Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: flacor.dat (Backdoor- Trojaner) Log- Dateien

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 10.10.2010, 14:14   #1
green devil
 
flacor.dat (Backdoor- Trojaner) Log- Dateien - Standard

flacor.dat (Backdoor- Trojaner) Log- Dateien



Hallo zusammen,

dies ist mein erster Beitrag hier im trojaner-board...

Ich habe auf meinem PC die Tage immer eine Fehlermeldung gehabt...
Fehler beim Öfnnen der Datei C:/[...]/flacor.dat

Habe dann hier im Forum gelesen, mit welchen Programmen man das System "checken" sollte. Habe dann zuerst einen Komplettscan mit Malwarebytes gemacht und anschließend mit OTL.

Habe jetzt folgende Log- Files bekommen... ist der Trojaner nu vom PC oder muss ich ihn neu machen?

Hoffe ihr könnt mir helfen...

LG
André

Kein mir keiner helfen?

Hier noch mal die Log- Files (diesmal nicht als Datei)...

mbam-log-2010-10-10 (13-15-55):

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Datenbank Version: 4052

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

10.10.2010 13:15:55
mbam-log-2010-10-10 (13-15-55).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|F:\|)
Durchsuchte Objekte: 238041
Laufzeit: 54 Minute(n), 21 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 1
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 1
Infizierte Dateien: 6

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\getdo (Trojan.Agent) -> No action taken.

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
C:\WINDOWS\system32\AdCache (AdWare.Cydoor) -> No action taken.

Infizierte Dateien:
C:\Dokumente und Einstellungen\Carmen und Jens\Anwendungsdaten\Adobe\Update\flacor.dat (Trojan.Agent) -> No action taken.
C:\WINDOWS\msacm32.drv (Trojan.Agent) -> No action taken.
C:\WINDOWS\wuasirvy.dll (Trojan.Banker) -> No action taken.
C:\WINDOWS\rasqervy.dll (Malware.Trace) -> No action taken.
C:\WINDOWS\sdfinacs.dll (Malware.Trace) -> No action taken.
C:\WINDOWS\sdfixwcs.dll (Malware.Trace) -> No action taken.


Extra Logfile:OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 10.10.2010 13:24:55 - Run 2
OTL by OldTimer - Version 3.2.14.1     Folder = I:\
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 73,00% Memory free
3,00 Gb Paging File | 3,00 Gb Available in Paging File | 89,00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 75,20 Gb Total Space | 45,73 Gb Free Space | 60,80% Space Free | Partition Type: NTFS
Drive D: | 67,01 Gb Total Space | 64,54 Gb Free Space | 96,32% Space Free | Partition Type: NTFS
Drive E: | 6,82 Gb Total Space | 1,98 Gb Free Space | 29,10% Space Free | Partition Type: FAT32
Drive F: | 149,04 Gb Total Space | 133,40 Gb Free Space | 89,50% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
Drive I: | 3,74 Gb Total Space | 3,16 Gb Free Space | 84,65% Space Free | Partition Type: FAT32
 
Computer Name: CARMEN
Current User Name: Carmen und Jens
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 360 Days
Output = Standard
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
htmlfile [edit] -- "C:\Programme\Microsoft Office\Office10\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Programme\Microsoft Office\Office10\msohtmed.exe" /p %1 (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"10243:TCP" = 10243:TCP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10280:UDP" = 10280:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10281:UDP" = 10281:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10282:UDP" = 10282:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10283:UDP" = 10283:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
"10284:UDP" = 10284:UDP:LocalSubNet:Enabled:Windows Media Player-Netzwerkfreigabedienst
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Programme\AOL 9.0\AOL.exe" = C:\Programme\AOL 9.0\AOL.exe:*:enabled:AOL 9.0 -- File not found
"C:\Programme\AOL 9.0\WAOL.exe" = C:\Programme\AOL 9.0\WAOL.exe:*:enabled:AOL 9.0 -- File not found
"C:\WINDOWS\system32\fxsclnt.exe" = C:\WINDOWS\system32\fxsclnt.exe:*:enabled:Faxkonsole -- (Microsoft Corporation)
"C:\Programme\CA\eTrust Antivirus\InocIT.exe" = C:\Programme\CA\eTrust Antivirus\InocIT.exe:*:enabled:eTrust Antivirus - Local Scanner -- File not found
"C:\Programme\CA\eTrust Antivirus\Realmon.exe" = C:\Programme\CA\eTrust Antivirus\Realmon.exe:*:enabled:eTrust Antivirus - Realtime monitor -- File not found
"C:\Programme\CA\eTrust Antivirus\InoRpc.exe" = C:\Programme\CA\eTrust Antivirus\InoRpc.exe:*:enabled:eTrust Antivirus - RPC Server -- File not found
"C:\Programme\IVT Corporation\BlueSoleil\BlueSoleil.exe" = C:\Programme\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:enabled:BlueSoleil (BlueTooth) -- (IVT Corporation)
"C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLDial.exe" = C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLDial.exe:*:Enabled:AOL -- File not found
"C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLAcsd.exe" = C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLAcsd.exe:*:Enabled:AOL -- File not found
"C:\Programme\MSN Messenger\livecall.exe" = C:\Programme\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) -- (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Programme\AOL 9.0\AOL.exe" = C:\Programme\AOL 9.0\AOL.exe:*:enabled:AOL 9.0 -- File not found
"C:\Programme\AOL 9.0\WAOL.exe" = C:\Programme\AOL 9.0\WAOL.exe:*:enabled:AOL 9.0 -- File not found
"C:\WINDOWS\system32\fxsclnt.exe" = C:\WINDOWS\system32\fxsclnt.exe:*:enabled:Faxkonsole -- (Microsoft Corporation)
"C:\Programme\CA\eTrust Antivirus\InocIT.exe" = C:\Programme\CA\eTrust Antivirus\InocIT.exe:*:enabled:eTrust Antivirus - Local Scanner -- File not found
"C:\Programme\CA\eTrust Antivirus\Realmon.exe" = C:\Programme\CA\eTrust Antivirus\Realmon.exe:*:enabled:eTrust Antivirus - Realtime monitor -- File not found
"C:\Programme\CA\eTrust Antivirus\InoRpc.exe" = C:\Programme\CA\eTrust Antivirus\InoRpc.exe:*:enabled:eTrust Antivirus - RPC Server -- File not found
"C:\Programme\IVT Corporation\BlueSoleil\BlueSoleil.exe" = C:\Programme\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:enabled:BlueSoleil (BlueTooth) -- (IVT Corporation)
"C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLDial.exe" = C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLDial.exe:*:Enabled:AOL -- File not found
"C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLAcsd.exe" = C:\Programme\Gemeinsame Dateien\AOL\ACS\AOLAcsd.exe:*:Enabled:AOL -- File not found
"C:\Programme\ICQLite\ICQLite.exe" = C:\Programme\ICQLite\ICQLite.exe:*:Enabled:ICQ Lite -- (ICQ Ltd.)
"C:\Programme\MSN Messenger\livecall.exe" = C:\Programme\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) -- (Microsoft Corporation)
"C:\Programme\Microsoft ActiveSync\wcescomm.exe" = C:\Programme\Microsoft ActiveSync\wcescomm.exe:*:Enabled:ActiveSync Connection Manager -- (Microsoft Corporation)
"C:\Programme\Microsoft ActiveSync\WCESMgr.exe" = C:\Programme\Microsoft ActiveSync\WCESMgr.exe:*:Enabled:ActiveSync Application -- (Microsoft Corporation)
"C:\WINDOWS\Explorer.EXE" = C:\WINDOWS\Explorer.EXE:*:Enabled:enable -- (Microsoft Corporation)
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00C58EBE-223E-4AB6-8AE9-38F27F4420BD}" = WISO Sparbuch 2009
"{00F3D43F-B5A9-4C8D-B5A1-5FD2DE16CC21}" = Polar IrDA USB 1.1 Adapter
"{03CDDD00-BD57-4326-9480-4C74449AF597}" = PhotoStitch
"{05440044-64A6-4248-A026-9745C1E9E159}" = Microsoft Encarta Enzyklopädie 2005
"{0867A478-1095-4CF5-9B8D-4F7E5F05D5BB}" = CANON USB Video Driver
"{093625E3-7B87-49D3-AA53-AD0FCFABAF49}" = Camera Window
"{0BEDBD4E-2D34-47B5-9973-57E62B29307C}" = ATI Control Panel
"{11B569C2-4BF6-4ED0-9D17-A4273943CB24}" = Adobe Photoshop Album 2.0 Starter Edition
"{16E217EA-C3E0-402D-8D4F-6189DB74497A}" = Studio 9.4 Patch
"{1D14373E-7970-4F2F-A467-ACA4F0EA21E3}" = Google Earth
"{1E02403C-C469-4937-9B94-7DF9F78888FA}" = Smart Manager
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{261D0486-9127-4071-BA1D-FE784310752E}" = videon
"{262DA23B-4BAB-463F-B1DC-9B5287CAB5CA}}_is1" = Deinstallation der Arcor Online Software
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = PowerCinema 4.0
"{279DB581-239C-4E13-97F8-0F48E40BE75C}" = Windows Live Messenger
"{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}" = EPSON Scan Assistant
"{2C3738C9-56FA-410A-BCB5-79C5DFD238F0}" = TuneUp Utilities 2004
"{314F6D08-A8B7-11D8-8446-0050BA1D384D}" = EPSON Image Clip Palette
"{3248F0A8-6813-11D6-A77B-00B0D0150010}" = J2SE Runtime Environment 5.0 Update 1
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35B8CC58-F128-4169-82EB-0E6CB0C3AFE6}" = ArcSoft PhotoImpression
"{3D1A6B70-3E02-49BC-88B0-916C80274632}" = Informationen über Ihren PC
"{3F262ADC-5AD2-48E5-A586-44315E04A9E2}" = Microsoft Picture It!-Bibliothek 10
"{42756145-9997-4D28-809B-8756BFD00106}" = Microsoft Picture It! Foto Premium 10
"{43DCF766-6838-4F9A-8C91-D92DA586DFA7}" = Microsoft Windows-Journal-Viewer
"{46B70DEB-97B3-4E38-B746-EC16905E6A8F}" = WISO Sparbuch 2010
"{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"{4AD35E01-9BA9-4F0C-B6B7-09C6C8F20D15}" = Nokia Connectivity Cable Driver
"{5490B6EF-5A48-40B7-A9E0-D3B886D17A29}" = RT2500 USB Wireless LAN Card
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57383270-6F61-4DC8-A9B8-C1745FC29F38}" = USB PC Camera (SN9C102)
"{5DA7BC15-18D3-41A0-9F59-838DA3EAEF17}" = EPSON Easy Photo Print
"{5EDB9281-1F84-4195-9CDD-85985D17DDC7}" = WISO Sparbuch 2007
"{627AF134-A338-43AE-9F82-1BB05168C82E}" = InstallGoLab
"{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}" = Windows Genuine Advantage v1.3.0254.0
"{67E4EE98-59F4-4220-89A6-A20AF5BEC689}" = Microsoft AutoRoute 2005
"{67EDD823-135A-4D59-87BD-950616D6E857}" = EPSON Copy Utility 3
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{76EFFC7C-17A6-479D-9E47-8E658C1695AE}" = Windows-Sicherungsprogramm
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Pro
"{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}" = EPSON Web-To-Page
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8CD9282B-A8F4-4A6D-A11C-6B9738975B00}" = WISO Mein Geld 5
"{8EF1122E-E90C-4EE9-AB0C-7FDE2BA42C26}" = Musicmatch® Jukebox
"{90280407-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional mit FrontPage
"{911B0407-6000-11D3-8CFE-0050048383C9}" = Microsoft Word 2002
"{9E491AB7-4589-48CA-9CBB-874CB2788391}" = Studio 9
"{9F7FC79B-3059-4264-9450-39EB368E3225}" = Microsoft Digital Image Library 9 - Blocker
"{A1973A71-BC23-4A8C-A0A0-2B0497B7EAF4}" = WISO Sparbuch 2008
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{AC76BA86-7AD7-1031-7B44-A71000000002}" = Adobe Reader 7.1.0 - Deutsch
"{AD708DF0-9F04-4CB3-821A-85804A833B4D}" = ArcSoft Camera Suite
"{AEBC4CA2-B05F-47E3-8680-B2CDB6E12006}" = WISO Sparbuch 2006
"{B26E3B0D-C2FA-4370-B068-7C476766F029}" = Microsoft Works
"{B67624DE-75CE-4FAD-9F29-5C115773CE61}" = Studio Content DVD
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{B90450DF-E781-46FD-B1F1-0C86DA40E443}" = PIF DESIGNER
"{B9F499B8-D1F0-42FC-84BE-CC552123CCCB}" = BlueSoleil
"{BEB03A1A-1EB6-48EB-9985-8B97315EE5C0}" = RemoteCapture 2.7.0
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C1D76D7A-F3BB-47EA-A746-5B1E2FFC1DF2}" = Canon Utilities ZoomBrowser EX
"{C438DF2B-C5DF-4783-9CA5-9B89E501FA62}" = Works Update
"{C60BA916-9E44-4DA4-B11A-9E27B7624EF5}" = Sony Ericsson Drivers
"{C6A12D9B-D86A-4ee6-B980-95E4B26A2E13}" = Microsoft Works Suite-Add-Ins für Microsoft Word
"{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser
"{C92E7DF1-624A-4D95-A4C4-18CB491B44A4}" = Sony Ericsson Device Data
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC038D57-788A-4544-BF8F-179E5CF50D2F}" = Microsoft Visual C++ 2005 SP1 CRT Redistributable
"{CD815603-AB71-4CFB-B3AC-522298037ACC}" = W83L518D
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CEFD7155-9C9A-4D20-8DEC-3961BBBB0001}" = WISO Sparbuch 2005
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow! 1.0
"{D59AC9E9-FFAE-471B-B1FF-4B311D23417A}" = Sony Ericsson PC Suite
"{D5A9B7C0-8751-11D8-9D75-000129760D75}" = MediaShow 3.0
"{D6BF6477-8369-489F-8DE6-3731F4B88560}" = Sony Ericsson PC Suite
"{DBEA1034-5882-4A88-8033-81C4EF0CFA29}" = Google Toolbar for Internet Explorer
"{DD066C5F-A5C6-4A2B-8A08-7E3395B72C24}" = CIG
"{DEF2E5A3-0317-4822-B930-8B721EB483E4}" = ArcSoft VideoImpression 1.6
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{EA1CB7AC-E221-4822-A789-0ADB051DC498}" = Generic USB CardReader 2.0
"{EF0DD8B7-471C-463B-A298-6066C2FABAF5}" = File Viewer Utility 1.2
"{FCE65C4E-B0E8-4FBD-AD16-EDCBE6CD591F}" = HighMAT-Erweiterung für den Microsoft Windows XP-Assistenten zum Schreiben von CDs
"2000 Stadtpläne" = 2000 Stadtpläne
"77026A33B527FA54CA1FA5945DEA58D5914FA040" = Windows Driver Package - MosChip Semiconductor Technology Limited (MosIrUsb) Infrared  (11/08/2004 1.0.0.8)
"Ad-Aware SE Personal" = Ad-Aware SE Personal
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Agere Systems Soft Modem" = Agere Systems PCI Soft Modem
"All ATI Software" = ATI - Dienstprogramm zur Deinstallation der Software
"AntiVir PersonalEdition Classic" = Avira AntiVir Personal - Free Antivirus
"AnyDVD" = AnyDVD
"ATI Display Driver" = ATI Display Driver
"AXIS Media Control" = AXIS Media Control
"AXIS Media Control Embedded" = AXIS Media Control Embedded
"CloneCD" = CloneCD
"CloneDVD2" = CloneDVD2
"C-Media Audio Driver" = C-Media High Definition Audio Driver
"Creatix V.92 Data Fax Modem" = Creatix V.92 Data Fax Modem
"EPSON Printer and Utilities" = EPSON-Drucker-Software
"EPSON Scanner" = EPSON Scan
"ESDX4800_4200 Benutzerhandbuch" = ESDX4800_4200 Benutzerhandbuch
"FA-18 Hornet 3.0" = FA-18 Hornet 3.0
"GiD City Führer" = GiD City Führer
"Hollywood FX 5" = Pinnacle Hollywood FX 5
"ICQLite" = ICQ 5.1
"ie8" = Windows Internet Explorer 8
"InstallShield_{03CDDD00-BD57-4326-9480-4C74449AF597}" = Canon Utilities PhotoStitch 3.1
"InstallShield_{0867A478-1095-4CF5-9B8D-4F7E5F05D5BB}" = CANON USB Video Driver
"InstallShield_{093625E3-7B87-49D3-AA53-AD0FCFABAF49}" = Canon Camera Window for ZoomBrowser EX
"InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}" = EPSON Attach To Email
"InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"InstallShield_{4AD35E01-9BA9-4F0C-B6B7-09C6C8F20D15}" = Nokia Connectivity Cable Driver
"InstallShield_{BEB03A1A-1EB6-48EB-9985-8B97315EE5C0}" = Canon Utilities RemoteCapture 2.7
"InstallShield_{DD066C5F-A5C6-4A2B-8A08-7E3395B72C24}" = Canon Internet Library for ZoomBrowser EX
"InstallShield_{EF0DD8B7-471C-463B-A298-6066C2FABAF5}" = Canon Utilities File Viewer Utility 1.2
"iPhoto Plus 4" = iPhoto Plus 4
"KeyStat" = KeyStat
"L&H Power Translator" = L&H Power Translator Pro
"LetsTrade" = LetsTrade Komponenten
"Macromedia Shockwave Player" = Macromedia Shockwave Player
"MAGIX Media Manager 2004 gold" = MAGIX Media Manager 2004 gold
"MAGIX music maker SE" = MAGIX music maker SE
"MAGIX Video deLuxe 2005 PLUS" = MAGIX Video deLuxe 2005 PLUS
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"medionmusic-manager gold" = medionmusic-manager gold
"medionmusic-Suite" = medionmusic-Suite
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"Mustek 1200 CP v2.0" = Mustek 1200 CP v2.0
"NeroMultiInstaller!UninstallKey" = Nero Suite
"Photo Artist" = Photo Artist
"PhotoRecord" = Canon PhotoRecord
"PictureItPrem_v10" = Microsoft Picture It! Foto Premium 10
"Print Artist 6.0" = Sierra Print Artist 6.0
"QuickTime" = QuickTime
"RealPlayer 6.0" = RealPlayer
"Shell Atlas Routenplaner" = Shell Atlas Routenplaner
"Shockwave" = Shockwave
"Sierra-Hilfsprogramme" = Sierra-Hilfsprogramme
"Skype_is1" = Skype 1.1
"Spybot - Search & Destroy_is1" = Spybot - Search & Destroy 1.4
"StreetPlugin" = Learn2 Player (Uninstall Only)
"Test Drive 4" = Test Drive 4
"TextBridge Classic 2.0" = TextBridge Classic 2.0
"ViewpointMediaPlayer" = Viewpoint Media Player
"WebPost" = Web Publishing Wizard
"Windows CE Services" = Microsoft ActiveSync 3.8
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Works2005Setup" = Setup-Start von Microsoft Works 2005
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 18.09.2010 03:36:30 | Computer Name = CARMEN | Source = Avira AntiVir | ID = 4109
Description = 
 
Error - 19.09.2010 03:44:31 | Computer Name = CARMEN | Source = Avira AntiVir | ID = 4109
Description = 
 
Error - 19.09.2010 04:13:02 | Computer Name = CARMEN | Source = Avira AntiVir | ID = 4109
Description = 
 
Error - 20.09.2010 01:31:19 | Computer Name = CARMEN | Source = Avira AntiVir | ID = 4109
Description = 
 
Error - 20.09.2010 04:39:38 | Computer Name = CARMEN | Source = Avira AntiVir | ID = 4109
Description = 
 
Error - 22.09.2010 14:32:08 | Computer Name = CARMEN | Source = Avira AntiVir | ID = 4109
Description = 
 
Error - 23.09.2010 11:55:27 | Computer Name = CARMEN | Source = Avira AntiVir | ID = 4109
Description = 
 
Error - 24.09.2010 02:04:01 | Computer Name = CARMEN | Source = Avira AntiVir | ID = 4109
Description = 
 
Error - 26.09.2010 03:15:20 | Computer Name = CARMEN | Source = Avira AntiVir | ID = 4109
Description = 
 
Error - 10.10.2010 07:23:42 | Computer Name = CARMEN | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung OTL.exe, Version 3.2.14.1, Stillstandmodul
 hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 
[ System Events ]
Error - 05.10.2010 11:17:50 | Computer Name = CARMEN | Source = Dhcp | ID = 1002
Description = Die IP-Adresslease 192.168.1.33 für die Netzwerkkarte mit der Netzwerkadresse
 001109F4351D wurde durch  den DHCP-Server 192.168.1.1 abgelehnt (der DHCP-Server 
hat eine DHCPNACK-Meldung gesendet).
 
Error - 06.10.2010 03:00:57 | Computer Name = CARMEN | Source = Dhcp | ID = 1002
Description = Die IP-Adresslease 192.168.1.33 für die Netzwerkkarte mit der Netzwerkadresse
 001109F4351D wurde durch  den DHCP-Server 192.168.1.1 abgelehnt (der DHCP-Server 
hat eine DHCPNACK-Meldung gesendet).
 
Error - 07.10.2010 14:34:49 | Computer Name = CARMEN | Source = Dhcp | ID = 1002
Description = Die IP-Adresslease 192.168.1.33 für die Netzwerkkarte mit der Netzwerkadresse
 001109F4351D wurde durch  den DHCP-Server 192.168.1.1 abgelehnt (der DHCP-Server 
hat eine DHCPNACK-Meldung gesendet).
 
Error - 08.10.2010 03:07:14 | Computer Name = CARMEN | Source = Dhcp | ID = 1002
Description = Die IP-Adresslease 192.168.1.33 für die Netzwerkkarte mit der Netzwerkadresse
 001109F4351D wurde durch  den DHCP-Server 192.168.1.1 abgelehnt (der DHCP-Server 
hat eine DHCPNACK-Meldung gesendet).
 
Error - 08.10.2010 14:47:09 | Computer Name = CARMEN | Source = Dhcp | ID = 1002
Description = Die IP-Adresslease 192.168.1.33 für die Netzwerkkarte mit der Netzwerkadresse
 001109F4351D wurde durch  den DHCP-Server 192.168.1.1 abgelehnt (der DHCP-Server 
hat eine DHCPNACK-Meldung gesendet).
 
Error - 08.10.2010 16:12:47 | Computer Name = CARMEN | Source = Dhcp | ID = 1002
Description = Die IP-Adresslease 192.168.1.33 für die Netzwerkkarte mit der Netzwerkadresse
 001109F4351D wurde durch  den DHCP-Server 192.168.1.1 abgelehnt (der DHCP-Server 
hat eine DHCPNACK-Meldung gesendet).
 
Error - 09.10.2010 12:02:36 | Computer Name = CARMEN | Source = Dhcp | ID = 1002
Description = Die IP-Adresslease 192.168.1.33 für die Netzwerkkarte mit der Netzwerkadresse
 001109F4351D wurde durch  den DHCP-Server 192.168.1.1 abgelehnt (der DHCP-Server 
hat eine DHCPNACK-Meldung gesendet).
 
Error - 10.10.2010 00:18:00 | Computer Name = CARMEN | Source = Dhcp | ID = 1002
Description = Die IP-Adresslease 192.168.1.33 für die Netzwerkkarte mit der Netzwerkadresse
 001109F4351D wurde durch  den DHCP-Server 192.168.1.1 abgelehnt (der DHCP-Server 
hat eine DHCPNACK-Meldung gesendet).
 
Error - 10.10.2010 07:17:32 | Computer Name = CARMEN | Source = sr | ID = 1
Description = Beim Verarbeiten der Datei "" auf Volume "HarddiskVolume1" ist im 
Wiederherstellungsfilter der unerwartete Fehler "0xC0000001" aufgetreten. Die Volumeüberwachung
 wurde angehalten.
 
Error - 10.10.2010 07:18:03 | Computer Name = CARMEN | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   IntelIde
 
 
< End of report >
         
--- --- ---


OTL Log File:OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 10.10.2010 13:24:55 - Run 2
OTL by OldTimer - Version 3.2.14.1     Folder = I:\
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 73,00% Memory free
3,00 Gb Paging File | 3,00 Gb Available in Paging File | 89,00% Paging File free
Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 75,20 Gb Total Space | 45,73 Gb Free Space | 60,80% Space Free | Partition Type: NTFS
Drive D: | 67,01 Gb Total Space | 64,54 Gb Free Space | 96,32% Space Free | Partition Type: NTFS
Drive E: | 6,82 Gb Total Space | 1,98 Gb Free Space | 29,10% Space Free | Partition Type: FAT32
Drive F: | 149,04 Gb Total Space | 133,40 Gb Free Space | 89,50% Space Free | Partition Type: NTFS
G: Drive not present or media not loaded
H: Drive not present or media not loaded
Drive I: | 3,74 Gb Total Space | 3,16 Gb Free Space | 84,65% Space Free | Partition Type: FAT32
 
Computer Name: CARMEN
Current User Name: Carmen und Jens
Logged in as Administrator.
 
Current Boot Mode: Normal
Scan Mode: All users
Company Name Whitelist: Off
Skip Microsoft Files: Off
File Age = 360 Days
Output = Standard
 
========== Processes (SafeList) ==========
 
PRC - [2010.10.10 12:12:24 | 000,576,512 | ---- | M] (OldTimer Tools) -- I:\OTL.exe
PRC - [2010.03.22 23:10:33 | 001,152,296 | ---- | M] () -- C:\Programme\WISO\Sparbuch 2010\meinsparbuchheute.exe
PRC - [2008.11.14 14:43:08 | 000,068,865 | ---- | M] (Avira GmbH) -- C:\Programme\AntiVir PersonalEdition Classic\sched.exe
PRC - [2008.11.14 14:43:06 | 000,151,297 | ---- | M] (Avira GmbH) -- C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
PRC - [2008.10.19 19:55:20 | 000,266,497 | ---- | M] (Avira GmbH) -- C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe
PRC - [2008.04.14 04:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.07.11 16:57:42 | 000,880,640 | R--- | M] (Sony Ericsson Mobile Communications AB) -- C:\Programme\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
PRC - [2007.06.13 09:16:02 | 000,528,384 | R--- | M] () -- C:\Programme\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
PRC - [2007.03.16 04:23:20 | 000,983,040 | R--- | M] (Teleca AB) -- C:\Programme\Gemeinsame Dateien\Teleca Shared\Generic.exe
PRC - [2005.02.21 19:10:00 | 000,737,370 | ---- | M] (Cyberlink) -- C:\Programme\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
PRC - [2005.02.21 19:10:00 | 000,061,440 | ---- | M] (Cyberlink) -- C:\Programme\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
PRC - [2005.02.21 19:09:28 | 000,110,669 | ---- | M] () -- C:\Programme\Home Cinema\PowerCinema\Kernel\TV\CLSched.exe
PRC - [2005.02.21 19:09:26 | 000,184,399 | ---- | M] () -- C:\Programme\Home Cinema\PowerCinema\Kernel\TV\CLCapSvc.exe
PRC - [2005.01.25 12:03:52 | 000,411,648 | ---- | M] () -- C:\Programme\Medion\KeyStat\KeyStat.exe
PRC - [2005.01.04 12:27:00 | 000,405,583 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft ActiveSync\wcescomm.exe
PRC - [2004.12.24 16:51:00 | 000,106,496 | ---- | M] () -- C:\Programme\IVT Corporation\BlueSoleil\BTNtService.exe
PRC - [2004.07.20 19:18:54 | 000,090,112 | ---- | M] (ICSI Technology Ltd.) -- C:\WINDOWS\Dit.exe
PRC - [2004.06.10 13:48:04 | 000,286,720 | ---- | M] () -- C:\WINDOWS\vsnpstd.exe
PRC - [2003.06.20 09:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe
 
 
========== Modules (SafeList) ==========
 
MOD - [2010.10.10 12:12:24 | 000,576,512 | ---- | M] (OldTimer Tools) -- I:\OTL.exe
MOD - [2008.04.14 04:22:15 | 000,072,192 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msacm32.dll
MOD - [2008.04.14 04:22:06 | 001,852,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\AppPatch\acgenral.dll
MOD - [2008.04.14 04:21:06 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msscript.ocx
MOD - [2004.08.04 14:00:00 | 000,014,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\serwvdrv.dll
MOD - [2004.08.04 14:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\umdmxfrm.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - File not found [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService)
SRV - File not found [On_Demand | Stopped] -- C:\Programme\DATA BECKER\Antivirus 2005\AntiVirus\avs_on.exe -- (avs_on)
SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - [2008.11.14 14:43:08 | 000,068,865 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Programme\AntiVir PersonalEdition Classic\sched.exe -- (AntiVirScheduler)
SRV - [2008.11.14 14:43:06 | 000,151,297 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Programme\AntiVir PersonalEdition Classic\avguard.exe -- (AntiVirService)
SRV - [2007.01.19 13:54:14 | 000,097,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\MSN Messenger\usnsvc.exe -- (usnjsvc)
SRV - [2005.02.21 19:10:00 | 000,061,440 | ---- | M] (Cyberlink) [Auto | Running] -- C:\Programme\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe -- (CyberLink Media Library Service)
SRV - [2005.02.21 19:09:28 | 000,110,669 | ---- | M] () [Auto | Running] -- C:\Programme\Home Cinema\PowerCinema\Kernel\TV\CLSched.exe -- (CLSched) CyberLink Task Scheduler (CTS)
SRV - [2005.02.21 19:09:26 | 000,184,399 | ---- | M] () [Auto | Running] -- C:\Programme\Home Cinema\PowerCinema\Kernel\TV\CLCapSvc.exe -- (CLCapSvc) CyberLink Background Capture Service (CBCS)
SRV - [2004.12.24 16:51:00 | 000,106,496 | ---- | M] () [Auto | Running] -- C:\Programme\IVT Corporation\BlueSoleil\BTNtService.exe -- (BlueSoleil Hid Service)
SRV - [2004.11.09 20:18:42 | 000,118,272 | ---- | M] (TuneUp Software GmbH) [On_Demand | Stopped] -- C:\Programme\TuneUp Utilities 2004\WinStylerThemeSvc.exe -- (TUWinStylerThemeSvc)
SRV - [2003.06.20 09:25:00 | 000,322,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe -- (MDM)
SRV - [2001.11.12 14:31:48 | 000,020,480 | ---- | M] (X10) [On_Demand | Stopped] -- C:\Programme\Common Files\X10\Common\X10nets.exe -- (x10nets)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - [2010.10.10 13:17:44 | 000,017,408 | ---- | M] (ICSI Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\USBCRFT.SYS -- (CardReaderFilter)
DRV - [2010.01.17 11:48:17 | 000,075,096 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2010.01.17 11:48:15 | 000,052,056 | ---- | M] (Avira GmbH) [File_System | On_Demand | Running] -- C:\Programme\AntiVir PersonalEdition Classic\avgntflt.sys -- (avgntflt)
DRV - [2010.01.17 11:48:15 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Programme\AntiVir PersonalEdition Classic\avgio.sys -- (avgio)
DRV - [2008.05.07 09:34:53 | 000,021,248 | ---- | M] (AVIRA GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2008.04.13 20:46:22 | 000,015,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mpe.sys -- (MPE)
DRV - [2008.04.13 20:46:20 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\61883.sys -- (61883)
DRV - [2008.04.13 20:46:20 | 000,038,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\avc.sys -- (Avc)
DRV - [2008.04.13 20:46:09 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\msdv.sys -- (MSDV)
DRV - [2008.04.13 18:36:05 | 000,144,384 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\hdaudbus.sys -- (HDAudBus)
DRV - [2008.04.08 08:32:42 | 000,020,736 | R--- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\MosIrUsb.sys -- (MosIrUsb)
DRV - [2007.06.19 10:51:20 | 000,107,304 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s816mdm.sys -- (s816mdm)
DRV - [2007.06.19 10:51:18 | 000,099,112 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s816mgmt.sys -- (s816mgmt) Sony Ericsson Device 816 USB WMC Device Management Drivers (WDM)
DRV - [2007.06.19 10:51:18 | 000,097,704 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s816unic.sys -- (s816unic) Sony Ericsson Device 816 USB Ethernet Emulation SEMCMR7 (WDM)
DRV - [2007.06.19 10:51:18 | 000,097,320 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s816obex.sys -- (s816obex)
DRV - [2007.06.19 10:51:18 | 000,021,928 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s816nd5.sys -- (s816nd5) Sony Ericsson Device 816 USB Ethernet Emulation SEMCMR7 (NDIS)
DRV - [2007.06.19 10:51:18 | 000,013,864 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s816mdfl.sys -- (s816mdfl)
DRV - [2007.06.19 10:51:16 | 000,081,832 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s816bus.sys -- (s816bus) Sony Ericsson Device 816 driver (WDM)
DRV - [2007.04.23 16:54:50 | 000,100,488 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s115mgmt.sys -- (s115mgmt) Sony Ericsson Device 115 USB WMC Device Management Drivers (WDM)
DRV - [2007.04.23 16:54:50 | 000,098,568 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s115obex.sys -- (s115obex)
DRV - [2007.04.23 16:54:48 | 000,108,680 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s115mdm.sys -- (s115mdm)
DRV - [2007.04.23 16:54:48 | 000,015,112 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s115mdfl.sys -- (s115mdfl)
DRV - [2007.04.23 16:54:46 | 000,083,208 | R--- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\s115bus.sys -- (s115bus) Sony Ericsson Device 115 driver (WDM)
DRV - [2006.03.08 21:27:12 | 000,078,848 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\SSHDRV85.sys -- (SSHDRV85)
DRV - [2006.02.26 13:42:20 | 000,097,792 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ACEDRV05.sys -- (ACEDRV05)
DRV - [2005.12.06 12:16:20 | 000,826,752 | ---- | M] (Philips Semiconductors GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\3xHybrid.sys -- (3xHybrid)
DRV - [2005.05.11 23:23:02 | 000,081,408 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\SSHDRV86.sys -- (SSHDRV86)
DRV - [2005.03.04 12:02:20 | 001,066,278 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2005.02.14 21:14:45 | 000,028,352 | ---- | M] (MusicMatch, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\MxlW2k.sys -- (MxlW2k)
DRV - [2005.02.11 11:22:48 | 000,081,728 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750mgmt.sys -- (k750mgmt)
DRV - [2005.02.11 11:19:20 | 000,055,216 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k750bus.sys -- (k750bus) Sony Ericsson 750 driver (WDM)
DRV - [2005.01.13 16:20:00 | 000,012,500 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vbtenum.sys -- (BTHidEnum)
DRV - [2005.01.12 22:30:00 | 000,915,968 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2004.12.16 17:32:00 | 000,013,304 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BTNetFilter.sys -- (BTNetFilter)
DRV - [2004.12.03 15:41:00 | 000,140,544 | ---- | M] (Ralink Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rt2500usb.sys -- (RT2500USB)
DRV - [2004.12.01 18:55:00 | 000,022,488 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btcusb.sys -- (Btcsrusb)
DRV - [2004.11.05 12:39:00 | 000,082,148 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VcommMgr.sys -- (VcommMgr)
DRV - [2004.10.19 14:40:00 | 000,028,207 | ---- | M] (IVT Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\BTHidMgr.sys -- (BTHidMgr)
DRV - [2004.10.19 14:37:00 | 000,061,312 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VComm.sys -- (VComm)
DRV - [2004.10.19 12:39:00 | 000,020,096 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\blueletaudio.sys -- (BlueletAudio)
DRV - [2004.10.15 09:37:14 | 000,345,728 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\snpstd.sys -- (snpstd) USB PC Camera (SN9C102)
DRV - [2004.10.01 14:58:10 | 001,272,000 | ---- | M] (C-Media Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\cmudax.sys -- (cmudax)
DRV - [2004.09.21 19:15:00 | 000,010,804 | ---- | M] (IVT Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\BtNetDrv.sys -- (BT)
DRV - [2004.03.21 18:17:07 | 000,017,024 | ---- | M] (SlySoft, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AnyDVD.sys -- (AnyDVD)
DRV - [2004.03.17 17:10:40 | 000,113,664 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Hdaudio.sys -- (HdAudAddService)
DRV - [2004.03.10 17:27:18 | 000,011,264 | ---- | M] (Pinnacle Systems GmbH) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\asapiW2k.sys -- (ASAPIW2k)
DRV - [2004.01.16 14:02:58 | 000,017,408 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\x10ufx2.sys -- (XUIF)
DRV - [2003.11.29 03:21:42 | 000,009,728 | ---- | M] (Elaborate Bytes AG) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ElbyCDIO.sys -- (ElbyCDIO)
DRV - [2003.03.28 17:25:52 | 000,003,840 | ---- | M] (Elaborate Bytes) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ElbyDelay.sys -- (ElbyDelay)
DRV - [2002.05.28 11:40:28 | 000,004,480 | ---- | M] (Elaborate Bytes) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ElbyCDFL.sys -- (ElbyCDFL)
DRV - [2002.04.24 13:07:56 | 000,019,928 | ---- | M] (Winbond Electronics Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wbscr.sys -- (wbscr)
DRV - [2001.08.17 14:57:38 | 000,016,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\MODEMCSA.sys -- (MODEMCSA)
DRV - [1998.09.16 09:07:10 | 000,041,472 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sfc4.sys -- (SFC4)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
 
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = hxxp://www.arcor.de
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.arcor.de
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.arcor.de
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = hxxp://www.arcor.de
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.arcor.de
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.arcor.de
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.aldi.com
 
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.aldi.com
 
IE - HKU\S-1-5-21-890509282-4084294355-999636409-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.web.de/home
IE - HKU\S-1-5-21-890509282-4084294355-999636409-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://go.web.de/tab2 [binary data]
IE - HKU\S-1-5-21-890509282-4084294355-999636409-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.arcor.de
IE - HKU\S-1-5-21-890509282-4084294355-999636409-1008\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-890509282-4084294355-999636409-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.web.de/
IE - HKU\S-1-5-21-890509282-4084294355-999636409-1008\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-890509282-4084294355-999636409-1008\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
 
 
 
O1 HOSTS File: ([2006.06.29 18:58:53 | 000,000,847 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll File not found
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - No CLSID value found.
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\Programme\Google\GoogleToolbar1.dll (Google Germany GmbH)
O2 - BHO: (EpsonToolBandKicker Class) - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Programme\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKLM\..\Toolbar: (&Google) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\Programme\Google\GoogleToolbar1.dll (Google Germany GmbH)
O3 - HKLM\..\Toolbar: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Programme\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O3 - HKU\S-1-5-21-890509282-4084294355-999636409-1008\..\Toolbar\WebBrowser: (&Google) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\Programme\Google\GoogleToolbar1.dll (Google Germany GmbH)
O3 - HKU\S-1-5-21-890509282-4084294355-999636409-1008\..\Toolbar\WebBrowser: (EPSON Web-To-Page) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Programme\epson\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [avgnt] C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [Cmaudio]  File not found
O4 - HKLM..\Run: [Dit] C:\WINDOWS\Dit.exe (ICSI Technology Ltd.)
O4 - HKLM..\Run: [Keyboard Status] C:\Programme\Medion\KeyStat\KeyStat.exe ()
O4 - HKLM..\Run: [RegisterDropHandler] C:\Programme\TextBridge Classic 2.0\Bin\RegisterDropHandler.exe ()
O4 - HKLM..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe ()
O4 - HKLM..\Run: [Sony Ericsson PC Suite] C:\Programme\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe ()
O4 - HKU\S-1-5-21-890509282-4084294355-999636409-1008..\Run: [H/PC Connection Agent] C:\Programme\Microsoft ActiveSync\WCESCOMM.EXE (Microsoft Corporation)
O4 - HKLM..\RunServices: [RegisterDropHandler] C:\Programme\TextBridge Classic 2.0\Bin\RegisterDropHandler.exe ()
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Adobe Reader - Schnellstart.lnk = C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\WISO Mein Sparbuch heute.lnk = C:\Programme\WISO\Sparbuch 2010\meinsparbuchheute.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSharedDocuments = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-890509282-4084294355-999636409-1008\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O7 - HKU\S-1-5-21-890509282-4084294355-999636409-1008\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKU\S-1-5-21-890509282-4084294355-999636409-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - C:\Programme\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_01\bin\NPJPI150_01.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Mobilen Favoriten erstellen - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Programme\Microsoft ActiveSync\inetrepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Mobilen Favoriten erstellen... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Programme\Microsoft ActiveSync\inetrepl.dll (Microsoft Corporation)
O9 - Extra Button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe (ICQ Ltd.)
O9 - Extra 'Tools' menuitem : ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Programme\ICQLite\ICQLite.exe (ICQ Ltd.)
O9 - Extra Button: XM2002® - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - C:\Programme\IPPS\XM2002®\XM2002.exe File not found
O9 - Extra 'Tools' menuitem : &XM2002® - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - C:\Programme\IPPS\XM2002®\XM2002.exe File not found
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://go.microsoft.com/fwlink/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} hxxp://office.microsoft.com/officeupdate/content/opuc.cab (Office Update Installation Engine)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1106843944468 (WUWebControl Class)
O16 - DPF: {745395C8-D0E1-4227-8586-624CA9A10A8D} hxxp://193.27.44.33//activex/AMC.cab (AxisMediaControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_01-windows-i586.cab (Java Plug-in 1.5.0_01)
O16 - DPF: {CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_01-windows-i586.cab (Java Plug-in 1.5.0_01)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} hxxp://188.180.66.42/activex/AMC.cab (AxisMediaControlEmb Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
O18 - Protocol\Handler\mctp {d7b95390-b1c5-11d0-b111-0080c712fe82} - C:\Programme\Microsoft ActiveSync\aatp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\MSN Messenger\msgrapp.8.1.0178.00.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O24 - Desktop WallPaper: C:\Dokumente und Einstellungen\Carmen und Jens\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Dokumente und Einstellungen\Carmen und Jens\Lokale Einstellungen\Anwendungsdaten\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2005.02.12 20:54:46 | 000,000,050 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{0f039ae1-8468-11d9-8a72-001109df9636}\Shell\AutoRun\command - "" = L:\OEMBranding.exe -- File not found
O33 - MountPoints2\{176ebe7a-8522-11d9-8a7e-001109df94c7}\Shell\AutoRun\command - "" = K:\OEMBranding.exe -- File not found
O33 - MountPoints2\{b60dc10a-85ba-11d9-8a81-001109df94c7}\Shell\AutoRun\command - "" = L:\OEMBranding.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 360 Days ==========
 
[2010.10.10 12:15:14 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Carmen und Jens\Anwendungsdaten\Malwarebytes
[2010.10.10 12:15:07 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.10.10 12:15:04 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.10.10 12:15:04 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2010.10.10 12:15:03 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2010.08.19 09:44:12 | 000,000,000 | ---D | C] -- C:\Programme\Gemeinsame Dateien\ODBC
[2010.08.19 08:55:12 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe
[2010.08.17 15:17:06 | 000,058,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spoolsv.exe
[2010.08.12 09:36:16 | 000,743,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[2010.07.12 20:17:11 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Carmen und Jens\Desktop\Annemarie
[2010.06.18 19:44:50 | 000,293,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winsrv.dll
[2010.05.13 19:29:22 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Carmen und Jens\Desktop\Bilder und Videos Irene
[2010.05.13 19:29:02 | 000,100,488 | R--- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\s115mgmt.sys
[2010.05.13 19:28:57 | 000,098,568 | R--- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\s115obex.sys
[2010.05.13 19:28:47 | 000,108,680 | R--- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\s115mdm.sys
[2010.05.13 19:28:47 | 000,015,112 | R--- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\s115mdfl.sys
[2010.05.13 19:28:47 | 000,012,424 | R--- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\s115cmnt.sys
[2010.05.13 19:28:47 | 000,012,424 | R--- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\s115cm.sys
[2010.05.13 19:28:43 | 000,083,208 | R--- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\s115bus.sys
[2010.05.13 19:28:43 | 000,012,424 | R--- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\s115whnt.sys
[2010.05.13 19:28:43 | 000,012,424 | R--- | C] (MCCI Corporation) -- C:\WINDOWS\System32\drivers\s115wh.sys
[2010.05.08 12:46:37 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8
[2010.05.08 11:39:40 | 017,010,016 | ---- | C] (Microsoft Corporation) -- C:\Dokumente und Einstellungen\Carmen und Jens\Desktop\IE8-WindowsXP-x86-DEU.exe
[2010.04.24 22:16:44 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen\Carmen und Jens\IECompatCache
[2010.04.24 22:10:07 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\IEConfiguration1und1
[2010.04.24 22:10:06 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Carmen und Jens\Lokale Einstellungen\Anwendungsdaten\PackageAware
[2010.04.24 22:10:02 | 000,000,000 | -H-D | C] -- C:\WINDOWS\msdownld.tmp
[2010.04.24 22:09:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\WBEM
[2010.04.24 22:06:22 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2010.04.24 22:06:21 | 001,986,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2010.04.24 22:06:20 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2010.04.20 07:29:56 | 000,285,696 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\dllcache\atmfd.dll
[2010.04.17 10:55:49 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\browserchoice.exe
[2010.04.16 19:29:52 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Carmen und Jens\Eigene Dateien\Mein Sparbuch Heute
[2010.04.16 17:36:58 | 000,406,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usp10.dll
[2010.04.05 13:31:16 | 000,241,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mp4sds32.ax
[2010.03.31 00:16:34 | 000,099,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\PresentationHostProxy.dll
[2010.03.31 00:10:40 | 000,295,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\PresentationHost.exe
[2010.03.30 12:24:40 | 000,317,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mp4sdecd.dll
[2010.03.27 21:51:59 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\LocalService\Anwendungsdaten\Adobe
[2010.03.24 14:19:52 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Carmen und Jens\Anwendungsdaten\Helper
[2010.03.15 21:36:00 | 000,018,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\spmsg.dll
[2010.03.15 21:35:50 | 000,000,000 | ---D | C] -- C:\Programme\Windows Media Connect 2
[2010.03.15 21:34:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\UMDF
[2010.03.15 21:34:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles
[2010.03.12 10:44:27 | 003,558,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\moviemk.exe
[2010.03.10 06:33:47 | 001,025,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\browseui.dll
[2010.03.05 16:37:40 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asycfilt.dll
[2010.02.26 07:41:06 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iepeers.dll
[2010.02.25 11:45:00 | 011,077,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2010.02.13 22:01:05 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Carmen und Jens\Desktop\Bilder2010
[2010.02.12 06:33:08 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\6to4svc.dll
[2010.01.14 10:41:58 | 000,471,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aclayers.dll
[2010.01.13 16:00:09 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cabview.dll
[2009.12.24 08:59:41 | 000,177,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wintrust.dll
[2009.12.17 09:40:01 | 000,346,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspaint.exe
[2009.12.14 09:08:20 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\csrsrv.dll
[2009.12.08 11:23:28 | 000,474,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shlwapi.dll
[2009.11.27 19:11:57 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msyuv.dll
[2009.11.27 18:08:01 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iyuv_32.dll
[2009.11.27 18:08:01 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msrle32.dll
[2009.11.07 01:07:08 | 000,049,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\netfxperf.dll
[2009.10.29 07:24:34 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdc.ocx
[2009.10.21 07:38:36 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\strmfilt.dll
[2009.10.21 07:38:36 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpapi.dll
[2009.10.20 18:20:16 | 000,265,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\http.sys
[2008.11.18 19:51:54 | 000,262,144 | ---- | C] (ZoneAlarm) -- C:\Programme\Uninstall Spy Blocker.dll
[2005.06.20 23:07:00 | 000,061,440 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnpstd.dll
[2005.06.20 23:07:00 | 000,061,440 | ---- | C] ( ) -- C:\WINDOWS\System32\csnpstd.dll
[2005.06.20 23:07:00 | 000,036,864 | ---- | C] ( ) -- C:\WINDOWS\System32\vsnpstd.dll
[8 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
========== Files - Modified Within 360 Days ==========
 
[2010.10.10 13:18:08 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010.10.10 13:17:44 | 000,017,408 | ---- | M] (ICSI Technology Ltd.) -- C:\WINDOWS\System32\drivers\USBCRFT.SYS
[2010.10.10 13:17:29 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2010.10.10 13:17:26 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010.10.10 13:17:20 | 2147,012,608 | -HS- | M] () -- C:\hiberfil.sys
[2010.10.10 13:16:31 | 007,077,888 | ---- | M] () -- C:\Dokumente und Einstellungen\Carmen und Jens\ntuser.dat
[2010.10.10 13:16:31 | 000,000,300 | -HS- | M] () -- C:\Dokumente und Einstellungen\Carmen und Jens\ntuser.ini
[2010.10.10 12:15:09 | 000,000,680 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.10.08 20:47:34 | 000,002,523 | ---- | M] () -- C:\Dokumente und Einstellungen\Carmen und Jens\Desktop\Microsoft Excel.lnk
[2010.10.06 13:37:31 | 001,109,164 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2010.10.06 13:37:31 | 000,490,814 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2010.10.06 13:37:31 | 000,467,258 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010.10.06 13:37:31 | 000,099,024 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2010.10.06 13:37:31 | 000,082,514 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010.10.01 17:16:17 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\1-Klick-Wartung.job
[2010.09.23 18:51:24 | 000,002,495 | ---- | M] () -- C:\Dokumente und Einstellungen\Carmen und Jens\Desktop\Microsoft Word.lnk
[2010.09.15 19:56:56 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010.09.08 13:28:18 | 000,012,862 | ---- | M] () -- C:\WINDOWS\EPISMG00.SWB
[2010.09.05 20:08:18 | 000,032,768 | ---- | M] () -- C:\Dokumente und Einstellungen\Carmen und Jens\Desktop\Ausgaben Irene 2008.xls
[2010.08.19 19:45:15 | 000,033,102 | ---- | M] () -- C:\Dokumente und Einstellungen\Carmen und Jens\Anwendungsdaten\wklnhst.dat
[2010.08.19 18:56:54 | 000,438,944 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010.08.17 15:17:06 | 000,058,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\spoolsv.exe
[2010.07.27 08:29:42 | 008,503,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shell32.dll
[2010.07.22 17:48:54 | 000,590,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcrt4.dll
[2010.06.30 14:28:51 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\schannel.dll
[2010.06.24 17:51:58 | 011,077,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2010.06.24 14:22:03 | 001,210,368 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\urlmon.dll
[2010.06.24 14:22:03 | 000,916,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wininet.dll
[2010.06.24 14:22:02 | 000,611,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mstime.dll
[2010.06.24 14:22:02 | 000,611,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mstime.dll
[2010.06.24 14:22:02 | 000,206,848 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\occache.dll
[2010.06.24 14:22:01 | 005,951,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mshtml.dll
[2010.06.24 14:21:59 | 001,986,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2010.06.24 14:21:59 | 001,469,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\inetcpl.cpl
[2010.06.24 14:21:59 | 001,469,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcpl.cpl
[2010.06.24 14:21:59 | 000,599,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeeds.dll
[2010.06.24 14:21:59 | 000,599,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2010.06.24 14:21:59 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\msfeedsbs.dll
[2010.06.24 14:21:59 | 000,055,296 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2010.06.24 14:21:59 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\jsproxy.dll
[2010.06.24 14:21:59 | 000,025,600 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jsproxy.dll
[2010.06.24 14:21:58 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iepeers.dll
[2010.06.24 14:21:58 | 000,184,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iepeers.dll
[2010.06.24 14:21:56 | 000,743,424 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedvtool.dll
[2010.06.24 14:21:55 | 000,387,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\iedkcs32.dll
[2010.06.24 14:21:55 | 000,387,584 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iedkcs32.dll
[2010.06.24 11:02:00 | 001,852,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\win32k.sys
[2010.06.24 11:02:00 | 001,852,032 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\win32k.sys
[2010.06.23 14:08:09 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ie4uinit.exe
[2010.06.23 14:08:09 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ie4uinit.exe
[2010.06.21 17:27:11 | 000,354,304 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srv.sys
[2010.06.18 19:44:50 | 000,293,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\winsrv.dll
[2010.06.18 19:44:50 | 000,293,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winsrv.dll
[2010.06.18 15:36:12 | 003,558,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\moviemk.exe
[2010.06.17 16:03:00 | 000,080,384 | ---- | M] (Radius Inc.) -- C:\WINDOWS\System32\iccvid.dll
[2010.06.15 18:16:28 | 000,143,422 | ---- | M] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\WINDOWS\System32\l3codecx.ax
[2010.06.14 16:31:20 | 000,744,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\helpsvc.exe
[2010.06.14 09:41:35 | 001,172,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msxml3.dll
[2010.06.09 09:43:25 | 000,692,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetcomm.dll
[2010.05.18 09:53:57 | 000,001,361 | ---- | M] () -- C:\WINDOWS\WISO.INI
[2010.05.16 18:26:00 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2010.05.13 20:31:42 | 000,002,667 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Sony Ericsson PC Suite.lnk
[2010.05.08 12:52:19 | 000,000,787 | ---- | M] () -- C:\Dokumente und Einstellungen\Carmen und Jens\Desktop\Internet Explorer.lnk
[2010.05.08 11:39:40 | 017,010,016 | ---- | M] (Microsoft Corporation) -- C:\Dokumente und Einstellungen\Carmen und Jens\Desktop\IE8-WindowsXP-x86-DEU.exe
[2010.05.06 12:31:23 | 001,209,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\urlmon(4).dll
[2010.05.06 12:31:23 | 000,916,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wininet(4).dll
[2010.04.29 12:19:24 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010.04.29 12:19:14 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010.04.28 20:11:30 | 002,192,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe
[2010.04.28 07:41:29 | 002,069,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlpa.exe
[2010.04.28 07:41:18 | 002,148,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ntoskrnl.exe
[2010.04.28 07:41:18 | 002,148,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe
[2010.04.28 07:41:17 | 002,027,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe
[2010.04.28 07:41:17 | 002,027,008 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\ntkrnlpa.exe
[2010.04.20 07:29:56 | 000,285,696 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\dllcache\atmfd.dll
[2010.04.20 07:29:56 | 000,285,696 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\atmfd.dll
[2010.04.16 17:36:58 | 000,406,016 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\usp10.dll
[2010.04.15 19:00:58 | 000,001,723 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\WISO Mein Sparbuch heute.lnk
[2010.04.15 19:00:58 | 000,001,648 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\WISO Sparbuch 2010.lnk
[2010.04.06 04:52:46 | 002,462,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\WMVCore.dll
[2010.04.06 04:52:46 | 002,462,720 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\WMVCore.dll
[2010.04.05 13:31:16 | 000,241,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mp4sds32.ax
[2010.04.05 13:31:16 | 000,241,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mp4sds32.ax
[2010.03.31 00:16:34 | 000,099,176 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\PresentationHostProxy.dll
[2010.03.31 00:10:40 | 000,295,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\PresentationHost.exe
[2010.03.30 12:24:40 | 000,317,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mp4sdecd.dll
[2010.03.30 12:24:40 | 000,317,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mp4sdecd.dll
[2010.03.30 00:52:26 | 000,262,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mpg4ds32.ax
[2010.03.30 00:52:26 | 000,262,416 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mpg4ds32.ax
[2010.03.25 10:49:37 | 000,000,766 | ---- | M] () -- C:\Dokumente und Einstellungen\Carmen und Jens\Desktop\Windows Media Player.lnk
[2010.03.15 21:41:30 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2010.03.15 21:41:30 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2010.03.15 21:35:54 | 000,001,112 | ---- | M] () -- C:\WINDOWS\win.ini
[2010.03.15 21:35:00 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2010.03.15 21:34:09 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf
[2010.03.15 21:33:27 | 000,000,902 | ---- | M] () -- C:\WINDOWS\System32\InstallUtil.InstallLog
[2010.03.10 08:15:55 | 000,420,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\vbscript.dll
[2010.03.10 08:15:55 | 000,420,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\vbscript.dll
[2010.03.10 06:33:52 | 001,509,888 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shdocvw.dll
[2010.03.10 06:33:47 | 001,025,024 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\browseui.dll
[2010.03.05 16:37:40 | 000,065,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asycfilt.dll
[2010.03.05 16:37:40 | 000,065,536 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\asycfilt.dll
[2010.02.25 08:15:07 | 001,209,344 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\urlmon(5).dll
[2010.02.25 08:15:07 | 000,916,480 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wininet(5).dll
[2010.02.24 15:11:07 | 000,455,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys
[2010.02.23 00:12:32 | 000,057,667 | ---- | M] () -- C:\WINDOWS\System32\ieuinit.inf
[2010.02.12 12:03:03 | 000,293,376 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\browserchoice.exe
[2010.02.12 06:33:08 | 000,100,864 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\6to4svc.dll
[2010.02.11 14:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tcpip6.sys
[2010.02.11 14:02:15 | 000,226,880 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcpip6.sys
[2010.02.05 20:25:49 | 001,297,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\quartz.dll
[2010.02.05 20:25:49 | 001,297,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quartz.dll
[2010.01.29 16:43:35 | 000,307,260 | ---- | M] (Fraunhofer Institut Integrierte Schaltungen IIS) -- C:\WINDOWS\System32\l3codeca.acm
[2010.01.17 11:48:17 | 000,075,096 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2010.01.13 16:00:09 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cabview.dll
[2009.12.24 08:59:41 | 000,177,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wintrust.dll
[2009.12.17 09:40:01 | 000,346,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\mspaint.exe
[2009.12.17 09:40:01 | 000,346,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mspaint.exe
[2009.12.14 09:08:20 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\csrsrv.dll
[2009.12.14 09:08:20 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\csrsrv.dll
[2009.12.09 07:53:44 | 000,726,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\jscript.dll
[2009.12.09 07:53:44 | 000,726,528 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jscript.dll
[2009.12.08 11:23:28 | 000,474,624 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shlwapi.dll
[2009.11.27 19:11:57 | 001,297,408 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\quartz(2).dll
[2009.11.27 19:11:57 | 000,017,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msyuv.dll
[2009.11.27 18:08:01 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\avifil32.dll
[2009.11.27 18:08:01 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\avifil32.dll
[2009.11.27 18:08:01 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iyuv_32.dll
[2009.11.27 18:08:01 | 000,028,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msvidc32.dll
[2009.11.27 18:08:01 | 000,011,264 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msrle32.dll
[2009.11.27 18:08:01 | 000,008,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsbyuv.dll
[2009.11.21 17:54:48 | 001,206,508 | ---- | M] () -- C:\WINDOWS\System32\dllcache\sysmain.sdb
[2009.11.21 17:54:17 | 000,471,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aclayers.dll
[2009.11.13 22:11:10 | 000,000,368 | ---- | M] () -- C:\WINDOWS\Clony2.ini
[2009.11.13 22:10:31 | 000,000,117 | ---- | M] () -- C:\WINDOWS\Prof.ini
[2009.11.07 01:07:08 | 000,049,488 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\netfxperf.dll
[2009.10.21 07:38:36 | 000,075,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\strmfilt.dll
[2009.10.21 07:38:36 | 000,075,776 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\strmfilt.dll
[2009.10.21 07:38:36 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\httpapi.dll
[2009.10.21 07:38:36 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpapi.dll
[2009.10.20 18:20:16 | 000,265,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\http.sys
[2009.10.15 18:28:24 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\t2embed.dll
[2009.10.15 18:28:24 | 000,119,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\t2embed.dll
[2009.10.15 18:28:24 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\fontsub.dll
[2009.10.15 18:28:24 | 000,081,920 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fontsub.dll
[8 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2010.10.10 12:15:09 | 000,000,680 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.05.31 09:34:38 | 007,077,888 | ---- | C] () -- C:\Dokumente und Einstellungen\Carmen und Jens\ntuser.dat
[2010.05.08 12:52:19 | 000,000,787 | ---- | C] () -- C:\Dokumente und Einstellungen\Carmen und Jens\Desktop\Internet Explorer.lnk
[2010.04.15 19:00:58 | 000,001,648 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\WISO Sparbuch 2010.lnk
[2010.03.15 21:34:09 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\UMDF\MsftWdf_user_01_00_00.Wdf
[2009.04.13 18:24:03 | 000,020,736 | R--- | C] () -- C:\WINDOWS\System32\drivers\MosIrUsb.sys
[2009.01.25 15:14:37 | 000,000,000 | ---- | C] () -- C:\WINDOWS\mngui.INI
[2007.02.06 19:37:52 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll
[2007.01.04 17:30:22 | 000,000,041 | ---- | C] () -- C:\WINDOWS\DAVILEX.INI
[2006.12.28 11:00:46 | 000,000,019 | ---- | C] () -- C:\WINDOWS\SoundConverter.INI
[2006.06.29 19:34:29 | 000,000,305 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\addr_file.html
[2006.04.08 17:02:43 | 000,000,112 | ---- | C] () -- C:\WINDOWS\ActiveSkin.INI
[2006.03.13 08:35:08 | 000,000,083 | ---- | C] () -- C:\WINDOWS\MGXWALL.ini
[2006.03.12 19:11:57 | 000,338,944 | ---- | C] () -- C:\WINDOWS\System32\LFFPX7.DLL
[2006.03.12 19:11:57 | 000,118,784 | ---- | C] () -- C:\WINDOWS\System32\LFKODAK.DLL
[2006.03.12 19:11:56 | 000,001,077 | ---- | C] () -- C:\WINDOWS\Mgxclean.sys
[2006.03.12 17:13:57 | 000,000,366 | ---- | C] () -- C:\WINDOWS\SIERRA.INI
[2006.03.08 21:27:12 | 000,078,848 | ---- | C] () -- C:\WINDOWS\System32\drivers\SSHDRV85.sys
[2006.02.27 10:19:34 | 000,000,052 | ---- | C] () -- C:\WINDOWS\videodeLuxe.INI
[2006.02.26 21:13:57 | 000,002,849 | ---- | C] () -- C:\WINDOWS\tm.ini
[2006.02.26 13:35:54 | 000,000,213 | ---- | C] () -- C:\WINDOWS\BUHL.INI
[2006.02.04 18:23:49 | 000,000,099 | ---- | C] () -- C:\WINDOWS\System32\PICSDK.ini
[2006.02.04 18:21:04 | 000,000,025 | ---- | C] () -- C:\WINDOWS\CDE DX4200EFGIPSD.ini
[2006.01.17 14:19:18 | 000,038,912 | ---- | C] () -- C:\WINDOWS\System32\mgxasio.dll
[2005.08.05 19:01:44 | 000,000,132 | ---- | C] () -- C:\WINDOWS\TC.INI
[2005.06.20 23:09:12 | 000,000,021 | ---- | C] () -- C:\WINDOWS\VI_setup.ini
[2005.06.20 23:08:13 | 000,000,021 | ---- | C] () -- C:\WINDOWS\PI4_setup.ini
[2005.06.20 23:07:06 | 000,053,248 | ---- | C] () -- C:\WINDOWS\System32\dsnpstd.dll
[2005.06.20 23:07:06 | 000,015,541 | ---- | C] () -- C:\WINDOWS\snpstd.ini
[2005.06.20 23:07:04 | 000,345,728 | ---- | C] () -- C:\WINDOWS\System32\drivers\snpstd.sys
[2005.06.20 22:46:40 | 000,000,420 | ---- | C] () -- C:\WINDOWS\videoimp.ini
[2005.06.20 22:46:39 | 000,000,108 | ---- | C] () -- C:\WINDOWS\WININIT.INI
[2005.06.15 21:11:07 | 000,000,021 | ---- | C] () -- C:\WINDOWS\CS_setup.ini
[2005.06.15 21:01:06 | 000,010,240 | ---- | C] () -- C:\WINDOWS\System32\vidx16.dll
[2005.05.27 23:07:12 | 000,000,000 | ---- | C] () -- C:\WINDOWS\OpPrintServer.INI
[2005.05.23 19:52:35 | 000,000,000 | ---- | C] () -- C:\WINDOWS\WATCH.INI
[2005.05.23 19:27:04 | 000,000,117 | ---- | C] () -- C:\WINDOWS\Prof.ini
[2005.05.23 16:22:54 | 000,000,368 | ---- | C] () -- C:\WINDOWS\Clony2.ini
[2005.05.23 08:34:32 | 000,000,728 | ---- | C] () -- C:\WINDOWS\Ulead32.ini
[2005.05.23 08:31:06 | 000,000,096 | ---- | C] () -- C:\WINDOWS\Tb98.ini
[2005.05.23 08:31:01 | 000,046,512 | ---- | C] () -- C:\WINDOWS\System32\EPSN.DLL
[2005.05.23 08:31:01 | 000,012,126 | ---- | C] () -- C:\WINDOWS\System32\PIXPCZ.DLL
[2005.05.23 08:31:01 | 000,011,934 | ---- | C] () -- C:\WINDOWS\System32\PIXPNR.DLL
[2005.05.23 08:31:01 | 000,009,136 | ---- | C] () -- C:\WINDOWS\System32\INETWH16.DLL
[2005.05.23 08:30:43 | 000,001,942 | ---- | C] () -- C:\WINDOWS\ACROREAD.INI
[2005.05.23 08:30:43 | 000,001,901 | ---- | C] () -- C:\WINDOWS\ATM.INI
[2005.05.23 08:30:43 | 000,000,027 | ---- | C] () -- C:\WINDOWS\ACROGRAF.INI
[2005.05.23 08:30:39 | 000,041,472 | ---- | C] () -- C:\WINDOWS\System32\drivers\sfc4.sys
[2005.05.11 23:40:40 | 000,000,019 | ---- | C] () -- C:\WINDOWS\dbdav1.ini
[2005.05.11 23:40:35 | 000,000,064 | ---- | C] () -- C:\WINDOWS\avfile_dir.ini
[2005.05.11 23:23:19 | 000,000,062 | ---- | C] () -- C:\WINDOWS\ad_av_2_h_0001.ini
[2005.05.11 23:23:02 | 000,081,408 | ---- | C] () -- C:\WINDOWS\System32\drivers\SSHDRV86.sys
[2005.05.09 10:41:30 | 000,033,102 | ---- | C] () -- C:\Dokumente und Einstellungen\Carmen und Jens\Anwendungsdaten\wklnhst.dat
[2005.05.09 10:05:29 | 000,000,121 | ---- | C] () -- C:\WINDOWS\telephon.ini
[2005.05.09 08:56:39 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2005.05.09 08:25:52 | 000,032,256 | ---- | C] () -- C:\Dokumente und Einstellungen\Carmen und Jens\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005.05.09 08:25:52 | 000,000,148 | ---- | C] () -- C:\Dokumente und Einstellungen\Carmen und Jens\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2005.02.23 16:56:17 | 000,019,968 | ---- | C] () -- C:\WINDOWS\System32\cpuinf32.dll
[2005.02.23 16:45:14 | 000,001,208 | ---- | C] () -- C:\WINDOWS\mgxoschk.ini
[2005.02.23 16:45:14 | 000,000,085 | ---- | C] () -- C:\WINDOWS\magix.ini
[2005.02.22 02:00:38 | 000,198,144 | ---- | C] () -- C:\WINDOWS\System32\_psisdecd.dll
[2005.02.21 17:07:39 | 000,000,056 | RHS- | C] () -- C:\WINDOWS\System32\41D12D28A0.sys
[2005.02.21 14:21:38 | 000,000,147 | ---- | C] () -- C:\Dokumente und Einstellungen\NetworkService\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2005.02.14 23:30:26 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2005.02.14 21:00:54 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\34CoInstaller.dll
[2005.02.12 20:51:20 | 000,001,361 | ---- | C] () -- C:\WINDOWS\WISO.INI
[2005.02.12 20:31:23 | 000,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005.02.12 20:22:10 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\GetOSVer.dll
[2005.02.06 22:01:52 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005.02.06 16:24:19 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
[2005.02.06 15:08:44 | 000,006,266 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2005.02.06 15:08:44 | 000,000,008 | RHS- | C] () -- C:\WINDOWS\System32\D5D86239B1.sys
[2005.02.06 14:51:03 | 000,013,900 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2005.01.28 09:03:49 | 000,003,776 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2005.01.27 17:40:56 | 000,000,863 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2005.01.27 17:35:00 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\Install2500USB.dll
[2005.01.27 17:35:00 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\DEDriverDLL.dll
[2005.01.27 10:31:53 | 000,000,269 | ---- | C] () -- C:\WINDOWS\Dit.INI
[2005.01.27 10:19:21 | 000,013,304 | ---- | C] () -- C:\WINDOWS\System32\drivers\BTNetFilter.sys
[2005.01.27 10:19:21 | 000,012,500 | ---- | C] () -- C:\WINDOWS\System32\drivers\vbtenum.sys
[2005.01.27 08:37:13 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\cmirmdrv.dll
[2005.01.27 05:59:36 | 000,001,292 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2004.09.28 23:54:30 | 003,375,104 | ---- | C] () -- C:\WINDOWS\System32\qt-mt331.dll
[2003.12.22 14:40:06 | 001,663,068 | ---- | C] () -- C:\WINDOWS\System32\libmmd.dll
[1996.10.07 16:34:52 | 000,037,376 | ---- | C] () -- C:\WINDOWS\System32\GNNPOST.DLL
[1996.10.07 16:34:52 | 000,007,328 | ---- | C] () -- C:\WINDOWS\System32\GAUGE.DLL
[1996.10.07 16:34:50 | 000,068,936 | ---- | C] () -- C:\WINDOWS\System32\AOLTCP16.DLL
[1996.10.07 08:38:42 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\fpwpp.dll
< End of report >
         
--- --- ---
Angehängte Dateien
Dateityp: txt mbam-log-2010-10-10 (13-15-55).txt (1,5 KB, 195x aufgerufen)
Dateityp: txt Extras.Txt (24,1 KB, 213x aufgerufen)
Dateityp: txt OTL.Txt (58,6 KB, 173x aufgerufen)

Antwort

Themen zu flacor.dat (Backdoor- Trojaner) Log- Dateien
0x00000001, 0xc0000001, acedrv05.sys, acroiehelper.dll, adware.cydoor, avgntflt.sys, becker, beitrag, checken, components, datei, dateien, excel.exe, fehlermeldung, files, flacor.dat, folge, folgende, forum, hallo zusammen, hdaudio.sys, location, malwarebytes, neu, oldtimer, otl logfile, otl.exe, programme, programmen, saver, scan, schließe, shell32.dll, sierra, studio, system, system restore, troja, trojaner, windows internet, wireless lan, zusammen



Ähnliche Themen: flacor.dat (Backdoor- Trojaner) Log- Dateien


  1. Backdoor.agent.?Desktop schwarz, Dateien versteckt.
    Log-Analyse und Auswertung - 28.03.2013 (17)
  2. Trojaner flacor.dat in Adobe updater, ist er neutralisiert?
    Plagegeister aller Art und deren Bekämpfung - 19.12.2010 (14)
  3. flacor.dat Fehlermeldung - wie bekomme ich sie weg?
    Plagegeister aller Art und deren Bekämpfung - 28.11.2010 (1)
  4. Trojaner/Adware - flacor.dat/eBayShortcuts.exe (Adware.ADON)
    Plagegeister aller Art und deren Bekämpfung - 05.10.2010 (5)
  5. Silentbanker - flacor.dat
    Plagegeister aller Art und deren Bekämpfung - 16.09.2010 (50)
  6. Check der logfiles nach flacor.dat
    Plagegeister aller Art und deren Bekämpfung - 07.09.2010 (5)
  7. flacor.dat -> System neu aufgesetzt
    Plagegeister aller Art und deren Bekämpfung - 29.08.2010 (1)
  8. Flacor.dat entdeckt
    Plagegeister aller Art und deren Bekämpfung - 20.08.2010 (29)
  9. flacor.dat erwischt - System neu aufsetzen
    Log-Analyse und Auswertung - 17.08.2010 (3)
  10. pc sauber nach flacor.dat?
    Log-Analyse und Auswertung - 15.08.2010 (21)
  11. flacor.dat Problem Trojaner?
    Log-Analyse und Auswertung - 05.08.2010 (8)
  12. Datenrettung bei flacor
    Log-Analyse und Auswertung - 05.08.2010 (3)
  13. Flacor.dat: Richtiges Vorgehen bei Datensicherung etc.
    Plagegeister aller Art und deren Bekämpfung - 30.07.2010 (18)
  14. Trojaner: flacor.dat - Anleitung ausgeführt + Logfiles
    Log-Analyse und Auswertung - 26.07.2010 (4)
  15. flacor.dat - bin ich ihn los?
    Plagegeister aller Art und deren Bekämpfung - 23.07.2010 (4)
  16. Fehlermeldung RUNDLL......flacor.dat Malware?
    Plagegeister aller Art und deren Bekämpfung - 23.05.2010 (60)
  17. flacor.dat - Windows fährt herunter
    Log-Analyse und Auswertung - 19.05.2010 (2)

Zum Thema flacor.dat (Backdoor- Trojaner) Log- Dateien - Hallo zusammen, dies ist mein erster Beitrag hier im trojaner-board... Ich habe auf meinem PC die Tage immer eine Fehlermeldung gehabt... Fehler beim Öfnnen der Datei C:/[...]/flacor.dat Habe dann hier - flacor.dat (Backdoor- Trojaner) Log- Dateien...
Archiv
Du betrachtest: flacor.dat (Backdoor- Trojaner) Log- Dateien auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.