Standard

Dateien Verschlüsselt Bundestrojaner noch auf dem Rechner



Ich habe seit gestern echt schiet problem mit meinem Rechner.. Habe ne email im Postfach gehabt Welche mit dem namen meiner Mutter gekommen ist. Dies war/ sollte eine rechung sein und ein anhang mit einer Zip datei war mit dran. die ich leider echt dummer neugieriger weise öffnen wollte. so richtig hatte ich nicht das gefühl das ich das geöffnet hatte..

naja dann hatte ich später als ich den rechner ausstellen wollte dieses Bild welches hier die seite schmückt auf dem rechner..
Habe dann rechner ausgemacht und hatte mir das heute erst angesehen was das genau war, und mit Malwarebytes gelöscht nun habe ich aber wie alle hier das problem das ich absolut KEINE Datein/ bilder lesen kann...

Vll. kannst du mir schon helfen, ich Poste es aber noch einmal mit in den Theart mit hinnein...
Habe XP auf dem Rechner, und laut Volker ist der Befall noch nicht runter da Taskmanager nicht angeht!


Meine email die ich bekam sah so aus: im anhang eine Zipdatei (rechnung)

Guten Tag Roswitha K?kelhahn,

Danke für ihren Vertrag mit KronederSchoepfung.de, nachfolgend finden Sie Ihre Einkaufsbestätigung.

Deine Antragsnummer: 661066735882
Bestellung: Canon 1622436517 9060,08 Euro
Rechnung auf den Namen: Roswitha K?kelhahn
Abrechnung erfolgt durch: Mastercard




Danke im Voraus!!!

Lieferadresse und genaue Vertragsdetails finden Sie wegen Vorsichtsmaßnahmen im zugefügten Ordner.

Die Buchung wurde autorisiert und wird innerhalb 3 Tage entzogen.
Kaufdetails und Widerspruch Erklärung finden Sie in beigefügter Datei.


Dein Kunden-Support

Roth Ltd.
Derbyweg 49
28754 Stuttgart

Tel.: (+49) 657 5906846
(Mo-Fr 9.00 - 18.00 Uhr, Sa 11.00 bis 16.00 Uhr)
Gesellschaftssitz Altenberg
Steuer-Nummer: CH450203701
Geschäftsfuehrer: Merle Schmid

Alt 15.06.2012, 17:57   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Dateien Verschlüsselt Bundestrojaner noch auf dem Rechner - Standard

Dateien Verschlüsselt Bundestrojaner noch auf dem Rechner



Ohne die Logs von Malwarebytes und Co wird das hier nichts.
Alles von Malwarebytes (und evtl. anderen Scannern) muss hier gepostet werden.

Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
ATTFilter
 hier steht das Log
         
__________________

__________________

Alt 21.06.2012, 18:29   #3
Heike28
 
Dateien Verschlüsselt Bundestrojaner noch auf dem Rechner - Standard

Dateien Verschlüsselt Bundestrojaner noch auf dem Rechner



In malewarbytes wird nichts mehr angezeigt.. das hatte ich gleich am Tag als mir auffiel was passiert war drüber laufen lassen..

Der sagt alles gelöscht nunsind keine einträge mehr da!
Habe nun aber weil Undertaker sagte/ schrieb das wenn ich das Taskmenü nicht aufrufen kann da noch was an trojan/ virus sein soll...

Ich habe nun KasperskyResceu laufen der fertig!! Der zeigt an das da 2Viren gefunden wurden und 1trojaner aber es zeigt nichts genaueres an, bei Quarantäne sehe ich nur ein weiße feld...

Komme aber auch unter Terminalprogramm von Kaspersky nicht wirklich weiter..

Habe da doch was gefunden!! Logdatein!!



Malwarebytes Anti-Malware (Test) 1.61.0.1400
Malwarebytes : Free anti-malware, anti-virus and spyware removal download

Datenbank Version: v2012.06.12.05

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Heike :: HEIKE-RECHNER [Administrator]

Schutz: Aktiviert

12.06.2012 16:34:00
mbam-log-2012-06-12 (16-34-00).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 192573
Laufzeit: 8 Minute(n), 32 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 2
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msconfig.exe (Security.Hijack) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\regedit.exe (Security.Hijack) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Registrierungswerte: 2
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System|DisableRegedit (Hijack.Regedit) -> Daten: 1 -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System|DisableRegedit (Hijack.Regedit) -> Daten: 1 -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateiobjekte der Registrierung: 3
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System|DisableRegistryTools (PUM.Hijack.Regedit) -> Bösartig: (1) Gut: (0) -> Erfolgreich ersetzt und in Quarantäne gestellt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System|DisableTaskMgr (PUM.Hijack.TaskManager) -> Bösartig: (1) Gut: (0) -> Erfolgreich ersetzt und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System|DisableTaskMgr (PUM.Hijack.TaskManager) -> Bösartig: (1) Gut: (0) -> Erfolgreich ersetzt und in Quarantäne gestellt.

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)




Malwarebytes Anti-Malware (Test) 1.61.0.1400
Malwarebytes : Free anti-malware, anti-virus and spyware removal download

Datenbank Version: v2012.06.12.05

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Heike :: HEIKE-RECHNER [Administrator]

Schutz: Aktiviert

12.06.2012 16:51:47
mbam-log-2012-06-12 (16-51-47).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 193033
Laufzeit: 9 Minute(n), 3 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)




Malwarebytes Anti-Malware (Test) 1.61.0.1400
Malwarebytes : Free anti-malware, anti-virus and spyware removal download

Datenbank Version: v2012.06.12.05

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Heike :: HEIKE-RECHNER [Administrator]

Schutz: Aktiviert

12.06.2012 21:27:21
mbam-log-2012-06-12 (21-27-21).txt

Art des Suchlaufs: Benutzerdefinierter Suchlauf
Aktivierte Suchlaufeinstellungen: Dateisystem | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Heuristiks/Extra | P2P
Durchsuchte Objekte: 1
Laufzeit: 8 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)



Malwarebytes Anti-Malware (Test) 1.61.0.1400
Malwarebytes : Free anti-malware, anti-virus and spyware removal download

Datenbank Version: v2012.06.12.05

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Heike :: HEIKE-RECHNER [Administrator]

Schutz: Aktiviert

12.06.2012 21:36:22
mbam-log-2012-06-12 (21-36-22).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 269073
Laufzeit: 59 Minute(n), 16 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)



2012/06/12 16:33:56 +0200 HEIKE-RECHNER Heike MESSAGE Starting protection
2012/06/12 16:34:02 +0200 HEIKE-RECHNER Heike MESSAGE Protection started successfully
2012/06/12 16:34:05 +0200 HEIKE-RECHNER Heike MESSAGE Starting IP protection
2012/06/12 16:34:06 +0200 HEIKE-RECHNER Heike MESSAGE Executing scheduled update: Daily
2012/06/12 16:34:07 +0200 HEIKE-RECHNER Heike MESSAGE Database already up-to-date
2012/06/12 16:34:14 +0200 HEIKE-RECHNER Heike MESSAGE IP Protection started successfully
2012/06/12 16:45:10 +0200 HEIKE-RECHNER Heike MESSAGE Starting protection
2012/06/12 16:45:19 +0200 HEIKE-RECHNER Heike MESSAGE Protection started successfully
2012/06/12 16:45:22 +0200 HEIKE-RECHNER Heike MESSAGE Starting IP protection
2012/06/12 16:45:30 +0200 HEIKE-RECHNER Heike MESSAGE IP Protection started successfully
2012/06/12 17:24:01 +0200 HEIKE-RECHNER Heike MESSAGE Starting protection
2012/06/12 17:24:15 +0200 HEIKE-RECHNER Heike MESSAGE Protection started successfully
2012/06/12 17:24:18 +0200 HEIKE-RECHNER Heike MESSAGE Starting IP protection
2012/06/12 17:24:27 +0200 HEIKE-RECHNER Heike MESSAGE IP Protection started successfully
2012/06/12 21:05:25 +0200 HEIKE-RECHNER Heike MESSAGE Starting protection
2012/06/12 21:05:44 +0200 HEIKE-RECHNER Heike MESSAGE Protection started successfully
2012/06/12 21:05:47 +0200 HEIKE-RECHNER Heike MESSAGE Starting IP protection
2012/06/12 21:05:55 +0200 HEIKE-RECHNER Heike MESSAGE IP Protection started successfully




2012/06/14 14:26:08 +0200 HEIKE-RECHNER MESSAGE Executing scheduled update: Daily
2012/06/14 14:26:08 +0200 HEIKE-RECHNER ERROR Scheduled update failed: Host not found failed with error code 0
2012/06/14 14:26:37 +0200 HEIKE-RECHNER Heike MESSAGE Starting protection
2012/06/14 14:26:52 +0200 HEIKE-RECHNER Heike MESSAGE Protection started successfully
2012/06/14 14:26:55 +0200 HEIKE-RECHNER Heike MESSAGE Starting IP protection
2012/06/14 14:26:56 +0200 HEIKE-RECHNER Heike MESSAGE IP Protection started successfully




2012/06/21 18:22:46 +0200 HEIKE-RECHNER (null) MESSAGE Executing scheduled update: Daily
2012/06/21 18:22:56 +0200 HEIKE-RECHNER (null) MESSAGE Scheduled update executed successfully: database updated from version v2012.06.12.05 to version v2012.06.21.08
2012/06/21 19:40:12 +0200 HEIKE-RECHNER Heike MESSAGE Starting protection
2012/06/21 19:40:29 +0200 HEIKE-RECHNER Heike MESSAGE Protection started successfully
2012/06/21 19:40:33 +0200 HEIKE-RECHNER Heike MESSAGE Starting IP protection
2012/06/21 19:40:33 +0200 HEIKE-RECHNER Heike MESSAGE IP Protection started successfully



hoffe das geht hoch..
__________________

Alt 21.06.2012, 19:34   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Dateien Verschlüsselt Bundestrojaner noch auf dem Rechner - Standard

Dateien Verschlüsselt Bundestrojaner noch auf dem Rechner



Die Scans sind über ne Woche alt...aber gut, wir machen MBAM später nochmal zur Kontrolle

Führ bitte auch ESET aus, danach sehen wir weiter.

Hinweis: ESET zeigt durchaus öfter ein paar Fehlalarme. Deswegen soll auch von ESET immer nur erst das Log gepostet und nichts entfernt werden.

ESET Online Scanner

Bitte während der Online-Scans evtl. vorhandene externe Festplatten einschalten! Bitte während der Scans alle Hintergrundwächter (Anti-Virus-Programm, Firewall, Skriptblocking und ähnliches) abstellen und nicht vergessen, alles hinterher wieder einzuschalten.
  • Anmerkung für Vista und Win7 User: Bitte den Browser unbedingt so öffnen: per Rechtsklick => als Administrator ausführen
  • Dein Anti-Virus-Programm während des Scans deaktivieren.

    Button (<< klick) drücken.
    • Firefox-User:
      Bitte esetsmartinstaller_enu.exe downloaden.Das Firefox-Addon auf dem Desktop speichern und dann installieren.
    • IE-User:
      müssen das Installieren eines ActiveX Elements erlauben.
  • Setze den einen Haken bei Yes, i accept the Terms of Use.
  • Drücke den Button.
  • Warte bis die Komponenten herunter geladen wurden.
  • Setze einen Haken bei "Scan archives".
  • Gehe sicher das bei Remove Found Threats kein Hacken gesetzt ist.
  • drücken.
  • Die Signaturen werden herunter geladen.Der Scan beginnt automatisch.
Wenn der Scan beendet wurde
  • Klicke Finish.
  • Browser schließen.
Drücke bitte die + R Taste und kopiere folgenden Text in das Ausführen Fenster.
Code:
ATTFilter
"%PROGRAMFILES%\Eset\Eset Online Scanner\log.txt"
         
Hinweis: Falls du ein 64-Bit-Windows einsetzt, lautet der Pfad so:

Code:
ATTFilter
"%PROGRAMFILES(X86)%\Eset\Eset Online Scanner\log.txt"
         
Poste nun den Inhalt der log.txt.

Alt 21.06.2012, 21:35   #5
Heike28
 
Dateien Verschlüsselt Bundestrojaner noch auf dem Rechner - Standard

Dateien Verschlüsselt Bundestrojaner noch auf dem Rechner



ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=bf9b8b90b5e54841b45863d15d0d0a94
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-06-21 08:23:43
# local_time=2012-06-21 10:23:43 (+0100, Westeuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=8192 67108863 100 0 279 279 0 0
# scanned=90994
# found=10
# cleaned=0
# scan_time=3434
C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Temp\Update_d7d4.exe probably a variant of Win32/InstallCore.A application (unable to clean) 00000000000000000000000000000000 I
C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Temp\7zO526.tmp\Tabelle Abrechnung.zip Win32/Trustezeb.C trojan (unable to clean) 00000000000000000000000000000000 I
C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Temp\ICReinstall\Update_d7d4.exe probably a variant of Win32/InstallCore.A application (unable to clean) 00000000000000000000000000000000 I
C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Temp\is887590510\MyBabylonTB.exe a variant of Win32/Toolbar.Babylon application (unable to clean) 00000000000000000000000000000000 I
C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Temp\msgpl_9efc.tmp\MsgPlusSetup.exe a variant of Win32/MessengerPlus.A application (unable to clean) 00000000000000000000000000000000 I
C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Temp\msgpl_9efc.tmp\PlusPlusSetup.dat a variant of Win32/MessengerPlus.A application (unable to clean) 00000000000000000000000000000000 I
C:\Programme\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarApp.dll a variant of Win32/Toolbar.Babylon application (unable to clean) 00000000000000000000000000000000 I
C:\Programme\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe probably a variant of Win32/Toolbar.Babylon application (unable to clean) 00000000000000000000000000000000 I
D:\Heike\Eigene Dateien\Downloads\Tabelle.zip Win32/Trustezeb.C trojan (unable to clean) 00000000000000000000000000000000 I
${Memory} probably a variant of Win32/Toolbar.Babylon application 00000000000000000000000000000000 I







Ich hoffe du kannst so etwas damit anfangen..

hxxp://s1.directupload.net/file/d/2928/n8xkb8fe_jpg.htm


Alt 22.06.2012, 08:55   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Dateien Verschlüsselt Bundestrojaner noch auf dem Rechner - Standard

Dateien Verschlüsselt Bundestrojaner noch auf dem Rechner



Hätte da mal zwei Fragen bevor es weiter geht

1.) Geht der normale Modus von Windows (wieder) uneingeschränkt?
2.) Vermisst du irgendwas im Startmenü? Sind da leere Ordner unter alle Programme oder ist alles vorhanden?
__________________
--> Dateien Verschlüsselt Bundestrojaner noch auf dem Rechner

Alt 22.06.2012, 10:34   #7
Heike28
 
Dateien Verschlüsselt Bundestrojaner noch auf dem Rechner - Standard

Dateien Verschlüsselt Bundestrojaner noch auf dem Rechner



Ich meine zu glauben das alles da ist... Der rechner läuft zwar bissel schwerfällig in der Geschwindigkeit aber es scheint alles zu funtionieren..

Ausser der ganzen verschlüsselten Datein, und bilder etc..
Die jpg. lassen sich auch nicht über simples umbenennen wieder herstellen..

meinst du es ist gut wenn ich ne anzeige gegen diese mail/ gegen den absender mache?



Was passiert wenn ich ganz normal Tuneup mal zum aufräumen drüber schicke löscht das programm unter umständen alles was verschlüsselt ist? weil würde gerne den rechner mal so sauber machen bin mir aber unsicher...

Alt 22.06.2012, 11:53   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Dateien Verschlüsselt Bundestrojaner noch auf dem Rechner - Standard

Dateien Verschlüsselt Bundestrojaner noch auf dem Rechner



Leute, lasst du die Finger von diesem TuneUp-Müll!

Mach bitte ein neues OTL-Log. Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
ATTFilter
 hier steht das Log
         
CustomScan mit OTL

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Starte bitte die OTL.exe.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Setze oben mittig den Haken bei Scanne alle Benutzer
  • Kopiere nun den kompletten Inhalt aus der untenstehenden Codebox in die Textbox von OTL - wenn OTL auf deutsch ist wird sie mit beschriftet
Code:
ATTFilter
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT
         
  • Schliesse bitte nun alle Programme. (Wichtig)
  • Klicke nun bitte auf den Quick Scan Button.
  • Klick auf .
  • Kopiere nun den Inhalt aus OTL.txt hier in Deinen Thread

Alt 22.06.2012, 14:20   #9
Heike28
 
Dateien Verschlüsselt Bundestrojaner noch auf dem Rechner - Standard

Dateien Verschlüsselt Bundestrojaner noch auf dem Rechner



OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 22.06.2012 14:36:51 - Run 1
OTL by OldTimer - Version 3.2.51.0     Folder = D:\Heike\Eigene Dateien\Downloads
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1022,48 Mb Total Physical Memory | 175,46 Mb Available Physical Memory | 17,16% Memory free
2,40 Gb Paging File | 1,41 Gb Available in Paging File | 58,77% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 78,13 Gb Total Space | 46,83 Gb Free Space | 59,94% Space Free | Partition Type: NTFS
Drive D: | 219,95 Gb Total Space | 208,06 Gb Free Space | 94,59% Space Free | Partition Type: NTFS
 
Computer Name: HEIKE-RECHNER | User Name: Heike | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.06.22 14:36:17 | 000,595,968 | ---- | M] (OldTimer Tools) -- D:\Heike\Eigene Dateien\Downloads\OTL.exe
PRC - [2012.06.07 10:14:45 | 001,239,576 | ---- | M] (Google Inc.) -- C:\Programme\Google\Chrome\Application\chrome.exe
PRC - [2012.05.29 13:09:52 | 001,528,672 | ---- | M] (TuneUp Software) -- C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe
PRC - [2012.05.29 13:09:52 | 001,220,960 | ---- | M] (TuneUp Software) -- C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe
PRC - [2012.05.13 18:24:20 | 000,019,272 | ---- | M] (Smartbar) -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\Smartbar.exe
PRC - [2012.05.02 01:42:28 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2012.05.02 00:55:21 | 000,465,360 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe
PRC - [2012.05.02 00:34:34 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.05.02 00:31:35 | 000,348,624 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.04.24 02:11:55 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.02.27 14:43:07 | 000,801,792 | ---- | M] (Yuna Software) -- C:\Programme\Yuna Software\Messenger Plus!\PlusService.exe
PRC - [2012.01.18 15:02:04 | 000,508,136 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Gemeinsame Dateien\Java\Java Update\jucheck.exe
PRC - [2012.01.18 15:02:04 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
PRC - [2011.12.16 08:55:44 | 000,187,696 | ---- | M] (Blabbers Communications LTD) -- C:\Programme\BrowserCompanion\BCHelper.exe
PRC - [2011.07.29 01:08:12 | 001,259,376 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdate.exe
PRC - [2010.11.07 11:22:00 | 000,286,720 | ---- | M] (Babylon Ltd.) -- C:\Programme\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe
PRC - [2010.01.15 14:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Programme\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2009.08.21 10:27:24 | 000,098,304 | ---- | M] (Wireless Service) -- C:\Programme\ANI\ANIWZCS2 Service\WZCSLDR2.exe
PRC - [2009.08.14 17:51:52 | 001,708,032 | ---- | M] (D-Link Corp.) -- C:\Programme\D-Link\DWL-G122_DWA-110\AirGCFG.exe
PRC - [2009.07.07 21:10:14 | 000,151,552 | ---- | M] () -- C:\WINDOWS\system32\ANIWConnService.exe
PRC - [2008.04.14 04:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008.01.31 18:29:06 | 000,196,608 | R--- | M] (Brother Industries, Ltd.) -- C:\Programme\Brother\Brmfcmon\BrMfcMon.exe
PRC - [1999.08.06 09:53:00 | 000,053,317 | ---- | M] (Microsoft® Corporation) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\wkcalrem.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.06.21 18:18:57 | 011,817,472 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\dbc413807cb7360b3e26ef3ca1d54f9a\System.Web.ni.dll
MOD - [2012.06.14 15:37:31 | 012,433,920 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\01abbadafaf265d9f4ac9bbb247acb98\System.Windows.Forms.ni.dll
MOD - [2012.06.14 15:37:16 | 001,592,320 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\d86f2038209a4cf0d0f5b30f6375c9b2\System.Drawing.ni.dll
MOD - [2012.06.14 15:25:23 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2012.06.14 15:23:12 | 001,840,640 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.Services\e70343406253e43964f9fe1f42cfbd7c\System.Web.Services.ni.dll
MOD - [2012.06.12 17:07:26 | 000,171,520 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.4_0\BabylonChromePI.dll
MOD - [2012.06.12 16:28:44 | 000,097,072 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\kolgnaidildmdbfgdnoapjdianbpajne\1.0.5_0\chromeNPAPI.dll
MOD - [2012.06.07 10:14:43 | 000,441,880 | ---- | M] () -- C:\Programme\Google\Chrome\Application\19.0.1084.56\ppgooglenaclpluginchrome.dll
MOD - [2012.06.07 10:14:42 | 003,922,456 | ---- | M] () -- C:\Programme\Google\Chrome\Application\19.0.1084.56\pdf.dll
MOD - [2012.06.07 10:13:27 | 000,553,496 | ---- | M] () -- C:\Programme\Google\Chrome\Application\19.0.1084.56\libglesv2.dll
MOD - [2012.06.07 10:13:26 | 000,117,784 | ---- | M] () -- C:\Programme\Google\Chrome\Application\19.0.1084.56\libegl.dll
MOD - [2012.06.07 10:13:16 | 000,134,696 | ---- | M] () -- C:\Programme\Google\Chrome\Application\19.0.1084.56\avutil-51.dll
MOD - [2012.06.07 10:13:15 | 000,250,408 | ---- | M] () -- C:\Programme\Google\Chrome\Application\19.0.1084.56\avformat-54.dll
MOD - [2012.06.07 10:13:14 | 002,375,720 | ---- | M] () -- C:\Programme\Google\Chrome\Application\19.0.1084.56\avcodec-54.dll
MOD - [2012.06.07 09:23:19 | 009,252,040 | ---- | M] () -- C:\Programme\Google\Chrome\Application\19.0.1084.56\gcswf32.dll
MOD - [2012.05.13 18:25:00 | 000,024,392 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.dll
MOD - [2012.05.13 18:24:56 | 000,012,616 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\Smartbar.Resources.ProcessDownMonitor.dll
MOD - [2012.05.13 18:24:52 | 000,067,400 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\Smartbar.Resources.HistoryAndStatsWrapper.dll
MOD - [2012.05.13 18:24:50 | 000,331,080 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\Smartbar.Resources.FilesManager.dll
MOD - [2012.05.13 18:24:50 | 000,034,120 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\Smartbar.Resources.AutomaticUpdates.dll
MOD - [2012.05.13 18:24:46 | 000,015,176 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\Smartbar.Personalization.Common.dll
MOD - [2012.05.13 18:24:44 | 000,078,152 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\Smartbar.Personalization.BusinessLogic.dll
MOD - [2012.05.13 18:24:38 | 000,017,736 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll
MOD - [2012.05.13 18:24:30 | 000,011,080 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\Smartbar.Infrastructure.EventManager.dll
MOD - [2012.05.13 18:24:28 | 000,027,976 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\Smartbar.Infrastructure.Core.dll
MOD - [2012.05.13 18:24:26 | 000,012,616 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\Smartbar.GUI.Multimedia.Loader.dll
MOD - [2012.05.13 18:24:26 | 000,011,592 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\Smartbar.Infrastructure.BusinessEntities.dll
MOD - [2012.05.13 18:24:24 | 001,217,864 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\Smartbar.GUI.MainClient.dll
MOD - [2012.05.13 18:24:22 | 000,080,200 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\Smartbar.GUI.Docking.dll
MOD - [2012.05.13 18:24:20 | 000,541,512 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\Smartbar.GUI.Controls.dll
MOD - [2012.05.13 18:23:16 | 000,046,408 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\MACTrackBarLib.dll
MOD - [2012.05.13 18:23:00 | 000,024,904 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\de\Smartbar.GUI.MainClient.resources.dll
MOD - [2012.05.12 09:12:33 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\3d5b7368bde0f65aa15d9f46b498cc89\System.Configuration.ni.dll
MOD - [2012.05.12 09:12:07 | 000,025,600 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\016444dfc5f7e3d11c776f2fbc7a4594\Accessibility.ni.dll
MOD - [2012.05.11 21:50:21 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\3bba1b8b0b5ef0be238b011cc7a0575e\System.Xml.ni.dll
MOD - [2012.05.11 21:48:47 | 007,953,408 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e4b5afc4da43b1c576f9322f9f2e1bfe\System.ni.dll
MOD - [2012.05.11 21:48:39 | 011,492,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\e337c89bc9f81b69d7237aa70e935900\mscorlib.ni.dll
MOD - [2012.04.16 23:11:02 | 000,398,288 | ---- | M] () -- C:\Programme\Avira\AntiVir Desktop\sqlite3.dll
MOD - [2012.04.04 07:53:56 | 000,301,056 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.DEU
MOD - [2011.08.07 14:54:16 | 000,004,096 | ---- | M] () -- C:\Programme\Yuna Software\Messenger Plus!\Detour32.dll
MOD - [2011.08.07 13:54:44 | 000,362,029 | ---- | M] () -- C:\Programme\BrowserCompanion\sqlite3.dll
MOD - [2011.07.29 01:09:42 | 000,096,112 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011.07.29 01:08:12 | 001,259,376 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdate.exe
MOD - [2011.02.04 18:48:30 | 000,291,840 | ---- | M] () -- C:\WINDOWS\system32\sbe.dll
MOD - [2011.01.23 02:39:44 | 000,290,816 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3693.42442__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
MOD - [2011.01.23 02:39:44 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3693.42456__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
MOD - [2011.01.23 02:39:44 | 000,011,776 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Runtime\2.0.3693.42552__90ba9c70f846762e\CLI.Caste.HydraVision.Runtime.dll
MOD - [2011.01.23 02:39:44 | 000,008,704 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Shared\2.0.3693.42552__90ba9c70f846762e\CLI.Caste.HydraVision.Shared.dll
MOD - [2011.01.23 02:39:44 | 000,007,680 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Wizard\2.0.3693.42556__90ba9c70f846762e\CLI.Caste.HydraVision.Wizard.dll
MOD - [2011.01.23 02:39:44 | 000,007,680 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Dashboard\2.0.3693.42552__90ba9c70f846762e\CLI.Caste.HydraVision.Dashboard.dll
MOD - [2011.01.23 02:39:43 | 001,728,512 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3693.42460__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll
MOD - [2011.01.23 02:39:43 | 000,204,800 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3693.42461__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
MOD - [2011.01.23 02:39:43 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3693.42451__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
MOD - [2011.01.23 02:39:42 | 000,364,544 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Wizard\2.0.3693.42522__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Wizard.dll
MOD - [2011.01.23 02:39:42 | 000,077,824 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3693.42517__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
MOD - [2011.01.23 02:39:42 | 000,036,864 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3693.42486__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
MOD - [2011.01.23 02:39:41 | 000,692,224 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Wizard\2.0.3693.42508__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Wizard.dll
MOD - [2011.01.23 02:39:41 | 000,491,520 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3693.42537__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
MOD - [2011.01.23 02:39:41 | 000,069,632 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3693.42499__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
MOD - [2011.01.23 02:39:40 | 000,139,264 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3693.42537__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
MOD - [2011.01.23 02:39:40 | 000,073,728 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3693.42450__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
MOD - [2011.01.23 02:39:39 | 000,106,496 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Dashboard\2.0.3693.42461__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Dashboard.dll
MOD - [2011.01.23 02:39:39 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Runtime\2.0.3693.42460__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Runtime.dll
MOD - [2011.01.23 02:39:38 | 000,364,544 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3693.42504__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
MOD - [2011.01.23 02:39:38 | 000,094,208 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3693.42504__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
MOD - [2011.01.23 02:39:37 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3693.42503__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
MOD - [2011.01.23 02:39:35 | 001,036,288 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive3.Graphics.Dashboard\2.0.3693.42473__90ba9c70f846762e\CLI.Aspect.OverDrive3.Graphics.Dashboard.dll
MOD - [2011.01.23 02:39:34 | 000,069,632 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive3.Graphics.Runtime\2.0.3693.42472__90ba9c70f846762e\CLI.Aspect.OverDrive3.Graphics.Runtime.dll
MOD - [2011.01.23 02:39:33 | 000,811,008 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3693.42488__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
MOD - [2011.01.23 02:39:33 | 000,405,504 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3693.42512__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
MOD - [2011.01.23 02:39:33 | 000,081,920 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3693.42487__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
MOD - [2011.01.23 02:39:32 | 000,225,280 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3693.42462__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
MOD - [2011.01.23 02:39:32 | 000,126,976 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3693.42496__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
MOD - [2011.01.23 02:39:32 | 000,036,864 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3693.42496__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
MOD - [2011.01.23 02:39:30 | 000,798,720 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Dashboard\2.0.3693.42518__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Dashboard.dll
MOD - [2011.01.23 02:39:30 | 000,712,704 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3693.42452__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll
MOD - [2011.01.23 02:39:30 | 000,589,824 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3693.42462__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll
MOD - [2011.01.23 02:39:30 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3693.42466__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
MOD - [2011.01.23 02:39:29 | 000,675,840 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Dashboard\2.0.3693.42500__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Dashboard.dll
MOD - [2011.01.23 02:39:29 | 000,450,560 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3693.42482__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll
MOD - [2011.01.23 02:39:29 | 000,438,272 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3693.42487__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
MOD - [2011.01.23 02:39:29 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3693.42486__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
MOD - [2011.01.23 02:39:29 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3693.42487__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
MOD - [2011.01.23 02:39:29 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3693.42497__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
MOD - [2011.01.23 02:39:28 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation\2.0.3309.28601__90ba9c70f846762e\LOG.Foundation.dll
MOD - [2011.01.23 02:39:28 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3309.28603__90ba9c70f846762e\NEWAEM.Foundation.dll
MOD - [2011.01.23 02:39:28 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.OS.I0602\2.0.3309.28630__90ba9c70f846762e\DEM.OS.I0602.dll
MOD - [2011.01.23 02:39:28 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3309.28617__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
MOD - [2011.01.23 02:39:28 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3309.28608__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
MOD - [2011.01.23 02:39:28 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\MOM.Foundation\2.0.3309.28626__90ba9c70f846762e\MOM.Foundation.dll
MOD - [2011.01.23 02:39:28 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3309.28629__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll
MOD - [2011.01.23 02:39:28 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3309.28645__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll
MOD - [2011.01.23 02:39:28 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3309.28647__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
MOD - [2011.01.23 02:39:28 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3309.28627__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
MOD - [2011.01.23 02:39:28 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3309.28647__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
MOD - [2011.01.23 02:39:28 | 000,007,168 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
MOD - [2011.01.23 02:39:27 | 000,073,728 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation\2.0.3309.28604__90ba9c70f846762e\CLI.Foundation.dll
MOD - [2011.01.23 02:39:27 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3309.28618__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
MOD - [2011.01.23 02:39:27 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
MOD - [2011.01.23 02:39:27 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
MOD - [2011.01.23 02:39:27 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3309.28644__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
MOD - [2011.01.23 02:39:27 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3309.28669__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MOD - [2011.01.23 02:39:27 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive3.Graphics.Shared\2.0.3309.28633__90ba9c70f846762e\CLI.Aspect.OverDrive3.Graphics.Shared.dll
MOD - [2011.01.23 02:39:27 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3309.28620__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
MOD - [2011.01.23 02:39:27 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3309.28617__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
MOD - [2011.01.23 02:39:27 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3309.28611__90ba9c70f846762e\CLI.Component.Client.Shared.dll
MOD - [2011.01.23 02:39:27 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Shared\2.0.3309.28631__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Shared.dll
MOD - [2011.01.23 02:39:27 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.OS\2.0.3309.28645__90ba9c70f846762e\DEM.OS.dll
MOD - [2011.01.23 02:39:27 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll
MOD - [2011.01.23 02:39:27 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics\2.0.3309.28630__90ba9c70f846762e\DEM.Graphics.dll
MOD - [2011.01.23 02:39:27 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
MOD - [2011.01.23 02:39:27 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3309.28617__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
MOD - [2011.01.23 02:39:27 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3309.28631__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
MOD - [2011.01.23 02:39:27 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
MOD - [2011.01.23 02:39:26 | 000,503,808 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ResourceManagement.Foundation.Implementation\2.0.3693.42564__90ba9c70f846762e\ResourceManagement.Foundation.Implementation.dll
MOD - [2011.01.23 02:39:26 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
MOD - [2011.01.23 02:39:26 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
MOD - [2011.01.23 02:39:26 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
MOD - [2011.01.23 02:39:26 | 000,049,152 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
MOD - [2011.01.23 02:39:26 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3693.42545__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
MOD - [2011.01.23 02:39:26 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
MOD - [2011.01.23 02:39:26 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3309.28624__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
MOD - [2011.01.23 02:39:26 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3309.28632__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
MOD - [2011.01.23 02:39:26 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
MOD - [2011.01.23 02:39:26 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3309.28627__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
MOD - [2011.01.23 02:39:26 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3309.28635__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
MOD - [2011.01.23 02:39:26 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll
MOD - [2011.01.23 02:39:26 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
MOD - [2011.01.23 02:39:26 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\APM.Foundation\2.0.3309.28626__90ba9c70f846762e\APM.Foundation.dll
MOD - [2011.01.23 02:39:26 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3309.28617__90ba9c70f846762e\AEM.Server.Shared.dll
MOD - [2011.01.23 02:39:26 | 000,014,848 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll
MOD - [2011.01.23 02:39:26 | 000,013,312 | ---- | M] () -- C:\WINDOWS\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.dll
MOD - [2011.01.23 02:39:26 | 000,007,168 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3693.42437__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
MOD - [2011.01.23 02:39:25 | 000,544,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3693.42525__90ba9c70f846762e\CLI.Component.Systemtray.dll
MOD - [2011.01.23 02:39:25 | 000,405,504 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3693.42455__90ba9c70f846762e\CLI.Component.Wizard.dll
MOD - [2011.01.23 02:39:25 | 000,106,496 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\MOM.Implementation\2.0.3693.42531__90ba9c70f846762e\MOM.Implementation.dll
MOD - [2011.01.23 02:39:25 | 000,081,920 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3693.42440__90ba9c70f846762e\CLI.Component.Runtime.dll
MOD - [2011.01.23 02:39:25 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3693.42530__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MOD - [2011.01.23 02:39:25 | 000,057,344 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3693.42441__90ba9c70f846762e\CLI.Component.SkinFactory.dll
MOD - [2011.01.23 02:39:25 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3309.28628__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
MOD - [2011.01.23 02:39:25 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3309.28608__90ba9c70f846762e\CLI.Foundation.Private.dll
MOD - [2011.01.23 02:39:25 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3309.28614__90ba9c70f846762e\LOG.Foundation.Private.dll
MOD - [2011.01.23 02:39:25 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3309.28627__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
MOD - [2011.01.23 02:39:25 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3309.28612__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll
MOD - [2011.01.23 02:39:25 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3309.28626__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MOD - [2011.01.23 02:39:24 | 001,142,784 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3693.42446__90ba9c70f846762e\CLI.Component.Dashboard.dll
MOD - [2011.01.23 02:39:24 | 000,081,920 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ATIDEMOS\2.0.3693.42440__90ba9c70f846762e\ATIDEMOS.dll
MOD - [2011.01.23 02:39:24 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3309.28621__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
MOD - [2011.01.23 02:39:24 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CCC.Implementation\2.0.3693.42531__90ba9c70f846762e\CCC.Implementation.dll
MOD - [2011.01.23 02:39:24 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3309.28624__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
MOD - [2011.01.23 02:39:24 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3309.28637__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
MOD - [2011.01.23 02:39:23 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\APM.Server\2.0.3693.42439__90ba9c70f846762e\APM.Server.dll
MOD - [2011.01.23 02:39:23 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Server\2.0.3693.42438__90ba9c70f846762e\AEM.Server.dll
MOD - [2011.01.23 02:39:23 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
MOD - [2009.11.24 14:36:36 | 000,016,384 | R--- | M] () -- C:\Programme\ATI Technologies\ATI.ACE\Branding\Branding.dll
MOD - [2009.07.07 21:10:14 | 000,151,552 | ---- | M] () -- C:\WINDOWS\system32\ANIWConnService.exe
MOD - [2009.07.07 19:50:04 | 000,258,048 | ---- | M] () -- C:\WINDOWS\system32\wlanapp.dll
         
Code:
ATTFilter
OTL logfile created on: 22.06.2012 15:23:53 - Run 2
OTL by OldTimer - Version 3.2.51.0     Folder = D:\Heike\Eigene Dateien\Downloads
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1022,48 Mb Total Physical Memory | 444,83 Mb Available Physical Memory | 43,51% Memory free
2,40 Gb Paging File | 1,80 Gb Available in Paging File | 74,95% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 78,13 Gb Total Space | 46,83 Gb Free Space | 59,95% Space Free | Partition Type: NTFS
Drive D: | 219,95 Gb Total Space | 208,06 Gb Free Space | 94,59% Space Free | Partition Type: NTFS
 
Computer Name: HEIKE-RECHNER | User Name: Heike | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.06.22 14:36:17 | 000,595,968 | ---- | M] (OldTimer Tools) -- D:\Heike\Eigene Dateien\Downloads\OTL.exe
PRC - [2012.05.29 13:09:52 | 001,528,672 | ---- | M] (TuneUp Software) -- C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe
PRC - [2012.05.29 13:09:52 | 001,220,960 | ---- | M] (TuneUp Software) -- C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe
PRC - [2012.05.13 18:24:20 | 000,019,272 | ---- | M] (Smartbar) -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\Smartbar.exe
PRC - [2012.05.02 01:42:28 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2012.05.02 00:55:21 | 000,465,360 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe
PRC - [2012.05.02 00:34:34 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.05.02 00:31:35 | 000,348,624 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.04.24 02:11:55 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.02.27 14:43:07 | 000,801,792 | ---- | M] (Yuna Software) -- C:\Programme\Yuna Software\Messenger Plus!\PlusService.exe
PRC - [2012.01.18 15:02:04 | 000,508,136 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Gemeinsame Dateien\Java\Java Update\jucheck.exe
PRC - [2012.01.18 15:02:04 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
PRC - [2011.12.16 08:55:44 | 000,187,696 | ---- | M] (Blabbers Communications LTD) -- C:\Programme\BrowserCompanion\BCHelper.exe
PRC - [2011.07.29 01:08:12 | 001,259,376 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdate.exe
PRC - [2010.11.07 11:22:00 | 000,286,720 | ---- | M] (Babylon Ltd.) -- C:\Programme\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe
PRC - [2010.01.15 14:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Programme\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2009.08.21 10:27:24 | 000,098,304 | ---- | M] (Wireless Service) -- C:\Programme\ANI\ANIWZCS2 Service\WZCSLDR2.exe
PRC - [2009.08.14 17:51:52 | 001,708,032 | ---- | M] (D-Link Corp.) -- C:\Programme\D-Link\DWL-G122_DWA-110\AirGCFG.exe
PRC - [2009.07.07 21:10:14 | 000,151,552 | ---- | M] () -- C:\WINDOWS\system32\ANIWConnService.exe
PRC - [2008.04.14 04:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008.01.31 18:29:06 | 000,196,608 | R--- | M] (Brother Industries, Ltd.) -- C:\Programme\Brother\Brmfcmon\BrMfcMon.exe
PRC - [1999.08.06 09:53:00 | 000,053,317 | ---- | M] (Microsoft® Corporation) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\wkcalrem.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.06.21 18:18:57 | 011,817,472 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\dbc413807cb7360b3e26ef3ca1d54f9a\System.Web.ni.dll
MOD - [2012.06.14 15:37:31 | 012,433,920 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\01abbadafaf265d9f4ac9bbb247acb98\System.Windows.Forms.ni.dll
MOD - [2012.06.14 15:37:16 | 001,592,320 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\d86f2038209a4cf0d0f5b30f6375c9b2\System.Drawing.ni.dll
MOD - [2012.06.14 15:25:23 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2012.06.14 15:23:12 | 001,840,640 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.Services\e70343406253e43964f9fe1f42cfbd7c\System.Web.Services.ni.dll
MOD - [2012.05.13 18:25:00 | 000,024,392 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.dll
MOD - [2012.05.13 18:24:56 | 000,012,616 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\Smartbar.Resources.ProcessDownMonitor.dll
MOD - [2012.05.13 18:24:52 | 000,067,400 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\Smartbar.Resources.HistoryAndStatsWrapper.dll
MOD - [2012.05.13 18:24:50 | 000,331,080 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\Smartbar.Resources.FilesManager.dll
MOD - [2012.05.13 18:24:50 | 000,034,120 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\Smartbar.Resources.AutomaticUpdates.dll
MOD - [2012.05.13 18:24:46 | 000,015,176 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\Smartbar.Personalization.Common.dll
MOD - [2012.05.13 18:24:44 | 000,078,152 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\Smartbar.Personalization.BusinessLogic.dll
MOD - [2012.05.13 18:24:38 | 000,017,736 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll
MOD - [2012.05.13 18:24:30 | 000,011,080 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\Smartbar.Infrastructure.EventManager.dll
MOD - [2012.05.13 18:24:28 | 000,027,976 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\Smartbar.Infrastructure.Core.dll
MOD - [2012.05.13 18:24:26 | 000,012,616 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\Smartbar.GUI.Multimedia.Loader.dll
MOD - [2012.05.13 18:24:26 | 000,011,592 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\Smartbar.Infrastructure.BusinessEntities.dll
MOD - [2012.05.13 18:24:24 | 001,217,864 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\Smartbar.GUI.MainClient.dll
MOD - [2012.05.13 18:24:22 | 000,080,200 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\Smartbar.GUI.Docking.dll
MOD - [2012.05.13 18:24:20 | 000,541,512 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\Smartbar.GUI.Controls.dll
MOD - [2012.05.13 18:23:16 | 000,046,408 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\MACTrackBarLib.dll
MOD - [2012.05.13 18:23:00 | 000,024,904 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\de\Smartbar.GUI.MainClient.resources.dll
MOD - [2012.05.12 09:12:33 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\3d5b7368bde0f65aa15d9f46b498cc89\System.Configuration.ni.dll
MOD - [2012.05.12 09:12:07 | 000,025,600 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\016444dfc5f7e3d11c776f2fbc7a4594\Accessibility.ni.dll
MOD - [2012.05.11 21:50:21 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\3bba1b8b0b5ef0be238b011cc7a0575e\System.Xml.ni.dll
MOD - [2012.05.11 21:48:47 | 007,953,408 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e4b5afc4da43b1c576f9322f9f2e1bfe\System.ni.dll
MOD - [2012.05.11 21:48:39 | 011,492,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\e337c89bc9f81b69d7237aa70e935900\mscorlib.ni.dll
MOD - [2012.04.16 23:11:02 | 000,398,288 | ---- | M] () -- C:\Programme\Avira\AntiVir Desktop\sqlite3.dll
MOD - [2012.04.04 07:53:56 | 000,301,056 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.DEU
MOD - [2011.08.07 14:54:16 | 000,004,096 | ---- | M] () -- C:\Programme\Yuna Software\Messenger Plus!\Detour32.dll
MOD - [2011.08.07 13:54:44 | 000,362,029 | ---- | M] () -- C:\Programme\BrowserCompanion\sqlite3.dll
MOD - [2011.07.29 01:09:42 | 000,096,112 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011.07.29 01:08:12 | 001,259,376 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdate.exe
MOD - [2011.02.04 18:48:30 | 000,291,840 | ---- | M] () -- C:\WINDOWS\system32\sbe.dll
MOD - [2011.01.23 02:39:44 | 000,290,816 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3693.42442__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
MOD - [2011.01.23 02:39:44 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3693.42456__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
MOD - [2011.01.23 02:39:44 | 000,011,776 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Runtime\2.0.3693.42552__90ba9c70f846762e\CLI.Caste.HydraVision.Runtime.dll
MOD - [2011.01.23 02:39:44 | 000,008,704 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Shared\2.0.3693.42552__90ba9c70f846762e\CLI.Caste.HydraVision.Shared.dll
MOD - [2011.01.23 02:39:44 | 000,007,680 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Wizard\2.0.3693.42556__90ba9c70f846762e\CLI.Caste.HydraVision.Wizard.dll
MOD - [2011.01.23 02:39:44 | 000,007,680 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Dashboard\2.0.3693.42552__90ba9c70f846762e\CLI.Caste.HydraVision.Dashboard.dll
MOD - [2011.01.23 02:39:43 | 001,728,512 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3693.42460__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll
MOD - [2011.01.23 02:39:43 | 000,204,800 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3693.42461__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
MOD - [2011.01.23 02:39:43 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3693.42451__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
MOD - [2011.01.23 02:39:42 | 000,364,544 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Wizard\2.0.3693.42522__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Wizard.dll
MOD - [2011.01.23 02:39:42 | 000,077,824 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3693.42517__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
MOD - [2011.01.23 02:39:42 | 000,036,864 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3693.42486__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
MOD - [2011.01.23 02:39:41 | 000,692,224 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Wizard\2.0.3693.42508__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Wizard.dll
MOD - [2011.01.23 02:39:41 | 000,491,520 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3693.42537__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
MOD - [2011.01.23 02:39:41 | 000,069,632 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3693.42499__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
MOD - [2011.01.23 02:39:40 | 000,139,264 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3693.42537__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
MOD - [2011.01.23 02:39:40 | 000,073,728 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3693.42450__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
MOD - [2011.01.23 02:39:39 | 000,106,496 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Dashboard\2.0.3693.42461__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Dashboard.dll
MOD - [2011.01.23 02:39:39 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Runtime\2.0.3693.42460__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Runtime.dll
MOD - [2011.01.23 02:39:38 | 000,364,544 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3693.42504__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
MOD - [2011.01.23 02:39:38 | 000,094,208 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3693.42504__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
MOD - [2011.01.23 02:39:37 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3693.42503__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
MOD - [2011.01.23 02:39:35 | 001,036,288 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive3.Graphics.Dashboard\2.0.3693.42473__90ba9c70f846762e\CLI.Aspect.OverDrive3.Graphics.Dashboard.dll
MOD - [2011.01.23 02:39:34 | 000,069,632 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive3.Graphics.Runtime\2.0.3693.42472__90ba9c70f846762e\CLI.Aspect.OverDrive3.Graphics.Runtime.dll
MOD - [2011.01.23 02:39:33 | 000,811,008 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3693.42488__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
MOD - [2011.01.23 02:39:33 | 000,405,504 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3693.42512__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
MOD - [2011.01.23 02:39:33 | 000,081,920 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3693.42487__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
MOD - [2011.01.23 02:39:32 | 000,225,280 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3693.42462__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
MOD - [2011.01.23 02:39:32 | 000,126,976 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3693.42496__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
MOD - [2011.01.23 02:39:32 | 000,036,864 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3693.42496__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
MOD - [2011.01.23 02:39:30 | 000,798,720 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Dashboard\2.0.3693.42518__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Dashboard.dll
MOD - [2011.01.23 02:39:30 | 000,712,704 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3693.42452__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll
MOD - [2011.01.23 02:39:30 | 000,589,824 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3693.42462__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll
MOD - [2011.01.23 02:39:30 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3693.42466__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
MOD - [2011.01.23 02:39:29 | 000,675,840 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Dashboard\2.0.3693.42500__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Dashboard.dll
MOD - [2011.01.23 02:39:29 | 000,450,560 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3693.42482__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll
MOD - [2011.01.23 02:39:29 | 000,438,272 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3693.42487__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
MOD - [2011.01.23 02:39:29 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3693.42486__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
MOD - [2011.01.23 02:39:29 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3693.42487__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
MOD - [2011.01.23 02:39:29 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3693.42497__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
MOD - [2011.01.23 02:39:28 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation\2.0.3309.28601__90ba9c70f846762e\LOG.Foundation.dll
MOD - [2011.01.23 02:39:28 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3309.28603__90ba9c70f846762e\NEWAEM.Foundation.dll
MOD - [2011.01.23 02:39:28 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.OS.I0602\2.0.3309.28630__90ba9c70f846762e\DEM.OS.I0602.dll
MOD - [2011.01.23 02:39:28 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3309.28617__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
MOD - [2011.01.23 02:39:28 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3309.28608__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
MOD - [2011.01.23 02:39:28 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\MOM.Foundation\2.0.3309.28626__90ba9c70f846762e\MOM.Foundation.dll
MOD - [2011.01.23 02:39:28 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3309.28629__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll
MOD - [2011.01.23 02:39:28 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3309.28645__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll
MOD - [2011.01.23 02:39:28 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3309.28647__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
MOD - [2011.01.23 02:39:28 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3309.28627__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
MOD - [2011.01.23 02:39:28 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3309.28647__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
MOD - [2011.01.23 02:39:28 | 000,007,168 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
MOD - [2011.01.23 02:39:27 | 000,073,728 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation\2.0.3309.28604__90ba9c70f846762e\CLI.Foundation.dll
MOD - [2011.01.23 02:39:27 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3309.28618__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
MOD - [2011.01.23 02:39:27 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
MOD - [2011.01.23 02:39:27 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
MOD - [2011.01.23 02:39:27 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3309.28644__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
MOD - [2011.01.23 02:39:27 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3309.28669__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MOD - [2011.01.23 02:39:27 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive3.Graphics.Shared\2.0.3309.28633__90ba9c70f846762e\CLI.Aspect.OverDrive3.Graphics.Shared.dll
MOD - [2011.01.23 02:39:27 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3309.28620__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
MOD - [2011.01.23 02:39:27 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3309.28617__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
MOD - [2011.01.23 02:39:27 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3309.28611__90ba9c70f846762e\CLI.Component.Client.Shared.dll
MOD - [2011.01.23 02:39:27 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Shared\2.0.3309.28631__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Shared.dll
MOD - [2011.01.23 02:39:27 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.OS\2.0.3309.28645__90ba9c70f846762e\DEM.OS.dll
MOD - [2011.01.23 02:39:27 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll
MOD - [2011.01.23 02:39:27 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics\2.0.3309.28630__90ba9c70f846762e\DEM.Graphics.dll
MOD - [2011.01.23 02:39:27 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
MOD - [2011.01.23 02:39:27 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3309.28617__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
MOD - [2011.01.23 02:39:27 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3309.28631__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
MOD - [2011.01.23 02:39:27 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
MOD - [2011.01.23 02:39:26 | 000,503,808 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ResourceManagement.Foundation.Implementation\2.0.3693.42564__90ba9c70f846762e\ResourceManagement.Foundation.Implementation.dll
MOD - [2011.01.23 02:39:26 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
MOD - [2011.01.23 02:39:26 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
MOD - [2011.01.23 02:39:26 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
MOD - [2011.01.23 02:39:26 | 000,049,152 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
MOD - [2011.01.23 02:39:26 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3693.42545__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
MOD - [2011.01.23 02:39:26 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
MOD - [2011.01.23 02:39:26 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3309.28624__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
MOD - [2011.01.23 02:39:26 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3309.28632__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
MOD - [2011.01.23 02:39:26 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
MOD - [2011.01.23 02:39:26 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3309.28627__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
MOD - [2011.01.23 02:39:26 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3309.28635__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
MOD - [2011.01.23 02:39:26 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll
MOD - [2011.01.23 02:39:26 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
MOD - [2011.01.23 02:39:26 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\APM.Foundation\2.0.3309.28626__90ba9c70f846762e\APM.Foundation.dll
MOD - [2011.01.23 02:39:26 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3309.28617__90ba9c70f846762e\AEM.Server.Shared.dll
MOD - [2011.01.23 02:39:26 | 000,014,848 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll
MOD - [2011.01.23 02:39:26 | 000,013,312 | ---- | M] () -- C:\WINDOWS\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.dll
MOD - [2011.01.23 02:39:26 | 000,007,168 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3693.42437__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
MOD - [2011.01.23 02:39:25 | 000,544,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3693.42525__90ba9c70f846762e\CLI.Component.Systemtray.dll
MOD - [2011.01.23 02:39:25 | 000,405,504 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3693.42455__90ba9c70f846762e\CLI.Component.Wizard.dll
MOD - [2011.01.23 02:39:25 | 000,106,496 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\MOM.Implementation\2.0.3693.42531__90ba9c70f846762e\MOM.Implementation.dll
MOD - [2011.01.23 02:39:25 | 000,081,920 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3693.42440__90ba9c70f846762e\CLI.Component.Runtime.dll
MOD - [2011.01.23 02:39:25 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3693.42530__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MOD - [2011.01.23 02:39:25 | 000,057,344 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3693.42441__90ba9c70f846762e\CLI.Component.SkinFactory.dll
MOD - [2011.01.23 02:39:25 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3309.28628__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
MOD - [2011.01.23 02:39:25 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3309.28608__90ba9c70f846762e\CLI.Foundation.Private.dll
MOD - [2011.01.23 02:39:25 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3309.28614__90ba9c70f846762e\LOG.Foundation.Private.dll
MOD - [2011.01.23 02:39:25 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3309.28627__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
MOD - [2011.01.23 02:39:25 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3309.28612__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll
MOD - [2011.01.23 02:39:25 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3309.28626__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MOD - [2011.01.23 02:39:24 | 001,142,784 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3693.42446__90ba9c70f846762e\CLI.Component.Dashboard.dll
MOD - [2011.01.23 02:39:24 | 000,081,920 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ATIDEMOS\2.0.3693.42440__90ba9c70f846762e\ATIDEMOS.dll
MOD - [2011.01.23 02:39:24 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3309.28621__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
MOD - [2011.01.23 02:39:24 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CCC.Implementation\2.0.3693.42531__90ba9c70f846762e\CCC.Implementation.dll
MOD - [2011.01.23 02:39:24 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3309.28624__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
MOD - [2011.01.23 02:39:24 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3309.28637__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
MOD - [2011.01.23 02:39:23 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\APM.Server\2.0.3693.42439__90ba9c70f846762e\APM.Server.dll
MOD - [2011.01.23 02:39:23 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Server\2.0.3693.42438__90ba9c70f846762e\AEM.Server.dll
MOD - [2011.01.23 02:39:23 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
MOD - [2009.11.24 14:36:36 | 000,016,384 | R--- | M] () -- C:\Programme\ATI Technologies\ATI.ACE\Branding\Branding.dll
MOD - [2009.07.07 21:10:14 | 000,151,552 | ---- | M] () -- C:\WINDOWS\system32\ANIWConnService.exe
MOD - [2009.07.07 19:50:04 | 000,258,048 | ---- | M] () -- C:\WINDOWS\system32\wlanapp.dll
MOD - [2009.06.01 15:23:24 | 000,315,392 | ---- | M] () -- C:\WINDOWS\system32\ANIOApi.dll
MOD - [2009.06.01 15:23:24 | 000,315,392 | ---- | M] () -- C:\Programme\D-Link\DWL-G122_DWA-110\ANIOApi.dll
MOD - [2008.04.14 04:22:16 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - [2012.05.29 13:09:52 | 001,528,672 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2012.05.29 13:09:50 | 000,029,024 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\WINDOWS\system32\uxtuneup.dll -- (UxTuneUp)
SRV - [2012.05.02 01:42:28 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.05.02 00:55:21 | 000,465,360 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe -- (AntiVirWebService)
SRV - [2012.05.02 00:34:34 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2010.10.20 12:22:24 | 000,630,272 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010.02.19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2010.01.15 14:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Programme\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2010.01.09 21:37:50 | 004,640,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2010.01.09 21:18:00 | 000,149,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2009.08.21 10:27:24 | 000,102,400 | ---- | M] (Wireless Service) [Auto | Stopped] -- C:\Programme\ANI\ANIWZCS2 Service\ANIWZCSdS.exe -- (ANIWZCSdService)
SRV - [2009.07.07 21:10:14 | 000,151,552 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\ANIWConnService.exe -- (ANIWConnService)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] --  -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
DRV - File not found [Kernel | System | Stopped] -- system32\DRIVERS\AmdPPM.sys -- (AmdPPM)
DRV - [2012.04.27 10:20:04 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2012.04.25 00:32:27 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2012.04.16 21:17:40 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2012.04.04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012.03.29 16:32:12 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2011.01.25 16:52:25 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2011.01.25 16:52:25 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2010.12.30 12:59:18 | 006,290,024 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2010.06.17 15:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010.02.26 15:32:58 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2010.02.26 15:32:46 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2010.02.26 15:32:44 | 000,022,528 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2010.02.26 15:32:44 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2010.02.26 15:21:22 | 000,137,344 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2010.02.26 15:21:22 | 000,008,320 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc)
DRV - [2010.02.11 14:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)
DRV - [2010.02.11 09:38:10 | 003,565,056 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2009.11.18 08:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2009.11.18 08:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2009.08.26 12:44:44 | 001,025,920 | ---- | M] (NXP Semiconductors Germany GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\3xHybrid.sys -- (3xHybrid)
DRV - [2009.07.17 17:23:46 | 000,476,544 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Dr71WU.sys -- (RT73)
DRV - [2009.02.09 19:10:04 | 000,029,411 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\ANIO.sys -- (ANIO)
DRV - [2008.08.26 11:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.04.13 20:53:09 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2008.04.13 20:46:22 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MPE.sys -- (MPE)
DRV - [2006.07.02 00:30:28 | 000,043,520 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2004.08.03 23:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) NT-Treiber für Realtek RTL8139(A/B/C)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=64bace1600000000000000179ab71453&tlver=1.4.19.19&affID=17159
IE - HKLM\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = hxxp://feed-msgplus.linkury.com/?publisher=MessengerPlus&dpid=MessengerPlus&co=DE&userid=42783c6a-fd68-4603-8087-e72c30b6a68a&sp=addr&q={searchTerms}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed-msgplus.linkury.com/?publisher=MessengerPlus&dpid=MessengerPlus&co=DE&userid=42783c6a-fd68-4603-8087-e72c30b6a68a&sp=addr&q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed-msgplus.linkury.com/?publisher=MessengerPlus&dpid=MessengerPlus&co=DE&userid=42783c6a-fd68-4603-8087-e72c30b6a68a&sp=addr&q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed-msgplus.linkury.com/?publisher=MessengerPlus&dpid=MessengerPlus&co=DE&userid=42783c6a-fd68-4603-8087-e72c30b6a68a&sp=hp&searchtype=hp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://feed-msgplus.linkury.com/?publisher=MessengerPlus&dpid=MessengerPlus&co=DE&userid=42783c6a-fd68-4603-8087-e72c30b6a68a&sp=addr&q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://feed-msgplus.linkury.com/?publisher=MessengerPlus&dpid=MessengerPlus&co=DE&userid=42783c6a-fd68-4603-8087-e72c30b6a68a&sp=addr&q={searchTerms}
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKCU\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKCU\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = hxxp://feed-msgplus.linkury.com/?publisher=MessengerPlus&dpid=MessengerPlus&co=DE&userid=42783c6a-fd68-4603-8087-e72c30b6a68a&sp=addr&q={searchTerms}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{1B615B66-288E-4219-BCF4-D5C6675CC182}: "URL" = hxxp://www.google.de/search?q={searchTerms}
IE - HKCU\..\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5}: "URL" = hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=64bace1600000000000000179ab71453&tlver=1.4.19.19&affID=17159
IE - HKCU\..\SearchScopes\{61660818-E0A9-48BB-952D-E5D9DB2943AC}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-3&o=APN10395&src=crm&q={searchTerms}&locale=&apn_ptnrs=^ABT&apn_dtid=^YYYYYY^YY^DE&apn_uid=7d792dac-7e4c-45aa-954a-380e89fe3cc2&apn_sauid=B1BDD0A6-45DA-4AAC-B69C-D93FB1E8F2C5
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js - File not found
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Programme\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Programme\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.04.30 17:51:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Programme\Mozilla Firefox\components [2012.01.25 10:06:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2012.04.15 10:12:08 | 000,000,000 | ---D | M]
 
[2011.01.23 01:54:45 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Extensions
[2012.06.21 23:24:49 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\extensions
[2012.06.11 20:25:54 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012.06.11 20:25:57 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2012.04.22 18:50:51 | 000,000,000 | ---D | M] (Browser Companion Helper) -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\extensions\bbrs_002@blabbers.com
[2011.03.27 09:33:28 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\extensions\engine@conduit.com
[2012.01.25 22:14:29 | 000,000,000 | ---D | M] (Babylon) -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\extensions\ffxtlbr@babylon.com
[2012.05.15 19:47:53 | 000,000,000 | ---D | M] ("Messenger Plus! Community Smartbar") -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\extensions\helperbar@helperbar.com
[2012.05.15 19:47:53 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\extensions\staged
[2012.06.21 23:25:03 | 000,000,000 | ---D | M] (Avira SearchFree Toolbar plus Web Protection) -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\extensions\toolbar@ask.com
[2012.06.21 23:25:03 | 000,002,344 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\searchplugins\askcom.xml
[2012.05.14 13:14:23 | 000,002,422 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\searchplugins\rfoXrjnsuLdgegqxJ
[2012.04.18 12:21:06 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.04.11 13:43:52 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2012.04.18 12:21:06 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
[2011.09.30 10:22:26 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\distribution\extensions
[2011.09.30 10:22:26 | 000,000,000 | ---D | M] (WEB.DE Toolbar) -- C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de
File not found (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\HEIKE\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\AO783VXH.DEFAULT\EXTENSIONS\TOOLBAR@WEB.DE.XPI
[2012.01.25 10:06:08 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll
[2012.04.18 12:20:41 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\mozilla firefox\plugins\npdeployJava1.dll
[2012.01.25 10:06:03 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.04.03 17:40:05 | 000,002,423 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\babylon.xml
[2012.01.25 10:06:03 | 000,002,252 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml
[2012.01.25 10:06:03 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2012.01.25 10:06:03 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.01.25 10:06:03 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.01.25 10:06:03 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = hxxp://www.google.com/search?q={searchTerms}&ie=utf-8&oe=utf-8&aq=t
CHR - default_search_provider: suggest_url = hxxp://suggestqueries.google.com/complete/search?q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Programme\Google\Chrome\Application\19.0.1084.56\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Programme\Google\Chrome\Application\19.0.1084.56\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Programme\Google\Chrome\Application\19.0.1084.56\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Programme\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Programme\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Programme\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Programme\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Programme\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
CHR - Extension: Avira Toolbar = C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.2.0_0\
CHR - Extension: Avira Toolbar = C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.2.23832_0\
CHR - Extension: YouTube = C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google-Suche = C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Babylon Translator = C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.4_0\
CHR - Extension: Browser Companion Helper = C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\kolgnaidildmdbfgdnoapjdianbpajne\1.0.5_0\
CHR - Extension: Mehr Leistung und Videoformate f\u00FCr dein HTML5 \u003Cvideo\u003E = C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: Google Mail = C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2004.08.10 21:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Browser Companion Helper) - {00cbb66b-1d3b-46d3-9577-323a336acb50} - C:\Programme\BrowserCompanion\jsloader.dll ( )
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (CescrtHlpr Object) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Programme\BabylonToolbar\BabylonToolbar\1.4.19.19\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Programme\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\prxtbDVD2.dll (Conduit Ltd.)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Browser Companion Helper Verifier) - {963B125B-8B21-49A2-A3A8-E37092276531} - C:\Programme\BrowserCompanion\updatebhoWin32.dll ( )
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\prxtbDVD2.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Programme\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarTlbr.dll (Babylon Ltd.)
O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Programme\DVDVideoSoftTB\prxtbDVD2.dll (Conduit Ltd.)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Programme\Gemeinsame Dateien\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5.5ServiceManager] "C:\Programme\Gemeinsame Dateien\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin File not found
O4 - HKLM..\Run: [ANIWZCS2Service] C:\Programme\ANI\ANIWZCS2 Service\WZCSLDR2.exe (Wireless Service)
O4 - HKLM..\Run: [ApnUpdater] C:\Programme\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [BabylonToolbar] C:\Programme\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe (Babylon Ltd.)
O4 - HKLM..\Run: [Browser companion helper] C:\Programme\BrowserCompanion\BCHelper.exe (Blabbers Communications LTD)
O4 - HKLM..\Run: [ControlCenter3] C:\Programme\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [DivXUpdate] C:\Programme\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [D-Link D-Link Wireless G DWL-G122_DWA-110] C:\Programme\D-Link\DWL-G122_DWA-110\AirGCFG.exe (D-Link Corp.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [PlusService] C:\Programme\Yuna Software\Messenger Plus!\PlusService.exe (Yuna Software)
O4 - HKLM..\Run: [StartCCC] C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Programme\Gemeinsame Dateien\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [WZCSLDR2] C:\Programme\D-Link\DWL-G122_DWA-110\WZCSLDR2.exe File not found
O4 - HKCU..\Run: [AdobeBridge]  File not found
O4 - HKCU..\Run: [Browser Infrastructure Helper] C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\Smartbar.exe (Smartbar)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000049 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} hxxp://support.asus.com/common/asusTek_sys_ctrl.cab (asusTek_sysctrl Class)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1295737416552 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1295788851984 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0C23FCC7-F4B9-46DA-97D1-DA6F4976879B}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{116D2D8C-D061-4ADE-B1EF-8E5219BD8CE2}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{680C4CA3-A1DD-4D88-8902-9BC975AD5800}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{94AD21AF-90EE-4DE1-AFCC-2EFD61D49431}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C71271D2-D213-4F3D-A19F-85020B77EA8B}: NameServer = 192.168.2.1
O18 - Protocol\Handler\base64 {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Programme\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)
O18 - Protocol\Handler\chrome {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Programme\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\prox {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Programme\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: 
O24 - Desktop BackupWallPaper: 
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011.01.23 00:41:25 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
NetSvcs: Ias -  File not found
NetSvcs: Iprip -  File not found
NetSvcs: Irmon -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: UxTuneUp - C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software)
NetSvcs: WmdmPmSp -  File not found
 
 
 
 
ActiveX: {0213C6AF-5562-4D09-884C-2ADCFC8C2F35} - Microsoft .NET Framework 1.1 Security Update (KB2656353)
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vektorgrafik-Rendering (VML)
ActiveX: {14F4D1F6-79E4-4256-A10B-3CCD138698C6} - Microsoft .NET Framework 1.0 Hotfix (KB2656378)
ActiveX: {1897C549-AE52-4571-8996-44854F5612B2} - Microsoft .NET Framework 1.1 Security Update (KB2656370)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {29E7D24F-BF30-45E7-8A40-AD27AFD8F5C6} - Microsoft .NET Framework 1.0 Hotfix (KB979904)
ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {339E9413-F230-4F0F-ADDD-17914D95FD6D} - Microsoft .NET Framework 1.0 Hotfix (KB2604042)
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML-Datenbindung für Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {407408d4-94ed-4d86-ab69-a7f649d112ee} - %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection QuickLaunchShortcut 640 %systemroot%\inf\mcdftreg.inf
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Erweitertes Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4F00D11B-8327-4C55-B7DA-B8D8C10F28A8} - Microsoft .NET Framework 1.0 Hotfix (KB2572066)
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5056b317-8d4c-43ee-8543-b9d1e234b8f4} - Sicherheitsupdate für Windows XP (KB923789)
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73fa19d0-2d75-11d2-995d-00c04f98bbc9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
ActiveX: {8BF1B8CD-9A6C-4382-A454-CC769B913F48} - Microsoft .NET Framework 1.0 Hotfix (KB2656378)
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Taskplaner
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E78BFA60-5393-4C38-82AB-E8019E464EB4} - .NET Framework
ActiveX: {E8EA5BD6-D931-4001-ABF6-81BAA500360A} - Microsoft .NET Framework 1.0 Hotfix (KB953295)
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {EA29D410-CE41-4953-A862-2DE706A1DAD7} - Microsoft .NET Framework 1.0 Service Pack 3
ActiveX: {EF289A85-8E57-408d-BE47-73B55609861A} - RootsUpdate
ActiveX: {FDC11A6F-17D1-48f9-9EA3-9051954BAA24} - .NET Framework
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
ActiveX: KB910393 - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\EasyCDBlock.inf,PerUserInstall
 
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.06.22 13:16:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2012.06.22 13:06:41 | 000,000,000 | ---D | C] -- C:\DOKUME~1\Heike\LOKALE~1\Temp\CRX_75DAF8CB7768
[2012.06.22 12:22:22 | 000,000,000 | ---D | C] -- C:\DOKUME~1\Heike\LOKALE~1\Temp\PRDecrypt
[2012.06.22 12:00:15 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Heike\Desktop\Avira
[2012.06.22 11:58:15 | 000,000,000 | ---D | C] -- C:\DOKUME~1\Heike\LOKALE~1\Temp\WPDNSE
[2012.06.22 11:43:59 | 000,000,000 | ---D | C] -- C:\DOKUME~1\Heike\LOKALE~1\Temp\scoped_dir27688
[2012.06.22 11:43:58 | 000,000,000 | ---D | C] -- C:\DOKUME~1\Heike\LOKALE~1\Temp\scoped_dir6411
[2012.06.22 11:43:58 | 000,000,000 | ---D | C] -- C:\DOKUME~1\Heike\LOKALE~1\Temp\scoped_dir27684
[2012.06.22 11:43:58 | 000,000,000 | ---D | C] -- C:\DOKUME~1\Heike\LOKALE~1\Temp\scoped_dir12299
[2012.06.21 23:30:54 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Avira
[2012.06.21 23:25:11 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Avira
[2012.06.21 23:24:54 | 000,000,000 | ---D | C] -- C:\DOKUME~1\Heike\LOKALE~1\Temp\AskSearch
[2012.06.21 23:24:50 | 000,000,000 | ---D | C] -- C:\Programme\Ask.com
[2012.06.21 23:24:46 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\AskToolbar
[2012.06.21 23:24:39 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\APN
[2012.06.21 23:24:23 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2012.06.21 23:24:21 | 000,137,928 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2012.06.21 23:24:21 | 000,036,000 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avkmgr.sys
[2012.06.21 23:24:20 | 000,083,392 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2012.06.21 23:24:19 | 000,000,000 | ---D | C] -- C:\Programme\Avira
[2012.06.21 23:24:19 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avira
[2012.06.21 21:21:50 | 000,000,000 | ---D | C] -- C:\Programme\ESET
[2012.06.21 20:48:59 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\TuneUp Software
[2012.06.21 20:03:27 | 000,000,000 | ---D | C] -- C:\DOKUME~1\Heike\LOKALE~1\Temp\{D02330D7-90EC-4CC7-8F3A-6C4E9205E424}
[2012.06.21 20:03:03 | 000,000,000 | ---D | C] -- C:\DOKUME~1\Heike\LOKALE~1\Temp\{EF24BF7D-7AC1-4C33-B59D-62B4EEE1430E}
[2012.06.17 22:55:21 | 000,000,000 | ---D | C] -- C:\Kaspersky Rescue Disk 10.0
[2012.06.14 14:46:57 | 000,029,024 | ---- | C] (TuneUp Software) -- C:\WINDOWS\System32\uxtuneup.dll
[2012.06.14 14:45:13 | 000,031,584 | ---- | C] (TuneUp Software) -- C:\WINDOWS\System32\TURegOpt.exe
[2012.06.14 14:45:06 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\TuneUp Utilities 2012
[2012.06.14 14:44:38 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\TuneUp Software
[2012.06.14 14:44:02 | 000,000,000 | ---D | C] -- C:\Programme\TuneUp Utilities 2012
[2012.06.14 14:43:44 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TuneUp Software
[2012.06.14 14:31:00 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{32364CEA-7855-4A3C-B674-53D8E9B97936}
[2012.06.14 14:31:00 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Common Files
[2012.06.12 17:28:59 | 000,000,000 | ---D | C] -- C:\DOKUME~1\Heike\LOKALE~1\Temp\APNLogs
[2012.06.12 17:28:57 | 000,000,000 | ---D | C] -- C:\DOKUME~1\Heike\LOKALE~1\Temp\APN-Stub
[2012.06.12 17:28:34 | 000,000,000 | ---D | C] -- C:\DOKUME~1\Heike\LOKALE~1\Temp\Microsoft Visual C++ 2010  x86 Redistributable Setup_10.0.40219
[2012.06.12 16:33:04 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Malwarebytes
[2012.06.12 16:32:52 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware
[2012.06.12 16:32:50 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2012.06.12 16:32:49 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012.06.12 16:32:49 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2012.06.12 16:28:43 | 000,000,000 | ---D | C] -- C:\DOKUME~1\Heike\LOKALE~1\Temp\scoped_dir_14528
[2012.06.12 16:28:42 | 000,000,000 | ---D | C] -- C:\DOKUME~1\Heike\LOKALE~1\Temp\scoped_dir_25004
[2012.06.11 20:02:14 | 000,000,000 | ---D | C] -- C:\DOKUME~1\Heike\LOKALE~1\Temp\Btklhn
[2012.06.11 08:29:33 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft Works
[2012.06.11 08:29:33 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft Clip Gallery
[2012.06.11 08:28:17 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Works
[2012.06.08 03:35:04 | 000,909,104 | ---- | C] (Sun Microsystems, Inc.) -- C:\DOKUME~1\Heike\LOKALE~1\Temp\jre-6u33-windows-i586-iftw.exe
[2012.05.31 14:34:49 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\ALNO AG  Küchenplaner
[2012.05.31 14:34:37 | 000,000,000 | ---D | C] -- C:\Programme\ALNO
[6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[34 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1125 C:\DOKUME~1\Heike\LOKALE~1\Temp\*.tmp files -> C:\DOKUME~1\Heike\LOKALE~1\Temp\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.06.22 15:21:00 | 000,001,088 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012.06.22 11:58:19 | 000,000,006 | ---- | M] () -- C:\WINDOWS\System32\ANIWZCSUSERNAME{680C4CA3-A1DD-4D88-8902-9BC975AD5800}
[2012.06.22 11:58:12 | 000,000,007 | ---- | M] () -- C:\WINDOWS\System32\ANIWZCSUSERNAME
[2012.06.22 11:58:02 | 000,001,084 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012.06.22 11:57:45 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.06.21 23:53:48 | 000,000,264 | ---- | M] () -- C:\WINDOWS\tasks\RegClean Pro_UPDATES.job
[2012.06.21 23:53:47 | 000,000,256 | ---- | M] () -- C:\WINDOWS\tasks\RegClean Pro_DEFAULT.job
[2012.06.21 23:48:08 | 000,001,366 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Desktop\Registry kostenlos entrümpeln!.lnk
[2012.06.21 23:38:32 | 000,000,226 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2012.06.21 23:25:11 | 000,001,686 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Avira Control Center.lnk
[2012.06.21 22:36:34 | 000,179,653 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Desktop\Eset.JPG
[2012.06.21 19:50:10 | 000,116,761 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Desktop\Malware123.JPG
[2012.06.21 19:40:36 | 000,000,546 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Adobe Download Assistant.lnk
[2012.06.21 19:40:35 | 000,000,758 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Desktop\Tetris Unlimited.lnk
[2012.06.21 19:40:31 | 000,000,711 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Desktop\Free YouTube to MP3 Converter.lnk
[2012.06.21 18:12:53 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.06.14 15:32:09 | 003,548,624 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012.06.14 15:25:39 | 000,463,080 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2012.06.14 15:25:39 | 000,444,638 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012.06.14 15:25:39 | 000,085,962 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2012.06.14 15:25:39 | 000,072,514 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012.06.14 15:20:26 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012.06.14 14:45:09 | 000,001,726 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\TuneUp 1-Klick-Wartung.lnk
[2012.06.14 14:45:09 | 000,001,722 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\TuneUp Utilities 2012.lnk
[2012.06.12 22:36:53 | 000,118,077 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Desktop\Malwareprotokoll.JPG
[2012.06.12 21:30:34 | 000,132,568 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Desktop\Malwardruck.JPG
[2012.06.12 17:16:34 | 000,136,187 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Desktop\123456.JPG
[2012.06.12 16:32:52 | 000,000,771 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.06.12 16:29:30 | 000,001,792 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Google Chrome.lnk
[2012.06.11 08:29:33 | 000,001,499 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Microsoft Works.lnk
[2012.06.11 08:29:33 | 000,000,921 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Erinnerungen für Microsoft Works-Kalender.lnk
[2012.06.11 02:00:00 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-HEIKE-RECHNER-Heike.job
[2012.06.09 20:40:57 | 000,066,048 | ---- | M] () -- D:\Heike\Eigene Dateien\axAJuVVleELNOtsXaAyu
[2012.06.07 12:29:02 | 000,011,741 | ---- | M] () -- D:\Heike\Eigene Dateien\qeNVjvToUsQsnNDAGTgdq
[2012.05.30 17:04:17 | 000,003,284 | ---- | M] () -- C:\WINDOWS\System32\ANIWZCS{680C4CA3-A1DD-4D88-8902-9BC975AD5800}
[2012.05.30 16:06:27 | 000,000,006 | ---- | M] () -- C:\WINDOWS\System32\ANIWZCSUSERNAME{C71271D2-D213-4F3D-A19F-85020B77EA8B}
[2012.05.29 13:09:54 | 000,031,584 | ---- | M] (TuneUp Software) -- C:\WINDOWS\System32\TURegOpt.exe
[2012.05.29 13:09:50 | 000,029,024 | ---- | M] (TuneUp Software) -- C:\WINDOWS\System32\uxtuneup.dll
[2012.05.24 18:25:25 | 000,000,006 | ---- | M] () -- C:\WINDOWS\System32\ANIWZCSUSERNAME{94AD21AF-90EE-4DE1-AFCC-2EFD61D49431}
[6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[34 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.06.21 23:25:11 | 000,001,686 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Avira Control Center.lnk
[2012.06.21 23:24:57 | 000,000,226 | ---- | C] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2012.06.21 22:36:33 | 000,179,653 | ---- | C] () -- C:\Dokumente und Einstellungen\Heike\Desktop\Eset.JPG
[2012.06.21 21:08:47 | 000,798,234 | ---- | C] () -- C:\DOKUME~1\Heike\LOKALE~1\Temp\IMT2AE.xml
[2012.06.21 21:08:46 | 000,002,036 | ---- | C] () -- C:\DOKUME~1\Heike\LOKALE~1\Temp\IMT2AC.xml
[2012.06.21 21:08:46 | 000,000,426 | ---- | C] () -- C:\DOKUME~1\Heike\LOKALE~1\Temp\IMT2AD.xml
[2012.06.21 20:04:55 | 000,016,384 | ---- | C] () -- C:\DOKUME~1\Heike\LOKALE~1\Temp\Perflib_Perfdata_7bc.dat
[2012.06.21 19:55:28 | 000,001,028 | -H-- | C] () -- C:\DOKUME~1\Heike\LOKALE~1\Temp\etilqs_vqm8DkrJ2Il6zYr
[2012.06.21 19:51:36 | 000,004,104 | -H-- | C] () -- C:\DOKUME~1\Heike\LOKALE~1\Temp\etilqs_UqmOxuuKgGzjFBi
[2012.06.21 19:51:07 | 000,002,052 | -H-- | C] () -- C:\DOKUME~1\Heike\LOKALE~1\Temp\etilqs_ubcYH7dFuquEAUq
[2012.06.21 19:50:09 | 000,116,761 | ---- | C] () -- C:\Dokumente und Einstellungen\Heike\Desktop\Malware123.JPG
[2012.06.21 19:45:10 | 000,007,802 | ---- | C] () -- C:\DOKUME~1\Heike\LOKALE~1\Temp\au-descriptor-1.6.0_33-b70.xml
[2012.06.21 19:44:55 | 000,131,200 | -H-- | C] () -- C:\DOKUME~1\Heike\LOKALE~1\Temp\etilqs_uWfBXM78BvaZwXR
[2012.06.21 19:44:53 | 000,004,100 | -H-- | C] () -- C:\DOKUME~1\Heike\LOKALE~1\Temp\etilqs_KFHHjyadzjchfKs
[2012.06.21 19:44:38 | 000,053,300 | -H-- | C] () -- C:\DOKUME~1\Heike\LOKALE~1\Temp\etilqs_b0mBLe0qP7tWAjQ
[2012.06.21 19:44:29 | 000,020,500 | -H-- | C] () -- C:\DOKUME~1\Heike\LOKALE~1\Temp\etilqs_2lC7H1Kh2WKvZwb
[2012.06.14 14:45:09 | 000,001,726 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\TuneUp 1-Klick-Wartung.lnk
[2012.06.14 14:45:09 | 000,001,722 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\TuneUp Utilities 2012.lnk
[2012.06.14 14:45:05 | 000,001,728 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\TuneUp Utilities 2012.lnk
[2012.06.12 22:36:53 | 000,118,077 | ---- | C] () -- C:\Dokumente und Einstellungen\Heike\Desktop\Malwareprotokoll.JPG
[2012.06.12 21:30:34 | 000,132,568 | ---- | C] () -- C:\Dokumente und Einstellungen\Heike\Desktop\Malwardruck.JPG
[2012.06.12 17:28:33 | 000,074,796 | ---- | C] () -- C:\DOKUME~1\Heike\LOKALE~1\Temp\Microsoft Visual C++ 2010  x86 Redistributable Setup_20120612_172834000.html
[2012.06.12 17:16:33 | 000,136,187 | ---- | C] () -- C:\Dokumente und Einstellungen\Heike\Desktop\123456.JPG
[2012.06.12 16:32:52 | 000,000,771 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.06.11 20:10:44 | 003,354,153 | ---- | C] () -- C:\DOKUME~1\Heike\LOKALE~1\Temp\64BACE164B4945482D45.$02
[2012.06.11 20:04:58 | 000,000,017 | ---- | C] () -- C:\DOKUME~1\Heike\LOKALE~1\Temp\Desk.$00
[2012.06.11 20:04:55 | 000,840,596 | ---- | C] () -- C:\DOKUME~1\Heike\LOKALE~1\Temp\64BACE164B4945482D45.$$0
[2012.06.11 20:04:55 | 000,001,048 | ---- | C] () -- C:\DOKUME~1\Heike\LOKALE~1\Temp\64BACE164B4945482D456548
[2012.06.11 19:52:52 | 000,000,004 | -H-- | C] () -- C:\DOKUME~1\Heike\LOKALE~1\Temp\etilqs_gBSVxxRhHWx9m2e
[2012.06.11 14:13:41 | 000,002,056 | -H-- | C] () -- C:\DOKUME~1\Heike\LOKALE~1\Temp\etilqs_c0Bg3wSakG3ijB2
[2012.06.11 14:12:11 | 000,006,156 | -H-- | C] () -- C:\DOKUME~1\Heike\LOKALE~1\Temp\etilqs_bmo05ICrhJPABb5
[2012.06.11 14:11:43 | 000,028,704 | -H-- | C] () -- C:\DOKUME~1\Heike\LOKALE~1\Temp\etilqs_IGITGhfleuVFeIw
[2012.06.11 13:43:42 | 000,004,100 | -H-- | C] () -- C:\DOKUME~1\Heike\LOKALE~1\Temp\etilqs_eEReopmPo1KRHG1
[2012.06.11 13:33:12 | 000,045,100 | -H-- | C] () -- C:\DOKUME~1\Heike\LOKALE~1\Temp\etilqs_PAFMepr5t5O311Q
[2012.06.11 13:32:13 | 000,024,600 | -H-- | C] () -- C:\DOKUME~1\Heike\LOKALE~1\Temp\etilqs_i9tdrKjY7FyPp1R
[2012.06.11 08:29:33 | 000,001,906 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft Works.lnk
[2012.06.11 08:29:33 | 000,001,499 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Microsoft Works.lnk
[2012.06.11 08:29:33 | 000,000,921 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Erinnerungen für Microsoft Works-Kalender.lnk
[2012.02.16 15:37:48 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011.09.23 08:13:58 | 000,007,168 | ---- | C] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.01.25 21:26:21 | 000,000,943 | ---- | C] () -- C:\WINDOWS\Brpfx04a.ini
[2011.01.25 21:26:21 | 000,000,149 | ---- | C] () -- C:\WINDOWS\brpcfx.ini
[2011.01.25 21:26:02 | 000,000,464 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2011.01.25 21:26:02 | 000,000,027 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI
[2011.01.25 21:24:43 | 000,000,050 | ---- | C] () -- C:\WINDOWS\System32\bridf08b.dat
[2011.01.25 21:24:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\brdfxspd.dat
[2011.01.25 16:52:25 | 000,281,760 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2011.01.25 16:52:25 | 000,025,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2011.01.24 16:55:31 | 000,151,552 | ---- | C] () -- C:\WINDOWS\System32\ANIWConnService.exe
[2011.01.24 16:55:22 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\AQCKGen.dll
[2011.01.24 16:55:22 | 000,045,115 | ---- | C] () -- C:\WINDOWS\System32\ANICtl.dll
[2011.01.24 16:55:21 | 000,258,048 | ---- | C] () -- C:\WINDOWS\System32\wlanapp.dll
[2011.01.24 16:55:21 | 000,217,088 | ---- | C] () -- C:\WINDOWS\System32\aIPH.dll
[2011.01.24 16:55:06 | 000,315,392 | ---- | C] () -- C:\WINDOWS\System32\ANIOApi.dll
[2011.01.24 16:55:06 | 000,048,640 | ---- | C] () -- C:\WINDOWS\System32\ANIO64.sys
[2011.01.24 16:55:06 | 000,029,411 | ---- | C] () -- C:\WINDOWS\System32\ANIO.sys
[2011.01.24 16:54:49 | 000,733,184 | ---- | C] () -- C:\WINDOWS\System32\ANIOWPS.dll
[2011.01.24 16:54:49 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\ANIWPS.exe
[2011.01.24 16:54:25 | 000,002,048 | ---- | C] () -- C:\WINDOWS\System32\rt73.bin
[2011.01.23 02:18:53 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2011.01.23 02:16:44 | 000,593,920 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2011.01.23 01:54:38 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2011.01.23 01:43:00 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011.01.23 00:56:09 | 000,000,138 | ---- | C] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2011.01.23 00:49:46 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011.01.23 00:44:26 | 000,001,124 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2011.01.23 00:37:56 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011.01.23 00:27:38 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011.01.23 00:26:36 | 003,548,624 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[1601.02.13 10:28:18 | 000,112,763 | ---- | C] () -- C:\Dokumente und Einstellungen\Heike\xGyAJQffDsEnrgssXTjy
[1601.02.13 10:28:18 | 000,075,485 | ---- | C] () -- C:\Dokumente und Einstellungen\Heike\jlOUyupLflvxoOsyspNfj
[1601.02.13 10:28:18 | 000,004,942 | ---- | C] () -- C:\Dokumente und Einstellungen\Heike\TdqNpnxDOdEQeqfpJ
 
========== LOP Check ==========
 
[2012.06.14 14:31:00 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Common Files
[2012.06.11 20:23:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\elsterformular
[2011.01.23 03:25:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Fujitsu
[2011.01.23 14:05:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Innovative Solutions
[2011.03.17 16:49:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Installations
[2012.04.23 09:29:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Messenger Plus!
[2011.03.17 16:54:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Nokia
[2011.03.17 16:58:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PC Suite
[2011.05.21 15:30:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\regid.1986-12.com.adobe
[2011.01.29 07:19:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Solidshield
[2012.06.14 14:45:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TuneUp Software
[2012.06.14 14:31:00 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{32364CEA-7855-4A3C-B674-53D8E9B97936}
[2011.04.04 06:49:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\BabylonToolbar
[2011.11.20 17:14:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011.05.21 14:37:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\com.adobe.downloadassistant.AdobeDownloadAssistant
[2012.06.11 20:25:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\DVDVideoSoftIEHelpers
[2011.03.07 10:22:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\elsterformular
[2011.11.20 18:11:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\gtk-2.0
[2012.06.12 21:10:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\ICQ
[2011.01.24 21:23:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\OpenOffice.org
[2011.03.17 16:58:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\PC Suite
[2011.01.25 21:57:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\PC-FAX TX
[2012.04.07 15:44:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\PriceGong
[2011.11.20 17:10:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2012.04.11 13:42:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Systweak
[2012.06.11 20:26:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\TeamViewer
[2012.06.21 23:46:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\TuneUp Software
[2011.01.26 22:38:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Ubisoft
[2012.06.21 23:53:47 | 000,000,256 | ---- | M] () -- C:\WINDOWS\Tasks\RegClean Pro_DEFAULT.job
[2012.06.21 23:53:48 | 000,000,264 | ---- | M] () -- C:\WINDOWS\Tasks\RegClean Pro_UPDATES.job
[2012.06.21 23:38:32 | 000,000,226 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2011.05.21 15:40:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Adobe
[2012.06.11 20:25:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Adobe Mini Bridge CS5.1
[2011.01.23 02:39:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\ATI
[2012.06.21 23:30:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Avira
[2011.04.04 06:49:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\BabylonToolbar
[2011.01.30 15:09:04 | 000,000,000 | R--D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Brother
[2011.11.20 17:14:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011.05.21 14:37:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\com.adobe.downloadassistant.AdobeDownloadAssistant
[2011.09.23 08:12:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\DivX
[2012.06.11 20:25:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\DVDVideoSoftIEHelpers
[2011.03.07 10:22:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\elsterformular
[2011.03.18 20:43:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Google
[2011.11.20 18:11:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\gtk-2.0
[2012.06.12 21:10:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\ICQ
[2011.01.23 01:00:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Identities
[2011.01.23 15:24:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\InstallShield
[2011.01.23 01:08:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Macromedia
[2012.06.12 16:33:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Malwarebytes
[2012.05.14 13:14:15 | 000,000,000 | --SD | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Microsoft
[2011.01.23 01:54:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla
[2011.01.24 21:23:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\OpenOffice.org
[2011.03.17 16:58:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\PC Suite
[2011.01.25 21:57:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\PC-FAX TX
[2012.04.07 15:44:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\PriceGong
[2011.11.20 17:10:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2011.01.23 01:41:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Sun
[2012.04.11 13:42:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Systweak
[2012.06.11 20:26:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\TeamViewer
[2012.06.21 23:46:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\TuneUp Software
[2011.01.26 22:38:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Ubisoft
 
< %APPDATA%\*.exe /s >
[2011.05.21 14:36:29 | 000,053,632 | ---- | M] (Adobe Systems Inc.) -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
 
< %SYSTEMDRIVE%\*.exe >
 
< MD5 for: AGP440.SYS  >
[2004.08.10 21:00:00 | 017,006,491 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2011.01.23 01:40:04 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2011.01.23 01:40:04 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
 
< MD5 for: ATAPI.SYS  >
[2004.08.10 21:00:00 | 017,006,491 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2011.01.23 01:40:04 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2011.01.23 01:40:04 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.10 21:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
 
< MD5 for: EVENTLOG.DLL  >
[2008.04.14 04:22:10 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 04:22:10 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\system32\eventlog.dll
[2004.08.10 21:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=B932C077D5A65B71B4512544AC404CB4 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
 
< MD5 for: IASTOR.SYS  >
[2005.10.12 13:07:12 | 000,874,240 | ---- | M] (Intel Corporation) MD5=309C4D86D989FB1FCF64BD30DC81C51B -- C:\WINDOWS\system32\drivers\iaStor.sys
 
< MD5 for: NETLOGON.DLL  >
[2008.04.14 04:22:19 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 04:22:19 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\system32\netlogon.dll
[2004.08.10 21:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=D27395EDCD3416AFD125A9370DCB585C -- C:\WINDOWS\$NtUninstallKB968389_0$\netlogon.dll
[2009.02.06 20:46:10 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=ED4BBAD725A21632FB205452749FC8F5 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2009.02.06 20:46:10 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=ED4BBAD725A21632FB205452749FC8F5 -- C:\WINDOWS\$NtUninstallKB975467_0$\netlogon.dll
 
< MD5 for: NVATABUS.SYS  >
[2005.08.18 17:52:06 | 000,093,568 | ---- | M] (NVIDIA Corporation) MD5=0344AA9113DC16EEC379F4652020849D -- C:\WINDOWS\system32\drivers\nvatabus.sys
 
< MD5 for: SCECLI.DLL  >
[2008.04.14 04:22:23 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 04:22:23 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\system32\scecli.dll
[2004.08.10 21:00:00 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=64DC26B3CF7BCCAD431CE360A4C625D5 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
 
< MD5 for: USER32.DLL  >
[2005.03.02 20:09:46 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=3751D7CF0E0A113D84414992146BCE6A -- C:\WINDOWS\$NtServicePackUninstall$\user32.dll
[2005.03.02 20:19:56 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=4C90159A69A5FD3EB39C71411F28FCFF -- C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\user32.dll
[2008.04.14 04:22:31 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\ServicePackFiles\i386\user32.dll
[2008.04.14 04:22:31 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\system32\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2008.04.14 04:23:03 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 04:23:03 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\system32\userinit.exe
[2004.08.10 21:00:00 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=D1E53DC57143F2584B1DD53B036C0633 -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
 
< MD5 for: VIAMRAID.SYS  >
[2005.04.08 11:43:26 | 000,060,928 | ---- | M] (VIA Technologies inc,.ltd) MD5=0363E216E4EB5052969C96608934DBDE -- C:\WINDOWS\system32\drivers\viamraid.sys
 
< MD5 for: WINLOGON.EXE  >
[2012.04.04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Programme\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2004.08.10 21:00:00 | 000,507,392 | ---- | M] (Microsoft Corporation) MD5=2B6A0BAF33A9918F09442D873848FF72 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 04:23:05 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 04:23:05 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\system32\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2004.08.10 21:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\dllcache\ws2ifsl.sys
[2004.08.10 21:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\drivers\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
[2011.01.23 01:25:31 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2011.01.23 01:25:31 | 000,663,552 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2011.01.23 01:25:31 | 000,462,848 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
[6 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< End of report >
         
--- --- ---

Alt 22.06.2012, 14:38   #10
Heike28
 
Dateien Verschlüsselt Bundestrojaner noch auf dem Rechner - Standard

Dateien Verschlüsselt Bundestrojaner noch auf dem Rechner



Code:
ATTFilter
OTL logfile created on: 22.06.2012 15:23:53 - Run 2
OTL by OldTimer - Version 3.2.51.0     Folder = D:\Heike\Eigene Dateien\Downloads
Windows XP Media Center Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1022,48 Mb Total Physical Memory | 444,83 Mb Available Physical Memory | 43,51% Memory free
2,40 Gb Paging File | 1,80 Gb Available in Paging File | 74,95% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 78,13 Gb Total Space | 46,83 Gb Free Space | 59,95% Space Free | Partition Type: NTFS
Drive D: | 219,95 Gb Total Space | 208,06 Gb Free Space | 94,59% Space Free | Partition Type: NTFS
 
Computer Name: HEIKE-RECHNER | User Name: Heike | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.06.22 14:36:17 | 000,595,968 | ---- | M] (OldTimer Tools) -- D:\Heike\Eigene Dateien\Downloads\OTL.exe
PRC - [2012.05.29 13:09:52 | 001,528,672 | ---- | M] (TuneUp Software) -- C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe
PRC - [2012.05.29 13:09:52 | 001,220,960 | ---- | M] (TuneUp Software) -- C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe
PRC - [2012.05.13 18:24:20 | 000,019,272 | ---- | M] (Smartbar) -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\Smartbar.exe
PRC - [2012.05.02 01:42:28 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2012.05.02 00:55:21 | 000,465,360 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe
PRC - [2012.05.02 00:34:34 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.05.02 00:31:35 | 000,348,624 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.04.24 02:11:55 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.02.27 14:43:07 | 000,801,792 | ---- | M] (Yuna Software) -- C:\Programme\Yuna Software\Messenger Plus!\PlusService.exe
PRC - [2012.01.18 15:02:04 | 000,508,136 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Gemeinsame Dateien\Java\Java Update\jucheck.exe
PRC - [2012.01.18 15:02:04 | 000,254,696 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
PRC - [2011.12.16 08:55:44 | 000,187,696 | ---- | M] (Blabbers Communications LTD) -- C:\Programme\BrowserCompanion\BCHelper.exe
PRC - [2011.07.29 01:08:12 | 001,259,376 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdate.exe
PRC - [2010.11.07 11:22:00 | 000,286,720 | ---- | M] (Babylon Ltd.) -- C:\Programme\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe
PRC - [2010.01.15 14:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Programme\McAfee Security Scan\2.0.181\SSScheduler.exe
PRC - [2009.08.21 10:27:24 | 000,098,304 | ---- | M] (Wireless Service) -- C:\Programme\ANI\ANIWZCS2 Service\WZCSLDR2.exe
PRC - [2009.08.14 17:51:52 | 001,708,032 | ---- | M] (D-Link Corp.) -- C:\Programme\D-Link\DWL-G122_DWA-110\AirGCFG.exe
PRC - [2009.07.07 21:10:14 | 000,151,552 | ---- | M] () -- C:\WINDOWS\system32\ANIWConnService.exe
PRC - [2008.04.14 04:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008.01.31 18:29:06 | 000,196,608 | R--- | M] (Brother Industries, Ltd.) -- C:\Programme\Brother\Brmfcmon\BrMfcMon.exe
PRC - [1999.08.06 09:53:00 | 000,053,317 | ---- | M] (Microsoft® Corporation) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Works Shared\wkcalrem.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.06.21 18:18:57 | 011,817,472 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\dbc413807cb7360b3e26ef3ca1d54f9a\System.Web.ni.dll
MOD - [2012.06.14 15:37:31 | 012,433,920 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\01abbadafaf265d9f4ac9bbb247acb98\System.Windows.Forms.ni.dll
MOD - [2012.06.14 15:37:16 | 001,592,320 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\d86f2038209a4cf0d0f5b30f6375c9b2\System.Drawing.ni.dll
MOD - [2012.06.14 15:25:23 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2012.06.14 15:23:12 | 001,840,640 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.Services\e70343406253e43964f9fe1f42cfbd7c\System.Web.Services.ni.dll
MOD - [2012.05.13 18:25:00 | 000,024,392 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.dll
MOD - [2012.05.13 18:24:56 | 000,012,616 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\Smartbar.Resources.ProcessDownMonitor.dll
MOD - [2012.05.13 18:24:52 | 000,067,400 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\Smartbar.Resources.HistoryAndStatsWrapper.dll
MOD - [2012.05.13 18:24:50 | 000,331,080 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\Smartbar.Resources.FilesManager.dll
MOD - [2012.05.13 18:24:50 | 000,034,120 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\Smartbar.Resources.AutomaticUpdates.dll
MOD - [2012.05.13 18:24:46 | 000,015,176 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\Smartbar.Personalization.Common.dll
MOD - [2012.05.13 18:24:44 | 000,078,152 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\Smartbar.Personalization.BusinessLogic.dll
MOD - [2012.05.13 18:24:38 | 000,017,736 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll
MOD - [2012.05.13 18:24:30 | 000,011,080 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\Smartbar.Infrastructure.EventManager.dll
MOD - [2012.05.13 18:24:28 | 000,027,976 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\Smartbar.Infrastructure.Core.dll
MOD - [2012.05.13 18:24:26 | 000,012,616 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\Smartbar.GUI.Multimedia.Loader.dll
MOD - [2012.05.13 18:24:26 | 000,011,592 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\Smartbar.Infrastructure.BusinessEntities.dll
MOD - [2012.05.13 18:24:24 | 001,217,864 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\Smartbar.GUI.MainClient.dll
MOD - [2012.05.13 18:24:22 | 000,080,200 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\Smartbar.GUI.Docking.dll
MOD - [2012.05.13 18:24:20 | 000,541,512 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\Smartbar.GUI.Controls.dll
MOD - [2012.05.13 18:23:16 | 000,046,408 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\MACTrackBarLib.dll
MOD - [2012.05.13 18:23:00 | 000,024,904 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\de\Smartbar.GUI.MainClient.resources.dll
MOD - [2012.05.12 09:12:33 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\3d5b7368bde0f65aa15d9f46b498cc89\System.Configuration.ni.dll
MOD - [2012.05.12 09:12:07 | 000,025,600 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\016444dfc5f7e3d11c776f2fbc7a4594\Accessibility.ni.dll
MOD - [2012.05.11 21:50:21 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\3bba1b8b0b5ef0be238b011cc7a0575e\System.Xml.ni.dll
MOD - [2012.05.11 21:48:47 | 007,953,408 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e4b5afc4da43b1c576f9322f9f2e1bfe\System.ni.dll
MOD - [2012.05.11 21:48:39 | 011,492,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\e337c89bc9f81b69d7237aa70e935900\mscorlib.ni.dll
MOD - [2012.04.16 23:11:02 | 000,398,288 | ---- | M] () -- C:\Programme\Avira\AntiVir Desktop\sqlite3.dll
MOD - [2012.04.04 07:53:56 | 000,301,056 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.DEU
MOD - [2011.08.07 14:54:16 | 000,004,096 | ---- | M] () -- C:\Programme\Yuna Software\Messenger Plus!\Detour32.dll
MOD - [2011.08.07 13:54:44 | 000,362,029 | ---- | M] () -- C:\Programme\BrowserCompanion\sqlite3.dll
MOD - [2011.07.29 01:09:42 | 000,096,112 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdateCheck.dll
MOD - [2011.07.29 01:08:12 | 001,259,376 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdate.exe
MOD - [2011.02.04 18:48:30 | 000,291,840 | ---- | M] () -- C:\WINDOWS\system32\sbe.dll
MOD - [2011.01.23 02:39:44 | 000,290,816 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3693.42442__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
MOD - [2011.01.23 02:39:44 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3693.42456__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
MOD - [2011.01.23 02:39:44 | 000,011,776 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Runtime\2.0.3693.42552__90ba9c70f846762e\CLI.Caste.HydraVision.Runtime.dll
MOD - [2011.01.23 02:39:44 | 000,008,704 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Shared\2.0.3693.42552__90ba9c70f846762e\CLI.Caste.HydraVision.Shared.dll
MOD - [2011.01.23 02:39:44 | 000,007,680 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Wizard\2.0.3693.42556__90ba9c70f846762e\CLI.Caste.HydraVision.Wizard.dll
MOD - [2011.01.23 02:39:44 | 000,007,680 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Dashboard\2.0.3693.42552__90ba9c70f846762e\CLI.Caste.HydraVision.Dashboard.dll
MOD - [2011.01.23 02:39:43 | 001,728,512 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3693.42460__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll
MOD - [2011.01.23 02:39:43 | 000,204,800 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3693.42461__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
MOD - [2011.01.23 02:39:43 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3693.42451__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
MOD - [2011.01.23 02:39:42 | 000,364,544 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Wizard\2.0.3693.42522__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Wizard.dll
MOD - [2011.01.23 02:39:42 | 000,077,824 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3693.42517__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
MOD - [2011.01.23 02:39:42 | 000,036,864 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3693.42486__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
MOD - [2011.01.23 02:39:41 | 000,692,224 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Wizard\2.0.3693.42508__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Wizard.dll
MOD - [2011.01.23 02:39:41 | 000,491,520 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3693.42537__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
MOD - [2011.01.23 02:39:41 | 000,069,632 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3693.42499__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
MOD - [2011.01.23 02:39:40 | 000,139,264 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3693.42537__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
MOD - [2011.01.23 02:39:40 | 000,073,728 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3693.42450__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
MOD - [2011.01.23 02:39:39 | 000,106,496 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Dashboard\2.0.3693.42461__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Dashboard.dll
MOD - [2011.01.23 02:39:39 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Runtime\2.0.3693.42460__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Runtime.dll
MOD - [2011.01.23 02:39:38 | 000,364,544 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3693.42504__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
MOD - [2011.01.23 02:39:38 | 000,094,208 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3693.42504__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
MOD - [2011.01.23 02:39:37 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3693.42503__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
MOD - [2011.01.23 02:39:35 | 001,036,288 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive3.Graphics.Dashboard\2.0.3693.42473__90ba9c70f846762e\CLI.Aspect.OverDrive3.Graphics.Dashboard.dll
MOD - [2011.01.23 02:39:34 | 000,069,632 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive3.Graphics.Runtime\2.0.3693.42472__90ba9c70f846762e\CLI.Aspect.OverDrive3.Graphics.Runtime.dll
MOD - [2011.01.23 02:39:33 | 000,811,008 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3693.42488__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
MOD - [2011.01.23 02:39:33 | 000,405,504 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3693.42512__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
MOD - [2011.01.23 02:39:33 | 000,081,920 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3693.42487__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
MOD - [2011.01.23 02:39:32 | 000,225,280 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3693.42462__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
MOD - [2011.01.23 02:39:32 | 000,126,976 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3693.42496__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
MOD - [2011.01.23 02:39:32 | 000,036,864 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3693.42496__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
MOD - [2011.01.23 02:39:30 | 000,798,720 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Dashboard\2.0.3693.42518__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Dashboard.dll
MOD - [2011.01.23 02:39:30 | 000,712,704 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3693.42452__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll
MOD - [2011.01.23 02:39:30 | 000,589,824 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3693.42462__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll
MOD - [2011.01.23 02:39:30 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3693.42466__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
MOD - [2011.01.23 02:39:29 | 000,675,840 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Dashboard\2.0.3693.42500__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Dashboard.dll
MOD - [2011.01.23 02:39:29 | 000,450,560 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3693.42482__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll
MOD - [2011.01.23 02:39:29 | 000,438,272 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3693.42487__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
MOD - [2011.01.23 02:39:29 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3693.42486__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
MOD - [2011.01.23 02:39:29 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3693.42487__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
MOD - [2011.01.23 02:39:29 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3693.42497__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
MOD - [2011.01.23 02:39:28 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation\2.0.3309.28601__90ba9c70f846762e\LOG.Foundation.dll
MOD - [2011.01.23 02:39:28 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3309.28603__90ba9c70f846762e\NEWAEM.Foundation.dll
MOD - [2011.01.23 02:39:28 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.OS.I0602\2.0.3309.28630__90ba9c70f846762e\DEM.OS.I0602.dll
MOD - [2011.01.23 02:39:28 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3309.28617__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
MOD - [2011.01.23 02:39:28 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3309.28608__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
MOD - [2011.01.23 02:39:28 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\MOM.Foundation\2.0.3309.28626__90ba9c70f846762e\MOM.Foundation.dll
MOD - [2011.01.23 02:39:28 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3309.28629__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll
MOD - [2011.01.23 02:39:28 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3309.28645__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll
MOD - [2011.01.23 02:39:28 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3309.28647__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
MOD - [2011.01.23 02:39:28 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3309.28627__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
MOD - [2011.01.23 02:39:28 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3309.28647__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
MOD - [2011.01.23 02:39:28 | 000,007,168 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
MOD - [2011.01.23 02:39:27 | 000,073,728 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation\2.0.3309.28604__90ba9c70f846762e\CLI.Foundation.dll
MOD - [2011.01.23 02:39:27 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3309.28618__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
MOD - [2011.01.23 02:39:27 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
MOD - [2011.01.23 02:39:27 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
MOD - [2011.01.23 02:39:27 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3309.28644__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
MOD - [2011.01.23 02:39:27 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3309.28669__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MOD - [2011.01.23 02:39:27 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive3.Graphics.Shared\2.0.3309.28633__90ba9c70f846762e\CLI.Aspect.OverDrive3.Graphics.Shared.dll
MOD - [2011.01.23 02:39:27 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3309.28620__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
MOD - [2011.01.23 02:39:27 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3309.28617__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
MOD - [2011.01.23 02:39:27 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3309.28611__90ba9c70f846762e\CLI.Component.Client.Shared.dll
MOD - [2011.01.23 02:39:27 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Shared\2.0.3309.28631__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Shared.dll
MOD - [2011.01.23 02:39:27 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.OS\2.0.3309.28645__90ba9c70f846762e\DEM.OS.dll
MOD - [2011.01.23 02:39:27 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll
MOD - [2011.01.23 02:39:27 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics\2.0.3309.28630__90ba9c70f846762e\DEM.Graphics.dll
MOD - [2011.01.23 02:39:27 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
MOD - [2011.01.23 02:39:27 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3309.28617__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
MOD - [2011.01.23 02:39:27 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3309.28631__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
MOD - [2011.01.23 02:39:27 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
MOD - [2011.01.23 02:39:26 | 000,503,808 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ResourceManagement.Foundation.Implementation\2.0.3693.42564__90ba9c70f846762e\ResourceManagement.Foundation.Implementation.dll
MOD - [2011.01.23 02:39:26 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
MOD - [2011.01.23 02:39:26 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
MOD - [2011.01.23 02:39:26 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
MOD - [2011.01.23 02:39:26 | 000,049,152 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
MOD - [2011.01.23 02:39:26 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3693.42545__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
MOD - [2011.01.23 02:39:26 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
MOD - [2011.01.23 02:39:26 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3309.28624__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
MOD - [2011.01.23 02:39:26 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3309.28632__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
MOD - [2011.01.23 02:39:26 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
MOD - [2011.01.23 02:39:26 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3309.28627__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
MOD - [2011.01.23 02:39:26 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3309.28635__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
MOD - [2011.01.23 02:39:26 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll
MOD - [2011.01.23 02:39:26 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
MOD - [2011.01.23 02:39:26 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\APM.Foundation\2.0.3309.28626__90ba9c70f846762e\APM.Foundation.dll
MOD - [2011.01.23 02:39:26 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3309.28617__90ba9c70f846762e\AEM.Server.Shared.dll
MOD - [2011.01.23 02:39:26 | 000,014,848 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll
MOD - [2011.01.23 02:39:26 | 000,013,312 | ---- | M] () -- C:\WINDOWS\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.dll
MOD - [2011.01.23 02:39:26 | 000,007,168 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3693.42437__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
MOD - [2011.01.23 02:39:25 | 000,544,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3693.42525__90ba9c70f846762e\CLI.Component.Systemtray.dll
MOD - [2011.01.23 02:39:25 | 000,405,504 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3693.42455__90ba9c70f846762e\CLI.Component.Wizard.dll
MOD - [2011.01.23 02:39:25 | 000,106,496 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\MOM.Implementation\2.0.3693.42531__90ba9c70f846762e\MOM.Implementation.dll
MOD - [2011.01.23 02:39:25 | 000,081,920 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3693.42440__90ba9c70f846762e\CLI.Component.Runtime.dll
MOD - [2011.01.23 02:39:25 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3693.42530__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MOD - [2011.01.23 02:39:25 | 000,057,344 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3693.42441__90ba9c70f846762e\CLI.Component.SkinFactory.dll
MOD - [2011.01.23 02:39:25 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3309.28628__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
MOD - [2011.01.23 02:39:25 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3309.28608__90ba9c70f846762e\CLI.Foundation.Private.dll
MOD - [2011.01.23 02:39:25 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3309.28614__90ba9c70f846762e\LOG.Foundation.Private.dll
MOD - [2011.01.23 02:39:25 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3309.28627__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
MOD - [2011.01.23 02:39:25 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3309.28612__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll
MOD - [2011.01.23 02:39:25 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3309.28626__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MOD - [2011.01.23 02:39:24 | 001,142,784 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3693.42446__90ba9c70f846762e\CLI.Component.Dashboard.dll
MOD - [2011.01.23 02:39:24 | 000,081,920 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ATIDEMOS\2.0.3693.42440__90ba9c70f846762e\ATIDEMOS.dll
MOD - [2011.01.23 02:39:24 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3309.28621__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
MOD - [2011.01.23 02:39:24 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CCC.Implementation\2.0.3693.42531__90ba9c70f846762e\CCC.Implementation.dll
MOD - [2011.01.23 02:39:24 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3309.28624__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
MOD - [2011.01.23 02:39:24 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3309.28637__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
MOD - [2011.01.23 02:39:23 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\APM.Server\2.0.3693.42439__90ba9c70f846762e\APM.Server.dll
MOD - [2011.01.23 02:39:23 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Server\2.0.3693.42438__90ba9c70f846762e\AEM.Server.dll
MOD - [2011.01.23 02:39:23 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
MOD - [2009.11.24 14:36:36 | 000,016,384 | R--- | M] () -- C:\Programme\ATI Technologies\ATI.ACE\Branding\Branding.dll
MOD - [2009.07.07 21:10:14 | 000,151,552 | ---- | M] () -- C:\WINDOWS\system32\ANIWConnService.exe
MOD - [2009.07.07 19:50:04 | 000,258,048 | ---- | M] () -- C:\WINDOWS\system32\wlanapp.dll
MOD - [2009.06.01 15:23:24 | 000,315,392 | ---- | M] () -- C:\WINDOWS\system32\ANIOApi.dll
MOD - [2009.06.01 15:23:24 | 000,315,392 | ---- | M] () -- C:\Programme\D-Link\DWL-G122_DWA-110\ANIOApi.dll
MOD - [2008.04.14 04:22:16 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - [2012.05.29 13:09:52 | 001,528,672 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2012.05.29 13:09:50 | 000,029,024 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\WINDOWS\system32\uxtuneup.dll -- (UxTuneUp)
SRV - [2012.05.02 01:42:28 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.05.02 00:55:21 | 000,465,360 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe -- (AntiVirWebService)
SRV - [2012.05.02 00:34:34 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2010.10.20 12:22:24 | 000,630,272 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010.02.19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2010.01.15 14:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Programme\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2010.01.09 21:37:50 | 004,640,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2010.01.09 21:18:00 | 000,149,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
SRV - [2009.08.21 10:27:24 | 000,102,400 | ---- | M] (Wireless Service) [Auto | Stopped] -- C:\Programme\ANI\ANIWZCS2 Service\ANIWZCSdS.exe -- (ANIWZCSdService)
SRV - [2009.07.07 21:10:14 | 000,151,552 | ---- | M] () [Auto | Running] -- C:\WINDOWS\system32\ANIWConnService.exe -- (ANIWConnService)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] --  -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
DRV - File not found [Kernel | System | Stopped] -- system32\DRIVERS\AmdPPM.sys -- (AmdPPM)
DRV - [2012.04.27 10:20:04 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2012.04.25 00:32:27 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2012.04.16 21:17:40 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2012.04.04 15:56:40 | 000,022,344 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012.03.29 16:32:12 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2011.01.25 16:52:25 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\atksgt.sys -- (atksgt)
DRV - [2011.01.25 16:52:25 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2010.12.30 12:59:18 | 006,290,024 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2010.06.17 15:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010.02.26 15:32:58 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2010.02.26 15:32:46 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2010.02.26 15:32:44 | 000,022,528 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2010.02.26 15:32:44 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2010.02.26 15:21:22 | 000,137,344 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsu.sys -- (nmwcdnsu)
DRV - [2010.02.26 15:21:22 | 000,008,320 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmwcdnsuc.sys -- (nmwcdnsuc)
DRV - [2010.02.11 14:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\tcpip6.sys -- (Tcpip6)
DRV - [2010.02.11 09:38:10 | 003,565,056 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2009.11.18 08:17:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2009.11.18 08:16:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2009.08.26 12:44:44 | 001,025,920 | ---- | M] (NXP Semiconductors Germany GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\3xHybrid.sys -- (3xHybrid)
DRV - [2009.07.17 17:23:46 | 000,476,544 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Dr71WU.sys -- (RT73)
DRV - [2009.02.09 19:10:04 | 000,029,411 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\ANIO.sys -- (ANIO)
DRV - [2008.08.26 11:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2008.04.13 20:53:09 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2008.04.13 20:46:22 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MPE.sys -- (MPE)
DRV - [2006.07.02 00:30:28 | 000,043,520 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2004.08.03 23:31:34 | 000,020,992 | ---- | M] (Realtek Semiconductor Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RTL8139.sys -- (rtl8139) NT-Treiber für Realtek RTL8139(A/B/C)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=64bace1600000000000000179ab71453&tlver=1.4.19.19&affID=17159
IE - HKLM\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = hxxp://feed-msgplus.linkury.com/?publisher=MessengerPlus&dpid=MessengerPlus&co=DE&userid=42783c6a-fd68-4603-8087-e72c30b6a68a&sp=addr&q={searchTerms}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed-msgplus.linkury.com/?publisher=MessengerPlus&dpid=MessengerPlus&co=DE&userid=42783c6a-fd68-4603-8087-e72c30b6a68a&sp=addr&q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed-msgplus.linkury.com/?publisher=MessengerPlus&dpid=MessengerPlus&co=DE&userid=42783c6a-fd68-4603-8087-e72c30b6a68a&sp=addr&q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed-msgplus.linkury.com/?publisher=MessengerPlus&dpid=MessengerPlus&co=DE&userid=42783c6a-fd68-4603-8087-e72c30b6a68a&sp=hp&searchtype=hp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://feed-msgplus.linkury.com/?publisher=MessengerPlus&dpid=MessengerPlus&co=DE&userid=42783c6a-fd68-4603-8087-e72c30b6a68a&sp=addr&q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://feed-msgplus.linkury.com/?publisher=MessengerPlus&dpid=MessengerPlus&co=DE&userid=42783c6a-fd68-4603-8087-e72c30b6a68a&sp=addr&q={searchTerms}
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKCU\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKCU\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = hxxp://feed-msgplus.linkury.com/?publisher=MessengerPlus&dpid=MessengerPlus&co=DE&userid=42783c6a-fd68-4603-8087-e72c30b6a68a&sp=addr&q={searchTerms}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{1B615B66-288E-4219-BCF4-D5C6675CC182}: "URL" = hxxp://www.google.de/search?q={searchTerms}
IE - HKCU\..\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5}: "URL" = hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=64bace1600000000000000179ab71453&tlver=1.4.19.19&affID=17159
IE - HKCU\..\SearchScopes\{61660818-E0A9-48BB-952D-E5D9DB2943AC}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-3&o=APN10395&src=crm&q={searchTerms}&locale=&apn_ptnrs=^ABT&apn_dtid=^YYYYYY^YY^DE&apn_uid=7d792dac-7e4c-45aa-954a-380e89fe3cc2&apn_sauid=B1BDD0A6-45DA-4AAC-B69C-D93FB1E8F2C5
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js - File not found
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Programme\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Programme\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Programme\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Programme\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Programme\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.04.30 17:51:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Programme\Mozilla Firefox\components [2012.01.25 10:06:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2012.04.15 10:12:08 | 000,000,000 | ---D | M]
 
[2011.01.23 01:54:45 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Extensions
[2012.06.21 23:24:49 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\extensions
[2012.06.11 20:25:54 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012.06.11 20:25:57 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2012.04.22 18:50:51 | 000,000,000 | ---D | M] (Browser Companion Helper) -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\extensions\bbrs_002@blabbers.com
[2011.03.27 09:33:28 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\extensions\engine@conduit.com
[2012.01.25 22:14:29 | 000,000,000 | ---D | M] (Babylon) -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\extensions\ffxtlbr@babylon.com
[2012.05.15 19:47:53 | 000,000,000 | ---D | M] ("Messenger Plus! Community Smartbar") -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\extensions\helperbar@helperbar.com
[2012.05.15 19:47:53 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\extensions\staged
[2012.06.21 23:25:03 | 000,000,000 | ---D | M] (Avira SearchFree Toolbar plus Web Protection) -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\extensions\toolbar@ask.com
[2012.06.21 23:25:03 | 000,002,344 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\searchplugins\askcom.xml
[2012.05.14 13:14:23 | 000,002,422 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\searchplugins\rfoXrjnsuLdgegqxJ
[2012.04.18 12:21:06 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.04.11 13:43:52 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2012.04.18 12:21:06 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
[2011.09.30 10:22:26 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\distribution\extensions
[2011.09.30 10:22:26 | 000,000,000 | ---D | M] (WEB.DE Toolbar) -- C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de
File not found (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\HEIKE\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\AO783VXH.DEFAULT\EXTENSIONS\TOOLBAR@WEB.DE.XPI
[2012.01.25 10:06:08 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll
[2012.04.18 12:20:41 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\mozilla firefox\plugins\npdeployJava1.dll
[2012.01.25 10:06:03 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.04.03 17:40:05 | 000,002,423 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\babylon.xml
[2012.01.25 10:06:03 | 000,002,252 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml
[2012.01.25 10:06:03 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2012.01.25 10:06:03 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.01.25 10:06:03 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.01.25 10:06:03 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = hxxp://www.google.com/search?q={searchTerms}&ie=utf-8&oe=utf-8&aq=t
CHR - default_search_provider: suggest_url = hxxp://suggestqueries.google.com/complete/search?q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Programme\Google\Chrome\Application\19.0.1084.56\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Programme\Google\Chrome\Application\19.0.1084.56\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Programme\Google\Chrome\Application\19.0.1084.56\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Programme\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Programme\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Programme\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Programme\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Programme\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
CHR - Extension: Avira Toolbar = C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.2.0_0\
CHR - Extension: Avira Toolbar = C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.2.23832_0\
CHR - Extension: YouTube = C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google-Suche = C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Babylon Translator = C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.4_0\
CHR - Extension: Browser Companion Helper = C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\kolgnaidildmdbfgdnoapjdianbpajne\1.0.5_0\
CHR - Extension: Mehr Leistung und Videoformate f\u00FCr dein HTML5 \u003Cvideo\u003E = C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: Google Mail = C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2004.08.10 21:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Browser Companion Helper) - {00cbb66b-1d3b-46d3-9577-323a336acb50} - C:\Programme\BrowserCompanion\jsloader.dll ( )
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (CescrtHlpr Object) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Programme\BabylonToolbar\BabylonToolbar\1.4.19.19\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Programme\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\prxtbDVD2.dll (Conduit Ltd.)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Browser Companion Helper Verifier) - {963B125B-8B21-49A2-A3A8-E37092276531} - C:\Programme\BrowserCompanion\updatebhoWin32.dll ( )
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\prxtbDVD2.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Programme\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarTlbr.dll (Babylon Ltd.)
O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Programme\DVDVideoSoftTB\prxtbDVD2.dll (Conduit Ltd.)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Programme\Gemeinsame Dateien\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS5.5ServiceManager] "C:\Programme\Gemeinsame Dateien\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin File not found
O4 - HKLM..\Run: [ANIWZCS2Service] C:\Programme\ANI\ANIWZCS2 Service\WZCSLDR2.exe (Wireless Service)
O4 - HKLM..\Run: [ApnUpdater] C:\Programme\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [BabylonToolbar] C:\Programme\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe (Babylon Ltd.)
O4 - HKLM..\Run: [Browser companion helper] C:\Programme\BrowserCompanion\BCHelper.exe (Blabbers Communications LTD)
O4 - HKLM..\Run: [ControlCenter3] C:\Programme\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [DivXUpdate] C:\Programme\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [D-Link D-Link Wireless G DWL-G122_DWA-110] C:\Programme\D-Link\DWL-G122_DWA-110\AirGCFG.exe (D-Link Corp.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [PlusService] C:\Programme\Yuna Software\Messenger Plus!\PlusService.exe (Yuna Software)
O4 - HKLM..\Run: [StartCCC] C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Programme\Gemeinsame Dateien\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [WZCSLDR2] C:\Programme\D-Link\DWL-G122_DWA-110\WZCSLDR2.exe File not found
O4 - HKCU..\Run: [AdobeBridge]  File not found
O4 - HKCU..\Run: [Browser Infrastructure Helper] C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\Smartbar.exe (Smartbar)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallVisualStyle = C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles (Microsoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: InstallTheme = C:\WINDOWS\Resources\Themes\Royale.theme ()
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000049 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} hxxp://support.asus.com/common/asusTek_sys_ctrl.cab (asusTek_sysctrl Class)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1295737416552 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1295788851984 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0C23FCC7-F4B9-46DA-97D1-DA6F4976879B}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{116D2D8C-D061-4ADE-B1EF-8E5219BD8CE2}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{680C4CA3-A1DD-4D88-8902-9BC975AD5800}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{94AD21AF-90EE-4DE1-AFCC-2EFD61D49431}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C71271D2-D213-4F3D-A19F-85020B77EA8B}: NameServer = 192.168.2.1
O18 - Protocol\Handler\base64 {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Programme\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)
O18 - Protocol\Handler\chrome {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Programme\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\prox {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Programme\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: 
O24 - Desktop BackupWallPaper: 
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011.01.23 00:41:25 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
NetSvcs: Ias -  File not found
NetSvcs: Iprip -  File not found
NetSvcs: Irmon -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: UxTuneUp - C:\WINDOWS\system32\uxtuneup.dll (TuneUp Software)
NetSvcs: WmdmPmSp -  File not found
 
 
 
 
ActiveX: {0213C6AF-5562-4D09-884C-2ADCFC8C2F35} - Microsoft .NET Framework 1.1 Security Update (KB2656353)
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vektorgrafik-Rendering (VML)
ActiveX: {14F4D1F6-79E4-4256-A10B-3CCD138698C6} - Microsoft .NET Framework 1.0 Hotfix (KB2656378)
ActiveX: {1897C549-AE52-4571-8996-44854F5612B2} - Microsoft .NET Framework 1.1 Security Update (KB2656370)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {29E7D24F-BF30-45E7-8A40-AD27AFD8F5C6} - Microsoft .NET Framework 1.0 Hotfix (KB979904)
ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {339E9413-F230-4F0F-ADDD-17914D95FD6D} - Microsoft .NET Framework 1.0 Hotfix (KB2604042)
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML-Datenbindung für Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {407408d4-94ed-4d86-ab69-a7f649d112ee} - %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection QuickLaunchShortcut 640 %systemroot%\inf\mcdftreg.inf
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Erweitertes Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4F00D11B-8327-4C55-B7DA-B8D8C10F28A8} - Microsoft .NET Framework 1.0 Hotfix (KB2572066)
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5056b317-8d4c-43ee-8543-b9d1e234b8f4} - Sicherheitsupdate für Windows XP (KB923789)
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73fa19d0-2d75-11d2-995d-00c04f98bbc9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
ActiveX: {8BF1B8CD-9A6C-4382-A454-CC769B913F48} - Microsoft .NET Framework 1.0 Hotfix (KB2656378)
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Taskplaner
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E78BFA60-5393-4C38-82AB-E8019E464EB4} - .NET Framework
ActiveX: {E8EA5BD6-D931-4001-ABF6-81BAA500360A} - Microsoft .NET Framework 1.0 Hotfix (KB953295)
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {EA29D410-CE41-4953-A862-2DE706A1DAD7} - Microsoft .NET Framework 1.0 Service Pack 3
ActiveX: {EF289A85-8E57-408d-BE47-73B55609861A} - RootsUpdate
ActiveX: {FDC11A6F-17D1-48f9-9EA3-9051954BAA24} - .NET Framework
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
ActiveX: KB910393 - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\EasyCDBlock.inf,PerUserInstall
 
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.yv12 - C:\WINDOWS\System32\DivX.dll (DivX, Inc.)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.06.22 13:16:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2012.06.22 13:06:41 | 000,000,000 | ---D | C] -- C:\DOKUME~1\Heike\LOKALE~1\Temp\CRX_75DAF8CB7768
[2012.06.22 12:22:22 | 000,000,000 | ---D | C] -- C:\DOKUME~1\Heike\LOKALE~1\Temp\PRDecrypt
[2012.06.22 12:00:15 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Heike\Desktop\Avira
[2012.06.22 11:58:15 | 000,000,000 | ---D | C] -- C:\DOKUME~1\Heike\LOKALE~1\Temp\WPDNSE
[2012.06.22 11:43:59 | 000,000,000 | ---D | C] -- C:\DOKUME~1\Heike\LOKALE~1\Temp\scoped_dir27688
[2012.06.22 11:43:58 | 000,000,000 | ---D | C] -- C:\DOKUME~1\Heike\LOKALE~1\Temp\scoped_dir6411
[2012.06.22 11:43:58 | 000,000,000 | ---D | C] -- C:\DOKUME~1\Heike\LOKALE~1\Temp\scoped_dir27684
[2012.06.22 11:43:58 | 000,000,000 | ---D | C] -- C:\DOKUME~1\Heike\LOKALE~1\Temp\scoped_dir12299
[2012.06.21 23:30:54 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Avira
[2012.06.21 23:25:11 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Avira
[2012.06.21 23:24:54 | 000,000,000 | ---D | C] -- C:\DOKUME~1\Heike\LOKALE~1\Temp\AskSearch
[2012.06.21 23:24:50 | 000,000,000 | ---D | C] -- C:\Programme\Ask.com
[2012.06.21 23:24:46 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\AskToolbar
[2012.06.21 23:24:39 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\APN
[2012.06.21 23:24:23 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\ssmdrv.sys
[2012.06.21 23:24:21 | 000,137,928 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2012.06.21 23:24:21 | 000,036,000 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avkmgr.sys
[2012.06.21 23:24:20 | 000,083,392 | ---- | C] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2012.06.21 23:24:19 | 000,000,000 | ---D | C] -- C:\Programme\Avira
[2012.06.21 23:24:19 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Avira
[2012.06.21 21:21:50 | 000,000,000 | ---D | C] -- C:\Programme\ESET
[2012.06.21 20:48:59 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\TuneUp Software
[2012.06.21 20:03:27 | 000,000,000 | ---D | C] -- C:\DOKUME~1\Heike\LOKALE~1\Temp\{D02330D7-90EC-4CC7-8F3A-6C4E9205E424}
[2012.06.21 20:03:03 | 000,000,000 | ---D | C] -- C:\DOKUME~1\Heike\LOKALE~1\Temp\{EF24BF7D-7AC1-4C33-B59D-62B4EEE1430E}
[2012.06.17 22:55:21 | 000,000,000 | ---D | C] -- C:\Kaspersky Rescue Disk 10.0
[2012.06.14 14:46:57 | 000,029,024 | ---- | C] (TuneUp Software) -- C:\WINDOWS\System32\uxtuneup.dll
[2012.06.14 14:45:13 | 000,031,584 | ---- | C] (TuneUp Software) -- C:\WINDOWS\System32\TURegOpt.exe
[2012.06.14 14:45:06 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\TuneUp Utilities 2012
[2012.06.14 14:44:38 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\TuneUp Software
[2012.06.14 14:44:02 | 000,000,000 | ---D | C] -- C:\Programme\TuneUp Utilities 2012
[2012.06.14 14:43:44 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TuneUp Software
[2012.06.14 14:31:00 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{32364CEA-7855-4A3C-B674-53D8E9B97936}
[2012.06.14 14:31:00 | 000,000,000 | -H-D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Common Files
[2012.06.12 17:28:59 | 000,000,000 | ---D | C] -- C:\DOKUME~1\Heike\LOKALE~1\Temp\APNLogs
[2012.06.12 17:28:57 | 000,000,000 | ---D | C] -- C:\DOKUME~1\Heike\LOKALE~1\Temp\APN-Stub
[2012.06.12 17:28:34 | 000,000,000 | ---D | C] -- C:\DOKUME~1\Heike\LOKALE~1\Temp\Microsoft Visual C++ 2010  x86 Redistributable Setup_10.0.40219
[2012.06.12 16:33:04 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Malwarebytes
[2012.06.12 16:32:52 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware
[2012.06.12 16:32:50 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2012.06.12 16:32:49 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2012.06.12 16:32:49 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2012.06.12 16:28:43 | 000,000,000 | ---D | C] -- C:\DOKUME~1\Heike\LOKALE~1\Temp\scoped_dir_14528
[2012.06.12 16:28:42 | 000,000,000 | ---D | C] -- C:\DOKUME~1\Heike\LOKALE~1\Temp\scoped_dir_25004
[2012.06.11 20:02:14 | 000,000,000 | ---D | C] -- C:\DOKUME~1\Heike\LOKALE~1\Temp\Btklhn
[2012.06.11 08:29:33 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft Works
[2012.06.11 08:29:33 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft Clip Gallery
[2012.06.11 08:28:17 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Works
[2012.06.08 03:35:04 | 000,909,104 | ---- | C] (Sun Microsystems, Inc.) -- C:\DOKUME~1\Heike\LOKALE~1\Temp\jre-6u33-windows-i586-iftw.exe
[2012.05.31 14:34:49 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\ALNO AG  Küchenplaner
[2012.05.31 14:34:37 | 000,000,000 | ---D | C] -- C:\Programme\ALNO
[6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[34 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1125 C:\DOKUME~1\Heike\LOKALE~1\Temp\*.tmp files -> C:\DOKUME~1\Heike\LOKALE~1\Temp\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.06.22 15:21:00 | 000,001,088 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2012.06.22 11:58:19 | 000,000,006 | ---- | M] () -- C:\WINDOWS\System32\ANIWZCSUSERNAME{680C4CA3-A1DD-4D88-8902-9BC975AD5800}
[2012.06.22 11:58:12 | 000,000,007 | ---- | M] () -- C:\WINDOWS\System32\ANIWZCSUSERNAME
[2012.06.22 11:58:02 | 000,001,084 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2012.06.22 11:57:45 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2012.06.21 23:53:48 | 000,000,264 | ---- | M] () -- C:\WINDOWS\tasks\RegClean Pro_UPDATES.job
[2012.06.21 23:53:47 | 000,000,256 | ---- | M] () -- C:\WINDOWS\tasks\RegClean Pro_DEFAULT.job
[2012.06.21 23:48:08 | 000,001,366 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Desktop\Registry kostenlos entrümpeln!.lnk
[2012.06.21 23:38:32 | 000,000,226 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2012.06.21 23:25:11 | 000,001,686 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Avira Control Center.lnk
[2012.06.21 22:36:34 | 000,179,653 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Desktop\Eset.JPG
[2012.06.21 19:50:10 | 000,116,761 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Desktop\Malware123.JPG
[2012.06.21 19:40:36 | 000,000,546 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Adobe Download Assistant.lnk
[2012.06.21 19:40:35 | 000,000,758 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Desktop\Tetris Unlimited.lnk
[2012.06.21 19:40:31 | 000,000,711 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Desktop\Free YouTube to MP3 Converter.lnk
[2012.06.21 18:12:53 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2012.06.14 15:32:09 | 003,548,624 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2012.06.14 15:25:39 | 000,463,080 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2012.06.14 15:25:39 | 000,444,638 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2012.06.14 15:25:39 | 000,085,962 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2012.06.14 15:25:39 | 000,072,514 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2012.06.14 15:20:26 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2012.06.14 14:45:09 | 000,001,726 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\TuneUp 1-Klick-Wartung.lnk
[2012.06.14 14:45:09 | 000,001,722 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\TuneUp Utilities 2012.lnk
[2012.06.12 22:36:53 | 000,118,077 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Desktop\Malwareprotokoll.JPG
[2012.06.12 21:30:34 | 000,132,568 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Desktop\Malwardruck.JPG
[2012.06.12 17:16:34 | 000,136,187 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Desktop\123456.JPG
[2012.06.12 16:32:52 | 000,000,771 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.06.12 16:29:30 | 000,001,792 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Google Chrome.lnk
[2012.06.11 08:29:33 | 000,001,499 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Microsoft Works.lnk
[2012.06.11 08:29:33 | 000,000,921 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Erinnerungen für Microsoft Works-Kalender.lnk
[2012.06.11 02:00:00 | 000,000,346 | ---- | M] () -- C:\WINDOWS\tasks\AdobeAAMUpdater-1.0-HEIKE-RECHNER-Heike.job
[2012.06.09 20:40:57 | 000,066,048 | ---- | M] () -- D:\Heike\Eigene Dateien\axAJuVVleELNOtsXaAyu
[2012.06.07 12:29:02 | 000,011,741 | ---- | M] () -- D:\Heike\Eigene Dateien\qeNVjvToUsQsnNDAGTgdq
[2012.05.30 17:04:17 | 000,003,284 | ---- | M] () -- C:\WINDOWS\System32\ANIWZCS{680C4CA3-A1DD-4D88-8902-9BC975AD5800}
[2012.05.30 16:06:27 | 000,000,006 | ---- | M] () -- C:\WINDOWS\System32\ANIWZCSUSERNAME{C71271D2-D213-4F3D-A19F-85020B77EA8B}
[2012.05.29 13:09:54 | 000,031,584 | ---- | M] (TuneUp Software) -- C:\WINDOWS\System32\TURegOpt.exe
[2012.05.29 13:09:50 | 000,029,024 | ---- | M] (TuneUp Software) -- C:\WINDOWS\System32\uxtuneup.dll
[2012.05.24 18:25:25 | 000,000,006 | ---- | M] () -- C:\WINDOWS\System32\ANIWZCSUSERNAME{94AD21AF-90EE-4DE1-AFCC-2EFD61D49431}
[6 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[34 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.06.21 23:25:11 | 000,001,686 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Avira Control Center.lnk
[2012.06.21 23:24:57 | 000,000,226 | ---- | C] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2012.06.21 22:36:33 | 000,179,653 | ---- | C] () -- C:\Dokumente und Einstellungen\Heike\Desktop\Eset.JPG
[2012.06.21 21:08:47 | 000,798,234 | ---- | C] () -- C:\DOKUME~1\Heike\LOKALE~1\Temp\IMT2AE.xml
[2012.06.21 21:08:46 | 000,002,036 | ---- | C] () -- C:\DOKUME~1\Heike\LOKALE~1\Temp\IMT2AC.xml
[2012.06.21 21:08:46 | 000,000,426 | ---- | C] () -- C:\DOKUME~1\Heike\LOKALE~1\Temp\IMT2AD.xml
[2012.06.21 20:04:55 | 000,016,384 | ---- | C] () -- C:\DOKUME~1\Heike\LOKALE~1\Temp\Perflib_Perfdata_7bc.dat
[2012.06.21 19:55:28 | 000,001,028 | -H-- | C] () -- C:\DOKUME~1\Heike\LOKALE~1\Temp\etilqs_vqm8DkrJ2Il6zYr
[2012.06.21 19:51:36 | 000,004,104 | -H-- | C] () -- C:\DOKUME~1\Heike\LOKALE~1\Temp\etilqs_UqmOxuuKgGzjFBi
[2012.06.21 19:51:07 | 000,002,052 | -H-- | C] () -- C:\DOKUME~1\Heike\LOKALE~1\Temp\etilqs_ubcYH7dFuquEAUq
[2012.06.21 19:50:09 | 000,116,761 | ---- | C] () -- C:\Dokumente und Einstellungen\Heike\Desktop\Malware123.JPG
[2012.06.21 19:45:10 | 000,007,802 | ---- | C] () -- C:\DOKUME~1\Heike\LOKALE~1\Temp\au-descriptor-1.6.0_33-b70.xml
[2012.06.21 19:44:55 | 000,131,200 | -H-- | C] () -- C:\DOKUME~1\Heike\LOKALE~1\Temp\etilqs_uWfBXM78BvaZwXR
[2012.06.21 19:44:53 | 000,004,100 | -H-- | C] () -- C:\DOKUME~1\Heike\LOKALE~1\Temp\etilqs_KFHHjyadzjchfKs
[2012.06.21 19:44:38 | 000,053,300 | -H-- | C] () -- C:\DOKUME~1\Heike\LOKALE~1\Temp\etilqs_b0mBLe0qP7tWAjQ
[2012.06.21 19:44:29 | 000,020,500 | -H-- | C] () -- C:\DOKUME~1\Heike\LOKALE~1\Temp\etilqs_2lC7H1Kh2WKvZwb
[2012.06.14 14:45:09 | 000,001,726 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\TuneUp 1-Klick-Wartung.lnk
[2012.06.14 14:45:09 | 000,001,722 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\TuneUp Utilities 2012.lnk
[2012.06.14 14:45:05 | 000,001,728 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\TuneUp Utilities 2012.lnk
[2012.06.12 22:36:53 | 000,118,077 | ---- | C] () -- C:\Dokumente und Einstellungen\Heike\Desktop\Malwareprotokoll.JPG
[2012.06.12 21:30:34 | 000,132,568 | ---- | C] () -- C:\Dokumente und Einstellungen\Heike\Desktop\Malwardruck.JPG
[2012.06.12 17:28:33 | 000,074,796 | ---- | C] () -- C:\DOKUME~1\Heike\LOKALE~1\Temp\Microsoft Visual C++ 2010  x86 Redistributable Setup_20120612_172834000.html
[2012.06.12 17:16:33 | 000,136,187 | ---- | C] () -- C:\Dokumente und Einstellungen\Heike\Desktop\123456.JPG
[2012.06.12 16:32:52 | 000,000,771 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.06.11 20:10:44 | 003,354,153 | ---- | C] () -- C:\DOKUME~1\Heike\LOKALE~1\Temp\64BACE164B4945482D45.$02
[2012.06.11 20:04:58 | 000,000,017 | ---- | C] () -- C:\DOKUME~1\Heike\LOKALE~1\Temp\Desk.$00
[2012.06.11 20:04:55 | 000,840,596 | ---- | C] () -- C:\DOKUME~1\Heike\LOKALE~1\Temp\64BACE164B4945482D45.$$0
[2012.06.11 20:04:55 | 000,001,048 | ---- | C] () -- C:\DOKUME~1\Heike\LOKALE~1\Temp\64BACE164B4945482D456548
[2012.06.11 19:52:52 | 000,000,004 | -H-- | C] () -- C:\DOKUME~1\Heike\LOKALE~1\Temp\etilqs_gBSVxxRhHWx9m2e
[2012.06.11 14:13:41 | 000,002,056 | -H-- | C] () -- C:\DOKUME~1\Heike\LOKALE~1\Temp\etilqs_c0Bg3wSakG3ijB2
[2012.06.11 14:12:11 | 000,006,156 | -H-- | C] () -- C:\DOKUME~1\Heike\LOKALE~1\Temp\etilqs_bmo05ICrhJPABb5
[2012.06.11 14:11:43 | 000,028,704 | -H-- | C] () -- C:\DOKUME~1\Heike\LOKALE~1\Temp\etilqs_IGITGhfleuVFeIw
[2012.06.11 13:43:42 | 000,004,100 | -H-- | C] () -- C:\DOKUME~1\Heike\LOKALE~1\Temp\etilqs_eEReopmPo1KRHG1
[2012.06.11 13:33:12 | 000,045,100 | -H-- | C] () -- C:\DOKUME~1\Heike\LOKALE~1\Temp\etilqs_PAFMepr5t5O311Q
[2012.06.11 13:32:13 | 000,024,600 | -H-- | C] () -- C:\DOKUME~1\Heike\LOKALE~1\Temp\etilqs_i9tdrKjY7FyPp1R
[2012.06.11 08:29:33 | 000,001,906 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Microsoft Works.lnk
[2012.06.11 08:29:33 | 000,001,499 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Microsoft Works.lnk
[2012.06.11 08:29:33 | 000,000,921 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Erinnerungen für Microsoft Works-Kalender.lnk
[2012.02.16 15:37:48 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2011.09.23 08:13:58 | 000,007,168 | ---- | C] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.01.25 21:26:21 | 000,000,943 | ---- | C] () -- C:\WINDOWS\Brpfx04a.ini
[2011.01.25 21:26:21 | 000,000,149 | ---- | C] () -- C:\WINDOWS\brpcfx.ini
[2011.01.25 21:26:02 | 000,000,464 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI
[2011.01.25 21:26:02 | 000,000,027 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI
[2011.01.25 21:24:43 | 000,000,050 | ---- | C] () -- C:\WINDOWS\System32\bridf08b.dat
[2011.01.25 21:24:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\brdfxspd.dat
[2011.01.25 16:52:25 | 000,281,760 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys
[2011.01.25 16:52:25 | 000,025,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys
[2011.01.24 16:55:31 | 000,151,552 | ---- | C] () -- C:\WINDOWS\System32\ANIWConnService.exe
[2011.01.24 16:55:22 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\AQCKGen.dll
[2011.01.24 16:55:22 | 000,045,115 | ---- | C] () -- C:\WINDOWS\System32\ANICtl.dll
[2011.01.24 16:55:21 | 000,258,048 | ---- | C] () -- C:\WINDOWS\System32\wlanapp.dll
[2011.01.24 16:55:21 | 000,217,088 | ---- | C] () -- C:\WINDOWS\System32\aIPH.dll
[2011.01.24 16:55:06 | 000,315,392 | ---- | C] () -- C:\WINDOWS\System32\ANIOApi.dll
[2011.01.24 16:55:06 | 000,048,640 | ---- | C] () -- C:\WINDOWS\System32\ANIO64.sys
[2011.01.24 16:55:06 | 000,029,411 | ---- | C] () -- C:\WINDOWS\System32\ANIO.sys
[2011.01.24 16:54:49 | 000,733,184 | ---- | C] () -- C:\WINDOWS\System32\ANIOWPS.dll
[2011.01.24 16:54:49 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\ANIWPS.exe
[2011.01.24 16:54:25 | 000,002,048 | ---- | C] () -- C:\WINDOWS\System32\rt73.bin
[2011.01.23 02:18:53 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2011.01.23 02:16:44 | 000,593,920 | ---- | C] () -- C:\WINDOWS\System32\ati2sgag.exe
[2011.01.23 01:54:38 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2011.01.23 01:43:00 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011.01.23 00:56:09 | 000,000,138 | ---- | C] () -- C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2011.01.23 00:49:46 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011.01.23 00:44:26 | 000,001,124 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2011.01.23 00:37:56 | 000,021,740 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011.01.23 00:27:38 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011.01.23 00:26:36 | 003,548,624 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[1601.02.13 10:28:18 | 000,112,763 | ---- | C] () -- C:\Dokumente und Einstellungen\Heike\xGyAJQffDsEnrgssXTjy
[1601.02.13 10:28:18 | 000,075,485 | ---- | C] () -- C:\Dokumente und Einstellungen\Heike\jlOUyupLflvxoOsyspNfj
[1601.02.13 10:28:18 | 000,004,942 | ---- | C] () -- C:\Dokumente und Einstellungen\Heike\TdqNpnxDOdEQeqfpJ
 
========== LOP Check ==========
 
[2012.06.14 14:31:00 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Common Files
[2012.06.11 20:23:40 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\elsterformular
[2011.01.23 03:25:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Fujitsu
[2011.01.23 14:05:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Innovative Solutions
[2011.03.17 16:49:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Installations
[2012.04.23 09:29:26 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Messenger Plus!
[2011.03.17 16:54:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Nokia
[2011.03.17 16:58:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\PC Suite
[2011.05.21 15:30:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\regid.1986-12.com.adobe
[2011.01.29 07:19:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Solidshield
[2012.06.14 14:45:17 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TuneUp Software
[2012.06.14 14:31:00 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{32364CEA-7855-4A3C-B674-53D8E9B97936}
[2011.04.04 06:49:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\BabylonToolbar
[2011.11.20 17:14:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011.05.21 14:37:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\com.adobe.downloadassistant.AdobeDownloadAssistant
[2012.06.11 20:25:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\DVDVideoSoftIEHelpers
[2011.03.07 10:22:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\elsterformular
[2011.11.20 18:11:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\gtk-2.0
[2012.06.12 21:10:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\ICQ
[2011.01.24 21:23:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\OpenOffice.org
[2011.03.17 16:58:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\PC Suite
[2011.01.25 21:57:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\PC-FAX TX
[2012.04.07 15:44:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\PriceGong
[2011.11.20 17:10:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2012.04.11 13:42:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Systweak
[2012.06.11 20:26:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\TeamViewer
[2012.06.21 23:46:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\TuneUp Software
[2011.01.26 22:38:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Ubisoft
[2012.06.21 23:53:47 | 000,000,256 | ---- | M] () -- C:\WINDOWS\Tasks\RegClean Pro_DEFAULT.job
[2012.06.21 23:53:48 | 000,000,264 | ---- | M] () -- C:\WINDOWS\Tasks\RegClean Pro_UPDATES.job
[2012.06.21 23:38:32 | 000,000,226 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2011.05.21 15:40:42 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Adobe
[2012.06.11 20:25:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Adobe Mini Bridge CS5.1
[2011.01.23 02:39:49 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\ATI
[2012.06.21 23:30:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Avira
[2011.04.04 06:49:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\BabylonToolbar
[2011.01.30 15:09:04 | 000,000,000 | R--D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Brother
[2011.11.20 17:14:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011.05.21 14:37:05 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\com.adobe.downloadassistant.AdobeDownloadAssistant
[2011.09.23 08:12:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\DivX
[2012.06.11 20:25:13 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\DVDVideoSoftIEHelpers
[2011.03.07 10:22:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\elsterformular
[2011.03.18 20:43:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Google
[2011.11.20 18:11:31 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\gtk-2.0
[2012.06.12 21:10:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\ICQ
[2011.01.23 01:00:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Identities
[2011.01.23 15:24:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\InstallShield
[2011.01.23 01:08:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Macromedia
[2012.06.12 16:33:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Malwarebytes
[2012.05.14 13:14:15 | 000,000,000 | --SD | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Microsoft
[2011.01.23 01:54:45 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla
[2011.01.24 21:23:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\OpenOffice.org
[2011.03.17 16:58:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\PC Suite
[2011.01.25 21:57:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\PC-FAX TX
[2012.04.07 15:44:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\PriceGong
[2011.11.20 17:10:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2011.01.23 01:41:27 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Sun
[2012.04.11 13:42:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Systweak
[2012.06.11 20:26:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\TeamViewer
[2012.06.21 23:46:07 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\TuneUp Software
[2011.01.26 22:38:04 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Ubisoft
 
< %APPDATA%\*.exe /s >
[2011.05.21 14:36:29 | 000,053,632 | ---- | M] (Adobe Systems Inc.) -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
 
< %SYSTEMDRIVE%\*.exe >
 
< MD5 for: AGP440.SYS  >
[2004.08.10 21:00:00 | 017,006,491 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
[2011.01.23 01:40:04 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
[2011.01.23 01:40:04 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
[2008.04.13 20:36:38 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
 
< MD5 for: ATAPI.SYS  >
[2004.08.10 21:00:00 | 017,006,491 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2011.01.23 01:40:04 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
[2011.01.23 01:40:04 | 023,898,261 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
[2008.04.13 20:40:30 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
[2004.08.10 21:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
 
< MD5 for: EVENTLOG.DLL  >
[2008.04.14 04:22:10 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
[2008.04.14 04:22:10 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=04955AA695448C181B367D964AF158AA -- C:\WINDOWS\system32\eventlog.dll
[2004.08.10 21:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=B932C077D5A65B71B4512544AC404CB4 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
 
< MD5 for: IASTOR.SYS  >
[2005.10.12 13:07:12 | 000,874,240 | ---- | M] (Intel Corporation) MD5=309C4D86D989FB1FCF64BD30DC81C51B -- C:\WINDOWS\system32\drivers\iaStor.sys
 
< MD5 for: NETLOGON.DLL  >
[2008.04.14 04:22:19 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
[2008.04.14 04:22:19 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=0098D35F91DEAB9C127360A877F2CF84 -- C:\WINDOWS\system32\netlogon.dll
[2004.08.10 21:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=D27395EDCD3416AFD125A9370DCB585C -- C:\WINDOWS\$NtUninstallKB968389_0$\netlogon.dll
[2009.02.06 20:46:10 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=ED4BBAD725A21632FB205452749FC8F5 -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
[2009.02.06 20:46:10 | 000,408,064 | ---- | M] (Microsoft Corporation) MD5=ED4BBAD725A21632FB205452749FC8F5 -- C:\WINDOWS\$NtUninstallKB975467_0$\netlogon.dll
 
< MD5 for: NVATABUS.SYS  >
[2005.08.18 17:52:06 | 000,093,568 | ---- | M] (NVIDIA Corporation) MD5=0344AA9113DC16EEC379F4652020849D -- C:\WINDOWS\system32\drivers\nvatabus.sys
 
< MD5 for: SCECLI.DLL  >
[2008.04.14 04:22:23 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
[2008.04.14 04:22:23 | 000,187,904 | ---- | M] (Microsoft Corporation) MD5=5132443DF6FC3771A17AB4AE55DCBC28 -- C:\WINDOWS\system32\scecli.dll
[2004.08.10 21:00:00 | 000,186,880 | ---- | M] (Microsoft Corporation) MD5=64DC26B3CF7BCCAD431CE360A4C625D5 -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
 
< MD5 for: USER32.DLL  >
[2005.03.02 20:09:46 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=3751D7CF0E0A113D84414992146BCE6A -- C:\WINDOWS\$NtServicePackUninstall$\user32.dll
[2005.03.02 20:19:56 | 000,578,560 | ---- | M] (Microsoft Corporation) MD5=4C90159A69A5FD3EB39C71411F28FCFF -- C:\WINDOWS\$hf_mig$\KB890859\SP2QFE\user32.dll
[2008.04.14 04:22:31 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\ServicePackFiles\i386\user32.dll
[2008.04.14 04:22:31 | 000,580,096 | ---- | M] (Microsoft Corporation) MD5=B0050CC5340E3A0760DD8B417FF7AEBD -- C:\WINDOWS\system32\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2008.04.14 04:23:03 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\ServicePackFiles\i386\userinit.exe
[2008.04.14 04:23:03 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=788F95312E26389D596C0FA55834E106 -- C:\WINDOWS\system32\userinit.exe
[2004.08.10 21:00:00 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=D1E53DC57143F2584B1DD53B036C0633 -- C:\WINDOWS\$NtServicePackUninstall$\userinit.exe
 
< MD5 for: VIAMRAID.SYS  >
[2005.04.08 11:43:26 | 000,060,928 | ---- | M] (VIA Technologies inc,.ltd) MD5=0363E216E4EB5052969C96608934DBDE -- C:\WINDOWS\system32\drivers\viamraid.sys
 
< MD5 for: WINLOGON.EXE  >
[2012.04.04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Programme\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2004.08.10 21:00:00 | 000,507,392 | ---- | M] (Microsoft Corporation) MD5=2B6A0BAF33A9918F09442D873848FF72 -- C:\WINDOWS\$NtServicePackUninstall$\winlogon.exe
[2008.04.14 04:23:05 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\ServicePackFiles\i386\winlogon.exe
[2008.04.14 04:23:05 | 000,513,024 | ---- | M] (Microsoft Corporation) MD5=F09A527B422E25C478E38CAA0E44417A -- C:\WINDOWS\system32\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2004.08.10 21:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\dllcache\ws2ifsl.sys
[2004.08.10 21:00:00 | 000,012,032 | ---- | M] (Microsoft Corporation) MD5=6ABE6E225ADB5A751622A9CC3BC19CE8 -- C:\WINDOWS\system32\drivers\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
[2011.01.23 01:25:31 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2011.01.23 01:25:31 | 000,663,552 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2011.01.23 01:25:31 | 000,462,848 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
[6 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]

< End of report >
         
was konntest du denn anhand dieses ganzen bustaben salats nun herauslesen?? ich sehe da nichts besonderes...

Naja kanns ja auch net, lesen.. hihi..

Und was genau haben wir nun mit diesen zwei programmen gemacht?

Vielen vielen dank... schon einmal im voraus...!! Dank für deine hilfe...

Alt 24.06.2012, 15:08   #11
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Dateien Verschlüsselt Bundestrojaner noch auf dem Rechner - Standard

Dateien Verschlüsselt Bundestrojaner noch auf dem Rechner



Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Code:
ATTFilter
:OTL
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=64bace1600000000000000179ab71453&tlver=1.4.19.19&affID=17159
IE - HKLM\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed-msgplus.linkury.com/?publisher=MessengerPlus&dpid=MessengerPlus&co=DE&userid=42783c6a-fd68-4603-8087-e72c30b6a68a&sp=addr&q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://feed-msgplus.linkury.com/?publisher=MessengerPlus&dpid=MessengerPlus&co=DE&userid=42783c6a-fd68-4603-8087-e72c30b6a68a&sp=addr&q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://feed-msgplus.linkury.com/?publisher=MessengerPlus&dpid=MessengerPlus&co=DE&userid=42783c6a-fd68-4603-8087-e72c30b6a68a&sp=addr&q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://feed-msgplus.linkury.com/?publisher=MessengerPlus&dpid=MessengerPlus&co=DE&userid=42783c6a-fd68-4603-8087-e72c30b6a68a&sp=hp&searchtype=hp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed-msgplus.linkury.com/?publisher=MessengerPlus&dpid=MessengerPlus&co=DE&userid=42783c6a-fd68-4603-8087-e72c30b6a68a&sp=addr&q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed-msgplus.linkury.com/?publisher=MessengerPlus&dpid=MessengerPlus&co=DE&userid=42783c6a-fd68-4603-8087-e72c30b6a68a&sp=addr&q={searchTerms}
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKCU\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKCU\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed-msgplus.linkury.com/?publisher=MessengerPlus&dpid=MessengerPlus&co=DE&userid=42783c6a-fd68-4603-8087-e72c30b6a68a&sp=addr&q={searchTerms}
IE - HKCU\..\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5}: "URL" = http://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=64bace1600000000000000179ab71453&tlver=1.4.19.19&affID=17159
IE - HKCU\..\SearchScopes\{61660818-E0A9-48BB-952D-E5D9DB2943AC}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=AVR-3&o=APN10395&src=crm&q={searchTerms}&locale=&apn_ptnrs=^ABT&apn_dtid=^YYYYYY^YY^DE&apn_uid=7d792dac-7e4c-45aa-954a-380e89fe3cc2&apn_sauid=B1BDD0A6-45DA-4AAC-B69C-D93FB1E8F2C5
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
FF - prefs.js - File not found
FF - user.js - File not found
[2011.03.27 09:33:28 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\extensions\engine@conduit.com
[2012.01.25 22:14:29 | 000,000,000 | ---D | M] (Babylon) -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\extensions\ffxtlbr@babylon.com
[2012.05.15 19:47:53 | 000,000,000 | ---D | M] ("Messenger Plus! Community Smartbar") -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\extensions\helperbar@helperbar.com
[2012.06.21 23:25:03 | 000,000,000 | ---D | M] (Avira SearchFree Toolbar plus Web Protection) -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\extensions\toolbar@ask.com
[2012.06.21 23:25:03 | 000,002,344 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\searchplugins\askcom.xml
[2012.05.14 13:14:23 | 000,002,422 | ---- | M] () -- C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\searchplugins\rfoXrjnsuLdgegqxJ
[2011.09.30 10:22:26 | 000,000,000 | ---D | M] (WEB.DE Toolbar) -- C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de
File not found (No name found) -- C:\DOKUMENTE UND EINSTELLUNGEN\HEIKE\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\AO783VXH.DEFAULT\EXTENSIONS\TOOLBAR@WEB.DE.XPI
[2011.04.03 17:40:05 | 000,002,423 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\babylon.xml
CHR - Extension: Avira Toolbar = C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.2.0_0\
CHR - Extension: Avira Toolbar = C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.2.23832_0\
CHR - Extension: Babylon Translator = C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.4_0\
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Programme\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\prxtbDVD2.dll (Conduit Ltd.)
O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Programme\DVDVideoSoftTB\prxtbDVD2.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Programme\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarTlbr.dll (Babylon Ltd.)
O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Programme\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Programme\DVDVideoSoftTB\prxtbDVD2.dll (Conduit Ltd.)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Programme\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [BabylonToolbar] C:\Programme\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe (Babylon Ltd.)
O4 - HKLM..\Run: [WZCSLDR2] C:\Programme\D-Link\DWL-G122_DWA-110\WZCSLDR2.exe File not found
O4 - HKCU..\Run: [AdobeBridge]  File not found
O4 - HKCU..\Run: [Browser Infrastructure Helper] C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\Smartbar.exe (Smartbar)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011.01.23 00:41:25 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
:Files
C:\WINDOWS\Tasks\RegClean Pro_DEFAULT.job
C:\WINDOWS\Tasks\RegClean Pro_UPDATES.job
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\AskToolbar
C:\Programme\Ask.com
C:\Programme\BabylonToolbar
:Commands
[purity]
[emptytemp]
[emptyflash]
[resethosts]
         
Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!

Alt 01.07.2012, 17:37   #12
Heike28
 
Dateien Verschlüsselt Bundestrojaner noch auf dem Rechner - Standard

Dateien Verschlüsselt Bundestrojaner noch auf dem Rechner



Code:
ATTFilter
All processes killed
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{006ee092-9658-4fd6-bd8e-a21a348e59f5}\ not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Bar| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Search\\Default_Search_URL| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Search\\SearchAssistant| /E : value set successfully!
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{00000000-6E41-4FD3-8538-502F5495E5FC} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}\ deleted successfully.
C:\Programme\Ask.com\GenericAskToolbar.dll moved successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{006ee092-9658-4fd6-bd8e-a21a348e59f5}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1F096B29-E9DA-4D64-8D63-936BE7762CC5}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{61660818-E0A9-48BB-952D-E5D9DB2943AC}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{61660818-E0A9-48BB-952D-E5D9DB2943AC}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}\ not found.
C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\extensions\engine@conduit.com\searchplugin folder moved successfully.
C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\extensions\engine@conduit.com\META-INF folder moved successfully.
C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\extensions\engine@conduit.com\lib folder moved successfully.
C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\extensions\engine@conduit.com\DualPackage folder moved successfully.
C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\extensions\engine@conduit.com\defaults folder moved successfully.
C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\extensions\engine@conduit.com\components folder moved successfully.
C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\extensions\engine@conduit.com\chrome folder moved successfully.
C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\extensions\engine@conduit.com folder moved successfully.
C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\extensions\ffxtlbr@babylon.com\defaults\preferences folder moved successfully.
C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\extensions\ffxtlbr@babylon.com\defaults folder moved successfully.
C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\extensions\ffxtlbr@babylon.com\content\imgs\flgs folder moved successfully.
C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\extensions\ffxtlbr@babylon.com\content\imgs folder moved successfully.
C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\extensions\ffxtlbr@babylon.com\content folder moved successfully.
C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\extensions\ffxtlbr@babylon.com\components folder moved successfully.
C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\extensions\ffxtlbr@babylon.com folder moved successfully.
C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\extensions\helperbar@helperbar.com\components folder moved successfully.
C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\extensions\helperbar@helperbar.com\chrome\PublisherImages folder moved successfully.
C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\extensions\helperbar@helperbar.com\chrome\images folder moved successfully.
C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\extensions\helperbar@helperbar.com\chrome folder moved successfully.
C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\extensions\helperbar@helperbar.com folder moved successfully.
C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\extensions\toolbar@ask.com\searchplugins folder moved successfully.
C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\extensions\toolbar@ask.com\defaults\preferences folder moved successfully.
C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\extensions\toolbar@ask.com\defaults folder moved successfully.
C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\extensions\toolbar@ask.com\chrome\skin folder moved successfully.
C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\extensions\toolbar@ask.com\chrome\content folder moved successfully.
C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\extensions\toolbar@ask.com\chrome folder moved successfully.
C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\extensions\toolbar@ask.com folder moved successfully.
C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\searchplugins\askcom.xml moved successfully.
C:\Dokumente und Einstellungen\Heike\Anwendungsdaten\Mozilla\Firefox\Profiles\ao783vxh.default\searchplugins\rfoXrjnsuLdgegqxJ moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\skin\weather folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\skin\ticker folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\skin\shopping folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\skin\search\engine folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\skin\search folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\skin\pref folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\skin\phish folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\skin\newtab\initial-thumbs folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\skin\newtab folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\skin\neterror folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\skin\maps folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\skin\horoscope folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\skin\homebutton folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\skin\highlight folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\skin\help folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\skin\email folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\skin\ebay folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\skin\brand folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\skin folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\locale\en-US\weather folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\locale\en-US\ticker folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\locale\en-US\shopping folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\locale\en-US\search folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\locale\en-US\pref folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\locale\en-US\phish folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\locale\en-US\newtab folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\locale\en-US\neterror folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\locale\en-US\maps folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\locale\en-US\main folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\locale\en-US\horoscope folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\locale\en-US\highlight folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\locale\en-US\help folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\locale\en-US\email folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\locale\en-US\ebay folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\locale\en-US folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\locale\de-DE\weather folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\locale\de-DE\ticker folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\locale\de-DE\shopping folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\locale\de-DE\search folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\locale\de-DE\pref folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\locale\de-DE\phish folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\locale\de-DE\newtab folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\locale\de-DE\neterror folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\locale\de-DE\maps folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\locale\de-DE\main folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\locale\de-DE\horoscope folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\locale\de-DE\highlight folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\locale\de-DE\help\page folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\locale\de-DE\help folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\locale\de-DE\email folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\locale\de-DE\ebay folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\locale\de-DE folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\locale folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\defaults\preferences folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\defaults folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\content\weather folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\content\util folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\content\tracking folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\content\ticker folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\content\shopping folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\content\search\mcollect folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\content\search folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\content\pref folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\content\phish folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\content\newtab folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\content\neterror folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\content\maps folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\content\main folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\content\hotnews folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\content\horoscope folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\content\highlight folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\content\help folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\content\email folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\content\ebay folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\content folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\components folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de folder moved successfully.
C:\Programme\Mozilla Firefox\searchplugins\babylon.xml moved successfully.
File C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.2.0_0 not found.
C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.2.23832_0\tb_ux folder moved successfully.
C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.2.23832_0\lib folder moved successfully.
C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.2.23832_0\content_script\hack folder moved successfully.
C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.2.23832_0\content_script folder moved successfully.
C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.2.23832_0\config\skin\js folder moved successfully.
C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.2.23832_0\config\skin\images folder moved successfully.
C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.2.23832_0\config\skin\css folder moved successfully.
C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.2.23832_0\config\skin folder moved successfully.
C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.2.23832_0\config\locales\en folder moved successfully.
C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.2.23832_0\config\locales folder moved successfully.
C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.2.23832_0\config folder moved successfully.
C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.2.23832_0\background folder moved successfully.
C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.2.23832_0 folder moved successfully.
C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.4_0 folder moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{326E768D-4182-46FD-9C16-1449A49795F4}\ deleted successfully.
C:\Programme\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\ deleted successfully.
C:\Programme\DVDVideoSoftTB\prxtbDVD2.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully.
File C:\Programme\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{872b5b88-9db5-4310-bdd0-ac189557e5f5} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\ not found.
File C:\Programme\DVDVideoSoftTB\prxtbDVD2.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{98889811-442D-49dd-99D7-DC866BE87DBC} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{98889811-442D-49dd-99D7-DC866BE87DBC}\ deleted successfully.
C:\Programme\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarTlbr.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
File C:\Programme\Ask.com\GenericAskToolbar.dll not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{872B5B88-9DB5-4310-BDD0-AC189557E5F5} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}\ not found.
File C:\Programme\DVDVideoSoftTB\prxtbDVD2.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ApnUpdater deleted successfully.
C:\Programme\Ask.com\Updater\Updater.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\BabylonToolbar deleted successfully.
C:\Programme\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\WZCSLDR2 deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Browser Infrastructure Helper deleted successfully.
C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\Smartbar\Application\Smartbar.exe moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\HonorAutoRunSetting deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
C:\AUTOEXEC.BAT moved successfully.
========== FILES ==========
C:\WINDOWS\Tasks\RegClean Pro_DEFAULT.job moved successfully.
C:\WINDOWS\Tasks\RegClean Pro_UPDATES.job moved successfully.
C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job moved successfully.
C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\AskToolbar\APNU folder moved successfully.
C:\Dokumente und Einstellungen\Heike\Lokale Einstellungen\Anwendungsdaten\AskToolbar folder moved successfully.
C:\Programme\Ask.com\Updater folder moved successfully.
C:\Programme\Ask.com\assets\oobe folder moved successfully.
C:\Programme\Ask.com\assets folder moved successfully.
C:\Programme\Ask.com folder moved successfully.
C:\Programme\BabylonToolbar\BabylonToolbar\1.4.19.19\bh folder moved successfully.
C:\Programme\BabylonToolbar\BabylonToolbar\1.4.19.19 folder moved successfully.
C:\Programme\BabylonToolbar\BabylonToolbar folder moved successfully.
C:\Programme\BabylonToolbar folder moved successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56466 bytes
 
User: Heike
->Temp folder emptied: 1013374238 bytes
->Temporary Internet Files folder emptied: 23690855 bytes
->Java cache emptied: 469987 bytes
->FireFox cache emptied: 688465296 bytes
->Google Chrome cache emptied: 95200874 bytes
->Flash cache emptied: 251265 bytes
 
User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 33778 bytes
 
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 1689384 bytes
%systemroot%\System32 .tmp files removed: 3264903 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 14575053 bytes
RecycleBin emptied: 1244771 bytes
 
Total Files Cleaned = 1.757,00 mb
 
 
[EMPTYFLASH]
 
User: All Users
 
User: Default User
->Flash cache emptied: 0 bytes
 
User: Heike
->Flash cache emptied: 0 bytes
 
User: LocalService
 
User: NetworkService
 
Total Flash Files Cleaned = 0,00 mb
 
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
OTL by OldTimer - Version 3.2.51.0 log created on 07012012_182442

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...
         
Hy... Wie sieht es denn aktuell bei meinem rechner aus ist der Trojaner nun schon komplett weg??

Sorry das es dauerte aber arbeit weist ja...

Danke

Alt 02.07.2012, 10:15   #13
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Dateien Verschlüsselt Bundestrojaner noch auf dem Rechner - Standard

Dateien Verschlüsselt Bundestrojaner noch auf dem Rechner



Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.
Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!


Alt 02.07.2012, 14:17   #14
Heike28
 
Dateien Verschlüsselt Bundestrojaner noch auf dem Rechner - Standard

Dateien Verschlüsselt Bundestrojaner noch auf dem Rechner



Code:
ATTFilter
15:11:15.0046 2964	TDSS rootkit removing tool 2.7.43.0 Jun 29 2012 17:54:22
15:11:15.0343 2964	============================================================
15:11:15.0343 2964	Current date / time: 2012/07/02 15:11:15.0343
15:11:15.0343 2964	SystemInfo:
15:11:15.0343 2964	
15:11:15.0343 2964	OS Version: 5.1.2600 ServicePack: 3.0
15:11:15.0343 2964	Product type: Workstation
15:11:15.0343 2964	ComputerName: HEIKE-RECHNER
15:11:15.0343 2964	UserName: Heike
15:11:15.0343 2964	Windows directory: C:\WINDOWS
15:11:15.0343 2964	System windows directory: C:\WINDOWS
15:11:15.0343 2964	Processor architecture: Intel x86
15:11:15.0343 2964	Number of processors: 2
15:11:15.0343 2964	Page size: 0x1000
15:11:15.0343 2964	Boot type: Normal boot
15:11:15.0343 2964	============================================================
15:11:17.0250 2964	Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
15:11:17.0265 2964	============================================================
15:11:17.0265 2964	\Device\Harddisk0\DR0:
15:11:17.0265 2964	MBR partitions:
15:11:17.0265 2964	\Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x9C41AD8
15:11:17.0281 2964	\Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x9C41B56, BlocksNum 0x1B7E7CAA
15:11:17.0281 2964	============================================================
15:11:17.0375 2964	C: <-> \Device\Harddisk0\DR0\Partition0
15:11:17.0421 2964	D: <-> \Device\Harddisk0\DR0\Partition1
15:11:17.0421 2964	============================================================
15:11:17.0421 2964	Initialize success
15:11:17.0421 2964	============================================================
15:13:39.0437 1984	============================================================
15:13:39.0437 1984	Scan started
15:13:39.0437 1984	Mode: Manual; SigCheck; TDLFS; 
15:13:39.0437 1984	============================================================
15:13:39.0718 1984	3xHybrid        (50351ead98eecdad5d73eede94a86738) C:\WINDOWS\system32\DRIVERS\3xHybrid.sys
15:13:40.0671 1984	3xHybrid - ok
15:13:40.0687 1984	6to4            (d5a6658cbfbbf9a0f8827e83c9fde806) C:\WINDOWS\System32\6to4svc.dll
15:13:40.0750 1984	6to4 - ok
15:13:40.0750 1984	Abiosdsk - ok
15:13:40.0765 1984	abp480n5 - ok
15:13:40.0796 1984	ACPI            (ac407f1a62c3a300b4f2b5a9f1d55b2c) C:\WINDOWS\system32\DRIVERS\ACPI.sys
15:13:41.0406 1984	ACPI - ok
15:13:41.0437 1984	ACPIEC          (9e1ca3160dafb159ca14f83b1e317f75) C:\WINDOWS\system32\drivers\ACPIEC.sys
15:13:41.0578 1984	ACPIEC - ok
15:13:41.0578 1984	adpu160m - ok
15:13:41.0828 1984	aec             (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
15:13:41.0921 1984	aec - ok
15:13:41.0968 1984	AFD             (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
15:13:41.0984 1984	AFD - ok
15:13:42.0000 1984	Aha154x - ok
15:13:42.0000 1984	aic78u2 - ok
15:13:42.0000 1984	aic78xx - ok
15:13:42.0031 1984	Alerter         (738d80cc01d7bc7584be917b7f544394) C:\WINDOWS\system32\alrsvc.dll
15:13:42.0125 1984	Alerter - ok
15:13:42.0140 1984	ALG             (190cd73d4984f94d823f9444980513e5) C:\WINDOWS\System32\alg.exe
15:13:42.0250 1984	ALG - ok
15:13:42.0250 1984	AliIde - ok
15:13:42.0328 1984	Ambfilt         (267fc636801edc5ab28e14036349e3be) C:\WINDOWS\system32\drivers\Ambfilt.sys
15:13:42.0468 1984	Ambfilt - ok
15:13:42.0531 1984	AmdK8           (58be3c2f1aa041ea56f7305a6463035c) C:\WINDOWS\system32\DRIVERS\AmdK8.sys
15:13:42.0546 1984	AmdK8 - ok
15:13:42.0562 1984	AmdPPM - ok
15:13:42.0562 1984	amsint - ok
15:13:42.0593 1984	ANIO            (2953a157a783bfc06f42f99fefa5eb07) C:\WINDOWS\system32\ANIO.SYS
15:13:42.0609 1984	ANIO ( UnsignedFile.Multi.Generic ) - warning
15:13:42.0609 1984	ANIO - detected UnsignedFile.Multi.Generic (1)
15:13:42.0640 1984	ANIWConnService (3c417a392ec51e601ac55b5e196549e7) C:\WINDOWS\system32\ANIWConnService.exe
15:13:42.0656 1984	ANIWConnService ( UnsignedFile.Multi.Generic ) - warning
15:13:42.0656 1984	ANIWConnService - detected UnsignedFile.Multi.Generic (1)
15:13:42.0687 1984	ANIWZCSdService (495874eb368dcbacb56591b5dcb7336f) C:\Programme\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
15:13:42.0718 1984	ANIWZCSdService ( UnsignedFile.Multi.Generic ) - warning
15:13:42.0718 1984	ANIWZCSdService - detected UnsignedFile.Multi.Generic (1)
15:13:42.0828 1984	AntiVirSchedulerService (466a0d95960dad3222c896d2cea99993) C:\Programme\Avira\AntiVir Desktop\sched.exe
15:13:42.0843 1984	AntiVirSchedulerService - ok
15:13:42.0875 1984	AntiVirService  (a489be6bb0aa1ff406b488b60542314b) C:\Programme\Avira\AntiVir Desktop\avguard.exe
15:13:42.0890 1984	AntiVirService - ok
15:13:42.0921 1984	AntiVirWebService (676894fa57b671fec5c3f05f8929e03b) C:\Programme\Avira\AntiVir Desktop\AVWEBGRD.EXE
15:13:42.0953 1984	AntiVirWebService - ok
15:13:42.0984 1984	AppMgmt         (d45960be52c3c610d361977057f98c54) C:\WINDOWS\System32\appmgmts.dll
15:13:43.0093 1984	AppMgmt - ok
15:13:43.0125 1984	Arp1394         (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys
15:13:43.0218 1984	Arp1394 - ok
15:13:43.0234 1984	asc - ok
15:13:43.0234 1984	asc3350p - ok
15:13:43.0234 1984	asc3550 - ok
15:13:43.0328 1984	aspnet_state    (0e5e4957549056e2bf2c49f4f6b601ad) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
15:13:43.0343 1984	aspnet_state - ok
15:13:43.0359 1984	AsyncMac        (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
15:13:43.0468 1984	AsyncMac - ok
15:13:43.0484 1984	atapi           (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
15:13:43.0593 1984	atapi - ok
15:13:43.0593 1984	Atdisk - ok
15:13:43.0640 1984	Ati HotKey Poller (471087b5e1e01cc82604e81ea14781d8) C:\WINDOWS\system32\Ati2evxx.exe
15:13:43.0703 1984	Ati HotKey Poller ( UnsignedFile.Multi.Generic ) - warning
15:13:43.0703 1984	Ati HotKey Poller - detected UnsignedFile.Multi.Generic (1)
15:13:43.0750 1984	ATI Smart       (b979ba0120b6db757196a8e2e873fe3c) C:\WINDOWS\system32\ati2sgag.exe
15:13:43.0781 1984	ATI Smart ( UnsignedFile.Multi.Generic ) - warning
15:13:43.0781 1984	ATI Smart - detected UnsignedFile.Multi.Generic (1)
15:13:43.0937 1984	ati2mtag        (c0b86ecb324e50f6bbd529f9d5c6b24b) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
15:13:44.0125 1984	ati2mtag ( UnsignedFile.Multi.Generic ) - warning
15:13:44.0125 1984	ati2mtag - detected UnsignedFile.Multi.Generic (1)
15:13:44.0203 1984	atksgt          (f0d933b42cd0594048e4d5200ae9e417) C:\WINDOWS\system32\DRIVERS\atksgt.sys
15:13:44.0234 1984	atksgt - ok
15:13:44.0265 1984	Atmarpc         (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
15:13:44.0359 1984	Atmarpc - ok
15:13:44.0390 1984	AudioSrv        (58ed0d5452df7be732193e7999c6b9a4) C:\WINDOWS\System32\audiosrv.dll
15:13:44.0500 1984	AudioSrv - ok
15:13:44.0515 1984	audstub         (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
15:13:44.0640 1984	audstub - ok
15:13:44.0656 1984	avgntflt        (d5541f0afb767e85fc412fc609d96a74) C:\WINDOWS\system32\DRIVERS\avgntflt.sys
15:13:44.0671 1984	avgntflt - ok
15:13:44.0703 1984	avipbb          (7d967a682d4694df7fa57d63a2db01fe) C:\WINDOWS\system32\DRIVERS\avipbb.sys
15:13:44.0718 1984	avipbb - ok
15:13:44.0734 1984	avkmgr          (53e56450da16a1a7f0d002f511113f67) C:\WINDOWS\system32\DRIVERS\avkmgr.sys
15:13:44.0750 1984	avkmgr - ok
15:13:44.0781 1984	Beep            (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
15:13:44.0921 1984	Beep - ok
15:13:44.0953 1984	BITS            (d6f603772a789bb3228f310d650b8bd1) C:\WINDOWS\system32\qmgr.dll
15:13:45.0109 1984	BITS - ok
15:13:45.0140 1984	Browser         (b42057f06bbb98b31876c0b3f2b54e33) C:\WINDOWS\System32\browser.dll
15:13:45.0250 1984	Browser - ok
15:13:45.0265 1984	BrScnUsb        (92a964547b96d697e5e9ed43b4297f5a) C:\WINDOWS\system32\DRIVERS\BrScnUsb.sys
15:13:45.0296 1984	BrScnUsb - ok
15:13:45.0328 1984	cbidf2k         (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
15:13:45.0468 1984	cbidf2k - ok
15:13:45.0500 1984	CCDECODE        (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
15:13:45.0578 1984	CCDECODE - ok
15:13:45.0578 1984	cd20xrnt - ok
15:13:45.0609 1984	Cdaudio         (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
15:13:45.0750 1984	Cdaudio - ok
15:13:45.0765 1984	Cdfs            (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
15:13:45.0859 1984	Cdfs - ok
15:13:45.0875 1984	Cdrom           (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
15:13:45.0968 1984	Cdrom - ok
15:13:45.0984 1984	Changer - ok
15:13:46.0015 1984	CiSvc           (28e3040d1f1ca2008cd6b29dfebc9a5e) C:\WINDOWS\system32\cisvc.exe
15:13:46.0109 1984	CiSvc - ok
15:13:46.0109 1984	ClipSrv         (778a30ed3c134eb7e406afc407e9997d) C:\WINDOWS\system32\clipsrv.exe
15:13:46.0203 1984	ClipSrv - ok
15:13:46.0281 1984	clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:13:46.0296 1984	clr_optimization_v2.0.50727_32 - ok
15:13:46.0296 1984	CmdIde - ok
15:13:46.0312 1984	COMSysApp - ok
15:13:46.0312 1984	Cpqarray - ok
15:13:46.0343 1984	CryptSvc        (611f824e5c703a5a899f84c5f1699e4d) C:\WINDOWS\System32\cryptsvc.dll
15:13:46.0437 1984	CryptSvc - ok
15:13:46.0437 1984	dac2w2k - ok
15:13:46.0453 1984	dac960nt - ok
15:13:46.0484 1984	DcomLaunch      (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll
15:13:46.0531 1984	DcomLaunch - ok
15:13:46.0562 1984	Dhcp            (c29a1c9b75ba38fa37f8c44405dec360) C:\WINDOWS\System32\dhcpcsvc.dll
15:13:46.0671 1984	Dhcp - ok
15:13:46.0687 1984	Disk            (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
15:13:46.0796 1984	Disk - ok
15:13:46.0796 1984	dmadmin - ok
15:13:46.0843 1984	dmboot          (0dcfc8395a99fecbb1ef771cec7fe4ea) C:\WINDOWS\system32\drivers\dmboot.sys
15:13:46.0968 1984	dmboot - ok
15:13:46.0984 1984	dmio            (53720ab12b48719d00e327da470a619a) C:\WINDOWS\system32\drivers\dmio.sys
15:13:47.0109 1984	dmio - ok
15:13:47.0140 1984	dmload          (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
15:13:47.0265 1984	dmload - ok
15:13:47.0296 1984	dmserver        (25c83ffbba13b554eb6d59a9b2e2ee78) C:\WINDOWS\System32\dmserver.dll
15:13:47.0390 1984	dmserver - ok
15:13:47.0421 1984	DMusic          (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
15:13:47.0531 1984	DMusic - ok
15:13:47.0562 1984	Dnscache        (407f3227ac618fd1ca54b335b083de07) C:\WINDOWS\System32\dnsrslvr.dll
15:13:47.0609 1984	Dnscache - ok
15:13:47.0640 1984	Dot3svc         (676e36c4ff5bcea1900f44182b9723e6) C:\WINDOWS\System32\dot3svc.dll
15:13:47.0750 1984	Dot3svc - ok
15:13:47.0750 1984	dpti2o - ok
15:13:47.0781 1984	drmkaud         (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
15:13:47.0875 1984	drmkaud - ok
15:13:47.0890 1984	EapHost         (4e4f2fddab0a0736d7671134dcce91fb) C:\WINDOWS\System32\eapsvc.dll
15:13:48.0000 1984	EapHost - ok
15:13:48.0328 1984	ehRecvr         (5d1347aa5ae6e2f77d7f4f8372d95ac9) C:\WINDOWS\eHome\ehRecvr.exe
15:13:48.0375 1984	ehRecvr - ok
15:13:48.0390 1984	ehSched         (e774bf24a6cb798dce67ad1c8e917152) C:\WINDOWS\eHome\ehSched.exe
15:13:48.0421 1984	ehSched - ok
15:13:48.0453 1984	ERSvc           (877c18558d70587aa7823a1a308ac96b) C:\WINDOWS\System32\ersvc.dll
15:13:48.0546 1984	ERSvc - ok
15:13:48.0578 1984	Eventlog        (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
15:13:48.0593 1984	Eventlog - ok
15:13:48.0640 1984	EventSystem     (af4f6b5739d18ca7972ab53e091cbc74) C:\WINDOWS\system32\es.dll
15:13:48.0703 1984	EventSystem - ok
15:13:48.0734 1984	Fastfat         (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
15:13:48.0828 1984	Fastfat - ok
15:13:48.0859 1984	FastUserSwitchingCompatibility (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
15:13:48.0890 1984	FastUserSwitchingCompatibility - ok
15:13:48.0921 1984	Fdc             (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
15:13:49.0015 1984	Fdc - ok
15:13:49.0031 1984	Fips            (b0678a548587c5f1967b0d70bacad6c1) C:\WINDOWS\system32\drivers\Fips.sys
15:13:49.0125 1984	Fips - ok
15:13:49.0125 1984	Flpydisk        (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
15:13:49.0218 1984	Flpydisk - ok
15:13:49.0265 1984	FltMgr          (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\drivers\fltmgr.sys
15:13:49.0375 1984	FltMgr - ok
15:13:49.0421 1984	FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
15:13:49.0421 1984	FontCache3.0.0.0 - ok
15:13:49.0453 1984	Fs_Rec          (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
15:13:49.0562 1984	Fs_Rec - ok
15:13:49.0593 1984	Ftdisk          (8f1955ce42e1484714b542f341647778) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
15:13:49.0750 1984	Ftdisk - ok
15:13:49.0781 1984	Gpc             (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
15:13:49.0875 1984	Gpc - ok
15:13:49.0953 1984	gupdate         (f02a533f517eb38333cb12a9e8963773) C:\Programme\Google\Update\GoogleUpdate.exe
15:13:49.0968 1984	gupdate - ok
15:13:49.0968 1984	gupdatem        (f02a533f517eb38333cb12a9e8963773) C:\Programme\Google\Update\GoogleUpdate.exe
15:13:49.0984 1984	gupdatem - ok
15:13:50.0015 1984	HDAudBus        (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
15:13:50.0109 1984	HDAudBus - ok
15:13:50.0171 1984	helpsvc         (cb66bf85bf599befd6c6a57c2e20357f) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
15:13:50.0265 1984	helpsvc - ok
15:13:50.0281 1984	HidServ         (b35da85e60c0103f2e4104532da2f12b) C:\WINDOWS\System32\hidserv.dll
15:13:50.0390 1984	HidServ - ok
15:13:50.0406 1984	hidusb          (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
15:13:50.0515 1984	hidusb - ok
15:13:50.0546 1984	hkmsvc          (ed29f14101523a6e0e808107405d452c) C:\WINDOWS\System32\kmsvc.dll
15:13:50.0640 1984	hkmsvc - ok
15:13:50.0656 1984	hpn - ok
15:13:50.0703 1984	HTTP            (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
15:13:50.0734 1984	HTTP - ok
15:13:50.0750 1984	HTTPFilter      (9e4adb854cebcfb81a4b36718feecd16) C:\WINDOWS\System32\w3ssl.dll
15:13:50.0843 1984	HTTPFilter - ok
15:13:50.0843 1984	i2omgmt - ok
15:13:50.0843 1984	i2omp - ok
15:13:50.0875 1984	i8042prt        (e283b97cfbeb86c1d86baed5f7846a92) C:\WINDOWS\system32\drivers\i8042prt.sys
15:13:50.0968 1984	i8042prt - ok
15:13:51.0031 1984	idsvc           (c01ac32dc5c03076cfb852cb5da5229c) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
15:13:51.0109 1984	idsvc - ok
15:13:51.0125 1984	Imapi           (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
15:13:51.0234 1984	Imapi - ok
15:13:51.0265 1984	ImapiService    (d4b413aa210c21e46aedd2ba5b68d38e) C:\WINDOWS\system32\imapi.exe
15:13:51.0359 1984	ImapiService - ok
15:13:51.0375 1984	ini910u - ok
15:13:51.0625 1984	IntcAzAudAddService (ed90e04f7a1e385e2ea956cad83f8070) C:\WINDOWS\system32\drivers\RtkHDAud.sys
15:13:51.0906 1984	IntcAzAudAddService - ok
15:13:51.0937 1984	IntelIde - ok
15:13:51.0968 1984	Ip6Fw           (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\drivers\ip6fw.sys
15:13:52.0062 1984	Ip6Fw - ok
15:13:52.0093 1984	IpFilterDriver  (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
15:13:52.0203 1984	IpFilterDriver - ok
15:13:52.0218 1984	IpInIp          (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
15:13:52.0312 1984	IpInIp - ok
15:13:52.0343 1984	IpNat           (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
15:13:52.0437 1984	IpNat - ok
15:13:52.0453 1984	IPSec           (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
15:13:52.0546 1984	IPSec - ok
15:13:52.0578 1984	IRENUM          (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
15:13:52.0687 1984	IRENUM - ok
15:13:52.0703 1984	isapnp          (6dfb88f64135c525433e87648bda30de) C:\WINDOWS\system32\DRIVERS\isapnp.sys
15:13:52.0781 1984	isapnp - ok
15:13:52.0875 1984	JavaQuickStarterService (0a5709543986843d37a92290b7838340) C:\Programme\Java\jre6\bin\jqs.exe
15:13:52.0890 1984	JavaQuickStarterService - ok
15:13:52.0906 1984	Kbdclass        (1704d8c4c8807b889e43c649b478a452) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
15:13:53.0000 1984	Kbdclass - ok
15:13:53.0015 1984	kbdhid          (b6d6c117d771c98130497265f26d1882) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
15:13:53.0125 1984	kbdhid - ok
15:13:53.0156 1984	kmixer          (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
15:13:53.0250 1984	kmixer - ok
15:13:53.0281 1984	KSecDD          (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
15:13:53.0359 1984	KSecDD - ok
15:13:53.0390 1984	lanmanserver    (2bbdcb79900990f0716dfcb714e72de7) C:\WINDOWS\System32\srvsvc.dll
15:13:53.0406 1984	lanmanserver - ok
15:13:53.0421 1984	lanmanworkstation (1869b14b06b44b44af70548e1ea3303f) C:\WINDOWS\System32\wkssvc.dll
15:13:53.0453 1984	lanmanworkstation - ok
15:13:53.0468 1984	lbrtfdc - ok
15:13:53.0500 1984	lirsgt          (f8a7212d0864ef5e9185fb95e6623f4d) C:\WINDOWS\system32\DRIVERS\lirsgt.sys
15:13:53.0515 1984	lirsgt - ok
15:13:53.0531 1984	LmHosts         (636714b7d43c8d0c80449123fd266920) C:\WINDOWS\System32\lmhsvc.dll
15:13:53.0625 1984	LmHosts - ok
15:13:53.0656 1984	MBAMProtector   (fb097bbc1a18f044bd17bd2fccf97865) C:\WINDOWS\system32\drivers\mbam.sys
15:13:53.0656 1984	MBAMProtector - ok
15:13:53.0718 1984	MBAMService     (ba400ed640bca1eae5c727ae17c10207) C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
15:13:53.0750 1984	MBAMService - ok
15:13:53.0812 1984	McComponentHostService (f453d1e6d881e8f8717e20ccd4199e85) C:\Programme\McAfee Security Scan\2.0.181\McCHSvc.exe
15:13:53.0843 1984	McComponentHostService - ok
15:13:53.0890 1984	McrdSvc         (52404cc76e9d53843bdf97564bb16bed) C:\WINDOWS\ehome\mcrdsvc.exe
15:13:53.0921 1984	McrdSvc - ok
15:13:53.0937 1984	Messenger       (b7550a7107281d170ce85524b1488c98) C:\WINDOWS\System32\msgsvc.dll
15:13:54.0046 1984	Messenger - ok
15:13:54.0078 1984	MHN             (ded60230e3019c508769ec3c15bcda44) C:\WINDOWS\System32\mhn.dll
15:13:54.0093 1984	MHN ( UnsignedFile.Multi.Generic ) - warning
15:13:54.0093 1984	MHN - detected UnsignedFile.Multi.Generic (1)
15:13:54.0109 1984	MHNDRV          (7f2f1d2815a6449d346fcccbc569fbd6) C:\WINDOWS\system32\DRIVERS\mhndrv.sys
15:13:54.0109 1984	MHNDRV ( UnsignedFile.Multi.Generic ) - warning
15:13:54.0109 1984	MHNDRV - detected UnsignedFile.Multi.Generic (1)
15:13:54.0140 1984	mnmdd           (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
15:13:54.0265 1984	mnmdd - ok
15:13:54.0296 1984	mnmsrvc         (c2f1d365fd96791b037ee504868065d3) C:\WINDOWS\system32\mnmsrvc.exe
15:13:54.0375 1984	mnmsrvc - ok
15:13:54.0406 1984	Modem           (6fb74ebd4ec57a6f1781de3852cc3362) C:\WINDOWS\system32\drivers\Modem.sys
15:13:54.0500 1984	Modem - ok
15:13:54.0578 1984	Monfilt         (c7d9f9717916b34c1b00dd4834af485c) C:\WINDOWS\system32\drivers\Monfilt.sys
15:13:54.0671 1984	Monfilt - ok
15:13:54.0703 1984	Mouclass        (b24ce8005deab254c0251e15cb71d802) C:\WINDOWS\system32\DRIVERS\mouclass.sys
15:13:54.0796 1984	Mouclass - ok
15:13:54.0828 1984	mouhid          (66a6f73c74e1791464160a7065ce711a) C:\WINDOWS\system32\DRIVERS\mouhid.sys
15:13:54.0968 1984	mouhid - ok
15:13:55.0000 1984	MountMgr        (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
15:13:55.0093 1984	MountMgr - ok
15:13:55.0109 1984	MPE             (c0f8e0c2c3c0437cf37c6781896dc3ec) C:\WINDOWS\system32\DRIVERS\MPE.sys
15:13:55.0218 1984	MPE - ok
15:13:55.0218 1984	mraid35x - ok
15:13:55.0234 1984	MRxDAV          (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
15:13:55.0328 1984	MRxDAV - ok
15:13:55.0375 1984	MRxSmb          (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
15:13:55.0437 1984	MRxSmb - ok
15:13:55.0468 1984	MSDTC           (35a031af38c55f92d28aa03ee9f12cc9) C:\WINDOWS\system32\msdtc.exe
15:13:55.0562 1984	MSDTC - ok
15:13:55.0578 1984	Msfs            (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
15:13:55.0656 1984	Msfs - ok
15:13:55.0656 1984	MSIServer - ok
15:13:55.0703 1984	MSKSSRV         (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
15:13:55.0781 1984	MSKSSRV - ok
15:13:55.0781 1984	MSPCLOCK        (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
15:13:55.0890 1984	MSPCLOCK - ok
15:13:55.0890 1984	MSPQM           (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
15:13:55.0984 1984	MSPQM - ok
15:13:56.0000 1984	mssmbios        (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
15:13:56.0093 1984	mssmbios - ok
15:13:56.0109 1984	MSTEE           (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
15:13:56.0203 1984	MSTEE - ok
15:13:56.0218 1984	Mup             (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
15:13:56.0250 1984	Mup - ok
15:13:56.0281 1984	NABTSFEC        (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
15:13:56.0390 1984	NABTSFEC - ok
15:13:56.0437 1984	napagent        (46bb15ae2ac7d025d6d2567b876817bd) C:\WINDOWS\System32\qagentrt.dll
15:13:56.0546 1984	napagent - ok
15:13:56.0578 1984	NDIS            (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
15:13:56.0687 1984	NDIS - ok
15:13:56.0718 1984	NdisIP          (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
15:13:56.0812 1984	NdisIP - ok
15:13:56.0843 1984	NdisTapi        (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
15:13:56.0859 1984	NdisTapi - ok
15:13:56.0890 1984	Ndisuio         (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
15:13:56.0984 1984	Ndisuio - ok
15:13:57.0000 1984	NdisWan         (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
15:13:57.0109 1984	NdisWan - ok
15:13:57.0140 1984	NDProxy         (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
15:13:57.0203 1984	NDProxy - ok
15:13:57.0218 1984	NetBIOS         (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
15:13:57.0296 1984	NetBIOS - ok
15:13:57.0312 1984	NetBT           (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
15:13:57.0406 1984	NetBT - ok
15:13:57.0437 1984	NetDDE          (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
15:13:57.0531 1984	NetDDE - ok
15:13:57.0546 1984	NetDDEdsdm      (8ace4251bffd09ce75679fe940e996cc) C:\WINDOWS\system32\netdde.exe
15:13:57.0625 1984	NetDDEdsdm - ok
15:13:57.0656 1984	Netlogon        (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
15:13:57.0750 1984	Netlogon - ok
15:13:57.0781 1984	Netman          (e6d88f1f6745bf00b57e7855a2ab696c) C:\WINDOWS\System32\netman.dll
15:13:57.0875 1984	Netman - ok
15:13:57.0953 1984	NetTcpPortSharing (d34612c5d02d026535b3095d620626ae) c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:13:57.0968 1984	NetTcpPortSharing - ok
15:13:58.0000 1984	NIC1394         (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys
15:13:58.0093 1984	NIC1394 - ok
15:13:58.0125 1984	Nla             (f1b67b6b0751ae0e6e964b02821206a3) C:\WINDOWS\System32\mswsock.dll
15:13:58.0156 1984	Nla - ok
15:13:58.0187 1984	nm              (1e421a6bcf2203cc61b821ada9de878b) C:\WINDOWS\system32\DRIVERS\NMnt.sys
15:13:58.0281 1984	nm - ok
15:13:58.0312 1984	nmwcd           (c3963d85b721a7f80d8a55f4e2867a3a) C:\WINDOWS\system32\drivers\ccdcmb.sys
15:13:58.0468 1984	nmwcd - ok
15:13:58.0484 1984	nmwcdc          (3859c69a77793180548802dac9f34a38) C:\WINDOWS\system32\drivers\ccdcmbo.sys
15:13:58.0546 1984	nmwcdc - ok
15:13:58.0578 1984	nmwcdnsu        (338f83ee9cb9e15eeacf0cbb90218cbf) C:\WINDOWS\system32\drivers\nmwcdnsu.sys
15:13:58.0640 1984	nmwcdnsu - ok
15:13:58.0656 1984	nmwcdnsuc       (d15bac979144fb69ed28f97b2dd84d48) C:\WINDOWS\system32\drivers\nmwcdnsuc.sys
15:13:58.0718 1984	nmwcdnsuc - ok
15:13:58.0750 1984	Npfs            (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
15:13:58.0843 1984	Npfs - ok
15:13:58.0890 1984	Ntfs            (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
15:13:59.0000 1984	Ntfs - ok
15:13:59.0031 1984	NtLmSsp         (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
15:13:59.0125 1984	NtLmSsp - ok
15:13:59.0171 1984	NtmsSvc         (56af4064996fa5bac9c449b1514b4770) C:\WINDOWS\system32\ntmssvc.dll
15:13:59.0281 1984	NtmsSvc - ok
15:13:59.0312 1984	Null            (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
15:13:59.0437 1984	Null - ok
15:13:59.0453 1984	NwlnkFlt        (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
15:13:59.0593 1984	NwlnkFlt - ok
15:13:59.0609 1984	NwlnkFwd        (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
15:13:59.0750 1984	NwlnkFwd - ok
15:13:59.0781 1984	ohci1394        (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys
15:13:59.0859 1984	ohci1394 - ok
15:13:59.0906 1984	ose             (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE
15:13:59.0921 1984	ose - ok
15:14:00.0140 1984	osppsvc         (358a9cca612c68eb2f07ddad4ce1d8d7) C:\Programme\Gemeinsame Dateien\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:14:00.0375 1984	osppsvc - ok
15:14:00.0453 1984	Parport         (f84785660305b9b903fb3bca8ba29837) C:\WINDOWS\system32\drivers\Parport.sys
15:14:00.0546 1984	Parport - ok
15:14:00.0562 1984	PartMgr         (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
15:14:00.0640 1984	PartMgr - ok
15:14:00.0671 1984	ParVdm          (c2bf987829099a3eaa2ca6a0a90ecb4f) C:\WINDOWS\system32\drivers\ParVdm.sys
15:14:00.0796 1984	ParVdm - ok
15:14:00.0828 1984	pccsmcfd        (fd2041e9ba03db7764b2248f02475079) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys
15:14:00.0859 1984	pccsmcfd - ok
15:14:00.0890 1984	PCI             (387e8dedc343aa2d1efbc30580273acd) C:\WINDOWS\system32\DRIVERS\pci.sys
15:14:00.0968 1984	PCI - ok
15:14:00.0968 1984	PCIDump - ok
15:14:01.0000 1984	PCIIde          (59ba86d9a61cbcf4df8e598c331f5b82) C:\WINDOWS\system32\DRIVERS\pciide.sys
15:14:01.0140 1984	PCIIde - ok
15:14:01.0156 1984	Pcmcia          (a2a966b77d61847d61a3051df87c8c97) C:\WINDOWS\system32\drivers\Pcmcia.sys
15:14:01.0234 1984	Pcmcia - ok
15:14:01.0234 1984	PDCOMP - ok
15:14:01.0250 1984	PDFRAME - ok
15:14:01.0250 1984	PDRELI - ok
15:14:01.0265 1984	PDRFRAME - ok
15:14:01.0265 1984	perc2 - ok
15:14:01.0265 1984	perc2hib - ok
15:14:01.0328 1984	PlugPlay        (a3edbe9053889fb24ab22492472b39dc) C:\WINDOWS\system32\services.exe
15:14:01.0343 1984	PlugPlay - ok
15:14:01.0375 1984	PolicyAgent     (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
15:14:01.0453 1984	PolicyAgent - ok
15:14:01.0484 1984	PptpMiniport    (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
15:14:01.0593 1984	PptpMiniport - ok
15:14:01.0609 1984	Processor       (2cb55427c58679f49ad600fccba76360) C:\WINDOWS\system32\DRIVERS\processr.sys
15:14:01.0703 1984	Processor - ok
15:14:01.0703 1984	ProtectedStorage (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
15:14:01.0796 1984	ProtectedStorage - ok
15:14:01.0796 1984	PSched          (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
15:14:01.0890 1984	PSched - ok
15:14:01.0906 1984	Ptilink         (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
15:14:02.0031 1984	Ptilink - ok
15:14:02.0046 1984	PxHelp20        (e42e3433dbb4cffe8fdd91eab29aea8e) C:\WINDOWS\system32\Drivers\PxHelp20.sys
15:14:02.0062 1984	PxHelp20 - ok
15:14:02.0062 1984	ql1080 - ok
15:14:02.0078 1984	Ql10wnt - ok
15:14:02.0078 1984	ql12160 - ok
15:14:02.0078 1984	ql1240 - ok
15:14:02.0093 1984	ql1280 - ok
15:14:02.0125 1984	RasAcd          (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
15:14:02.0265 1984	RasAcd - ok
15:14:02.0296 1984	RasAuto         (f5ba6caccdb66c8f048e867563203246) C:\WINDOWS\System32\rasauto.dll
15:14:02.0390 1984	RasAuto - ok
15:14:02.0406 1984	Rasl2tp         (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
15:14:02.0500 1984	Rasl2tp - ok
15:14:02.0531 1984	RasMan          (f9a7b66ea345726edb5862a46b1eccd5) C:\WINDOWS\System32\rasmans.dll
15:14:02.0640 1984	RasMan - ok
15:14:02.0656 1984	RasPppoe        (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
15:14:02.0734 1984	RasPppoe - ok
15:14:02.0765 1984	Raspti          (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
15:14:02.0906 1984	Raspti - ok
15:14:02.0921 1984	Rdbss           (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
15:14:03.0015 1984	Rdbss - ok
15:14:03.0031 1984	RDPCDD          (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
15:14:03.0156 1984	RDPCDD - ok
15:14:03.0187 1984	rdpdr           (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
15:14:03.0296 1984	rdpdr - ok
15:14:03.0328 1984	RDPWD           (6589db6e5969f8eee594cf71171c5028) C:\WINDOWS\system32\drivers\RDPWD.sys
15:14:03.0359 1984	RDPWD - ok
15:14:03.0390 1984	RDSessMgr       (263af18af0f3db99f574c95f284ccec9) C:\WINDOWS\system32\sessmgr.exe
15:14:03.0484 1984	RDSessMgr - ok
15:14:03.0500 1984	redbook         (ed761d453856f795a7fe056e42c36365) C:\WINDOWS\system32\DRIVERS\redbook.sys
15:14:03.0593 1984	redbook - ok
15:14:03.0625 1984	RemoteAccess    (0e97ec96d6942ceec2d188cc2eb69a01) C:\WINDOWS\System32\mprdim.dll
15:14:03.0718 1984	RemoteAccess - ok
15:14:03.0734 1984	RemoteRegistry  (e4cd1f3d84e1c2ca0b8cf7501e201593) C:\WINDOWS\system32\regsvc.dll
15:14:03.0828 1984	RemoteRegistry - ok
15:14:03.0859 1984	RpcLocator      (2a02e21867497df20b8fc95631395169) C:\WINDOWS\system32\locator.exe
15:14:03.0953 1984	RpcLocator - ok
15:14:03.0984 1984	RpcSs           (3127afbf2c1ed0ab14a1bbb7aaecb85b) C:\WINDOWS\system32\rpcss.dll
15:14:04.0000 1984	RpcSs - ok
15:14:04.0031 1984	RSVP            (4bdd71b4b521521499dfd14735c4f398) C:\WINDOWS\system32\rsvp.exe
15:14:04.0187 1984	RSVP - ok
15:14:04.0234 1984	RT73            (4ef3f74439aa644bcd8ddc0ed88a5d01) C:\WINDOWS\system32\DRIVERS\Dr71WU.sys
15:14:04.0281 1984	RT73 - ok
15:14:04.0312 1984	rtl8139         (d507c1400284176573224903819ffda3) C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
15:14:04.0343 1984	rtl8139 - ok
15:14:04.0375 1984	SamSs           (afb8261b56cba0d86aeb6df682af9785) C:\WINDOWS\system32\lsass.exe
15:14:04.0468 1984	SamSs - ok
15:14:04.0500 1984	SCardSvr        (dcec079fad95d36c8dd5cb6d779dfe32) C:\WINDOWS\System32\SCardSvr.exe
15:14:04.0609 1984	SCardSvr - ok
15:14:04.0640 1984	Schedule        (a050194a44d7fa8d7186ed2f4e8367ae) C:\WINDOWS\system32\schedsvc.dll
15:14:04.0734 1984	Schedule - ok
15:14:04.0765 1984	Secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
15:14:04.0859 1984	Secdrv - ok
15:14:04.0875 1984	seclogon        (bee4cfd1d48c23b44cf4b974b0b79b2b) C:\WINDOWS\System32\seclogon.dll
15:14:04.0968 1984	seclogon - ok
15:14:05.0000 1984	SENS            (2aac9b6ed9eddffb721d6452e34d67e3) C:\WINDOWS\system32\sens.dll
15:14:05.0078 1984	SENS - ok
15:14:05.0093 1984	serenum         (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
15:14:05.0187 1984	serenum - ok
15:14:05.0203 1984	Serial          (cf24eb4f0412c82bcd1f4f35a025e31d) C:\WINDOWS\system32\DRIVERS\serial.sys
15:14:05.0296 1984	Serial - ok
15:14:05.0453 1984	ServiceLayer    (d0d2ff6132db177a5192891a8cc9578c) C:\Programme\PC Connectivity Solution\ServiceLayer.exe
15:14:05.0531 1984	ServiceLayer ( UnsignedFile.Multi.Generic ) - warning
15:14:05.0531 1984	ServiceLayer - detected UnsignedFile.Multi.Generic (1)
15:14:05.0546 1984	Sfloppy         (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
15:14:05.0640 1984	Sfloppy - ok
15:14:05.0671 1984	SharedAccess    (cad058d5f8b889a87ca3eb3cf624dcef) C:\WINDOWS\System32\ipnathlp.dll
15:14:05.0781 1984	SharedAccess - ok
15:14:05.0812 1984	ShellHWDetection (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
15:14:05.0828 1984	ShellHWDetection - ok
15:14:05.0843 1984	Simbad - ok
15:14:05.0875 1984	SLIP            (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
15:14:05.0953 1984	SLIP - ok
15:14:05.0968 1984	Sparrow - ok
15:14:05.0984 1984	splitter        (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
15:14:06.0078 1984	splitter - ok
15:14:06.0109 1984	Spooler         (60784f891563fb1b767f70117fc2428f) C:\WINDOWS\system32\spoolsv.exe
15:14:06.0125 1984	Spooler - ok
15:14:06.0140 1984	sr              (50fa898f8c032796d3b1b9951bb5a90f) C:\WINDOWS\system32\DRIVERS\sr.sys
15:14:06.0234 1984	sr - ok
15:14:06.0281 1984	srservice       (fe77a85495065f3ad59c5c65b6c54182) C:\WINDOWS\system32\srsvc.dll
15:14:06.0375 1984	srservice - ok
15:14:06.0421 1984	Srv             (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
15:14:06.0468 1984	Srv - ok
15:14:06.0484 1984	SSDPSRV         (4df5b05dfaec29e13e1ed6f6ee12c500) C:\WINDOWS\System32\ssdpsrv.dll
15:14:06.0578 1984	SSDPSRV - ok
15:14:06.0593 1984	ssmdrv          (a36ee93698802cd899f98bfd553d8185) C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
15:14:06.0609 1984	ssmdrv - ok
15:14:06.0640 1984	stisvc          (bc2c5985611c5356b24aeb370953ded9) C:\WINDOWS\system32\wiaservc.dll
15:14:06.0765 1984	stisvc - ok
15:14:06.0796 1984	streamip        (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
15:14:06.0890 1984	streamip - ok
15:14:06.0921 1984	swenum          (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
15:14:07.0015 1984	swenum - ok
15:14:07.0109 1984	SwitchBoard     (f577910a133a592234ebaad3f3afa258) C:\Programme\Gemeinsame Dateien\Adobe\SwitchBoard\SwitchBoard.exe
15:14:07.0171 1984	SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
15:14:07.0171 1984	SwitchBoard - detected UnsignedFile.Multi.Generic (1)
15:14:07.0203 1984	swmidi          (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
15:14:07.0296 1984	swmidi - ok
15:14:07.0296 1984	SwPrv - ok
15:14:07.0312 1984	symc810 - ok
15:14:07.0312 1984	symc8xx - ok
15:14:07.0328 1984	sym_hi - ok
15:14:07.0328 1984	sym_u3 - ok
15:14:07.0359 1984	sysaudio        (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
15:14:07.0437 1984	sysaudio - ok
15:14:07.0468 1984	SysmonLog       (2903fffa2523926d6219428040dce6b9) C:\WINDOWS\system32\smlogsvc.exe
15:14:07.0578 1984	SysmonLog - ok
15:14:07.0593 1984	TapiSrv         (05903cac4b98908d55ea5774775b382e) C:\WINDOWS\System32\tapisrv.dll
15:14:07.0703 1984	TapiSrv - ok
15:14:07.0750 1984	Tcpip           (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
15:14:07.0781 1984	Tcpip - ok
15:14:07.0828 1984	Tcpip6          (4e53bbcc4be37d7a4bd6ef1098c89ff7) C:\WINDOWS\system32\DRIVERS\tcpip6.sys
15:14:07.0859 1984	Tcpip6 - ok
15:14:07.0890 1984	TDPIPE          (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
15:14:08.0000 1984	TDPIPE - ok
15:14:08.0031 1984	TDTCP           (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
15:14:08.0109 1984	TDTCP - ok
15:14:08.0140 1984	TermDD          (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
15:14:08.0234 1984	TermDD - ok
15:14:08.0265 1984	TermService     (b7de02c863d8f5a005a7bf375375a6a4) C:\WINDOWS\System32\termsrv.dll
15:14:08.0359 1984	TermService - ok
15:14:08.0390 1984	Themes          (2db7d303c36ddd055215052f118e8e75) C:\WINDOWS\System32\shsvcs.dll
15:14:08.0406 1984	Themes - ok
15:14:08.0437 1984	TlntSvr         (03681a1ce77f51586903869a5ab1deab) C:\WINDOWS\system32\tlntsvr.exe
15:14:08.0531 1984	TlntSvr - ok
15:14:08.0531 1984	TosIde - ok
15:14:08.0546 1984	TrkWks          (626504572b175867f30f3215c04b3e2f) C:\WINDOWS\system32\trkwks.dll
15:14:08.0656 1984	TrkWks - ok
15:14:08.0796 1984	TuneUp.UtilitiesSvc (af5f31156ee89d35ad6ec3179a805d23) C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe
15:14:08.0875 1984	TuneUp.UtilitiesSvc - ok
15:14:08.0906 1984	TuneUpUtilitiesDrv (f2107c9d85ec0df116939ccce06ae697) C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys
15:14:08.0921 1984	TuneUpUtilitiesDrv - ok
15:14:08.0968 1984	tunmp           (8f861eda21c05857eb8197300a92501c) C:\WINDOWS\system32\DRIVERS\tunmp.sys
15:14:09.0062 1984	tunmp - ok
15:14:09.0093 1984	TVICHW32        (e266683fc95abdec17cd378564e1b54b) C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS
15:14:09.0109 1984	TVICHW32 ( UnsignedFile.Multi.Generic ) - warning
15:14:09.0109 1984	TVICHW32 - detected UnsignedFile.Multi.Generic (1)
15:14:09.0140 1984	Udfs            (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
15:14:09.0234 1984	Udfs - ok
15:14:09.0234 1984	ultra - ok
15:14:09.0281 1984	Update          (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
15:14:09.0375 1984	Update - ok
15:14:09.0406 1984	upnphost        (1dfd8975d8c89214b98d9387c1125b49) C:\WINDOWS\System32\upnphost.dll
15:14:09.0515 1984	upnphost - ok
15:14:09.0546 1984	upperdev        (0ccadc7391021376edbb8aa649d04e68) C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys
15:14:09.0593 1984	upperdev - ok
15:14:09.0609 1984	UPS             (9b11e6118958e63e1fef129466e2bda7) C:\WINDOWS\System32\ups.exe
15:14:09.0703 1984	UPS - ok
15:14:09.0734 1984	usbccgp         (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
15:14:09.0828 1984	usbccgp - ok
15:14:09.0859 1984	usbehci         (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
15:14:09.0968 1984	usbehci - ok
15:14:09.0984 1984	usbhub          (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
15:14:10.0062 1984	usbhub - ok
15:14:10.0093 1984	usbohci         (0daecce65366ea32b162f85f07c6753b) C:\WINDOWS\system32\DRIVERS\usbohci.sys
15:14:10.0171 1984	usbohci - ok
15:14:10.0203 1984	usbprint        (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
15:14:10.0281 1984	usbprint - ok
15:14:10.0312 1984	usbser          (1c888b000c2f9492f4b15b5b6b84873e) C:\WINDOWS\system32\drivers\usbser.sys
15:14:10.0406 1984	usbser - ok
15:14:10.0421 1984	UsbserFilt      (68b4f83cccf70a2ff32ee142c234332a) C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys
15:14:10.0484 1984	UsbserFilt - ok
15:14:10.0515 1984	usbstor         (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
15:14:10.0593 1984	usbstor - ok
15:14:10.0625 1984	UxTuneUp        (6275822ac454a8a831d063841a4dbb5d) C:\WINDOWS\System32\uxtuneup.dll
15:14:10.0625 1984	UxTuneUp - ok
15:14:10.0640 1984	VgaSave         (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
15:14:10.0734 1984	VgaSave - ok
15:14:10.0734 1984	ViaIde - ok
15:14:10.0750 1984	VolSnap         (a5a712f4e880874a477af790b5186e1d) C:\WINDOWS\system32\drivers\VolSnap.sys
15:14:10.0843 1984	VolSnap - ok
15:14:10.0890 1984	VSS             (68f106273be29e7b7ef8266977268e78) C:\WINDOWS\System32\vssvc.exe
15:14:10.0984 1984	VSS - ok
15:14:11.0015 1984	W32Time         (7b353059e665f8b7ad2bbeaef597cf45) C:\WINDOWS\system32\w32time.dll
15:14:11.0109 1984	W32Time - ok
15:14:11.0140 1984	Wanarp          (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
15:14:11.0234 1984	Wanarp - ok
15:14:11.0281 1984	Wdf01000        (d918617b46457b9ac28027722e30f647) C:\WINDOWS\system32\Drivers\wdf01000.sys
15:14:11.0312 1984	Wdf01000 - ok
15:14:11.0312 1984	WDICA - ok
15:14:11.0343 1984	wdmaud          (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
15:14:11.0421 1984	wdmaud - ok
15:14:11.0453 1984	WebClient       (81727c9873e3905a2ffc1ebd07265002) C:\WINDOWS\System32\webclnt.dll
15:14:11.0546 1984	WebClient - ok
15:14:11.0609 1984	winmgmt         (6f3f3973d97714cc5f906a19fe883729) C:\WINDOWS\system32\wbem\WMIsvc.dll
15:14:11.0718 1984	winmgmt - ok
15:14:11.0750 1984	WmdmPmSN        (c51b4a5c05a5475708e3c81c7765b71d) C:\WINDOWS\system32\MsPMSNSv.dll
15:14:11.0812 1984	WmdmPmSN - ok
15:14:11.0875 1984	Wmi             (ffa4d901d46d07a5bab2d8307fbb51a6) C:\WINDOWS\System32\advapi32.dll
15:14:11.0921 1984	Wmi - ok
15:14:11.0968 1984	WmiApSrv        (93908111ba57a6e60ec2fa2de202105c) C:\WINDOWS\system32\wbem\wmiapsrv.exe
15:14:12.0062 1984	WmiApSrv - ok
15:14:12.0156 1984	WMPNetworkSvc   (bf05650bb7df5e9ebdd25974e22403bb) C:\Programme\Windows Media Player\WMPNetwk.exe
15:14:12.0250 1984	WMPNetworkSvc - ok
15:14:12.0281 1984	wscsvc          (300b3e84faf1a5c1f791c159ba28035d) C:\WINDOWS\system32\wscsvc.dll
15:14:12.0375 1984	wscsvc - ok
15:14:12.0421 1984	WSTCODEC        (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
15:14:12.0515 1984	WSTCODEC - ok
15:14:12.0546 1984	wuauserv        (7b4fe05202aa6bf9f4dfd0e6a0d8a085) C:\WINDOWS\system32\wuauserv.dll
15:14:12.0625 1984	wuauserv - ok
15:14:12.0656 1984	WudfPf          (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
15:14:12.0687 1984	WudfPf - ok
15:14:12.0703 1984	WudfRd          (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
15:14:12.0734 1984	WudfRd - ok
15:14:12.0750 1984	WudfSvc         (05231c04253c5bc30b26cbaae680ed89) C:\WINDOWS\System32\WUDFSvc.dll
15:14:12.0765 1984	WudfSvc - ok
15:14:12.0812 1984	WZCSVC          (c4f109c005f6725162d2d12ca751e4a7) C:\WINDOWS\System32\wzcsvc.dll
15:14:12.0953 1984	WZCSVC - ok
15:14:12.0968 1984	xmlprov         (0ada34871a2e1cd2caafed1237a47750) C:\WINDOWS\System32\xmlprov.dll
15:14:13.0078 1984	xmlprov - ok
15:14:13.0109 1984	MBR (0x1B8)     (72b8ce41af0de751c946802b3ed844b4) \Device\Harddisk0\DR0
15:14:13.0546 1984	\Device\Harddisk0\DR0 - ok
15:14:13.0562 1984	Boot (0x1200)   (cf07a900b7a7ad1ee3e64132dfbff9db) \Device\Harddisk0\DR0\Partition0
15:14:13.0562 1984	\Device\Harddisk0\DR0\Partition0 - ok
15:14:13.0578 1984	Boot (0x1200)   (e18d3cb1de2c56d59d6b3f835bb5c4dc) \Device\Harddisk0\DR0\Partition1
15:14:13.0578 1984	\Device\Harddisk0\DR0\Partition1 - ok
15:14:13.0578 1984	============================================================
15:14:13.0578 1984	Scan finished
15:14:13.0578 1984	============================================================
15:14:13.0687 3528	Detected object count: 11
15:14:13.0687 3528	Actual detected object count: 11
         

Alt 02.07.2012, 14:35   #15
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Dateien Verschlüsselt Bundestrojaner noch auf dem Rechner - Standard

Dateien Verschlüsselt Bundestrojaner noch auf dem Rechner



Log ist unvollständig, die untere Zusammenfassung fehlt

Antwort

Themen zu Dateien Verschlüsselt Bundestrojaner noch auf dem Rechner
anhang, befall, bild, bilder, bundestrojaner, datei, dateien, email, erklärung, gelöscht, gestern, heute, kunde, malwarebytes, mas, namen, problem, rechner, rechnung, rechung, richtig, runter, seite, taskmanager, volker, zipdatei, öffnen



Ähnliche Themen: Dateien Verschlüsselt Bundestrojaner noch auf dem Rechner


  1. Virus verschlüsselt Dateien
    Plagegeister aller Art und deren Bekämpfung - 02.11.2015 (1)
  2. PDF und Doc Dateien verschlüsselt
    Plagegeister aller Art und deren Bekämpfung - 15.10.2015 (7)
  3. Dateien verschlüsselt evt. Cryptowall
    Log-Analyse und Auswertung - 09.09.2015 (4)
  4. XTBL - Dateien verschlüsselt
    Plagegeister aller Art und deren Bekämpfung - 29.07.2015 (4)
  5. Win 7: Dateien verschlüsselt
    Log-Analyse und Auswertung - 15.02.2015 (9)
  6. PC gehackt und Dateien verschlüsselt
    Plagegeister aller Art und deren Bekämpfung - 20.01.2015 (8)
  7. Trojaner hat Dateien verschlüsselt
    Plagegeister aller Art und deren Bekämpfung - 29.12.2014 (2)
  8. Malware verschlüsselt Dateien
    Plagegeister aller Art und deren Bekämpfung - 23.11.2014 (1)
  9. Bundestrojaner (noch?) auf Win7 32bit-Rechner nach ESET-Bereinigug?
    Log-Analyse und Auswertung - 09.11.2013 (11)
  10. Virus hat Dateien verschlüsselt
    Plagegeister aller Art und deren Bekämpfung - 02.02.2013 (1)
  11. BKA 14.1 Dateien Verschlüsselt
    Log-Analyse und Auswertung - 16.10.2012 (1)
  12. Bundestrojaner - Dateien verschlüsselt - aber nicht die locked Version
    Log-Analyse und Auswertung - 15.10.2012 (1)
  13. Bundestrojaner dateien verschlüsselt
    Log-Analyse und Auswertung - 22.09.2012 (1)
  14. Bild-Dateien verschlüsselt
    Plagegeister aller Art und deren Bekämpfung - 19.07.2012 (5)
  15. BAK Trojaner - System wieder zurückgestellt jedoch Dateien immer noch verschlüsselt
    Diskussionsforum - 12.07.2012 (1)
  16. Verschlüsselungs-Trojaner entfernt - Dateien noch verschlüsselt
    Log-Analyse und Auswertung - 01.06.2012 (1)
  17. Trojaner Dateien verschlüsselt
    Log-Analyse und Auswertung - 15.05.2012 (12)

Zum Thema Dateien Verschlüsselt Bundestrojaner noch auf dem Rechner - Ich habe seit gestern echt schiet problem mit meinem Rechner.. Habe ne email im Postfach gehabt Welche mit dem namen meiner Mutter gekommen ist. Dies war/ sollte eine rechung sein - Dateien Verschlüsselt Bundestrojaner noch auf dem Rechner...
Archiv
Du betrachtest: Dateien Verschlüsselt Bundestrojaner noch auf dem Rechner auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.